tyler.durden/lynis
1
0
Fork 0
mirror of https://github.com/CISOfy/lynis.git synced 2025-07-24 06:14:33 +02:00
Code Issues Packages Projects Releases Wiki Activity

Use IsRunning exit code instead of variable

Browse Source
This commit is contained in:
Michael Boelen 2019-07-26 11:32:48 +02:00
parent 8321b98689
commit 17137408d2
No known key found for this signature in database
GPG Key ID: 26141F77A09D7F04
13 changed files with 51 additions and 104 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
include/tests_accounting
View File

@ -139,8 +139,7 @@
if [ ${SKIPTEST} -eq 0 ]; then if [ ${SKIPTEST} -eq 0 ]; then
LogText "Test: Check auditd status" LogText "Test: Check auditd status"
# Should not get kauditd # Should not get kauditd
IsRunning auditd if IsRunning "auditd"; then
if [ ${RUNNING} -eq 1 ]; then
LogText "Result: auditd running" LogText "Result: auditd running"
Display --indent 2 --text "- Checking auditd" --result "${STATUS_ENABLED}" --color GREEN Display --indent 2 --text "- Checking auditd" --result "${STATUS_ENABLED}" --color GREEN
LINUX_AUDITD_RUNNING=1 LINUX_AUDITD_RUNNING=1
@ -277,8 +276,7 @@
Register --test-no ACCT-9650 --os Solaris --weight L --network NO --category security --description "Check Solaris audit daemon" Register --test-no ACCT-9650 --os Solaris --weight L --network NO --category security --description "Check Solaris audit daemon"
if [ ${SKIPTEST} -eq 0 ]; then if [ ${SKIPTEST} -eq 0 ]; then
LogText "Test: check if audit daemon is running" LogText "Test: check if audit daemon is running"
IsRunning auditd if IsRunning "auditd"; then
if [ ${RUNNING} -eq 1 ]; then
LogText "Result: Solaris audit daemon is running" LogText "Result: Solaris audit daemon is running"
SOLARIS_AUDITD_RUNNING=1 SOLARIS_AUDITD_RUNNING=1
AUDIT_DAEMON_RUNNING=1 AUDIT_DAEMON_RUNNING=1

3
include/tests_containers
View File

@ -81,8 +81,7 @@
# Description : Checking Docker daemon status and basic information for later tests # Description : Checking Docker daemon status and basic information for later tests
Register --test-no CONT-8102 --weight L --network NO --category security --description "Checking Docker status and information" Register --test-no CONT-8102 --weight L --network NO --category security --description "Checking Docker status and information"
if [ ${SKIPTEST} -eq 0 ]; then if [ ${SKIPTEST} -eq 0 ]; then
IsRunning "dockerd" if IsRunning "dockerd"; then
if [ ${RUNNING} -eq 1 ]; then
LogText "Result: found Docker daemon running" LogText "Result: found Docker daemon running"
Report "docker_daemon_running=1" Report "docker_daemon_running=1"
DOCKER_DAEMON_RUNNING=1 DOCKER_DAEMON_RUNNING=1

15
include/tests_firewalls
View File

@ -245,8 +245,7 @@
LogText "Result: no kldstat binary, skipping this part" LogText "Result: no kldstat binary, skipping this part"
fi fi
IsRunning pflogd if IsRunning "pflogd"; then
if [ ${RUNNING} -eq 1 ]; then
LogText "Result: found pflog daemon in process list" LogText "Result: found pflog daemon in process list"
Display --indent 4 --text "- Checking pflogd status" --result "ACTIVE" --color GREEN Display --indent 4 --text "- Checking pflogd status" --result "ACTIVE" --color GREEN
PFFOUND=1 PFFOUND=1
@ -410,8 +409,7 @@
# Little Snitch Daemon (macOS) # Little Snitch Daemon (macOS)
LogText "Test: checking process Little Snitch Daemon" LogText "Test: checking process Little Snitch Daemon"
IsRunning --full "Little Snitch Daemon" if IsRunning --full "Little Snitch Daemon"; then
if [ ${RUNNING} -eq 1 ]; then
Display --indent 2 --text "- Checking Little Snitch Daemon" --result "${STATUS_ENABLED}" --color GREEN Display --indent 2 --text "- Checking Little Snitch Daemon" --result "${STATUS_ENABLED}" --color GREEN
LogText "Result: Little Snitch found" LogText "Result: Little Snitch found"
FOUND=1 FOUND=1
@ -423,8 +421,7 @@
# HandsOff! Daemon (macOS) # HandsOff! Daemon (macOS)
LogText "Test: checking process HandsOffDaemon" LogText "Test: checking process HandsOffDaemon"
IsRunning HandsOffDaemon if IsRunning "HandsOffDaemon"; then
if [ ${RUNNING} -eq 1 ]; then
Display --indent 2 --text "- Checking Hands Off! Daemon" --result "${STATUS_ENABLED}" --color GREEN Display --indent 2 --text "- Checking Hands Off! Daemon" --result "${STATUS_ENABLED}" --color GREEN
LogText "Result: Hands Off! found" LogText "Result: Hands Off! found"
FOUND=1 FOUND=1
@ -436,8 +433,7 @@
# LuLu Daemon (macOS) # LuLu Daemon (macOS)
LogText "Test: checking process LuLu" LogText "Test: checking process LuLu"
IsRunning LuLu if IsRunning "LuLu"; then
if [ ${RUNNING} -eq 1 ]; then
Display --indent 2 --text "- Checking LuLu Daemon" --result "${STATUS_ENABLED}" --color GREEN Display --indent 2 --text "- Checking LuLu Daemon" --result "${STATUS_ENABLED}" --color GREEN
LogText "Result: LuLu found" LogText "Result: LuLu found"
FOUND=1 FOUND=1
@ -449,8 +445,7 @@
# Radio Silence (macOS) # Radio Silence (macOS)
LogText "Test: checking process Radio Silence" LogText "Test: checking process Radio Silence"
IsRunning --full "Radio Silence" if IsRunning --full "Radio Silence"; then
if [ ${RUNNING} -eq 1 ]; then
Display --indent 2 --text "- Checking Radio Silence" --result "${STATUS_ENABLED}" --color GREEN Display --indent 2 --text "- Checking Radio Silence" --result "${STATUS_ENABLED}" --color GREEN
LogText "Result: Radio Silence found" LogText "Result: Radio Silence found"
FOUND=1 FOUND=1

4
include/tests_ldap
View File

@ -36,9 +36,7 @@
# Description : Check running OpenLDAP instance # Description : Check running OpenLDAP instance
Register --test-no LDAP-2219 --weight L --network NO --category security --description "Check running OpenLDAP instance" Register --test-no LDAP-2219 --weight L --network NO --category security --description "Check running OpenLDAP instance"
if [ ${SKIPTEST} -eq 0 ]; then if [ ${SKIPTEST} -eq 0 ]; then
# TODO adding additional slash needed? if IsRunning "slapd"; then
IsRunning slapd
if [ ${RUNNING} -eq 0 ]; then
Display --indent 2 --text "- Checking OpenLDAP instance" --result "${STATUS_NOT_FOUND}" --color WHITE Display --indent 2 --text "- Checking OpenLDAP instance" --result "${STATUS_NOT_FOUND}" --color WHITE
LogText "Result: No running slapd process found." LogText "Result: No running slapd process found."
else else

21
include/tests_logging
View File

@ -65,8 +65,7 @@
Register --test-no LOGG-2132 --weight L --network NO --category security --description "Check for running syslog-ng daemon" Register --test-no LOGG-2132 --weight L --network NO --category security --description "Check for running syslog-ng daemon"
if [ ${SKIPTEST} -eq 0 ]; then if [ ${SKIPTEST} -eq 0 ]; then
LogText "Test: Searching for syslog-ng daemon in process list" LogText "Test: Searching for syslog-ng daemon in process list"
IsRunning syslog-ng if IsRunning "syslog-ng"; then
if [ ${RUNNING} -eq 1 ]; then
LogText "Result: Found syslog-ng in process list" LogText "Result: Found syslog-ng in process list"
Display --indent 4 --text "- Checking Syslog-NG status" --result "${STATUS_FOUND}" --color GREEN Display --indent 4 --text "- Checking Syslog-NG status" --result "${STATUS_FOUND}" --color GREEN
SYSLOG_DAEMON_PRESENT=1 SYSLOG_DAEMON_PRESENT=1
@ -104,8 +103,7 @@
Register --test-no LOGG-2136 --weight L --network NO --category security --description "Check for running systemd journal daemon" Register --test-no LOGG-2136 --weight L --network NO --category security --description "Check for running systemd journal daemon"
if [ ${SKIPTEST} -eq 0 ]; then if [ ${SKIPTEST} -eq 0 ]; then
LogText "Test: Searching for systemd journal daemon in process list" LogText "Test: Searching for systemd journal daemon in process list"
IsRunning systemd-journal if IsRunning "systemd-journal"; then
if [ ${RUNNING} -eq 1 ]; then
Display --indent 4 --text "- Checking systemd journal status" --result "${STATUS_FOUND}" --color GREEN Display --indent 4 --text "- Checking systemd journal status" --result "${STATUS_FOUND}" --color GREEN
SYSTEMD_JOURNAL_RUNNING=1 SYSTEMD_JOURNAL_RUNNING=1
Report "syslog_daemon_present=1" Report "syslog_daemon_present=1"
@ -122,8 +120,7 @@
Register --test-no LOGG-2210 --weight L --network NO --category security --description "Check for running metalog daemon" Register --test-no LOGG-2210 --weight L --network NO --category security --description "Check for running metalog daemon"
if [ ${SKIPTEST} -eq 0 ]; then if [ ${SKIPTEST} -eq 0 ]; then
LogText "Test: Searching for metalog daemon in process list" LogText "Test: Searching for metalog daemon in process list"
IsRunning metalog if IsRunning "metalog"; then
if [ ${RUNNING} -eq 1 ]; then
LogText "Result: Found metalog in process list" LogText "Result: Found metalog in process list"
Display --indent 4 --text "- Checking Metalog status" --result "${STATUS_FOUND}" --color GREEN Display --indent 4 --text "- Checking Metalog status" --result "${STATUS_FOUND}" --color GREEN
SYSLOG_DAEMON_PRESENT=1 SYSLOG_DAEMON_PRESENT=1
@ -143,8 +140,7 @@
Register --test-no LOGG-2230 --weight L --network NO --category security --description "Check for running RSyslog daemon" Register --test-no LOGG-2230 --weight L --network NO --category security --description "Check for running RSyslog daemon"
if [ ${SKIPTEST} -eq 0 ]; then if [ ${SKIPTEST} -eq 0 ]; then
LogText "Test: Searching for RSyslog daemon in process list" LogText "Test: Searching for RSyslog daemon in process list"
IsRunning rsyslogd if IsRunning "rsyslogd"; then
if [ ${RUNNING} -eq 1 ]; then
LogText "Result: Found rsyslogd in process list" LogText "Result: Found rsyslogd in process list"
Display --indent 4 --text "- Checking RSyslog status" --result "${STATUS_FOUND}" --color GREEN Display --indent 4 --text "- Checking RSyslog status" --result "${STATUS_FOUND}" --color GREEN
SYSLOG_DAEMON_PRESENT=1 SYSLOG_DAEMON_PRESENT=1
@ -164,8 +160,7 @@
Register --test-no LOGG-2240 --weight L --network NO --category security --description "Check for running RFC 3195 compliant daemon" Register --test-no LOGG-2240 --weight L --network NO --category security --description "Check for running RFC 3195 compliant daemon"
if [ ${SKIPTEST} -eq 0 ]; then if [ ${SKIPTEST} -eq 0 ]; then
LogText "Test: Searching for RFC 3195 daemon (alias syslog reliable) in process list" LogText "Test: Searching for RFC 3195 daemon (alias syslog reliable) in process list"
IsRunning rfc3195d if IsRunning "rfc3195d"; then
if [ ${RUNNING} -eq 1 ]; then
LogText "Result: Found rfc3195d in process list" LogText "Result: Found rfc3195d in process list"
Display --indent 4 --text "- Checking RFC 3195 daemon status" --result "${STATUS_FOUND}" --color GREEN Display --indent 4 --text "- Checking RFC 3195 daemon status" --result "${STATUS_FOUND}" --color GREEN
SYSLOG_DAEMON_PRESENT=1 SYSLOG_DAEMON_PRESENT=1
@ -190,8 +185,7 @@
if [ ${RSYSLOG_RUNNING} -eq 0 -a ${SYSTEMD_JOURNAL_RUNNING} -eq 0 ]; then if [ ${RSYSLOG_RUNNING} -eq 0 -a ${SYSTEMD_JOURNAL_RUNNING} -eq 0 ]; then
# Search for klogd, but ignore other lines related to klogd (like dd with input/output file) # Search for klogd, but ignore other lines related to klogd (like dd with input/output file)
#FIND=$(${PSBINARY} ax | ${GREPBINARY} "klogd" | ${GREPBINARY} -v "dd" | ${GREPBINARY} -v "grep") #FIND=$(${PSBINARY} ax | ${GREPBINARY} "klogd" | ${GREPBINARY} -v "dd" | ${GREPBINARY} -v "grep")
IsRunning klogd if IsRunning "klogd"; then
if [ ${RUNNING} -eq 1 ]; then
LogText "Result: klogd running" LogText "Result: klogd running"
Display --indent 4 --text "- Checking klogd" --result "${STATUS_FOUND}" --color GREEN Display --indent 4 --text "- Checking klogd" --result "${STATUS_FOUND}" --color GREEN
else else
@ -212,8 +206,7 @@
if [ ${SKIPTEST} -eq 0 ]; then if [ ${SKIPTEST} -eq 0 ]; then
LogText "Result: Checking for unkilled minilogd instances" LogText "Result: Checking for unkilled minilogd instances"
# Search for minilogd. It shouldn't be running normally, if another syslog daemon is started # Search for minilogd. It shouldn't be running normally, if another syslog daemon is started
IsRunning minilogd if IsRunning "minilogd"; then
if [ ${RUNNING} -eq 0 ]; then
Display --indent 4 --text "- Checking minilogd instances" --result "${STATUS_NOT_FOUND}" --color WHITE Display --indent 4 --text "- Checking minilogd instances" --result "${STATUS_NOT_FOUND}" --color WHITE
LogText "Result: No minilogd is running" LogText "Result: No minilogd is running"
else else

12
include/tests_mail_messaging
View File

@ -44,8 +44,7 @@
Register --test-no MAIL-8802 --weight L --network NO --category security --description "Check Exim status" Register --test-no MAIL-8802 --weight L --network NO --category security --description "Check Exim status"
if [ ${SKIPTEST} -eq 0 ]; then if [ ${SKIPTEST} -eq 0 ]; then
LogText "Test: check Exim status" LogText "Test: check Exim status"
IsRunning exim4 || IsRunning exim if IsRunning "exim4" || IsRunning "exim"; then
if [ ${RUNNING} -eq 1 ]; then
LogText "Result: found running Exim process" LogText "Result: found running Exim process"
Display --indent 2 --text "- Exim status" --result "${STATUS_RUNNING}" --color GREEN Display --indent 2 --text "- Exim status" --result "${STATUS_RUNNING}" --color GREEN
EXIM_RUNNING=1 EXIM_RUNNING=1
@ -283,8 +282,7 @@
Register --test-no MAIL-8838 --weight L --network NO --category security --description "Check dovecot process" Register --test-no MAIL-8838 --weight L --network NO --category security --description "Check dovecot process"
if [ ${SKIPTEST} -eq 0 ]; then if [ ${SKIPTEST} -eq 0 ]; then
LogText "Test: check dovecot status" LogText "Test: check dovecot status"
IsRunning dovecot if IsRunning "dovecot"; then
if [ ${RUNNING} -eq 1 ]; then
LogText "Result: found running dovecot process" LogText "Result: found running dovecot process"
Display --indent 2 --text "- Dovecot status" --result "${STATUS_RUNNING}" --color GREEN Display --indent 2 --text "- Dovecot status" --result "${STATUS_RUNNING}" --color GREEN
DOVECOT_RUNNING=1 DOVECOT_RUNNING=1
@ -305,8 +303,7 @@
Register --test-no MAIL-8860 --weight L --network NO --category security --description "Check Qmail status" Register --test-no MAIL-8860 --weight L --network NO --category security --description "Check Qmail status"
if [ ${SKIPTEST} -eq 0 ]; then if [ ${SKIPTEST} -eq 0 ]; then
LogText "Test: check Qmail status" LogText "Test: check Qmail status"
IsRunning qmail-smtpd if IsRunning "qmail-smtpd"; then
if [ ${RUNNING} -eq 1 ]; then
LogText "Result: found running Qmail process" LogText "Result: found running Qmail process"
Display --indent 2 --text "- Qmail status" --result "${STATUS_RUNNING}" --color GREEN Display --indent 2 --text "- Qmail status" --result "${STATUS_RUNNING}" --color GREEN
QMAIL_RUNNING=1 QMAIL_RUNNING=1
@ -325,8 +322,7 @@
Register --test-no MAIL-8880 --weight L --network NO --category security --description "Check Sendmail status" Register --test-no MAIL-8880 --weight L --network NO --category security --description "Check Sendmail status"
if [ ${SKIPTEST} -eq 0 ]; then if [ ${SKIPTEST} -eq 0 ]; then
LogText "Test: check sendmail status" LogText "Test: check sendmail status"
IsRunning sendmail if IsRunning "sendmail"; then
if [ ${RUNNING} -eq 1 ]; then
LogText "Result: found running Sendmail process" LogText "Result: found running Sendmail process"
Display --indent 2 --text "- Sendmail status" --result "${STATUS_RUNNING}" --color GREEN Display --indent 2 --text "- Sendmail status" --result "${STATUS_RUNNING}" --color GREEN
SENDMAIL_RUNNING=1 SENDMAIL_RUNNING=1

45
include/tests_malware
View File

@ -102,8 +102,7 @@
# ESET security products # ESET security products
LogText "Test: checking process esets_daemon" LogText "Test: checking process esets_daemon"
IsRunning esets_daemon if IsRunning "esets_daemon"; then
if [ ${RUNNING} -eq 1 ]; then
FOUND=1 FOUND=1
ESET_DAEMON_RUNNING=1 ESET_DAEMON_RUNNING=1
MALWARE_SCANNER_INSTALLED=1 MALWARE_SCANNER_INSTALLED=1
@ -114,8 +113,7 @@
# Bitdefender (macOS) # Bitdefender (macOS)
LogText "Test: checking process epagd" LogText "Test: checking process epagd"
IsRunning epagd if IsRunning "epagd"; then
if [ ${RUNNING} -eq 1 ]; then
FOUND=1 FOUND=1
BITDEFENDER_DAEMON_RUNNING=1 BITDEFENDER_DAEMON_RUNNING=1
MALWARE_SCANNER_INSTALLED=1 MALWARE_SCANNER_INSTALLED=1
@ -126,8 +124,7 @@
# Avast (macOS) # Avast (macOS)
LogText "Test: checking process com.avast.daemon" LogText "Test: checking process com.avast.daemon"
IsRunning com.avast.daemon if IsRunning "com.avast.daemon"; then
if [ ${RUNNING} -eq 1 ]; then
FOUND=1 FOUND=1
AVAST_DAEMON_RUNNING=1 AVAST_DAEMON_RUNNING=1
MALWARE_SCANNER_INSTALLED=1 MALWARE_SCANNER_INSTALLED=1
@ -138,8 +135,7 @@
# Avira # Avira
LogText "Test: checking process Avira daemon" LogText "Test: checking process Avira daemon"
IsRunning avqmd if IsRunning "avqmd"; then
if [ ${RUNNING} -eq 1 ]; then
FOUND=1 FOUND=1
AVIRA_DAEMON_RUNNING=1 AVIRA_DAEMON_RUNNING=1
MALWARE_SCANNER_INSTALLED=1 MALWARE_SCANNER_INSTALLED=1
@ -150,8 +146,7 @@
# Cylance (macOS) # Cylance (macOS)
LogText "Test: checking process CylanceSvc" LogText "Test: checking process CylanceSvc"
IsRunning CylanceSvc if IsRunning "CylanceSvc"; then
if [ ${RUNNING} -eq 1 ]; then
FOUND=1 FOUND=1
if IsVerbose; then Display --indent 2 --text "- ${GEN_CHECKING} CylancePROTECT" --result "${STATUS_FOUND}" --color GREEN; fi if IsVerbose; then Display --indent 2 --text "- ${GEN_CHECKING} CylancePROTECT" --result "${STATUS_FOUND}" --color GREEN; fi
LogText "Result: found CylancePROTECT service" LogText "Result: found CylancePROTECT service"
@ -164,11 +159,9 @@
LogText "Test: checking process cma or cmdagent (McAfee)" LogText "Test: checking process cma or cmdagent (McAfee)"
# cma is too generic to match on, so we want to ensure that it is related to McAfee first # cma is too generic to match on, so we want to ensure that it is related to McAfee first
if [ -x /opt/McAfee/cma/bin/cma ]; then if [ -x /opt/McAfee/cma/bin/cma ]; then
IsRunning cma if IsRunning "cma"; then MCAFEE_SCANNER_RUNNING=1; fi
if [ ${RUNNING} -eq 1 ]; then MCAFEE_SCANNER_RUNNING=1; fi
else else
IsRunning cmdagent if IsRunning "cmdagent"; then MCAFEE_SCANNER_RUNNING=1; fi
if [ ${RUNNING} -eq 1 ]; then MCAFEE_SCANNER_RUNNING=1; fi
fi fi
if [ ${MCAFEE_SCANNER_RUNNING} -eq 1 ]; then if [ ${MCAFEE_SCANNER_RUNNING} -eq 1 ]; then
FOUND=1 FOUND=1
@ -180,14 +173,12 @@
# Sophos savscand/SophosScanD # Sophos savscand/SophosScanD
LogText "Test: checking process savscand" LogText "Test: checking process savscand"
IsRunning savscand if IsRunning "savscand"; then
if [ ${RUNNING} -eq 1 ]; then
FOUND=1 FOUND=1
SOPHOS_SCANNER_RUNNING=1 SOPHOS_SCANNER_RUNNING=1
fi fi
LogText "Test: checking process SophosScanD" LogText "Test: checking process SophosScanD"
IsRunning SophosScanD if IsRunning "SophosScanD"; then
if [ ${RUNNING} -eq 1 ]; then
FOUND=1 FOUND=1
SOPHOS_SCANNER_RUNNING=1 SOPHOS_SCANNER_RUNNING=1
fi fi
@ -200,18 +191,15 @@
# Symantec rtvscand/smcd/symcfgd # Symantec rtvscand/smcd/symcfgd
LogText "Test: checking process rtvscand" LogText "Test: checking process rtvscand"
IsRunning rtvscand if IsRunning "rtvscand"; then
if [ ${RUNNING} -eq 1 ]; then
SYMANTEC_SCANNER_RUNNING=1 SYMANTEC_SCANNER_RUNNING=1
fi fi
LogText "Test: checking process Symantec management client service" LogText "Test: checking process Symantec management client service"
IsRunning smcd if IsRunning "smcd"; then
if [ ${RUNNING} -eq 1 ]; then
SYMANTEC_SCANNER_RUNNING=1 SYMANTEC_SCANNER_RUNNING=1
fi fi
LogText "Test: checking process Symantec Endpoint Protection configuration service" LogText "Test: checking process Symantec Endpoint Protection configuration service"
IsRunning symcfgd if IsRunning "symcfgd"; then
if [ ${RUNNING} -eq 1 ]; then
SYMANTEC_SCANNER_RUNNING=1 SYMANTEC_SCANNER_RUNNING=1
fi fi
if [ ${SYMANTEC_SCANNER_RUNNING} -eq 1 ]; then if [ ${SYMANTEC_SCANNER_RUNNING} -eq 1 ]; then
@ -224,8 +212,7 @@
# TrendMicro (macOS) # TrendMicro (macOS)
LogText "Test: checking process TmccMac to test for Trend Micro anti-virus (macOS)" LogText "Test: checking process TmccMac to test for Trend Micro anti-virus (macOS)"
IsRunning TmccMac if IsRunning "TmccMac"; then
if [ ${RUNNING} -eq 1 ]; then
if IsVerbose; then Display --indent 2 --text "- ${GEN_CHECKING} Trend Micro anti-virus" --result "${STATUS_FOUND}" --color GREEN; fi if IsVerbose; then Display --indent 2 --text "- ${GEN_CHECKING} Trend Micro anti-virus" --result "${STATUS_FOUND}" --color GREEN; fi
LogText "Result: found Trend Micro component" LogText "Result: found Trend Micro component"
FOUND=1 FOUND=1
@ -267,8 +254,7 @@
Register --test-no MALW-3284 --weight L --network NO --category security --description "Check for clamd" Register --test-no MALW-3284 --weight L --network NO --category security --description "Check for clamd"
if [ ${SKIPTEST} -eq 0 ]; then if [ ${SKIPTEST} -eq 0 ]; then
LogText "Test: checking running ClamAV daemon (clamd)" LogText "Test: checking running ClamAV daemon (clamd)"
IsRunning clamd if IsRunning "clamd"; then
if [ ${RUNNING} -eq 1 ]; then
Display --indent 2 --text "- ${GEN_CHECKING} ClamAV daemon" --result "${STATUS_FOUND}" --color GREEN Display --indent 2 --text "- ${GEN_CHECKING} ClamAV daemon" --result "${STATUS_FOUND}" --color GREEN
LogText "Result: found running clamd process" LogText "Result: found running clamd process"
MALWARE_SCANNER_INSTALLED=1 MALWARE_SCANNER_INSTALLED=1
@ -286,8 +272,7 @@
Register --test-no MALW-3286 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check for freshclam" Register --test-no MALW-3286 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check for freshclam"
if [ ${SKIPTEST} -eq 0 ]; then if [ ${SKIPTEST} -eq 0 ]; then
LogText "Test: checking running freshclam daemon" LogText "Test: checking running freshclam daemon"
IsRunning freshclam if IsRunning "freshclam"; then
if [ ${RUNNING} -eq 1 ]; then
FRESHCLAM_DAEMON_RUNNING=1 FRESHCLAM_DAEMON_RUNNING=1
Display --indent 4 --text "- ${GEN_CHECKING} freshclam" --result "${STATUS_FOUND}" --color GREEN Display --indent 4 --text "- ${GEN_CHECKING} freshclam" --result "${STATUS_FOUND}" --color GREEN
LogText "Result: found running freshclam process" LogText "Result: found running freshclam process"

18
include/tests_nameservices
View File

@ -215,8 +215,7 @@
Register --test-no NAME-4032 --weight L --network NO --category security --description "Check nscd status" Register --test-no NAME-4032 --weight L --network NO --category security --description "Check nscd status"
if [ ${SKIPTEST} -eq 0 ]; then if [ ${SKIPTEST} -eq 0 ]; then
LogText "Test: checking nscd status" LogText "Test: checking nscd status"
IsRunning nscd if IsRunning "nscd"; then
if [ ${RUNNING} -eq 1 ]; then
NAME_CACHE_USED=1 NAME_CACHE_USED=1
LogText "Result: nscd is running" LogText "Result: nscd is running"
Display --indent 2 --text "- Checking nscd status" --result "${STATUS_RUNNING}" --color GREEN Display --indent 2 --text "- Checking nscd status" --result "${STATUS_RUNNING}" --color GREEN
@ -233,8 +232,7 @@
Register --test-no NAME-4034 --weight L --network NO --category security --description "Check Unbound status" Register --test-no NAME-4034 --weight L --network NO --category security --description "Check Unbound status"
if [ ${SKIPTEST} -eq 0 ]; then if [ ${SKIPTEST} -eq 0 ]; then
LogText "Test: checking Unbound (unbound) status" LogText "Test: checking Unbound (unbound) status"
IsRunning unbound if IsRunning "unbound"; then
if [ ${RUNNING} -eq 1 ]; then
UNBOUND_RUNNING=1 UNBOUND_RUNNING=1
NAME_CACHE_USED=1 NAME_CACHE_USED=1
LogText "Result: Unbound daemon is running" LogText "Result: Unbound daemon is running"
@ -278,8 +276,7 @@
Register --test-no NAME-4202 --weight L --network NO --category security --description "Check BIND status" Register --test-no NAME-4202 --weight L --network NO --category security --description "Check BIND status"
if [ ${SKIPTEST} -eq 0 ]; then if [ ${SKIPTEST} -eq 0 ]; then
LogText "Test: Checking for running BIND instance" LogText "Test: Checking for running BIND instance"
IsRunning named if IsRunning "named"; then
if [ ${RUNNING} -eq 1 ]; then
LogText "Result: found BIND process" LogText "Result: found BIND process"
Display --indent 2 --text "- Checking BIND status" --result "${STATUS_FOUND}" --color GREEN Display --indent 2 --text "- Checking BIND status" --result "${STATUS_FOUND}" --color GREEN
BIND_RUNNING=1 BIND_RUNNING=1
@ -384,8 +381,7 @@
Register --test-no NAME-4230 --weight L --network NO --category security --description "Check PowerDNS status" Register --test-no NAME-4230 --weight L --network NO --category security --description "Check PowerDNS status"
if [ ${SKIPTEST} -eq 0 ]; then if [ ${SKIPTEST} -eq 0 ]; then
LogText "Test: Checking for running PowerDNS instance" LogText "Test: Checking for running PowerDNS instance"
IsRunning pdns_server if IsRunning "pdns_server"; then
if [ ${RUNNING} -eq 1 ]; then
LogText "Result: found PowerDNS process" LogText "Result: found PowerDNS process"
Display --indent 2 --text "- Checking PowerDNS status" --result "${STATUS_RUNNING}" --color GREEN Display --indent 2 --text "- Checking PowerDNS status" --result "${STATUS_RUNNING}" --color GREEN
POWERDNS_RUNNING=1 POWERDNS_RUNNING=1
@ -481,13 +477,11 @@
Register --test-no NAME-4304 --weight L --network NO --category security --description "Check NIS ypbind status" Register --test-no NAME-4304 --weight L --network NO --category security --description "Check NIS ypbind status"
if [ ${SKIPTEST} -eq 0 ]; then if [ ${SKIPTEST} -eq 0 ]; then
LogText "Test: Checking status of ypbind daemon" LogText "Test: Checking status of ypbind daemon"
IsRunning ypbind if IsRunning "ypbind"; then
if [ ${RUNNING} -eq 1 ]; then
LogText "Result: ypbind is running" LogText "Result: ypbind is running"
Display --indent 2 --text "- Checking ypbind status" --result "${STATUS_FOUND}" --color GREEN Display --indent 2 --text "- Checking ypbind status" --result "${STATUS_FOUND}" --color GREEN
YPBIND_RUNNING=1 YPBIND_RUNNING=1
IsRunning ypldap if IsRunning "ypldap"; then
if [ ${RUNNING} -eq 1 ]; then
LogText "Result: ypldap is running" LogText "Result: ypldap is running"
Display --indent 2 --text "- Checking ypldap status" --result "${STATUS_FOUND}" --color GREEN Display --indent 2 --text "- Checking ypldap status" --result "${STATUS_FOUND}" --color GREEN
else else

3
include/tests_networking
View File

@ -596,8 +596,7 @@
# Description : Checking for DHCP client # Description : Checking for DHCP client
Register --test-no NETW-3030 --weight L --network NO --category security --description "Checking DHCP client status" Register --test-no NETW-3030 --weight L --network NO --category security --description "Checking DHCP client status"
if [ ${SKIPTEST} -eq 0 ]; then if [ ${SKIPTEST} -eq 0 ]; then
IsRunning dhclient || IsRunning dhcpcd || IsRunning udhcpc if IsRunning "dhclient" || IsRunning "dhcpcd" || IsRunning "udhcpc"; then
if [ ${RUNNING} -eq 1 ]; then
Display --indent 2 --text "- Checking status DHCP client" --result "${STATUS_RUNNING}" --color WHITE Display --indent 2 --text "- Checking status DHCP client" --result "${STATUS_RUNNING}" --color WHITE
DHCP_CLIENT_RUNNING=1 DHCP_CLIENT_RUNNING=1
else else

9
include/tests_printers_spools
View File

@ -69,8 +69,7 @@
Register --test-no PRNT-2304 --weight L --network NO --category security --description "Check cupsd status" Register --test-no PRNT-2304 --weight L --network NO --category security --description "Check cupsd status"
if [ ${SKIPTEST} -eq 0 ]; then if [ ${SKIPTEST} -eq 0 ]; then
LogText "Test: Checking cupsd status" LogText "Test: Checking cupsd status"
IsRunning cupsd if IsRunning "cupsd"; then
if [ ${RUNNING} -eq 1 ]; then
Display --indent 2 --text "- Checking cups daemon" --result "${STATUS_RUNNING}" --color GREEN Display --indent 2 --text "- Checking cups daemon" --result "${STATUS_RUNNING}" --color GREEN
LogText "Result: cups daemon running" LogText "Result: cups daemon running"
CUPSD_RUNNING=1; PRINTING_DAEMON="cups" CUPSD_RUNNING=1; PRINTING_DAEMON="cups"
@ -188,8 +187,7 @@
Register --test-no PRNT-2314 --weight L --network NO --category security --description "Check lpd status" Register --test-no PRNT-2314 --weight L --network NO --category security --description "Check lpd status"
if [ ${SKIPTEST} -eq 0 ]; then if [ ${SKIPTEST} -eq 0 ]; then
LogText "Test: Checking lpd status" LogText "Test: Checking lpd status"
IsRunning lpd if IsRunning "lpd"; then
if [ ${RUNNING} -eq 1 ]; then
Display --indent 2 --text "- Checking lp daemon" --result "${STATUS_RUNNING}" --color GREEN Display --indent 2 --text "- Checking lp daemon" --result "${STATUS_RUNNING}" --color GREEN
LogText "Result: lp daemon running" LogText "Result: lp daemon running"
LPD_RUNNING=1; PRINTING_DAEMON="lp" LPD_RUNNING=1; PRINTING_DAEMON="lp"
@ -231,8 +229,7 @@
Register --test-no PRNT-2418 --os AIX --weight L --network NO --category security --description "Checking qdaemon printer spooler status" Register --test-no PRNT-2418 --os AIX --weight L --network NO --category security --description "Checking qdaemon printer spooler status"
if [ ${SKIPTEST} -eq 0 ]; then if [ ${SKIPTEST} -eq 0 ]; then
LogText "Test: Checking qdaemon status" LogText "Test: Checking qdaemon status"
IsRunning qdaemon if IsRunning "qdaemon"; then
if [ ${RUNNING} -eq 1 ]; then
LogText "Result: qdaemon daemon running" LogText "Result: qdaemon daemon running"
Display --indent 2 --text "- Checking qdaemon daemon" --result "${STATUS_RUNNING}" --color GREEN Display --indent 2 --text "- Checking qdaemon daemon" --result "${STATUS_RUNNING}" --color GREEN
QDAEMON_RUNNING=1; PRINTING_DAEMON="qdaemon" QDAEMON_RUNNING=1; PRINTING_DAEMON="qdaemon"

6
include/tests_shells
View File

@ -107,14 +107,12 @@
IDLE_TIMEOUT_READONLY="" IDLE_TIMEOUT_READONLY=""
LogText "Test: Search for session timeout tools or settings in shell" LogText "Test: Search for session timeout tools or settings in shell"
IsRunning timeoutd if IsRunning "timeoutd"; then
if [ ${RUNNING} -eq 1 ]; then
IDLE_TIMEOUT=1 IDLE_TIMEOUT=1
LogText "Result: found timeoutd process to kill idle sesions" LogText "Result: found timeoutd process to kill idle sesions"
IDLE_TIMEOUT_METHOD="timeout-daemon" IDLE_TIMEOUT_METHOD="timeout-daemon"
fi fi
IsRunning autolog if IsRunning "autolog"; then
if [ ${RUNNING} -eq 1 ]; then
IDLE_TIMEOUT=1 IDLE_TIMEOUT=1
LogText "Result: found autolog process to kill idle sesions" LogText "Result: found autolog process to kill idle sesions"
Report="session_timeout_method[]=autolog" Report="session_timeout_method[]=autolog"

4
include/tests_snmp
View File

@ -35,9 +35,7 @@
Register --test-no SNMP-3302 --weight L --network NO --category security --description "Check for running SNMP daemon" Register --test-no SNMP-3302 --weight L --network NO --category security --description "Check for running SNMP daemon"
if [ ${SKIPTEST} -eq 0 ]; then if [ ${SKIPTEST} -eq 0 ]; then
LogText "Test: Searching for a SNMP daemon" LogText "Test: Searching for a SNMP daemon"
# Check running processes if IsRunning "snmpd"; then
IsRunning snmpd
if [ ${RUNNING} -eq 1 ]; then
SNMP_DAEMON_RUNNING=1 SNMP_DAEMON_RUNNING=1
LogText "Result: SNMP daemon is running" LogText "Result: SNMP daemon is running"
Display --indent 2 --text "- Checking running SNMP daemon" --result "${STATUS_FOUND}" --color GREEN Display --indent 2 --text "- Checking running SNMP daemon" --result "${STATUS_FOUND}" --color GREEN

9
include/tests_time
View File

@ -63,8 +63,7 @@
if [ -f ${FILE} ]; then LogText "result: found chrony configuration: ${FILE}"; CHRONY_CONF_FILE="${FILE}"; fi if [ -f ${FILE} ]; then LogText "result: found chrony configuration: ${FILE}"; CHRONY_CONF_FILE="${FILE}"; fi
done done
if [ -n "${CHRONY_CONF_FILE}" ]; then if [ -n "${CHRONY_CONF_FILE}" ]; then
IsRunning chronyd if IsRunning "chronyd"; then
if [ ${RUNNING} -eq 1 ]; then
FOUND=1; NTP_DAEMON_RUNNING=1; NTP_CONFIG_TYPE_DAEMON=1; NTP_DAEMON="chronyd" FOUND=1; NTP_DAEMON_RUNNING=1; NTP_CONFIG_TYPE_DAEMON=1; NTP_DAEMON="chronyd"
Display --indent 2 --text "- NTP daemon found: chronyd" --result "${STATUS_FOUND}" --color GREEN Display --indent 2 --text "- NTP daemon found: chronyd" --result "${STATUS_FOUND}" --color GREEN
else else
@ -75,8 +74,7 @@
fi fi
# Check time daemon (eg DragonFly BSD) # Check time daemon (eg DragonFly BSD)
IsRunning dntpd if IsRunning "dntpd"; then
if [ ${RUNNING} -eq 1 ]; then
FOUND=1; NTP_DAEMON_RUNNING=1; NTP_CONFIG_TYPE_DAEMON=1; NTP_DAEMON="dntpd" FOUND=1; NTP_DAEMON_RUNNING=1; NTP_CONFIG_TYPE_DAEMON=1; NTP_DAEMON="dntpd"
Display --indent 2 --text "- NTP daemon found: dntpd" --result "${STATUS_FOUND}" --color GREEN Display --indent 2 --text "- NTP daemon found: dntpd" --result "${STATUS_FOUND}" --color GREEN
fi fi
@ -91,8 +89,7 @@
fi fi
# Check time daemon (eg NetBSD) # Check time daemon (eg NetBSD)
IsRunning timed if IsRunning "timed"; then
if [ ${RUNNING} -eq 1 ]; then
FOUND=1; NTP_DAEMON_RUNNING=1; NTP_CONFIG_TYPE_DAEMON=1; NTP_DAEMON="timed" FOUND=1; NTP_DAEMON_RUNNING=1; NTP_CONFIG_TYPE_DAEMON=1; NTP_DAEMON="timed"
Display --indent 2 --text "- NTP daemon found: timed" --result "${STATUS_FOUND}" --color GREEN Display --indent 2 --text "- NTP daemon found: timed" --result "${STATUS_FOUND}" --color GREEN
fi fi