Dominik Richter
fc9764aa36
lazy eval login.defs
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:01 +02:00
Dominik Richter
3508219428
lazy eval limits.conf
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:01 +02:00
Dominik Richter
6a6c1fd7c8
lazy eval inetd conf
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:01 +02:00
Dominik Richter
075313b10e
cache gem package results
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:01 +02:00
Dominik Richter
bfad1e1509
lazy eval auditd conf
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:01 +02:00
Christoph Hartmann
341a4ba98d
improvement: simplify readability of nil checks
2015-09-22 02:27:01 +02:00
Christoph Hartmann
db81929dd7
minor style improvement
2015-09-22 02:27:01 +02:00
Christoph Hartmann
c081cfac82
improve reliability of method_missing
2015-09-22 02:27:01 +02:00
Christoph Hartmann
05dd53b5b4
improvement: skip package resource if not supported on OS
2015-09-22 02:27:00 +02:00
Dominik Richter
9608e2e29b
bugfix: specinfra selinux label handling
...
as specinfra doesnt work with respond_to?, just call the method and catch the error.
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:00 +02:00
Christoph Hartmann
a88304d030
remove method missing for yum resource
2015-09-22 02:27:00 +02:00
Dominik Richter
6c29580de0
enforce file content encoding to utf8
...
this is also in line with specinfra compatibility
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:00 +02:00
Christoph Hartmann
046f3fe9e4
fix robocop issues
2015-09-22 02:27:00 +02:00
Dominik Richter
c06fe38981
bugfix: dont strip specinfra file content output
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:00 +02:00
Christoph Hartmann
8113df6d44
bugfix: fix sysv implementation
2015-09-22 02:27:00 +02:00
Dominik Richter
61e7559489
fix bsd stat detection
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:00 +02:00
Christoph Hartmann
2e46e0781a
bugfix: fix initctl matcher to detect enabled services
2015-09-22 02:27:00 +02:00
Dominik Richter
13ce808a90
bugfix: specinfra is missing methods for freebsd
...
Add getter for user/group/mode for freebsd, as specinfra will execute these calls but not return anything.
2015-09-22 02:27:00 +02:00
Christoph Hartmann
7806951051
add fedora support
2015-09-22 02:27:00 +02:00
Dominik Richter
a1a0e10c5a
extend linux file with bsd stat
...
TODO: we must start separating between the different UNIXes and maybe call this something better than LinuxFile, but for now: since most of the things will stay the same, add the bsd stat command as an alternative to the linux stat command and parse its output.
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:00 +02:00
Dominik Richter
82f89aa1db
bugfix: dont fail on specinfra selinux_label on freebsd
...
the call shouldnt be made, but in case it is, dont just fail mit NoMethodError
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:00 +02:00
Christoph Hartmann
2484623220
add comments
2015-09-22 02:26:59 +02:00
Christoph Hartmann
d2e110e183
add debian support and improve regex
2015-09-22 02:26:59 +02:00
Christoph Hartmann
7239c7ced5
add service implementation for systemv
2015-09-22 02:26:59 +02:00
Christoph Hartmann
eb8c9411c7
remove comments
2015-09-22 02:26:59 +02:00
Christoph Hartmann
05e95477e3
add support for macos in service resource
2015-09-22 02:26:59 +02:00
Christoph Hartmann
6b07372bb9
bugfix: handle nil for service info
2015-09-22 02:26:59 +02:00
Christoph Hartmann
1b5e6fa7af
select init system by os version for now
2015-09-22 02:26:59 +02:00
Christoph Hartmann
4479001763
add upstart implementation for service resource
2015-09-22 02:26:59 +02:00
Christoph Hartmann
b8d0edecfb
add systemd implementation for service
2015-09-22 02:26:59 +02:00
Christoph Hartmann
204e6f5021
skip resource, if os is not supported
2015-09-22 02:26:59 +02:00
Christoph Hartmann
9da4e7674e
use volcano.os
2015-09-22 02:26:59 +02:00
Christoph Hartmann
9aa0b1cf4a
rename service_info to info
2015-09-22 02:26:59 +02:00
Christoph Hartmann
21040b9b03
implement service resource for windows
2015-09-22 02:26:59 +02:00
Dominik Richter
f18381a7d3
return nil for specinfra content on directories
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:26:59 +02:00
Dominik Richter
7137a9625b
expose backend file path
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:26:58 +02:00
Dominik Richter
d16f76c9ce
pull in selinux label on local backend runner
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:26:58 +02:00
Dominik Richter
b13a1b574d
let specinfra support empty block device content
2015-09-22 02:26:58 +02:00
Dominik Richter
7f19111b1b
bugfix: catch lstat errors on local backend
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:25:52 +02:00
Dominik Richter
ef9b299319
api: specinfra reports nil on non-existent files
...
Check the responses and make sure we dont blindly return eg: size=0 or group="" or user="" for files that dont exist.
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:25:52 +02:00
Dominik Richter
4aef4821cc
bugfix: target_type check for pipe
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:25:52 +02:00
Dominik Richter
b8ae2ee7a3
api: specinfra content returns nil on block_device
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:17:30 +02:00
Dominik Richter
d2ade9f247
bugfix: nil content on specinfra empty files
...
Only return nil for no content on specinfra files if the file actually has any content. ie. when we were not able to read the content then provide the answer of nil. if the file has no content, return an empty string. this leaves the error case where empty files cannot be read, which will not be signaled via content from specinfra.
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:17:30 +02:00
Dominik Richter
d8dea86e6e
api: return nil for md5/sha256/content empty
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:17:30 +02:00
Dominik Richter
e0b89e6ae2
bugfix: return nil on file content read errors
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:17:30 +02:00
Dominik Richter
2c00423c3e
read symlink destination file types
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:17:30 +02:00
Dominik Richter
6f4f0b570c
inject specinfra backend helper into file
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:17:30 +02:00
Dominik Richter
5f472d9735
use lstat for local backend to read symlinks
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:17:30 +02:00
Dominik Richter
3e16407454
rename file link_target -> link_path
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:17:30 +02:00
Dominik Richter
60f9e643aa
api: specinfra mtime returns unix seconds
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:17:30 +02:00
Dominik Richter
04a8cfddf4
ignore exit code on linux stat
...
For now: Since stat throws exit code 1 on selinux label checks if no selinux label (or system) is present, it would signal us to disregard results. However, the results are actually complete and can be fully used, with selinux_label becoming "?".
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:17:29 +02:00
Dominik Richter
526518fabd
api: set specinfra product_version + file_version to nil
...
whenever the label is empty (typically on all *nix systems) set it to nil instead of ""
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:17:29 +02:00
Dominik Richter
55bd535599
api: specinfra set selinux label to nil
...
Whenever the selinux label is empty, set it to nil instead of '?' or ''.
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:17:29 +02:00
Dominik Richter
534a9ce57a
bugfix: always return file stat
2015-09-22 02:17:29 +02:00
Dominik Richter
c86a68950a
improvement: add optimized local file module
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:17:29 +02:00
Christoph Hartmann
6e76dd689e
bugfix: set host for ssh config in specinfra
2015-09-22 02:17:28 +02:00
Dominik Richter
8f45afffcd
move up specinfra property detection
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:17:28 +02:00
Dominik Richter
48b25e893d
bugfix: specinfra re-detect backend os
...
By default it uses the currently running OS on initialization, instead of the OS configured via backend. Force its reinitialization by resetting all properties.
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:17:28 +02:00
Christoph Hartmann
dfb330e7e8
use backend os detection in resources
2015-09-22 02:17:28 +02:00
Christoph Hartmann
7b5bbc8a5f
patch specinfra os detection
2015-09-22 02:17:28 +02:00
Christoph Hartmann
1bf94016a7
rename Command to Cmd
2015-09-22 02:17:28 +02:00
Christoph Hartmann
43d49a348f
bugfix: require specinfra backend
2015-09-22 02:17:28 +02:00
Dominik Richter
54b37b0b96
unify reporting on concurrent tests
...
Take control of the rspec runner loop and make sure all of our concurrent tests are executed in one reporting chain. It goes: Start reporting, concurrently run container+test+kill, stop and publish reporting.
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:17:28 +02:00
Dominik Richter
c6f896cad3
run full docker test in parallel
...
With just one more issue left: the formatter is going to report multiple time, including spitting out errors multiple times. Also need to remove some of the custom formatting around the current state of containers.
As a bonus: This further improved testing speed (30% on the current environment) and will allow us to grow the supported platforms for tests easily.
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:17:27 +02:00
Dominik Richter
37ad8f9531
run test setup concurrently + only once
...
Instead of having RSpec re-run its world multiple times, run it only once with all tests.
Which leaves us with one more thing to solve: we want to start tests as soon as the container is up and they are set up. At the moment, the containers come up and are set up concurrently, including test registry, but the tests themselves are in simple sequence.
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:17:27 +02:00
Dominik Richter
eb2e18b75d
remove leftover includes
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:17:27 +02:00
Dominik Richter
945dee74cc
Merge pull request #10 from chef/oneget
...
add oneget resource
2015-09-22 02:17:27 +02:00
Christoph Hartmann
33f9dd8e87
add oneget resource
2015-09-22 02:17:21 +02:00
Christoph Hartmann
d0d9a66e4a
move user default settings to backend
2015-09-22 02:15:43 +02:00
Dominik Richter
3e02e622c5
bugfix: linux file stat parameters and mount
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:43 +02:00
Christoph Hartmann
51fff9104b
bugfix: use instance variable, include winrm
2015-09-22 02:15:43 +02:00
Christoph Hartmann
b03db74798
improvement: set default user at a later stage to support user@target
2015-09-22 02:15:43 +02:00
Dominik Richter
2db06783fb
update find_files for all other resources
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:43 +02:00
Dominik Richter
165c08799f
bugfix: deep merge mysql conf parameters
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:43 +02:00
Dominik Richter
4852842bf6
feature: add hash utility for deep_merge
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:42 +02:00
Dominik Richter
58fa9bc6c7
update mysql_conf to work with new find_files
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:42 +02:00
Dominik Richter
1345c1d017
update findfiles to work with new backend
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:42 +02:00
Dominik Richter
f1cc7cbf9b
lint utils
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:42 +02:00
Dominik Richter
753e7775ef
lint detect
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:42 +02:00
Dominik Richter
486c5fde1c
fix code complexity lint
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:42 +02:00
Dominik Richter
0d5ee00ac5
reduce branch size complexity mysql (lint)
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:42 +02:00
Dominik Richter
470c2ef920
wrap up core resource linting
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:42 +02:00
Dominik Richter
903b9642e4
lint resources
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:42 +02:00
Dominik Richter
74da29c3ed
lint vulcano lib files
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:42 +02:00
Dominik Richter
07cb7efe36
lint targets
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:42 +02:00
Dominik Richter
46b300f409
finish linting backend
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:42 +02:00
Dominik Richter
e5686ea4e2
lint backends
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:42 +02:00
Dominik Richter
cfbd5ccfc0
lint plugins
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:42 +02:00
Dominik Richter
6e01505414
lint
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:41 +02:00
Dominik Richter
67b5ecc06e
bugfix: force PTY on SSH connection
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:41 +02:00
Christoph Hartmann
1570e8e7af
Merge pull request #4 from chef/docker
...
Start Docker + SSH backends
2015-09-22 02:15:41 +02:00
Dominik Richter
1359152fc6
add ssh channels to get command stdout/stderr/status
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:41 +02:00
Dominik Richter
0a13817639
feature: add ssh backend
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:41 +02:00
Dominik Richter
e3373679ec
feature: add docker container backend
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:41 +02:00
Christoph Hartmann
238f1b2016
add pip resource to verify gem packages
2015-09-22 02:15:41 +02:00
Christoph Hartmann
bdb859b730
add npm resource to verify gem packages
2015-09-22 02:15:41 +02:00
Dominik Richter
275039dead
more rubocop
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:41 +02:00
Christoph Hartmann
0171b2e2f2
add gem resource to verify gem packages
2015-09-22 02:15:41 +02:00
Christoph Hartmann
77815154eb
add the be_installed matcher
2015-09-22 02:15:41 +02:00
Christoph Hartmann
9783751741
implement package resource
2015-09-22 02:15:41 +02:00
Dominik Richter
a6c47a2e39
rubocop
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:40 +02:00
Dominik Richter
dcdf8ea0e2
init linux_file owner class
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:40 +02:00
Dominik Richter
a9bd476cb5
feature: configure specinfra backend
...
via target or backend config; set the backend to: specinfra+exec, specinfra+ssh, specinfra+winrm, specinfra+docker etc.
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:40 +02:00
Dominik Richter
03e6402f5c
use LinuxFile to get type information in specinfra backend
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:40 +02:00
Dominik Richter
13bc7f4015
move linux file handling to separate class
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:40 +02:00
Dominik Richter
686134e06b
bugfix: url handler crashing on handles?
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 01:42:26 +02:00
Dominik Richter
0125bcace8
add call tracing to mock backend
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 01:42:26 +02:00
Dominik Richter
0abef702fc
initialize @stat in local backend
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 01:42:26 +02:00
Dominik Richter
ecad431bc6
move mock_command into mock, out of helper
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 01:23:08 +02:00
Dominik Richter
17386740c7
dont redefine classmethod on initialize
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 01:23:08 +02:00
Dominik Richter
f1c454aae3
typo fix on @commands
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 01:23:08 +02:00
Dominik Richter
cb5f2d4409
bugfix: inherit base methods
...
Don't redefine methods that aren't there yet. yes: ruby parses top down at at that point we don't have these methods yet anyway, so don't :send them to the class
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 01:23:08 +02:00
Dominik Richter
32a6f01d1f
simplify mock backend association
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 01:23:08 +02:00
Dominik Richter
ea91af6da1
lint
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 01:23:08 +02:00
Dominik Richter
93a3bc8e58
dont reference backend in local command
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 01:23:08 +02:00
Dominik Richter
1d1220983a
feature: local backend
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 01:23:08 +02:00
Christoph Hartmann
a7efec310b
implement yum resource
2015-09-22 01:10:56 +02:00
Christoph Hartmann
7e9eb2920d
add usage header for audit resource
2015-09-21 14:12:34 +02:00
Christoph Hartmann
62d0b217f9
optimize comments for audit_policy resource
2015-09-21 14:09:43 +02:00
Christoph Hartmann
e57e5f3fd6
bugfix: use new volcano backend for registry key
2015-09-21 14:09:10 +02:00
Christoph Hartmann
92ff33cbba
improvement: use separate object to hold filter state, optimize users output
2015-09-21 14:07:58 +02:00
Christoph Hartmann
d40ab9a9ad
bugfix: set default path for inetd_conf
2015-09-21 14:06:01 +02:00
Christoph Hartmann
0d7d01efbd
bugfix: set default path for limits.conf
2015-09-21 14:04:02 +02:00
Christoph Hartmann
797d24c14a
add login_def resource unit test
2015-09-21 14:01:51 +02:00
Christoph Hartmann
9358ac3035
rename env.rb to os_env.rb
2015-09-21 13:58:47 +02:00
Christoph Hartmann
672f03a0dd
improve output of ntp resource for single value arrays
2015-09-21 13:58:03 +02:00
Christoph Hartmann
7295e4c16f
improve handling on uid data view
2015-09-21 13:56:08 +02:00
Christoph Hartmann
852e5ae627
improvement: remove class variables from security policy implementation
2015-09-21 13:52:49 +02:00
Christoph Hartmann
53eb3b6990
bugfix: escape string before regex, fix regular expression to identify key
2015-09-21 13:52:33 +02:00
Christoph Hartmann
e9e24a6bd5
use new volcano backend for security policy
2015-09-21 13:51:27 +02:00
Christoph Hartmann
f0ac64cf31
improvement: extend mock to support simulated cmds
2015-09-21 13:43:09 +02:00
Christoph Hartmann
cdf15b9dd1
bugfix: support multiple values in ssh config like 'HostKey', improve readability by extracting the first value from array, if we have only one value
2015-09-21 13:43:09 +02:00
Christoph Hartmann
0e8651bf26
fix rubocop issues
2015-09-05 16:07:54 +02:00
Christoph Hartmann
36c9de7529
more rubocop fixes
2015-09-04 09:59:30 +02:00
Christoph Hartmann
91ea24d538
replace :: with . syntax
2015-09-04 09:15:20 +02:00
Christoph Hartmann
bbbb8380ca
replace raise with fail
2015-09-03 23:24:42 +02:00
Christoph Hartmann
556bb5a0f0
remove empty lines
2015-09-03 23:20:53 +02:00
Christoph Hartmann
1773d20178
use single quotes
2015-09-03 23:18:28 +02:00
Christoph Hartmann
5c137a7ab1
remove redundant return
2015-09-03 20:45:37 +02:00
Christoph Hartmann
349d5bf9f1
harmonize method definition style
2015-09-03 20:43:58 +02:00
Christoph Hartmann
7bdcc00e94
add utf-8 header
2015-09-03 20:36:46 +02:00
Christoph Hartmann
5612752b82
use single quotes
2015-09-03 20:35:23 +02:00
Christoph Hartmann
a895d19f03
simplify mock file loading method
2015-09-03 17:53:38 +02:00
Christoph Hartmann
a206d0ef09
(re)add debug for mock backend
2015-09-03 17:51:08 +02:00
Christoph Hartmann
7db6941219
feature: add bond resource implementation
2015-09-03 17:34:11 +02:00
Christoph Hartmann
ceb68f94cf
feature: extend mock framework to support file mappings
2015-09-03 17:34:11 +02:00
Dominik Richter
c9fcb2913a
complete all file tests
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-03 16:17:52 +02:00
Dominik Richter
29a143a67f
remove file ctime
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-03 15:43:30 +02:00
Dominik Richter
708fa8485d
bugfix: reset specinfra backends between runs manually
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-03 15:32:33 +02:00
Dominik Richter
f54fa6537a
use string for backend conf
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-03 14:56:08 +02:00
Dominik Richter
f618fa391b
bugfix: specinfra file type detection
...
mask & tmask returns non-zero values, if some bits fit the file-type. this leads to overlapping results. make sure the mask result has the full mask present, then use it.
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-03 14:14:57 +02:00
Dominik Richter
841198993d
runner conf must use string-keys
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-03 13:43:32 +02:00
Dominik Richter
18701752a7
improvement: make runner config map work with keys and string
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-03 12:56:40 +02:00
Dominik Richter
199cb84ab3
not implemented only throws on missing methods
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-02 17:30:49 +02:00
Dominik Richter
951f63c6c8
feature: configurable formatter for test exec
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-02 16:44:14 +02:00
Dominik Richter
1c2ab098f5
specify methods all backends must implement
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-02 11:53:25 +02:00
Dominik Richter
05b4167971
start backend and file tests
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-02 04:55:22 +02:00
Dominik Richter
32964c1e4e
tests for backend
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-02 04:19:23 +02:00
Dominik Richter
e08787d14e
move file interface + helpers to backend plugin
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-02 00:50:52 +02:00
Dominik Richter
f60b7580d5
complete specinfra file backend
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-01 11:48:50 +02:00
Dominik Richter
a64597594e
minor bugfixes
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-01 11:11:34 +02:00
Dominik Richter
04db46f116
add aliases for target and backend
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-29 19:49:39 -07:00
Dominik Richter
601abe2579
rename backend reference @vulcano -> vulcano
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-29 19:33:15 -07:00
Dominik Richter
b2e031c056
start serverspec migration
...
This project is inspired by Serverspec and all the wonderful contributions that went into it. Thank you all so much! We have used Serverspec as our audit base and have now a slightly different perspective. We hope to continue the spirit on this path. Hopefully both projects will find their way together.
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-29 17:36:05 -07:00
Dominik Richter
d292ed6ea5
migrate directory resource
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-29 17:24:34 -07:00
Dominik Richter
e5daa52064
fix ssh config path
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-29 17:18:37 -07:00
Dominik Richter
1bbe67682e
start migrating file resource
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-29 17:14:17 -07:00
Dominik Richter
50a5803427
rename is_file? -> file?
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-29 17:13:53 -07:00
Dominik Richter
431c27d4ab
migrate all specinfra backends
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-29 17:13:07 -07:00
Dominik Richter
40784c7c8e
safeguard against empty backends
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-29 16:31:36 -07:00
Dominik Richter
de27b3d8e9
move mock backend to new plugin structure
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-29 16:14:28 -07:00
Dominik Richter
a8ed53c337
move backend to new plugin structure
...
use the same structure as for resources
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-29 16:11:23 -07:00
Dominik Richter
df8a668d8c
combine resoure+resources -> resource.rb
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-29 16:08:17 -07:00
Dominik Richter
84102b89de
rename contents -> content
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-29 02:10:36 -07:00
Dominik Richter
5a8bcf2b93
migrate file resource
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-29 00:44:16 -07:00
Dominik Richter
1d805aca2c
migrate group policy
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-28 16:09:35 -07:00
Dominik Richter
554accdedc
reimplement command resource
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-28 16:08:24 -07:00
Dominik Richter
e0459c4116
migrate all of audit
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-28 16:04:52 -07:00
Dominik Richter
2a8b8d3394
migrate env and apache conf
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-28 13:02:18 -07:00
Dominik Richter
dddc9daed0
migrated inetd config and etc group
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-28 12:52:59 -07:00
Dominik Richter
2103a4485b
migrate limits and login defs
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-28 12:47:37 -07:00
Dominik Richter
8004d6f129
migrate all mysql resources
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-28 12:41:48 -07:00
Dominik Richter
1a45f32f0b
migrated all postgres resources
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-28 12:37:03 -07:00
Dominik Richter
83d846ac7f
migrate ntp conf and parse_config
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-28 12:32:17 -07:00
Dominik Richter
d9d67e943a
migrate passwd and processes
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-28 12:27:35 -07:00
Dominik Richter
dc0f61a0ef
migrate registry_key + security_policy
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-28 11:52:22 -07:00
Dominik Richter
d7bcf6dfea
move resource plugin to vulcano/plugins
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-28 11:49:21 -07:00
Dominik Richter
2c2d2d8d27
rename resources -> tests in the context of runner
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-28 10:13:05 -07:00
Dominik Richter
3bf8037638
move to a simpler plugin structure
...
This has been inspired in its calling structure by the wonderful work done in Vagrant. Kudos to all contributors!
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-28 10:10:03 -07:00
Dominik Richter
9e7ea1ef5d
move ssh_conf to new structure
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-27 20:02:38 -07:00
Dominik Richter
90a2d45462
create new pluggable profile context
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-27 13:59:58 -07:00
Dominik Richter
a1af0ad24b
start mock backend and change backend mechanics
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-27 13:59:15 -07:00
Dominik Richter
7e1f9b8a15
move resources lib
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-27 13:58:07 -07:00
Dominik Richter
38a99c065a
0.6.1
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-24 14:25:29 -07:00
Dominik Richter
22ce1d4b0d
add docker backend support
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-24 10:35:03 -07:00
Christoph Hartmann
3570295007
bugfix: remove debug message
2015-08-14 01:46:43 -07:00
Christoph Hartmann
6e7d2f6bcf
detect windows versions
2015-08-14 01:43:02 -07:00
Christoph Hartmann
e4de940dfe
improve windows detection
2015-08-14 00:49:31 -07:00
Dominik Richter
8c82bca280
bugfix: skip resources with message
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-13 23:22:56 -07:00
Dominik Richter
1890ba9226
bugfix: correctly detect code line of block
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-13 22:51:53 -07:00
Dominik Richter
75c30d9892
bugfix: remove unnecessary only_if outer definition
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-13 22:36:50 -07:00
Dominik Richter
086d385fe0
add detect utility to get os info
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-13 17:18:17 -07:00
Dominik Richter
90ed1aed99
fix missing require winrm
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-12 23:45:32 -07:00
Dominik Richter
6360bf825f
fix wrong variable ref
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-12 23:39:12 -07:00
Dominik Richter
83432ccfb4
fix typo
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-12 23:31:47 -07:00
Dominik Richter
1a165bc886
change the default impact to 0.5
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-12 23:05:26 -07:00
Dominik Richter
225b49fbd2
0.6.0
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-12 22:47:29 -07:00
Dominik Richter
5875864f45
move zip and tar helpers
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-12 22:45:42 -07:00
Dominik Richter
7a59d9ce76
feature: start github uri reader
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-12 22:34:37 -07:00
Christoph Hartmann
9065eaa35c
add zip and tar helper
2015-08-12 21:14:48 -07:00
Dominik Richter
61794072e5
generalize folder handling
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-12 20:47:02 -07:00
Dominik Richter
9f0b6ebc46
add targets for chef-audit and serverspec
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-12 19:19:36 -07:00
Dominik Richter
6e4381f2d4
turn backend into a separate object
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-12 19:07:01 -07:00
Dominik Richter
9ba4fb1d00
add configurable targets and backends
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-12 18:48:17 -07:00
Dominik Richter
cecd86a119
improvement: unify ID generation for all tests
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-12 17:29:23 -07:00
Dominik Richter
7f67a088cb
feature: --target option for scans
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-12 17:05:32 -07:00
Dominik Richter
be1cead58e
improvement: always give a title to spec files
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-12 16:27:32 -07:00
Dominik Richter
5b0f5252c6
shorten anonymous describe IDs
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-12 15:17:18 -07:00
Dominik Richter
116a9b46d8
run multiple files by aggregating results
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-12 15:16:50 -07:00
Dominik Richter
360da9a7ba
feature: configure ssh+winrm targets on CLI-runner
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-12 14:19:44 -07:00
Dominik Richter
33043dd6a1
feature: run tests from cli
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-12 12:03:41 -07:00
Your Name
f6509b7f81
add method_source gem for getting source code
...
Signed-off-by: Your Name <your.name@email.com>
2015-08-10 00:01:11 +00:00
Your Name
0108ab2c75
simplify ruby source block detection
...
Signed-off-by: Your Name <your.name@email.com>
2015-08-09 20:31:51 +00:00
Your Name
39343367c2
feature: include rule code in json
...
Signed-off-by: Your Name <your.name@email.com>
2015-08-09 18:29:59 +00:00
Dominik Richter
5e8af49561
runtime bugfixes
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-02 23:39:43 -07:00
Dominik Richter
61f5f95147
make sure etc group values in where clause are strings
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-02 20:49:55 -07:00
Dominik Richter
b72ba08c06
trip whitespace
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-02 20:37:58 -07:00
Dominik Richter
a48d032cec
double-check if data is read from conf apache/postgres/mysql
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-02 20:35:18 -07:00
Dominik Richter
df8be769af
skip apache conf if file doesn't exist
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-02 20:28:32 -07:00
Dominik Richter
9621b1c9e9
skip postgres+mysql conf if file doesn't exist
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-02 20:27:34 -07:00
Dominik Richter
93065b9dda
use FindFiles for postgres conf
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-02 20:17:07 -07:00
Dominik Richter
c733a577da
improvement: unify FindFiles
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-02 20:11:01 -07:00
Dominik Richter
e9ee17c176
bugfix: find included files on remote host
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-02 19:50:49 -07:00
Dominik Richter
178ca83a4b
specify inetd_conf path
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-02 19:34:24 -07:00
Dominik Richter
07edef95ad
flatten users of groups
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-02 18:56:14 -07:00
Dominik Richter
3682a8279d
make sure to get conditions as symbols
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-02 18:49:05 -07:00
Dominik Richter
e0b0b52af3
feature: etc_group with where-function overhaul
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-02 18:42:05 -07:00
Dominik Richter
53112f4156
move resource methods to respective library files
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-02 17:40:08 -07:00
Dominik Richter
42c3f95b41
move local parseconfig resources to library file
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-02 17:25:27 -07:00
Dominik Richter
6faf07aa7d
rename parse_config back to parse_config_file
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-02 17:24:15 -07:00
Dominik Richter
1344fba629
configurable limits_conf path
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-01 09:52:55 +02:00
Dominik Richter
70a6130335
move ssh_config + sshd_config with paths to the resource file
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-01 09:43:38 +02:00
Dominik Richter
cc28749adf
configurable paths for postgres + mysql confs
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-01 09:38:52 +02:00
Dominik Richter
700e2bab26
feature: add mysql resource
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-01 09:31:57 +02:00
Dominik Richter
7e9c8fe289
bugfix: get comment_char for simple_config
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-01 09:23:52 +02:00
Dominik Richter
f2fed3fa6d
api: change default of multiple_values true -> false in SimpleConfig
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-01 09:23:02 +02:00
Dominik Richter
9bf968838c
rename conf_ssh -> ssh_config
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-01 09:22:25 +02:00
Dominik Richter
0c5a28431d
feature: postgres information based on OS
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-01 09:21:32 +02:00
Dominik Richter
f51e89d3b1
shorten mysql and postgres session resources
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-07-30 18:28:57 +02:00
Christoph Hartmann
378a98797e
rename config_file resource
2015-07-27 23:26:10 +02:00
Christoph Hartmann
44f5ecef77
add apache config parser
2015-07-27 23:26:10 +02:00
Dominik Richter
252a88c24f
improvement: warn on minor missing entries, error on major ones
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-07-27 17:31:17 +02:00
Christoph Hartmann
bd6a294ac5
bugfix: add toString method for resources
2015-07-26 22:45:44 +02:00
Christoph Hartmann
345d7fb5cb
improvement: parse config can be configured
2015-07-26 22:45:18 +02:00
Christoph Hartmann
d926a67596
feature: resource for ntp configuration
2015-07-26 22:44:33 +02:00
Christoph Hartmann
24e9210160
feature: resources for audit daemon
2015-07-26 22:44:01 +02:00
Christoph Hartmann
34b8ab5f2a
refactor audit policy
2015-07-26 22:43:24 +02:00
Christoph Hartmann
32c4575642
add inetd resource
2015-07-26 12:53:29 +02:00
Christoph Hartmann
17476fd634
add limits.conf resource
2015-07-26 12:30:46 +02:00
Christoph Hartmann
8e16decccd
refactor types
2015-07-26 12:30:12 +02:00
Dominik Richter
35d3ee6b19
bugfix: ensure pseudo pty on remote
...
This first came up when scanning a RHEL6 EC2 box. Serverspec throws this error when the channel doesn't support a stdin.
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-07-21 12:59:52 +02:00
Christoph Hartmann
5d4e44872c
remove puts
2015-07-16 01:51:26 +02:00
Christoph Hartmann
fe7758a9a6
remove puts
2015-07-16 01:48:09 +02:00
Christoph Hartmann
fd4bb5f467
bugfix: fix id
2015-07-16 01:40:37 +02:00
Christoph Hartmann
0268d44052
add types
2015-07-16 01:09:54 +02:00
Christoph Hartmann
db8ff02313
add logindef and parse_config type
2015-07-15 16:33:39 +02:00
Christoph Hartmann
4809c33f93
add duplicate check matcher for arrays
2015-07-15 15:16:28 +02:00
Christoph Hartmann
018601480d
add etc_group implementation
2015-07-15 15:16:10 +02:00
Christoph Hartmann
dc94f2c2b5
add description for passwd file format
2015-07-15 15:15:53 +02:00
Christoph Hartmann
37f0ea7d6a
update copyright header
2015-07-15 15:15:18 +02:00
Christoph Hartmann
6ab07121de
add line feed
2015-07-15 00:50:42 +02:00
Christoph Hartmann
f9867b4c8d
add helper matcher
2015-07-15 00:50:34 +02:00
Christoph Hartmann
dbbad50c09
add passwd extraction of passwords
2015-07-15 00:50:19 +02:00
Christoph Hartmann
8c17ab29a5
add passwd support
2015-07-15 00:47:17 +02:00
Christoph Hartmann
4ff1687f6e
add env support
2015-07-15 00:47:04 +02:00
Christoph Hartmann
d7d79d3d5b
bugfix: remove winrm timeout
2015-06-28 10:09:04 +02:00
Christoph Hartmann
a25925057e
bugfix: remove debug output
2015-06-28 00:07:02 +02:00
Christoph Hartmann
1e80a197c4
feature: switch winrm port based on protocol
2015-06-27 23:03:43 +02:00
Christoph Hartmann
5714395232
feature: add ssl support for winrm
2015-06-27 21:30:21 +02:00
Christoph Hartmann
f165e51e1f
return nil, if we haven't received a value
2015-06-27 21:29:57 +02:00
Dominik Richter
8dd5ad2979
bugfix: prevent entries in known hosts files
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-27 15:49:54 +02:00
Dominik Richter
2e827fd699
bugfix: prevent any auth-method that is not configured + prevent interactive password login
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-27 15:47:45 +02:00
Dominik Richter
34bc6a387c
feature: add configurable profile_id field
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-25 17:45:46 +02:00
Dominik Richter
3440f6f69e
bugfix scope
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-22 18:21:09 +02:00
Dominik Richter
8d0976a4cc
bugfix: scoping for ubuntu's ruby version
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-22 17:57:07 +02:00
Dominik Richter
e832a1f2c8
bugfix: typo
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-22 17:27:05 +02:00
Dominik Richter
6b8cd1078a
bugfix: mysql dynamic describe
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-22 16:33:22 +02:00
Dominik Richter
b3495e9fc5
bugfix: mysql resouce skipping and checking
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-22 16:18:40 +02:00
Dominik Richter
40ed9799b7
feature: mysql config resource updated
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-22 15:51:44 +02:00
Dominik Richter
232de91d9a
feature: mysql resource with debian login + skipping policy
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-22 15:24:35 +02:00
Dominik Richter
ff0020ac73
bugfix: enforce utf-8 encoding
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-22 08:56:13 +02:00
Dominik Richter
1b9997b204
bugfix: work around embedded only_if conditionals
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-21 22:52:40 +02:00
Dominik Richter
8294641b1e
bugfix: allow json/check methods to run despite only_if in profile
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-21 22:36:38 +02:00
Dominik Richter
cb3e067a1f
feature: helper method to check if a default command exists
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-21 18:19:04 +02:00
Dominik Richter
5d5b945933
feature: only_if for profiles added
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-21 18:07:35 +02:00
Dominik Richter
cceefa54cf
add base resource
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-21 17:06:04 +02:00
Dominik Richter
7a721dba7e
feature: skip ssh config if file isn't readable/found
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-21 16:33:08 +02:00
Dominik Richter
8026915ce5
feature: support skipping rules via resources
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-21 16:32:42 +02:00
Dominik Richter
e0e7fb8996
bugfix: indicate that file resource is really working with paths
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-21 11:23:30 +02:00
Dominik Richter
9e79b49f43
improvement: file permission matchers add full description
2015-06-21 11:06:39 +02:00
Dominik Richter
b942a1a103
bugfix: run without profile ID defined
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-21 10:28:13 +02:00
Dominik Richter
1abfdae264
bugfix: use fully qualified profile IDs
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-20 02:21:08 +02:00
Dominik Richter
1d6a0decad
make json-builder work again with new rule-tree
2015-06-20 01:41:48 +02:00
Dominik Richter
83dc0a6425
make check work again with new rule-tree
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-20 01:36:59 +02:00
Dominik Richter
5e83779fb4
api: separate name from title in metadata
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-20 01:04:05 +02:00
Dominik Richter
ef4471d20b
feature: allow to skip rules
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-20 00:20:44 +02:00
Dominik Richter
2e1106b933
feature: add rule hierarchy with include and require rules
...
include_rules 'vulcanosec/ssh'
this will include all rules defined in vulcanosec/ssh
require_rules 'vulcanosec/linux'
this will not include any rules yet, but you may choose what you want to pull in.
both have a block attached which will allow you to choose rules (for require_rules) and redefined/change existing rules as you like. small example:
require_rules 'vulcanosec/linux' do
rule fs-3 do
impact 1.0
end
end
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-20 00:00:53 +02:00
Dominik Richter
a6748e2418
load rules from a spec file into a profile context
2015-06-19 22:23:07 +02:00
Dominik Richter
7649d1459c
simplify global vs embedded rule handling
...
i.e. one executes directly, the other just registers. this change makes such a distinction much easier
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-19 21:52:57 +02:00
Dominik Richter
da71e1e826
move DSL helper methods out of local DSL space
...
to avoid potential collissions
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-19 21:43:04 +02:00
Dominik Richter
8181ee038e
move rule execution and ID-fixing out
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-19 21:17:56 +02:00
Dominik Richter
f64f15ee6b
make syntax binding to scope programmable
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-19 20:11:26 +02:00
Dominik Richter
2c912d2fbe
initialize vulcano module + version first
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-19 18:45:38 +02:00
Dominik Richter
e689afb4b8
improvement: split vulcano core library from verification
2015-06-19 16:45:36 +02:00
Dominik Richter
aebed6cb55
bugfix: only call rule blocks if they are given
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-06-19 16:32:11 +02:00
Dominik Richter
6f4a1fc092
move log out of bin/vulcano; it's not used there
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-06-19 15:06:44 +02:00
Dominik Richter
1b36802589
feature: include other rules
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-06-18 17:32:40 +02:00
Dominik Richter
243c7b9892
feature: sudo configuration
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-06-17 10:49:25 +02:00
Dominik Richter
1a05865d6e
feature: print number of rules checked
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-06-16 23:33:27 +02:00
Dominik Richter
1247dd7bc7
api: change check -> rule
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-06-16 23:30:08 +02:00
Dominik Richter
e86cd978eb
bugfix: create check structure with meta-info
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-06-12 12:32:10 +02:00
Dominik Richter
9f02a88e54
improvement: separate checking information from processing
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-06-10 17:53:25 +02:00
Dominik Richter
3013bdcc46
feature: add pry for development consoles
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-06-10 17:40:16 +02:00
Dominik Richter
c329b6743a
bugfix: add resources to rules
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-06-10 17:37:51 +02:00
Dominik Richter
0c0be4b09e
bugfix: don't evaluate nil impact
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-06-10 17:36:30 +02:00
Dominik Richter
b5fb4c46c0
improvement: print file which has error
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-06-10 17:26:29 +02:00
Dominik Richter
fb9d09af49
bugfix: gsub on empty desciption
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-06-10 17:23:36 +02:00
Dominik Richter
beee62fabd
improvement: separate specfile sanitize vs check
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-06-10 17:21:03 +02:00
Dominik Richter
1833ff9aa0
bugfix: call lambda correctly
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-06-10 17:16:05 +02:00
Dominik Richter
5ba7fb0386
bugfix: recognize empty title as title==id
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-06-10 17:15:26 +02:00
Dominik Richter
4ab30252fb
feature: vulcano check
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-06-10 17:03:12 +02:00
Dominik Richter
08035d7b61
bugfix: don't let dummy resources overwrite library files
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-06-07 23:05:00 +02:00
Dominik Richter
7a022f9c0a
change json syntax to: map[string]check
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-06-07 22:24:53 +02:00
Dominik Richter
e9d642fc61
feature: replace vcheck
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-06-07 21:41:54 +02:00
Dominik Richter
44d1f88dda
add version
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-06-07 19:49:55 +02:00
Dominik Richter
f56618f364
bugfix: cascade IDs to child describe-blocks (from :its)
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-06-07 19:20:16 +02:00
Dominik Richter
64d90c326f
feature: add rules with IDs
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-06-07 17:09:02 +02:00
Dominik Richter
483c12edc7
feature: run specs on different port
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-05-14 18:30:50 +02:00
Dominik Richter
14eebb88e0
capitalize ssh conf name
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-05-14 18:30:38 +02:00
Dominik Richter
18277ddfad
bugfix: postgres connection error detection fixed
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-05-14 18:29:55 +02:00
Dominik Richter
21d604820a
feature: add windows resources
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-04-17 15:37:17 +02:00
Dominik Richter
e87af25d07
bugfix: ssh is simpleconf w/o multiassignemnt
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-04-17 15:36:55 +02:00
Dominik Richter
6875d373e8
feature: winrm specs
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-04-17 15:36:34 +02:00
Dominik Richter
c1522ed98c
feature: multi-assignments for simpleconfig
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-04-17 15:36:18 +02:00
Dominik Richter
985552731a
import resources
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-04-09 22:01:23 +02:00