2017-02-23 22:04:27 +01:00
|
|
|
require 'serverspec'
|
|
|
|
|
set :backend, :exec
|
|
|
|
|
|
|
|
|
|
def service_name()
|
|
|
|
|
return case os[:family]
|
|
|
|
|
when 'debian', 'ubuntu' then 'ssh'
|
2017-04-21 18:18:37 +02:00
|
|
|
else 'sshd'
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def root_group()
|
|
|
|
|
return case os[:family]
|
|
|
|
|
when 'freebsd' then 'wheel'
|
|
|
|
|
else 'root'
|
2017-02-23 22:04:27 +01:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
describe 'openssl/config.sls' do
|
|
|
|
|
|
|
|
|
|
describe service(service_name()) do
|
|
|
|
|
it { should be_running }
|
|
|
|
|
end
|
|
|
|
|
|
2017-02-23 22:42:16 +01:00
|
|
|
describe file('/etc/ssh/sshd_config') do
|
|
|
|
|
it { should be_mode 600 }
|
|
|
|
|
it { should be_owned_by 'root' }
|
2017-04-21 18:18:37 +02:00
|
|
|
it { should be_grouped_into root_group() }
|
2017-02-23 22:42:16 +01:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
describe file('/etc/ssh/ssh_config') do
|
2017-02-24 21:39:59 +01:00
|
|
|
it { should be_mode 644 }
|
2017-02-23 22:42:16 +01:00
|
|
|
it { should be_owned_by 'root' }
|
2017-04-21 18:18:37 +02:00
|
|
|
it { should be_grouped_into root_group() }
|
2017-02-23 22:42:16 +01:00
|
|
|
end
|
|
|
|
|
|
2017-02-23 22:04:27 +01:00
|
|
|
end
|
