I am running this command from windows and I get failure but when I run it from linux it returns successful. I am using cygwin on windows to run it. Why would there be a difference.
control “cis-5-4-1-2” do
impact 1.0
title "Ensure minimum days between password changes is 7 or more"
desc "allows an administrator to prevent users from changing their password until a minimum number of days."
describe command(‘grep PASS_MIN_DAYS /etc/login.defs’) do
its(‘stdout’) { should match “# PASS_MIN_DAYS Minimum number of days allowed between password changes.”}
its(‘stdout’) { should match “PASS_MIN_DAYS 0”}
end
end
My first thought is that somehow grep is not in the path for whatever uid you are using to run inspec, though that seems unlikely. Something you can try is using the inspec shell to see what is actually being returned. I have run into problems where I expect the output of a command to be one thing and it is another or is going to stdout instead of stdin. Weidness like that.
Try something similar to…
[root@compliance ~]# inspec shell -t ssh://root@10.10.100.100 --password $PASSWORD
inspec> command('grep PASS_MIN_DAYS /etc/login.defs').stdout
=> "#\tPASS_MIN_DAYS\tMinimum number of days allowed between password changes.\nPASS_MIN_DAYS\t0\n"
Happy Hacking!
Thanks for the reply. It appears that when using sublime text that it is converting the tabs to spaces. I am finding out that when running inspec that it has to be exactly like what is in the file, spaces and all. Moving my profiles from one computer… Windows to Linux it is causing problems. I didn’t think it would but it seems to be.