1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
|
test_name "Augeas services file" do
tag 'risk:medium',
'audit:medium',
'audit:acceptance',
'audit:refactor' # move to types test dir
# use single manifest/apply
skip_test 'requires augeas which is included in AIO' if @options[:type] != 'aio'
confine :except, :platform => 'windows'
confine :except, :platform => 'osx'
confine :to, {}, hosts.select { |host| ! host[:roles].include?('master') }
step "Backup the services file" do
on hosts, "cp /etc/services /tmp/services.bak"
end
begin
step "Add an entry to the services file" do
manifest = <<EOF
augeas { 'add_services_entry':
context => '/files/etc/services',
incl => '/etc/services',
lens => 'Services.lns',
changes => [
'ins service-name after service-name[last()]',
'set service-name[last()] "Doom"',
'set service-name[. = "Doom"]/port "666"',
'set service-name[. = "Doom"]/protocol "udp"'
]
}
EOF
on hosts, puppet_apply('--verbose'), :stdin => manifest
on hosts, "fgrep 'Doom 666/udp' /etc/services"
end
step "Change the protocol to udp" do
manifest = <<EOF
augeas { 'change_service_protocol':
context => '/files/etc/services',
incl => '/etc/services',
lens => 'Services.lns',
changes => [
'set service-name[. = "Doom"]/protocol "tcp"'
]
}
EOF
on hosts, puppet_apply('--verbose'), :stdin => manifest
on hosts, "fgrep 'Doom 666/tcp' /etc/services"
end
step "Remove the services entry" do
manifest = <<EOF
augeas { 'del_service_entry':
context => '/files/etc/services',
incl => '/etc/services',
lens => 'Services.lns',
changes => [
'rm service-name[. = "Doom"]'
]
}
EOF
on hosts, puppet_apply('--verbose'), :stdin => manifest
on hosts, "fgrep 'Doom 666/tcp' /etc/services", :acceptable_exit_codes => [1]
end
ensure
on hosts, "mv /tmp/services.bak /etc/services"
end
end
|
