saltstack-formulas/apache-formula
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

test(mod_security_spec): convert from Serverspec to InSpec

Browse Source
This commit is contained in:
Imran Iqbal 2019-10-17 04:54:13 +01:00
parent 34d1f7cf15
commit 68b971bd77
No known key found for this signature in database
GPG Key ID: 6D8629439D2B7819
1 changed files with 24 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
test/integration/default/controls/mod_security_spec.rb
View File

@ -1,27 +1,29 @@
describe 'apache.mod_security' do
# frozen_string_literal: true
case os[:family]
when 'redhat'
modspec_file = '/etc/httpd/conf.d/mod_security.conf'
when 'debian', 'ubuntu'
modspec_file = '/etc/modsecurity/modsecurity.conf-recommended'
else
# No other supported ATM
end
control 'Apache mod_security configuration' do
title 'should match desired lines'
modspec_file =
case platform[:family]
when 'redhat', 'fedora'
'/etc/httpd/conf.d/mod_security.conf'
when 'debian'
'/etc/modsecurity/modsecurity.conf-recommended'
end
describe file(modspec_file) do
it { should exist }
it { should be_mode 644 }
it { should be_owned_by 'root' }
it { should be_grouped_into 'root' }
its(:content) { should match /SecRuleEngine On/ }
its(:content) { should match /SecRequestBodyAccess On/ }
its(:content) { should match /SecRequestBodyLimit 14000000/ }
its(:content) { should match /SecRequestBodyNoFilesLimit 114002/ }
its(:content) { should match /SecRequestBodyInMemoryLimit 114002/ }
its(:content) { should match /SecRequestBodyLimitAction Reject/ }
its(:content) { should match /SecPcreMatchLimit 15000/ }
its(:content) { should match /SecPcreMatchLimitRecursion 15000/ }
its(:content) { should match /SecDebugLogLevel 3/ }
it { should be_file }
its('mode') { should cmp '0644' }
its('owner') { should eq 'root' }
its('group') { should eq 'root' }
its('content') { should match(/SecRuleEngine On/) }
its('content') { should match(/SecRequestBodyAccess On/) }
its('content') { should match(/SecRequestBodyLimit 14000000/) }
its('content') { should match(/SecRequestBodyNoFilesLimit 114002/) }
its('content') { should match(/SecRequestBodyInMemoryLimit 114002/) }
its('content') { should match(/SecRequestBodyLimitAction Reject/) }
its('content') { should match(/SecPcreMatchLimit 15000/) }
its('content') { should match(/SecPcreMatchLimitRecursion 15000/) }
its('content') { should match(/SecDebugLogLevel 3/) }
end
end