Merge pull request #1014 from jeremymv2/fix_apache_conf

Fix apache conf
This commit is contained in:
Christoph Hartmann 2016-09-04 20:18:16 +02:00 committed by GitHub
commit a116406b4e
6 changed files with 52 additions and 17 deletions

View file

@ -21,7 +21,7 @@ module Inspec::Resources
def initialize(conf_path = nil) def initialize(conf_path = nil)
@conf_path = conf_path || inspec.apache.conf_path @conf_path = conf_path || inspec.apache.conf_path
@conf_dir = File.dirname(@conf_path) @conf_dir = conf_path ? File.dirname(@conf_path) : inspec.apache.conf_dir
@files_contents = {} @files_contents = {}
@content = nil @content = nil
@params = nil @params = nil

View file

@ -118,6 +118,8 @@ class MockLoader
'rootwrap.conf' => mockfile.call('rootwrap.conf'), 'rootwrap.conf' => mockfile.call('rootwrap.conf'),
'/etc/apache2/apache2.conf' => mockfile.call('apache2.conf'), '/etc/apache2/apache2.conf' => mockfile.call('apache2.conf'),
'/etc/apache2/ports.conf' => mockfile.call('ports.conf'), '/etc/apache2/ports.conf' => mockfile.call('ports.conf'),
'/etc/httpd/conf/httpd.conf' => mockfile.call('httpd.conf'),
'/etc/httpd/conf.d/ssl.conf' => mockfile.call('ssl.conf'),
'/etc/apache2/conf-enabled/serve-cgi-bin.conf' => mockfile.call('serve-cgi-bin.conf'), '/etc/apache2/conf-enabled/serve-cgi-bin.conf' => mockfile.call('serve-cgi-bin.conf'),
'/etc/xinetd.conf' => mockfile.call('xinetd.conf'), '/etc/xinetd.conf' => mockfile.call('xinetd.conf'),
'/etc/xinetd.d' => mockfile.call('xinetd.d'), '/etc/xinetd.d' => mockfile.call('xinetd.d'),
@ -232,6 +234,7 @@ class MockLoader
'iptables -S' => cmd.call('iptables-s'), 'iptables -S' => cmd.call('iptables-s'),
# apache_conf # apache_conf
'find /etc/apache2/ports.conf -maxdepth 1 -type f' => cmd.call('find-apache2-ports-conf'), 'find /etc/apache2/ports.conf -maxdepth 1 -type f' => cmd.call('find-apache2-ports-conf'),
'find /etc/httpd/conf.d/*.conf -maxdepth 1 -type f' => cmd.call('find-httpd-ssl-conf'),
'find /etc/apache2/conf-enabled/*.conf -maxdepth 1 -type f' => cmd.call('find-apache2-conf-enabled'), 'find /etc/apache2/conf-enabled/*.conf -maxdepth 1 -type f' => cmd.call('find-apache2-conf-enabled'),
# mount # mount
"mount | grep -- ' on /'" => cmd.call("mount"), "mount | grep -- ' on /'" => cmd.call("mount"),

View file

@ -0,0 +1 @@
/etc/httpd/conf.d/ssl.conf

View file

@ -0,0 +1,25 @@
# This is the main Apache server configuration file. It contains comments.
ServerRoot "/etc/httpd"
# User/Group: The name (or #number) of the user/group to run httpd as.
# . On SCO (ODT 3) use "User nouser" and "Group nogroup".
# . On HPUX you may not be able to use shared memory as nobody, and the
# suggested workaround is to create a user www and use that user.
# NOTE that some kernels refuse to setgid(Group) or semctl(IPC_SET)
# when the value of (unsigned)Group is above 60000;
# don't use Group #-1 on these systems!
#
User apache
Group apache
# Load config files from the config directory "/etc/httpd/conf.d".
#
Include conf.d/*.conf
# First, we configure the "default" to be a very restrictive set of
# features.
#
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>

View file

@ -0,0 +1,6 @@
# apache ssl.conf
Listen 80
<IfModule ssl_module>
Listen 443
</IfModule>

View file

@ -2,30 +2,30 @@
# author: Stephan Renatus # author: Stephan Renatus
require 'helper' require 'helper'
require 'inspec/resource'
require 'hashie'
describe 'Inspec::Resources::ApacheConf' do describe 'Inspec::Resources::ApacheConf' do
let(:resource) { load_resource('apache_conf') } # debian style apache2
it 'reads values in apache2.conf and from Include, IncludeOptional params' do
it 'verify content is a string' do resource = MockLoader.new(:ubuntu1404).load_resource('apache_conf')
_(resource.content).must_be_kind_of String
end
it 'verify params is a hashmap' do
_(resource.params).must_be_kind_of Hash _(resource.params).must_be_kind_of Hash
end _(resource.content).must_be_kind_of String
it 'reads values in apache2.conf' do
_(resource.params('ServerRoot')).must_equal ['"/etc/apache2"'] _(resource.params('ServerRoot')).must_equal ['"/etc/apache2"']
end
it 'reads values in from the direct include ports.conf' do
_(resource.params('Listen').sort).must_equal ['443', '80'] _(resource.params('Listen').sort).must_equal ['443', '80']
end
it 'reads values in from wildcard include serve-cgi-bin.conf' do
# TODO(sr) currently, the parser only merges parameter across separate # TODO(sr) currently, the parser only merges parameter across separate
# source files, not in one file # source files, not in one file
_(resource.params('Define')).must_equal ['ENABLE_USR_LIB_CGI_BIN', _(resource.params('Define')).must_equal ['ENABLE_USR_LIB_CGI_BIN',
'ENABLE_USR_LIB_CGI_BIN'] 'ENABLE_USR_LIB_CGI_BIN']
end end
# non debian style httpd
it 'reads values in httpd.conf and from Include, IncludeOptional params' do
resource = MockLoader.new(:centos6).load_resource('apache_conf')
_(resource.params).must_be_kind_of Hash
_(resource.content).must_be_kind_of String
_(resource.params('ServerRoot')).must_equal ['"/etc/httpd"']
_(resource.params('Listen').sort).must_equal ['443', '80']
end
end end