class Serverspec::Type::LinuxAuditSystem

Public Class Methods

new(name=nil) click to toggle source
# File lib/serverspec/type/linux_audit_system.rb, line 3
def initialize(name=nil)
  @name = 'linux_audit_system'
  @runner = Specinfra::Runner
  @rules_content = nil
end

Public Instance Methods

enabled?() click to toggle source
# File lib/serverspec/type/linux_audit_system.rb, line 9
def enabled?
  status_of('enabled') == '1'
end
rules() click to toggle source
# File lib/serverspec/type/linux_audit_system.rb, line 18
def rules
  if @rules_content.nil?
    @rules_content = @runner.run_command('/sbin/auditctl -l').stdout || ''
  end
  @rules_content
end
running?() click to toggle source
# File lib/serverspec/type/linux_audit_system.rb, line 13
def running?
  pid = status_of('pid')
  (!pid.nil? && pid.size > 0 && pid != '0')
end

Private Instance Methods

parse_status(status_str) click to toggle source
# File lib/serverspec/type/linux_audit_system.rb, line 34
def parse_status(status_str)
  map = nil
  if status_str =~ /^AUDIT_STATUS/ then
    map = status_str.split(' ')[1..-1].inject({}) { |res,elem| a = elem.split('='); res.store(a[0],a[1] || ''); res }
  else
    map = status_str.split("\n").inject({}) { |res,elem| a = elem.split(' '); res.store(a[0],a[1] || ''); res } 
  end
  map
end
status_of(part) click to toggle source
# File lib/serverspec/type/linux_audit_system.rb, line 27
def status_of(part)
  cmd = "/sbin/auditctl -s"
  status_str = @runner.run_command(cmd).stdout.chomp
  status_map = parse_status(status_str)
  status_map[part] || ''
end