Uses netstat to detect open ports on AIX #2210
Conversation
cattywampus
changed the title
|
@cattywampus how are you feeling on this PR? Is this ready for review now? I hesitated to review since I knew it was a WIP, and then I was traveling so I never got back around to looking more deeply in it. Also, can you rebase / force push your branch up again so Travis will re-test? There was a period where Travis wasn't testing things because of a misconfiguration, and it appears this is one of them. |
Signed-off-by: Keith Walters <keith.walters@cattywamp.us>
Signed-off-by: Keith Walters <keith.walters@cattywamp.us>
|
@adamleff It's ready to be run through the gauntlet. Rebased and Travis is now passing. Yay! |
There was a problem hiding this comment.
@cattywampus this looks solid! I don't know enough about AIX to say this is a good approach, but the code looks great and matches the style of the rest of this resource. Thank you for your contribution!
There was a problem hiding this comment.
Wow this looks great @cattywampus thank you so much for adding it!! 😁
Related to Issue #1936 - The
lsofcommand is only provided in the AIX expansion pack so not all systems may have it installed. However netstat is available, but in true AIX fashion the command line arguments and output is not consistent with the Linux flavor ofnetstat.This PR creates a dedicated
AixPortsimplementation that defers to using netstat as the default port scanner for AIX and falls back tolsofif necessary. The implementation of this differs from theLinuxPortsnetstat parser because:Disclaimer: I am by no means an AIX expert. I pieced this solution together based on this blog post. I am completely open to changing any of this to make it better. All feedback welcome.
I created some mocked unit tests for aix and the port resource. I have also tested this by using
bin/inspec execwith aportcontrol pointing to a real AIX 7.1 server. Let me know if there is additional tests that need to be written to cover these changes.