From 6af302850f4692e0669faa65712784a0980774ea Mon Sep 17 00:00:00 2001 From: Bernd Worsch Date: Mon, 9 Mar 2026 16:43:55 +0000 Subject: [PATCH] chore: Goss verification reports 2026-03-09T164355Z --- reports/goss-Railiance01-2026-03-09.tap | 27 +++++++++++++++++++ .../goss-Railiance01-2026-03-09T164350Z.tap | 27 +++++++++++++++++++ 2 files changed, 54 insertions(+) create mode 100644 reports/goss-Railiance01-2026-03-09.tap create mode 100644 reports/goss-Railiance01-2026-03-09T164350Z.tap diff --git a/reports/goss-Railiance01-2026-03-09.tap b/reports/goss-Railiance01-2026-03-09.tap new file mode 100644 index 0000000..446817a --- /dev/null +++ b/reports/goss-Railiance01-2026-03-09.tap @@ -0,0 +1,27 @@ +1..26 +ok 1 - Command: grep NOPASSWD /etc/sudoers.d/tegwick: exit-status: matches expectation: 0 +ok 2 - Command: grep NOPASSWD /etc/sudoers.d/tegwick: stdout: matches expectation: ["NOPASSWD"] +ok 3 - Command: test -x /usr/local/bin/sops: exit-status: matches expectation: 0 +ok 4 - Package: fail2ban: installed: matches expectation: true +ok 5 - Command: test -x /usr/local/bin/age: exit-status: matches expectation: 0 +ok 6 - Command: grep -r HISTCONTROL /etc/profile.d/: exit-status: matches expectation: 0 +ok 7 - Command: grep -r HISTCONTROL /etc/profile.d/: stdout: matches expectation: ["ignorespace"] +ok 8 - Package: htop: installed: matches expectation: true +ok 9 - File: /etc/ssh/sshd_config.d/10-hardening.conf: exists: matches expectation: true +ok 10 - File: /etc/ssh/sshd_config.d/10-hardening.conf: contents: matches expectation: ["PermitRootLogin no","PasswordAuthentication no","PubkeyAuthentication yes"] +ok 11 - User: tegwick: exists: matches expectation: true +ok 12 - User: tegwick: shell: matches expectation: "/bin/bash" +ok 13 - Package: vim: installed: matches expectation: true +ok 14 - Package: git: installed: matches expectation: true +ok 15 - Service: ssh.socket: enabled: matches expectation: true +ok 16 - Service: ssh.socket: running: matches expectation: true +ok 17 - Package: ufw: installed: matches expectation: true +ok 18 - Package: curl: installed: matches expectation: true +ok 19 - Service: ufw: enabled: matches expectation: true +ok 20 - Service: ufw: running: matches expectation: true +ok 21 - Service: fail2ban: enabled: matches expectation: true +ok 22 - Service: fail2ban: running: matches expectation: true +ok 23 - Command: fail2ban-client status sshd: exit-status: matches expectation: 0 +ok 24 - Command: fail2ban-client status sshd: stdout: matches expectation: ["Status for the jail: sshd"] +ok 25 - Command: ufw status: exit-status: matches expectation: 0 +ok 26 - Command: ufw status: stdout: matches expectation: ["Status: active","/OpenSSH.*ALLOW/","/6443\\/tcp.*ALLOW/","/8472\\/udp.*ALLOW/"] \ No newline at end of file diff --git a/reports/goss-Railiance01-2026-03-09T164350Z.tap b/reports/goss-Railiance01-2026-03-09T164350Z.tap new file mode 100644 index 0000000..c88cbc2 --- /dev/null +++ b/reports/goss-Railiance01-2026-03-09T164350Z.tap @@ -0,0 +1,27 @@ +1..26 +ok 1 - Command: test -x /usr/local/bin/age: exit-status: matches expectation: 0 +ok 2 - Command: test -x /usr/local/bin/sops: exit-status: matches expectation: 0 +ok 3 - Package: ufw: installed: matches expectation: true +ok 4 - Package: htop: installed: matches expectation: true +ok 5 - Command: grep NOPASSWD /etc/sudoers.d/tegwick: exit-status: matches expectation: 0 +ok 6 - Command: grep NOPASSWD /etc/sudoers.d/tegwick: stdout: matches expectation: ["NOPASSWD"] +ok 7 - Command: grep -r HISTCONTROL /etc/profile.d/: exit-status: matches expectation: 0 +ok 8 - Command: grep -r HISTCONTROL /etc/profile.d/: stdout: matches expectation: ["ignorespace"] +ok 9 - File: /etc/ssh/sshd_config.d/10-hardening.conf: exists: matches expectation: true +ok 10 - File: /etc/ssh/sshd_config.d/10-hardening.conf: contents: matches expectation: ["PermitRootLogin no","PasswordAuthentication no","PubkeyAuthentication yes"] +ok 11 - User: tegwick: exists: matches expectation: true +ok 12 - User: tegwick: shell: matches expectation: "/bin/bash" +ok 13 - Package: fail2ban: installed: matches expectation: true +ok 14 - Service: ssh.socket: enabled: matches expectation: true +ok 15 - Service: ssh.socket: running: matches expectation: true +ok 16 - Package: curl: installed: matches expectation: true +ok 17 - Package: vim: installed: matches expectation: true +ok 18 - Service: ufw: enabled: matches expectation: true +ok 19 - Service: ufw: running: matches expectation: true +ok 20 - Service: fail2ban: enabled: matches expectation: true +ok 21 - Service: fail2ban: running: matches expectation: true +ok 22 - Package: git: installed: matches expectation: true +ok 23 - Command: ufw status: exit-status: matches expectation: 0 +ok 24 - Command: ufw status: stdout: matches expectation: ["Status: active","/OpenSSH.*ALLOW/","/6443\\/tcp.*ALLOW/","/8472\\/udp.*ALLOW/"] +ok 25 - Command: fail2ban-client status sshd: exit-status: matches expectation: 0 +ok 26 - Command: fail2ban-client status sshd: stdout: matches expectation: ["Status for the jail: sshd"] \ No newline at end of file