mirror of
https://github.com/inspec/inspec
synced 2024-09-21 06:51:56 +00:00
Expose label for processes only on linux
This commit is contained in:
parent
6670a8f502
commit
1811eb6666
4 changed files with 82 additions and 20 deletions
|
@ -45,30 +45,61 @@ module Inspec::Resources
|
|||
private
|
||||
|
||||
def ps_aux
|
||||
# get all running processes
|
||||
cmd = inspec.command('ps aux')
|
||||
os = inspec.os
|
||||
|
||||
if os.linux?
|
||||
command = 'ps auxZ'
|
||||
regex = /^([^ ]+)\s+([^ ]+)\s+([^ ]+)\s+([^ ]+)\s+([^ ]+)\s+([^ ]+)\s+([^ ]+)\s+([^ ]+)\s+([^ ]+)\s+([^ ]+)\s+([^ ]+)\s+(.*)$/
|
||||
else
|
||||
command = 'ps aux'
|
||||
regex = /^([^ ]+)\s+([^ ]+)\s+([^ ]+)\s+([^ ]+)\s+([^ ]+)\s+([^ ]+)\s+([^ ]+)\s+([^ ]+)\s+([^ ]+)\s+([^ ]+)\s+(.*)$/
|
||||
end
|
||||
build_process_list(command, regex, os)
|
||||
end
|
||||
|
||||
def build_process_list(command, regex, os) # rubocop:disable MethodLength, Metrics/AbcSize
|
||||
cmd = inspec.command(command)
|
||||
all = cmd.stdout.split("\n")[1..-1]
|
||||
return [] if all.nil?
|
||||
|
||||
lines = all.map do |line|
|
||||
# user 32296 0.0 0.0 42592 7972 pts/15 Ss+ Apr06 0:00 zsh
|
||||
line.match(/^([^ ]+)\s+([^ ]+)\s+([^ ]+)\s+([^ ]+)\s+([^ ]+)\s+([^ ]+)\s+([^ ]+)\s+([^ ]+)\s+([^ ]+)\s+([^ ]+)\s+(.*)$/)
|
||||
line.match(regex)
|
||||
end.compact
|
||||
|
||||
lines.map do |m|
|
||||
{
|
||||
user: m[1],
|
||||
pid: m[2].to_i,
|
||||
cpu: m[3],
|
||||
mem: m[4],
|
||||
vsz: m[5].to_i,
|
||||
rss: m[6].to_i,
|
||||
tty: m[7],
|
||||
stat: m[8],
|
||||
start: m[9],
|
||||
time: m[10],
|
||||
command: m[11],
|
||||
}
|
||||
if os.linux?
|
||||
lines.map do |m|
|
||||
{
|
||||
label: m[1],
|
||||
user: m[2],
|
||||
pid: m[3].to_i,
|
||||
cpu: m[4],
|
||||
mem: m[5],
|
||||
vsz: m[6].to_i,
|
||||
rss: m[7].to_i,
|
||||
tty: m[8],
|
||||
stat: m[9],
|
||||
start: m[10],
|
||||
time: m[11],
|
||||
command: m[12],
|
||||
}
|
||||
end
|
||||
else
|
||||
lines.map do |m|
|
||||
{
|
||||
label: nil,
|
||||
user: m[1],
|
||||
pid: m[2].to_i,
|
||||
cpu: m[3],
|
||||
mem: m[4],
|
||||
vsz: m[5].to_i,
|
||||
rss: m[6].to_i,
|
||||
tty: m[7],
|
||||
stat: m[8],
|
||||
start: m[9],
|
||||
time: m[10],
|
||||
command: m[11],
|
||||
}
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -137,6 +137,7 @@ class MockLoader
|
|||
|
||||
mock.commands = {
|
||||
'ps aux' => cmd.call('ps-aux'),
|
||||
'ps auxZ' => cmd.call('ps-auxZ'),
|
||||
'Get-Content win_secpol.cfg' => cmd.call('secedit-export'),
|
||||
'secedit /export /cfg win_secpol.cfg' => cmd.call('success'),
|
||||
'Remove-Item win_secpol.cfg' => cmd.call('success'),
|
||||
|
|
3
test/unit/mock/cmd/ps-auxZ
Normal file
3
test/unit/mock/cmd/ps-auxZ
Normal file
|
@ -0,0 +1,3 @@
|
|||
LABEL USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
|
||||
system_u:system_r:kernel_t:s0 root 1 0.0 0.0 19232 1492 ? Ss May04 0:01 /sbin/init
|
||||
system_u:system_r:kernel_t:s0 root 39 0.0 0.0 0 0 ? S May04 0:00 crypto/0
|
|
@ -12,8 +12,9 @@ describe 'Inspec::Resources::Processes' do
|
|||
end
|
||||
|
||||
it 'verify processes resource' do
|
||||
resource = load_resource('processes', '/bin/bash')
|
||||
resource = MockLoader.new(:freebsd10).load_resource('processes', '/bin/bash')
|
||||
_(resource.list).must_equal [{
|
||||
label: nil,
|
||||
user: 'root',
|
||||
pid: 1,
|
||||
cpu: '0.0',
|
||||
|
@ -30,9 +31,35 @@ describe 'Inspec::Resources::Processes' do
|
|||
_(resource.list.length).must_equal 1
|
||||
end
|
||||
|
||||
it 'verify processes resource on linux os' do
|
||||
resource = MockLoader.new(:centos6).load_resource('processes', '/sbin/init')
|
||||
_(resource.list).must_equal [{
|
||||
label: 'system_u:system_r:kernel_t:s0',
|
||||
user: 'root',
|
||||
pid: 1,
|
||||
cpu: '0.0',
|
||||
mem: '0.0',
|
||||
vsz: 19232,
|
||||
rss: 1492,
|
||||
tty: '?',
|
||||
stat: 'Ss',
|
||||
start: 'May04',
|
||||
time: '0:01',
|
||||
command: '/sbin/init',
|
||||
}]
|
||||
|
||||
_(resource.list.length).must_equal 1
|
||||
end
|
||||
|
||||
it 'retrieves the users and states as arrays' do
|
||||
resource = load_resource('processes', 'svc')
|
||||
resource = MockLoader.new(:freebsd10).load_resource('processes', 'svc')
|
||||
_(resource.users.sort).must_equal ['noot']
|
||||
_(resource.states.sort).must_equal ['S', 'Ss']
|
||||
end
|
||||
|
||||
it 'retrieves the users and states as arrays on linux os' do
|
||||
resource = MockLoader.new(:centos6).load_resource('processes', 'crypto/0')
|
||||
_(resource.users.sort).must_equal ['root']
|
||||
_(resource.states.sort).must_equal ['S']
|
||||
end
|
||||
end
|
||||
|
|
Loading…
Reference in a new issue