saltstack-formulas/apache-formula
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

test(mod_security_spec): convert from Serverspec to InSpec

Browse Source
This commit is contained in:
Imran Iqbal 2019-10-17 04:54:13 +01:00
parent 34d1f7cf15
commit 68b971bd77
No known key found for this signature in database
GPG Key ID: 6D8629439D2B7819
1 changed files with 24 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
test/integration/default/controls/mod_security_spec.rb
View File

@ -1,27 +1,29 @@
describe 'apache.mod_security' do # frozen_string_literal: true
case os[:family] control 'Apache mod_security configuration' do
when 'redhat' title 'should match desired lines'
modspec_file = '/etc/httpd/conf.d/mod_security.conf'
when 'debian', 'ubuntu' modspec_file =
modspec_file = '/etc/modsecurity/modsecurity.conf-recommended' case platform[:family]
else when 'redhat', 'fedora'
# No other supported ATM '/etc/httpd/conf.d/mod_security.conf'
end when 'debian'
'/etc/modsecurity/modsecurity.conf-recommended'
end
describe file(modspec_file) do describe file(modspec_file) do
it { should exist } it { should be_file }
it { should be_mode 644 } its('mode') { should cmp '0644' }
it { should be_owned_by 'root' } its('owner') { should eq 'root' }
it { should be_grouped_into 'root' } its('group') { should eq 'root' }
its(:content) { should match /SecRuleEngine On/ } its('content') { should match(/SecRuleEngine On/) }
its(:content) { should match /SecRequestBodyAccess On/ } its('content') { should match(/SecRequestBodyAccess On/) }
its(:content) { should match /SecRequestBodyLimit 14000000/ } its('content') { should match(/SecRequestBodyLimit 14000000/) }
its(:content) { should match /SecRequestBodyNoFilesLimit 114002/ } its('content') { should match(/SecRequestBodyNoFilesLimit 114002/) }
its(:content) { should match /SecRequestBodyInMemoryLimit 114002/ } its('content') { should match(/SecRequestBodyInMemoryLimit 114002/) }
its(:content) { should match /SecRequestBodyLimitAction Reject/ } its('content') { should match(/SecRequestBodyLimitAction Reject/) }
its(:content) { should match /SecPcreMatchLimit 15000/ } its('content') { should match(/SecPcreMatchLimit 15000/) }
its(:content) { should match /SecPcreMatchLimitRecursion 15000/ } its('content') { should match(/SecPcreMatchLimitRecursion 15000/) }
its(:content) { should match /SecDebugLogLevel 3/ } its('content') { should match(/SecDebugLogLevel 3/) }
end end
end end