psi-jack/formula-sudoers
1
0
Fork 0
mirror of synced 2024-12-21 22:21:07 -05:00
Code Issues Releases Wiki Activity

Merge pull request #69 from myii/test/compare-mapdata-using-yaml

Browse source 
test(map): standardise `map.jinja` verification
This commit is contained in:
Imran Iqbal 2020-12-22 12:35:55 +00:00 committed by GitHub
commit 4933e91cf7
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
20 changed files with 962 additions and 971 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
CODEOWNERS
View file

@ -19,8 +19,11 @@
/docs/AUTHORS.rst @saltstack-formulas/ssf
/docs/CHANGELOG.rst @saltstack-formulas/ssf
/docs/TOFS_pattern.rst @saltstack-formulas/ssf
/*/_mapdata/ @saltstack-formulas/ssf
/*/libsaltcli.jinja @saltstack-formulas/ssf
/*/libtofs.jinja @saltstack-formulas/ssf
/test/integration/**/_mapdata_spec.rb @saltstack-formulas/ssf
/test/integration/**/libraries/system.rb @saltstack-formulas/ssf
/test/integration/**/inspec.yml @saltstack-formulas/ssf
/test/integration/**/README.md @saltstack-formulas/ssf
/.gitignore @saltstack-formulas/ssf

12
sudoers/_mapdata/init.sls
View file

@ -3,14 +3,12 @@
---
{#- Get the `tplroot` from `tpldir` #}
{%- set tplroot = tpldir.split('/')[0] %}
{%- from tplroot ~ "/map.jinja" import sudoers with context %}
{%- from tplroot ~ "/map.jinja" import sudoers as mapdata with context %}
{%- set map = {
'sudoers': sudoers,
} %}
{%- do salt['log.debug']('### MAP.JINJA DUMP ###\n' ~ map | yaml(False)) %}
{%- do salt['log.debug']('### MAP.JINJA DUMP ###\n' ~ mapdata | yaml(False)) %}
{%- set output_file = '/tmp/salt_mapdata_dump.yaml' %}
{%- set output_dir = '/temp' if grains.os_family == 'Windows' else '/tmp' %}
{%- set output_file = output_dir ~ '/salt_mapdata_dump.yaml' %}
{{ tplroot }}-mapdata-dump:
file.managed:
@ -18,4 +16,4 @@
- source: salt://{{ tplroot }}/_mapdata/_mapdata.jinja
- template: jinja
- context:
map: {{ map | yaml }}
map: {{ mapdata | yaml }}

20
test/integration/default/controls/_mapdata_spec.rb
View file

@ -1,13 +1,23 @@
# frozen_string_literal: true
require 'yaml'
control '`map.jinja` YAML dump' do
title 'should contain the lines'
title 'should match the comparison file'
# Strip the `platform[:finger]` version number down to the "OS major release"
mapdata_file = "_mapdata/#{system.platform[:finger].split('.').first}.yaml"
mapdata_dump = inspec.profile.file(mapdata_file)
describe file('/tmp/salt_mapdata_dump.yaml') do
it { should exist }
its('content') { should eq mapdata_dump }
# Load the mapdata from profile https://docs.chef.io/inspec/profiles/#profile-files
mapdata_dump = YAML.safe_load(inspec.profile.file(mapdata_file))
# Derive the location of the dumped mapdata
output_dir = platform[:family] == 'windows' ? '/temp' : '/tmp'
output_file = "#{output_dir}/salt_mapdata_dump.yaml"
describe 'File content' do
it 'should match profile map data exactly' do
expect(yaml(output_file).params).to eq(mapdata_dump)
end
end
end

131
test/integration/default/files/_mapdata/amazonlinux-1.yaml
View file

@ -1,70 +1,69 @@
# yamllint disable rule:indentation rule:line-length
# Amazon Linux AMI-2018
---
sudoers:
aliases:
commands:
PROCESSES:
- /usr/bin/nice
- /bin/kill
- /usr/bin/renice
- /usr/bin/pkill
- /usr/bin/top
hosts:
WEBSERVERS:
- www1
- www2
- www3
users:
ADMINS:
- millert
- dowdy
- mikef
arch: amd64
configpath: /etc
defaults:
command_list:
PROCESSES: noexec
generic:
- env_reset
- mail_badpass
- secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
host_list:
www1: log_year, logfile=/var/log/sudo.log
runas_list:
root: '!set_logname'
user_list:
ADMINS: '!lecture'
johndoe: '!requiretty'
execprefix: /usr/sbin
group: root
groups:
sudo:
- ALL=(ALL) ALL
- 'ALL=(nodejs) NOPASSWD: ALL'
included_files:
/etc/sudoers.d/extra-file:
users:
foo:
- ALL=(ALL) ALL
extra-file-2:
groups:
bargroup:
- 'ALL=(ALL) NOPASSWD: ALL'
extra-file-3:
netgroups:
other_netgroup:
- ALL=(ALL) ALL
includedir: /etc/sudoers.d
manage_main_config: true
netgroups:
sysadmins:
- ALL=(ALL) ALL
pkg: sudo
purge_includedir: false
aliases:
commands:
PROCESSES:
- /usr/bin/nice
- /bin/kill
- /usr/bin/renice
- /usr/bin/pkill
- /usr/bin/top
hosts:
WEBSERVERS:
- www1
- www2
- www3
users:
johndoe:
- ALL=(ALL) ALL
- 'ALL=(root) NOPASSWD: /etc/init.d/httpd'
kitchen:
- 'ALL=(root) NOPASSWD: ALL'
ADMINS:
- millert
- dowdy
- mikef
arch: amd64
configpath: /etc
defaults:
command_list:
PROCESSES: noexec
generic:
- env_reset
- mail_badpass
- secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
host_list:
www1: log_year, logfile=/var/log/sudo.log
runas_list:
root: '!set_logname'
user_list:
ADMINS: '!lecture'
johndoe: '!requiretty'
execprefix: /usr/sbin
group: root
groups:
sudo:
- ALL=(ALL) ALL
- 'ALL=(nodejs) NOPASSWD: ALL'
included_files:
/etc/sudoers.d/extra-file:
users:
foo:
- ALL=(ALL) ALL
extra-file-2:
groups:
bargroup:
- 'ALL=(ALL) NOPASSWD: ALL'
extra-file-3:
netgroups:
other_netgroup:
- ALL=(ALL) ALL
includedir: /etc/sudoers.d
manage_main_config: true
netgroups:
sysadmins:
- ALL=(ALL) ALL
pkg: sudo
purge_includedir: false
users:
johndoe:
- ALL=(ALL) ALL
- 'ALL=(root) NOPASSWD: /etc/init.d/httpd'
kitchen:
- 'ALL=(root) NOPASSWD: ALL'

131
test/integration/default/files/_mapdata/amazonlinux-2.yaml
View file

@ -1,70 +1,69 @@
# yamllint disable rule:indentation rule:line-length
# Amazon Linux-2
---
sudoers:
aliases:
commands:
PROCESSES:
- /usr/bin/nice
- /bin/kill
- /usr/bin/renice
- /usr/bin/pkill
- /usr/bin/top
hosts:
WEBSERVERS:
- www1
- www2
- www3
users:
ADMINS:
- millert
- dowdy
- mikef
arch: amd64
configpath: /etc
defaults:
command_list:
PROCESSES: noexec
generic:
- env_reset
- mail_badpass
- secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
host_list:
www1: log_year, logfile=/var/log/sudo.log
runas_list:
root: '!set_logname'
user_list:
ADMINS: '!lecture'
johndoe: '!requiretty'
execprefix: /usr/sbin
group: root
groups:
sudo:
- ALL=(ALL) ALL
- 'ALL=(nodejs) NOPASSWD: ALL'
included_files:
/etc/sudoers.d/extra-file:
users:
foo:
- ALL=(ALL) ALL
extra-file-2:
groups:
bargroup:
- 'ALL=(ALL) NOPASSWD: ALL'
extra-file-3:
netgroups:
other_netgroup:
- ALL=(ALL) ALL
includedir: /etc/sudoers.d
manage_main_config: true
netgroups:
sysadmins:
- ALL=(ALL) ALL
pkg: sudo
purge_includedir: false
aliases:
commands:
PROCESSES:
- /usr/bin/nice
- /bin/kill
- /usr/bin/renice
- /usr/bin/pkill
- /usr/bin/top
hosts:
WEBSERVERS:
- www1
- www2
- www3
users:
johndoe:
- ALL=(ALL) ALL
- 'ALL=(root) NOPASSWD: /etc/init.d/httpd'
kitchen:
- 'ALL=(root) NOPASSWD: ALL'
ADMINS:
- millert
- dowdy
- mikef
arch: amd64
configpath: /etc
defaults:
command_list:
PROCESSES: noexec
generic:
- env_reset
- mail_badpass
- secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
host_list:
www1: log_year, logfile=/var/log/sudo.log
runas_list:
root: '!set_logname'
user_list:
ADMINS: '!lecture'
johndoe: '!requiretty'
execprefix: /usr/sbin
group: root
groups:
sudo:
- ALL=(ALL) ALL
- 'ALL=(nodejs) NOPASSWD: ALL'
included_files:
/etc/sudoers.d/extra-file:
users:
foo:
- ALL=(ALL) ALL
extra-file-2:
groups:
bargroup:
- 'ALL=(ALL) NOPASSWD: ALL'
extra-file-3:
netgroups:
other_netgroup:
- ALL=(ALL) ALL
includedir: /etc/sudoers.d
manage_main_config: true
netgroups:
sysadmins:
- ALL=(ALL) ALL
pkg: sudo
purge_includedir: false
users:
johndoe:
- ALL=(ALL) ALL
- 'ALL=(root) NOPASSWD: /etc/init.d/httpd'
kitchen:
- 'ALL=(root) NOPASSWD: ALL'

131
test/integration/default/files/_mapdata/arch-base-latest.yaml
View file

@ -1,70 +1,69 @@
# yamllint disable rule:indentation rule:line-length
# Arch
---
sudoers:
aliases:
commands:
PROCESSES:
- /usr/bin/nice
- /bin/kill
- /usr/bin/renice
- /usr/bin/pkill
- /usr/bin/top
hosts:
WEBSERVERS:
- www1
- www2
- www3
users:
ADMINS:
- millert
- dowdy
- mikef
arch: amd64
configpath: /etc
defaults:
command_list:
PROCESSES: noexec
generic:
- env_reset
- mail_badpass
- secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
host_list:
www1: log_year, logfile=/var/log/sudo.log
runas_list:
root: '!set_logname'
user_list:
ADMINS: '!lecture'
johndoe: '!requiretty'
execprefix: /usr/sbin
group: root
groups:
sudo:
- ALL=(ALL) ALL
- 'ALL=(nodejs) NOPASSWD: ALL'
included_files:
/etc/sudoers.d/extra-file:
users:
foo:
- ALL=(ALL) ALL
extra-file-2:
groups:
bargroup:
- 'ALL=(ALL) NOPASSWD: ALL'
extra-file-3:
netgroups:
other_netgroup:
- ALL=(ALL) ALL
includedir: /etc/sudoers.d
manage_main_config: true
netgroups:
sysadmins:
- ALL=(ALL) ALL
pkg: sudo
purge_includedir: false
aliases:
commands:
PROCESSES:
- /usr/bin/nice
- /bin/kill
- /usr/bin/renice
- /usr/bin/pkill
- /usr/bin/top
hosts:
WEBSERVERS:
- www1
- www2
- www3
users:
johndoe:
- ALL=(ALL) ALL
- 'ALL=(root) NOPASSWD: /etc/init.d/httpd'
kitchen:
- 'ALL=(root) NOPASSWD: ALL'
ADMINS:
- millert
- dowdy
- mikef
arch: amd64
configpath: /etc
defaults:
command_list:
PROCESSES: noexec
generic:
- env_reset
- mail_badpass
- secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
host_list:
www1: log_year, logfile=/var/log/sudo.log
runas_list:
root: '!set_logname'
user_list:
ADMINS: '!lecture'
johndoe: '!requiretty'
execprefix: /usr/sbin
group: root
groups:
sudo:
- ALL=(ALL) ALL
- 'ALL=(nodejs) NOPASSWD: ALL'
included_files:
/etc/sudoers.d/extra-file:
users:
foo:
- ALL=(ALL) ALL
extra-file-2:
groups:
bargroup:
- 'ALL=(ALL) NOPASSWD: ALL'
extra-file-3:
netgroups:
other_netgroup:
- ALL=(ALL) ALL
includedir: /etc/sudoers.d
manage_main_config: true
netgroups:
sysadmins:
- ALL=(ALL) ALL
pkg: sudo
purge_includedir: false
users:
johndoe:
- ALL=(ALL) ALL
- 'ALL=(root) NOPASSWD: /etc/init.d/httpd'
kitchen:
- 'ALL=(root) NOPASSWD: ALL'

131
test/integration/default/files/_mapdata/centos-6.yaml
View file

@ -1,70 +1,69 @@
# yamllint disable rule:indentation rule:line-length
# CentOS-6
---
sudoers:
aliases:
commands:
PROCESSES:
- /usr/bin/nice
- /bin/kill
- /usr/bin/renice
- /usr/bin/pkill
- /usr/bin/top
hosts:
WEBSERVERS:
- www1
- www2
- www3
users:
ADMINS:
- millert
- dowdy
- mikef
arch: amd64
configpath: /etc
defaults:
command_list:
PROCESSES: noexec
generic:
- env_reset
- mail_badpass
- secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
host_list:
www1: log_year, logfile=/var/log/sudo.log
runas_list:
root: '!set_logname'
user_list:
ADMINS: '!lecture'
johndoe: '!requiretty'
execprefix: /usr/sbin
group: root
groups:
sudo:
- ALL=(ALL) ALL
- 'ALL=(nodejs) NOPASSWD: ALL'
included_files:
/etc/sudoers.d/extra-file:
users:
foo:
- ALL=(ALL) ALL
extra-file-2:
groups:
bargroup:
- 'ALL=(ALL) NOPASSWD: ALL'
extra-file-3:
netgroups:
other_netgroup:
- ALL=(ALL) ALL
includedir: /etc/sudoers.d
manage_main_config: true
netgroups:
sysadmins:
- ALL=(ALL) ALL
pkg: sudo
purge_includedir: false
aliases:
commands:
PROCESSES:
- /usr/bin/nice
- /bin/kill
- /usr/bin/renice
- /usr/bin/pkill
- /usr/bin/top
hosts:
WEBSERVERS:
- www1
- www2
- www3
users:
johndoe:
- ALL=(ALL) ALL
- 'ALL=(root) NOPASSWD: /etc/init.d/httpd'
kitchen:
- 'ALL=(root) NOPASSWD: ALL'
ADMINS:
- millert
- dowdy
- mikef
arch: amd64
configpath: /etc
defaults:
command_list:
PROCESSES: noexec
generic:
- env_reset
- mail_badpass
- secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
host_list:
www1: log_year, logfile=/var/log/sudo.log
runas_list:
root: '!set_logname'
user_list:
ADMINS: '!lecture'
johndoe: '!requiretty'
execprefix: /usr/sbin
group: root
groups:
sudo:
- ALL=(ALL) ALL
- 'ALL=(nodejs) NOPASSWD: ALL'
included_files:
/etc/sudoers.d/extra-file:
users:
foo:
- ALL=(ALL) ALL
extra-file-2:
groups:
bargroup:
- 'ALL=(ALL) NOPASSWD: ALL'
extra-file-3:
netgroups:
other_netgroup:
- ALL=(ALL) ALL
includedir: /etc/sudoers.d
manage_main_config: true
netgroups:
sysadmins:
- ALL=(ALL) ALL
pkg: sudo
purge_includedir: false
users:
johndoe:
- ALL=(ALL) ALL
- 'ALL=(root) NOPASSWD: /etc/init.d/httpd'
kitchen:
- 'ALL=(root) NOPASSWD: ALL'

131
test/integration/default/files/_mapdata/centos-7.yaml
View file

@ -1,70 +1,69 @@
# yamllint disable rule:indentation rule:line-length
# CentOS Linux-7
---
sudoers:
aliases:
commands:
PROCESSES:
- /usr/bin/nice
- /bin/kill
- /usr/bin/renice
- /usr/bin/pkill
- /usr/bin/top
hosts:
WEBSERVERS:
- www1
- www2
- www3
users:
ADMINS:
- millert
- dowdy
- mikef
arch: amd64
configpath: /etc
defaults:
command_list:
PROCESSES: noexec
generic:
- env_reset
- mail_badpass
- secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
host_list:
www1: log_year, logfile=/var/log/sudo.log
runas_list:
root: '!set_logname'
user_list:
ADMINS: '!lecture'
johndoe: '!requiretty'
execprefix: /usr/sbin
group: root
groups:
sudo:
- ALL=(ALL) ALL
- 'ALL=(nodejs) NOPASSWD: ALL'
included_files:
/etc/sudoers.d/extra-file:
users:
foo:
- ALL=(ALL) ALL
extra-file-2:
groups:
bargroup:
- 'ALL=(ALL) NOPASSWD: ALL'
extra-file-3:
netgroups:
other_netgroup:
- ALL=(ALL) ALL
includedir: /etc/sudoers.d
manage_main_config: true
netgroups:
sysadmins:
- ALL=(ALL) ALL
pkg: sudo
purge_includedir: false
aliases:
commands:
PROCESSES:
- /usr/bin/nice
- /bin/kill
- /usr/bin/renice
- /usr/bin/pkill
- /usr/bin/top
hosts:
WEBSERVERS:
- www1
- www2
- www3
users:
johndoe:
- ALL=(ALL) ALL
- 'ALL=(root) NOPASSWD: /etc/init.d/httpd'
kitchen:
- 'ALL=(root) NOPASSWD: ALL'
ADMINS:
- millert
- dowdy
- mikef
arch: amd64
configpath: /etc
defaults:
command_list:
PROCESSES: noexec
generic:
- env_reset
- mail_badpass
- secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
host_list:
www1: log_year, logfile=/var/log/sudo.log
runas_list:
root: '!set_logname'
user_list:
ADMINS: '!lecture'
johndoe: '!requiretty'
execprefix: /usr/sbin
group: root
groups:
sudo:
- ALL=(ALL) ALL
- 'ALL=(nodejs) NOPASSWD: ALL'
included_files:
/etc/sudoers.d/extra-file:
users:
foo:
- ALL=(ALL) ALL
extra-file-2:
groups:
bargroup:
- 'ALL=(ALL) NOPASSWD: ALL'
extra-file-3:
netgroups:
other_netgroup:
- ALL=(ALL) ALL
includedir: /etc/sudoers.d
manage_main_config: true
netgroups:
sysadmins:
- ALL=(ALL) ALL
pkg: sudo
purge_includedir: false
users:
johndoe:
- ALL=(ALL) ALL
- 'ALL=(root) NOPASSWD: /etc/init.d/httpd'
kitchen:
- 'ALL=(root) NOPASSWD: ALL'

131
test/integration/default/files/_mapdata/centos-8.yaml
View file

@ -1,70 +1,69 @@
# yamllint disable rule:indentation rule:line-length
# CentOS Linux-8
---
sudoers:
aliases:
commands:
PROCESSES:
- /usr/bin/nice
- /bin/kill
- /usr/bin/renice
- /usr/bin/pkill
- /usr/bin/top
hosts:
WEBSERVERS:
- www1
- www2
- www3
users:
ADMINS:
- millert
- dowdy
- mikef
arch: amd64
configpath: /etc
defaults:
command_list:
PROCESSES: noexec
generic:
- env_reset
- mail_badpass
- secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
host_list:
www1: log_year, logfile=/var/log/sudo.log
runas_list:
root: '!set_logname'
user_list:
ADMINS: '!lecture'
johndoe: '!requiretty'
execprefix: /usr/sbin
group: root
groups:
sudo:
- ALL=(ALL) ALL
- 'ALL=(nodejs) NOPASSWD: ALL'
included_files:
/etc/sudoers.d/extra-file:
users:
foo:
- ALL=(ALL) ALL
extra-file-2:
groups:
bargroup:
- 'ALL=(ALL) NOPASSWD: ALL'
extra-file-3:
netgroups:
other_netgroup:
- ALL=(ALL) ALL
includedir: /etc/sudoers.d
manage_main_config: true
netgroups:
sysadmins:
- ALL=(ALL) ALL
pkg: sudo
purge_includedir: false
aliases:
commands:
PROCESSES:
- /usr/bin/nice
- /bin/kill
- /usr/bin/renice
- /usr/bin/pkill
- /usr/bin/top
hosts:
WEBSERVERS:
- www1
- www2
- www3
users:
johndoe:
- ALL=(ALL) ALL
- 'ALL=(root) NOPASSWD: /etc/init.d/httpd'
kitchen:
- 'ALL=(root) NOPASSWD: ALL'
ADMINS:
- millert
- dowdy
- mikef
arch: amd64
configpath: /etc
defaults:
command_list:
PROCESSES: noexec
generic:
- env_reset
- mail_badpass
- secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
host_list:
www1: log_year, logfile=/var/log/sudo.log
runas_list:
root: '!set_logname'
user_list:
ADMINS: '!lecture'
johndoe: '!requiretty'
execprefix: /usr/sbin
group: root
groups:
sudo:
- ALL=(ALL) ALL
- 'ALL=(nodejs) NOPASSWD: ALL'
included_files:
/etc/sudoers.d/extra-file:
users:
foo:
- ALL=(ALL) ALL
extra-file-2:
groups:
bargroup:
- 'ALL=(ALL) NOPASSWD: ALL'
extra-file-3:
netgroups:
other_netgroup:
- ALL=(ALL) ALL
includedir: /etc/sudoers.d
manage_main_config: true
netgroups:
sysadmins:
- ALL=(ALL) ALL
pkg: sudo
purge_includedir: false
users:
johndoe:
- ALL=(ALL) ALL
- 'ALL=(root) NOPASSWD: /etc/init.d/httpd'
kitchen:
- 'ALL=(root) NOPASSWD: ALL'

131
test/integration/default/files/_mapdata/debian-10.yaml
View file

@ -1,70 +1,69 @@
# yamllint disable rule:indentation rule:line-length
# Debian-10
---
sudoers:
aliases:
commands:
PROCESSES:
- /usr/bin/nice
- /bin/kill
- /usr/bin/renice
- /usr/bin/pkill
- /usr/bin/top
hosts:
WEBSERVERS:
- www1
- www2
- www3
users:
ADMINS:
- millert
- dowdy
- mikef
arch: amd64
configpath: /etc
defaults:
command_list:
PROCESSES: noexec
generic:
- env_reset
- mail_badpass
- secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
host_list:
www1: log_year, logfile=/var/log/sudo.log
runas_list:
root: '!set_logname'
user_list:
ADMINS: '!lecture'
johndoe: '!requiretty'
execprefix: /usr/sbin
group: root
groups:
sudo:
- ALL=(ALL) ALL
- 'ALL=(nodejs) NOPASSWD: ALL'
included_files:
/etc/sudoers.d/extra-file:
users:
foo:
- ALL=(ALL) ALL
extra-file-2:
groups:
bargroup:
- 'ALL=(ALL) NOPASSWD: ALL'
extra-file-3:
netgroups:
other_netgroup:
- ALL=(ALL) ALL
includedir: /etc/sudoers.d
manage_main_config: true
netgroups:
sysadmins:
- ALL=(ALL) ALL
pkg: sudo
purge_includedir: false
aliases:
commands:
PROCESSES:
- /usr/bin/nice
- /bin/kill
- /usr/bin/renice
- /usr/bin/pkill
- /usr/bin/top
hosts:
WEBSERVERS:
- www1
- www2
- www3
users:
johndoe:
- ALL=(ALL) ALL
- 'ALL=(root) NOPASSWD: /etc/init.d/httpd'
kitchen:
- 'ALL=(root) NOPASSWD: ALL'
ADMINS:
- millert
- dowdy
- mikef
arch: amd64
configpath: /etc
defaults:
command_list:
PROCESSES: noexec
generic:
- env_reset
- mail_badpass
- secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
host_list:
www1: log_year, logfile=/var/log/sudo.log
runas_list:
root: '!set_logname'
user_list:
ADMINS: '!lecture'
johndoe: '!requiretty'
execprefix: /usr/sbin
group: root
groups:
sudo:
- ALL=(ALL) ALL
- 'ALL=(nodejs) NOPASSWD: ALL'
included_files:
/etc/sudoers.d/extra-file:
users:
foo:
- ALL=(ALL) ALL
extra-file-2:
groups:
bargroup:
- 'ALL=(ALL) NOPASSWD: ALL'
extra-file-3:
netgroups:
other_netgroup:
- ALL=(ALL) ALL
includedir: /etc/sudoers.d
manage_main_config: true
netgroups:
sysadmins:
- ALL=(ALL) ALL
pkg: sudo
purge_includedir: false
users:
johndoe:
- ALL=(ALL) ALL
- 'ALL=(root) NOPASSWD: /etc/init.d/httpd'
kitchen:
- 'ALL=(root) NOPASSWD: ALL'

131
test/integration/default/files/_mapdata/debian-9.yaml
View file

@ -1,70 +1,69 @@
# yamllint disable rule:indentation rule:line-length
# Debian-9
---
sudoers:
aliases:
commands:
PROCESSES:
- /usr/bin/nice
- /bin/kill
- /usr/bin/renice
- /usr/bin/pkill
- /usr/bin/top
hosts:
WEBSERVERS:
- www1
- www2
- www3
users:
ADMINS:
- millert
- dowdy
- mikef
arch: amd64
configpath: /etc
defaults:
command_list:
PROCESSES: noexec
generic:
- env_reset
- mail_badpass
- secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
host_list:
www1: log_year, logfile=/var/log/sudo.log
runas_list:
root: '!set_logname'
user_list:
ADMINS: '!lecture'
johndoe: '!requiretty'
execprefix: /usr/sbin
group: root
groups:
sudo:
- ALL=(ALL) ALL
- 'ALL=(nodejs) NOPASSWD: ALL'
included_files:
/etc/sudoers.d/extra-file:
users:
foo:
- ALL=(ALL) ALL
extra-file-2:
groups:
bargroup:
- 'ALL=(ALL) NOPASSWD: ALL'
extra-file-3:
netgroups:
other_netgroup:
- ALL=(ALL) ALL
includedir: /etc/sudoers.d
manage_main_config: true
netgroups:
sysadmins:
- ALL=(ALL) ALL
pkg: sudo
purge_includedir: false
aliases:
commands:
PROCESSES:
- /usr/bin/nice
- /bin/kill
- /usr/bin/renice
- /usr/bin/pkill
- /usr/bin/top
hosts:
WEBSERVERS:
- www1
- www2
- www3
users:
johndoe:
- ALL=(ALL) ALL
- 'ALL=(root) NOPASSWD: /etc/init.d/httpd'
kitchen:
- 'ALL=(root) NOPASSWD: ALL'
ADMINS:
- millert
- dowdy
- mikef
arch: amd64
configpath: /etc
defaults:
command_list:
PROCESSES: noexec
generic:
- env_reset
- mail_badpass
- secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
host_list:
www1: log_year, logfile=/var/log/sudo.log
runas_list:
root: '!set_logname'
user_list:
ADMINS: '!lecture'
johndoe: '!requiretty'
execprefix: /usr/sbin
group: root
groups:
sudo:
- ALL=(ALL) ALL
- 'ALL=(nodejs) NOPASSWD: ALL'
included_files:
/etc/sudoers.d/extra-file:
users:
foo:
- ALL=(ALL) ALL
extra-file-2:
groups:
bargroup:
- 'ALL=(ALL) NOPASSWD: ALL'
extra-file-3:
netgroups:
other_netgroup:
- ALL=(ALL) ALL
includedir: /etc/sudoers.d
manage_main_config: true
netgroups:
sysadmins:
- ALL=(ALL) ALL
pkg: sudo
purge_includedir: false
users:
johndoe:
- ALL=(ALL) ALL
- 'ALL=(root) NOPASSWD: /etc/init.d/httpd'
kitchen:
- 'ALL=(root) NOPASSWD: ALL'

131
test/integration/default/files/_mapdata/fedora-31.yaml
View file

@ -1,70 +1,69 @@
# yamllint disable rule:indentation rule:line-length
# Fedora-31
---
sudoers:
aliases:
commands:
PROCESSES:
- /usr/bin/nice
- /bin/kill
- /usr/bin/renice
- /usr/bin/pkill
- /usr/bin/top
hosts:
WEBSERVERS:
- www1
- www2
- www3
users:
ADMINS:
- millert
- dowdy
- mikef
arch: amd64
configpath: /etc
defaults:
command_list:
PROCESSES: noexec
generic:
- env_reset
- mail_badpass
- secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
host_list:
www1: log_year, logfile=/var/log/sudo.log
runas_list:
root: '!set_logname'
user_list:
ADMINS: '!lecture'
johndoe: '!requiretty'
execprefix: /usr/sbin
group: root
groups:
sudo:
- ALL=(ALL) ALL
- 'ALL=(nodejs) NOPASSWD: ALL'
included_files:
/etc/sudoers.d/extra-file:
users:
foo:
- ALL=(ALL) ALL
extra-file-2:
groups:
bargroup:
- 'ALL=(ALL) NOPASSWD: ALL'
extra-file-3:
netgroups:
other_netgroup:
- ALL=(ALL) ALL
includedir: /etc/sudoers.d
manage_main_config: true
netgroups:
sysadmins:
- ALL=(ALL) ALL
pkg: sudo
purge_includedir: false
aliases:
commands:
PROCESSES:
- /usr/bin/nice
- /bin/kill
- /usr/bin/renice
- /usr/bin/pkill
- /usr/bin/top
hosts:
WEBSERVERS:
- www1
- www2
- www3
users:
johndoe:
- ALL=(ALL) ALL
- 'ALL=(root) NOPASSWD: /etc/init.d/httpd'
kitchen:
- 'ALL=(root) NOPASSWD: ALL'
ADMINS:
- millert
- dowdy
- mikef
arch: amd64
configpath: /etc
defaults:
command_list:
PROCESSES: noexec
generic:
- env_reset
- mail_badpass
- secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
host_list:
www1: log_year, logfile=/var/log/sudo.log
runas_list:
root: '!set_logname'
user_list:
ADMINS: '!lecture'
johndoe: '!requiretty'
execprefix: /usr/sbin
group: root
groups:
sudo:
- ALL=(ALL) ALL
- 'ALL=(nodejs) NOPASSWD: ALL'
included_files:
/etc/sudoers.d/extra-file:
users:
foo:
- ALL=(ALL) ALL
extra-file-2:
groups:
bargroup:
- 'ALL=(ALL) NOPASSWD: ALL'
extra-file-3:
netgroups:
other_netgroup:
- ALL=(ALL) ALL
includedir: /etc/sudoers.d
manage_main_config: true
netgroups:
sysadmins:
- ALL=(ALL) ALL
pkg: sudo
purge_includedir: false
users:
johndoe:
- ALL=(ALL) ALL
- 'ALL=(root) NOPASSWD: /etc/init.d/httpd'
kitchen:
- 'ALL=(root) NOPASSWD: ALL'

131
test/integration/default/files/_mapdata/fedora-32.yaml
View file

@ -1,70 +1,69 @@
# yamllint disable rule:indentation rule:line-length
# Fedora-32
---
sudoers:
aliases:
commands:
PROCESSES:
- /usr/bin/nice
- /bin/kill
- /usr/bin/renice
- /usr/bin/pkill
- /usr/bin/top
hosts:
WEBSERVERS:
- www1
- www2
- www3
users:
ADMINS:
- millert
- dowdy
- mikef
arch: amd64
configpath: /etc
defaults:
command_list:
PROCESSES: noexec
generic:
- env_reset
- mail_badpass
- secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
host_list:
www1: log_year, logfile=/var/log/sudo.log
runas_list:
root: '!set_logname'
user_list:
ADMINS: '!lecture'
johndoe: '!requiretty'
execprefix: /usr/sbin
group: root
groups:
sudo:
- ALL=(ALL) ALL
- 'ALL=(nodejs) NOPASSWD: ALL'
included_files:
/etc/sudoers.d/extra-file:
users:
foo:
- ALL=(ALL) ALL
extra-file-2:
groups:
bargroup:
- 'ALL=(ALL) NOPASSWD: ALL'
extra-file-3:
netgroups:
other_netgroup:
- ALL=(ALL) ALL
includedir: /etc/sudoers.d
manage_main_config: true
netgroups:
sysadmins:
- ALL=(ALL) ALL
pkg: sudo
purge_includedir: false
aliases:
commands:
PROCESSES:
- /usr/bin/nice
- /bin/kill
- /usr/bin/renice
- /usr/bin/pkill
- /usr/bin/top
hosts:
WEBSERVERS:
- www1
- www2
- www3
users:
johndoe:
- ALL=(ALL) ALL
- 'ALL=(root) NOPASSWD: /etc/init.d/httpd'
kitchen:
- 'ALL=(root) NOPASSWD: ALL'
ADMINS:
- millert
- dowdy
- mikef
arch: amd64
configpath: /etc
defaults:
command_list:
PROCESSES: noexec
generic:
- env_reset
- mail_badpass
- secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
host_list:
www1: log_year, logfile=/var/log/sudo.log
runas_list:
root: '!set_logname'
user_list:
ADMINS: '!lecture'
johndoe: '!requiretty'
execprefix: /usr/sbin
group: root
groups:
sudo:
- ALL=(ALL) ALL
- 'ALL=(nodejs) NOPASSWD: ALL'
included_files:
/etc/sudoers.d/extra-file:
users:
foo:
- ALL=(ALL) ALL
extra-file-2:
groups:
bargroup:
- 'ALL=(ALL) NOPASSWD: ALL'
extra-file-3:
netgroups:
other_netgroup:
- ALL=(ALL) ALL
includedir: /etc/sudoers.d
manage_main_config: true
netgroups:
sysadmins:
- ALL=(ALL) ALL
pkg: sudo
purge_includedir: false
users:
johndoe:
- ALL=(ALL) ALL
- 'ALL=(root) NOPASSWD: /etc/init.d/httpd'
kitchen:
- 'ALL=(root) NOPASSWD: ALL'

131
test/integration/default/files/_mapdata/opensuse-15.yaml
View file

@ -1,70 +1,69 @@
# yamllint disable rule:indentation rule:line-length
# Leap-15
---
sudoers:
aliases:
commands:
PROCESSES:
- /usr/bin/nice
- /bin/kill
- /usr/bin/renice
- /usr/bin/pkill
- /usr/bin/top
hosts:
WEBSERVERS:
- www1
- www2
- www3
users:
ADMINS:
- millert
- dowdy
- mikef
arch: amd64
configpath: /etc
defaults:
command_list:
PROCESSES: noexec
generic:
- env_reset
- mail_badpass
- secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
host_list:
www1: log_year, logfile=/var/log/sudo.log
runas_list:
root: '!set_logname'
user_list:
ADMINS: '!lecture'
johndoe: '!requiretty'
execprefix: /usr/sbin
group: root
groups:
sudo:
- ALL=(ALL) ALL
- 'ALL=(nodejs) NOPASSWD: ALL'
included_files:
/etc/sudoers.d/extra-file:
users:
foo:
- ALL=(ALL) ALL
extra-file-2:
groups:
bargroup:
- 'ALL=(ALL) NOPASSWD: ALL'
extra-file-3:
netgroups:
other_netgroup:
- ALL=(ALL) ALL
includedir: /etc/sudoers.d
manage_main_config: true
netgroups:
sysadmins:
- ALL=(ALL) ALL
pkg: sudo
purge_includedir: false
aliases:
commands:
PROCESSES:
- /usr/bin/nice
- /bin/kill
- /usr/bin/renice
- /usr/bin/pkill
- /usr/bin/top
hosts:
WEBSERVERS:
- www1
- www2
- www3
users:
johndoe:
- ALL=(ALL) ALL
- 'ALL=(root) NOPASSWD: /etc/init.d/httpd'
kitchen:
- 'ALL=(root) NOPASSWD: ALL'
ADMINS:
- millert
- dowdy
- mikef
arch: amd64
configpath: /etc
defaults:
command_list:
PROCESSES: noexec
generic:
- env_reset
- mail_badpass
- secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
host_list:
www1: log_year, logfile=/var/log/sudo.log
runas_list:
root: '!set_logname'
user_list:
ADMINS: '!lecture'
johndoe: '!requiretty'
execprefix: /usr/sbin
group: root
groups:
sudo:
- ALL=(ALL) ALL
- 'ALL=(nodejs) NOPASSWD: ALL'
included_files:
/etc/sudoers.d/extra-file:
users:
foo:
- ALL=(ALL) ALL
extra-file-2:
groups:
bargroup:
- 'ALL=(ALL) NOPASSWD: ALL'
extra-file-3:
netgroups:
other_netgroup:
- ALL=(ALL) ALL
includedir: /etc/sudoers.d
manage_main_config: true
netgroups:
sysadmins:
- ALL=(ALL) ALL
pkg: sudo
purge_includedir: false
users:
johndoe:
- ALL=(ALL) ALL
- 'ALL=(root) NOPASSWD: /etc/init.d/httpd'
kitchen:
- 'ALL=(root) NOPASSWD: ALL'

131
test/integration/default/files/_mapdata/ubuntu-16.yaml
View file

@ -1,70 +1,69 @@
# yamllint disable rule:indentation rule:line-length
# Ubuntu-16.04
---
sudoers:
aliases:
commands:
PROCESSES:
- /usr/bin/nice
- /bin/kill
- /usr/bin/renice
- /usr/bin/pkill
- /usr/bin/top
hosts:
WEBSERVERS:
- www1
- www2
- www3
users:
ADMINS:
- millert
- dowdy
- mikef
arch: amd64
configpath: /etc
defaults:
command_list:
PROCESSES: noexec
generic:
- env_reset
- mail_badpass
- secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
host_list:
www1: log_year, logfile=/var/log/sudo.log
runas_list:
root: '!set_logname'
user_list:
ADMINS: '!lecture'
johndoe: '!requiretty'
execprefix: /usr/sbin
group: root
groups:
sudo:
- ALL=(ALL) ALL
- 'ALL=(nodejs) NOPASSWD: ALL'
included_files:
/etc/sudoers.d/extra-file:
users:
foo:
- ALL=(ALL) ALL
extra-file-2:
groups:
bargroup:
- 'ALL=(ALL) NOPASSWD: ALL'
extra-file-3:
netgroups:
other_netgroup:
- ALL=(ALL) ALL
includedir: /etc/sudoers.d
manage_main_config: true
netgroups:
sysadmins:
- ALL=(ALL) ALL
pkg: sudo
purge_includedir: false
aliases:
commands:
PROCESSES:
- /usr/bin/nice
- /bin/kill
- /usr/bin/renice
- /usr/bin/pkill
- /usr/bin/top
hosts:
WEBSERVERS:
- www1
- www2
- www3
users:
johndoe:
- ALL=(ALL) ALL
- 'ALL=(root) NOPASSWD: /etc/init.d/httpd'
kitchen:
- 'ALL=(root) NOPASSWD: ALL'
ADMINS:
- millert
- dowdy
- mikef
arch: amd64
configpath: /etc
defaults:
command_list:
PROCESSES: noexec
generic:
- env_reset
- mail_badpass
- secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
host_list:
www1: log_year, logfile=/var/log/sudo.log
runas_list:
root: '!set_logname'
user_list:
ADMINS: '!lecture'
johndoe: '!requiretty'
execprefix: /usr/sbin
group: root
groups:
sudo:
- ALL=(ALL) ALL
- 'ALL=(nodejs) NOPASSWD: ALL'
included_files:
/etc/sudoers.d/extra-file:
users:
foo:
- ALL=(ALL) ALL
extra-file-2:
groups:
bargroup:
- 'ALL=(ALL) NOPASSWD: ALL'
extra-file-3:
netgroups:
other_netgroup:
- ALL=(ALL) ALL
includedir: /etc/sudoers.d
manage_main_config: true
netgroups:
sysadmins:
- ALL=(ALL) ALL
pkg: sudo
purge_includedir: false
users:
johndoe:
- ALL=(ALL) ALL
- 'ALL=(root) NOPASSWD: /etc/init.d/httpd'
kitchen:
- 'ALL=(root) NOPASSWD: ALL'

131
test/integration/default/files/_mapdata/ubuntu-18.yaml
View file

@ -1,70 +1,69 @@
# yamllint disable rule:indentation rule:line-length
# Ubuntu-18.04
---
sudoers:
aliases:
commands:
PROCESSES:
- /usr/bin/nice
- /bin/kill
- /usr/bin/renice
- /usr/bin/pkill
- /usr/bin/top
hosts:
WEBSERVERS:
- www1
- www2
- www3
users:
ADMINS:
- millert
- dowdy
- mikef
arch: amd64
configpath: /etc
defaults:
command_list:
PROCESSES: noexec
generic:
- env_reset
- mail_badpass
- secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
host_list:
www1: log_year, logfile=/var/log/sudo.log
runas_list:
root: '!set_logname'
user_list:
ADMINS: '!lecture'
johndoe: '!requiretty'
execprefix: /usr/sbin
group: root
groups:
sudo:
- ALL=(ALL) ALL
- 'ALL=(nodejs) NOPASSWD: ALL'
included_files:
/etc/sudoers.d/extra-file:
users:
foo:
- ALL=(ALL) ALL
extra-file-2:
groups:
bargroup:
- 'ALL=(ALL) NOPASSWD: ALL'
extra-file-3:
netgroups:
other_netgroup:
- ALL=(ALL) ALL
includedir: /etc/sudoers.d
manage_main_config: true
netgroups:
sysadmins:
- ALL=(ALL) ALL
pkg: sudo
purge_includedir: false
aliases:
commands:
PROCESSES:
- /usr/bin/nice
- /bin/kill
- /usr/bin/renice
- /usr/bin/pkill
- /usr/bin/top
hosts:
WEBSERVERS:
- www1
- www2
- www3
users:
johndoe:
- ALL=(ALL) ALL
- 'ALL=(root) NOPASSWD: /etc/init.d/httpd'
kitchen:
- 'ALL=(root) NOPASSWD: ALL'
ADMINS:
- millert
- dowdy
- mikef
arch: amd64
configpath: /etc
defaults:
command_list:
PROCESSES: noexec
generic:
- env_reset
- mail_badpass
- secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
host_list:
www1: log_year, logfile=/var/log/sudo.log
runas_list:
root: '!set_logname'
user_list:
ADMINS: '!lecture'
johndoe: '!requiretty'
execprefix: /usr/sbin
group: root
groups:
sudo:
- ALL=(ALL) ALL
- 'ALL=(nodejs) NOPASSWD: ALL'
included_files:
/etc/sudoers.d/extra-file:
users:
foo:
- ALL=(ALL) ALL
extra-file-2:
groups:
bargroup:
- 'ALL=(ALL) NOPASSWD: ALL'
extra-file-3:
netgroups:
other_netgroup:
- ALL=(ALL) ALL
includedir: /etc/sudoers.d
manage_main_config: true
netgroups:
sysadmins:
- ALL=(ALL) ALL
pkg: sudo
purge_includedir: false
users:
johndoe:
- ALL=(ALL) ALL
- 'ALL=(root) NOPASSWD: /etc/init.d/httpd'
kitchen:
- 'ALL=(root) NOPASSWD: ALL'

131
test/integration/default/files/_mapdata/ubuntu-20.yaml
View file

@ -1,70 +1,69 @@
# yamllint disable rule:indentation rule:line-length
# Ubuntu-20.04
---
sudoers:
aliases:
commands:
PROCESSES:
- /usr/bin/nice
- /bin/kill
- /usr/bin/renice
- /usr/bin/pkill
- /usr/bin/top
hosts:
WEBSERVERS:
- www1
- www2
- www3
users:
ADMINS:
- millert
- dowdy
- mikef
arch: amd64
configpath: /etc
defaults:
command_list:
PROCESSES: noexec
generic:
- env_reset
- mail_badpass
- secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
host_list:
www1: log_year, logfile=/var/log/sudo.log
runas_list:
root: '!set_logname'
user_list:
ADMINS: '!lecture'
johndoe: '!requiretty'
execprefix: /usr/sbin
group: root
groups:
sudo:
- ALL=(ALL) ALL
- 'ALL=(nodejs) NOPASSWD: ALL'
included_files:
/etc/sudoers.d/extra-file:
users:
foo:
- ALL=(ALL) ALL
extra-file-2:
groups:
bargroup:
- 'ALL=(ALL) NOPASSWD: ALL'
extra-file-3:
netgroups:
other_netgroup:
- ALL=(ALL) ALL
includedir: /etc/sudoers.d
manage_main_config: true
netgroups:
sysadmins:
- ALL=(ALL) ALL
pkg: sudo
purge_includedir: false
aliases:
commands:
PROCESSES:
- /usr/bin/nice
- /bin/kill
- /usr/bin/renice
- /usr/bin/pkill
- /usr/bin/top
hosts:
WEBSERVERS:
- www1
- www2
- www3
users:
johndoe:
- ALL=(ALL) ALL
- 'ALL=(root) NOPASSWD: /etc/init.d/httpd'
kitchen:
- 'ALL=(root) NOPASSWD: ALL'
ADMINS:
- millert
- dowdy
- mikef
arch: amd64
configpath: /etc
defaults:
command_list:
PROCESSES: noexec
generic:
- env_reset
- mail_badpass
- secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
host_list:
www1: log_year, logfile=/var/log/sudo.log
runas_list:
root: '!set_logname'
user_list:
ADMINS: '!lecture'
johndoe: '!requiretty'
execprefix: /usr/sbin
group: root
groups:
sudo:
- ALL=(ALL) ALL
- 'ALL=(nodejs) NOPASSWD: ALL'
included_files:
/etc/sudoers.d/extra-file:
users:
foo:
- ALL=(ALL) ALL
extra-file-2:
groups:
bargroup:
- 'ALL=(ALL) NOPASSWD: ALL'
extra-file-3:
netgroups:
other_netgroup:
- ALL=(ALL) ALL
includedir: /etc/sudoers.d
manage_main_config: true
netgroups:
sysadmins:
- ALL=(ALL) ALL
pkg: sudo
purge_includedir: false
users:
johndoe:
- ALL=(ALL) ALL
- 'ALL=(root) NOPASSWD: /etc/init.d/httpd'
kitchen:
- 'ALL=(root) NOPASSWD: ALL'

43
test/integration/share/README.md
View file

@ -2,37 +2,20 @@
This shows the implementation of the `share` InSpec [profile](https://github.com/inspec/inspec/blob/master/docs/profiles.md).
It's goal is to share the libraries between all profiles.
Its goal is to share the libraries between all profiles.
## Verify a profile
## Libraries
InSpec ships with built-in features to verify a profile structure.
### `system`
```bash
$ inspec check share
Summary
-------
Location: share
Profile: profile
Controls: 4
Timestamp: 2019-06-24T23:09:01+00:00
Valid: true
The `system` library provides easy access to system dependent information:
Errors
------
Warnings
--------
```
## Execute a profile
To run all **supported** controls on a local machine use `inspec exec /path/to/profile`.
```bash
$ inspec exec share
..
Finished in 0.0025 seconds (files took 0.12449 seconds to load)
8 examples, 0 failures
```
- `system.platform`: based on `inspec.platform`, modify to values that are more consistent from a SaltStack perspective
- `system.platform[:family]` provide a family name for Arch and Gentoo
- `system.platform[:name]` append `linux` to both `amazon` and `oracle`; ensure Windows platforms are resolved as simply `windows`
- `system.platform[:release]` tweak Arch, Amazon Linux, Gentoo and Windows:
- `Arch` is always `base-latest`
- `Amazon Linux` release `2018` is resolved as `1`
- `Gentoo` release is trimmed to its major version number and then the init system is appended (i.e. `sysv` or `sysd`)
- `Windows` uses the widely-used release number (e.g. `8.1` or `2019-server`) in place of the actual system release version
- `system.platform[:finger]` is the concatenation of the name and the major release number (except for Ubuntu, which gives `ubuntu-20.04` for example)

5
test/integration/share/inspec.yml
View file

@ -2,7 +2,7 @@
# vim: ft=yaml
---
name: share
title: sudoers formula
title: InSpec shared resources
maintainer: SaltStack Formulas
license: Apache-2.0
summary: shared resources
@ -15,4 +15,7 @@ supports:
- platform-name: suse
- platform-name: freebsd
- platform-name: amazon
- platform-name: oracle
- platform-name: arch
- platform-name: gentoo
- platform: windows

16
test/integration/share/libraries/system.rb
View file

@ -27,8 +27,8 @@ class SystemResource < Inspec.resource(1)
def build_platform_family
case inspec.platform[:name]
when 'arch'
'arch'
when 'arch', 'gentoo'
inspec.platform[:name]
else
inspec.platform[:family]
end
@ -36,13 +36,16 @@ class SystemResource < Inspec.resource(1)
def build_platform_name
case inspec.platform[:name]
when 'amazon'
'amazonlinux'
when 'amazon', 'oracle'
"#{inspec.platform[:name]}linux"
when 'windows_8.1_pro', 'windows_server_2019_datacenter'
'windows'
else
inspec.platform[:name]
end
end
# rubocop:disable Metrics/MethodLength
def build_platform_release
case inspec.platform[:name]
when 'amazon'
@ -52,10 +55,15 @@ class SystemResource < Inspec.resource(1)
'base-latest'
when 'gentoo'
"#{inspec.platform[:release].split('.')[0]}-#{derive_gentoo_init_system}"
when 'windows_8.1_pro'
'8.1'
when 'windows_server_2019_datacenter'
'2019-server'
else
inspec.platform[:release]
end
end
# rubocop:enable Metrics/MethodLength
def derive_gentoo_init_system
case inspec.command('systemctl').exist?