dev-sec · chris-rock · Sep 19, 2019 · Jul 16, 2019
diff --git a/controls/os_spec.rb b/controls/os_spec.rb
@@ -17,11 +17,11 @@
 # author: Dominik Richter
 # author: Patrick Muench
 
-login_defs_umask = attribute('login_defs_umask', default: os.redhat? ? '077' : '027', description: 'Default umask to set in login.defs')
+login_defs_umask = attribute('login_defs_umask', value: os.redhat? ? '077' : '027', description: 'Default umask to set in login.defs')
 
-login_defs_passmaxdays = attribute('login_defs_passmaxdays', default: '60', description: 'Default password maxdays to set in login.defs')
-login_defs_passmindays = attribute('login_defs_passmindays', default: '7', description: 'Default password mindays to set in login.defs')
-login_defs_passwarnage = attribute('login_defs_passwarnage', default: '7', description: 'Default password warnage (days) to set in login.defs')
+login_defs_passmaxdays = attribute('login_defs_passmaxdays', value: '60', description: 'Default password maxdays to set in login.defs')
+login_defs_passmindays = attribute('login_defs_passmindays', value: '7', description: 'Default password mindays to set in login.defs')
+login_defs_passwarnage = attribute('login_defs_passwarnage', value: '7', description: 'Default password warnage (days) to set in login.defs')
 
 shadow_group = 'root'
 shadow_group = 'shadow' if os.debian? || os.suse? || os.name == 'alpine'
@@ -33,7 +33,7 @@
 
 blacklist = attribute(
   'blacklist',
-  default: suid_blacklist.default,
+  value: suid_blacklist.default,
   description: 'blacklist of suid/sgid program on system'
 )
 

diff --git a/controls/package_spec.rb b/controls/package_spec.rb
@@ -17,7 +17,7 @@
 # author: Dominik Richter
 # author: Patrick Muench
 
-val_syslog_pkg = attribute('syslog_pkg', default: 'rsyslog', description: 'syslog package to ensure present (default: rsyslog, alternative: syslog-ng...')
+val_syslog_pkg = attribute('syslog_pkg', value: 'rsyslog', description: 'syslog package to ensure present (default: rsyslog, alternative: syslog-ng...')
 container_execution = begin
                         virtualization.role == 'guest' && virtualization.system =~ /^(lxc|docker)$/
                       rescue NoMethodError

diff --git a/controls/sysctl_spec.rb b/controls/sysctl_spec.rb
@@ -17,8 +17,8 @@
 # author: Dominik Richter
 # author: Patrick Muench
 
-sysctl_forwarding = attribute('sysctl_forwarding', default: false, description: 'Is network forwarding needed?')
-kernel_modules_disabled = attribute('kernel_modules_disabled', default: 0, description: 'Should loading of kernel modules be disabled?')
+sysctl_forwarding = attribute('sysctl_forwarding', value: false, description: 'Is network forwarding needed?')
+kernel_modules_disabled = attribute('kernel_modules_disabled', value: 0, description: 'Should loading of kernel modules be disabled?')
 container_execution = begin
                         virtualization.role == 'guest' && virtualization.system =~ /^(lxc|docker)$/
                       rescue NoMethodError