mirror of
https://github.com/inspec/inspec
synced 2024-12-18 00:53:22 +00:00
65589f8f78
When a header includes two `_`s, they must be escaped, otherwise, the text between the two `_`s is rendered with emphasis. E.g., `<h1 id="etchostsallow">etc<em>hosts</em>allow</h1>` Escaping the `_`s fixes this and the header is rendered properly. This is a fix for: * etc_hosts_allow * etc_hosts_deny * postgres_hba_conf * postgres_ident_conf This change also adds the `h1` title to the windows_hotfix resource page. Signed-off-by: Nathen Harvey <nharvey@chef.io>
75 lines
2 KiB
Text
75 lines
2 KiB
Text
---
|
|
title: About the postgres_ident_conf Resource
|
|
---
|
|
|
|
# postgres\_ident\_conf
|
|
|
|
Use the `postgres_ident_conf` InSpec audit resource to test the client authentication data defined in the pg_hba.conf file.
|
|
|
|
<br>
|
|
|
|
## Syntax
|
|
|
|
An `postgres_ident_conf` InSpec audit resource block declares client authentication data that should be tested:
|
|
|
|
describe postgres_ident_conf.where { pg_username == 'filter_value' } do
|
|
its('attribute') { should eq ['value'] }
|
|
end
|
|
|
|
where
|
|
|
|
* `'attribute'` is a attribute in the pg ident configuration file
|
|
* `'filter_value'` is the value that is to be filtered for
|
|
* `'value'` is the value that is to be matched expected
|
|
|
|
<br>
|
|
|
|
## Supported Properties
|
|
|
|
'conf_file', 'map_name', 'params', 'pg_username', 'system_username'
|
|
|
|
<br>
|
|
|
|
## Property Examples and Return Types
|
|
|
|
### map_name([String])
|
|
|
|
`address` returns a an array of strings that matches the where condition of the filter table
|
|
|
|
describe pg_hba_conf.where { pg_username == 'name' } do
|
|
its('map_name') { should eq ['value'] }
|
|
end
|
|
### pg_username([String])
|
|
|
|
`pg_username` returns a an array of strings that matches the where condition of the filter table
|
|
|
|
describe pg_hba_conf.where { pg_username == 'name' } do
|
|
its('pg_username') { should eq ['value'] }
|
|
end
|
|
|
|
### system_username([String])
|
|
|
|
`system_username` returns a an array of strings that matches the where condition of the filter table
|
|
|
|
describe pg_hba_conf.where { pg_username == 'name' } do
|
|
its('system_username') { should eq ['value'] }
|
|
end
|
|
|
|
<br>
|
|
|
|
## Matchers
|
|
|
|
This InSpec audit resource matches any service that is listed in the pg ident configuration file. For a full list of available matchers please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
|
|
|
|
its('pg_username') { should_not eq ['peer'] }
|
|
|
|
or:
|
|
|
|
its('map_name') { should eq ['value'] }
|
|
|
|
For example:
|
|
|
|
describe postgres_ident_conf.where { pg_username == 'name' } do
|
|
its('system_username') { should eq ['value'] }
|
|
its('map_name') { should eq ['value'] }
|
|
end
|