Update the reporting / check to be more clear

[aaronlippold]

I have to read this twice every time ... we should make this more clear

We expect to have at least one defined permission ...

"The audit rules for file #{file} must have defined permissions"

failure_message: "No permissions were defied in the audit rules for file #{file}"

I think this would be a good place to use the expect syntax so we can over ride the default fail message and pass message to make things much more understandable.

bad_users = inspec.shadow.where { password != "*" && password != "!" && password !~ /\$6\$/ }.users

describe 'Password hashes in /etc/shadow' do
  it 'should only contain SHA512 hashes' do
    failure_message = "Users without SHA512 hashes: #{bad_users.join(', ')}"
    expect(bad_users).to be_empty, failure_message
  end
end

× V-72191: All uses of the insmod command must be audited. (1 failed) × Auditd Rules with file == "/sbin/insmod" permissions should not cmp == []

 expected it not to be == []
      got: []

 (compared using `cmp` matcher)

 ✔  Auditd Rules with file == "/sbin/insmod" action should not include "never"

× V-72193: All uses of the rmmod command must be audited. (1 failed) × Auditd Rules with file == "/sbin/rmmod" permissions should not cmp == []

 expected it not to be == []
      got: []

 (compared using `cmp` matcher)

 ✔  Auditd Rules with file == "/sbin/rmmod" action should not include "never"

× V-72195: All uses of the modprobe command must be audited. (1 failed) × Auditd Rules with file == "/sbin/modprobe" permissions should not cmp == []

 expected it not to be == []
      got: []

 (compared using `cmp` matcher)