Move atribute to spec as local var (#142)

* Move attribute to local vars.

Move to local variable to avoid breaking test when passing additional attributes file without max_auth_tries.
Also refactored variable to sshd_max_auth_retries for clarity

Signed-off-by: kiwivogel <cruncniemuchie@hotmail.com>

* fix reference to sshd_max_auth_tries attribute

Signed-off-by: kiwivogel <cruncniemuchie@hotmail.com>

Author: kiwivogel

controls/sshd_spec.rb

@@ -27,6 +27,7 @@
 sshd_gatewayports = attribute('sshd_gatewayports', value: 'no', description: 'Expected value for sshd_config GatewayPorts')
 sshd_x11forwarding = attribute('sshd_x11forwarding', value: 'no', description: 'Expected value for sshd_config X11Forwarding')
 sshd_banner = attribute('sshd_banner', value: 'none', description: 'Expected value for sshd_config Banner')
+sshd_max_auth_tries = attribute('sshd_max_auth_tries', value: 2, description: 'Expected value for max_auth_retries')
 
 only_if do
   command('sshd').exist?
@@ -222,7 +223,7 @@
   tag 'CIS Red Hat Enterprise Linux 7 Benchmark version 01-31-2017': '2.1.1'
   ref 'Center for Internet Security', url: 'https://www.cisecurity.org/'
   describe sshd_config do
-    its('MaxAuthTries') { should cmp == attribute('max_auth_tries') }
+    its('MaxAuthTries') { should cmp(sshd_max_auth_tries) }
   end
 end
 

inspec.yml

@@ -7,10 +7,4 @@ license: Apache-2.0
 summary: Test-suite for best-practice SSH hardening
 version: 2.4.1
 supports:
-  - os-family: unix
-attributes:
-  - name: max_auth_tries
-    required: false
-    description: 'define MaxAuthTries'
-    value: 2
-    type: numeric
+  - os-family: unix