mirror of
https://github.com/inspec/inspec
synced 2025-01-02 00:09:01 +00:00
3d7244fb07
Wildcards are evaluated prior to applying `sudo` permissions. This means that running `sudo find /some/path/*.conf` will fail if the user does not have read permissions on `/some/path/` because the wildcard cannot expand before `sudo` is applied and `*.conf` isn't a file. The solution for this is to run the command in a subshell that has the proper permissions (e.g. `sudo sh -c 'find /some/path/*.conf'`). This modifies `Utils::FindFiles` to use a subshell thus allowing wildcard support. This fixes #2157 Signed-off-by: Jerry Aldrich <jerryaldrichiii@gmail.com>
21 lines
895 B
Ruby
21 lines
895 B
Ruby
# Search for file that has mode 0600
|
|
describe test_find_files('/etc/find_files/secret/secret_file1') do
|
|
its('results') { should include '/etc/find_files/secret/secret_file1' }
|
|
end
|
|
|
|
# Search for file that is publicly readable
|
|
describe test_find_files('/etc/find_files/public/public_file1') do
|
|
its('results') { should include '/etc/find_files/public/public_file1' }
|
|
end
|
|
|
|
# Wildcard search with files that have mode 0600
|
|
describe test_find_files('/etc/find_files/secret/*') do
|
|
its('results') { should include '/etc/find_files/secret/secret_file1' }
|
|
its('results') { should include '/etc/find_files/secret/secret_file2' }
|
|
end
|
|
|
|
# Wildcard search with files that are publicly readable
|
|
describe test_find_files('/etc/find_files/public/*') do
|
|
its('results') { should include '/etc/find_files/public/public_file1' }
|
|
its('results') { should include '/etc/find_files/public/public_file2' }
|
|
end
|