Merge pull request #36 from hardening-io/dr/fix-sysctl

prevent nil in flags
2024-11-22 19:23:02 +00:00 · 2016-02-24 16:37:28 +01:00 · 2016-02-24 16:37:28 +01:00 · b09f5c9f59
commit b09f5c9f59
parent 2801dd6072 93cb67d538
3 changed files with 9 additions and 1 deletions
--- a/.travis.yml
+++ b/.travis.yml
@ -1,4 +1,8 @@
+sudo: false
+cache: bundler
+
 rvm:
  - 1.9.3
  - 2.0.0
+  - 2.2.0
 language: ruby
--- a/4
+++ b/4
@ -2,6 +2,10 @@

 source 'https://rubygems.org'

+if Gem::Version.new(RUBY_VERSION) <= Gem::Version.new('1.9.3')
+  gem 'net-ssh', '~> 2.9'
+end
+
 gem 'rake'
 gem 'inspec', '~> 0.9'
 gem 'rubocop',    '~> 0.23'
--- a/default/inspec/sysctl_spec.rb
+++ b/default/inspec/sysctl_spec.rb
@ -337,7 +337,7 @@ control '33' do
  impact 1.0
  title 'CPU No execution Flag or Kernel ExecShield'
  desc 'Kernel features and CPU flags provide a protection against buffer overflows. The CPU NX Flag and the kernel parameter exec-shield prevents code execution on a per memory page basis. If the CPU supports the NX-Flag then this should be used instead of the kernel parameter exec-shield.'
-  flags = parse_config_file('/proc/cpuinfo', assignment_re: /^([^:]*?)\s+:\s+(.*?)$/).flags.split(' ')
+  flags = parse_config_file('/proc/cpuinfo', assignment_re: /^([^:]*?)\s+:\s+(.*?)$/).flags.to_s.split(' ')
  describe '/proc/cpuinfo' do
    it 'Flags should include NX' do
      expect(flags).to include('nx')