lynis/include/consts

271 lines
7.5 KiB
Plaintext
Raw Normal View History

2014-08-26 17:33:55 +02:00
#!/bin/sh
#################################################################################
#
# Lynis
# ------------------
#
2016-03-13 16:00:39 +01:00
# Copyright 2007-2013, Michael Boelen
# Copyright 2013-2016, CISOfy
2014-08-26 17:33:55 +02:00
#
2016-03-13 16:00:39 +01:00
# Website : https://cisofy.com
# Blog : http://linux-audit.com
# GitHub : https://github.com/CISOfy/lynis
#
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
# welcome to redistribute it under the terms of the GNU General Public License.
# See LICENSE file for usage of this software.
2014-08-26 17:33:55 +02:00
#
#################################################################################
#
# Consts
#
#################################################################################
#
# Paths where system and program binaries are located
2015-09-10 19:45:12 +02:00
BIN_PATHS="/bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin \
2014-08-26 17:33:55 +02:00
/usr/local/libexec /usr/libexec /usr/sfw/bin /usr/sfw/sbin \
/usr/sfw/libexec /opt/sfw/bin /opt/sfw/sbin /opt/sfw/libexec \
/usr/xpg4/bin /usr/css/bin /usr/ucb /usr/X11R6/bin /usr/X11R7/bin \
/usr/pkg/bin /usr/pkg/sbin"
2014-08-26 17:33:55 +02:00
2015-09-10 19:45:12 +02:00
ETC_PATHS="/etc /usr/local/etc"
2014-08-26 17:33:55 +02:00
# Do not use specific language, fall back to default
2015-07-22 12:20:27 +02:00
# Some tools with translated strings are very hard to parse
2014-08-26 17:33:55 +02:00
unset LANG
#
#################################################################################
#
# Initialize defaults
#
#################################################################################
#
# == Variable initializing ==
#
AUDITORNAME=""
AUTH_FAILED_LOGINS_LOGGED=0
AUTH_UNLOCK_TIME=-1
2014-08-26 17:33:55 +02:00
PROFILE=""
REPORTFILE=""
AFICKBINARY=""
AIDEBINARY=""
AASTATUSBINARY=""
2015-10-08 16:25:35 +02:00
AUDITD_RUNNING=0
APPLICATION_FIREWALL_ACTIVE=0
2014-10-13 19:56:44 +02:00
BINARY_SCAN_FINISHED=0
2016-05-04 13:42:46 +02:00
CHECK=0
CHECK_BINARIES=1
2014-08-26 17:33:55 +02:00
CHKROOTKITBINARY=""
CHKCONFIGBINARY=""
2016-07-05 19:55:31 +02:00
COLORS=1
2015-10-01 22:38:29 +02:00
COMPLIANCE_ENABLE_CIS=0
COMPLIANCE_ENABLE_HIPAA=0
COMPLIANCE_ENABLE_ISO27001=0
COMPLIANCE_ENABLE_PCI_DSS=0
COMPLIANCE_TESTS_PERFORMED=0
COMPLIANCE_FINDINGS_FOUND=0
2015-12-21 15:15:51 +01:00
COMPRESSED_UPLOADS=0
CONTROL_URL_APPEND=""
CONTROL_URL_PREPEND=""
2016-02-15 12:39:06 +01:00
CONTROL_URL_PROTOCOL=""
CSUMBINARY=""
CUSTOM_URL_APPEND=""
CUSTOM_URL_PREPEND=""
2016-02-15 12:39:06 +01:00
CUSTOM_URL_PROTOCOL=""
DB2_RUNNING=0
2016-04-26 13:40:21 +02:00
DEVELOPER_MODE=0
DISCOVERED_BINARIES=""
2015-05-27 11:25:35 +02:00
DOCKER_DAEMON_RUNNING=0
ERROR_ON_WARNINGS=0
2014-08-26 17:33:55 +02:00
FILEVALUE=""
FIND=""
FIREWALL_ACTIVE=0
2014-09-12 17:04:27 +02:00
FOUNDPATH=0
GREPBINARY="grep"
2014-08-26 17:33:55 +02:00
GROUP_NAME=""
GRPCKBINARY=""
GRSEC_FOUND=0
GRUB2INSTALLBINARY=""
2016-03-24 17:15:39 +01:00
HAS_SYSTEMD=0
HELPER=""
2014-09-19 16:44:22 +02:00
HOSTID=""
IDS_IPS_TOOL_FOUND=0
2014-08-26 17:33:55 +02:00
IPTABLESBINARY=""
LINUX_VERSION=""
LINUXCONFIGFILE=""
LMDBINARY=""
LMDFOUND=0
2014-08-26 17:33:55 +02:00
LOGFILE=""
2014-09-19 16:44:22 +02:00
MACHINEID=""
MACHINE_ROLE=""
MALWARE_SCANNER_INSTALLED=0
MYSQL_RUNNING=0
MIN_PASSWORD_LENGTH=-1
N_PLUGIN_ENABLED=0
NAME_CACHE_USED=0
NETWORK_INTERFACES=""
2014-08-26 17:33:55 +02:00
NGINX_ACCESS_LOG_DISABLED=0
NGINX_ACCESS_LOG_MISSING=0
NGINX_ALIAS_FOUND=0
NGINX_ALLOW_FOUND=0
NGINX_DENY_FOUND=0
NGINX_ERROR_LOG_DEBUG=0
NGINX_ERROR_LOG_MISSING=0
NGINX_EXPIRES_FOUND=0
NGINX_FASTCGI_FOUND=0
NGINX_FASTCGI_PARAMS_FOUND=0
NGINX_FASTCGI_PASS_FOUND=0
NGINX_LISTEN_FOUND=0
NGINX_LOCATION_FOUND=0
NGINX_SSL_CIPHERS=0
NGINX_SSL_ON=0
NGINX_SSL_PREFER_SERVER_CIPHERS=0
NGINX_SSL_PROTOCOLS=0
NGINX_RETURN_FOUND=0
NGINX_ROOT_FOUND=0
NGINX_WEAK_SSL_PROTOCOL_FOUND=0
NTPD_ROLE=""
ORACLE_RUNNING=0
2014-08-26 17:33:55 +02:00
OS=""; OS_MODE=""
OS_REDHAT_OR_CLONE=0
OSIRISBINARY=""
PASSWORD_MAXIMUM_DAYS=-1
PASSWORD_MINIMUM_DAYS=-1
2015-10-08 16:25:35 +02:00
PAM_2F_AUTH_ENABLED=0
PAM_2F_AUTH_REQUIRED=0
PAM_AUTH_BRUTE_FORCE_PROTECTION=0
PAM_PASSWORD_HISTORY_AMOUNT=0
PAM_PASSWORD_HISTORY_ENABLED=0
PAM_PASSWORD_STRENGTH_TESTED=0
PAM_PASSWORD_PWHISTORY_ENABLED=0
PAM_PASSWORD_UXHISTORY_ENABLED=0
2014-08-26 17:33:55 +02:00
PFFOUND=0
PIDFILE=""
PLUGINDIR=""
PLUGIN_PHASE=0
POSTGRES_RUNNING=0
2014-09-25 11:25:07 +02:00
PRIVILEGED=0
2014-08-26 17:33:55 +02:00
PROFILEVALUE=""
2014-09-12 17:04:27 +02:00
PSBINARY="ps"
REMOTE_LOGGING_ENABLED=0
2014-08-26 17:33:55 +02:00
RKHUNTERBINARY=""
RPMBINARY=""
RUN_HELPERS=0
RUN_TESTS=1
2014-08-26 17:33:55 +02:00
SAMHAINBINARY=""
SCAN_TEST_HEAVY=""; SCAN_TEST_MEDIUM=""; SCAN_TEST_LOW=""
SEARCH_PROFILES=""
2014-08-26 17:33:55 +02:00
SESTATUSBINARY=""
2014-11-29 16:21:13 +01:00
SERVICE_MANAGER=""
SETTINGS=""
SETTINGS_FILE=""
SHELL_IS_BUSYBOX=0
SHOW_PROGRAM_DETAILS=1
SHOW_REPORT=1
SHOW_TOOL_TIPS=1 # Show inline tool tips (default true)
SHOW_WARNINGS_ONLY=0
SKIP_PLUGINS=0
SKIP_TESTS=""
2014-09-08 15:12:44 +02:00
SKIPPED_TESTS_ROOTONLY=""
2014-08-26 17:33:55 +02:00
SSHKEYSCANBINARY=""
SSHKEYSCANFOUND=0
SSL_CERTIFICATE_PATHS=""
2014-08-26 17:33:55 +02:00
SYSLOGNGBINARY=""
SYSTEMCTLBINARY=""
TEMP_FILE=""
TEMP_FILES=""
2014-08-26 17:33:55 +02:00
TEST_SKIP_ALWAYS=""
TESTS_CATEGORY_TO_PERFORM=""
2014-08-26 17:33:55 +02:00
TESTS_EXECUTED=""
TESTS_SKIPPED=""
TMPFILE=""
2016-07-05 18:18:54 +02:00
TOOLTIP_SHOWED=0
TOTAL_SUGGESTIONS=0
TOTAL_WARNINGS=0
2014-08-26 17:33:55 +02:00
TRIPWIREBINARY=""
2015-09-07 17:40:03 +02:00
UEFI_BOOTED=0
2015-09-07 17:40:26 +02:00
UEFI_BOOTED_SECURE=0
UNBOUND_RUNNING=0
UPDATE_CHECK_SKIPPED=0
UPLOAD_OPTIONS=""
UPLOAD_PROXY_PORT=""
UPLOAD_PROXY_PROTOCOL=""
UPLOAD_PROXY_SERVER=""
UPLOAD_TOOL=""
UPLOAD_TOOL_ARGS=""
2014-08-26 17:33:55 +02:00
VALUE=""
2016-04-19 19:46:20 +02:00
VERBOSE=0
2015-05-26 11:10:50 +02:00
VMTYPE=""
2015-10-21 21:45:53 +02:00
VULNERABLE_PACKAGES_FOUND=0
2014-08-26 17:33:55 +02:00
#
#################################################################################
#
2015-07-22 12:20:27 +02:00
# * Options
2014-08-26 17:33:55 +02:00
#
2015-07-22 12:20:27 +02:00
#################################################################################
#
CRONJOB=0 # Run as a cronjob
CTESTS_PERFORMED=0 # Number of tests which are performed
2014-08-26 17:33:55 +02:00
DEBUG=0 # Debugging mode (to screen)
HPPOINTS=0 # Number of hardening points
HPTOTAL=0 # Maximum number of hardening points
2015-07-22 12:20:27 +02:00
LOG_INCORRECT_OS=1 # Log tests with incorrect OS
NEVERBREAK=0 # Don't wait for user input
2014-09-08 13:58:24 +02:00
PENTESTINGMODE=0 # Try tests without root privileges
2015-07-22 12:20:27 +02:00
QUICKMODE=0 # Don't wait for user input
QUIET=0 # Show normal messages and warnings as well
SKIPLOGTEST=0 # Skip logging for one test
SKIP_UPGRADE_TEST=0 # Skip upgrade test
TESTS_TO_PERFORM="" # Which tests only to perform
TEST_PAUSE_TIME=0 # Default pause time
TOTAL_TESTS=0 # Total amount of tests (counter)
2014-08-26 17:33:55 +02:00
UPLOAD_DATA=0 # Upload of data to central node
2015-07-22 12:20:27 +02:00
VIEWHELP=0 # Show help
WRONGOPTION=0 # A wrong option is used
2014-08-26 17:33:55 +02:00
#
#################################################################################
#
# Installed packages and other settings
COMPILER_INSTALLED=0
#
#################################################################################
#
2015-07-22 12:20:27 +02:00
# * Colors
#
# For improved display
2014-08-26 17:33:55 +02:00
#
#################################################################################
#
2015-07-22 12:20:27 +02:00
NORMAL=""
WARNING="" # Bad (red)
SECTION="" # Section (yellow)
NOTICE="" # Notice (yellow)
OK="" # Ok (green)
BAD="" # Bad (red)
2014-08-26 17:33:55 +02:00
2015-07-22 12:20:27 +02:00
# Normal color names
2014-08-26 17:33:55 +02:00
CYAN=""
BLUE=""
2016-04-12 21:58:01 +02:00
BROWN=""
DARKGRAY=""
GRAY=""
GREEN=""
2016-07-11 20:06:46 +02:00
LIGHTBLUE=""
2016-04-12 21:58:01 +02:00
MAGENTA=""
PURPLE=""
RED=""
YELLOW=""
WHITE=""
2016-07-11 20:06:46 +02:00
# With background
BG_BLUE=""
2014-08-26 17:33:55 +02:00
#
#################################################################################
#
#================================================================================
# Lynis - Security Auditing and System Hardening for Linux and UNIX - https://cisofy.com