You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
With 1.3.0 InSpec release, file mode checks now fail for /etc/passwd and /etc/shadow
on CentOS despite correct values on filesystem. Tests report "Invalid usergroup/owner
provided".
✖ os-02: Check owner and permissions for /etc/shadow (5 failed)
...
Invalid usergroup/owner provided
...
✖ os-03: Check owner and permissions for /etc/passwd (7 failed)
...
Invalid usergroup/owner provided
...
[centos etc]$ ls -l passwd shadow
-rw-r--r--. 1 root root 2097 Oct 31 17:18 passwd
-rw-------. 1 root root 931 Oct 31 17:14 shadow
InSpec and Platform Version
InSpec 1.3.0 and CentOS 7.2
Replication Case
Possible Solutions
Stacktrace
Relevant snippet from InSpec output included below:
✖ os-02: Check owner and permissions for /etc/shadow (5 failed)
✖ File /etc/shadow should not be executable
Invalid usergroup/owner provided
✖ File /etc/shadow should be writable by owner
Invalid usergroup/owner provided
✖ File /etc/shadow should be readable by owner
Invalid usergroup/owner provided
✖ File /etc/shadow should not be readable by group
Invalid usergroup/owner provided
✖ File /etc/shadow should not be readable by other
Invalid usergroup/owner provided
✔ File /etc/shadow should exist
✔ File /etc/shadow should be file
✔ File /etc/shadow should be owned by "root"
✔ File /etc/shadow group should eq "root"
✖ os-03: Check owner and permissions for /etc/passwd (7 failed)
✖ File /etc/passwd should not be executable
Invalid usergroup/owner provided
✖ File /etc/passwd should be writable by owner
Invalid usergroup/owner provided
✖ File /etc/passwd should not be writable by group
Invalid usergroup/owner provided
✖ File /etc/passwd should not be writable by other
Invalid usergroup/owner provided
✖ File /etc/passwd should be readable by owner
Invalid usergroup/owner provided
✖ File /etc/passwd should be readable by group
Invalid usergroup/owner provided
✖ File /etc/passwd should be readable by other
Invalid usergroup/owner provided
✔ File /etc/passwd should exist
✔ File /etc/passwd should be file
✔ File /etc/passwd should be owned by "root"
✔ File /etc/passwd group should eq "root"
The text was updated successfully, but these errors were encountered:
Description
With 1.3.0 InSpec release, file mode checks now fail for /etc/passwd and /etc/shadow
on CentOS despite correct values on filesystem. Tests report "Invalid usergroup/owner
provided".
✖ os-02: Check owner and permissions for /etc/shadow (5 failed)
...
Invalid usergroup/owner provided
...
✖ os-03: Check owner and permissions for /etc/passwd (7 failed)
...
Invalid usergroup/owner provided
...
[centos etc]$ ls -l passwd shadow
-rw-r--r--. 1 root root 2097 Oct 31 17:18 passwd
-rw-------. 1 root root 931 Oct 31 17:14 shadow
InSpec and Platform Version
InSpec 1.3.0 and CentOS 7.2
Replication Case
Possible Solutions
Stacktrace
Relevant snippet from InSpec output included below:
✖ os-02: Check owner and permissions for /etc/shadow (5 failed)
✖ File /etc/shadow should not be executable
Invalid usergroup/owner provided
✖ File /etc/shadow should be writable by owner
Invalid usergroup/owner provided
✖ File /etc/shadow should be readable by owner
Invalid usergroup/owner provided
✖ File /etc/shadow should not be readable by group
Invalid usergroup/owner provided
✖ File /etc/shadow should not be readable by other
Invalid usergroup/owner provided
✔ File /etc/shadow should exist
✔ File /etc/shadow should be file
✔ File /etc/shadow should be owned by "root"
✔ File /etc/shadow group should eq "root"
✖ os-03: Check owner and permissions for /etc/passwd (7 failed)
✖ File /etc/passwd should not be executable
Invalid usergroup/owner provided
✖ File /etc/passwd should be writable by owner
Invalid usergroup/owner provided
✖ File /etc/passwd should not be writable by group
Invalid usergroup/owner provided
✖ File /etc/passwd should not be writable by other
Invalid usergroup/owner provided
✖ File /etc/passwd should be readable by owner
Invalid usergroup/owner provided
✖ File /etc/passwd should be readable by group
Invalid usergroup/owner provided
✖ File /etc/passwd should be readable by other
Invalid usergroup/owner provided
✔ File /etc/passwd should exist
✔ File /etc/passwd should be file
✔ File /etc/passwd should be owned by "root"
✔ File /etc/passwd group should eq "root"
The text was updated successfully, but these errors were encountered: