From a3d98074c4e22fbeee962feccf6b3d91510fd317 Mon Sep 17 00:00:00 2001
From: Artem Sidorenko <artem@posteo.de>
Date: Mon, 13 Feb 2017 19:28:42 +0100
Subject: [PATCH 1/2] Update of Gemfile, bringing it to the same state

like in chef-ssh-hardening
---
 Gemfile | 33 +++++++++++----------------------
 1 file changed, 11 insertions(+), 22 deletions(-)

diff --git a/Gemfile b/Gemfile
index 4f95bc69..ccefd382 100644
--- a/Gemfile
+++ b/Gemfile
@@ -2,43 +2,32 @@
 
 source 'https://rubygems.org'
 
-gem 'berkshelf',  '~> 4.0'
-gem 'chef',       '>= 12.0'
-gem 'inspec', '~> 0.9'
-
-# pin dependency for Ruby 1.9.3 since bundler is not
-# detecting that net-ssh 3 does not work with 1.9.3
-if Gem::Version.new(RUBY_VERSION) <= Gem::Version.new('1.9.3')
-  gem 'net-ssh', '~> 2.9'
-end
+gem 'berkshelf', '~> 5.3'
+gem 'chef', '~> 12.5'
 
 group :test do
+  gem 'chefspec', '~> 5.3.0'
+  gem 'coveralls', require: false
+  gem 'foodcritic', '~> 6.0'
   gem 'rake'
-  gem 'chefspec',   '~> 4.2.0'
-  gem 'foodcritic', '~> 6.3'
-  gem 'rubocop',    '~> 0.43.0'
-  gem 'coveralls',  require: false
-  gem 'bundler', '~> 1.5'
-  gem 'minitest', '~> 5.5'
+  gem 'rubocop', '~> 0.46.0'
   gem 'simplecov', '~> 0.10'
 end
 
 group :development do
   gem 'guard'
+  gem 'guard-foodcritic', '~>2.1'
   gem 'guard-rspec'
-  # gem 'guard-kitchen' # guard-kitchen is not compatable with Guard 2.x
   gem 'guard-rubocop'
-  gem 'guard-foodcritic'
 end
 
 group :integration do
-  gem 'test-kitchen', '~> 1.0'
-  gem 'kitchen-vagrant'
   gem 'kitchen-dokken'
-  gem 'kitchen-inspec', '~> 0.9'
-  gem 'concurrent-ruby', '~> 0.9'
+  gem 'kitchen-inspec'
+  gem 'kitchen-vagrant'
+  gem 'test-kitchen', '~> 1.0'
 end
 
 group :tools do
-  gem 'github_changelog_generator', '~> 1'
+  gem 'github_changelog_generator', '~> 1.12.0'
 end

From 891adffd6367d7ee6e99015bf766cb5ff030a7ca Mon Sep 17 00:00:00 2001
From: Artem Sidorenko <artem@posteo.de>
Date: Mon, 13 Feb 2017 19:41:06 +0100
Subject: [PATCH 2/2] Making rubocop and foodcritic happy

---
 libraries/gpgcheck.rb | 12 ++++++------
 recipes/suid_sgid.rb  |  7 +++++--
 2 files changed, 11 insertions(+), 8 deletions(-)

diff --git a/libraries/gpgcheck.rb b/libraries/gpgcheck.rb
index 8834cb54..f8043f8c 100644
--- a/libraries/gpgcheck.rb
+++ b/libraries/gpgcheck.rb
@@ -25,12 +25,12 @@ class GPGCheck
       def self.check(file)
         pattern = /gpgcheck\s*=\s*0/
 
-        if File.file?(file)
-          File.open(file) do |f|
-            f.each_line do |line|
-              next unless pattern.match(line)
-              Chef::Log.warn file + ': gpgcheck=1 not properly configured'
-            end
+        return unless File.file?(file)
+
+        File.open(file) do |f|
+          f.each_line do |line|
+            next unless pattern.match(line)
+            Chef::Log.warn file + ': gpgcheck=1 not properly configured'
           end
         end
       end
diff --git a/recipes/suid_sgid.rb b/recipes/suid_sgid.rb
index 9ddb08d3..afe87d7b 100644
--- a/recipes/suid_sgid.rb
+++ b/recipes/suid_sgid.rb
@@ -44,5 +44,8 @@
   block do
     SuidSgid.remove_suid_sgid_from_unknown(whitelist, root, dry_run)
   end
-end if node['os-hardening']['security']['suid_sgid']['remove_from_unknown'] ||
-       node['os-hardening']['security']['suid_sgid']['dry_run_on_unknown']
+  only_if do
+    node['os-hardening']['security']['suid_sgid']['remove_from_unknown'] ||
+      node['os-hardening']['security']['suid_sgid']['dry_run_on_unknown']
+  end
+end