1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
|
test_name 'Augeas services file' do
tag 'risk:medium',
'audit:medium',
'audit:acceptance',
'audit:refactor' # move to types test dir
# use single manifest/apply
skip_test 'requires augeas which is included in AIO' if @options[:type] != 'aio'
confine :except, platform: 'windows'
confine :except, platform: 'osx'
confine :to, {}, hosts.reject { |host| host[:roles].include?('master') }
step 'Backup the services file' do
on hosts, 'cp /etc/services /tmp/services.bak'
end
begin
step 'Add an entry to the services file' do
manifest = <<EOF
augeas { 'add_services_entry':
context => '/files/etc/services',
incl => '/etc/services',
lens => 'Services.lns',
changes => [
'ins service-name after service-name[last()]',
'set service-name[last()] "Doom"',
'set service-name[. = "Doom"]/port "666"',
'set service-name[. = "Doom"]/protocol "udp"'
]
}
EOF
on hosts, puppet_apply('--verbose'), stdin: manifest
on hosts, "fgrep 'Doom 666/udp' /etc/services"
end
step 'Change the protocol to udp' do
manifest = <<EOF
augeas { 'change_service_protocol':
context => '/files/etc/services',
incl => '/etc/services',
lens => 'Services.lns',
changes => [
'set service-name[. = "Doom"]/protocol "tcp"'
]
}
EOF
on hosts, puppet_apply('--verbose'), stdin: manifest
on hosts, "fgrep 'Doom 666/tcp' /etc/services"
end
step 'Remove the services entry' do
manifest = <<EOF
augeas { 'del_service_entry':
context => '/files/etc/services',
incl => '/etc/services',
lens => 'Services.lns',
changes => [
'rm service-name[. = "Doom"]'
]
}
EOF
on hosts, puppet_apply('--verbose'), stdin: manifest
on hosts, "fgrep 'Doom 666/tcp' /etc/services", acceptable_exit_codes: [1]
end
ensure
on hosts, 'mv /tmp/services.bak /etc/services'
end
end
|
