mirror of
https://github.com/CISOfy/lynis.git
synced 2025-07-21 21:04:46 +02:00
Added more definitions for tools
This commit is contained in:
parent
3bafb77395
commit
1cb1fc40ca
@ -101,6 +101,9 @@
|
|||||||
BLKDBINARY=${BINARY}
|
BLKDBINARY=${BINARY}
|
||||||
LogText " Found known binary: blkid (information about block devices) - ${BINARY}"
|
LogText " Found known binary: blkid (information about block devices) - ${BINARY}"
|
||||||
;;
|
;;
|
||||||
|
cat) CAT_BINARY="${BINARY}"
|
||||||
|
LogText " Found known binary: cat (generic file handling) - ${BINARY}"
|
||||||
|
;;
|
||||||
chkconfig) CHKCONFIGFOUND=1; CHKCONFIGBINARY=${BINARY}; LogText " Found known binary: chkconfig (administration tool) - ${BINARY}" ;;
|
chkconfig) CHKCONFIGFOUND=1; CHKCONFIGBINARY=${BINARY}; LogText " Found known binary: chkconfig (administration tool) - ${BINARY}" ;;
|
||||||
clamconf)
|
clamconf)
|
||||||
CLAMCONF_BINARY=${BINARY}
|
CLAMCONF_BINARY=${BINARY}
|
||||||
@ -133,6 +136,9 @@
|
|||||||
g++) GPLUSPLUSFOUND=1; GPLUSPLUSBINARY="${BINARY}"; COMPILER_INSTALLED=1; LogText " Found known binary: g++ (compiler) - ${BINARY}" ;;
|
g++) GPLUSPLUSFOUND=1; GPLUSPLUSBINARY="${BINARY}"; COMPILER_INSTALLED=1; LogText " Found known binary: g++ (compiler) - ${BINARY}" ;;
|
||||||
# additional file check due to existance /usr/libexec/gcc (directory)
|
# additional file check due to existance /usr/libexec/gcc (directory)
|
||||||
gcc) if [ -f ${BINARY} ]; then GCCBINARY="${BINARY}"; COMPILER_INSTALLED=1; LogText " Found known binary: gcc (compiler) - ${BINARY}"; fi ;;
|
gcc) if [ -f ${BINARY} ]; then GCCBINARY="${BINARY}"; COMPILER_INSTALLED=1; LogText " Found known binary: gcc (compiler) - ${BINARY}"; fi ;;
|
||||||
|
getent) GETENT_BINARY="${BINARY}"
|
||||||
|
LogText " Found known binary: getent (query tool for name service switch libraries) - ${BINARY}"
|
||||||
|
;;
|
||||||
grep) GREPFOUND=1; GREPBINARY=${BINARY}; LogText " Found known binary: grep (text search) - ${BINARY}" ;;
|
grep) GREPFOUND=1; GREPBINARY=${BINARY}; LogText " Found known binary: grep (text search) - ${BINARY}" ;;
|
||||||
grub2-install) GRUB2INSTALLFOUND=1; GRUB2INSTALLBINARY=${BINARY}; LogText " Found known binary: grub2-install (installer for boot loader) - ${BINARY}" ;;
|
grub2-install) GRUB2INSTALLFOUND=1; GRUB2INSTALLBINARY=${BINARY}; LogText " Found known binary: grub2-install (installer for boot loader) - ${BINARY}" ;;
|
||||||
gzip) GZIPFOUND=1; GZIPBINARY="${BINARY}"; LogText " Found known binary: gzip (compressing utility) - ${BINARY}" ;;
|
gzip) GZIPFOUND=1; GZIPBINARY="${BINARY}"; LogText " Found known binary: gzip (compressing utility) - ${BINARY}" ;;
|
||||||
|
@ -45,6 +45,7 @@ unset LANG
|
|||||||
#
|
#
|
||||||
# == Variable initializing ==
|
# == Variable initializing ==
|
||||||
#
|
#
|
||||||
|
ARCH_AUDIT_BINARY=""
|
||||||
AUDITORNAME=""
|
AUDITORNAME=""
|
||||||
AUDITCTLBINARY=""
|
AUDITCTLBINARY=""
|
||||||
AUDITDBINARY=""
|
AUDITDBINARY=""
|
||||||
@ -58,13 +59,14 @@ unset LANG
|
|||||||
AUDITD_RUNNING=0
|
AUDITD_RUNNING=0
|
||||||
APPLICATION_FIREWALL_ACTIVE=0
|
APPLICATION_FIREWALL_ACTIVE=0
|
||||||
BINARY_SCAN_FINISHED=0
|
BINARY_SCAN_FINISHED=0
|
||||||
|
CAT_BINARY=""
|
||||||
CFAGENTBINARY=""
|
CFAGENTBINARY=""
|
||||||
CHECK=0
|
CHECK=0
|
||||||
CHECK_BINARIES=1
|
CHECK_BINARIES=1
|
||||||
CHECK_OPTION_ARRAY=""
|
CHECK_OPTION_ARRAY=""
|
||||||
CHKROOTKITBINARY=""
|
CHKROOTKITBINARY=""
|
||||||
CHKCONFIGBINARY=""
|
CHKCONFIGBINARY=""
|
||||||
CLAMCONFBINARY=""
|
CLAMCONF_BINARY=""
|
||||||
CLAMSCANBINARY=""
|
CLAMSCANBINARY=""
|
||||||
COLORS=1
|
COLORS=1
|
||||||
COMPLIANCE_ENABLE_CIS=0
|
COMPLIANCE_ENABLE_CIS=0
|
||||||
@ -100,6 +102,7 @@ unset LANG
|
|||||||
FIND=""
|
FIND=""
|
||||||
FIREWALL_ACTIVE=0
|
FIREWALL_ACTIVE=0
|
||||||
FOUNDPATH=0
|
FOUNDPATH=0
|
||||||
|
GETENT_BINARY=""
|
||||||
GREPBINARY="grep"
|
GREPBINARY="grep"
|
||||||
GROUP_NAME=""
|
GROUP_NAME=""
|
||||||
GRPCKBINARY=""
|
GRPCKBINARY=""
|
||||||
@ -115,6 +118,7 @@ unset LANG
|
|||||||
IPTABLESBINARY=""
|
IPTABLESBINARY=""
|
||||||
JOURNALCTLBINARY=""
|
JOURNALCTLBINARY=""
|
||||||
KLDSTATBINARY=""
|
KLDSTATBINARY=""
|
||||||
|
LAUNCHCTL_BINARY=""
|
||||||
LDAP_CLIENT_CONFIG_FILE=""
|
LDAP_CLIENT_CONFIG_FILE=""
|
||||||
LINUX_VERSION=""
|
LINUX_VERSION=""
|
||||||
LINUXCONFIGFILE=""
|
LINUXCONFIGFILE=""
|
||||||
@ -184,6 +188,7 @@ unset LANG
|
|||||||
PFCTLBINARY=""
|
PFCTLBINARY=""
|
||||||
PFFOUND=0
|
PFFOUND=0
|
||||||
PIDFILE=""
|
PIDFILE=""
|
||||||
|
PKG_BINARY=""
|
||||||
PKGADMINBINARY=""
|
PKGADMINBINARY=""
|
||||||
PLUGINDIR=""
|
PLUGINDIR=""
|
||||||
PLUGIN_PHASE=0
|
PLUGIN_PHASE=0
|
||||||
|
@ -658,11 +658,11 @@
|
|||||||
#
|
#
|
||||||
# Test : NAME-4408
|
# Test : NAME-4408
|
||||||
# Description : Check localhost entry
|
# Description : Check localhost entry
|
||||||
if [ ! -z "${GETENTBINARY}" ]; then PREQS_MET="YES"; SKIPREASON="No getent binary"; else PREQS_MET="NO"; SKIPREASON=""; fi
|
if [ ! -z "${GETENT_BINARY}" ]; then PREQS_MET="YES"; SKIPREASON="No getent binary"; else PREQS_MET="NO"; SKIPREASON=""; fi
|
||||||
Register --test-no NAME-4408 --preqs-met ${PREQS_MET} --skip-reason "${SKIPREASON}" --weight L --network NO --category security --description "Check localhost entry"
|
Register --test-no NAME-4408 --preqs-met ${PREQS_MET} --skip-reason "${SKIPREASON}" --weight L --network NO --category security --description "Check localhost entry"
|
||||||
if [ ${SKIPTEST} -eq 0 ]; then
|
if [ ${SKIPTEST} -eq 0 ]; then
|
||||||
LogText "Test: Check server hostname not locally mapped in /etc/hosts"
|
LogText "Test: Check server hostname not locally mapped in /etc/hosts"
|
||||||
FIND=$(${GETENTBINARY} hosts localhost | ${AWKBINARY} '{print $1}')
|
FIND=$(${GETENT_BINARY} hosts localhost | ${AWKBINARY} '{print $1}')
|
||||||
if [ "${FIND}" = "127.0.0.1" ]; then
|
if [ "${FIND}" = "127.0.0.1" ]; then
|
||||||
LogText "Result: localhost mapped to 127.0.0.1"
|
LogText "Result: localhost mapped to 127.0.0.1"
|
||||||
Display --indent 4 --text "- Checking /etc/hosts (localhost to IP)" --result "${STATUS_OK}" --color GREEN
|
Display --indent 4 --text "- Checking /etc/hosts (localhost to IP)" --result "${STATUS_OK}" --color GREEN
|
||||||
|
Loading…
x
Reference in New Issue
Block a user