lynis/include/helper_show

215 lines
7.7 KiB
Plaintext
Raw Normal View History

2016-04-07 16:24:38 +02:00
#!/bin/sh
#################################################################################
#
# Lynis
# ------------------
#
# Copyright 2007-2013, Michael Boelen
# Copyright 2013-2016, CISOfy
#
# Website : https://cisofy.com
# Blog : http://linux-audit.com
# GitHub : https://github.com/CISOfy/lynis
#
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
# welcome to redistribute it under the terms of the GNU General Public License.
# See LICENSE file for usage of this software.
#
######################################################################
#
# Helper program to share details
#
######################################################################
#
# How to use:
# ------------
# Run: lynis show <option>
#
######################################################################
2016-04-12 21:59:23 +02:00
COMMANDS="audit show update"
2016-04-26 13:40:21 +02:00
OPTIONS="--auditor\n--check-all (-c)\n--config\n--cronjob (--cron)\n--debug\n--developer\n--help (-h)\n--info\n--license-key --log-file\n--manpage_(--man)\n--no-colors --no-log\n--pentest\n--profile\n--plugins-dir\n--quiet (-q)\n--quick (-Q)\n--report-file\n--reverse-colors\n--tests\n--tests-category\n--upload\n--verbose\n--version (-V)\n--view-categories"
SHOW_ARGS="commands dbdir help includedir license man options pidfile plugindir profiles release releasedate tests version workdir"
2016-04-12 21:59:23 +02:00
SHOW_HELP="lynis show ${BROWN}commands${NORMAL} (all available commands)
lynis show ${BROWN}dbdir${NORMAL} (database directory)
2016-04-12 21:59:23 +02:00
lynis show ${BROWN}help${NORMAL} (detailed information about arguments)
lynis show ${BROWN}includedir${NORMAL} (include directory for tests and functions)
2016-04-12 21:59:23 +02:00
lynis show ${BROWN}license${NORMAL} (license details)
lynis show ${BROWN}man${NORMAL} (show help)
lynis show ${BROWN}options${NORMAL} (available flags and options)
lynis show ${BROWN}pidfile${NORMAL} (active file to stored process ID)
lynis show ${BROWN}plugindir${NORMAL} (directory with plugins)
2016-04-12 21:59:23 +02:00
lynis show ${BROWN}profiles${NORMAL} (discovered profiles)
lynis show ${BROWN}release${NORMAL} (version)
lynis show ${BROWN}releasedate${NORMAL} (date of release)
lynis show ${BROWN}tests skipped${NORMAL} (which tests to skip according profile)
lynis show ${BROWN}version${NORMAL} (${PROGRAM_NAME} version)
lynis show ${BROWN}workdir${NORMAL} (work directory)"
2016-04-12 21:59:23 +02:00
AUDIT_ARGS="( dockerfile | system )"
AUDIT_HELP="
2016-05-14 17:42:33 +02:00
${WHITE}lynis audit <target>${NORMAL}
2016-04-12 21:59:23 +02:00
2016-05-14 17:42:33 +02:00
${CYAN}audit dockerfile ${BROWN}<file>${NORMAL}
2016-04-12 21:59:23 +02:00
2016-05-14 17:42:33 +02:00
Perform security audit on a Docker build file
${GRAY}Example:${NORMAL}
lynis audit dockerfile Dockerfile
2016-04-12 21:59:23 +02:00
2016-05-14 17:42:33 +02:00
${CYAN}audit system ${GRAY}[options]${NORMAL}
Perform security system audit
${GRAY}Examples:${NORMAL}
lynis audit system
lynis audit system --cronjob
lynis audit system --profile developer.prf
lynis audit system --quick
${CYAN}audit system remote ${BROWN}<target> ${GRAY}[options]${NORMAL}
Perform security system audit on a remote target
${GRAY}Examples:${NORMAL}
lynis audit system remote 192.168.1.100
lynis audit system remote 192.168.1.100 --no-colors
2016-04-12 21:59:23 +02:00
"
2016-04-07 16:24:38 +02:00
UPDATE_ARGS="info release"
2016-05-14 17:42:33 +02:00
UPDATE_HELP="
${CYAN}update info${NORMAL}
Check version information
${CYAN}update release${NORMAL}
Perform update of release
"
2016-04-07 16:24:38 +02:00
SHOW_TESTS_ARGS="skipped"
2016-04-07 16:24:38 +02:00
COMMANDS_AUDIT_SYSTEM_USAGE="Usage: lynis audit system"
COMMANDS_AUDIT_SYSTEM_FUNCTION="Function: performs a security audit of the system"
if [ $# -gt 0 ]; then
case $1 in
"commands")
if [ $# -eq 1 ]; then
2016-05-14 17:42:33 +02:00
${ECHOCMD} "\n${WHITE}Commands:${NORMAL}"
2016-04-12 21:59:23 +02:00
for I in ${COMMANDS}; do
2016-05-14 17:42:33 +02:00
${ECHOCMD} "lynis ${CYAN}${I}${NORMAL}"
2016-04-12 21:59:23 +02:00
done
2016-05-14 17:42:33 +02:00
${ECHOCMD} ""
2016-04-07 16:24:38 +02:00
else
shift
if [ $# -eq 1 ]; then
2016-05-03 13:16:11 +02:00
case $1 in
2016-05-14 17:42:33 +02:00
"audit") ${ECHOCMD} "${AUDIT_HELP}" ;;
"show") ${ECHOCMD} "${SHOW_HELP}" ;;
*) ${ECHOCMD} "Unknown argument for 'commands'"
2016-05-03 13:16:11 +02:00
esac
else
shift
case $1 in
"dockerfile")
2016-05-14 17:42:33 +02:00
${ECHOCMD} "Usage: lynis audit dockerfile <file>"
2016-05-03 13:16:11 +02:00
;;
"system")
2016-05-14 17:42:33 +02:00
${ECHOCMD} "${COMMANDS_AUDIT_SYSTEM_USAGE}\n${COMMANDS_AUDIT_SYSTEM_FUNCTION}\n"
2016-05-03 13:16:11 +02:00
;;
*)
2016-05-14 17:42:33 +02:00
${ECHOCMD} "Unknown argument for 'commands'"
2016-05-03 13:16:11 +02:00
;;
esac
2016-04-07 16:24:38 +02:00
fi
fi
;;
"dbdir")
SHOW_DBDIR="${DBDIR}"
if [ "${DBDIR}" = "./db" ]; then
if [ -d ${WORKDIR}/db ]; then SHOW_DBDIR="${WORKDIR}/db"; fi
fi
${ECHOCMD} "${SHOW_DBDIR}"
;;
2016-04-07 16:24:38 +02:00
"help")
if [ $# -eq 1 ]; then
2016-05-14 17:42:33 +02:00
${ECHOCMD} "${PROGRAM_NAME} ${PROGRAM_VERSION} - Help"
${ECHOCMD} "=========================="
${ECHOCMD} ""
${ECHOCMD} "${WHITE}Commands${NORMAL}:"
2016-04-12 21:59:23 +02:00
for I in ${COMMANDS}; do
2016-05-14 17:42:33 +02:00
${ECHOCMD} "${CYAN}${I}${NORMAL}"
2016-04-12 21:59:23 +02:00
done
2016-05-14 17:42:33 +02:00
${ECHOCMD} ""
${ECHOCMD} "Use 'lynis show help ${CYAN}<command>${NORMAL}' to see details"
2016-05-14 17:42:33 +02:00
${ECHOCMD} ""; ${ECHOCMD} ""
${ECHOCMD} "${WHITE}Options${NORMAL}:\n${GRAY}${OPTIONS}${NORMAL}"
2016-04-07 16:24:38 +02:00
else
shift
case $1 in
2016-05-14 17:42:33 +02:00
"audit") ${ECHOCMD} "${AUDIT_HELP}" ;;
"show") ${ECHOCMD} "${SHOW_HELP}" ;;
"update") ${ECHOCMD} "${UPDATE_HELP}" ;;
"?") ${ECHOCMD} "${SHOW_ARGS}" ;;
*) ${ECHOCMD} "Invalid argument provided for lynis show help" ;;
2016-04-07 16:24:38 +02:00
esac
fi
;;
"includedir")
SHOW_INCLUDEDIR="${INCLUDEDIR}"
if [ "${INCLUDEDIR}" = "./include" ]; then
if [ -d ${WORKDIR}/include ]; then SHOW_INCLUDEDIR="${WORKDIR}/include"; fi
fi
${ECHOCMD} "${SHOW_INCLUDEDIR}"
;;
2016-05-14 17:42:33 +02:00
"license") ${ECHOCMD} "${PROGRAM_LICENSE}" ;;
"man") ${ECHOCMD} "Use ./lynis --man or man lynis" ;;
"options") ${ECHOCMD} "${OPTIONS}" ;;
"pidfile") ${ECHOCMD} "${PIDFILE}" ;;
"profile" | "profiles") for I in ${PROFILES}; do ${ECHOCMD} ${I}; done ;;
"plugindir") ${ECHOCMD} "${PLUGINDIR}" ;;
"release" | "version") ${ECHOCMD} "${PROGRAM_VERSION}" ;;
"releasedate") ${ECHOCMD} "${PROGRAM_RELEASE_DATE}" ;;
"tests")
if [ $# -gt 0 ]; then
shift
case $1 in
2016-05-14 17:42:33 +02:00
"skipped") ${ECHOCMD} "${SKIP_TESTS}" ;;
*)
${ECHOCMD} "Invalid argument provided to lynis show tests\n\n"
${ECHOCMD} "Suggestions:\n"
for I in ${SHOW_TESTS_ARGS}; do ${ECHOCMD} "lynis show tests ${I}"; done
;;
esac
else
2016-05-14 17:42:33 +02:00
${ECHOCMD} "Need more arguments"
fi
;;
"workdir") ${ECHOCMD} "${WORKDIR}" ;;
2016-05-14 17:42:33 +02:00
"?") ${ECHOCMD} "${SHOW_ARGS}" ;;
*) ${ECHOCMD} "Unknown argument '$1'" ;;
2016-04-07 16:24:38 +02:00
esac
else
2016-05-14 17:42:33 +02:00
${ECHOCMD} "\n ${WHITE}Provide an additional argument${NORMAL}\n\n"
2016-04-07 16:24:38 +02:00
for I in ${SHOW_ARGS}; do
2016-05-14 17:42:33 +02:00
${ECHOCMD} " lynis show ${BROWN}${I}${NORMAL}"
2016-04-07 16:24:38 +02:00
done
2016-05-14 17:42:33 +02:00
${ECHOCMD} "\n"
2016-04-07 16:24:38 +02:00
fi
ExitClean
# More additions:
# - categories
# - workdir
2016-04-07 16:24:38 +02:00
# The End