mirror of https://github.com/CISOfy/lynis.git
Added more definitions for tools
This commit is contained in:
Michael Boelen
parent
3bafb77395
commit
1cb1fc40ca
|
|
@ -101,6 +101,9 @@
|
|||
BLKDBINARY=${BINARY}
|
||||
LogText " Found known binary: blkid (information about block devices) - ${BINARY}"
|
||||
;;
|
||||
cat) CAT_BINARY="${BINARY}"
|
||||
LogText " Found known binary: cat (generic file handling) - ${BINARY}"
|
||||
;;
|
||||
chkconfig) CHKCONFIGFOUND=1; CHKCONFIGBINARY=${BINARY}; LogText " Found known binary: chkconfig (administration tool) - ${BINARY}" ;;
|
||||
clamconf)
|
||||
CLAMCONF_BINARY=${BINARY}
|
||||
|
|
@ -133,6 +136,9 @@
|
|||
g++) GPLUSPLUSFOUND=1; GPLUSPLUSBINARY="${BINARY}"; COMPILER_INSTALLED=1; LogText " Found known binary: g++ (compiler) - ${BINARY}" ;;
|
||||
# additional file check due to existance /usr/libexec/gcc (directory)
|
||||
gcc) if [ -f ${BINARY} ]; then GCCBINARY="${BINARY}"; COMPILER_INSTALLED=1; LogText " Found known binary: gcc (compiler) - ${BINARY}"; fi ;;
|
||||
getent) GETENT_BINARY="${BINARY}"
|
||||
LogText " Found known binary: getent (query tool for name service switch libraries) - ${BINARY}"
|
||||
;;
|
||||
grep) GREPFOUND=1; GREPBINARY=${BINARY}; LogText " Found known binary: grep (text search) - ${BINARY}" ;;
|
||||
grub2-install) GRUB2INSTALLFOUND=1; GRUB2INSTALLBINARY=${BINARY}; LogText " Found known binary: grub2-install (installer for boot loader) - ${BINARY}" ;;
|
||||
gzip) GZIPFOUND=1; GZIPBINARY="${BINARY}"; LogText " Found known binary: gzip (compressing utility) - ${BINARY}" ;;
|
||||
|
|
|
|||
|
|
@ -45,6 +45,7 @@ unset LANG
|
|||
#
|
||||
# == Variable initializing ==
|
||||
#
|
||||
ARCH_AUDIT_BINARY=""
|
||||
AUDITORNAME=""
|
||||
AUDITCTLBINARY=""
|
||||
AUDITDBINARY=""
|
||||
|
|
@ -58,13 +59,14 @@ unset LANG
|
|||
AUDITD_RUNNING=0
|
||||
APPLICATION_FIREWALL_ACTIVE=0
|
||||
BINARY_SCAN_FINISHED=0
|
||||
CAT_BINARY=""
|
||||
CFAGENTBINARY=""
|
||||
CHECK=0
|
||||
CHECK_BINARIES=1
|
||||
CHECK_OPTION_ARRAY=""
|
||||
CHKROOTKITBINARY=""
|
||||
CHKCONFIGBINARY=""
|
||||
CLAMCONFBINARY=""
|
||||
CLAMCONF_BINARY=""
|
||||
CLAMSCANBINARY=""
|
||||
COLORS=1
|
||||
COMPLIANCE_ENABLE_CIS=0
|
||||
|
|
@ -100,6 +102,7 @@ unset LANG
|
|||
FIND=""
|
||||
FIREWALL_ACTIVE=0
|
||||
FOUNDPATH=0
|
||||
GETENT_BINARY=""
|
||||
GREPBINARY="grep"
|
||||
GROUP_NAME=""
|
||||
GRPCKBINARY=""
|
||||
|
|
@ -115,6 +118,7 @@ unset LANG
|
|||
IPTABLESBINARY=""
|
||||
JOURNALCTLBINARY=""
|
||||
KLDSTATBINARY=""
|
||||
LAUNCHCTL_BINARY=""
|
||||
LDAP_CLIENT_CONFIG_FILE=""
|
||||
LINUX_VERSION=""
|
||||
LINUXCONFIGFILE=""
|
||||
|
|
@ -184,6 +188,7 @@ unset LANG
|
|||
PFCTLBINARY=""
|
||||
PFFOUND=0
|
||||
PIDFILE=""
|
||||
PKG_BINARY=""
|
||||
PKGADMINBINARY=""
|
||||
PLUGINDIR=""
|
||||
PLUGIN_PHASE=0
|
||||
|
|
|
|||
|
|
@ -658,11 +658,11 @@
|
|||
#
|
||||
# Test : NAME-4408
|
||||
# Description : Check localhost entry
|
||||
if [ ! -z "${GETENTBINARY}" ]; then PREQS_MET="YES"; SKIPREASON="No getent binary"; else PREQS_MET="NO"; SKIPREASON=""; fi
|
||||
if [ ! -z "${GETENT_BINARY}" ]; then PREQS_MET="YES"; SKIPREASON="No getent binary"; else PREQS_MET="NO"; SKIPREASON=""; fi
|
||||
Register --test-no NAME-4408 --preqs-met ${PREQS_MET} --skip-reason "${SKIPREASON}" --weight L --network NO --category security --description "Check localhost entry"
|
||||
if [ ${SKIPTEST} -eq 0 ]; then
|
||||
LogText "Test: Check server hostname not locally mapped in /etc/hosts"
|
||||
FIND=$(${GETENTBINARY} hosts localhost | ${AWKBINARY} '{print $1}')
|
||||
FIND=$(${GETENT_BINARY} hosts localhost | ${AWKBINARY} '{print $1}')
|
||||
if [ "${FIND}" = "127.0.0.1" ]; then
|
||||
LogText "Result: localhost mapped to 127.0.0.1"
|
||||
Display --indent 4 --text "- Checking /etc/hosts (localhost to IP)" --result "${STATUS_OK}" --color GREEN
|
||||
|
|
|
|||
Loading…
Reference in New Issue