2016-09-22 12:43:57 +00:00
---
title: About the group Resource
---
# group
Use the `group` InSpec audit resource to test groups on the system.
2017-10-03 21:35:10 +00:00
<br>
2016-09-27 19:03:23 +00:00
## Syntax
2016-09-22 12:43:57 +00:00
A `group` resource block declares a group, and then the details to be tested, such as if the group is a local group, the group identifier, or if the group exists:
describe group('group_name') do
it { should exist }
its('gid') { should eq 0 }
end
where
* `'group_name'` must specify the name of a group on the system
* `exist` and `'gid'` are valid matchers for this resource
2017-10-03 21:35:10 +00:00
<br>
2016-09-22 12:43:57 +00:00
2017-10-03 21:35:10 +00:00
## Examples
2016-09-22 12:43:57 +00:00
2017-10-03 21:35:10 +00:00
The following examples show how to use this InSpec audit resource.
2016-09-22 12:43:57 +00:00
2017-10-03 21:35:10 +00:00
### Test the group identifier for the root group
2016-09-22 12:43:57 +00:00
2017-10-03 21:35:10 +00:00
describe group('root') do
it { should exist }
its('gid') { should eq 0 }
end
2016-09-22 12:43:57 +00:00
2017-10-03 21:35:10 +00:00
<br>
2016-09-22 12:43:57 +00:00
2017-10-03 21:35:10 +00:00
## Matchers
2016-09-22 12:43:57 +00:00
2018-01-31 12:24:16 +00:00
For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
2016-09-22 12:43:57 +00:00
2017-10-03 21:35:10 +00:00
### be_local
2016-09-22 12:43:57 +00:00
2017-10-03 21:35:10 +00:00
The `be_local` matcher tests if the group is a local group:
2016-09-22 12:43:57 +00:00
2017-10-03 21:35:10 +00:00
it { should be_local }
2016-09-22 12:43:57 +00:00
2016-09-27 19:03:23 +00:00
### exist
2016-09-22 12:43:57 +00:00
The `exist` matcher tests if the named user exists:
it { should exist }
2016-09-27 19:03:23 +00:00
### gid
2016-09-22 12:43:57 +00:00
The `gid` matcher tests the named group identifier:
its('gid') { should eq 1234 }