3 describe 'apache::mod::security', :type => :class do
8 context "on RedHat based systems" do
11 :osfamily => 'RedHat',
12 :operatingsystem => 'CentOS',
13 :operatingsystemrelease => '7',
16 :concat_basedir => '/',
17 :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin',
21 it { should contain_apache__mod('security').with(
22 :id => 'security2_module',
23 :lib => 'mod_security2.so'
25 it { should contain_apache__mod('unique_id_module').with(
26 :id => 'unique_id_module',
27 :lib => 'mod_unique_id.so'
29 it { should contain_package('mod_security_crs') }
30 it { should contain_file('security.conf').with(
31 :path => '/etc/httpd/conf.d/security.conf'
33 it { should contain_file('/etc/httpd/modsecurity.d').with(
34 :ensure => 'directory',
35 :path => '/etc/httpd/modsecurity.d',
39 it { should contain_file('/etc/httpd/modsecurity.d/activated_rules').with(
40 :ensure => 'directory',
41 :path => '/etc/httpd/modsecurity.d/activated_rules',
45 it { should contain_file('/etc/httpd/modsecurity.d/security_crs.conf').with(
46 :path => '/etc/httpd/modsecurity.d/security_crs.conf'
48 it { should contain_apache__security__rule_link('base_rules/modsecurity_35_bad_robots.data') }
51 context "on Debian based systems" do
54 :osfamily => 'Debian',
55 :operatingsystem => 'Debian',
56 :operatingsystemrelease => '6',
57 :concat_basedir => '/',
58 :lsbdistcodename => 'squeeze',
60 :path => '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin',
65 it { should contain_apache__mod('security').with(
66 :id => 'security2_module',
67 :lib => 'mod_security2.so'
69 it { should contain_apache__mod('unique_id_module').with(
70 :id => 'unique_id_module',
71 :lib => 'mod_unique_id.so'
73 it { should contain_package('modsecurity-crs') }
74 it { should contain_file('security.conf').with(
75 :path => '/etc/apache2/mods-available/security.conf'
77 it { should contain_file('/etc/modsecurity').with(
78 :ensure => 'directory',
79 :path => '/etc/modsecurity',
83 it { should contain_file('/etc/modsecurity/activated_rules').with(
84 :ensure => 'directory',
85 :path => '/etc/modsecurity/activated_rules',
89 it { should contain_file('/etc/modsecurity/security_crs.conf').with(
90 :path => '/etc/modsecurity/security_crs.conf'
92 it { should contain_apache__security__rule_link('base_rules/modsecurity_35_bad_robots.data') }