Skip to main content

7. Exercise - Develop your own resources

Aaron LippoldAbout 2 min

Try writing your own resources and think about how you could implement them in a profile!

Suggested Resources to start on (Simple):

  • Docker
    • id retrieves container id
    • image retrieves image name
    • repo retrieves the repo
    • tag retrieves the tag
    • ports retrieves the ports
    • command retrieves command
  • Git
    • branches checks if branch exists
    • current_branch retrieves current branch
    • last_commit retrieves last commit from log
    • git_log retrieve log of all commits
    • tag retrieve tag for repo

Suggested Resources to start on (Medium):

  • File resource
    • owner tests if the owner of the file matches the specified value.
    • group tests if the group to which a file belongs matches the specified value.
    • size tests if a file’s size matches, is greater than, or is less than the specified value.
    • contents tests if contents in the file match the value specified in a regular expression.
    • path retrieves path to file
  • Directory resource
    • owner tests if the owner of the file matches the specified value.
    • group tests if the group to which a file belongs matches the specified value.
    • size tests if a file’s size matches, is greater than, or is less than the specified value.
    • contents tests if contents in the file match the value specified in a regular expression.
    • path retrieves path to directory
  • Users
    • exist tests if the named user exists
    • gid tests the group identifier
    • group tests the group to which the user belongs
    • groups tests two (or more) groups to which the user belongs
    • home tests the home directory path for the user
    • maxdays tests the maximum number of days between password changes
    • mindays tests the minimum number of days between password changes
    • shell tests the path to the default shell for the user
    • uid tests the user identifier
    • warndays tests the number of days a user is warned before a password must be changed
  • etc host allow/deny
    • daemon daemon returns a string containing the daemon that is allowed in the rule.
    • client_list client_list returns a 2d string array where each entry contains the clients specified for the rule.
    • options options returns a 2d string array where each entry contains any options specified for the rule.

Suggested Resources to start on (Hard):

  • etc shadow
    • users A list of strings, representing the usernames matched by the filter
    • passwords A list of strings, representing the encrypted password strings for entries matched by the where filter. Each string may not be an encrypted password, but rather a * or similar which indicates that direct logins are not allowed.
    • last_changes A list of integers, indicating the number of days since Jan 1 1970 since the password for each matching entry was changed.
    • min_days A list of integers reflecting the minimum number of days a password must exist, before it may be changed, for the users that matched the filter.
    • max_days A list of integers reflecting the maximum number of days after which the password must be changed for each user matching the filter.
    • warn_days A list of integers reflecting the number of days a user is warned about an expiring password for each user matching the filter.
    • inactive_days A list of integers reflecting the number of days a user must be inactive before the user account is disabled for each user matching the filter.
    • expiry_dates A list of integers reflecting the number of days since Jan 1 1970 that a user account has been disabled, for each user matching the filter. Value is nil if the account has not expired.
    • count The count property tests the number of records that the filter matched.
  • etc fstab
    • device_name is the name associated with the device.
    • mount_point is the directory at which the file system is configured to be mounted.
    • file_system_type is the type of file system of the device or partition.
    • mount_options is the options for the device or partition.
    • dump_options is a number used by dump to decide if a file system should be backed up.
    • file_system_options is a number that specifies the order the file system should be checked.
  • Tomcat server conf reader
    • parse_conf parse the conf file
    • fetch_connectors retrieves keys port, protocol, timeout, redirect, sslprotocol, scheme, sslenable, clientauth, secure