mirror of
https://github.com/inspec/inspec
synced 2024-11-27 15:10:44 +00:00
1fdecc6680
The following new resources have been added; however, they presently only support FreeBSD and similar. * `zfs_dataset`: tests if a named ZFS dataset is present and/or has certain properties. * `zfs_pool`: tests if a named ZFS pool is present and/or has certain properties. Additionally, the `mount` resource has been reworked to include support for FreeBSD; while the existing class was renamed to LinuxMountParser. Unit-tests were added for all of the above. Signed-off-by: Joseph Benden <joe@benden.us>
63 lines
1.4 KiB
Text
63 lines
1.4 KiB
Text
---
|
|
title: About the zfs_dataset Resource
|
|
---
|
|
|
|
# zfs_dataset
|
|
|
|
Use the `zfs_dataset` InSpec audit resource to test the ZFS datasets on FreeBSD systems.
|
|
|
|
## Syntax
|
|
|
|
A `zfs_dataset` resource block declares the ZFS dataset properties that should be tested:
|
|
|
|
describe zfs_dataset('dataset') do
|
|
it { should MATCHER 'value' }
|
|
end
|
|
|
|
where
|
|
|
|
* `('dataset')` is the name of the ZFS dataset (eg: `'tank/tmp'`)
|
|
* `MATCHER` is a valid matcher for this resource
|
|
* `'value'` is the value to be tested
|
|
|
|
|
|
## Matchers
|
|
|
|
This InSpec audit resource has the matchers listed below, in addition to dynamically exposing all ZFS dataset properties available (see: `man zfs` for the list of supported properties.)
|
|
|
|
### be
|
|
|
|
<%= partial "/shared/matcher_be" %>
|
|
|
|
### be_mounted
|
|
|
|
The `be_mounted` matcher tests if the dataset is accessible from the file system:
|
|
|
|
it { should be_mounted }
|
|
|
|
### cmp
|
|
|
|
<%= partial "/shared/matcher_cmp" %>
|
|
|
|
### eq
|
|
|
|
<%= partial "/shared/matcher_eq" %>
|
|
|
|
### match
|
|
|
|
<%= partial "/shared/matcher_match" %>
|
|
|
|
## Examples
|
|
|
|
The following examples show how to use this InSpec audit resource.
|
|
|
|
### Test a dataset of 'tank/tmp'
|
|
|
|
describe zfs_dataset('tank/tmp') do
|
|
it { should be_mounted }
|
|
its('atime') { should eq 'on' }
|
|
its('compression') { should eq 'lz4' }
|
|
its('exec') { should eq 'off' }
|
|
its('readonly') { should eq 'off' }
|
|
its('setuid') { should eq 'off' }
|
|
end
|