Class: Inspec::Resources::LinuxUser

Inherits:
UnixUser show all
Includes:
Utils::CommentParser, Utils::PasswdParser
Defined in:
lib/inspec/resources/users.rb

Direct Known Subclasses

SolarisUser

Instance Attribute Summary

Attributes inherited from UnixUser

#id_cmd, #inspec, #list_users_cmd

Attributes inherited from UserInfo

#inspec

Instance Method Summary collapse

Methods included from Utils::CommentParser

#parse_comment_line

Methods included from Utils::PasswdParser

#parse_passwd, #parse_passwd_line

Methods inherited from UnixUser

#identity, #initialize, #list_users, #parse_id_entries, #parse_value

Methods inherited from UserInfo

#collect_user_details, #identity, #initialize, #list_users, #user_details

Methods included from Converter

#convert_to_i

Constructor Details

This class inherits a constructor from Inspec::Resources::UnixUser

Instance Method Details

#credentials(username) ⇒ Object



460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
# File 'lib/inspec/resources/users.rb', line 460

def credentials(username)
  cmd = inspec.command("chage -l #{username}")
  return nil if cmd.exit_status != 0

  params = SimpleConfig.new(
    cmd.stdout.chomp,
    assignment_regex: /^\s*([^:]*?)\s*:\s*(.*?)\s*$/,
    group_re: nil,
    multiple_values: false
  ).params

  last_change = params["Last password change"]
  dparse = Date.parse "#{last_change}" rescue nil
  dayslastset = (Date.today - dparse).to_i if dparse
  cmd = inspec.command("lastb -w -a | grep #{username} | wc -l")
  badpasswordattempts = convert_to_i(cmd.stdout.chomp) if cmd.exit_status == 0

  {
    mindays: convert_to_i(params["Minimum number of days between password change"]),
    maxdays: convert_to_i(params["Maximum number of days between password change"]),
    warndays: convert_to_i(params["Number of days of warning before password expires"]),
    passwordage: dayslastset,
    badpasswordattempts: badpasswordattempts,
  }
end

#meta_info(username) ⇒ Object



448
449
450
451
452
453
454
455
456
457
458
# File 'lib/inspec/resources/users.rb', line 448

def meta_info(username)
  cmd = inspec.command("getent passwd #{username}")
  return nil if cmd.exit_status != 0

  # returns: root:x:0:0:root:/root:/bin/bash
  passwd = parse_passwd_line(cmd.stdout.chomp)
  {
    home: passwd["home"],
    shell: passwd["shell"],
  }
end