On this page
auditd_conf resource
Use the auditd_conf Chef InSpec audit resource to test the configuration settings for the audit daemon. This file is typically located under /etc/audit/auditd.conf' on Unix and Linux platforms.
Availability
Installation
This resource is distributed along with Chef InSpec itself. You can use it automatically.
Version
This resource first became available in v1.0.0 of InSpec.
Syntax
A auditd_conf resource block declares configuration settings that should be tested:
describe auditd_conf('path') do
  its('keyword') { should cmp 'value' }
end
where
- 'keyword'is a configuration setting defined in the- auditd.confconfiguration file
- ('path')is the non-default path to the- auditd.confconfiguration file
- { should cmp 'value' }is the value that is expected
Properties
This matcher will match any property listed in the auditd.conf configuration file. Property names and expected values are case-insensitive:
- admin_space_left,- admin_space_left_action,- action_mail_acct,- conf_path,- content,- disk_error_action,- disk_full_action,- flush,- freq,- log_file,- log_format,- max_log_file,- max_log_file_action,- num_logs,- params,- space_left,- space_left_action
Property Examples
The following examples show how to use this Chef InSpec audit resource.
Test the auditd.conf file
describe auditd_conf do
  its('log_file') { should cmp '/full/path/to/file' }
  its('log_format') { should cmp 'raw' }
  its('flush') { should cmp 'none' }
  its('freq') { should cmp 1 }
  its('num_logs') { should cmp 0 }
  its('max_log_file') { should cmp 6 }
  its('max_log_file_action') { should cmp 'email' }
  its('space_left') { should cmp 2 }
  its('action_mail_acct') { should cmp 'root' }
  its('space_left_action') { should cmp 'email' }
  its('admin_space_left') { should cmp 1 }
  its('admin_space_left_action') { should cmp 'halt' }
  its('disk_full_action') { should cmp 'halt' }
  its('disk_error_action') { should cmp 'halt' }
end
describe file(auditd_conf.conf_path) do
  its('group') { should cmp 'root' }
end
Matchers
For a full list of available matchers, please visit our matchers page.
cmp
    The cmp matcher compares values across types.
its('freq') { should cmp 1 }
© Chef Software, Inc.
Licensed under the Creative Commons Attribution 3.0 Unported License.
The Chef™ Mark and Chef Logo are either registered trademarks/service marks or trademarks/servicemarks of Chef, in the United States and other countries and are used with Chef Inc's permission.
We are not affiliated with, endorsed or sponsored by Chef Inc.
 https://docs.chef.io/inspec/resources/auditd_conf/