Skip to content

file resource user_permissions not working as expected on Windows #7351

@jakauppila

Description

@jakauppila

Describe the problem

When attempting to utilize the file resource to detect user_permissions on Windows, it is not allowing me to utilize the "friendly" rights name

Possible Solution

It would appear that perhaps the json payload in the resource is not handling the json array as it's parsed from the json output of the Powershell execution.

https://github.com/inspec/inspec/blob/main/lib/inspec/resources/file.rb#L299-L311

Inspec resource I'm attempting:

describe file('D:/iis-applications') do
  its('user_permissions') { should include 'BUILTIN\\Users' => 'ReadAndExecute' }
end

Error I encounter:

[FAIL]  File D:/iis-applications user_permissions is expected to include {"BUILTIN\\Users" => "ReadAndExecute"}
     expected {"BUILTIN\\Administrators" => "268435456", "BUILTIN\\Users" => "-1610612736", "NT AUTHORITY\\SYSTEM" => "268435456"} to include {"BUILTIN\\Users" => "ReadAndExecute"}

What I see on the server itself:

Image

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions