7. Exercise - Develop your own resources
About 2 min
Try writing your own resources and think about how you could implement them in a profile!
Suggested Resources to start on (Simple):
- Docker
id
retrieves container idimage
retrieves image namerepo
retrieves the repotag
retrieves the tagports
retrieves the portscommand
retrieves command
- Git
branches
checks if branch existscurrent_branch
retrieves current branchlast_commit
retrieves last commit from loggit_log
retrieve log of all commitstag
retrieve tag for repo
Suggested Resources to start on (Medium):
- File resource
owner
tests if the owner of the file matches the specified value.group
tests if the group to which a file belongs matches the specified value.size
tests if a file’s size matches, is greater than, or is less than the specified value.contents
tests if contents in the file match the value specified in a regular expression.path
retrieves path to file
- Directory resource
owner
tests if the owner of the file matches the specified value.group
tests if the group to which a file belongs matches the specified value.size
tests if a file’s size matches, is greater than, or is less than the specified value.contents
tests if contents in the file match the value specified in a regular expression.path
retrieves path to directory
- Users
exist
tests if the named user existsgid
tests the group identifiergroup
tests the group to which the user belongsgroups
tests two (or more) groups to which the user belongshome
tests the home directory path for the usermaxdays
tests the maximum number of days between password changesmindays
tests the minimum number of days between password changesshell
tests the path to the default shell for the useruid
tests the user identifierwarndays
tests the number of days a user is warned before a password must be changed
- etc host allow/deny
daemon
daemon returns a string containing the daemon that is allowed in the rule.client_list
client_list returns a 2d string array where each entry contains the clients specified for the rule.options
options returns a 2d string array where each entry contains any options specified for the rule.
Suggested Resources to start on (Hard):
- etc shadow
users
A list of strings, representing the usernames matched by the filterpasswords
A list of strings, representing the encrypted password strings for entries matched by the where filter. Each string may not be an encrypted password, but rather a * or similar which indicates that direct logins are not allowed.last_changes
A list of integers, indicating the number of days since Jan 1 1970 since the password for each matching entry was changed.min_days
A list of integers reflecting the minimum number of days a password must exist, before it may be changed, for the users that matched the filter.max_days
A list of integers reflecting the maximum number of days after which the password must be changed for each user matching the filter.warn_days
A list of integers reflecting the number of days a user is warned about an expiring password for each user matching the filter.inactive_days
A list of integers reflecting the number of days a user must be inactive before the user account is disabled for each user matching the filter.expiry_dates
A list of integers reflecting the number of days since Jan 1 1970 that a user account has been disabled, for each user matching the filter. Value is nil if the account has not expired.count
The count property tests the number of records that the filter matched.
- etc fstab
device_name
is the name associated with the device.mount_point
is the directory at which the file system is configured to be mounted.file_system_type
is the type of file system of the device or partition.mount_options
is the options for the device or partition.dump_options
is a number used by dump to decide if a file system should be backed up.file_system_options
is a number that specifies the order the file system should be checked.
- Tomcat server conf reader
parse_conf
parse the conf filefetch_connectors
retrieves keysport
,protocol
,timeout
,redirect
,sslprotocol
,scheme
,sslenable
,clientauth
,secure