Skip to content
Snippets Groups Projects
Select Git revision
  • fe3fa288c801fcf90f99012da47ae3318d145478
  • master default protected
2 results

css3-flexbox.md

Blame
  • Code owners
    Assign users and groups as approvers for specific file changes. Learn more.
    freeradius_spec.rb 14.17 KiB
    require 'spec_helper'
    
    describe 'freeradius' do
      on_supported_os.each do |os, os_facts|
        context "on #{os}" do
          include_context 'redhat_params'
    
          let(:facts) { os_facts }
    
          # Empty params hash by default so we can super().merge
          let(:params) { {} }
    
          it do
            is_expected.to contain_file('radiusd.conf')
              .with(
                'group'  => 'radiusd',
                'mode'   => '0644',
                'path'   => '/etc/raddb/radiusd.conf',
                'notify' => 'Service[radiusd]',
                'owner'  => 'root',
              )
              .that_requires('Package[freeradius]')
              .that_requires('Group[radiusd]')
          end
    
          it do
            [
              '/etc/raddb/statusclients.d',
              '/etc/raddb',
              '/etc/raddb/conf.d',
              '/etc/raddb/attr.d',
              '/etc/raddb/users.d',
              '/etc/raddb/policy.d',
              '/etc/raddb/dictionary.d',
              '/etc/raddb/scripts',
              '/etc/raddb/mods-config',
              '/etc/raddb/mods-config/attr_filter',
              '/etc/raddb/mods-config/preprocess',
              '/etc/raddb/mods-config/sql',
              '/etc/raddb/sites-available',
              '/etc/raddb/mods-available',
            ].each do |file|
              is_expected.to contain_file(file)
                .with(
                  'ensure'  => 'directory',
                  'group'   => 'radiusd',
                  'mode'    => '0755',
                  'notify'  => 'Service[radiusd]',
                  'owner'   => 'root',
                )
                .that_requires('Package[freeradius]')
                .that_requires('Group[radiusd]')
            end
          end
    
          it do
            [
              '/etc/raddb/certs',
              '/etc/raddb/clients.d',
              '/etc/raddb/listen.d',
              '/etc/raddb/sites-enabled',
              '/etc/raddb/instantiate'
            ].each do |file|
              is_expected.to contain_file(file)
                .with(
                  'ensure'  => 'directory',
                  'group'   => 'radiusd',
                  'mode'    => '0755',
                  'notify'  => 'Service[radiusd]',
                  'owner'   => 'root',
                  'purge'   => 'true',
                  'recurse' => 'true',
                )
                .that_requires('Package[freeradius]')
                .that_requires('Group[radiusd]')
            end
          end
    
          it do
            is_expected.to contain_concat('/etc/raddb/policy.conf')
              .with(
                'group'   => 'radiusd',
                'mode'    => '0640',
                'notify'  => 'Service[radiusd]',
                'owner'   => 'root',
              )
              .that_requires('Package[freeradius]')
              .that_requires('Group[radiusd]')
          end
    
          it do
            is_expected.to contain_concat__fragment('policy_header')
              .with(
                'content' => 'policy {',
                'order'   => '10',
                'target'  => '/etc/raddb/policy.conf'
              )
          end
    
          it do
            is_expected.to contain_concat__fragment('policy_footer')
              .with(
                'content' => '}',
                'order'   => '99',
                'target'  => '/etc/raddb/policy.conf'
              )
          end
    
          it do
            is_expected.to contain_concat('/etc/raddb/proxy.conf')
              .with(
                'group'   => 'radiusd',
                'mode'    => '0640',
                'notify'  => 'Service[radiusd]',
                'owner'   => 'root',
              )
              .that_requires('Package[freeradius]')
              .that_requires('Group[radiusd]')
          end
    
          it do
            is_expected.to contain_concat__fragment('proxy_header')
              .with(
                'content' => "# Proxy config\n",
                'order'   => '05',
                'target'  => '/etc/raddb/proxy.conf'
              )
          end
    
          it do
            is_expected.to contain_concat('/etc/raddb/mods-available/attr_filter')
              .with(
                'group'   => 'radiusd',
                'mode'    => '0640',
                'notify'  => 'Service[radiusd]',
                'owner'   => 'root',
              )
              .that_requires('Package[freeradius]')
              .that_requires('Group[radiusd]')
          end
    
          it do
            is_expected.to contain_concat__fragment('attr-default')
              .with(
                'order'   => '10',
                'target'  => '/etc/raddb/mods-available/attr_filter'
              )
          end
    
          it do
            is_expected.to contain_concat('/etc/raddb/dictionary')
              .with(
                'group'   => 'radiusd',
                'mode'    => '0640',
                'owner'   => 'root',
              )
              .that_requires('Package[freeradius]')
              .that_requires('Group[radiusd]')
          end
    
          it do
            is_expected.to contain_concat__fragment('dictionary_header')
              .with(
                'order'  => '10',
                'source' => 'puppet:///modules/freeradius/dictionary.header',
                'target' => '/etc/raddb/dictionary'
              )
          end
    
          it do
            is_expected.to contain_concat__fragment('dictionary_footer')
              .with(
                'order'  => '90',
                'source' => 'puppet:///modules/freeradius/dictionary.footer',
                'target' => '/etc/raddb/dictionary'
              )
          end
    
          it do
            is_expected.to contain_package('freeradius')
              .with(
                'ensure' => 'installed',
                'name'   => 'freeradius'
              )
          end
    
          it do
            is_expected.to contain_service('radiusd')
              .with(
                'enable'     => 'true',
                'ensure'     => 'running',
                'hasrestart' => 'true',
                'hasstatus'  => 'true',
                'name'       => 'radiusd',
              )
              .that_requires('Package[freeradius]')
              .that_requires('User[radiusd]')
              .that_requires('Exec[radiusd-config-test]')
              .that_requires('File[radiusd.conf]')
          end
    
          it do
            is_expected.to contain_user('radiusd')
              .with(
                'ensure'  => 'present',
                'groups'  => nil,
              )
              .that_requires('Package[freeradius]')
          end
    
          context 'with winbind support' do
            let(:params) do
              {
                winbind_support: true,
              }
            end
    
            it do
              is_expected.to contain_user('radiusd')
                .with(
                  'groups'  => 'wbpriv',
                )
            end
          end
    
          it do
            is_expected.to contain_group('radiusd')
              .with(
                'ensure'  => 'present',
              )
              .that_requires('Package[freeradius]')
          end
    
          it do
            is_expected.to contain_freeradius__module('always')
              .with(      )
          end
    
          it do
            is_expected.to contain_freeradius__module('detail')
              .with(      )
          end
    
          it do
            is_expected.to contain_freeradius__module('detail.log')
              .with(      )
          end
    
          it do
            [
              '/var/log/radius',
              '/var/log/radius/radacct'
            ].each do |file|
              is_expected.to contain_file(file)
                .with(
                  'mode'    => '0750',
                  'owner' => 'radiusd',
                  'group' => 'radiusd',
                )
                .that_requires('Package[freeradius]')
            end
          end
    
          it do
            is_expected.to contain_file('/var/log/radius/radius.log')
              .with(
                'group'   => 'radiusd',
                'owner'   => 'radiusd',
                'seltype' => 'radiusd_log_t'
              )
              .that_requires('Package[freeradius]')
              .that_requires('User[radiusd]')
              .that_requires('Group[radiusd]')
          end
    
          it do
            is_expected.to contain_logrotate__rule('radacct')
              .with(
                'compress'      => 'true',
                'create'        => 'false',
                'missingok'     => 'true',
                'path'          => '/var/log/radius/radacct/*/*.log',
                'postrotate'    => 'kill -HUP `cat /var/run/radiusd/radiusd.pid`',
                'rotate'        => '7',
                'rotate_every'  => 'day',
                'sharedscripts' => 'true'
              )
          end
    
          it do
            is_expected.to contain_logrotate__rule('checkrad')
              .with(
                'compress'      => 'true',
                'create'        => 'true',
                'missingok'     => 'true',
                'path'          => '/var/log/radius/checkrad.log',
                'postrotate'    => 'kill -HUP `cat /var/run/radiusd/radiusd.pid`',
                'rotate'        => '1',
                'rotate_every'  => 'week',
                'sharedscripts' => 'true'
              )
          end
    
          it do
            is_expected.to contain_logrotate__rule('radiusd')
              .with(
                'compress'      => 'true',
                'create'        => 'true',
                'missingok'     => 'true',
                'path'          => '/var/log/radius/radius*.log',
                'postrotate'    => 'kill -HUP `cat /var/run/radiusd/radiusd.pid`',
                'rotate'        => '26',
                'rotate_every'  => 'week',
                'sharedscripts' => 'true'
              )
          end
    
          it do
            [
              '/etc/raddb/certs/dh',
              '/etc/raddb/certs/random'
            ].each do |file|
              is_expected.to contain_file(file)
                .with(
                )
                .that_requires('Exec[dh]')
                .that_requires('Exec[random]')
            end
          end
    
          it do
            is_expected.to contain_exec('dh')
              .with(
                'command' => 'openssl dhparam -out /etc/raddb/certs/dh 1024',
                'creates' => '/etc/raddb/certs/dh',
                'path'    => '/usr/bin',
              )
              .that_requires('File[/etc/raddb/certs]')
          end
    
          it do
            is_expected.to contain_exec('random')
              .with(
                'command' => 'dd if=/dev/urandom of=/etc/raddb/certs/random count=10 >/dev/null 2>&1',
                'creates' => '/etc/raddb/certs/random',
                'path'    => '/bin',
              )
              .that_requires('File[/etc/raddb/certs]')
          end
    
          it do
            is_expected.to contain_exec('radiusd-config-test')
              .with(
                'command'     => 'sudo radiusd -XC | grep \'Configuration appears to be OK.\' | wc -l',
                'logoutput'   => 'on_failure',
                'path'        => ['/bin/', '/sbin/', '/usr/bin/', '/usr/sbin/'],
                'refreshonly' => 'true',
                'returns'     => '0'
              )
          end
    
          it do
            [
              '/etc/raddb/clients.conf',
              '/etc/raddb/sql.conf',
            ].each do |file|
              is_expected.to contain_file(file)
                .with(
                  'content' => "# FILE INTENTIONALLY BLANK\n",
                  'group'   => 'radiusd',
                  'mode'    => '0644',
                  'notify'  => 'Service[radiusd]',
                  'owner'   => 'root',
                )
                .that_requires('Package[freeradius]')
                .that_requires('Group[radiusd]')
            end
          end
    
          context 'with mysql' do
            let(:params) do
              super().merge(
                'mysql_support' => true,
              )
            end
    
            it do
              is_expected.to contain_package('freeradius-mysql')
                .with(
                  'ensure' => 'installed'
                )
            end
          end
    
          context 'with pgsql' do
            let(:params) do
              super().merge(
                'pgsql_support' => true,
              )
            end
    
            it do
              is_expected.to contain_package('freeradius-postgresql')
                .with(
                  'ensure' => 'installed'
                )
            end
          end
    
          context 'with perl' do
            let(:params) do
              super().merge(
                'perl_support' => true,
              )
            end
    
            it do
              is_expected.to contain_package('freeradius-perl')
                .with(
                  'ensure' => 'installed'
                )
            end
          end
    
          context 'with utils' do
            let(:params) do
              super().merge(
                'utils_support' => true,
              )
            end
    
            it do
              is_expected.to contain_package('freeradius-utils')
                .with(
                  'ensure' => 'installed'
                )
            end
          end
    
          context 'with ldap' do
            let(:params) do
              super().merge(
                'ldap_support' => true,
              )
            end
    
            it do
              is_expected.to contain_package('freeradius-ldap')
                .with(
                  'ensure' => 'installed'
                )
            end
          end
    
          context 'with dhcp' do
            let(:params) do
              super().merge(
                'dhcp_support' => true,
              )
            end
    
            it do
              is_expected.to contain_package('freeradius-dhcp')
                .with(
                  'ensure' => 'installed'
                )
            end
          end
    
          context 'with krb5' do
            let(:params) do
              super().merge(
                'krb5_support' => true,
              )
            end
    
            it do
              is_expected.to contain_package('freeradius-krb5')
                .with(
                  'ensure' => 'installed'
                )
            end
          end
    
          context 'with wpa_supplicant' do
            let(:params) do
              super().merge(
                'wpa_supplicant' => true,
              )
            end
    
            it do
              is_expected.to contain_package('wpa_supplicant')
                .with(
                  'ensure' => 'installed',
                  'name'   => 'wpa_supplicant'
                )
              end
          end
    
          context 'with syslog' do
            let(:params) do
              super().merge(
                'syslog' => true,
              )
            end
    
            it do
              is_expected.to contain_rsyslog__snippet('12-radiusd-log')
                .with(
                  'content' => %r{^if \$programname == \'radiusd\' then /var/log/radius/radius.log},
                )
            end
          end
    
          case os_facts[:osfamily]
          when 'Redhat'
            it do
              is_expected.to contain_exec('delete-radius-rpmnew')
                .with(
                  'command' => 'find /etc/raddb -name *.rpmnew -delete',
                  'onlyif'  => 'find /etc/raddb -name *.rpmnew | grep rpmnew',
                  'path'    => ['/bin/', '/sbin/', '/usr/bin/', '/usr/sbin/'],
                )
            end
    
            it do
              is_expected.to contain_exec('delete-radius-rpmsave')
                .with(
                  'command' => 'find /etc/raddb -name *.rpmsave -delete',
                  'onlyif'  => 'find /etc/raddb -name *.rpmsave | grep rpmsave',
                  'path'    => ['/bin/', '/sbin/', '/usr/bin/', '/usr/sbin/'],
                )
            end
          end
        end
      end
    end