tyler.durden
/
lynis
mirror of https://github.com/CISOfy/lynis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1373 from jsegitz/tests_mac_frameworks2 

tests_mac_frameworks: check for existance of semanage binary
This commit is contained in:
Michael Boelen 2024-05-14 11:41:04 +02:00 committed by GitHub
parent 83695ad3e2 eeec52b160
commit 2cb1f4351f
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 8 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
include/tests_mac_frameworks
View File

@ -158,10 +158,14 @@
Display --indent 6 --text "- Checking current mode and config file" --result "${STATUS_WARNING}" --color RED
fi
Display --indent 8 --text "Current SELinux mode: ${FIND}"
PERMISSIVE=$(${SEMANAGEBINARY} permissive --list --noheading | ${TRBINARY} '\n' ' ')
NPERMISSIVE=$(${SEMANAGEBINARY} permissive --list --noheading | ${WCBINARY} -l)
Display --indent 8 --text "Found ${NPERMISSIVE} permissive SELinux object types"
LogText "Permissive SELinux object types: ${PERMISSIVE}"
if [ -n "${SEMANAGEBINARY}" ]; then
PERMISSIVE=$(${SEMANAGEBINARY} permissive --list --noheading | ${TRBINARY} '\n' ' ')
NPERMISSIVE=$(${SEMANAGEBINARY} permissive --list --noheading | ${WCBINARY} -l)
Display --indent 8 --text "Found ${NPERMISSIVE} permissive SELinux object types"
LogText "Permissive SELinux object types: ${PERMISSIVE}"
else
LogText "Result: semanage binary NOT found, can't analyse permissive domains"
fi
UNCONFINED=$(${PSBINARY} -eo label,pid,command | ${GREPBINARY} '[u]nconfined_t' | ${TRBINARY} '\n' ' ')
INITRC=$(${PSBINARY} -eo label,pid,command | ${GREPBINARY} '[i]nitrc_t' | ${TRBINARY} '\n' ' ')
NUNCONFINED=$(${PSBINARY} -eo label | ${GREPBINARY} '[u]nconfined_t' | ${WCBINARY} -l)