tyler.durden/lynis
1
0
Fork 0
mirror of https://github.com/CISOfy/lynis.git synced 2025-07-28 16:24:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1328 from konstruktoid/issue1327

Browse Source 
find redis.conf if /snap directory exists
This commit is contained in:
Michael Boelen 2024-03-12 13:38:40 +01:00 committed by GitHub
commit 264012a4ff
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 8 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
include/tests_databases
View File

@ -85,7 +85,7 @@
LogText "Test: Trying to login to local MySQL server without password" LogText "Test: Trying to login to local MySQL server without password"
# "-u root --password=" avoids ~/.my.cnf authentication settings # "-u root --password=" avoids ~/.my.cnf authentication settings
# "plugin = 'mysql_native_password' AND authentication_string = ''" avoids false positives when secure plugins are used # "plugin = 'mysql_native_password' AND authentication_string = ''" avoids false positives when secure plugins are used
FIND=$(${MYSQLCLIENTBINARY} --default-auth=mysql_native_password --no-defaults -u root --password= --silent --batch --execute="SELECT count(*) FROM mysql.user WHERE user = 'root' AND plugin = 'mysql_native_password' AND authentication_string = ''" mysql > /dev/null 2>&1; echo $?) FIND=$(${MYSQLCLIENTBINARY} --default-auth=mysql_native_password --no-defaults -u root --password= --silent --batch --execute="SELECT count(*) FROM mysql.user WHERE user = 'root' AND plugin = 'mysql_native_password' AND authentication_string = ''" mysql > /dev/null 2>&1; echo $?)
if [ "${FIND}" = "0" ]; then if [ "${FIND}" = "0" ]; then
LogText "Result: Login succeeded, no MySQL root password set!" LogText "Result: Login succeeded, no MySQL root password set!"
@ -227,7 +227,7 @@
ReportWarning "${TEST_NO}" "PostgreSQL configuration file ${CF} is world readable and might leak sensitive details" "${CF}" "Use chmod 600 to change file permissions" ReportWarning "${TEST_NO}" "PostgreSQL configuration file ${CF} is world readable and might leak sensitive details" "${CF}" "Use chmod 600 to change file permissions"
else else
LogText "Result: great, configuration file ${CF} is not world readable" LogText "Result: great, configuration file ${CF} is not world readable"
fi fi
done done
fi fi
# #
@ -316,6 +316,12 @@
if [ ${QNAP_DEVICE} -eq 1 ]; then if [ ${QNAP_DEVICE} -eq 1 ]; then
PATHS="${PATHS} ${ROOTDIR}share/CACHEDEV1_DATA/.qpkg/QKVM/usr/etc/redis.conf" PATHS="${PATHS} ${ROOTDIR}share/CACHEDEV1_DATA/.qpkg/QKVM/usr/etc/redis.conf"
fi fi
if [ -d "${ROOTDIR}snap" ]; then
for SNAP_PATH in $(${FINDBINARY} ${ROOTDIR}snap -name 'redis.conf' -type f | ${SEDBINARY} 's/redis.conf$//g'); do
PATHS="${PATHS} ${SNAP_PATH}"
done
fi
ALLFILES=$(${LSBINARY} ${ROOTDIR}etc/redis.conf 2> /dev/null) ALLFILES=$(${LSBINARY} ${ROOTDIR}etc/redis.conf 2> /dev/null)
FOUND=0 FOUND=0
for DIR in ${PATHS}; do for DIR in ${PATHS}; do