From 4c607b050a3082442c048995b15a96798c9c6103 Mon Sep 17 00:00:00 2001 From: Claudius Heine Date: Thu, 4 Nov 2021 14:29:05 +0100 Subject: [PATCH] feat: add rules to ensure that all referred users and gids exist Signed-off-by: Claudius Heine --- controls/os_spec.rb | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/controls/os_spec.rb b/controls/os_spec.rb index fc32cfc..597cf28 100644 --- a/controls/os_spec.rb +++ b/controls/os_spec.rb @@ -370,3 +370,19 @@ its('users') { should be_empty } end end + +control 'os-20' do + impact 1.0 + title 'All users and gids referred in /etc/group and /etc/passwd should exist' + desc 'Errors in system administration can lead to a case where gids or uids referred to do not exist' + + gids = etc_group.gids.map(&:to_s) + describe passwd do + its('gids') { should be_in gids } + end + + users = passwd.users + describe etc_group do + its('users') { should be_in users } + end +end