From cf9ce1bfdc1c47bc7e93cc8fc02f652c5f73dd7e Mon Sep 17 00:00:00 2001 From: Jerry Aldrich Date: Wed, 20 Jun 2018 18:27:53 -0700 Subject: [PATCH] auditd resource: Add handling for sudo/no command (#3151) Signed-off-by: Jerry Aldrich --- lib/resources/auditd.rb | 19 +++++++++++++++++-- test/helper.rb | 1 + 2 files changed, 18 insertions(+), 2 deletions(-) diff --git a/lib/resources/auditd.rb b/lib/resources/auditd.rb index 9af107e11..a192f5fdc 100644 --- a/lib/resources/auditd.rb +++ b/lib/resources/auditd.rb @@ -30,11 +30,26 @@ module Inspec::Resources " def initialize - @content = inspec.command('/sbin/auditctl -l').stdout.chomp + unless inspec.command('/sbin/auditctl').exist? + raise Inspec::Exceptions::ResourceFailed, + 'Command `/sbin/auditctl` does not exist' + end + + auditctl_cmd = '/sbin/auditctl -l' + result = inspec.command(auditctl_cmd) + + if result.exit_status != 0 + raise Inspec::Exceptions::ResourceFailed, + "Command `#{auditctl_cmd}` failed with error: #{result.stderr}" + end + + @content = result.stdout @params = [] if @content =~ /^LIST_RULES:/ - return skip_resource 'The version of audit is outdated. The `auditd` resource supports versions of audit >= 2.3.5' + raise Inspec::Exceptions::RsourceFailed, + 'The version of audit is outdated.' \ + 'The `auditd` resource supports versions of audit >= 2.3.' end parse_content end diff --git a/test/helper.rb b/test/helper.rb index 99e00c7a4..1f8141178 100644 --- a/test/helper.rb +++ b/test/helper.rb @@ -218,6 +218,7 @@ class MockLoader 'bash -c \'type "/test/path/pip"\'' => empty.call, 'bash -c \'type "Rscript"\'' => empty.call, 'bash -c \'type "perl"\'' => empty.call, + 'bash -c \'type "/sbin/auditctl"\'' => empty.call, 'type "pwsh"' => empty.call, 'type "netstat"' => empty.call, 'sh -c \'find /etc/apache2/ports.conf -type l -maxdepth 1\'' => empty.call,