Module: Inspec::Resources
- Defined in:
- lib/inspec/resources/csv.rb,
lib/inspec/resources/os.rb,
lib/inspec/resources/apt.rb,
lib/inspec/resources/gem.rb,
lib/inspec/resources/ini.rb,
lib/inspec/resources/ksh.rb,
lib/inspec/resources/lxc.rb,
lib/inspec/resources/npm.rb,
lib/inspec/resources/opa.rb,
lib/inspec/resources/pip.rb,
lib/inspec/resources/ssl.rb,
lib/inspec/resources/wmi.rb,
lib/inspec/resources/xml.rb,
lib/inspec/resources/yum.rb,
lib/inspec/resources/zfs.rb,
lib/inspec/resources/bash.rb,
lib/inspec/resources/bond.rb,
lib/inspec/resources/cpan.rb,
lib/inspec/resources/cran.rb,
lib/inspec/resources/cron.rb,
lib/inspec/resources/file.rb,
lib/inspec/resources/host.rb,
lib/inspec/resources/http.rb,
lib/inspec/resources/json.rb,
lib/inspec/resources/noop.rb,
lib/inspec/resources/port.rb,
lib/inspec/resources/toml.rb,
lib/inspec/resources/yaml.rb,
lib/inspec/resources/ipnat.rb,
lib/inspec/resources/mount.rb,
lib/inspec/resources/mysql.rb,
lib/inspec/resources/nginx.rb,
lib/inspec/resources/users.rb,
lib/inspec/resources/apache.rb,
lib/inspec/resources/auditd.rb,
lib/inspec/resources/bridge.rb,
lib/inspec/resources/cgroup.rb,
lib/inspec/resources/docker.rb,
lib/inspec/resources/groups.rb,
lib/inspec/resources/oneget.rb,
lib/inspec/resources/oracle.rb,
lib/inspec/resources/os_env.rb,
lib/inspec/resources/passwd.rb,
lib/inspec/resources/podman.rb,
lib/inspec/resources/shadow.rb,
lib/inspec/resources/command.rb,
lib/inspec/resources/crontab.rb,
lib/inspec/resources/iis_app.rb,
lib/inspec/resources/key_rsa.rb,
lib/inspec/resources/mongodb.rb,
lib/inspec/resources/opa_api.rb,
lib/inspec/resources/opa_cli.rb,
lib/inspec/resources/package.rb,
lib/inspec/resources/selinux.rb,
lib/inspec/resources/service.rb,
lib/inspec/resources/ssh_key.rb,
lib/inspec/resources/iis_site.rb,
lib/inspec/resources/ipfilter.rb,
lib/inspec/resources/iptables.rb,
lib/inspec/resources/nftables.rb,
lib/inspec/resources/ntp_conf.rb,
lib/inspec/resources/packages.rb,
lib/inspec/resources/platform.rb,
lib/inspec/resources/postgres.rb,
lib/inspec/resources/sys_info.rb,
lib/inspec/resources/timezone.rb,
lib/inspec/resources/vbscript.rb,
lib/inspec/resources/zfs_pool.rb,
lib/inspec/resources/aide_conf.rb,
lib/inspec/resources/cassandra.rb,
lib/inspec/resources/dh_params.rb,
lib/inspec/resources/directory.rb,
lib/inspec/resources/etc_fstab.rb,
lib/inspec/resources/etc_group.rb,
lib/inspec/resources/etc_hosts.rb,
lib/inspec/resources/firewalld.rb,
lib/inspec/resources/grub_conf.rb,
lib/inspec/resources/interface.rb,
lib/inspec/resources/ip6tables.rb,
lib/inspec/resources/processes.rb,
lib/inspec/resources/filesystem.rb,
lib/inspec/resources/inetd_conf.rb,
lib/inspec/resources/interfaces.rb,
lib/inspec/resources/login_defs.rb,
lib/inspec/resources/mail_alias.rb,
lib/inspec/resources/mysql_conf.rb,
lib/inspec/resources/nginx_conf.rb,
lib/inspec/resources/php_config.rb,
lib/inspec/resources/podman_pod.rb,
lib/inspec/resources/powershell.rb,
lib/inspec/resources/ssh_config.rb,
lib/inspec/resources/apache_conf.rb,
lib/inspec/resources/auditd_conf.rb,
lib/inspec/resources/chrony_conf.rb,
lib/inspec/resources/ibmdb2_conf.rb,
lib/inspec/resources/limits_conf.rb,
lib/inspec/resources/sybase_conf.rb,
lib/inspec/resources/xinetd_conf.rb,
lib/inspec/resources/zfs_dataset.rb,
lib/inspec/resources/audit_policy.rb,
lib/inspec/resources/docker_image.rb,
lib/inspec/resources/iis_app_pool.rb,
lib/inspec/resources/mongodb_conf.rb,
lib/inspec/resources/parse_config.rb,
lib/inspec/resources/podman_image.rb,
lib/inspec/resources/postfix_conf.rb,
lib/inspec/resources/registry_key.rb,
lib/inspec/resources/windows_task.rb,
lib/inspec/resources/docker_plugin.rb,
lib/inspec/resources/elasticsearch.rb,
lib/inspec/resources/kernel_module.rb,
lib/inspec/resources/mssql_session.rb,
lib/inspec/resources/mysql_session.rb,
lib/inspec/resources/oracledb_conf.rb,
lib/inspec/resources/podman_volume.rb,
lib/inspec/resources/postgres_conf.rb,
lib/inspec/resources/routing_table.rb,
lib/inspec/resources/docker_service.rb,
lib/inspec/resources/ibmdb2_session.rb,
lib/inspec/resources/mssql_sys_conf.rb,
lib/inspec/resources/podman_network.rb,
lib/inspec/resources/sybase_session.rb,
lib/inspec/resources/virtualization.rb,
lib/inspec/resources/windows_hotfix.rb,
lib/inspec/resources/default_gateway.rb,
lib/inspec/resources/mongodb_session.rb,
lib/inspec/resources/rabbitmq_config.rb,
lib/inspec/resources/security_policy.rb,
lib/inspec/resources/windows_feature.rb,
lib/inspec/resources/cassandradb_conf.rb,
lib/inspec/resources/docker_container.rb,
lib/inspec/resources/kernel_parameter.rb,
lib/inspec/resources/oracledb_session.rb,
lib/inspec/resources/podman_container.rb,
lib/inspec/resources/postgres_session.rb,
lib/inspec/resources/windows_firewall.rb,
lib/inspec/resources/x509_certificate.rb,
lib/inspec/resources/x509_private_key.rb,
lib/inspec/resources/kernel_parameters.rb,
lib/inspec/resources/postgres_hba_conf.rb,
lib/inspec/resources/chocolatey_package.rb,
lib/inspec/resources/linux_audit_system.rb,
lib/inspec/resources/cassandradb_session.rb,
lib/inspec/resources/postgres_ident_conf.rb,
lib/inspec/resources/security_identifier.rb,
lib/inspec/resources/etc_hosts_allow_deny.rb,
lib/inspec/resources/windows_firewall_rule.rb,
lib/inspec/resources/oracledb_listener_conf.rb
Overview
Check for Chocolatey packages to be installed
Defined Under Namespace
Modules: DockerObject, FilePermissionsSelector, GroupManagementSelector, UserManagementSelector Classes: AideConf, AixPorts, AixUser, AlpinePkg, AlpinePkgs, Apache, ApacheConf, AptRepository, AuditDaemon, AuditDaemonConf, AuditPolicy, BSDInit, BSDService, Bash, BffPkg, Bond, Brew, Bridge, BridgeDetection, BsdInterface, BsdMounts, Cassandra, CassandradbConf, CassandradbSession, Cgroup, ChocoPkg, ChronyConf, Cmd, CpanPackage, CranPackage, Cron, Crontab, CsvConfig, DarwinGroup, DarwinHostProvider, DarwinUser, Deb, Debs, Defaultgateway, DhParams, Directory, Docker, DockerContainer, DockerContainerFilter, DockerImage, DockerImageFilter, DockerPlugin, DockerPluginFilter, DockerService, DockerServiceFilter, Elasticsearch, EtcFstab, EtcGroup, EtcGroupView, EtcHosts, EtcHostsAllow, EtcHostsDeny, FilePermissions, FileResource, FileSystemResource, FirewallD, FreeBSD10Init, FreeBSDUser, FreeBsdPorts, FreebsdPkg, FsManagement, GemPackage, God, Group, GroupInfo, Groups, GrubConfig, Host, HostProvider, HpuxPkg, HpuxPorts, HpuxUser, Http, Ibmdb2Conf, Ibmdb2Session, IisApp, IisAppPool, IisSite, IisSiteServerSpec, ImmutableFlagCheck, InetdConf, IniConfig, InterfaceInfo, Interfaces, Ip6Tables, IpFilter, IpNat, IpTables, JsonConfig, KernelModule, KernelParameter, KernelParameters, Ksh, LaunchCtl, LaunchdService, LegacyPowershell, LimitsConf, Lines, LinuxAuditSystem, LinuxBridge, LinuxHostProvider, LinuxImmutableFlagCheck, LinuxInterface, LinuxKernelParameter, LinuxMounts, LinuxPorts, LinuxUser, LoginDefs, LsofPorts, Lxc, Mailalias, Members, Mongodb, MongodbConf, MongodbSession, Monit, MonitoringTool, Mount, MountsInfo, MssqlSession, MssqlSysConf, Mysql, MysqlConf, MysqlConfEntry, MysqlSession, NetworkInterface, NfTables, Nginx, NginxConf, NginxConfHttp, NginxConfHttpEntry, NginxConfLocation, NginxConfServer, Noop, NpmPackage, NtpConf, OSResource, OneGetPackage, Opa, OpaApi, OpaCli, Oracle, OracledbConf, OracledbListenerConf, OracledbSession, OsEnv, PConfig, PConfigFile, Package, Packages, Pacman, Passwd, PhpConfig, PipPackage, PkgManagement, PkgsManagement, PlatformResource, Podman, PodmanContainer, PodmanContainerFilter, PodmanImage, PodmanImageFilter, PodmanNetwork, PodmanNetworkFilter, PodmanPod, PodmanPodFilter, PodmanVolume, PodmanVolumeFilter, Port, PortsInfo, PostfixConf, Postgres, PostgresConf, PostgresHbaConf, PostgresIdentConf, PostgresSession, Powershell, PpaRepository, Processes, RabbitmqConfig, RegistryKey, Routingtable, Rpm, Rpms, RsaKey, Runit, RunitService, Runlevels, SSL, SecurityIdentifier, SecurityPolicy, Selinux, SelinuxBooleanFilter, SelinuxModuleFilter, Service, ServiceManager, Shadow, SiteProvider, SolarisPkg, SolarisPorts, SolarisUser, SrcMstr, SshConfig, SshKey, SshdActiveConfig, SshdConfig, Svcs, SybaseConf, SybaseSession, SysV, SysVService, System, Systemd, SystemdService, TimeZone, TomlConfig, UnixFilePermissions, UnixFileSystemResource, UnixGroup, UnixHostProvider, UnixImmutableFlagCheck, UnixUser, Upstart, UpstartService, User, UserGroups, UserInfo, Users, VBScript, Virtualization, WMI, WindowsBridge, WindowsFeature, WindowsFilePermissions, WindowsFileSystemResource, WindowsFirewall, WindowsFirewallRule, WindowsGroup, WindowsHostProvider, WindowsHotfix, WindowsInterface, WindowsPkg, WindowsPorts, WindowsRegistryKey, WindowsSrv, WindowsTasks, WindowsUser, X509CertificateResource, X509PrivateKey, XinetdConf, XmlConfig, YamlConfig, Yum, YumRepo, Zfs, ZfsDataset, ZfsPool
Constant Summary collapse
- PowershellScript =
Powershell
- LegacyPowershellScript =
LegacyPowershell
- MS_PRIVILEGES_RIGHTS =
known and supported MS privilege rights
[ "SeNetworkLogonRight", "SeBackupPrivilege", "SeChangeNotifyPrivilege", "SeSystemtimePrivilege", "SeCreatePagefilePrivilege", "SeDebugPrivilege", "SeRemoteShutdownPrivilege", "SeAuditPrivilege", "SeIncreaseQuotaPrivilege", "SeIncreaseBasePriorityPrivilege", "SeLoadDriverPrivilege", "SeBatchLogonRight", "SeServiceLogonRight", "SeInteractiveLogonRight", "SeSecurityPrivilege", "SeSystemEnvironmentPrivilege", "SeProfileSingleProcessPrivilege", "SeSystemProfilePrivilege", "SeAssignPrimaryTokenPrivilege", "SeRestorePrivilege", "SeShutdownPrivilege", "SeTakeOwnershipPrivilege", "SeUndockPrivilege", "SeManageVolumePrivilege", "SeRemoteInteractiveLogonRight", "SeImpersonatePrivilege", "SeCreateGlobalPrivilege", "SeIncreaseWorking", "SeTimeZonePrivilege", "SeCreateSymbolicLinkPrivilege", "SeDenyNetworkLogonRight", # Deny access to this computer from the network "SeDenyInteractiveLogonRight", # Deny logon locally "SeDenyBatchLogonRight", # Deny logon as a batch job "SeDenyServiceLogonRight", # Deny logon as a service "SeTcbPrivilege", "SeMachineAccountPrivilege", "SeCreateTokenPrivilege", "SeCreatePermanentPrivilege", "SeEnableDelegationPrivilege", "SeLockMemoryPrivilege", "SeSyncAgentPrivilege", "SeUnsolicitedInputPrivilege", "SeTrustedCredManAccessPrivilege", "SeRelabelPrivilege", # the privilege to change a Windows integrity label (new to Windows Vista) "SeDenyRemoteInteractiveLogonRight", # Deny logon through Terminal Services ].freeze