Commit graph

309 commits

Author SHA1 Message Date
Dominik Richter
aa4593ff71 replace parseconfig with simpleconfig
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-30 12:19:55 +02:00
Dominik Richter
dd46027195 bugfix: require yaml in resource
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-30 01:48:59 +02:00
Dominik Richter
1efb61ab80 lint service
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-26 12:25:02 +02:00
Dominik Richter
d28c5a85fe lint mysql
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-26 12:25:02 +02:00
Dominik Richter
9885e7683b lint port resource
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-26 12:25:02 +02:00
Christoph Hartmann
ea75b361a7 bugfix: systemd is default on debian 8 2015-09-25 12:58:17 +02:00
Christoph Hartmann
007d292890 rewrite systemv service implementation, read enabled services from rc 2015-09-25 12:58:03 +02:00
Christoph Hartmann
11ffdeddad improvement: return nil, if no description for service is available 2015-09-25 12:54:08 +02:00
Christoph Hartmann
9ac2e6e00b improvement: use onestatus instead of status for freebsd, return nil as service description for freebsd 2015-09-25 12:51:25 +02:00
Christoph Hartmann
d5d517af0a improve service handling for mac and add unit tests 2015-09-25 12:51:12 +02:00
Christoph Hartmann
36ad0dd5a0 add arch linux support for service resource 2015-09-25 12:48:57 +02:00
Christoph Hartmann
f302ca7087 bugfix: fix regular expression to parse systemd results 2015-09-25 12:48:38 +02:00
Christoph Hartmann
cb3d170ce6 add centos 7 unit mock for service resource 2015-09-25 12:48:21 +02:00
Christoph Hartmann
2a3c3270b3 bugfix: use volcano.os instead of os 2015-09-25 11:52:33 +02:00
Christoph Hartmann
3e16791f52 bugfix: catch case in service resource, where the OS is not supported 2015-09-25 11:52:33 +02:00
Christoph Hartmann
5151f42d7d add package unit test for unsupported os 2015-09-23 23:30:31 +02:00
Christoph Hartmann
af0591ab70 fix lint 2015-09-23 23:30:31 +02:00
Christoph Hartmann
a9c96dfbab fix: resolve unit test errors for arch and centos 2015-09-23 23:30:31 +02:00
Christoph Hartmann
968ed7a576 add todos for windows 2015-09-23 23:15:40 +02:00
Christoph Hartmann
476ac63036 return more detailed protocol information: tcp, udp, tcp6, udp6 2015-09-23 23:15:40 +02:00
Christoph Hartmann
563785d8a6 return arrays, since a port may run on multiple interfaces 2015-09-23 23:15:40 +02:00
Christoph Hartmann
a7b0520289 simplify check if port is available 2015-09-23 23:15:40 +02:00
Dominik Richter
a3e5984763 simplify a few calls
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-23 23:15:40 +02:00
Christoph Hartmann
d889f0b0b1 port resource support for FreeBSD 2015-09-23 23:08:54 +02:00
Christoph Hartmann
b47ec509fd port resource support for Windows 2015-09-23 23:08:19 +02:00
Christoph Hartmann
4eeb84945c port resource support for MacOS 2015-09-23 23:07:07 +02:00
Christoph Hartmann
c187230336 implement port resource for linux 2015-09-23 18:12:51 +02:00
Dominik Richter
fc14706a0a expose link_path in file resource
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 19:43:11 +02:00
Christoph Hartmann
6b3365682d fix comment 2015-09-22 02:27:04 +02:00
Christoph Hartmann
7ccc8baa37 improvement: switch back from OpenStruct to Hash 2015-09-22 02:27:04 +02:00
Christoph Hartmann
cf3dddf1a3 add csv support 2015-09-22 02:27:04 +02:00
Christoph Hartmann
b9d4fc6d8c add yaml resource 2015-09-22 02:27:04 +02:00
Christoph Hartmann
0e43d4ca6a add json resource 2015-09-22 02:27:04 +02:00
Dominik Richter
6be9c6822d fix issue with premature matching
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:04 +02:00
Christoph Hartmann
42a989606b implement kernel_parameter resource 2015-09-22 02:27:04 +02:00
Christoph Hartmann
ef9471e86c implement kernel_module resource 2015-09-22 02:27:04 +02:00
Christoph Hartmann
8b6fccee92 implement windows_feature resource 2015-09-22 02:27:03 +02:00
Dominik Richter
bb18ce52e2 update function+test calls from exists? -> exist? 2015-09-22 02:27:03 +02:00
Dominik Richter
366bc44d0d rename command().exists? -> command().exist?
This is in line with Ruby 2.1 changes in renaming File and Dir exists? to exist?
See previous commit

Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:03 +02:00
Dominik Richter
0b7eb60028 File.exists? is deprecated in ruby 2.1
See:
http://ruby-doc.org/core-2.1.0/File.html#method-c-exists-3F

Same for Dir:
http://ruby-doc.org/core-2.1.0/Dir.html#method-c-exists-3F

Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:03 +02:00
Christoph Hartmann
78fea3d3a2 support package for windows 2015-09-22 02:27:03 +02:00
Christoph Hartmann
f9501577e4 improve code style 2015-09-22 02:27:03 +02:00
Christoph Hartmann
5019664d4d bugfix: catch cases, where no service is available 2015-09-22 02:27:03 +02:00
Dominik Richter
ca753cdb83 feature: add os resource 2015-09-22 02:27:02 +02:00
Christoph Hartmann
37783385d4 implement service for FreeBSD 2015-09-22 02:27:02 +02:00
Dominik Richter
4965bfd36d make installed? always return true/false
Dont return nil als a falsy result.

Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:01 +02:00
Dominik Richter
38a77efb4a fix failing tests
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:01 +02:00
Dominik Richter
bef9cbf3e7 prevent yum repo shortname matching to nil
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:01 +02:00
Dominik Richter
4d7c11b980 lazy eval ssh config params
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:01 +02:00
Dominik Richter
dcc790b8a9 simplify nested params retrieval
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:01 +02:00
Dominik Richter
55a26cfba7 align pip resource with info handling
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:01 +02:00
Dominik Richter
10926935e2 align oneget resource with info handling
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:01 +02:00
Dominik Richter
f395ebf6df lazy eval ntp conf
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:01 +02:00
Dominik Richter
508a6889d1 align npm resource with info handling
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:01 +02:00
Dominik Richter
fc9764aa36 lazy eval login.defs
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:01 +02:00
Dominik Richter
3508219428 lazy eval limits.conf
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:01 +02:00
Dominik Richter
6a6c1fd7c8 lazy eval inetd conf
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:01 +02:00
Dominik Richter
075313b10e cache gem package results
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:01 +02:00
Dominik Richter
bfad1e1509 lazy eval auditd conf
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:27:01 +02:00
Christoph Hartmann
341a4ba98d improvement: simplify readability of nil checks 2015-09-22 02:27:01 +02:00
Christoph Hartmann
db81929dd7 minor style improvement 2015-09-22 02:27:01 +02:00
Christoph Hartmann
c081cfac82 improve reliability of method_missing 2015-09-22 02:27:01 +02:00
Christoph Hartmann
05dd53b5b4 improvement: skip package resource if not supported on OS 2015-09-22 02:27:00 +02:00
Christoph Hartmann
a88304d030 remove method missing for yum resource 2015-09-22 02:27:00 +02:00
Christoph Hartmann
046f3fe9e4 fix robocop issues 2015-09-22 02:27:00 +02:00
Christoph Hartmann
8113df6d44 bugfix: fix sysv implementation 2015-09-22 02:27:00 +02:00
Christoph Hartmann
2e46e0781a bugfix: fix initctl matcher to detect enabled services 2015-09-22 02:27:00 +02:00
Christoph Hartmann
7806951051 add fedora support 2015-09-22 02:27:00 +02:00
Christoph Hartmann
2484623220 add comments 2015-09-22 02:26:59 +02:00
Christoph Hartmann
d2e110e183 add debian support and improve regex 2015-09-22 02:26:59 +02:00
Christoph Hartmann
7239c7ced5 add service implementation for systemv 2015-09-22 02:26:59 +02:00
Christoph Hartmann
eb8c9411c7 remove comments 2015-09-22 02:26:59 +02:00
Christoph Hartmann
05e95477e3 add support for macos in service resource 2015-09-22 02:26:59 +02:00
Christoph Hartmann
6b07372bb9 bugfix: handle nil for service info 2015-09-22 02:26:59 +02:00
Christoph Hartmann
1b5e6fa7af select init system by os version for now 2015-09-22 02:26:59 +02:00
Christoph Hartmann
4479001763 add upstart implementation for service resource 2015-09-22 02:26:59 +02:00
Christoph Hartmann
b8d0edecfb add systemd implementation for service 2015-09-22 02:26:59 +02:00
Christoph Hartmann
204e6f5021 skip resource, if os is not supported 2015-09-22 02:26:59 +02:00
Christoph Hartmann
9da4e7674e use volcano.os 2015-09-22 02:26:59 +02:00
Christoph Hartmann
9aa0b1cf4a rename service_info to info 2015-09-22 02:26:59 +02:00
Christoph Hartmann
21040b9b03 implement service resource for windows 2015-09-22 02:26:59 +02:00
Christoph Hartmann
dfb330e7e8 use backend os detection in resources 2015-09-22 02:17:28 +02:00
Christoph Hartmann
1bf94016a7 rename Command to Cmd 2015-09-22 02:17:28 +02:00
Christoph Hartmann
33f9dd8e87 add oneget resource 2015-09-22 02:17:21 +02:00
Dominik Richter
2db06783fb update find_files for all other resources
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:43 +02:00
Dominik Richter
165c08799f bugfix: deep merge mysql conf parameters
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:43 +02:00
Dominik Richter
58fa9bc6c7 update mysql_conf to work with new find_files
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:42 +02:00
Dominik Richter
486c5fde1c fix code complexity lint
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:42 +02:00
Dominik Richter
0d5ee00ac5 reduce branch size complexity mysql (lint)
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:42 +02:00
Dominik Richter
470c2ef920 wrap up core resource linting
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:42 +02:00
Dominik Richter
903b9642e4 lint resources
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-22 02:15:42 +02:00
Christoph Hartmann
238f1b2016 add pip resource to verify gem packages 2015-09-22 02:15:41 +02:00
Christoph Hartmann
bdb859b730 add npm resource to verify gem packages 2015-09-22 02:15:41 +02:00
Christoph Hartmann
0171b2e2f2 add gem resource to verify gem packages 2015-09-22 02:15:41 +02:00
Christoph Hartmann
9783751741 implement package resource 2015-09-22 02:15:41 +02:00
Christoph Hartmann
a7efec310b implement yum resource 2015-09-22 01:10:56 +02:00
Christoph Hartmann
7e9eb2920d add usage header for audit resource 2015-09-21 14:12:34 +02:00
Christoph Hartmann
62d0b217f9 optimize comments for audit_policy resource 2015-09-21 14:09:43 +02:00
Christoph Hartmann
e57e5f3fd6 bugfix: use new volcano backend for registry key 2015-09-21 14:09:10 +02:00
Christoph Hartmann
92ff33cbba improvement: use separate object to hold filter state, optimize users output 2015-09-21 14:07:58 +02:00
Christoph Hartmann
d40ab9a9ad bugfix: set default path for inetd_conf 2015-09-21 14:06:01 +02:00
Christoph Hartmann
0d7d01efbd bugfix: set default path for limits.conf 2015-09-21 14:04:02 +02:00
Christoph Hartmann
797d24c14a add login_def resource unit test 2015-09-21 14:01:51 +02:00
Christoph Hartmann
9358ac3035 rename env.rb to os_env.rb 2015-09-21 13:58:47 +02:00
Christoph Hartmann
672f03a0dd improve output of ntp resource for single value arrays 2015-09-21 13:58:03 +02:00
Christoph Hartmann
7295e4c16f improve handling on uid data view 2015-09-21 13:56:08 +02:00
Christoph Hartmann
852e5ae627 improvement: remove class variables from security policy implementation 2015-09-21 13:52:49 +02:00
Christoph Hartmann
53eb3b6990 bugfix: escape string before regex, fix regular expression to identify key 2015-09-21 13:52:33 +02:00
Christoph Hartmann
e9e24a6bd5 use new volcano backend for security policy 2015-09-21 13:51:27 +02:00
Christoph Hartmann
cdf15b9dd1 bugfix: support multiple values in ssh config like 'HostKey', improve readability by extracting the first value from array, if we have only one value 2015-09-21 13:43:09 +02:00
Christoph Hartmann
0e8651bf26 fix rubocop issues 2015-09-05 16:07:54 +02:00
Christoph Hartmann
36c9de7529 more rubocop fixes 2015-09-04 09:59:30 +02:00
Christoph Hartmann
bbbb8380ca replace raise with fail 2015-09-03 23:24:42 +02:00
Christoph Hartmann
556bb5a0f0 remove empty lines 2015-09-03 23:20:53 +02:00
Christoph Hartmann
1773d20178 use single quotes 2015-09-03 23:18:28 +02:00
Christoph Hartmann
5c137a7ab1 remove redundant return 2015-09-03 20:45:37 +02:00
Christoph Hartmann
349d5bf9f1 harmonize method definition style 2015-09-03 20:43:58 +02:00
Christoph Hartmann
7bdcc00e94 add utf-8 header 2015-09-03 20:36:46 +02:00
Christoph Hartmann
5612752b82 use single quotes 2015-09-03 20:35:23 +02:00
Christoph Hartmann
7db6941219 feature: add bond resource implementation 2015-09-03 17:34:11 +02:00
Dominik Richter
c9fcb2913a complete all file tests
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-03 16:17:52 +02:00
Dominik Richter
29a143a67f remove file ctime
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-03 15:43:30 +02:00
Dominik Richter
e08787d14e move file interface + helpers to backend plugin
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-02 00:50:52 +02:00
Dominik Richter
f60b7580d5 complete specinfra file backend
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-01 11:48:50 +02:00
Dominik Richter
a64597594e minor bugfixes
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-09-01 11:11:34 +02:00
Dominik Richter
601abe2579 rename backend reference @vulcano -> vulcano
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-29 19:33:15 -07:00
Dominik Richter
b2e031c056 start serverspec migration
This project is inspired by Serverspec and all the wonderful contributions that went into it. Thank you all so much! We have used Serverspec as our audit base and have now a slightly different perspective. We hope to continue the spirit on this path. Hopefully both projects will find their way together.

Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-29 17:36:05 -07:00
Dominik Richter
d292ed6ea5 migrate directory resource
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-29 17:24:34 -07:00
Dominik Richter
e5daa52064 fix ssh config path
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-29 17:18:37 -07:00
Dominik Richter
1bbe67682e start migrating file resource
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-29 17:14:17 -07:00
Dominik Richter
50a5803427 rename is_file? -> file?
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-29 17:13:53 -07:00
Dominik Richter
84102b89de rename contents -> content
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-29 02:10:36 -07:00
Dominik Richter
5a8bcf2b93 migrate file resource
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-29 00:44:16 -07:00
Dominik Richter
1d805aca2c migrate group policy
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-28 16:09:35 -07:00
Dominik Richter
554accdedc reimplement command resource
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-28 16:08:24 -07:00
Dominik Richter
e0459c4116 migrate all of audit
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-28 16:04:52 -07:00
Dominik Richter
2a8b8d3394 migrate env and apache conf
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-28 13:02:18 -07:00
Dominik Richter
dddc9daed0 migrated inetd config and etc group
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-28 12:52:59 -07:00
Dominik Richter
2103a4485b migrate limits and login defs
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-28 12:47:37 -07:00
Dominik Richter
8004d6f129 migrate all mysql resources
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-28 12:41:48 -07:00
Dominik Richter
1a45f32f0b migrated all postgres resources
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-28 12:37:03 -07:00
Dominik Richter
83d846ac7f migrate ntp conf and parse_config
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-28 12:32:17 -07:00
Dominik Richter
d9d67e943a migrate passwd and processes
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-28 12:27:35 -07:00
Dominik Richter
dc0f61a0ef migrate registry_key + security_policy
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-28 11:52:22 -07:00
Dominik Richter
3bf8037638 move to a simpler plugin structure
This has been inspired in its calling structure by the wonderful work done in Vagrant. Kudos to all contributors!

Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-28 10:10:03 -07:00
Dominik Richter
9e7ea1ef5d move ssh_conf to new structure
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-27 20:02:38 -07:00
Dominik Richter
7e1f9b8a15 move resources lib
Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2015-08-27 13:58:07 -07:00
Dominik Richter
5e8af49561 runtime bugfixes
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-02 23:39:43 -07:00
Dominik Richter
61f5f95147 make sure etc group values in where clause are strings
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-02 20:49:55 -07:00
Dominik Richter
b72ba08c06 trip whitespace
Signed-off-by: Dominik Richter <dominik@vulcanosec.com>
2015-08-02 20:37:58 -07:00