mirror of
https://github.com/inspec/inspec
synced 2025-01-11 20:59:19 +00:00
b23a58b573
* New Resource-combined etc_hosts_allow etc_hosts_deny Signed-off-by: dromazos <dromazmj@dukes.jmu.edu>
73 lines
2.9 KiB
Ruby
73 lines
2.9 KiB
Ruby
# encoding: utf-8
|
|
# author: Matthew Dromazos
|
|
|
|
require 'helper'
|
|
require 'inspec/resource'
|
|
|
|
describe 'Inspec::Resources::EtcHostsAllow' do
|
|
describe 'EtcHostsAllow Paramaters' do
|
|
resource = load_resource('etc_hosts_allow')
|
|
it 'Verify etc_hosts_allow filtering by `daemon`' do
|
|
entries = resource.where { daemon == 'ALL' }
|
|
_(entries.client_list).must_include ['127.0.0.1', '[::1]']
|
|
_(entries.options).must_equal [[]]
|
|
end
|
|
it 'Verify etc_hosts_allow filtering by `client_list`' do
|
|
entries = resource.where { client_list == ['127.0.1.154', '[:fff:fAb0::]'] }
|
|
_(entries.daemon).must_equal ['vsftpd', 'sshd']
|
|
_(entries.options).must_include ['deny', '/etc/bin/']
|
|
end
|
|
it 'Verify etc_hosts_allow filtering by `options`' do
|
|
entries = resource.where { options == ['deny', '/etc/bin/'] }
|
|
_(entries.daemon).must_equal ['vsftpd', 'sshd']
|
|
_(entries.client_list).must_include ['127.0.1.154', '[:fff:fAb0::]']
|
|
end
|
|
end
|
|
|
|
describe '#parse_line' do
|
|
resource = load_resource('etc_hosts_allow')
|
|
it 'parses a line with multiple clients' do
|
|
line = 'foo: client1, client2 : some_option'
|
|
attributes = resource.send(:parse_line, line)
|
|
_(attributes['daemon']).must_equal 'foo'
|
|
_(attributes['client_list']).must_equal ['client1', 'client2']
|
|
end
|
|
|
|
it 'parses a line with one option' do
|
|
line = 'foo: client1, client2 : some_option'
|
|
attributes = resource.send(:parse_line, line)
|
|
_(attributes['daemon']).must_equal 'foo'
|
|
_(attributes['client_list']).must_equal ['client1', 'client2']
|
|
_(attributes['options']).must_equal ['some_option']
|
|
end
|
|
|
|
it 'parses a line with multiple options' do
|
|
line = 'foo: client1, client2 : some_option : other_option'
|
|
attributes = resource.send(:parse_line, line)
|
|
_(attributes['daemon']).must_equal 'foo'
|
|
_(attributes['client_list']).must_equal ['client1', 'client2']
|
|
_(attributes['options']).must_equal ['some_option', 'other_option']
|
|
end
|
|
end
|
|
end
|
|
|
|
describe 'Inspec::Resources::EtcHostsDeny' do
|
|
describe 'EtcHostsDeny Paramaters' do
|
|
resource = load_resource('etc_hosts_deny')
|
|
it 'Verify etc_hosts_deny filtering by `daemon`' do
|
|
entries = resource.where { daemon == 'ALL' }
|
|
_(entries.client_list).must_include ['127.0.0.1', '[::1]']
|
|
_(entries.options).must_equal [[]]
|
|
end
|
|
it 'Verify etc_hosts_deny filtering by `client_list`' do
|
|
entries = resource.where { client_list == ['127.0.1.154', '[:fff:fAb0::]'] }
|
|
_(entries.daemon).must_equal ['vsftpd', 'sshd']
|
|
_(entries.options).must_include ['deny', '/etc/bin/']
|
|
end
|
|
it 'Verify etc_hosts_deny filtering by `options`' do
|
|
entries = resource.where { options == ['deny', '/etc/bin/'] }
|
|
_(entries.daemon).must_equal ['vsftpd', 'sshd']
|
|
_(entries.client_list).must_include ['127.0.1.154', '[:fff:fAb0::]']
|
|
end
|
|
end
|
|
end
|