diff --git a/bosh-stemcell/spec/os_image/ubuntu_spec.rb b/bosh-stemcell/spec/os_image/ubuntu_spec.rb index 29c07fff84..0b4b40d428 100644 --- a/bosh-stemcell/spec/os_image/ubuntu_spec.rb +++ b/bosh-stemcell/spec/os_image/ubuntu_spec.rb @@ -333,37 +333,37 @@ describe "allowed user accounts" do describe file("/etc/passwd") do its(:content) { should eql(<<~HERE) } - root:x:0:0:root:/root:/bin/bash - daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin - bin:x:2:2:bin:/bin:/usr/sbin/nologin - sys:x:3:3:sys:/dev:/usr/sbin/nologin - sync:x:4:65534:sync:/bin:/bin/sync - games:x:5:60:games:/usr/games:/usr/sbin/nologin - man:x:6:12:man:/var/cache/man:/usr/sbin/nologin - lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin - mail:x:8:8:mail:/var/mail:/usr/sbin/nologin - news:x:9:9:news:/var/spool/news:/usr/sbin/nologin - uucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin - proxy:x:13:13:proxy:/bin:/usr/sbin/nologin - www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin - backup:x:34:34:backup:/var/backups:/usr/sbin/nologin - list:x:38:38:Mailing List Manager:/var/list:/usr/sbin/nologin - irc:x:39:39:ircd:/run/ircd:/usr/sbin/nologin - _apt:x:42:65534::/nonexistent:/usr/sbin/nologin - nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin - systemd-network:x:998:998:systemd Network Management:/:/usr/sbin/nologin - systemd-timesync:x:996:996:systemd Time Synchronization:/:/usr/sbin/nologin - dhcpcd:x:100:65534:DHCP Client Daemon,,,:/usr/lib/dhcpcd:/bin/false + root:x:0:0:root:/root:/bin/bash + daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin + bin:x:2:2:bin:/bin:/usr/sbin/nologin + sys:x:3:3:sys:/dev:/usr/sbin/nologin + sync:x:4:65534:sync:/bin:/bin/sync + games:x:5:60:games:/usr/games:/usr/sbin/nologin + man:x:6:12:man:/var/cache/man:/usr/sbin/nologin + lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin + mail:x:8:8:mail:/var/mail:/usr/sbin/nologin + news:x:9:9:news:/var/spool/news:/usr/sbin/nologin + uucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin + proxy:x:13:13:proxy:/bin:/usr/sbin/nologin + www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin + backup:x:34:34:backup:/var/backups:/usr/sbin/nologin + list:x:38:38:Mailing List Manager:/var/list:/usr/sbin/nologin + irc:x:39:39:ircd:/run/ircd:/usr/sbin/nologin + _apt:x:42:65534::/nonexistent:/usr/sbin/nologin + nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin + systemd-network:x:998:998:systemd Network Management:/:/usr/sbin/nologin + systemd-timesync:x:996:996:systemd Time Synchronization:/:/usr/sbin/nologin + dhcpcd:x:100:65534:DHCP Client Daemon,,,:/usr/lib/dhcpcd:/bin/false messagebus:x:101:101::/nonexistent:/usr/sbin/nologin - syslog:x:102:102::/nonexistent:/usr/sbin/nologin - systemd-resolve:x:991:991:systemd Resolver:/:/usr/sbin/nologin - uuidd:x:103:104::/run/uuidd:/usr/sbin/nologin - _chrony:x:104:106:Chrony daemon,,,:/var/lib/chrony:/usr/sbin/nologin - _runit-log:x:999:990:Created by dh-sysuser for runit:/nonexistent:/usr/sbin/nologin - sshd:x:105:65534::/run/sshd:/usr/sbin/nologin + syslog:x:102:102::/nonexistent:/usr/sbin/nologin + systemd-resolve:x:991:991:systemd Resolver:/:/usr/sbin/nologin + uuidd:x:103:104::/run/uuidd:/usr/sbin/nologin + _chrony:x:104:106:Chrony daemon,,,:/var/lib/chrony:/usr/sbin/nologin + _runit-log:x:999:990:Created by dh-sysuser for runit:/nonexistent:/usr/sbin/nologin + sshd:x:105:65534::/run/sshd:/usr/sbin/nologin tcpdump:x:106:108::/nonexistent:/usr/sbin/nologin - polkitd:x:989:989:User for polkitd:/:/usr/sbin/nologin - vcap:x:1000:1000:BOSH System User:/home/vcap:/bin/bash + polkitd:x:989:989:User for polkitd:/:/usr/sbin/nologin + vcap:x:1000:1000:BOSH System User:/home/vcap:/bin/bash HERE end @@ -407,12 +407,12 @@ describe file("/etc/group") do its(:content) { should eql(<<~HERE) } - root:x:0: - daemon:x:1: - bin:x:2: - sys:x:3: - adm:x:4:vcap - tty:x:5:syslog + root:x:0: + daemon:x:1: + bin:x:2: + sys:x:3: + adm:x:4:vcap + tty:x:5:syslog disk:x:6: lp:x:7: mail:x:8: @@ -436,73 +436,73 @@ list:x:38: irc:x:39: src:x:40: - shadow:x:42: - utmp:x:43: - video:x:44:vcap - sasl:x:45: - plugdev:x:46:vcap - staff:x:50: - games:x:60: - users:x:100: - nogroup:x:65534: - systemd-journal:x:999: - systemd-network:x:998: - crontab:x:997: - systemd-timesync:x:996: - input:x:995: - sgx:x:994: - kvm:x:993: - render:x:992: + shadow:x:42: + utmp:x:43: + video:x:44:vcap + sasl:x:45: + plugdev:x:46:vcap + staff:x:50: + games:x:60: + users:x:100: + nogroup:x:65534: + systemd-journal:x:999: + systemd-network:x:998: + crontab:x:997: + systemd-timesync:x:996: + input:x:995: + sgx:x:994: + kvm:x:993: + render:x:992: messagebus:x:101: - syslog:x:102: - systemd-resolve:x:991: - netdev:x:103: - uuidd:x:104: - _ssh:x:105: - _chrony:x:106: - _runit-log:x:990: - rdma:x:107: + syslog:x:102: + systemd-resolve:x:991: + netdev:x:103: + uuidd:x:104: + _ssh:x:105: + _chrony:x:106: + _runit-log:x:990: + rdma:x:107: tcpdump:x:108: polkitd:x:989: - admin:x:988:vcap - vcap:x:1000:syslog - bosh_sshers:x:1001:vcap - bosh_sudoers:x:1002: + admin:x:988:vcap + vcap:x:1000:syslog + bosh_sshers:x:1001:vcap + bosh_sudoers:x:1002: HERE end describe file("/etc/gshadow") do its(:content) { should eql(<<~HERE) } - root:*:: - daemon:*:: - bin:*:: - sys:*:: - adm:*::vcap - tty:*::syslog - disk:*:: - lp:*:: - mail:*:: - news:*:: - uucp:*:: - man:*:: - proxy:*:: - kmem:*:: - dialout:*::vcap - fax:*:: - voice:*:: - cdrom:*::vcap - floppy:*::vcap - tape:*:: - sudo:*::vcap - audio:*::vcap - dip:*::vcap - www-data:*:: - backup:*:: - operator:*:: - list:*:: - irc:*:: - src:*:: - shadow:*:: + root:*:: + daemon:*:: + bin:*:: + sys:*:: + adm:*::vcap + tty:*::syslog + disk:*:: + lp:*:: + mail:*:: + news:*:: + uucp:*:: + man:*:: + proxy:*:: + kmem:*:: + dialout:*::vcap + fax:*:: + voice:*:: + cdrom:*::vcap + floppy:*::vcap + tape:*:: + sudo:*::vcap + audio:*::vcap + dip:*::vcap + www-data:*:: + backup:*:: + operator:*:: + list:*:: + irc:*:: + src:*:: + shadow:*:: utmp:*:: video:*::vcap sasl:*:: @@ -512,28 +512,28 @@ users:*:: nogroup:*:: systemd-journal:!*:: - systemd-network:!*:: - crontab:!*:: - systemd-timesync:!*:: - input:!*:: - sgx:!*:: - kvm:!*:: - render:!*:: - messagebus:!:: + systemd-network:!*:: + crontab:!*:: + systemd-timesync:!*:: + input:!*:: + sgx:!*:: + kvm:!*:: + render:!*:: + messagebus:!:: syslog:!:: systemd-resolve:!*:: - netdev:!:: - uuidd:!:: - _ssh:!:: + netdev:!:: + uuidd:!:: + _ssh:!:: _chrony:!:: _runit-log:!:: rdma:!:: tcpdump:!:: polkitd:!*:: - admin:!::vcap - vcap:!::syslog - bosh_sshers:!::vcap - bosh_sudoers:!:: + admin:!::vcap + vcap:!::syslog + bosh_sshers:!::vcap + bosh_sudoers:!:: HERE end end