Add shell options

README.md

@@ -210,6 +210,9 @@ inspec exec test.rb -t docker://container_id
 
 # run with sudo
 inspec exec test.rb --sudo [--sudo-password ...] [--sudo-options ...] [--sudo_command ...]
+
+# run in a subshell
+inspec exec test.rb --shell [--shell-options ...] [--shell-command ...]
 ```
 
 ### detect

lib/inspec/base_cli.rb

@@ -32,6 +32,12 @@ module Inspec
         desc: 'Additional sudo options for a remote scan.'
       option :sudo_command, type: :string,
         desc: 'Alternate command for sudo.'
+      option :shell, type: :boolean,
+        desc: 'Run scans in a subshell. Only activates on Unix.'
+      option :shell_options, type: :string,
+        desc: 'Additional shell options.'
+      option :shell_command, type: :string,
+        desc: 'Specify a particular shell to use.'
       option :ssl, type: :boolean,
         desc: 'Use SSL for transport layer encryption (WinRM).'
       option :self_signed, type: :boolean,

www/tutorial/app/responses/inspec_help_detect.txt

@@ -14,11 +14,14 @@ Options:
       [--sudo-password=SUDO_PASSWORD]      # Specify a sudo password, if it is required.
       [--sudo-options=SUDO_OPTIONS]        # Additional sudo options for a remote scan.
       [--sudo-command=SUDO_COMMAND]        # Alternate command for sudo.
+      [--shell], [--no-shell]              # Run scans in a subshell. Only activates on Unix.
+      [--shell-options=SHELL_OPTIONS]      # Additional shell options.
+      [--shell-command=SHELL_COMMAND]      # Specify a particular shell to use.
       [--ssl], [--no-ssl]                  # Use SSL for transport layer encryption (WinRM).
       [--self-signed], [--no-self-signed]  # Allow remote scans with self-signed certificates (WinRM).
       [--json-config=JSON_CONFIG]          # Read configuration from JSON file (`-` reads from stdin).
   l, [--log-level=LOG_LEVEL]               # Set the log level: info (default), debug, warn, error
-      [--format=FORMAT]                    
+      [--format=FORMAT]
   l, [--log-level=LOG_LEVEL]               # Set the log level: info (default), debug, warn, error
       [--log-location=LOG_LOCATION]        # Location to send diagnostic log messages to. (default: STDOUT or STDERR)
       [--diagnose], [--no-diagnose]        # Show diagnostics (versions, configurations)

www/tutorial/app/responses/inspec_help_exec.txt

@@ -14,6 +14,9 @@ Options:
       [--sudo-password=SUDO_PASSWORD]      # Specify a sudo password, if it is required.
       [--sudo-options=SUDO_OPTIONS]        # Additional sudo options for a remote scan.
       [--sudo-command=SUDO_COMMAND]        # Alternate command for sudo.
+      [--shell], [--no-shell]              # Run scans in a subshell. Only activates on Unix.
+      [--shell-options=SHELL_OPTIONS]      # Additional shell options.
+      [--shell-command=SHELL_COMMAND]      # Specify a particular shell to use.
       [--ssl], [--no-ssl]                  # Use SSL for transport layer encryption (WinRM).
       [--self-signed], [--no-self-signed]  # Allow remote scans with self-signed certificates (WinRM).
       [--json-config=JSON_CONFIG]          # Read configuration from JSON file (`-` reads from stdin).