class Serverspec::Type::LinuxAuditSystem
Public Class Methods
new(name=nil)
click to toggle source
# File lib/serverspec/type/linux_audit_system.rb, line 3 def initialize(name=nil) @name = 'linux_audit_system' @runner = Specinfra::Runner @rules_content = nil end
Public Instance Methods
enabled?()
click to toggle source
# File lib/serverspec/type/linux_audit_system.rb, line 9 def enabled? status_of('enabled') == '1' end
rules()
click to toggle source
# File lib/serverspec/type/linux_audit_system.rb, line 18 def rules if @rules_content.nil? @rules_content = @runner.run_command('/sbin/auditctl -l').stdout || '' end @rules_content end
running?()
click to toggle source
# File lib/serverspec/type/linux_audit_system.rb, line 13 def running? pid = status_of('pid') (!pid.nil? && pid.size > 0 && pid != '0') end
Private Instance Methods
parse_status(status_str)
click to toggle source
# File lib/serverspec/type/linux_audit_system.rb, line 34 def parse_status(status_str) map = nil if status_str =~ /^AUDIT_STATUS/ then map = status_str.split(' ')[1..-1].inject({}) { |res,elem| a = elem.split('='); res.store(a[0],a[1] || ''); res } else map = status_str.split("\n").inject({}) { |res,elem| a = elem.split(' '); res.store(a[0],a[1] || ''); res } end map end
status_of(part)
click to toggle source
# File lib/serverspec/type/linux_audit_system.rb, line 27 def status_of(part) cmd = "/sbin/auditctl -s" status_str = @runner.run_command(cmd).stdout.chomp status_map = parse_status(status_str) status_map[part] || '' end