inspec/lib/resources/passwd.rb

# encoding: utf-8
# copyright: 2015, Vulcano Security GmbH
# author: Christoph Hartmann
# author: Dominik Richter
# license: All rights reserved

# The file format consists of
# - username
# - password
# - userid
# - groupid
# - user id info
# - home directory
# - command

# usage:
#
# describe passwd do
#   its(:usernames) { should eq 'root' }
#   its(:uids) { should eq 1 }
# end
#
# describe passwd.uid(0) do
#   its(:username) { should eq 'root' }
#   its(:count) { should eq 1 }
# end

require 'utils/parser'

class Passwd < Inspec.resource(1)
  name 'passwd'

  include ContentParser

  attr_reader :uid
  attr_reader :parsed

  def initialize(path = nil)
    @path = path || '/etc/passwd'
    @content = inspec.file(@path).content
    @parsed = parse_passwd(@content)
  end

  # call passwd().uid(0)
  # returns a seperate object with reference to this object
  def uid(uid)
    PasswdUid.new(self, uid)
  end

  def usernames
    map_data('name')
  end

  def passwords
    map_data('password')
  end

  def uids
    map_data('uid')
  end

  def gids
    map_data('gid')
  end

  def users
    @parsed.map {|x|
      x['name']
    }
  end

  def to_s
    '/etc/passwd'
  end

  private

  def map_data(id)
    @parsed.map {|x|
      x[id]
    }
  end
end

# object that hold a specifc uid view on passwd
class PasswdUid
  def initialize(passwd, uid)
    @passwd = passwd
    @users = @passwd.parsed.select { |x| x['uid'] == "#{uid}" }
  end

  def username
    @users.at(0)['name']
  end

  def count
    @users.size
  end
end
update copyright header 2015-07-15 15:15:18 +02:00			`# encoding: utf-8`
			`# copyright: 2015, Vulcano Security GmbH`
add author header 2015-10-06 18:55:44 +02:00			`# author: Christoph Hartmann`
			`# author: Dominik Richter`
update copyright header 2015-07-15 15:15:18 +02:00			`# license: All rights reserved`
add description for passwd file format 2015-07-15 15:15:53 +02:00
			`# The file format consists of`
			`# - username`
			`# - password`
			`# - userid`
			`# - groupid`
			`# - user id info`
			`# - home directory`
			`# - command`

improve handling on uid data view 2015-09-05 19:05:18 +02:00			`# usage:`
			`#`
			`# describe passwd do`
			`# its(:usernames) { should eq 'root' }`
			`# its(:uids) { should eq 1 }`
			`# end`
			`#`
			`# describe passwd.uid(0) do`
			`# its(:username) { should eq 'root' }`
			`# its(:count) { should eq 1 }`
			`# end`

externalize passwd parser 2015-10-04 17:59:13 +02:00			`require 'utils/parser'`

rename vulcanosec -> inspec 2015-10-26 04:04:18 +01:00			`class Passwd < Inspec.resource(1)`
migrate passwd and processes Signed-off-by: Dominik Richter <dominik.richter@gmail.com> 2015-08-28 12:27:35 -07:00			`name 'passwd'`
add passwd support 2015-07-15 00:47:17 +02:00
externalize passwd parser 2015-10-04 17:59:13 +02:00			`include ContentParser`

improve handling on uid data view 2015-09-05 19:05:18 +02:00			`attr_reader :uid`
			`attr_reader :parsed`
add passwd support 2015-07-15 00:47:17 +02:00
improve handling on uid data view 2015-09-05 19:05:18 +02:00			`def initialize(path = nil)`
migrate passwd and processes Signed-off-by: Dominik Richter <dominik.richter@gmail.com> 2015-08-28 12:27:35 -07:00			`@path = path \|\| '/etc/passwd'`
rename vulcanosec -> inspec 2015-10-26 04:04:18 +01:00			`@content = inspec.file(@path).content`
rewrite passwd resource to extract parser 2015-10-04 17:49:00 +02:00			`@parsed = parse_passwd(@content)`
migrate passwd and processes Signed-off-by: Dominik Richter <dominik.richter@gmail.com> 2015-08-28 12:27:35 -07:00			`end`

improve handling on uid data view 2015-09-05 19:05:18 +02:00			`# call passwd().uid(0)`
			`# returns a seperate object with reference to this object`
			`def uid(uid)`
			`PasswdUid.new(self, uid)`
refactor types 2015-07-26 12:30:12 +02:00			`end`
add description for passwd file format 2015-07-15 15:15:53 +02:00
refactor types 2015-07-26 12:30:12 +02:00			`def usernames`
rewrite passwd resource to extract parser 2015-10-04 17:49:00 +02:00			`map_data('name')`
refactor types 2015-07-26 12:30:12 +02:00			`end`
add description for passwd file format 2015-07-15 15:15:53 +02:00
refactor types 2015-07-26 12:30:12 +02:00			`def passwords`
rewrite passwd resource to extract parser 2015-10-04 17:49:00 +02:00			`map_data('password')`
refactor types 2015-07-26 12:30:12 +02:00			`end`
add description for passwd file format 2015-07-15 15:15:53 +02:00
refactor types 2015-07-26 12:30:12 +02:00			`def uids`
rewrite passwd resource to extract parser 2015-10-04 17:49:00 +02:00			`map_data('uid')`
refactor types 2015-07-26 12:30:12 +02:00			`end`
add passwd support 2015-07-15 00:47:17 +02:00
refactor types 2015-07-26 12:30:12 +02:00			`def gids`
rewrite passwd resource to extract parser 2015-10-04 17:49:00 +02:00			`map_data('gid')`
refactor types 2015-07-26 12:30:12 +02:00			`end`
add passwd support 2015-07-15 00:47:17 +02:00
refactor types 2015-07-26 12:30:12 +02:00			`def users`
migrate passwd and processes Signed-off-by: Dominik Richter <dominik.richter@gmail.com> 2015-08-28 12:27:35 -07:00			`@parsed.map {\|x\|`
rewrite passwd resource to extract parser 2015-10-04 17:49:00 +02:00			`x['name']`
refactor types 2015-07-26 12:30:12 +02:00			`}`
			`end`
add passwd support 2015-07-15 00:47:17 +02:00
add to_s methods to resources, fixes #98 2015-10-12 13:01:58 +02:00			`def to_s`
			`'/etc/passwd'`
			`end`

migrate passwd and processes Signed-off-by: Dominik Richter <dominik.richter@gmail.com> 2015-08-28 12:27:35 -07:00			`private`

rewrite passwd resource to extract parser 2015-10-04 17:49:00 +02:00			`def map_data(id)`
			`@parsed.map {\|x\|`
			`x[id]`
			`}`
			`end`
refactor types 2015-07-26 12:30:12 +02:00			`end`
improve handling on uid data view 2015-09-05 19:05:18 +02:00
			`# object that hold a specifc uid view on passwd`
			`class PasswdUid`
			`def initialize(passwd, uid)`
			`@passwd = passwd`
rewrite passwd resource to extract parser 2015-10-04 17:49:00 +02:00			`@users = @passwd.parsed.select { \|x\| x['uid'] == "#{uid}" }`
improve handling on uid data view 2015-09-05 19:05:18 +02:00			`end`

			`def username`
rewrite passwd resource to extract parser 2015-10-04 17:49:00 +02:00			`@users.at(0)['name']`
improve handling on uid data view 2015-09-05 19:05:18 +02:00			`end`

			`def count`
rewrite passwd resource to extract parser 2015-10-04 17:49:00 +02:00			`@users.size`
improve handling on uid data view 2015-09-05 19:05:18 +02:00			`end`
			`end`