Improved detection of blacklisted/disabled modules

include/tests_storage

@@ -33,7 +33,7 @@
         if [ -d /etc/modprobe.d ]; then
             FIND=`ls /etc/modprobe.d/* 2> /dev/null`
             if [ ! "${FIND}" = "" ]; then
-                FIND=`grep -r "install usb-storage /bin/true" /etc/modprobe.d/* | grep "usb-storage" | grep -v "#"`
+                FIND=`grep -r "install usb-storage /bin/(false|true)" /etc/modprobe.d/* | grep "usb-storage" | grep -v "#"`
                 FIND2=`egrep -r "^blacklist (usb_storage|usb-storage)" /etc/modprobe.d/*`
                 if [ ! "${FIND}" = "" -o ! "${FIND2}" = "" ]; then
                     FOUND=1
@@ -44,7 +44,7 @@
             fi
         fi
         if [ -f /etc/modprobe.conf ]; then
-            FIND=`grep "install usb-storage /bin/true" /etc/modprobe.conf | grep "usb-storage" | grep -v "#"`
+            FIND=`grep "install usb-storage /bin/(false|true)" /etc/modprobe.conf | grep "usb-storage" | grep -v "#"`
             if [ ! "${FIND}" = "" ]; then
                 FOUND=1
                 logtext "Result: found usb-storage driver in disabled state"
@@ -66,6 +66,7 @@
 #
     # Test        : STRG-1846
     # Description : Check for disabled firewire storage
+    # Explanation : Best option is to use the install function, or else drivers can still be loaded manually
     Register --test-no STRG-1846 --os Linux --weight L --network NO --description "Check if firewire storage is disabled"
     if [ ${SKIPTEST} -eq 0 ]; then
         FOUND=0
@@ -73,8 +74,8 @@
         if [ -d /etc/modprobe.d ]; then
             FIND=`ls /etc/modprobe.d/* 2> /dev/null`
             if [ ! "${FIND}" = "" ]; then
-                FIND1=`egrep "blacklist (ohci1394|firewire-ohci)" /etc/modprobe.d/* | grep "ohci" | grep -v "#"`
+                FIND1=`egrep "blacklist (ohci1394|firewire-ohci|firewire_ohci)" /etc/modprobe.d/* | grep "ohci" | grep -v "#"`
-                FIND2=`egrep "install (ohci1394|firewire-ohci) /bin/true" /etc/modprobe.d/* | grep "ohci" | grep -v "#"`
+                FIND2=`egrep "install (ohci1394|firewire-ohci|firewire_ohci) /bin/(false|true)" /etc/modprobe.d/* | grep "ohci" | grep -v "#"`
                 if [ ! "${FIND1}" = "" -o ! "${FIND2}" = "" ]; then
                     FOUND=1
                     logtext "Result: found firewire ohci driver in disabled state"
@@ -84,8 +85,8 @@
             fi
         fi
         if [ -f /etc/modprobe.conf ]; then
-            FIND1=`egrep -r "blacklist (ohci1394|firewire-ohci)" /etc/modprobe.conf | grep "ohci" | grep -v "#"`
+            FIND1=`egrep -r "blacklist (ohci1394|firewire-ohci|firewire_ohci)" /etc/modprobe.conf | grep "ohci" | grep -v "#"`
-            FIND2=`egrep -r "install (ohci1394|firewire-ohci) /bin/true" /etc/modprobe.conf | grep "ohci" | grep -v "#"`
+            FIND2=`egrep -r "install (ohci1394|firewire-ohci|firewire_ohci) /bin/(false|true)" /etc/modprobe.conf | grep "ohci" | grep -v "#"`
             if [ ! "${FIND1}" = "" -o ! "${FIND2}" = "" ]; then
                 FOUND=1
                 logtext "Result: found firewire ohci driver in disabled state"
@@ -107,6 +108,7 @@
 #
 #################################################################################
 #
+# Use modprobe --showconfig to test for options
 
 # NetBSD: amd (auto mount daemon)
 
@@ -119,4 +121,4 @@ wait_for_keypress
 
 #
 #================================================================================
-# Lynis - Copyright 2007-2015, Michael Boelen - www.rootkit.nl - The Netherlands
+# Lynis - Copyright 2007-2015, CISOfy, Michael Boelen - https://cisofy.com