tyler.durden/lynis
1
0
Fork 0
mirror of https://github.com/CISOfy/lynis.git synced 2025-07-29 08:44:21 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1016 from Jimver/fix_nginx_parser

Browse Source 
ParseNginx(): Fix wildcard expansion, absolute path handling and output to stderr
This commit is contained in:
Michael Boelen 2020-10-22 08:44:07 +02:00 committed by GitHub
commit 3294e1a9bd
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 21 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
include/functions
View File

@ -2179,7 +2179,8 @@
for I in ${FIND}; do for I in ${FIND}; do
I=$(echo ${I} | sed 's/:space:/ /g' | sed 's/;$//' | sed 's/ #.*$//') I=$(echo ${I} | sed 's/:space:/ /g' | sed 's/;$//' | sed 's/ #.*$//')
OPTION=$(echo ${I} | awk '{ print $1 }') OPTION=$(echo ${I} | awk '{ print $1 }')
VALUE=$(echo ${I}| cut -d' ' -f2-) # Use quotes here to prevent wildcard expansion
VALUE=$(echo "${I}"| cut -d' ' -f2-)
LogText "Result: found option ${OPTION} in ${CONFIG_FILE} with value '${VALUE}'" LogText "Result: found option ${OPTION} in ${CONFIG_FILE} with value '${VALUE}'"
STORE_SETTING=1 STORE_SETTING=1
case ${OPTION} in case ${OPTION} in
@ -2302,10 +2303,25 @@
done done
if [ ${FOUND} -eq 0 ]; then NGINX_CONF_FILES_ADDITIONS="${NGINX_CONF_FILES_ADDITIONS} ${VALUE}"; fi if [ ${FOUND} -eq 0 ]; then NGINX_CONF_FILES_ADDITIONS="${NGINX_CONF_FILES_ADDITIONS} ${VALUE}"; fi
# Check for additional config files included as follows # Check for additional config files included as follows
# "include sites-enabled/*.conf" # "include sites-enabled/*.conf" (relative path)
elif [ $(echo ${VALUE} | grep -F -c "*.conf") -gt 0 ]; then # "include /etc/nginx/sites-enabled/*.conf" (absolute path)
if [ "$(echo ${VALUE} | ${CUTBINARY} -c1)" != "/" ]; then VALUE=${CONFIG_FILE%nginx.conf}; fi elif [ $(echo "${VALUE}" | grep -F -c "*.conf") -gt 0 ]; then
for FOUND_CONF in $(ls ${VALUE%;*} 2> /dev/null); do # Check if path is absolute or relative
case $VALUE in
/*)
# Absolute path, so wildcard pattern is already correct
CONF_WILDCARD=${VALUE%;*}
;;
*)
# Relative path, so construct absolute path for wildcard pattern
CONF_WILDCARD=${CONFIG_FILE%nginx.conf}${VALUE%;*}
;;
esac
for FOUND_CONF in ${CONF_WILDCARD}; do
if [ "${FOUND_CONF}" = "${CONF_WILDCARD}" ]; then
LogText "Found no match for wildcard pattern: ${CONF_WILDCARD}"
break
fi
FOUND=0 FOUND=0
for CONF in ${NGINX_CONF_FILES}; do for CONF in ${NGINX_CONF_FILES}; do
if [ "${CONF}" = "${FOUND_CONF}" ]; then FOUND=1; LogText "Found this file already in our configuration files array, not adding to queue"; fi if [ "${CONF}" = "${FOUND_CONF}" ]; then FOUND=1; LogText "Found this file already in our configuration files array, not adding to queue"; fi