39 lines
1.2 KiB
Ruby
39 lines
1.2 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
control 'Sudoers configuration' do
|
|
title 'should match desired lines'
|
|
|
|
describe file('/etc/sudoers') do
|
|
it { should be_file }
|
|
it { should be_owned_by 'root' }
|
|
it { should be_grouped_into 'root' }
|
|
its('content') { should include '#include /etc/sudoers.d/extra-file1' }
|
|
its('content') { should include '#include /etc/sudoers.d/extra-file2' }
|
|
its('content') { should include '#include /etc/sudoers.d/extra-file3' }
|
|
end
|
|
|
|
describe file('/etc/sudoers.d/extra-file1') do
|
|
it { should be_file }
|
|
it { should be_owned_by 'root' }
|
|
it { should be_grouped_into 'root' }
|
|
its('mode') { should cmp '0440' }
|
|
its('content') { should include 'foo ALL=(ALL) ALL' }
|
|
end
|
|
|
|
describe file('/etc/sudoers.d/extra-file2') do
|
|
it { should be_file }
|
|
it { should be_owned_by 'root' }
|
|
it { should be_grouped_into 'root' }
|
|
its('mode') { should cmp '0440' }
|
|
its('content') { should include '%bargroup ALL=(ALL) NOPASSWD: ALL' }
|
|
end
|
|
|
|
describe file('/etc/sudoers.d/extra-file3') do
|
|
it { should be_file }
|
|
it { should be_owned_by 'root' }
|
|
it { should be_grouped_into 'root' }
|
|
its('mode') { should cmp '0440' }
|
|
its('content') { should include '+other_netgroup ALL=(ALL) ALL' }
|
|
end
|
|
end
|