2014-08-26 17:33:55 +02:00
|
|
|
#!/bin/sh
|
|
|
|
|
|
|
|
#################################################################################
|
|
|
|
#
|
|
|
|
# Lynis
|
|
|
|
# ------------------
|
|
|
|
#
|
2015-01-03 12:45:22 +01:00
|
|
|
# Copyright 2007-2015, Michael Boelen (michael@rootkit.nl), The Netherlands
|
2014-08-26 17:33:55 +02:00
|
|
|
# Web site: http://www.rootkit.nl
|
|
|
|
#
|
|
|
|
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
|
|
|
|
# welcome to redistribute it under the terms of the GNU General Public License.
|
|
|
|
# See LICENSE file for usage of this software.
|
|
|
|
#
|
|
|
|
#################################################################################
|
|
|
|
#
|
|
|
|
AUTOMATION_TOOL_FOUND=0
|
2014-09-18 11:04:22 +02:00
|
|
|
AUTOMATION_TOOL_RUNNING=""
|
2014-08-26 17:33:55 +02:00
|
|
|
BACKUP_AGENT_FOUND=0
|
2014-09-18 11:04:22 +02:00
|
|
|
PUPPET_MASTER_RUNNING=0
|
2014-12-05 12:41:33 +01:00
|
|
|
SALT_MASTER_RUNNING=0
|
|
|
|
SALT_MINION_RUNNING=0
|
2014-08-26 17:33:55 +02:00
|
|
|
#
|
|
|
|
#################################################################################
|
|
|
|
#
|
|
|
|
InsertSection "Software: System tooling"
|
|
|
|
#
|
|
|
|
#################################################################################
|
|
|
|
#
|
|
|
|
# Automation
|
|
|
|
#
|
|
|
|
#################################################################################
|
|
|
|
#
|
|
|
|
# Test : TOOL-5002
|
|
|
|
# Description : Check if automation tools are found
|
|
|
|
Register --test-no TOOL-5002 --weight L --network NO --description "Checking for automation tools"
|
|
|
|
if [ ${SKIPTEST} -eq 0 ]; then
|
|
|
|
|
2014-09-15 12:01:09 +02:00
|
|
|
Display --indent 2 --text "- Checking automation tooling"
|
2014-08-26 17:33:55 +02:00
|
|
|
|
|
|
|
# Cfengine
|
|
|
|
if [ ! "${CFAGENTBINARY}" = "" ]; then
|
|
|
|
logtext "Result: Cfengine (cfagent) is installed (${CFAGENTBINARY})"
|
|
|
|
AUTOMATION_TOOL_FOUND=1
|
|
|
|
Display --indent 4 --text "Found: Cfengine (cfagent)" --result FOUND --color GREEN
|
|
|
|
fi
|
|
|
|
|
2015-05-25 17:20:58 +02:00
|
|
|
CHEF_LOCATIONS="/opt/chef/bin /opt/chef-server/sv /opt/chefdk/bin"
|
|
|
|
for I in ${CHEF_LOCATIONS}; do
|
|
|
|
if [ -d ${I} ]; then
|
|
|
|
if [ -f ${I}/chef-client ]; then
|
|
|
|
CHEFCLIENTBINARY="${I}/chef-client"
|
|
|
|
AUTOMATION_TOOL_FOUND=1
|
|
|
|
Display --indent 4 --text "Found: Chef client (chef-client)" --result FOUND --color GREEN
|
|
|
|
logtext "Result: found chef-client (chef client daemon) in ${I}"
|
|
|
|
fi
|
|
|
|
if [ -f ${I}/erchef ]; then
|
|
|
|
CHEFSERVERBINARY="${I}/erchef"
|
|
|
|
logtext "Result: Chef Server (erchef) is installed (${CHEFSERVERBINARY})"
|
|
|
|
AUTOMATION_TOOL_FOUND=1
|
|
|
|
Display --indent 4 --text "Found: Chef Server (erchef)" --result FOUND --color GREEN
|
|
|
|
logtext "Result: found erchef (chef server daemon) in ${I}"
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
done
|
|
|
|
|
2014-08-26 17:33:55 +02:00
|
|
|
# Puppet
|
|
|
|
if [ ! "${PUPPETBINARY}" = "" ]; then
|
|
|
|
logtext "Result: Puppet is installed (${PUPPETBINARY})"
|
|
|
|
AUTOMATION_TOOL_FOUND=1
|
|
|
|
Display --indent 4 --text "Found: Puppet (agent)" --result FOUND --color GREEN
|
|
|
|
fi
|
|
|
|
IsRunning "puppet master"
|
|
|
|
if [ ${RUNNING} -eq 1 ]; then
|
|
|
|
logtext "Result: found puppet master"
|
|
|
|
PUPPET_MASTER_RUNNING=1
|
2014-09-18 11:04:22 +02:00
|
|
|
report "automation_tool_running[]=puppet"
|
2014-08-26 17:33:55 +02:00
|
|
|
Display --indent 4 --text "Found: Puppet (master)" --result FOUND --color GREEN
|
|
|
|
fi
|
|
|
|
|
2014-09-18 11:04:22 +02:00
|
|
|
# SaltStack
|
|
|
|
if [ ! "${SALTMINIONBINARY}" = "" ]; then
|
|
|
|
logtext "Result: SaltStack (salt-minion) is installed (${SALTMINIONBINARY})"
|
|
|
|
AUTOMATION_TOOL_FOUND=1
|
2014-12-05 12:41:33 +01:00
|
|
|
SALT_MINION_RUNNING=1
|
2014-09-18 11:04:22 +02:00
|
|
|
Display --indent 4 --text "Found: SaltStack minion (salt-minion)" --result FOUND --color GREEN
|
|
|
|
fi
|
|
|
|
if [ ! "${SALTMASTERBINARY}" = "" ]; then
|
|
|
|
logtext "Result: SaltStack (salt-master) is installed (${SALTMASTERBINARY})"
|
|
|
|
AUTOMATION_TOOL_FOUND=1
|
|
|
|
Display --indent 4 --text "Found: SaltStack master (salt-master)" --result FOUND --color GREEN
|
|
|
|
fi
|
|
|
|
IsRunning "salt-master"
|
|
|
|
if [ ${RUNNING} -eq 1 ]; then
|
|
|
|
logtext "Result: found SaltStack (master)"
|
|
|
|
SALT_MASTER_RUNNING=1
|
|
|
|
report "automation_tool_running[]=saltstack-master"
|
|
|
|
Display --indent 4 --text "Found: SaltStack (master)" --result FOUND --color GREEN
|
|
|
|
fi
|
|
|
|
|
2014-08-26 17:33:55 +02:00
|
|
|
if [ ${AUTOMATION_TOOL_FOUND} -eq 1 ]; then
|
|
|
|
Display --indent 2 --text "- Automation tooling" --result FOUND --color GREEN
|
|
|
|
else
|
|
|
|
Display --indent 2 --text "- Automation tooling" --result "NOT FOUND" --color YELLOW
|
|
|
|
ReportSuggestion ${TEST_NO} "Determine if automation tools are present for system management"
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
#
|
|
|
|
#################################################################################
|
|
|
|
#
|
|
|
|
# Backup tools
|
|
|
|
#
|
|
|
|
#################################################################################
|
2014-09-18 11:04:22 +02:00
|
|
|
#
|
|
|
|
# Netvault
|
|
|
|
# Rsync in cron
|
|
|
|
#
|
|
|
|
#################################################################################
|
2014-08-26 17:33:55 +02:00
|
|
|
#
|
2014-12-05 12:41:33 +01:00
|
|
|
report "puppet_master=${PUPPET_MASTER_RUNNING}"
|
|
|
|
report "salt_master=${SALT_MASTER_RUNNING}"
|
|
|
|
report "salt_minion=${SALT_MINION_RUNNING}"
|
|
|
|
|
|
|
|
|
2014-08-26 17:33:55 +02:00
|
|
|
wait_for_keypress
|
|
|
|
#
|
|
|
|
#================================================================================
|
2015-05-25 23:16:45 +02:00
|
|
|
# Lynis - Copyright 2007-2015, CISOfy - https://cisofy.com
|