Closed parryb closed 1 year ago
tom-krieger
commented
1 year ago Your changes break the unit tests. Please make sure that a pdk validate and a pdk test unit runs without issues. You can see the issues clicking on the Travis CI details. Please fix these issues and make sure to understand why the unit tests are breaking. Just rewriting them is not a good idea.
tom-krieger
commented
1 year ago I close this PR. The code I move into my branch and fix the unit tests.
parryb
commented
1 year ago Hi Tom,
Sorry I have been looking into trying to fix the unit tests. I thought I had fixed it by adding the line into the test but that didn't work. I'm new to these test I'd be interested in how you fixed it.
On Sun, 13 Nov 2022, 09:15 Thomas Krieger, @.***> wrote:
I close this PR. The code I move into my branch and fix the unit tests.
— Reply to this email directly, view it on GitHub https://github.com/tom-krieger/cis_security_hardening/pull/38#issuecomment-1312681759, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABUZOX6L5Z4LILS7D5XGI6TWICWSXANCNFSM6AAAAAARWVZMIA . You are receiving this because you authored the thread.Message ID: @.***>
tom-krieger
commented
1 year ago Hi Parry, no problem. Just have a look into the main branch. I added your code there but I didn't use a type. The Enum is ok to use in the class. The unit test I just iterate through the possible permitrootlogin options.
The sshd parameter PermitRootLog is set to no in the CIS rules. I have added the ability to specify to all valid options (yes, prohibit-password, without-password, forced-commands-only, no) included a type checker to ensure valid input. This is common relaxation of CIS rules to allow ssh login by root using public key but enables the user to choose the level desired.