mirror of
https://github.com/inspec/inspec
synced 2024-11-23 21:23:29 +00:00
c7e87ca3e3
* Create file-check functionality into utility file There are the similar issues as PR #2302. Almost resources return false positives when a file does not exist or is not read. * Replace to file-check functionality * Fix dh_params and x509_certificate resources If a file is empty, OpenSSL::PKey::DH and OpenSSL::X509::Certificate have raised an exception and have skipped the inspection. Thus x509_certificate and dh_params resources are not allowed to read a empty file. * to_s of shadow expects filters is not nil * Remove workaround of sshd_config Removes the workaround of sshd_config since Travis CI fails due to a bug of dev-sec/ssh-baseline and the PR #100 will fix it. * Use init block variable in methods Signed-off-by: ERAMOTO Masaya <eramoto.masaya@jp.fujitsu.com>
46 lines
1 KiB
Ruby
46 lines
1 KiB
Ruby
# encoding: utf-8
|
|
# copyright: 2015, Vulcano Security GmbH
|
|
|
|
require 'utils/simpleconfig'
|
|
require 'utils/file_reader'
|
|
|
|
module Inspec::Resources
|
|
class AuditDaemonConf < Inspec.resource(1)
|
|
name 'auditd_conf'
|
|
supports platform: 'unix'
|
|
desc "Use the auditd_conf InSpec audit resource to test the configuration settings for the audit daemon. This file is typically located under /etc/audit/auditd.conf' on UNIX and Linux platforms."
|
|
example "
|
|
describe auditd_conf do
|
|
its('space_left_action') { should eq 'email' }
|
|
end
|
|
"
|
|
|
|
include FileReader
|
|
|
|
def initialize(path = nil)
|
|
@conf_path = path || '/etc/audit/auditd.conf'
|
|
@content = read_file_content(@conf_path)
|
|
end
|
|
|
|
def method_missing(name)
|
|
read_params[name.to_s]
|
|
end
|
|
|
|
def to_s
|
|
'Audit Daemon Config'
|
|
end
|
|
|
|
private
|
|
|
|
def read_params
|
|
return @params if defined?(@params)
|
|
|
|
# parse the file
|
|
conf = SimpleConfig.new(
|
|
@content,
|
|
multiple_values: false,
|
|
)
|
|
@params = conf.params
|
|
end
|
|
end
|
|
end
|