Mirrors/inspec
2
0
Fork 0
mirror of https://github.com/inspec/inspec synced 2024-11-23 13:13:22 +00:00
Code Issues Projects Releases Packages Wiki Activity
inspec/docs/resources/package.md.erb
Adam Leff 367d42fb3a Properly handle held packages on dpkg-flavored OS (#2087) 
* check the proper field for dpkg installation state fixes #2006

Signed-off-by: Mathieu Sauve-Frankel <msf@kisoku.net>

* Properly handle held packages on dpkg-flavored OS

InSpec was looking at the wrong field in `dpkg -s` output to determine
whether a package was installed or not. An installed, held package was
incorrectly reported as uninstalled.

This adds the proper unit tests and also adds a `be_held` matcher.

Thanks to @kisoku for the initial work in #2007.

Signed-off-by: Adam Leff <adam@leff.co>
2017-08-18 17:29:23 +02:00

128 lines
3 KiB
Text
Raw Blame History

---
title: About the package Resource
---
# package
Use the `package` InSpec audit resource to test if the named package and/or package version is installed on the system.
## Syntax
A `package` resource block declares a package and (optionally) a package version:
describe package('name') do
it { should be_installed }
end
where
* `('name')` must specify the name of a package, such as `'nginx'`
* `be_installed` is a valid matcher for this resource
## Matchers
This InSpec audit resource has the following matchers:
### be
<%= partial "/shared/matcher_be" %>
### be_held
The `be_held` matcher tests if the named package is "held". On dpkg platforms, a "held" package
will not be upgraded to a later version.
it { should be_held }
### be_installed
The `be_installed` matcher tests if the named package is installed on the system:
it { should be_installed }
### cmp
<%= partial "/shared/matcher_cmp" %>
### eq
<%= partial "/shared/matcher_eq" %>
### include
<%= partial "/shared/matcher_include" %>
### match
<%= partial "/shared/matcher_match" %>
### version
The `version` matcher tests if the named package version is on the system:
its('version') { should eq '1.2.3' }
## Examples
The following examples show how to use this InSpec audit resource.
### Test if nginx version 1.9.5 is installed
describe package('nginx') do
it { should be_installed }
its('version') { should eq '1.9.5' }
end
### Test that a package is not installed
describe package('some_package') do
it { should_not be_installed }
end
### Test if telnet is installed
describe package('telnetd') do
it { should_not be_installed }
end
describe inetd_conf do
its('telnet') { should eq nil }
end
### Test if ClamAV (an antivirus engine) is installed and running
describe package('clamav') do
it { should be_installed }
its('version') { should eq '0.98.7' }
end
describe service('clamd') do
it { should_not be_enabled }
it { should_not be_installed }
it { should_not be_running }
end
### Verify if some_package is installed according to my_rpmdb
describe package('some_package', rpm_dbpath: '/var/lib/my_rpmdb') do
it { should be_installed }
end
### Verify if Memcached is installed, enabled, and running
Memcached is an in-memory key-value store that helps improve the performance of database-driven websites and can be installed, maintained, and tested using the `memcached` cookbook (maintained by Chef). The following example is from the `memcached` cookbook and shows how to use a combination of the `package`, `service`, and `port` InSpec audit resources to test if Memcached is installed, enabled, and running:
describe package('memcached') do
it { should be_installed }
end
describe service('memcached') do
it { should be_installed }
it { should be_enabled }
it { should be_running }
end
describe port(11_211) do
it { should be_listening }
end
Reference in a new issue View git blame Copy permalink