Mirrors/inspec
2
0
Fork 0
mirror of https://github.com/inspec/inspec synced 2024-11-10 15:14:23 +00:00
Code Issues Projects Releases Packages Wiki Activity
inspec/docs/resources/login_defs.md.erb
Clinton Wolfe 2de06bdeb5 Clean injection of Availability section (#3206) 
Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
2018-08-09 08:34:49 -04:00

81 lines
2 KiB
Text
Raw Blame History

---
title: About the login_defs Resource
platform: linux
---
# login_defs
Use the `login_defs` InSpec audit resource to test configuration settings in the `/etc/login.defs` file. The `logins.defs` file defines site-specific configuration for the shadow password suite on Linux and Unix platforms, such as password expiration ranges, minimum/maximum values for automatic selection of user and group identifiers, or the method with which passwords are encrypted.
<br>
## Availability
### Installation
This resource is distributed along with InSpec itself. You can use it automatically.
### Version
This resource first became available in v1.0.0 of InSpec.
## Syntax
A `login_defs` resource block declares the `login.defs` configuration data to be tested:
describe login_defs do
its('name') { should include('foo') }
end
where
* `name` is a configuration setting in `login.defs`
* `{ should include('foo') }` tests the value of `name` as read from `login.defs` versus the value declared in the test
<br>
## Properties
This resource supports the properties found in the `login.defs` configuration settings.
<br>
## Examples
The following examples show how to use this InSpec audit resource.
### name
The `name` matcher tests the value of `name` as read from `login.defs` versus the value declared in the test:
its('name') { should eq 'foo' }
### Test password expiration settings
describe login_defs do
its('PASS_MAX_DAYS') { should eq '180' }
its('PASS_MIN_DAYS') { should eq '1' }
its('PASS_MIN_LEN') { should eq '15' }
its('PASS_WARN_AGE') { should eq '30' }
end
### Test the encryption method
describe login_defs do
its('ENCRYPT_METHOD') { should eq 'SHA512' }
end
### Test umask setting
describe login_def do
its('UMASK') { should eq '077' }
its('PASS_MAX_DAYS') { should eq '90' }
end
<br>
## Matchers
For a full list of available matchers, please visit our [matchers page](https://www.inspec.io/docs/reference/matchers/).
Reference in a new issue View git blame Copy permalink