class Inspec::Resources::LinuxUser

Public Instance Methods

credentials(username) click to toggle source
# File lib/inspec/resources/users.rb, line 460
def credentials(username)
  cmd = inspec.command("chage -l #{username}")
  return nil if cmd.exit_status != 0

  params = SimpleConfig.new(
    cmd.stdout.chomp,
    assignment_regex: /^\s*([^:]*?)\s*:\s*(.*?)\s*$/,
    group_re: nil,
    multiple_values: false
  ).params

  last_change = params["Last password change"]
  dparse = Date.parse "#{last_change}" rescue nil
  dayslastset = (Date.today - dparse).to_i if dparse
  cmd = inspec.command("lastb -w -a | grep #{username} | wc -l")
  badpasswordattempts = convert_to_i(cmd.stdout.chomp) if cmd.exit_status == 0

  {
    mindays: convert_to_i(params["Minimum number of days between password change"]),
    maxdays: convert_to_i(params["Maximum number of days between password change"]),
    warndays: convert_to_i(params["Number of days of warning before password expires"]),
    passwordage: dayslastset,
    badpasswordattempts: badpasswordattempts,
  }
end
meta_info(username) click to toggle source
# File lib/inspec/resources/users.rb, line 448
def meta_info(username)
  cmd = inspec.command("getent passwd #{username}")
  return nil if cmd.exit_status != 0

  # returns: root:x:0:0:root:/root:/bin/bash
  passwd = parse_passwd_line(cmd.stdout.chomp)
  {
    home: passwd["home"],
    shell: passwd["shell"],
  }
end