Merge pull request #526 from chef/adamleff/resource-namespace

Placing all resources in the Inspec::Resources namespace

lib/resources/apache.rb

@@ -4,7 +4,8 @@
 # author: Dominik Richter
 # license: All rights reserved
 
-class Apache < Inspec.resource(1)
+module Inspec::Resources
+  class Apache < Inspec.resource(1)
     name 'apache'
 
     attr_reader :service, :conf_dir, :conf_path, :user
@@ -13,12 +14,12 @@ class Apache < Inspec.resource(1)
       when 'ubuntu', 'debian'
         @service = 'apache2'
         @conf_dir = '/etc/apache2/'
-      @conf_path = File.join @conf_dir, 'apache2.conf'
+        @conf_path = ::File.join @conf_dir, 'apache2.conf'
         @user = 'www-data'
       else
         @service = 'httpd'
         @conf_dir = '/etc/httpd/'
-      @conf_path = File.join @conf_dir, '/conf/httpd.conf'
+        @conf_path = ::File.join @conf_dir, '/conf/httpd.conf'
         @user = 'apache'
       end
     end
@@ -26,4 +27,5 @@ class Apache < Inspec.resource(1)
     def to_s
       'Apache Environment'
     end
+  end
 end

lib/resources/apache_conf.rb

@@ -7,7 +7,8 @@
 require 'utils/simpleconfig'
 require 'utils/find_files'
 
-class ApacheConf < Inspec.resource(1)
+module Inspec::Resources
+  class ApacheConf < Inspec.resource(1)
     name 'apache_conf'
     desc 'Use the apache_conf InSpec audit resource to test the configuration settings for Apache. This file is typically located under /etc/apache2 on the Debian and Ubuntu platforms and under /etc/httpd on the Fedora, CentOS, Red Hat Enterprise Linux, and Arch Linux platforms. The configuration settings may vary significantly from platform to platform.'
     example "
@@ -20,7 +21,7 @@ class ApacheConf < Inspec.resource(1)
 
     def initialize(conf_path = nil)
       @conf_path = conf_path || inspec.apache.conf_path
-    @conf_dir = File.dirname(@conf_path)
+      @conf_dir = ::File.dirname(@conf_path)
       @files_contents = {}
       @content = nil
       @params = nil
@@ -104,7 +105,7 @@ class ApacheConf < Inspec.resource(1)
 
       includes = []
       (include_files + include_files_optional).each do |f|
-      id = File.join(@conf_dir, f)
+        id = ::File.join(@conf_dir, f)
         files = find_files(id, depth: 1, type: 'file')
 
         includes.push(files) if files
@@ -121,4 +122,5 @@ class ApacheConf < Inspec.resource(1)
     def to_s
       "Apache Config #{@conf_path}"
     end
+  end
 end

lib/resources/apt.rb

@@ -28,7 +28,8 @@
 
 require 'uri'
 
-class AptRepository < Inspec.resource(1)
+module Inspec::Resources
+  class AptRepository < Inspec.resource(1)
     name 'apt'
     desc 'Use the apt InSpec audit resource to verify Apt repositories on the Debian and Ubuntu platforms, and also PPA repositories on the Ubuntu platform.'
     example "
@@ -124,11 +125,11 @@ class AptRepository < Inspec.resource(1)
       # construct new ppa url and return it
       format('http://ppa.launchpad.net/%s/%s/ubuntu', ppa_owner, ppa_repo)
     end
-end
+  end
 
-# for compatability with serverspec
+  # for compatability with serverspec
-# this is deprecated syntax and will be removed in future versions
+  # this is deprecated syntax and will be removed in future versions
-class PpaRepository < AptRepository
+  class PpaRepository < AptRepository
     name 'ppa'
 
     def exists?
@@ -144,4 +145,5 @@ class PpaRepository < AptRepository
     def deprecated
       warn '[DEPRECATION] `ppa(reponame)` is deprecated.  Please use `apt(reponame)` instead.'
     end
+  end
 end

lib/resources/audit_policy.rb

@@ -24,7 +24,8 @@
 #
 # Further information is available at: https://msdn.microsoft.com/en-us/library/dd973859.aspx
 
-class AuditPolicy < Inspec.resource(1)
+module Inspec::Resources
+  class AuditPolicy < Inspec.resource(1)
     name 'audit_policy'
     desc 'Use the audit_policy InSpec audit resource to test auditing policies on the Microsoft Windows platform. An auditing policy is a category of security-related events to be audited. Auditing is disabled by default and may be enabled for categories like account management, logon events, policy changes, process tracking, privilege use, system events, or object access. For each auditing category property that is enabled, the auditing level may be set to No Auditing, Not Specified, Success, Success and Failure, or Failure.'
     example "
@@ -60,4 +61,5 @@ class AuditPolicy < Inspec.resource(1)
     def to_s
       'Audit Policy'
     end
+  end
 end

lib/resources/auditd_conf.rb

@@ -6,7 +6,8 @@
 
 require 'utils/simpleconfig'
 
-class AuditDaemonConf < Inspec.resource(1)
+module Inspec::Resources
+  class AuditDaemonConf < Inspec.resource(1)
     name 'auditd_conf'
     desc "Use the auditd_conf InSpec audit resource to test the configuration settings for the audit daemon. This file is typically located under /etc/audit/auditd.conf' on UNIX and Linux platforms."
     example "
@@ -52,4 +53,5 @@ class AuditDaemonConf < Inspec.resource(1)
       )
       @params = conf.params
     end
+  end
 end

lib/resources/auditd_rules.rb

@@ -7,7 +7,8 @@
 require 'forwardable'
 require 'utils/filter_array'
 
-class AuditdRulesLegacy
+module Inspec::Resources
+  class AuditdRulesLegacy
     def initialize(content)
       @content = content
       @opts = {
@@ -42,10 +43,10 @@ class AuditdRulesLegacy
     def to_s
       'Audit Daemon Rules (for auditd version < 2.3)'
     end
-end
+  end
 
-# rubocop:disable Metrics/ClassLength
+  # rubocop:disable Metrics/ClassLength
-class AuditDaemonRules < Inspec.resource(1)
+  class AuditDaemonRules < Inspec.resource(1)
     extend Forwardable
     attr_accessor :rules, :lines
 
@@ -200,4 +201,5 @@ class AuditDaemonRules < Inspec.resource(1)
 
       [fields, opts]
     end
+  end
 end

lib/resources/bridge.rb

@@ -8,7 +8,8 @@
 #   it { should have_interface 'eth0' }
 # end
 
-class Bridge < Inspec.resource(1)
+module Inspec::Resources
+  class Bridge < Inspec.resource(1)
     name 'bridge'
     desc 'Use the bridge InSpec audit resource to test basic network bridge properties, such as name, if an interface is defined, and the associations for any defined interface.'
     example "
@@ -54,21 +55,21 @@ class Bridge < Inspec.resource(1)
       return @cache if defined?(@cache)
       @cache = @bridge_provider.bridge_info(@bridge_name) if !@bridge_provider.nil?
     end
-end
+  end
 
-class BridgeDetection
+  class BridgeDetection
     attr_reader :inspec
     def initialize(inspec)
       @inspec = inspec
     end
-end
+  end
 
-# Linux Bridge
+  # Linux Bridge
-# If /sys/class/net/{interface}/bridge exists then it must be a bridge
+  # If /sys/class/net/{interface}/bridge exists then it must be a bridge
-# /sys/class/net/{interface}/brif contains the network interfaces
+  # /sys/class/net/{interface}/brif contains the network interfaces
-# @see http://www.tldp.org/HOWTO/BRIDGE-STP-HOWTO/set-up-the-bridge.html
+  # @see http://www.tldp.org/HOWTO/BRIDGE-STP-HOWTO/set-up-the-bridge.html
-# @see http://unix.stackexchange.com/questions/40560/how-to-know-if-a-network-interface-is-tap-tun-bridge-or-physical
+  # @see http://unix.stackexchange.com/questions/40560/how-to-know-if-a-network-interface-is-tap-tun-bridge-or-physical
-class LinuxBridge < BridgeDetection
+  class LinuxBridge < BridgeDetection
     def bridge_info(bridge_name)
       # read bridge information
       bridge = inspec.file("/sys/class/net/#{bridge_name}/bridge").directory?
@@ -82,14 +83,14 @@ class LinuxBridge < BridgeDetection
         interfaces: interfaces,
       }
     end
-end
+  end
 
-# Windows Bridge
+  # Windows Bridge
-# select netadapter by adapter binding for windows
+  # select netadapter by adapter binding for windows
-# Get-NetAdapterBinding -ComponentID ms_bridge | Get-NetAdapter
+  # Get-NetAdapterBinding -ComponentID ms_bridge | Get-NetAdapter
-# @see https://technet.microsoft.com/en-us/library/jj130921(v=wps.630).aspx
+  # @see https://technet.microsoft.com/en-us/library/jj130921(v=wps.630).aspx
-# RegKeys: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}
+  # RegKeys: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}
-class WindowsBridge < BridgeDetection
+  class WindowsBridge < BridgeDetection
     def bridge_info(bridge_name)
       # find all bridge adapters
       cmd = inspec.command('Get-NetAdapterBinding -ComponentID ms_bridge | Get-NetAdapter | Select-Object -Property Name, InterfaceDescription | ConvertTo-Json')
@@ -118,4 +119,5 @@ class WindowsBridge < BridgeDetection
       warn "[Possible Error] detected multiple bridges interfaces with the name #{bridge_name}" if bridges.size > 1
       bridges[0]
     end
+  end
 end

lib/resources/command.rb

@@ -4,7 +4,8 @@
 # author: Christoph Hartmann
 # license: All rights reserved
 
-class Cmd < Inspec.resource(1)
+module Inspec::Resources
+  class Cmd < Inspec.resource(1)
     name 'command'
     desc 'Use the command InSpec audit resource to test an arbitrary command that is run on the system.'
     example "
@@ -58,4 +59,5 @@ class Cmd < Inspec.resource(1)
     def to_s
       "Command #{@command}"
     end
+  end
 end

lib/resources/csv.rb

@@ -5,7 +5,8 @@
 # Parses a csv document
 # This implementation was inspired by a blog post
 # @see http://technicalpickles.com/posts/parsing-csv-with-ruby
-class CsvConfig < JsonConfig
+module Inspec::Resources
+  class CsvConfig < JsonConfig
     name 'csv'
     desc 'Use the csv InSpec audit resource to test configuration data in a CSV file.'
     example "
@@ -30,4 +31,5 @@ class CsvConfig < JsonConfig
     def to_s
       "Csv #{@path}"
     end
+  end
 end

lib/resources/etc_group.rb

@@ -24,7 +24,8 @@
 require 'utils/convert'
 require 'utils/parser'
 
-class EtcGroup < Inspec.resource(1)
+module Inspec::Resources
+  class EtcGroup < Inspec.resource(1)
     include Converter
     include CommentParser
 
@@ -127,10 +128,10 @@ class EtcGroup < Inspec.resource(1)
         'members' => x.at(3), # Group members.
       }
     end
-end
+  end
 
-# object that hold a specifc view on etc group
+  # object that hold a specifc view on etc group
-class EtcGroupView
+  class EtcGroupView
     def initialize(parent, filter)
       @parent = parent
       @filter = filter
@@ -155,4 +156,5 @@ class EtcGroupView
     def users
       @parent.users(@filter)
     end
+  end
 end

lib/resources/gem.rb

@@ -2,7 +2,8 @@
 # author: Christoph Hartmann
 # author: Dominik Richter
 
-class GemPackage < Inspec.resource(1)
+module Inspec::Resources
+  class GemPackage < Inspec.resource(1)
     name 'gem'
     desc 'Use the gem InSpec audit resource to test if a global gem package is installed.'
     example "
@@ -45,4 +46,5 @@ class GemPackage < Inspec.resource(1)
     def to_s
       "gem package #{@package_name}"
     end
+  end
 end

lib/resources/group.rb

@@ -13,7 +13,8 @@
 #  it { should have_gid 0 }
 # end
 
-class Group < Inspec.resource(1)
+module Inspec::Resources
+  class Group < Inspec.resource(1)
     name 'group'
     desc 'Use the group InSpec audit resource to test groups on the system.'
     example "
@@ -82,17 +83,17 @@ class Group < Inspec.resource(1)
       return @cache if !@cache.nil?
       @cache = @group_provider.group_info(@group, @domain) if !@group_provider.nil?
     end
-end
+  end
 
-class GroupInfo
+  class GroupInfo
     attr_reader :inspec
     def initialize(inspec)
       @inspec = inspec
     end
-end
+  end
 
-# implements generic unix groups via /etc/group
+  # implements generic unix groups via /etc/group
-class UnixGroup < GroupInfo
+  class UnixGroup < GroupInfo
     def group_info(group, _domain = nil)
       inspec.etc_group.where(name: group).entries.map { |grp|
         {
@@ -101,9 +102,9 @@ class UnixGroup < GroupInfo
         }
       }
     end
-end
+  end
 
-class WindowsGroup < GroupInfo
+  class WindowsGroup < GroupInfo
     def group_info(compare_group, compare_domain = nil)
       cmd = inspec.command('Get-WmiObject Win32_Group | Select-Object -Property Caption, Domain, Name, SID, LocalAccount | ConvertTo-Json')
 
@@ -132,4 +133,5 @@ class WindowsGroup < GroupInfo
         return grp_collection.push(grp_info) if grp_info[:name].casecmp(compare_group) == 0 && (compare_domain.nil? || grp_info[:domain].casecmp(compare_domain) == 0)
       end
     end
+  end
 end

lib/resources/host.rb

@@ -24,7 +24,8 @@
 #   it { should be_resolvable.by('dns') }
 # end
 
-class Host < Inspec.resource(1)
+module Inspec::Resources
+  class Host < Inspec.resource(1)
     name 'host'
     desc 'Use the host InSpec audit resource to test the name used to refer to a specific host and its availability, including the Internet protocols and ports over which that host name should be available.'
     example "
@@ -79,16 +80,16 @@ class Host < Inspec.resource(1)
       return @ip_cache if defined?(@ip_cache)
       @ip_cache = @host_provider.resolve(@hostname) if !@host_provider.nil?
     end
-end
+  end
 
-class HostProvider
+  class HostProvider
     attr_reader :inspec
     def initialize(inspec)
       @inspec = inspec
     end
-end
+  end
 
-class LinuxHostProvider < HostProvider
+  class LinuxHostProvider < HostProvider
     # ping is difficult to achieve, since we are not sure
     def ping(hostname, _port = nil, _proto = nil)
       # fall back to ping, but we can only test ICMP packages with ping
@@ -106,13 +107,13 @@ class LinuxHostProvider < HostProvider
       resolve = /^\s*(?<ip>\S+)\s+(.*)\s*$/.match(cmd.stdout.chomp)
       [resolve[1]] if resolve
     end
-end
+  end
 
-# Windows
+  # Windows
-# TODO: UDP is not supported yey, we need a custom ps1 script to add udp support
+  # TODO: UDP is not supported yey, we need a custom ps1 script to add udp support
-# @see http://blogs.technet.com/b/josebda/archive/2015/04/18/windows-powershell-equivalents-for-common-networking-commands-ipconfig-ping-nslookup.aspx
+  # @see http://blogs.technet.com/b/josebda/archive/2015/04/18/windows-powershell-equivalents-for-common-networking-commands-ipconfig-ping-nslookup.aspx
-# @see http://blogs.technet.com/b/heyscriptingguy/archive/2014/03/19/creating-a-port-scanner-with-windows-powershell.aspx
+  # @see http://blogs.technet.com/b/heyscriptingguy/archive/2014/03/19/creating-a-port-scanner-with-windows-powershell.aspx
-class WindowsHostProvider < HostProvider
+  class WindowsHostProvider < HostProvider
     def ping(hostname, port = nil, proto = nil)
       # TODO: abort if we cannot run it via udp
       return nil if proto == 'udp'
@@ -146,4 +147,5 @@ class WindowsHostProvider < HostProvider
       resolv = [resolv] unless resolv.is_a?(Array)
       resolv.map { |entry| entry['IPAddress'] }
     end
+  end
 end

lib/resources/inetd_conf.rb

@@ -6,7 +6,8 @@
 
 require 'utils/simpleconfig'
 
-class InetdConf < Inspec.resource(1)
+module Inspec::Resources
+  class InetdConf < Inspec.resource(1)
     name 'inetd_conf'
     desc 'Use the inetd_conf InSpec audit resource to test if a service is enabled in the inetd.conf file on Linux and UNIX platforms. inetd---the Internet service daemon---listens on dedicated ports, and then loads the appropriate program based on a request. The inetd.conf file is typically located at /etc/inetd.conf and contains a list of Internet services associated to the ports on which that service will listen. Only enabled services may handle a request; only services that are required by the system should be enabled.'
     example "
@@ -53,4 +54,5 @@ class InetdConf < Inspec.resource(1)
     def to_s
       'inetd.conf'
     end
+  end
 end

lib/resources/ini.rb

@@ -4,7 +4,8 @@
 
 require 'utils/simpleconfig'
 
-class IniConfig < JsonConfig
+module Inspec::Resources
+  class IniConfig < JsonConfig
     name 'ini'
     desc 'Use the ini InSpec audit resource to test data in a INI file.'
     example "
@@ -20,4 +21,5 @@ class IniConfig < JsonConfig
     def to_s
       "INI #{@path}"
     end
+  end
 end

lib/resources/interface.rb

@@ -4,7 +4,8 @@
 
 require 'utils/convert'
 
-class NetworkInterface < Inspec.resource(1)
+module Inspec::Resources
+  class NetworkInterface < Inspec.resource(1)
     name 'interface'
     desc 'Use the interface InSpec audit resource to test basic network adapter properties, such as name, status, state, address, and link speed (in MB/sec).'
     example "
@@ -50,17 +51,17 @@ class NetworkInterface < Inspec.resource(1)
       return @cache if defined?(@cache)
       @cache = @interface_provider.interface_info(@iface) if !@interface_provider.nil?
     end
-end
+  end
 
-class InterfaceInfo
+  class InterfaceInfo
     include Converter
     attr_reader :inspec
     def initialize(inspec)
       @inspec = inspec
     end
-end
+  end
 
-class LinuxInterface < InterfaceInfo
+  class LinuxInterface < InterfaceInfo
     def interface_info(iface)
       # will return "[mtu]\n1500\n[type]\n1"
       cmd = inspec.command("find /sys/class/net/#{iface}/ -type f -maxdepth 1 -exec sh -c 'echo \"[$(basename {})]\"; cat {} || echo -n' \\;")
@@ -92,9 +93,9 @@ class LinuxInterface < InterfaceInfo
         speed: speed,
       }
     end
-end
+  end
 
-class WindowsInterface < InterfaceInfo
+  class WindowsInterface < InterfaceInfo
     def interface_info(iface)
       # gather all network interfaces
       cmd = inspec.command('Get-NetAdapter | Select-Object -Property Name, InterfaceDescription, Status, State, MacAddress, LinkSpeed, ReceiveLinkSpeed, TransmitLinkSpeed, Virtual | ConvertTo-Json')
@@ -124,4 +125,5 @@ class WindowsInterface < InterfaceInfo
       warn "[Possible Error] detected multiple network interfaces with the name #{iface}" if adapters.size > 1
       adapters[0]
     end
+  end
 end

lib/resources/iptables.rb

@@ -21,7 +21,8 @@
 # @see http://ipset.netfilter.org/iptables.man.html
 # @see http://ipset.netfilter.org/iptables.man.html
 # @see https://www.frozentux.net/iptables-tutorial/iptables-tutorial.html
-class IpTables < Inspec.resource(1)
+module Inspec::Resources
+  class IpTables < Inspec.resource(1)
     name 'iptables'
     desc 'Use the iptables InSpec audit resource to test rules that are defined in iptables, which maintains tables of IP packet filtering rules. There may be more than one table. Each table contains one (or more) chains (both built-in and custom). A chain is a list of rules that match packets. When the rule matches, the rule defines what target to assign to the packet.'
     example "
@@ -65,4 +66,5 @@ class IpTables < Inspec.resource(1)
     def to_s
       format('Iptables %s %s', @table && "table: #{@table}", @chain && "chain: #{@chain}").strip
     end
+  end
 end

lib/resources/json.rb

@@ -2,7 +2,8 @@
 # author: Christoph Hartmann
 # author: Dominik Richter
 
-class JsonConfig < Inspec.resource(1)
+module Inspec::Resources
+  class JsonConfig < Inspec.resource(1)
     name 'json'
     desc 'Use the json InSpec audit resource to test data in a JSON file.'
     example "
@@ -79,4 +80,5 @@ class JsonConfig < Inspec.resource(1)
       # if there are more keys, extract more
       extract_value(keys.clone, value)
     end
+  end
 end

lib/resources/kernel_module.rb

@@ -3,7 +3,8 @@
 # author: Dominik Richter
 # license: All rights reserved
 
-class KernelModule < Inspec.resource(1)
+module Inspec::Resources
+  class KernelModule < Inspec.resource(1)
     name 'kernel_module'
     desc 'Use the kernel_module InSpec audit resource to test kernel modules on Linux platforms. These parameters are located under /lib/modules. Any submodule may be tested using this resource.'
     example "
@@ -38,4 +39,5 @@ class KernelModule < Inspec.resource(1)
     def to_s
       "Kernel Module #{@module}"
     end
+  end
 end

lib/resources/kernel_parameter.rb

@@ -2,7 +2,8 @@
 # author: Christoph Hartmann
 # license: All rights reserved
 
-class KernelParameter < Inspec.resource(1)
+module Inspec::Resources
+  class KernelParameter < Inspec.resource(1)
     name 'kernel_parameter'
     desc 'Use the kernel_parameter InSpec audit resource to test kernel parameters on Linux platforms.'
     example "
@@ -31,11 +32,11 @@ class KernelParameter < Inspec.resource(1)
     def to_s
       "Kernel Parameter #{@parameter}"
     end
-end
+  end
 
-# for compatability with serverspec
+  # for compatability with serverspec
-# this is deprecated syntax and will be removed in future versions
+  # this is deprecated syntax and will be removed in future versions
-class LinuxKernelParameter < KernelParameter
+  class LinuxKernelParameter < KernelParameter
     name 'linux_kernel_parameter'
 
     def initialize(parameter)
@@ -54,4 +55,5 @@ class LinuxKernelParameter < KernelParameter
     def to_s
       "Kernel Parameter #{@parameter}"
     end
+  end
 end

lib/resources/limits_conf.rb

@@ -6,7 +6,8 @@
 
 require 'utils/simpleconfig'
 
-class LimitsConf < Inspec.resource(1)
+module Inspec::Resources
+  class LimitsConf < Inspec.resource(1)
     name 'limits_conf'
     desc 'Use the limits_conf InSpec audit resource to test configuration settings in the /etc/security/limits.conf file. The limits.conf defines limits for processes (by user and/or group names) and helps ensure that the system on which those processes are running remains stable. Each process may be assigned a hard or soft limit.'
     example "
@@ -52,4 +53,5 @@ class LimitsConf < Inspec.resource(1)
     def to_s
       'limits.conf'
     end
+  end
 end

lib/resources/login_def.rb

@@ -18,7 +18,8 @@ require 'utils/simpleconfig'
 #   }
 # end
 
-class LoginDef < Inspec.resource(1)
+module Inspec::Resources
+  class LoginDef < Inspec.resource(1)
     name 'login_defs'
     desc 'Use the login_defs InSpec audit resource to test configuration settings in the /etc/login.defs file. The logins.defs file defines site-specific configuration for the shadow password suite on Linux and UNIX platforms, such as password expiration ranges, minimum/maximum values for automatic selection of user and group identifiers, or the method with which passwords are encrypted.'
     example "
@@ -63,4 +64,5 @@ class LoginDef < Inspec.resource(1)
     def to_s
       'login.defs'
     end
+  end
 end

lib/resources/mount.rb

@@ -4,7 +4,8 @@
 
 require 'utils/simpleconfig'
 
-class Mount < Inspec.resource(1)
+module Inspec::Resources
+  class Mount < Inspec.resource(1)
     name 'mount'
     desc 'Use the mount InSpec audit resource to test if mount points.'
     example "
@@ -54,4 +55,5 @@ class Mount < Inspec.resource(1)
     def to_s
       "Mount #{@path}"
     end
+  end
 end

lib/resources/mysql.rb

@@ -4,7 +4,8 @@
 # author: Christoph Hartmann
 # license: All rights reserved
 
-class Mysql < Inspec.resource(1)
+module Inspec::Resources
+  class Mysql < Inspec.resource(1)
     name 'mysql'
 
     attr_reader :package, :service, :conf_dir, :conf_path, :data_dir, :log_dir, :log_path, :log_group, :log_dir_group
@@ -78,4 +79,5 @@ class Mysql < Inspec.resource(1)
     def to_s
       'MySQL'
     end
+  end
 end

lib/resources/mysql_conf.rb

@@ -8,7 +8,8 @@ require 'utils/find_files'
 require 'utils/hash'
 require 'resources/mysql'
 
-class MysqlConfEntry
+module Inspec::Resources
+  class MysqlConfEntry
     def initialize(path, params)
       @params = params
       @path = path
@@ -24,9 +25,9 @@ class MysqlConfEntry
     def to_s
       "MySQL Config entry [#{@path.join(' ')}]"
     end
-end
+  end
 
-class MysqlConf < Inspec.resource(1)
+  class MysqlConf < Inspec.resource(1)
     name 'mysql_conf'
     desc 'Use the mysql_conf InSpec audit resource to test the contents of the configuration file for MySQL, typically located at /etc/mysql/my.cnf or /etc/my.cnf.'
     example "
@@ -88,7 +89,7 @@ class MysqlConf < Inspec.resource(1)
         to_read = to_read.drop(1)
         # see if there is more stuff to include
 
-      dir = File.dirname(cur_file)
+        dir = ::File.dirname(cur_file)
         to_read += include_files(dir, raw_conf).find_all do |fp|
           not @files_contents.key? fp
         end
@@ -109,7 +110,7 @@ class MysqlConf < Inspec.resource(1)
 
     def abs_path(dir, f)
       return f if f.start_with? '/'
-    File.join(dir, f)
+      ::File.join(dir, f)
     end
 
     def read_file(path)
@@ -119,4 +120,5 @@ class MysqlConf < Inspec.resource(1)
     def to_s
       'MySQL Configuration'
     end
+  end
 end

lib/resources/mysql_session.rb

@@ -4,7 +4,8 @@
 # author: Christoph Hartmann
 # license: All rights reserved
 
-class MysqlSession < Inspec.resource(1)
+module Inspec::Resources
+  class MysqlSession < Inspec.resource(1)
     name 'mysql_session'
     desc 'Use the mysql_session InSpec audit resource to test SQL commands run against a MySQL database.'
     example "
@@ -56,4 +57,5 @@ class MysqlSession < Inspec.resource(1)
       @user = user[1]
       @pass = pass[1]
     end
+  end
 end

lib/resources/npm.rb

@@ -2,7 +2,8 @@
 # author: Christoph Hartmann
 # author: Dominik Richter
 
-class NpmPackage < Inspec.resource(1)
+module Inspec::Resources
+  class NpmPackage < Inspec.resource(1)
     name 'npm'
     desc 'Use the npm InSpec audit resource to test if a global npm package is installed. npm is the the package manager for Nodejs packages, such as bower and StatsD.'
     example "
@@ -43,4 +44,5 @@ class NpmPackage < Inspec.resource(1)
     def to_s
       "Npm Package #{@package_name}"
     end
+  end
 end

lib/resources/ntp_conf.rb

@@ -6,7 +6,8 @@
 
 require 'utils/simpleconfig'
 
-class NtpConf < Inspec.resource(1)
+module Inspec::Resources
+  class NtpConf < Inspec.resource(1)
     name 'ntp_conf'
     desc 'Use the ntp_conf InSpec audit resource to test the synchronization settings defined in the ntp.conf file. This file is typically located at /etc/ntp.conf.'
     example "
@@ -55,4 +56,5 @@ class NtpConf < Inspec.resource(1)
       )
       @params = conf.params
     end
+  end
 end

lib/resources/oneget.rb

@@ -9,7 +9,8 @@
 # describe oneget('zoomit') do
 #   it { should be_installed }
 # end
-class OneGetPackage < Inspec.resource(1)
+module Inspec::Resources
+  class OneGetPackage < Inspec.resource(1)
     name 'oneget'
     desc 'Use the oneget InSpec audit resource to test if the named package and/or package version is installed on the system. This resource uses OneGet, which is part of the Windows Management Framework 5.0 and Windows 10. This resource uses the Get-Package cmdlet to return all of the package names in the OneGet repository.'
     example "
@@ -66,4 +67,5 @@ class OneGetPackage < Inspec.resource(1)
     def to_s
       "OneGet Package #{@package_name}"
     end
+  end
 end

lib/resources/os.rb

@@ -2,7 +2,8 @@
 # author: Dominik Richter
 # author: Christoph Hartmann
 
-class OS < Inspec.resource(1)
+module Inspec::Resources
+  class OS < Inspec.resource(1)
     name 'os'
     desc 'Use the os InSpec audit resource to test the platform on which the system is running.'
     example "
@@ -27,4 +28,5 @@ class OS < Inspec.resource(1)
     def to_s
       'Operating System Detection'
     end
+  end
 end

lib/resources/os_env.rb

@@ -13,7 +13,8 @@
 
 require 'utils/simpleconfig'
 
-class OsEnv < Inspec.resource(1)
+module Inspec::Resources
+  class OsEnv < Inspec.resource(1)
     name 'os_env'
     desc 'Use the os_env InSpec audit resource to test the environment variables for the platform on which the system is running.'
     example "
@@ -69,4 +70,5 @@ class OsEnv < Inspec.resource(1)
         params[env]
       end
     end
+  end
 end

lib/resources/package.rb

@@ -8,7 +8,8 @@
 # describe package('nginx') do
 #   it { should be_installed }
 # end
-class Package < Inspec.resource(1)
+module Inspec::Resources
+  class Package < Inspec.resource(1)
     name 'package'
     desc 'Use the package InSpec audit resource to test if the named package and/or package version is installed on the system.'
     example "
@@ -68,17 +69,17 @@ class Package < Inspec.resource(1)
     def to_s
       "System Package #{@package_name}"
     end
-end
+  end
 
-class PkgManagement
+  class PkgManagement
     attr_reader :inspec
     def initialize(inspec)
       @inspec = inspec
     end
-end
+  end
 
-# Debian / Ubuntu
+  # Debian / Ubuntu
-class Deb < PkgManagement
+  class Deb < PkgManagement
     def info(package_name)
       cmd = inspec.command("dpkg -s #{package_name}")
       return nil if cmd.exit_status.to_i != 0
@@ -95,10 +96,10 @@ class Deb < PkgManagement
         type: 'deb',
       }
     end
-end
+  end
 
-# RHEL family
+  # RHEL family
-class Rpm < PkgManagement
+  class Rpm < PkgManagement
     def info(package_name)
       cmd = inspec.command("rpm -qia #{package_name}")
       # CentOS does not return an error code if the package is not installed,
@@ -128,10 +129,10 @@ class Rpm < PkgManagement
         type: 'rpm',
       }
     end
-end
+  end
 
-# MacOS / Darwin implementation
+  # MacOS / Darwin implementation
-class Brew < PkgManagement
+  class Brew < PkgManagement
     def info(package_name)
       cmd = inspec.command("brew info --json=v1 #{package_name}")
       return nil if cmd.exit_status.to_i != 0
@@ -144,10 +145,10 @@ class Brew < PkgManagement
         type: 'brew',
       }
     end
-end
+  end
 
-# Arch Linux
+  # Arch Linux
-class Pacman < PkgManagement
+  class Pacman < PkgManagement
     def info(package_name)
       cmd = inspec.command("pacman -Qi #{package_name}")
       return nil if cmd.exit_status.to_i != 0
@@ -165,13 +166,13 @@ class Pacman < PkgManagement
         type: 'pacman',
       }
     end
-end
+  end
 
-# Determines the installed packages on Windows
+  # Determines the installed packages on Windows
-# Currently we use 'Get-WmiObject -Class Win32_Product' as a detection method
+  # Currently we use 'Get-WmiObject -Class Win32_Product' as a detection method
-# TODO: evaluate if alternative methods as proposed by Microsoft are still valid:
+  # TODO: evaluate if alternative methods as proposed by Microsoft are still valid:
-# @see: http://blogs.technet.com/b/heyscriptingguy/archive/2013/11/15/use-powershell-to-find-installed-software.aspx
+  # @see: http://blogs.technet.com/b/heyscriptingguy/archive/2013/11/15/use-powershell-to-find-installed-software.aspx
-class WindowsPkg < PkgManagement
+  class WindowsPkg < PkgManagement
     def info(package_name)
       # Find the package
       cmd = inspec.command("Get-WmiObject -Class Win32_Product | Where-Object {$_.Name -eq '#{package_name}'} | Select-Object -Property Name,Version,Vendor,PackageCode,Caption,Description | ConvertTo-Json")
@@ -189,10 +190,10 @@ class WindowsPkg < PkgManagement
         type: 'windows',
       }
     end
-end
+  end
 
-# AIX
+  # AIX
-class BffPkg < PkgManagement
+  class BffPkg < PkgManagement
     def info(package_name)
       cmd = inspec.command("lslpp -cL #{package_name}")
       return nil if cmd.exit_status.to_i != 0
@@ -205,10 +206,10 @@ class BffPkg < PkgManagement
         type:      'bff',
       }
     end
-end
+  end
 
-# Solaris
+  # Solaris
-class SolarisPkg < PkgManagement
+  class SolarisPkg < PkgManagement
     def info(package_name)
       if inspec.os[:release].to_i <= 10
         solaris10_info(package_name)
@@ -257,4 +258,5 @@ class SolarisPkg < PkgManagement
         type: 'pkg',
       }
     end
+  end
 end

lib/resources/parse_config.rb

@@ -13,7 +13,8 @@
 #  }
 #  describe parse_config(audit, options ) do
 
-class PConfig < Inspec.resource(1)
+module Inspec::Resources
+  class PConfig < Inspec.resource(1)
     name 'parse_config'
     desc 'Use the parse_config InSpec audit resource to test arbitrary configuration files.'
     example "
@@ -67,9 +68,9 @@ class PConfig < Inspec.resource(1)
     def to_s
       "Parse Config #{@conf_path}"
     end
-end
+  end
 
-class PConfigFile < PConfig
+  class PConfigFile < PConfig
     name 'parse_config_file'
     desc 'Use the parse_config_file InSpec audit resource to test arbitrary configuration files. It works identiacal to parse_config. Instead of using a command output, this resource works with files.'
     example "
@@ -86,4 +87,5 @@ class PConfigFile < PConfig
     def to_s
       "Parse Config File #{@conf_path}"
     end
+  end
 end

lib/resources/passwd.rb

@@ -15,7 +15,8 @@
 
 require 'utils/parser'
 
-class Passwd < Inspec.resource(1)
+module Inspec::Resources
+  class Passwd < Inspec.resource(1)
     name 'passwd'
     desc 'Use the passwd InSpec audit resource to test the contents of /etc/passwd, which contains the following information for users that may log into the system and/or as users that own running processes.'
     example "
@@ -123,4 +124,5 @@ class Passwd < Inspec.resource(1)
     def map_data(id)
       @params.map { |x| x[id] }
     end
+  end
 end

lib/resources/pip.rb

@@ -7,7 +7,8 @@
 #   it { should be_installed }
 # end
 #
-class PipPackage < Inspec.resource(1)
+module Inspec::Resources
+  class PipPackage < Inspec.resource(1)
     name 'pip'
     desc 'Use the pip InSpec audit resource to test packages that are installed using the pip installer.'
     example "
@@ -78,4 +79,5 @@ class PipPackage < Inspec.resource(1)
       end
       pipcmd || 'pip'
     end
+  end
 end

lib/resources/port.rb

@@ -17,7 +17,8 @@ require 'utils/parser'
 #
 # TODO: currently we return local ip only
 # TODO: improve handling of same port on multiple interfaces
-class Port < Inspec.resource(1)
+module Inspec::Resources
+  class Port < Inspec.resource(1)
     name 'port'
     desc "Use the port InSpec audit resource to test basic port properties, such as port, process, if it's listening."
     example "
@@ -84,33 +85,33 @@ class Port < Inspec.resource(1)
       ports = @port_manager.info || []
       @cache = ports.select { |p| p[:port] == @port && (!@ip || p[:address] == @ip) }
     end
-end
+  end
 
-# implements an info method and returns all ip adresses and protocols for
+  # implements an info method and returns all ip adresses and protocols for
-# each port
+  # each port
-# [{
+  # [{
-#   port: 22,
+  #   port: 22,
-#   address: '0.0.0.0'
+  #   address: '0.0.0.0'
-#   protocol: 'tcp'
+  #   protocol: 'tcp'
-# },
+  # },
-# {
+  # {
-#   port: 22,
+  #   port: 22,
-#   address: '::'
+  #   address: '::'
-#   protocol: 'tcp6'
+  #   protocol: 'tcp6'
-# }]
+  # }]
-class PortsInfo
+  class PortsInfo
     attr_reader :inspec
     def initialize(inspec)
       @inspec = inspec
     end
-end
+  end
 
-# TODO: Add UDP infromation Get-NetUDPEndpoint
+  # TODO: Add UDP infromation Get-NetUDPEndpoint
-# TODO: currently Windows only supports tcp ports
+  # TODO: currently Windows only supports tcp ports
-# TODO: Get-NetTCPConnection does not return PIDs
+  # TODO: Get-NetTCPConnection does not return PIDs
-# TODO: double-check output with 'netstat -ano'
+  # TODO: double-check output with 'netstat -ano'
-# @see https://connect.microsoft.com/PowerShell/feedback/details/1349420/get-nettcpconnection-does-not-show-processid
+  # @see https://connect.microsoft.com/PowerShell/feedback/details/1349420/get-nettcpconnection-does-not-show-processid
-class WindowsPorts < PortsInfo
+  class WindowsPorts < PortsInfo
     def info
       # get all port information
       cmd = inspec.command('Get-NetTCPConnection | Select-Object -Property State, Caption, Description, LocalAddress, LocalPort, RemoteAddress, RemotePort, DisplayName, Status | ConvertTo-Json')
@@ -133,10 +134,10 @@ class WindowsPorts < PortsInfo
         }
       }
     end
-end
+  end
 
-# extracts udp and tcp ports from the lsof command
+  # extracts udp and tcp ports from the lsof command
-class LsofPorts < PortsInfo
+  class LsofPorts < PortsInfo
     attr_reader :lsof
 
     def initialize(inspec, lsofpath = nil)
@@ -239,10 +240,10 @@ class LsofPorts < PortsInfo
 
       procs
     end
-end
+  end
 
-# extract port information from netstat
+  # extract port information from netstat
-class LinuxPorts < PortsInfo
+  class LinuxPorts < PortsInfo
     def info
       cmd = inspec.command('netstat -tulpen')
       return nil if cmd.exit_status.to_i != 0
@@ -313,10 +314,10 @@ class LinuxPorts < PortsInfo
         pid: pid,
       }
     end
-end
+  end
 
-# extracts information from sockstat
+  # extracts information from sockstat
-class FreeBsdPorts < PortsInfo
+  class FreeBsdPorts < PortsInfo
     def info
       cmd = inspec.command('sockstat -46l')
       return nil if cmd.exit_status.to_i != 0
@@ -389,9 +390,9 @@ class FreeBsdPorts < PortsInfo
         pid: pid,
       }
     end
-end
+  end
 
-class SolarisPorts < FreeBsdPorts
+  class SolarisPorts < FreeBsdPorts
     include SolarisNetstatParser
 
     def info
@@ -426,4 +427,5 @@ class SolarisPorts < FreeBsdPorts
       }
       ports
     end
+  end
 end

lib/resources/postgres.rb

@@ -4,7 +4,8 @@
 # author: Christoph Hartmann
 # license: All rights reserved
 
-class Postgres < Inspec.resource(1)
+module Inspec::Resources
+  class Postgres < Inspec.resource(1)
     name 'postgres'
 
     attr_reader :service, :data_dir, :conf_dir, :conf_path
@@ -15,23 +16,24 @@ class Postgres < Inspec.resource(1)
         @data_dir = '/var/lib/postgresql'
         @version = inspec.command('ls /etc/postgresql/').stdout.chomp
         @conf_dir = "/etc/postgresql/#{@version}/main"
-      @conf_path = File.join @conf_dir, 'postgresql.conf'
+        @conf_path = ::File.join @conf_dir, 'postgresql.conf'
 
       when 'arch'
         @service = 'postgresql'
         @data_dir = '/var/lib/postgres/data'
         @conf_dir = '/var/lib/postgres/data'
-      @conf_path = File.join @conf_dir, 'postgresql.conf'
+        @conf_path = ::File.join @conf_dir, 'postgresql.conf'
 
       else
         @service = 'postgresql'
         @data_dir = '/var/lib/postgresql'
         @conf_dir = '/var/lib/pgsql/data'
-      @conf_path = File.join @conf_dir, 'postgresql.conf'
+        @conf_path = ::File.join @conf_dir, 'postgresql.conf'
       end
     end
 
     def to_s
       'PostgreSQL'
     end
+  end
 end

lib/resources/postgres_conf.rb

@@ -8,7 +8,8 @@ require 'utils/simpleconfig'
 require 'utils/find_files'
 require 'resources/postgres'
 
-class PostgresConf < Inspec.resource(1)
+module Inspec::Resources
+  class PostgresConf < Inspec.resource(1)
     name 'postgres_conf'
     desc 'Use the postgres_conf InSpec audit resource to test the contents of the configuration file for PostgreSQL, typically located at /etc/postgresql/<version>/main/postgresql.conf or /var/lib/postgres/data/postgresql.conf, depending on the platform.'
     example "
@@ -21,7 +22,7 @@ class PostgresConf < Inspec.resource(1)
 
     def initialize(conf_path = nil)
       @conf_path = conf_path || inspec.postgres.conf_path
-    @conf_dir = File.expand_path(File.dirname(@conf_path))
+      @conf_dir = ::File.expand_path(::File.dirname(@conf_path))
       @files_contents = {}
       @content = nil
       @params = nil
@@ -90,4 +91,5 @@ class PostgresConf < Inspec.resource(1)
     def to_s
       'PostgreSQL Configuration'
     end
+  end
 end

lib/resources/postgres_session.rb

@@ -4,7 +4,8 @@
 # author: Christoph Hartmann
 # license: All rights reserved
 
-class Lines
+module Inspec::Resources
+  class Lines
     attr_reader :output
 
     def initialize(raw, desc)
@@ -19,9 +20,9 @@ class Lines
     def to_s
       @desc
     end
-end
+  end
 
-class PostgresSession < Inspec.resource(1)
+  class PostgresSession < Inspec.resource(1)
     name 'postgres_session'
     desc 'Use the postgres_session InSpec audit resource to test SQL commands run against a PostgreSQL database.'
     example "
@@ -59,4 +60,5 @@ class PostgresSession < Inspec.resource(1)
         Lines.new(lines.strip, "PostgreSQL query: #{query}")
       end
     end
+  end
 end

lib/resources/processes.rb

@@ -4,7 +4,8 @@
 # author: Christoph Hartmann
 # license: All rights reserved
 
-class Processes < Inspec.resource(1)
+module Inspec::Resources
+  class Processes < Inspec.resource(1)
     name 'processes'
     desc 'Use the processes InSpec audit resource to test properties for programs that are running on the system.'
     example "
@@ -70,4 +71,5 @@ class Processes < Inspec.resource(1)
         }
       end
     end
+  end
 end

lib/resources/registry_key.rb

@@ -10,7 +10,8 @@ require 'json'
 #   its('Start') { should eq 2 }
 # end
 
-class RegistryKey < Inspec.resource(1)
+module Inspec::Resources
+  class RegistryKey < Inspec.resource(1)
     name 'registry_key'
     desc 'Use the registry_key InSpec audit resource to test key values in the Microsoft Windows registry.'
     example "
@@ -165,11 +166,11 @@ class RegistryKey < Inspec.resource(1)
 
       options[symbol]
     end
-end
+  end
 
-# for compatability with serverspec
+  # for compatability with serverspec
-# this is deprecated syntax and will be removed in future versions
+  # this is deprecated syntax and will be removed in future versions
-class WindowsRegistryKey < RegistryKey
+  class WindowsRegistryKey < RegistryKey
     name 'windows_registry_key'
 
     def initialize(name)
@@ -180,4 +181,5 @@ class WindowsRegistryKey < RegistryKey
     def deprecated
       warn '[DEPRECATION] `windows_registry_key(reg_key)` is deprecated.  Please use `registry_key(\'path\to\key\')` instead.'
     end
+  end
 end

lib/resources/script.rb

@@ -4,7 +4,8 @@
 # author: Dominik Richter
 # license: All rights reserved
 
-class Script < Cmd
+module Inspec::Resources
+  class Script < Cmd
     name 'script'
     desc 'Use the script InSpec audit resource to test a Windows PowerShell script on the Microsoft Windows platform.'
     example "
@@ -38,4 +39,5 @@ class Script < Cmd
     def to_s
       'Script'
     end
+  end
 end

lib/resources/security_policy.rb

@@ -13,7 +13,8 @@
 # All local GPO parameters can be examined via Registry, but not all security
 # parameters. Therefore we need a combination of Registry and secedit output
 
-class SecurityPolicy < Inspec.resource(1)
+module Inspec::Resources
+  class SecurityPolicy < Inspec.resource(1)
     name 'security_policy'
     desc 'Use the security_policy InSpec audit resource to test security policies on the Microsoft Windows platform.'
     example "
@@ -79,4 +80,5 @@ class SecurityPolicy < Inspec.resource(1)
     def to_s
       'Security Policy'
     end
+  end
 end

lib/resources/service.rb

@@ -4,7 +4,8 @@
 # author: Stephan Renatus
 # license: All rights reserved
 
-class Runlevels < Hash
+module Inspec::Resources
+  class Runlevels < Hash
     attr_accessor :owner
 
     def self.from_hash(owner, hash = {}, filter = nil)
@@ -55,18 +56,18 @@ class Runlevels < Hash
     def to_s
       "#{owner} runlevels #{keys.join(', ')}"
     end
-end
+  end
 
-# We detect the init system for each operating system, based on the operating
+  # We detect the init system for each operating system, based on the operating
-# system.
+  # system.
-#
+  #
-# Fedora 15 : systemd
+  # Fedora 15 : systemd
-# RedHat 7 : systemd
+  # RedHat 7 : systemd
-# Ubuntu 15.04 : systemd
+  # Ubuntu 15.04 : systemd
-# Ubuntu < 15.04 : upstart
+  # Ubuntu < 15.04 : upstart
-#
+  #
-# TODO: extend the logic to detect the running init system, independently of OS
+  # TODO: extend the logic to detect the running init system, independently of OS
-class Service < Inspec.resource(1)
+  class Service < Inspec.resource(1)
     name 'service'
     desc 'Use the service InSpec audit resource to test if the named service is installed, running and/or enabled.'
     example "
@@ -175,19 +176,19 @@ class Service < Inspec.resource(1)
     def to_s
       "Service #{@service_name}"
     end
-end
+  end
 
-class ServiceManager
+  class ServiceManager
     attr_reader :inspec, :service_ctl
     def initialize(inspec, service_ctl = nil)
       @inspec = inspec
       @service_ctl ||= service_ctl
     end
-end
+  end
 
-# @see: http://www.freedesktop.org/software/systemd/man/systemctl.html
+  # @see: http://www.freedesktop.org/software/systemd/man/systemctl.html
-# @see: http://www.freedesktop.org/software/systemd/man/systemd-system.conf.html
+  # @see: http://www.freedesktop.org/software/systemd/man/systemd-system.conf.html
-class Systemd < ServiceManager
+  class Systemd < ServiceManager
     def initialize(inspec, service_ctl = nil)
       @service_ctl = service_ctl || 'systemctl'
       super
@@ -222,10 +223,10 @@ class Systemd < ServiceManager
         type: 'systemd',
       }
     end
-end
+  end
 
-# AIX services
+  # AIX services
-class SrcMstr < ServiceManager
+  class SrcMstr < ServiceManager
     attr_reader :name
 
     def info(service_name)
@@ -265,10 +266,10 @@ class SrcMstr < ServiceManager
     def enabled_inittab?
       inspec.command("lsitab #{name}").exit_status == 0
     end
-end
+  end
 
-# @see: http://upstart.ubuntu.com
+  # @see: http://upstart.ubuntu.com
-class Upstart < ServiceManager
+  class Upstart < ServiceManager
     def initialize(service_name, service_ctl = nil)
       @service_ctl = service_ctl || 'initctl'
       super
@@ -332,9 +333,9 @@ class Upstart < ServiceManager
         Gem::Version.new(out[/\(upstart ([^\)]+)\)/, 1])
       )
     end
-end
+  end
 
-class SysV < ServiceManager
+  class SysV < ServiceManager
     RUNLEVELS = { 0=>false, 1=>false, 2=>false, 3=>false, 4=>false, 5=>false, 6=>false }.freeze
 
     def initialize(service_name, service_ctl = nil)
@@ -384,11 +385,11 @@ class SysV < ServiceManager
         type: 'sysv',
       }
     end
-end
+  end
 
-# @see: https://www.freebsd.org/doc/en/articles/linux-users/startup.html
+  # @see: https://www.freebsd.org/doc/en/articles/linux-users/startup.html
-# @see: https://www.freebsd.org/cgi/man.cgi?query=rc.conf&sektion=5
+  # @see: https://www.freebsd.org/cgi/man.cgi?query=rc.conf&sektion=5
-class BSDInit < ServiceManager
+  class BSDInit < ServiceManager
     def initialize(service_name, service_ctl = nil)
       @service_ctl = service_ctl || 'service'
       super
@@ -423,9 +424,9 @@ class BSDInit < ServiceManager
         type: 'bsd-init',
       }
     end
-end
+  end
 
-class Runit < ServiceManager
+  class Runit < ServiceManager
     def initialize(service_name, service_ctl = nil)
       @service_ctl = service_ctl || 'sv'
       super
@@ -450,11 +451,11 @@ class Runit < ServiceManager
         type: 'runit',
       }
     end
-end
+  end
 
-# MacOS / Darwin
+  # MacOS / Darwin
-# new launctl on macos 10.10
+  # new launctl on macos 10.10
-class LaunchCtl < ServiceManager
+  class LaunchCtl < ServiceManager
     def initialize(service_name, service_ctl = nil)
       @service_ctl = service_ctl || 'launchctl'
       super
@@ -489,11 +490,11 @@ class LaunchCtl < ServiceManager
         type: 'darwin',
       }
     end
-end
+  end
 
-# Determine the service state from Windows
+  # Determine the service state from Windows
-# Uses Powershell to retrieve the information
+  # Uses Powershell to retrieve the information
-class WindowsSrv < ServiceManager
+  class WindowsSrv < ServiceManager
     # Determine service details
     # PS: Get-Service -Name 'dhcp'| Select-Object -Property Name, DisplayName, Status | ConvertTo-Json
     # {
@@ -561,10 +562,10 @@ class WindowsSrv < ServiceManager
     def service_running?(service)
       !service['Service']['Status'].nil? && service['Service']['Status'] == 4
     end
-end
+  end
 
-# Solaris services
+  # Solaris services
-class Svcs < ServiceManager
+  class Svcs < ServiceManager
     def initialize(service_name, service_ctl = nil)
       @service_ctl = service_ctl || 'svcs'
       super
@@ -594,11 +595,11 @@ class Svcs < ServiceManager
         type: 'svcs',
       }
     end
-end
+  end
 
-# specific resources for specific service managers
+  # specific resources for specific service managers
 
-class SystemdService < Service
+  class SystemdService < Service
     name 'systemd_service'
     desc 'Use the systemd_service InSpec audit resource to test if the named service (controlled by systemd) is installed, running and/or enabled.'
     example "
@@ -618,9 +619,9 @@ class SystemdService < Service
     def select_service_mgmt
       Systemd.new(inspec, service_ctl)
     end
-end
+  end
 
-class UpstartService < Service
+  class UpstartService < Service
     name 'upstart_service'
     desc 'Use the upstart_service InSpec audit resource to test if the named service (controlled by upstart) is installed, running and/or enabled.'
     example "
@@ -640,9 +641,9 @@ class UpstartService < Service
     def select_service_mgmt
       Upstart.new(inspec, service_ctl)
     end
-end
+  end
 
-class SysVService < Service
+  class SysVService < Service
     name 'sysv_service'
     desc 'Use the sysv_service InSpec audit resource to test if the named service (controlled by SysV) is installed, running and/or enabled.'
     example "
@@ -662,9 +663,9 @@ class SysVService < Service
     def select_service_mgmt
       SysV.new(inspec, service_ctl)
     end
-end
+  end
 
-class BSDService < Service
+  class BSDService < Service
     name 'bsd_service'
     desc 'Use the bsd_service InSpec audit resource to test if the named service (controlled by BSD init) is installed, running and/or enabled.'
     example "
@@ -684,9 +685,9 @@ class BSDService < Service
     def select_service_mgmt
       BSDInit.new(inspec, service_ctl)
     end
-end
+  end
 
-class LaunchdService < Service
+  class LaunchdService < Service
     name 'launchd_service'
     desc 'Use the launchd_service InSpec audit resource to test if the named service (controlled by launchd) is installed, running and/or enabled.'
     example "
@@ -706,9 +707,9 @@ class LaunchdService < Service
     def select_service_mgmt
       LaunchCtl.new(inspec, service_ctl)
     end
-end
+  end
 
-class RunitService < Service
+  class RunitService < Service
     name 'runit_service'
     desc 'Use the runit_service InSpec audit resource to test if the named service (controlled by runit) is installed, running and/or enabled.'
     example "
@@ -728,4 +729,5 @@ class RunitService < Service
     def select_service_mgmt
       Runit.new(inspec, service_ctl)
     end
+  end
 end

lib/resources/shadow.rb

@@ -15,7 +15,8 @@ require 'forwardable'
 # - inactive_days before deactivating the account
 # - expiry_date when this account will expire
 
-class Shadow < Inspec.resource(1)
+module Inspec::Resources
+  class Shadow < Inspec.resource(1)
     name 'shadow'
     desc 'Use the shadow InSpec resource to test the contents of /etc/shadow, '\
          'which contains the following information for users that may log into '\
@@ -132,4 +133,5 @@ class Shadow < Inspec.resource(1)
         'reserved'      => x.at(8),
       }
     end
+  end
 end

lib/resources/ssh_conf.rb

@@ -6,7 +6,8 @@
 
 require 'utils/simpleconfig'
 
-class SshConf < Inspec.resource(1)
+module Inspec::Resources
+  class SshConf < Inspec.resource(1)
     name 'ssh_config'
     desc 'Use the sshd_config InSpec audit resource to test configuration data for the Open SSH daemon located at /etc/ssh/sshd_config on Linux and UNIX platforms. sshd---the Open SSH daemon---listens on dedicated ports, starts a daemon for each incoming connection, and then handles encryption, authentication, key exchanges, command executation, and data exchanges.'
     example "
@@ -70,12 +71,13 @@ class SshConf < Inspec.resource(1)
       )
       @params = conf.params
     end
-end
+  end
 
-class SshdConf < SshConf
+  class SshdConf < SshConf
     name 'sshd_config'
 
     def initialize(path = nil)
       super(path || '/etc/ssh/sshd_config')
     end
+  end
 end

lib/resources/user.rb

@@ -38,7 +38,8 @@
 require 'utils/parser'
 require 'utils/convert'
 
-class User < Inspec.resource(1) # rubocop:disable Metrics/ClassLength
+module Inspec::Resources
+  class User < Inspec.resource(1) # rubocop:disable Metrics/ClassLength
     name 'user'
     desc 'Use the user InSpec audit resource to test user profiles, including the groups to which they belong, the frequency of required password changes, the directory paths to home and shell.'
     example "
@@ -172,9 +173,9 @@ class User < Inspec.resource(1) # rubocop:disable Metrics/ClassLength
       return @cred_cache if defined?(@cred_cache)
       @cred_cache = @user_provider.credentials(@user) if !@user_provider.nil?
     end
-end
+  end
 
-class UserInfo
+  class UserInfo
     include Converter
 
     attr_reader :inspec
@@ -184,10 +185,10 @@ class UserInfo
 
     def credentials(_username)
     end
-end
+  end
 
-# implements generic unix id handling
+  # implements generic unix id handling
-class UnixUser < UserInfo
+  class UnixUser < UserInfo
     attr_reader :inspec, :id_cmd
     def initialize(inspec)
       @inspec = inspec
@@ -238,9 +239,9 @@ class UnixUser < UserInfo
       data.push(raw) if !raw.nil?
       data.join("\n")
     end
-end
+  end
 
-class LinuxUser < UnixUser
+  class LinuxUser < UnixUser
     include PasswdParser
     include CommentParser
 
@@ -272,9 +273,9 @@ class LinuxUser < UnixUser
         warndays: convert_to_i(params['Number of days of warning before password expires']),
       }
     end
-end
+  end
 
-class SolarisUser < LinuxUser
+  class SolarisUser < LinuxUser
     def initialize(inspec)
       @inspec = inspec
       @id_cmd ||= 'id -a'
@@ -284,9 +285,9 @@ class SolarisUser < LinuxUser
     def credentials(_username)
       nil
     end
-end
+  end
 
-class AixUser < UnixUser
+  class AixUser < UnixUser
     def identity(username)
       id = super(username)
       return nil if id.nil?
@@ -327,14 +328,14 @@ class AixUser < UnixUser
         warndays: user_sec[3].to_i,
       }
     end
-end
+  end
 
-# we do not use 'finger' for MacOS, because it is harder to parse data with it
+  # we do not use 'finger' for MacOS, because it is harder to parse data with it
-# @see https://developer.apple.com/library/mac/documentation/Darwin/Reference/ManPages/man8/fingerd.8.html
+  # @see https://developer.apple.com/library/mac/documentation/Darwin/Reference/ManPages/man8/fingerd.8.html
-# instead we use 'dscl' to request user data
+  # instead we use 'dscl' to request user data
-# @see https://developer.apple.com/library/mac/documentation/Darwin/Reference/ManPages/man1/dscl.1.html
+  # @see https://developer.apple.com/library/mac/documentation/Darwin/Reference/ManPages/man1/dscl.1.html
-# @see http://superuser.com/questions/592921/mac-osx-users-vs-dscl-command-to-list-user
+  # @see http://superuser.com/questions/592921/mac-osx-users-vs-dscl-command-to-list-user
-class DarwinUser < UnixUser
+  class DarwinUser < UnixUser
     def meta_info(username)
       cmd = inspec.command("dscl -q . -read /Users/#{username} NFSHomeDirectory PrimaryGroupID RecordName UniqueID UserShell")
       return nil if cmd.exit_status != 0
@@ -351,17 +352,17 @@ class DarwinUser < UnixUser
         shell: params['UserShell'],
       }
     end
-end
+  end
 
-# FreeBSD recommends to use the 'pw' command for user management
+  # FreeBSD recommends to use the 'pw' command for user management
-# @see: https://www.freebsd.org/doc/handbook/users-synopsis.html
+  # @see: https://www.freebsd.org/doc/handbook/users-synopsis.html
-# @see: https://www.freebsd.org/cgi/man.cgi?pw(8)
+  # @see: https://www.freebsd.org/cgi/man.cgi?pw(8)
-# It offers the following commands:
+  # It offers the following commands:
-# - adduser(8)	The recommended command-line application for adding new users.
+  # - adduser(8)	The recommended command-line application for adding new users.
-# - rmuser(8)	The recommended command-line application for removing users.
+  # - rmuser(8)	The recommended command-line application for removing users.
-# - chpass(1)	A flexible tool for changing user database information.
+  # - chpass(1)	A flexible tool for changing user database information.
-# - passwd(1)	The command-line tool to change user passwords.
+  # - passwd(1)	The command-line tool to change user passwords.
-class FreeBSDUser < UnixUser
+  class FreeBSDUser < UnixUser
     include PasswdParser
 
     def meta_info(username)
@@ -374,22 +375,22 @@ class FreeBSDUser < UnixUser
         shell: passwd['shell'],
       }
     end
-end
+  end
 
-# For now, we stick with WMI Win32_UserAccount
+  # For now, we stick with WMI Win32_UserAccount
-# @see https://msdn.microsoft.com/en-us/library/aa394507(v=vs.85).aspx
+  # @see https://msdn.microsoft.com/en-us/library/aa394507(v=vs.85).aspx
-# @see https://msdn.microsoft.com/en-us/library/aa394153(v=vs.85).aspx
+  # @see https://msdn.microsoft.com/en-us/library/aa394153(v=vs.85).aspx
-#
+  #
-# using Get-AdUser would be the best command for domain machines, but it will not be installed
+  # using Get-AdUser would be the best command for domain machines, but it will not be installed
-# on client machines by default
+  # on client machines by default
-# @see https://technet.microsoft.com/en-us/library/ee617241.aspx
+  # @see https://technet.microsoft.com/en-us/library/ee617241.aspx
-# @see https://technet.microsoft.com/en-us/library/hh509016(v=WS.10).aspx
+  # @see https://technet.microsoft.com/en-us/library/hh509016(v=WS.10).aspx
-# @see http://woshub.com/get-aduser-getting-active-directory-users-data-via-powershell/
+  # @see http://woshub.com/get-aduser-getting-active-directory-users-data-via-powershell/
-# @see http://stackoverflow.com/questions/17548523/the-term-get-aduser-is-not-recognized-as-the-name-of-a-cmdlet
+  # @see http://stackoverflow.com/questions/17548523/the-term-get-aduser-is-not-recognized-as-the-name-of-a-cmdlet
-#
+  #
-# Just for reference, we could also use ADSI (Active Directory Service Interfaces)
+  # Just for reference, we could also use ADSI (Active Directory Service Interfaces)
-# @see https://mcpmag.com/articles/2015/04/15/reporting-on-local-accounts.aspx
+  # @see https://mcpmag.com/articles/2015/04/15/reporting-on-local-accounts.aspx
-class WindowsUser < UserInfo
+  class WindowsUser < UserInfo
     # parse windows account name
     def parse_windows_account(username)
       account = username.split('\\')
@@ -455,4 +456,5 @@ class WindowsUser < UserInfo
         shell: nil,
       }
     end
+  end
 end

lib/resources/windows_feature.rb

@@ -27,7 +27,8 @@
 #     "Installed":  false,
 #     "InstallState":  0
 # }
-class WindowsFeature < Inspec.resource(1)
+module Inspec::Resources
+  class WindowsFeature < Inspec.resource(1)
     name 'windows_feature'
     desc 'Use the windows_feature InSpec audit resource to test features on Microsoft Windows.'
     example "
@@ -80,4 +81,5 @@ class WindowsFeature < Inspec.resource(1)
     def to_s
       "Windows Feature '#{@feature}'"
     end
+  end
 end

lib/resources/xinetd.rb

@@ -4,7 +4,8 @@
 
 require 'utils/parser'
 
-class XinetdConf < Inspec.resource(1) # rubocop:disable Metrics/ClassLength
+module Inspec::Resources
+  class XinetdConf < Inspec.resource(1) # rubocop:disable Metrics/ClassLength
     name 'xinetd_conf'
     desc 'Xinetd services configuration.'
     example "
@@ -139,4 +140,5 @@ class XinetdConf < Inspec.resource(1) # rubocop:disable Metrics/ClassLength
 
       @contents[path]
     end
+  end
 end

lib/resources/yaml.rb

@@ -9,7 +9,8 @@ require 'yaml'
 # describe yaml('.kitchen.yaml') do
 #   its('driver.name') { should eq('vagrant') }
 # end
-class YamlConfig < JsonConfig
+module Inspec::Resources
+  class YamlConfig < JsonConfig
     name 'yaml'
     desc 'Use the yaml InSpec audit resource to test configuration data in a YAML file.'
     example "
@@ -26,4 +27,5 @@ class YamlConfig < JsonConfig
     def to_s
       "YAML #{@path}"
     end
+  end
 end

lib/resources/yum.rb

@@ -30,7 +30,8 @@ require 'resources/file'
 #   it { should be_enabled }
 # end
 
-class Yum < Inspec.resource(1)
+module Inspec::Resources
+  class Yum < Inspec.resource(1)
     name 'yum'
     desc 'Use the yum InSpec audit resource to test packages in the Yum repository.'
     example "
@@ -102,9 +103,9 @@ class Yum < Inspec.resource(1)
       return key if key.nil?
       key.gsub('Repo-', '').downcase
     end
-end
+  end
 
-class YumRepo
+  class YumRepo
     def initialize(yum, reponame)
       @yum = yum
       @reponame = reponame
@@ -133,11 +134,11 @@ class YumRepo
       return false if repo.nil?
       info['status'] == 'enabled'
     end
-end
+  end
 
-# for compatability with serverspec
+  # for compatability with serverspec
-# this is deprecated syntax and will be removed in future versions
+  # this is deprecated syntax and will be removed in future versions
-class YumRepoLegacy < Yum
+  class YumRepoLegacy < Yum
     name 'yumrepo'
 
     def initialize(name)
@@ -158,4 +159,5 @@ class YumRepoLegacy < Yum
     def deprecated
       warn '[DEPRECATION] `yumrepo(reponame)` is deprecated.  Please use `yum.repo(reponame)` instead.'
     end
+  end
 end

test/helper.rb

@@ -136,7 +136,7 @@ class MockLoader
       '$Env:PATH'  => cmd.call('$env-PATH'),
       # registry key test (winrm 1.6.0, 1.6.1)
       '2790db1e88204a073ed7fd3493f5445e5ce531afd0d2724a0e36c17110c535e6' => cmd.call('reg_schedule'),
-      'b00eb49a98c96a808c469e4894b5123a913e354c9ffea5b785898fe30d288ee0' => cmd.call('reg_schedule'),
+      '25a1a38fafc289a646d30f7aa966ce0901c267798f47abf2f9440e27d31a5b7d' => cmd.call('reg_schedule'),
       'Auditpol /get /subcategory:\'User Account Management\' /r' => cmd.call('auditpol'),
       '/sbin/auditctl -l' => cmd.call('auditctl'),
       '/sbin/auditctl -s' => cmd.call('auditctl-s'),
@@ -196,7 +196,7 @@ class MockLoader
       'pw usershow root -7' => cmd.call('pw-usershow-root-7'),
       # user info for windows (winrm 1.6.0, 1.6.1)
       '650b6b72a66316418b25421a54afe21a230704558082914c54711904bb10e370' => cmd.call('GetUserAccount'),
-      '272e1d767fe6e28c86cfba1a75c3d458acade1f4a36cfd5e711b97884879de24' => cmd.call('GetUserAccount'),
+      '174686f0441b8dd387b35cf1cbeed3f98441544351de5d8fb7b54f655e75583f' => cmd.call('GetUserAccount'),
       # group info for windows
       'Get-WmiObject Win32_Group | Select-Object -Property Caption, Domain, Name, SID, LocalAccount | ConvertTo-Json' => cmd.call('GetWin32Group'),
       # network interface