Serverspec : Linux OS Spec Files

require 'spec_helper'

# resolv.conf
properties[:resolv].map do |s|
  describe command('cat /etc/resolv.conf') do
    it { should return_stdout s }
  end
end


# resolve check
describe host('www.google.com') do
  it { should be_resolvable.by('dns') }
end

require 'spec_helper'

describe package('openssh') do
  it { should be_installed }
end

describe service('sshd') do
  it { should be_enabled }
  it { should be_running }
end

describe port(22) do
  it { should be_listening }
end

describe file('/etc/ssh/sshd_config') do
  it { should be_file }
  it { should be_mode 600 }
  it { should be_owned_by 'root' }
  it { should contain 'PermitRootLogin no' }
  it { should contain 'PasswordAuthentication no' }
  it { should contain 'PermitEmptyPasswords no' }
  it { should contain 'GSSAPIAuthentication no' }
  it { should contain 'UseDNS no'}
end

require 'spec_helper'

describe package('ntpdate') do
  it { should be_installed }
end
 
describe service('ntpd') do
  it { should be_enabled }
  it { should be_running }
end


describe command('ntpq -pn') do
  it { should return_stdout /^\*\d/}
end

require 'spec_helper'

describe file('/etc/sudoers') do
  it { should be_file }
  it { should be_mode 440 }
  it { should be_owned_by 'root' }
  it { should contain 'root	ALL=(ALL) 	ALL' }
end

require 'spec_helper'

# SElinux
describe selinux do
  it { should be_disabled }
end

require 'spec_helper'

describe cron do
  it { should have_entry '* * * * * /shell/test.sh' }
end

require 'spec_helper'

describe user('user01') do
  it { should exist }
end

describe user('user01') do
  it { should belong_to_group 'group01' }
end

describe user('user01') do
  it { should have_uid 1500 }
end

require 'spec_helper'

describe default_gateway do
  its(:ipaddress) { should eq '192.168.10.1' }
end

describe default_gateway do
  its(properties[:ipaddress]) { should eq p['gw_addr'] }
end

 
describe service('network') do
  it { should be_enabled }
  it { should be_running }
end