lynis/include/consts

362 lines
9.3 KiB
Plaintext
Raw Normal View History

2014-08-26 17:33:55 +02:00
#!/bin/sh
#################################################################################
#
# Lynis
# ------------------
#
2016-03-13 16:00:39 +01:00
# Copyright 2007-2013, Michael Boelen
2017-02-09 13:35:40 +01:00
# Copyright 2007-2017, CISOfy
2014-08-26 17:33:55 +02:00
#
2016-03-13 16:00:39 +01:00
# Website : https://cisofy.com
# Blog : http://linux-audit.com
# GitHub : https://github.com/CISOfy/lynis
#
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
# welcome to redistribute it under the terms of the GNU General Public License.
# See LICENSE file for usage of this software.
2014-08-26 17:33:55 +02:00
#
#################################################################################
#
# Consts
#
#################################################################################
#
# Paths where system and program binaries are located
2015-09-10 19:45:12 +02:00
BIN_PATHS="/bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin \
2014-08-26 17:33:55 +02:00
/usr/local/libexec /usr/libexec /usr/sfw/bin /usr/sfw/sbin \
/usr/sfw/libexec /opt/sfw/bin /opt/sfw/sbin /opt/sfw/libexec \
/usr/xpg4/bin /usr/css/bin /usr/ucb /usr/X11R6/bin /usr/X11R7/bin \
/usr/pkg/bin /usr/pkg/sbin"
2014-08-26 17:33:55 +02:00
2015-09-10 19:45:12 +02:00
ETC_PATHS="/etc /usr/local/etc"
2014-08-26 17:33:55 +02:00
# Do not use specific language, fall back to default
2015-07-22 12:20:27 +02:00
# Some tools with translated strings are very hard to parse
2014-08-26 17:33:55 +02:00
unset LANG
#
#################################################################################
#
# Initialize defaults
#
#################################################################################
#
# == Variable initializing ==
#
2016-10-28 11:48:20 +02:00
ARCH_AUDIT_BINARY=""
2014-08-26 17:33:55 +02:00
AUDITORNAME=""
2016-09-10 16:11:43 +02:00
AUDITCTLBINARY=""
AUDITDBINARY=""
AUTH_FAILED_LOGINS_LOGGED=0
AUTH_UNLOCK_TIME=-1
2014-08-26 17:33:55 +02:00
PROFILE=""
REPORTFILE=""
AFICKBINARY=""
AIDEBINARY=""
AASTATUSBINARY=""
2015-10-08 16:25:35 +02:00
AUDITD_RUNNING=0
APPLICATION_FIREWALL_ACTIVE=0
2014-10-13 19:56:44 +02:00
BINARY_SCAN_FINISHED=0
BLKIDBINARY=""
2016-10-28 11:48:20 +02:00
CAT_BINARY=""
2016-09-10 16:11:43 +02:00
CFAGENTBINARY=""
2016-05-04 13:42:46 +02:00
CHECK=0
CHECK_BINARIES=1
CHECK_OPTION_ARRAY=""
2014-08-26 17:33:55 +02:00
CHKROOTKITBINARY=""
CHKCONFIGBINARY=""
2016-10-28 11:48:20 +02:00
CLAMCONF_BINARY=""
2016-09-10 16:11:43 +02:00
CLAMSCANBINARY=""
2016-07-05 19:55:31 +02:00
COLORS=1
2015-10-01 22:38:29 +02:00
COMPLIANCE_ENABLE_CIS=0
COMPLIANCE_ENABLE_HIPAA=0
COMPLIANCE_ENABLE_ISO27001=0
COMPLIANCE_ENABLE_PCI_DSS=0
COMPLIANCE_TESTS_PERFORMED=0
COMPLIANCE_FINDINGS_FOUND=0
2015-12-21 15:15:51 +01:00
COMPRESSED_UPLOADS=0
CONTROL_URL_APPEND=""
CONTROL_URL_PREPEND=""
2016-02-15 12:39:06 +01:00
CONTROL_URL_PROTOCOL=""
2016-10-16 15:13:04 +02:00
CONTAINER_TYPE=""
2016-10-13 20:15:00 +02:00
CREATE_REPORT_FILE=1
CSUMBINARY=""
CUSTOM_URL_APPEND=""
CUSTOM_URL_PREPEND=""
2016-02-15 12:39:06 +01:00
CUSTOM_URL_PROTOCOL=""
2016-09-10 16:11:43 +02:00
CUTBINARY=""
2016-07-24 19:46:45 +02:00
DATABASE_ENGINE_RUNNING=0
DB2_RUNNING=0
2016-09-10 16:11:43 +02:00
DBUSDAEMONBINARY=""
DEBSECANBINARY=""
DEBSUMSBINARY=""
2016-04-26 13:40:21 +02:00
DEVELOPER_MODE=0
DISCOVERED_BINARIES=""
DNFBINARY=""
2017-04-23 20:19:02 +02:00
DOCKERBINARY=""
2015-05-27 11:25:35 +02:00
DOCKER_DAEMON_RUNNING=0
ECHOCMD=""
ERROR_ON_WARNINGS=0
FAIL2BANBINARY=""
2016-09-10 16:11:43 +02:00
FILEBINARY=""
2014-08-26 17:33:55 +02:00
FILEVALUE=""
FIND=""
FIREWALL_ACTIVE=0
2014-09-12 17:04:27 +02:00
FOUNDPATH=0
2016-10-28 11:48:20 +02:00
GETENT_BINARY=""
GRADMBINARY=""
GREPBINARY="grep"
2014-08-26 17:33:55 +02:00
GROUP_NAME=""
GRPCKBINARY=""
GRSEC_FOUND=0
GRUB2INSTALLBINARY=""
2016-03-24 17:15:39 +01:00
HAS_SYSTEMD=0
2016-09-10 16:11:43 +02:00
HEADBINARY=""
HELPER=""
2014-09-19 16:44:22 +02:00
HOSTID=""
HOSTID2=""
2016-09-10 16:11:43 +02:00
HTTPDBINARY=""
IDS_IPS_TOOL_FOUND=0
2016-09-10 16:11:43 +02:00
IPFBINARY=""
2014-08-26 17:33:55 +02:00
IPTABLESBINARY=""
2016-09-10 16:11:43 +02:00
JOURNALCTLBINARY=""
KLDSTATBINARY=""
2016-10-28 11:48:20 +02:00
LAUNCHCTL_BINARY=""
LDAP_CLIENT_CONFIG_FILE=""
2014-08-26 17:33:55 +02:00
LINUX_VERSION=""
LINUXCONFIGFILE=""
LMDBINARY=""
LMDFOUND=0
2014-08-26 17:33:55 +02:00
LOGFILE=""
LOGTEXT=1
LSVGBINARY=""
2014-09-19 16:44:22 +02:00
MACHINEID=""
MACHINE_ROLE=""
MALWARE_SCANNER_INSTALLED=0
MIN_PASSWORD_LENGTH=-1
2017-02-10 13:07:53 +01:00
MONGODB_RUNNING=0
2016-09-10 16:11:43 +02:00
MOUNTBINARY=""
MTREEBINARY=""
MYSQLCLIENTBINARY=""
MYSQL_RUNNING=0
2017-04-23 20:19:02 +02:00
N_PLUGIN=0
N_PLUGIN_ENABLED=0
NAME_CACHE_USED=0
NETWORK_INTERFACES=""
2016-09-10 16:11:43 +02:00
NFTBINARY=""
2014-08-26 17:33:55 +02:00
NGINX_ACCESS_LOG_DISABLED=0
NGINX_ACCESS_LOG_MISSING=0
NGINX_ALIAS_FOUND=0
NGINX_ALLOW_FOUND=0
NGINX_DENY_FOUND=0
NGINX_ERROR_LOG_DEBUG=0
NGINX_ERROR_LOG_MISSING=0
NGINX_EVENTS_COUNTER=0
2014-08-26 17:33:55 +02:00
NGINX_EXPIRES_FOUND=0
NGINX_FASTCGI_FOUND=0
NGINX_FASTCGI_PARAMS_FOUND=0
NGINX_FASTCGI_PASS_FOUND=0
NGINX_HTTP_COUNTER=0
2014-08-26 17:33:55 +02:00
NGINX_LISTEN_FOUND=0
NGINX_LOCATION_COUNTER=0
2014-08-26 17:33:55 +02:00
NGINX_LOCATION_FOUND=0
NGINX_SERVER_COUNTER=0
2014-08-26 17:33:55 +02:00
NGINX_SSL_CIPHERS=0
NGINX_SSL_ON=0
NGINX_SSL_PREFER_SERVER_CIPHERS=0
NGINX_SSL_PROTOCOLS=0
NGINX_RETURN_FOUND=0
NGINX_ROOT_FOUND=0
NGINX_WEAK_SSL_PROTOCOL_FOUND=0
NTPD_ROLE=""
2016-09-10 16:11:43 +02:00
NTPQBINARY=""
OPTION_DEBIAN_SKIP_SECURITY_REPOSITORY=0
2016-09-10 16:11:43 +02:00
OPTIONS_CONN_MAX_WAIT_STATE=""
ORACLE_RUNNING=0
OS=""
OS_KERNELVERSION=""
OS_KERNELVERSION_FULL=""
OS_MODE=""
2014-08-26 17:33:55 +02:00
OS_REDHAT_OR_CLONE=0
OSIRISBINARY=""
PACMANBINARY=""
PASSWORD_MAXIMUM_DAYS=-1
PASSWORD_MINIMUM_DAYS=-1
2015-10-08 16:25:35 +02:00
PAM_2F_AUTH_ENABLED=0
PAM_2F_AUTH_REQUIRED=0
PAM_AUTH_BRUTE_FORCE_PROTECTION=0
PAM_PASSWORD_HISTORY_AMOUNT=0
PAM_PASSWORD_HISTORY_ENABLED=0
PAM_PASSWORD_STRENGTH_TESTED=0
PAM_PASSWORD_PWHISTORY_ENABLED=0
PAM_PASSWORD_UXHISTORY_ENABLED=0
2016-09-10 16:11:43 +02:00
PFCTLBINARY=""
2014-08-26 17:33:55 +02:00
PFFOUND=0
PIDFILE=""
2016-10-28 11:48:20 +02:00
PKG_BINARY=""
2016-09-10 16:11:43 +02:00
PKGADMINBINARY=""
PLUGINDIR=""
PLUGIN_PHASE=0
2016-09-10 16:11:43 +02:00
POSTFIXBINARY=""
POSTGRES_RUNNING=0
2014-09-25 11:25:07 +02:00
PRIVILEGED=0
PROFILES=""
2014-08-26 17:33:55 +02:00
PROFILEVALUE=""
2014-09-12 17:04:27 +02:00
PSBINARY="ps"
2016-09-10 16:11:43 +02:00
PUPPETBINARY=""
2016-11-08 19:47:59 +01:00
READLINKBINARY=""
2016-07-24 19:46:45 +02:00
REDIS_RUNNING=0
2016-08-11 10:01:29 +02:00
REFRESH_REPOSITORIES=1
REMOTE_LOGGING_ENABLED=0
RESOLV_DOMAINNAME=""
2014-08-26 17:33:55 +02:00
RKHUNTERBINARY=""
2016-08-11 19:55:29 +02:00
ROOTDIR="/"
2016-09-10 16:11:43 +02:00
ROOTSHBINARY=""
RPCINFOBINARY=""
2014-08-26 17:33:55 +02:00
RPMBINARY=""
RUN_HELPERS=0
RUN_TESTS=1
RUN_UPDATE_CHECK=1
2016-09-10 16:11:43 +02:00
SALTMASTERBINARY=""
SALTMINIONBINARY=""
2014-08-26 17:33:55 +02:00
SAMHAINBINARY=""
SCAN_TEST_HEAVY=""; SCAN_TEST_MEDIUM=""; SCAN_TEST_LOW=""
SEARCH_PROFILES=""
2014-08-26 17:33:55 +02:00
SESTATUSBINARY=""
2014-11-29 16:21:13 +01:00
SERVICE_MANAGER=""
2016-09-10 16:11:43 +02:00
SETBINARY=""
SETTINGS=""
SETTINGS_FILE=""
SET_STRICT=0
SHELL_IS_BUSYBOX=0
SHOWMOUNTBINARY=""
SHOW_PROGRAM_DETAILS=1
SHOW_REPORT=1
2016-09-24 15:51:05 +02:00
SHOW_REPORT_SOLUTION=1
SHOW_TOOL_TIPS=1 # Show inline tool tips (default true)
SHOW_WARNINGS_ONLY=0
SKIP_PLUGINS=0
SKIP_TESTS=""
SKIPREASON=""
2014-09-08 15:12:44 +02:00
SKIPPED_TESTS_ROOTONLY=""
2016-09-10 16:11:43 +02:00
SMTPCTLBINARY=""
SNORTBINARY=""
2014-08-26 17:33:55 +02:00
SSHKEYSCANBINARY=""
SSHKEYSCANFOUND=0
SSL_CERTIFICATE_PATHS=""
2016-09-10 16:11:43 +02:00
STUNNELBINARY=""
2014-08-26 17:33:55 +02:00
SYSLOGNGBINARY=""
SYSTEMCTLBINARY=""
2016-08-13 16:38:07 +02:00
SYSTEM_IS_NOTEBOOK=255
TEMP_FILE=""
TEMP_FILES=""
2014-08-26 17:33:55 +02:00
TEST_SKIP_ALWAYS=""
TEST_AVAILABLE_CATEGORIES="performance privacy security"
TEST_CATEGORY_TO_CHECK="all"
TEST_GROUP_TO_CHECK="all"
2014-08-26 17:33:55 +02:00
TESTS_EXECUTED=""
TESTS_SKIPPED=""
TMPFILE=""
2016-07-05 18:18:54 +02:00
TOOLTIP_SHOWED=0
TOTAL_SUGGESTIONS=0
TOTAL_WARNINGS=0
2016-09-10 16:11:43 +02:00
TRBINARY=""
2014-08-26 17:33:55 +02:00
TRIPWIREBINARY=""
2015-09-07 17:40:03 +02:00
UEFI_BOOTED=0
2015-09-07 17:40:26 +02:00
UEFI_BOOTED_SECURE=0
2016-09-10 16:11:43 +02:00
UNAMEBINARY=""
UNBOUND_RUNNING=0
2016-09-10 16:11:43 +02:00
UNIQBINARY=""
UPDATE_CHECK_SKIPPED=0
UPLOAD_OPTIONS=""
UPLOAD_PROXY_PORT=""
UPLOAD_PROXY_PROTOCOL=""
UPLOAD_PROXY_SERVER=""
UPLOAD_TOOL=""
UPLOAD_TOOL_ARGS=""
2014-08-26 17:33:55 +02:00
VALUE=""
2016-04-19 19:46:20 +02:00
VERBOSE=0
2015-05-26 11:10:50 +02:00
VMTYPE=""
2015-10-21 21:45:53 +02:00
VULNERABLE_PACKAGES_FOUND=0
2016-09-10 16:11:43 +02:00
WCBINARY=""
XARGSBINARY=""
YUMBINARY=""
ZYPPERBINARY=""
2014-08-26 17:33:55 +02:00
#
#################################################################################
#
2015-07-22 12:20:27 +02:00
# * Options
2014-08-26 17:33:55 +02:00
#
2015-07-22 12:20:27 +02:00
#################################################################################
#
CRONJOB=0 # Run as a cronjob
CTESTS_PERFORMED=0 # Number of tests which are performed
2014-08-26 17:33:55 +02:00
DEBUG=0 # Debugging mode (to screen)
HPPOINTS=0 # Number of hardening points
HPTOTAL=0 # Maximum number of hardening points
2015-07-22 12:20:27 +02:00
LOG_INCORRECT_OS=1 # Log tests with incorrect OS
NEVERBREAK=0 # Don't wait for user input
2014-09-08 13:58:24 +02:00
PENTESTINGMODE=0 # Try tests without root privileges
QUICKMODE=1 # Don't wait for user input
2015-07-22 12:20:27 +02:00
QUIET=0 # Show normal messages and warnings as well
SKIPLOGTEST=0 # Skip logging for one test
SKIP_UPGRADE_TEST=0 # Skip upgrade test
TESTS_TO_PERFORM="" # Which tests only to perform
TEST_PAUSE_TIME=0 # Default pause time
TOTAL_TESTS=0 # Total amount of tests (counter)
2014-08-26 17:33:55 +02:00
UPLOAD_DATA=0 # Upload of data to central node
2015-07-22 12:20:27 +02:00
VIEWHELP=0 # Show help
WRONGOPTION=0 # A wrong option is used
2014-08-26 17:33:55 +02:00
#
#################################################################################
#
# Installed packages and other settings
COMPILER_INSTALLED=0
#
#################################################################################
#
2015-07-22 12:20:27 +02:00
# * Colors
#
# For improved display
2014-08-26 17:33:55 +02:00
#
#################################################################################
#
2015-07-22 12:20:27 +02:00
# Normal color names
2014-08-26 17:33:55 +02:00
CYAN=""
BLUE=""
2016-04-12 21:58:01 +02:00
BROWN=""
DARKGRAY=""
GRAY=""
GREEN=""
2016-07-11 20:06:46 +02:00
LIGHTBLUE=""
2016-04-12 21:58:01 +02:00
MAGENTA=""
PURPLE=""
RED=""
YELLOW=""
WHITE=""
2016-07-24 13:05:36 +02:00
# Markup
2016-07-24 11:43:18 +02:00
BOLD="${WHITE}"
2016-07-11 20:06:46 +02:00
# With background
BG_BLUE=""
2016-07-24 13:05:36 +02:00
# Semantic names
HEADER="${WHITE}"
NORMAL=""
WARNING="" # Bad (red)
SECTION="" # Section (yellow)
NOTICE="" # Notice (yellow)
OK="" # Ok (green)
BAD="" # Bad (red)
2014-08-26 17:33:55 +02:00
#
#################################################################################
#
#================================================================================
# Lynis - Security Auditing and System Hardening for Linux and UNIX - https://cisofy.com