class Inspec::Resources::UnixFilePermissions
Public Instance Methods
check_file_permission_by_mask(file, access_type, usergroup, specific_user)
click to toggle source
# File lib/inspec/resources/file.rb, line 218 def check_file_permission_by_mask(file, access_type, usergroup, specific_user) usergroup = usergroup_for(usergroup, specific_user) flag = permission_flag(access_type) mask = file.unix_mode_mask(usergroup, flag) raise "Invalid usergroup/owner provided" if mask.nil? (file.mode & mask) != 0 end
check_file_permission_by_user(access_type, user, path)
click to toggle source
# File lib/inspec/resources/file.rb, line 227 def check_file_permission_by_user(access_type, user, path) flag = permission_flag(access_type) if inspec.os.linux? perm_cmd = "su -s /bin/sh -c \"test -#{flag} #{path}\" #{user}" elsif inspec.os.bsd? || inspec.os.solaris? perm_cmd = "sudo -u #{user} test -#{flag} #{path}" elsif inspec.os.aix? perm_cmd = "su #{user} -c test -#{flag} #{path}" elsif inspec.os.hpux? perm_cmd = "su #{user} -c \"test -#{flag} #{path}\"" else return skip_resource "The `file` resource does not support `by_user` on your OS." end cmd = inspec.command(perm_cmd) cmd.exit_status == 0 ? true : false end
permission_flag(access_type)
click to toggle source
# File lib/inspec/resources/file.rb, line 195 def permission_flag(access_type) case access_type when "read" "r" when "write" "w" when "execute" "x" else raise "Invalid access_type provided" end end
usergroup_for(usergroup, specific_user)
click to toggle source
# File lib/inspec/resources/file.rb, line 208 def usergroup_for(usergroup, specific_user) if usergroup == "others" "other" elsif (usergroup.nil? || usergroup.empty?) && specific_user.nil? "all" else usergroup end end