tyler.durden/lynis
1
0
Fork 0
mirror of https://github.com/CISOfy/lynis.git synced 2025-07-29 16:54:26 +02:00
Code Issues Packages Projects Releases Wiki Activity

[KRNL-5830] Use symlink, only test for 'version' keyword if needed, adjusted exception message

Browse Source
This commit is contained in:
Michael Boelen 2019-12-17 08:03:51 +01:00
parent 4e255617d3
commit 11f8ce2361
No known key found for this signature in database
GPG Key ID: 26141F77A09D7F04
1 changed files with 23 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
include/tests_kernel
View File

@ -642,27 +642,33 @@
fi fi
elif [ -f ${ROOTDIR}boot/vmlinuz-linux -o -f ${ROOTDIR}boot/vmlinuz-linux-lts -o -f $(ls -t ${ROOTDIR}boot/vm[l-]* 2> /dev/null | head -1) ]; then elif [ -f ${ROOTDIR}boot/vmlinuz-linux -o -f ${ROOTDIR}boot/vmlinuz-linux-lts -o -f $(ls -t ${ROOTDIR}boot/vm[l-]* 2> /dev/null | head -1) ]; then
if [ -L ${ROOTDIR}boot/vmlinuz-linux ]; then if [ -L ${ROOTDIR}boot/vmlinuz-linux ]; then
LogText "Result: found symlink ${ROOTDIR}boot/vmlinuz-linux"
FOUND_VMLINUZ=$(readlink ${ROOTDIR}boot/vmlinuz-linux) FOUND_VMLINUZ=$(readlink ${ROOTDIR}boot/vmlinuz-linux)
LogText "Result: symlinked target is ${FOUND_VMLINUZ}"
VERSION_ON_DISK=$(echo ${FOUND_VMLINUZ} | sed 's/^vmlinuz-//')
elif [ -f ${ROOTDIR}boot/vmlinuz-linux-lts ]; then elif [ -f ${ROOTDIR}boot/vmlinuz-linux-lts ]; then
LogText "Result: found boot/vmlinuz-linux-lts"
FOUND_VMLINUZ=${ROOTDIR}boot/vmlinuz-linux-lts FOUND_VMLINUZ=${ROOTDIR}boot/vmlinuz-linux-lts
else else
# Match on /boot/vm5.3.7 or /boot/vmlinuz-5.3.7-1-default # Match on /boot/vm5.3.7 or /boot/vmlinuz-5.3.7-1-default
FOUND_VMLINUZ=$(ls -t ${ROOTDIR}boot/vm[l-]* 2> /dev/null | head -1) FOUND_VMLINUZ=$(ls -t ${ROOTDIR}boot/vm[l-]* 2> /dev/null | head -1)
fi fi
LogText "Result: found ${FOUND_VMLINUZ}"
LogText "Test: checking kernel version on disk" if [ -z "${VERSION_ON_DISK}" ]; then
NEXTLINE=0 LogText "Result: found ${FOUND_VMLINUZ}"
VERSION_ON_DISK="" LogText "Test: checking kernel version on disk"
for I in $(file ${FOUND_VMLINUZ}); do NEXTLINE=0
if [ ${NEXTLINE} -eq 1 ]; then VERSION_ON_DISK=""
VERSION_ON_DISK="${I}" for I in $(file ${FOUND_VMLINUZ}); do
break if [ ${NEXTLINE} -eq 1 ]; then
else VERSION_ON_DISK="${I}"
# Searching for the Linux kernel after the keyword 'version' break
if [ "${I}" = "version" ]; then NEXTLINE=1; fi else
fi # Searching for the Linux kernel after the keyword 'version'
done if [ "${I}" = "version" -o ]; then NEXTLINE=1; fi
if [ -n "${VERSION_ON_DISK}" ]; then fi
done
else
LogText "Result: found version ${VERSION_ON_DISK}" LogText "Result: found version ${VERSION_ON_DISK}"
ACTIVE_KERNEL=$(uname -r) ACTIVE_KERNEL=$(uname -r)
LogText "Result: active kernel version ${ACTIVE_KERNEL}" LogText "Result: active kernel version ${ACTIVE_KERNEL}"
@ -673,9 +679,10 @@
REBOOT_NEEDED=1 REBOOT_NEEDED=1
LogText "Result: reboot needed, as there is a difference between active kernel and the one on disk" LogText "Result: reboot needed, as there is a difference between active kernel and the one on disk"
fi fi
else fi
if [ -z "${VERSION_ON_DISK}" ]; then
LogText "Result: could not find the version on disk" LogText "Result: could not find the version on disk"
ReportException "${TEST_NO}:4" "Could not find the kernel version from /boot/vmlinux-linux" ReportException "${TEST_NO}:4" "Could not find the kernel version"
fi fi
else else
if [ -L ${ROOTDIR}boot/vmlinuz ]; then if [ -L ${ROOTDIR}boot/vmlinuz ]; then