mirror of https://github.com/CISOfy/lynis.git
[PKGS-7420] limit test to specific OS, add dnf-automatic support, extend logging
This commit is contained in:
Michael Boelen
parent
abaed3e6c1
commit
3660043308
|
|
@ -1284,35 +1284,57 @@
|
|||
if [ ${SKIPTEST} -eq 0 ]; then
|
||||
UNATTENDED_UPGRADES_TOOLKIT=0
|
||||
UNATTENDED_UPGRADES_TOOL=""
|
||||
if [ -f "${ROOTDIR}bin/auter" ]; then
|
||||
UNATTENDED_UPGRADES_TOOL="auter"
|
||||
UNATTENDED_UPGRADES_TOOLKIT=1
|
||||
LogText "Result: found ${UNATTENDED_UPGRADES_TOOL}"
|
||||
Report "unattended_upgrade_tool[]=auter"
|
||||
fi
|
||||
if [ -f "${ROOTDIR}sbin/yum-cron" ]; then
|
||||
UNATTENDED_UPGRADES_TOOL="yum-cron"
|
||||
UNATTENDED_UPGRADES_TOOLKIT=1
|
||||
LogText "Result: found ${UNATTENDED_UPGRADES_TOOL}"
|
||||
Report "unattended_upgrade_tool[]=yum-cron"
|
||||
fi
|
||||
if [ -f "${ROOTDIR}usr/bin/unattended-upgrade" ]; then
|
||||
UNATTENDED_UPGRADES_TOOL="unattended-upgrade"
|
||||
UNATTENDED_UPGRADES_TOOLKIT=1
|
||||
LogText "Result: found ${UNATTENDED_UPGRADES_TOOL}"
|
||||
Report "unattended_upgrade_tool[]=unattended-upgrade"
|
||||
fi
|
||||
if [ ${UNATTENDED_UPGRADES_TOOLKIT} -eq 1 ]; then
|
||||
AddHP 5 5
|
||||
Display --indent 2 --text "- Toolkit for automatic upgrades (${UNATTENDED_UPGRADES_TOOL})" --result "${STATUS_FOUND}" --color GREEN
|
||||
else
|
||||
# TODO - Add logic to only display this when it is applicable as not all operating systems might support such tooling
|
||||
AddHP 1 5
|
||||
Display --indent 2 --text "- Toolkit for automatic upgrades" --result "${STATUS_NOTFOUND}" --color YELLOW
|
||||
LogText "Result: no toolkit for automatic updates discovered"
|
||||
# TODO - add suggestion
|
||||
UNATTENDED_UPGRADES_OPTION_AVAILABLE=0
|
||||
|
||||
case "${OS}" in
|
||||
"Linux")
|
||||
case "${LINUX_VERSION}" in
|
||||
"CentOS" | "Debian" | "Fedora" | "RHEL" | "Ubuntu")
|
||||
|
||||
UNATTENDED_UPGRADES_OPTION_AVAILABLE=1
|
||||
# Test available tools for Linux
|
||||
if [ -f "${ROOTDIR}bin/auter" ]; then
|
||||
UNATTENDED_UPGRADES_TOOL="auter"
|
||||
UNATTENDED_UPGRADES_TOOLKIT=1
|
||||
LogText "Result: found ${UNATTENDED_UPGRADES_TOOL}"
|
||||
Report "unattended_upgrade_tool[]=${UNATTENDED_UPGRADES_TOOL}"
|
||||
fi
|
||||
if [ -f "${ROOTDIR}sbin/yum-cron" ]; then
|
||||
UNATTENDED_UPGRADES_TOOL="yum-cron"
|
||||
UNATTENDED_UPGRADES_TOOLKIT=1
|
||||
LogText "Result: found ${UNATTENDED_UPGRADES_TOOL}"
|
||||
Report "unattended_upgrade_tool[]=${UNATTENDED_UPGRADES_TOOL}"
|
||||
fi
|
||||
if [ -f "${ROOTDIR}usr/bin/dnf-automatic" ]; then
|
||||
UNATTENDED_UPGRADES_TOOL="dnf-automatic"
|
||||
UNATTENDED_UPGRADES_TOOLKIT=1
|
||||
LogText "Result: found ${UNATTENDED_UPGRADES_TOOL}"
|
||||
Report "unattended_upgrade_tool[]=${UNATTENDED_UPGRADES_TOOL}"
|
||||
fi
|
||||
if [ -f "${ROOTDIR}usr/bin/unattended-upgrade" ]; then
|
||||
UNATTENDED_UPGRADES_TOOL="unattended-upgrade"
|
||||
UNATTENDED_UPGRADES_TOOLKIT=1
|
||||
LogText "Result: found ${UNATTENDED_UPGRADES_TOOL}"
|
||||
Report "unattended_upgrade_tool[]=${UNATTENDED_UPGRADES_TOOL}"
|
||||
fi
|
||||
;;
|
||||
esac
|
||||
;;
|
||||
esac
|
||||
|
||||
if [ ${UNATTENDED_UPGRADES_OPTION_AVAILABLE} -eq 1 ]; then
|
||||
if [ ${UNATTENDED_UPGRADES_TOOLKIT} -eq 1 ]; then
|
||||
AddHP 5 5
|
||||
Display --indent 2 --text "- Toolkit for automatic upgrades (${UNATTENDED_UPGRADES_TOOL})" --result "${STATUS_FOUND}" --color GREEN
|
||||
else
|
||||
AddHP 1 5
|
||||
Display --indent 2 --text "- Toolkit for automatic upgrades" --result "${STATUS_NOTFOUND}" --color YELLOW
|
||||
LogText "Result: no toolkit for automatic updates discovered"
|
||||
ReportSuggestion "${TEST_NO}" "Consider using a tool to automatically apply upgrades"
|
||||
fi
|
||||
fi
|
||||
|
||||
Report "unattended_upgrade_option_avaiable=${UNATTENDED_UPGRADES_OPTION_AVAILABLE}"
|
||||
fi
|
||||
#
|
||||
#################################################################################
|
||||
|
|
|
|||
Loading…
Reference in New Issue