inspec/docs/resources/group.md.erb

61 lines
1.2 KiB
Text
Raw Normal View History

2016-09-22 12:43:57 +00:00
---
title: About the group Resource
---
# group
Use the `group` InSpec audit resource to test groups on the system.
<br>
## Syntax
2016-09-22 12:43:57 +00:00
A `group` resource block declares a group, and then the details to be tested, such as if the group is a local group, the group identifier, or if the group exists:
describe group('group_name') do
it { should exist }
its('gid') { should eq 0 }
end
where
* `'group_name'` must specify the name of a group on the system
* `exist` and `'gid'` are valid matchers for this resource
<br>
2016-09-22 12:43:57 +00:00
## Examples
2016-09-22 12:43:57 +00:00
The following examples show how to use this InSpec audit resource.
2016-09-22 12:43:57 +00:00
### Test the group identifier for the root group
2016-09-22 12:43:57 +00:00
describe group('root') do
it { should exist }
its('gid') { should eq 0 }
end
2016-09-22 12:43:57 +00:00
<br>
2016-09-22 12:43:57 +00:00
## Matchers
2016-09-22 12:43:57 +00:00
For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
2016-09-22 12:43:57 +00:00
### be_local
2016-09-22 12:43:57 +00:00
The `be_local` matcher tests if the group is a local group:
2016-09-22 12:43:57 +00:00
it { should be_local }
2016-09-22 12:43:57 +00:00
### exist
2016-09-22 12:43:57 +00:00
The `exist` matcher tests if the named user exists:
it { should exist }
### gid
2016-09-22 12:43:57 +00:00
The `gid` matcher tests the named group identifier:
its('gid') { should eq 1234 }