1 # frozen_string_literal: true
3 control 'arvados configuration file' do
4 title 'should not exist'
6 describe file('/etc/arvados/config.yml') do
7 it { should_not exist }
11 control 'shellinabox configuration' do
12 title 'should match desired lines'
16 file = '/etc/sysconfig/shellinaboxd'
18 siab_stanza = <<~SIAB_STANZA
20 # SSL is disabled because it is terminated in Nginx. Adjust as needed.
21 OPTS="--disable-ssl --no-beep --service=/shell.fixme.example.net:SSH"
23 when 'debian', 'ubuntu'
24 file = '/etc/default/shellinabox'
26 siab_stanza = <<~SIAB_STANZA
28 # SSL is disabled because it is terminated in Nginx. Adjust as needed.
29 SHELLINABOX_ARGS="--disable-ssl --no-beep --service=/shell.fixme.example.net:AUTH:HOME:SHELL"
32 describe file(file) do
34 it { should be_owned_by 'root' }
35 it { should be_grouped_into 'root' }
36 its('mode') { should cmp '0644' }
39 # rubocop:disable Layout/LineLength
40 "File managed by Salt at <salt://arvados/shell/config/files/#{tpl}/shell-shellinabox.tmpl.jinja>."
41 # rubocop:enable Layout/LineLength
44 its('content') { should include(siab_stanza) }
48 control 'pam-shellinabox-arvados configuration' do
49 title 'should match desired lines'
51 pamshellinabox_stanza = <<~PAMSHELLINABOX_STANZA
52 auth [success=1 default=ignore] /usr/lib/pam_arvados.so fixme.example.net shell.fixme.example.net
55 describe file('/etc/pam.d/shellinabox') do
57 it { should be_owned_by 'root' }
58 it { should be_grouped_into 'root' }
59 its('mode') { should cmp '0644' }
62 # rubocop:disable Layout/LineLength
63 'File managed by Salt at <salt://arvados/shell/config/files/default/shell-pam-shellinabox.tmpl.jinja>.'
64 # rubocop:enable Layout/LineLength
67 its('content') { should include(pamshellinabox_stanza) }