Dominik Richter
6360bf825f
fix wrong variable ref
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-12 23:39:12 -07:00
Dominik Richter
83432ccfb4
fix typo
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-12 23:31:47 -07:00
Dominik Richter
1a165bc886
change the default impact to 0.5
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-12 23:05:26 -07:00
Dominik Richter
225b49fbd2
0.6.0
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-12 22:47:29 -07:00
Dominik Richter
5875864f45
move zip and tar helpers
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-12 22:45:42 -07:00
Dominik Richter
7a59d9ce76
feature: start github uri reader
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-12 22:34:37 -07:00
Christoph Hartmann
9065eaa35c
add zip and tar helper
2015-08-12 21:14:48 -07:00
Dominik Richter
61794072e5
generalize folder handling
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-12 20:47:02 -07:00
Dominik Richter
9f0b6ebc46
add targets for chef-audit and serverspec
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-12 19:19:36 -07:00
Dominik Richter
6e4381f2d4
turn backend into a separate object
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-12 19:07:01 -07:00
Dominik Richter
9ba4fb1d00
add configurable targets and backends
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-12 18:48:17 -07:00
Dominik Richter
cecd86a119
improvement: unify ID generation for all tests
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-12 17:29:23 -07:00
Dominik Richter
7f67a088cb
feature: --target option for scans
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-12 17:05:32 -07:00
Dominik Richter
be1cead58e
improvement: always give a title to spec files
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-12 16:27:32 -07:00
Dominik Richter
5b0f5252c6
shorten anonymous describe IDs
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-12 15:17:18 -07:00
Dominik Richter
116a9b46d8
run multiple files by aggregating results
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-12 15:16:50 -07:00
Dominik Richter
360da9a7ba
feature: configure ssh+winrm targets on CLI-runner
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-12 14:19:44 -07:00
Dominik Richter
33043dd6a1
feature: run tests from cli
...
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-12 12:03:41 -07:00
Your Name
f6509b7f81
add method_source gem for getting source code
...
Signed-off-by: Your Name <your.name@email.com>
2015-08-10 00:01:11 +00:00
Your Name
0108ab2c75
simplify ruby source block detection
...
Signed-off-by: Your Name <your.name@email.com>
2015-08-09 20:31:51 +00:00
Your Name
39343367c2
feature: include rule code in json
...
Signed-off-by: Your Name <your.name@email.com>
2015-08-09 18:29:59 +00:00
Dominik Richter
5e8af49561
runtime bugfixes
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-02 23:39:43 -07:00
Dominik Richter
61f5f95147
make sure etc group values in where clause are strings
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-02 20:49:55 -07:00
Dominik Richter
b72ba08c06
trip whitespace
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-02 20:37:58 -07:00
Dominik Richter
a48d032cec
double-check if data is read from conf apache/postgres/mysql
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-02 20:35:18 -07:00
Dominik Richter
df8be769af
skip apache conf if file doesn't exist
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-02 20:28:32 -07:00
Dominik Richter
9621b1c9e9
skip postgres+mysql conf if file doesn't exist
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-02 20:27:34 -07:00
Dominik Richter
93065b9dda
use FindFiles for postgres conf
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-02 20:17:07 -07:00
Dominik Richter
c733a577da
improvement: unify FindFiles
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-02 20:11:01 -07:00
Dominik Richter
e9ee17c176
bugfix: find included files on remote host
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-02 19:50:49 -07:00
Dominik Richter
178ca83a4b
specify inetd_conf path
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-02 19:34:24 -07:00
Dominik Richter
07edef95ad
flatten users of groups
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-02 18:56:14 -07:00
Dominik Richter
3682a8279d
make sure to get conditions as symbols
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-02 18:49:05 -07:00
Dominik Richter
e0b0b52af3
feature: etc_group with where-function overhaul
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-02 18:42:05 -07:00
Dominik Richter
53112f4156
move resource methods to respective library files
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-02 17:40:08 -07:00
Dominik Richter
42c3f95b41
move local parseconfig resources to library file
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-02 17:25:27 -07:00
Dominik Richter
6faf07aa7d
rename parse_config back to parse_config_file
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-02 17:24:15 -07:00
Dominik Richter
1344fba629
configurable limits_conf path
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-01 09:52:55 +02:00
Dominik Richter
70a6130335
move ssh_config + sshd_config with paths to the resource file
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-01 09:43:38 +02:00
Dominik Richter
cc28749adf
configurable paths for postgres + mysql confs
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-01 09:38:52 +02:00
Dominik Richter
700e2bab26
feature: add mysql resource
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-01 09:31:57 +02:00
Dominik Richter
7e9c8fe289
bugfix: get comment_char for simple_config
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-01 09:23:52 +02:00
Dominik Richter
f2fed3fa6d
api: change default of multiple_values true -> false in SimpleConfig
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-01 09:23:02 +02:00
Dominik Richter
9bf968838c
rename conf_ssh -> ssh_config
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-01 09:22:25 +02:00
Dominik Richter
0c5a28431d
feature: postgres information based on OS
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-01 09:21:32 +02:00
Dominik Richter
f51e89d3b1
shorten mysql and postgres session resources
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-07-30 18:28:57 +02:00
Christoph Hartmann
378a98797e
rename config_file resource
2015-07-27 23:26:10 +02:00
Christoph Hartmann
44f5ecef77
add apache config parser
2015-07-27 23:26:10 +02:00
Dominik Richter
252a88c24f
improvement: warn on minor missing entries, error on major ones
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-07-27 17:31:17 +02:00
Christoph Hartmann
bd6a294ac5
bugfix: add toString method for resources
2015-07-26 22:45:44 +02:00
Christoph Hartmann
345d7fb5cb
improvement: parse config can be configured
2015-07-26 22:45:18 +02:00
Christoph Hartmann
d926a67596
feature: resource for ntp configuration
2015-07-26 22:44:33 +02:00
Christoph Hartmann
24e9210160
feature: resources for audit daemon
2015-07-26 22:44:01 +02:00
Christoph Hartmann
34b8ab5f2a
refactor audit policy
2015-07-26 22:43:24 +02:00
Christoph Hartmann
32c4575642
add inetd resource
2015-07-26 12:53:29 +02:00
Christoph Hartmann
17476fd634
add limits.conf resource
2015-07-26 12:30:46 +02:00
Christoph Hartmann
8e16decccd
refactor types
2015-07-26 12:30:12 +02:00
Dominik Richter
35d3ee6b19
bugfix: ensure pseudo pty on remote
...
This first came up when scanning a RHEL6 EC2 box. Serverspec throws this error when the channel doesn't support a stdin.
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-07-21 12:59:52 +02:00
Christoph Hartmann
5d4e44872c
remove puts
2015-07-16 01:51:26 +02:00
Christoph Hartmann
fe7758a9a6
remove puts
2015-07-16 01:48:09 +02:00
Christoph Hartmann
fd4bb5f467
bugfix: fix id
2015-07-16 01:40:37 +02:00
Christoph Hartmann
0268d44052
add types
2015-07-16 01:09:54 +02:00
Christoph Hartmann
db8ff02313
add logindef and parse_config type
2015-07-15 16:33:39 +02:00
Christoph Hartmann
4809c33f93
add duplicate check matcher for arrays
2015-07-15 15:16:28 +02:00
Christoph Hartmann
018601480d
add etc_group implementation
2015-07-15 15:16:10 +02:00
Christoph Hartmann
dc94f2c2b5
add description for passwd file format
2015-07-15 15:15:53 +02:00
Christoph Hartmann
37f0ea7d6a
update copyright header
2015-07-15 15:15:18 +02:00
Christoph Hartmann
6ab07121de
add line feed
2015-07-15 00:50:42 +02:00
Christoph Hartmann
f9867b4c8d
add helper matcher
2015-07-15 00:50:34 +02:00
Christoph Hartmann
dbbad50c09
add passwd extraction of passwords
2015-07-15 00:50:19 +02:00
Christoph Hartmann
8c17ab29a5
add passwd support
2015-07-15 00:47:17 +02:00
Christoph Hartmann
4ff1687f6e
add env support
2015-07-15 00:47:04 +02:00
Christoph Hartmann
d7d79d3d5b
bugfix: remove winrm timeout
2015-06-28 10:09:04 +02:00
Christoph Hartmann
a25925057e
bugfix: remove debug output
2015-06-28 00:07:02 +02:00
Christoph Hartmann
1e80a197c4
feature: switch winrm port based on protocol
2015-06-27 23:03:43 +02:00
Christoph Hartmann
5714395232
feature: add ssl support for winrm
2015-06-27 21:30:21 +02:00
Christoph Hartmann
f165e51e1f
return nil, if we haven't received a value
2015-06-27 21:29:57 +02:00
Dominik Richter
8dd5ad2979
bugfix: prevent entries in known hosts files
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-27 15:49:54 +02:00
Dominik Richter
2e827fd699
bugfix: prevent any auth-method that is not configured + prevent interactive password login
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-27 15:47:45 +02:00
Dominik Richter
34bc6a387c
feature: add configurable profile_id field
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-25 17:45:46 +02:00
Dominik Richter
3440f6f69e
bugfix scope
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-22 18:21:09 +02:00
Dominik Richter
8d0976a4cc
bugfix: scoping for ubuntu's ruby version
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-22 17:57:07 +02:00
Dominik Richter
e832a1f2c8
bugfix: typo
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-22 17:27:05 +02:00
Dominik Richter
6b8cd1078a
bugfix: mysql dynamic describe
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-22 16:33:22 +02:00
Dominik Richter
b3495e9fc5
bugfix: mysql resouce skipping and checking
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-22 16:18:40 +02:00
Dominik Richter
40ed9799b7
feature: mysql config resource updated
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-22 15:51:44 +02:00
Dominik Richter
232de91d9a
feature: mysql resource with debian login + skipping policy
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-22 15:24:35 +02:00
Dominik Richter
ff0020ac73
bugfix: enforce utf-8 encoding
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-22 08:56:13 +02:00
Dominik Richter
1b9997b204
bugfix: work around embedded only_if conditionals
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-21 22:52:40 +02:00
Dominik Richter
8294641b1e
bugfix: allow json/check methods to run despite only_if in profile
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-21 22:36:38 +02:00
Dominik Richter
cb3e067a1f
feature: helper method to check if a default command exists
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-21 18:19:04 +02:00
Dominik Richter
5d5b945933
feature: only_if for profiles added
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-21 18:07:35 +02:00
Dominik Richter
cceefa54cf
add base resource
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-21 17:06:04 +02:00
Dominik Richter
7a721dba7e
feature: skip ssh config if file isn't readable/found
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-21 16:33:08 +02:00
Dominik Richter
8026915ce5
feature: support skipping rules via resources
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-21 16:32:42 +02:00
Dominik Richter
e0e7fb8996
bugfix: indicate that file resource is really working with paths
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-21 11:23:30 +02:00
Dominik Richter
9e79b49f43
improvement: file permission matchers add full description
2015-06-21 11:06:39 +02:00
Dominik Richter
b942a1a103
bugfix: run without profile ID defined
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-21 10:28:13 +02:00
Dominik Richter
1abfdae264
bugfix: use fully qualified profile IDs
...
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-06-20 02:21:08 +02:00
Dominik Richter
1d6a0decad
make json-builder work again with new rule-tree
2015-06-20 01:41:48 +02:00