Unexpected nil authentication with inspec exec -t and WinRM
#1901
Labels
Type: Bug
Feature not working as expected
Comments
arlimus
added a commit
that referenced
this issue
Jun 11, 2017
Due to limitations in Thor it is not possible to set an argument to be both optional and its value to be mandatory. E.g. the user supplying the --password argument is optional and not always required, but whenever it is used, it requires a value. Handle options that were defined with mandatory values in a way that fails with an `ArgumentError` if the value is missing, i.e.: ``` > inspec exec examples/profile --password ArgumentError: Please provide a value for --password. For example: --password=hello. ``` It works without `--password` or with `--password=arg`. Also handled for `--sudo-password`. Fixes: #1901 As suggested: #1904
arlimus
added a commit
that referenced
this issue
Jun 11, 2017
Due to limitations in Thor it is not possible to set an argument to be both optional and its value to be mandatory. E.g. the user supplying the --password argument is optional and not always required, but whenever it is used, it requires a value. Handle options that were defined with mandatory values in a way that fails with an `ArgumentError` if the value is missing, i.e.: ``` > inspec exec examples/profile --password ArgumentError: Please provide a value for --password. For example: --password=hello. ``` It works without `--password` or with `--password=arg`. Also handled for `--sudo-password`. Fixes: #1901 As suggested: #1904 Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
arlimus
added a commit
that referenced
this issue
Jun 11, 2017
Due to limitations in Thor it is not possible to set an argument to be both optional and its value to be mandatory. E.g. the user supplying the --password argument is optional and not always required, but whenever it is used, it requires a value. Handle options that were defined with mandatory values in a way that fails with an `ArgumentError` if the value is missing, i.e.: ``` > inspec exec examples/profile --password ArgumentError: Please provide a value for --password. For example: --password=hello. ``` It works without `--password` or with `--password=arg`. Also handled for `--sudo-password`. Fixes: #1901 As suggested: #1904 Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
adamleff
pushed a commit
that referenced
this issue
Jun 12, 2017
Due to limitations in Thor it is not possible to set an argument to be both optional and its value to be mandatory. E.g. the user supplying the --password argument is optional and not always required, but whenever it is used, it requires a value. Handle options that were defined with mandatory values in a way that fails with an `ArgumentError` if the value is missing, i.e.: ``` > inspec exec examples/profile --password ArgumentError: Please provide a value for --password. For example: --password=hello. ``` It works without `--password` or with `--password=arg`. Also handled for `--sudo-password`. Fixes: #1901 As suggested: #1904 Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Description
When running
inspec exec foo -t winrm://user@some.host.com --passwordand not specifying a password, the user is not warned that a one is required. Instead, InSpec performs an auth with anilpassword thus causing the account to become locked out.Possible Solutions
Prompt the user with a warning to prevent unexpected lock outs.
The text was updated successfully, but these errors were encountered: