tyler.durden
/
lynis
mirror of https://github.com/CISOfy/lynis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Style improvements

This commit is contained in:
Michael Boelen 2019-09-19 14:05:15 +02:00
parent 950be03ddb
commit 36627a4eb7
No known key found for this signature in database
GPG Key ID: 26141F77A09D7F04
11 changed files with 59 additions and 67 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
include/binaries
View File

@ -124,7 +124,6 @@
arch-audit) ARCH_AUDIT_BINARY="${BINARY}"; LogText " Found known binary: arch-audit (auditing utility to test for vulnerable packages) - ${BINARY}" ;;
auditd) AUDITDBINARY=${BINARY}; LogText " Found known binary: auditd (audit framework) - ${BINARY}" ;;
awk) AWKBINARY=${BINARY}; LogText " Found known binary: awk (string tool) - ${BINARY}" ;;
dig) DIGBINARY=${BINARY}; LogText " Found known binary: dig (nameservice tool) - ${BINARY}" ;;
as) ASBINARY="${BINARY}"; COMPILER_INSTALLED=1; LogText " Found known binary: as (compiler) - ${BINARY}" ;;
auditctl) AUDITCTLBINARY="${BINARY}"; LogText " Found known binary: auditctl (control utility for audit daemon) - ${BINARY}" ;;
autolog) AUTOLOGBINARY="${BINARY}"; IDLE_SESSION_KILLER_INSTALLED=1; LogText " Found known binary: autolog (idle session killer) - ${BINARY}" ;;

18
include/functions
View File

@ -149,7 +149,7 @@
CreateTempFile
SETTINGS_FILE="${TEMP_FILE}"
fi
FIND=$(egrep "^${SETTING};" ${SETTINGS_FILE})
FIND=$(grep -E "^${SETTING};" ${SETTINGS_FILE})
if [ -z "${FIND}" ]; then
echo "${SETTING};${VALUE};${DESCRIPTION};" >> ${SETTINGS_FILE}
else
@ -227,7 +227,7 @@
if [ ! "${REPORTFILE}" = "/dev/null" ]; then
# Check if we can find the main type (with or without brackets)
LogText "Test: search string $2 in earlier discovered results"
FIND=$(egrep "^$1(\[\])?=" ${REPORTFILE} | egrep "$2")
FIND=$(grep -E "^$1(\[\])?=" ${REPORTFILE} | grep -E "$2")
if HasData "${FIND}"; then
RETVAL=0
LogText "Result: found search string (result: $FIND)"
@ -310,7 +310,7 @@
ContainsString() {
RETVAL=1
if [ $# -ne 2 ]; then ReportException "ContainsString" "Incorrect number of arguments for ContainsStrings function"; fi
FIND=$(echo "$2" | egrep "$1")
FIND=$(echo "$2" | grep -E "$1")
if [ ! "${FIND}" = "" ]; then RETVAL=0; fi
return ${RETVAL}
}
@ -1024,10 +1024,10 @@
elif [ -n "${IPBINARY}" ]; then
# Determine if we have the common available eth0 interface
FIND=$(${IPBINARY} addr show eth0 2> /dev/null | egrep "link/ether " | head -1 | awk '{ print $2 }' | tr '[:upper:]' '[:lower:]')
FIND=$(${IPBINARY} addr show eth0 2> /dev/null | grep -E "link/ether " | head -1 | awk '{ print $2 }' | tr '[:upper:]' '[:lower:]')
if IsEmpty "${FIND}"; then
# Determine the MAC address of first interface with the ip command
FIND=$(${IPBINARY} addr show 2> /dev/null | egrep "link/ether " | head -1 | awk '{ print $2 }' | tr '[:upper:]' '[:lower:]')
FIND=$(${IPBINARY} addr show 2> /dev/null | grep -E "link/ether " | head -1 | awk '{ print $2 }' | tr '[:upper:]' '[:lower:]')
if IsEmpty "${FIND}"; then
ReportException "GetHostID" "Can't create hostid (no MAC addresses found)"
fi
@ -1816,7 +1816,7 @@
# FreeBSD: hw.hv_vendor (remains empty for VirtualBox)
# NetBSD: machdep.dmi.system-product
# OpenBSD: hw.product
FIND=$(sysctl -a 2> /dev/null | egrep "(hw.product|machdep.dmi.system-product)" | head -1 | sed 's/ = /=/' | awk -F= '{ print $2 }')
FIND=$(sysctl -a 2> /dev/null | grep -E "(hw.product|machdep.dmi.system-product)" | head -1 | sed 's/ = /=/' | awk -F= '{ print $2 }')
if [ ! "${FIND}" = "" ]; then
SHORT="${FIND}"
fi
@ -2694,7 +2694,7 @@
# Clean up temp files
for FILE in ${TEMP_FILES}; do
# Temporary files should be in /tmp
TMPFILE=$(echo ${FILE} | egrep "^/tmp/lynis" | grep -v "\.\.")
TMPFILE=$(echo ${FILE} | grep -E "^/tmp/lynis" | grep -v "\.\.")
if [ -n "${TMPFILE}" ]; then
if [ -f "${TMPFILE}" ]; then
LogText "Action: removing temporary file ${TMPFILE}"
@ -3108,7 +3108,7 @@
if [ -f ${FILE} ]; then
# Check if we can find the main type (with or without brackets)
LogText "Test: search string ${STRING} in file ${FILE}"
FIND=$(egrep "${STRING}" ${FILE})
FIND=$(grep -E "${STRING}" ${FILE})
if [ -n "${FIND}" ]; then
LogText "Result: found search string '${STRING}'"
if [ ${MASK_LOG} -eq 0 ]; then LogText "Full string returned: ${FIND}"; fi
@ -3459,7 +3459,7 @@
# Apply the related function
case ${FUNCTION} in
"contains")
FIND=$(echo ${VALUE} | egrep "${SEARCH}")
FIND=$(echo ${VALUE} | grep -E "${SEARCH}")
if [ "${FIND}" = "" ]; then RETVAL=1; else RETVAL=0; fi
;;
#"gt" | "greater-than") COLOR=$GREEN ;;

32
include/helper_audit_dockerfile
View File

@ -23,7 +23,7 @@ if [ $# -eq 0 ]; then
Display --text " "; Display --text " "
ExitFatal
else
FILE=$(echo $1 | egrep "^http|https")
FILE=$(echo $1 | grep -E "^http|https")
if HasData "${FILE}"; then
echo "Provide a file (not a URL)"
ExitFatal
@ -93,24 +93,19 @@ fi
#
##################################################################################################
#
InsertSection "Basics"
InsertSection "Basics"
#FIND=$(egrep "^MAINTAINER" ${AUDIT_FILE} | sed 's/ /:space:/g')
FIND=$(egrep -i "*MAINTAINER" ${AUDIT_FILE} | sed 's/=/ /g' | cut -d'"' -f 2)
if [ -z "${FIND}" ]; then
MAINTAINER=$(grep -E -i "*MAINTAINER" ${AUDIT_FILE} | sed 's/=/ /g' | cut -d'"' -f 2)
if [ -z "${MAINTAINER}" ]; then
ReportWarning "dockerfile" "No maintainer found. Unclear who created this file."
else
#MAINTAINER=$(echo ${FIND} | sed 's/:space:/ /g' | awk '{ if($1=="MAINTAINER") { print }}')
MAINTAINER=$(echo ${FIND})
Display --indent 2 --text "Maintainer" --result "${MAINTAINER}"
fi
FIND=$(grep "^ENTRYPOINT" ${AUDIT_FILE} | cut -d' ' -f2 )
if [ "${FIND}" = "" ]; then
ENTRYPOINT=$(grep "^ENTRYPOINT" ${AUDIT_FILE} | cut -d' ' -f2 )
if [ -z "${ENTRYPOINT}" ]; then
ReportWarning "dockerfile" "No ENTRYPOINT defined in Dockerfile."
else
ENTRYPOINT=$(echo ${FIND})
Display --indent 2 --text "ENTRYPOINT" --result "${ENTRYPOINT}"
fi
@ -129,17 +124,14 @@ InsertSection "Basics"
USER=$(echo ${FIND})
Display --indent 2 --text "User" --result "${USER}"
fi
#
##################################################################################################
#
InsertSection "Software"
case $PKGMGR in
"apt")
FIND=$(egrep "apt-get(.*) install" ${AUDIT_FILE})
FIND=$(grep -E "apt-get(.*) install" ${AUDIT_FILE})
if [ ! "${FIND}" = "" ]; then
LogText "Found installation via apt-get"
else
@ -147,7 +139,7 @@ InsertSection "Basics"
fi
;;
"apk")
FIND=$(egrep "apk(.*) add" ${AUDIT_FILE})
FIND=$(grep -E "apk(.*) add" ${AUDIT_FILE})
if [ ! "${FIND}" = "" ]; then
LogText "Found installation via apk"
else
@ -159,7 +151,7 @@ InsertSection "Basics"
;;
esac
FIND=$(egrep " (gcc|libc6-dev|make)" ${AUDIT_FILE} | grep -v "^#")
FIND=$(grep -E " (gcc|libc6-dev|make)" ${AUDIT_FILE} | grep -v "^#")
if [ ! "${FIND}" = "" ]; then
ReportWarning "dockerfile" "Possible development utilities found, which is not advised for production environment"
LogText "Details: ${FIND}"
@ -202,7 +194,7 @@ InsertSection "Basics"
if [ ${FILE_DOWNLOAD} -eq 1 ]; then
SSL_USED_FIND=$(egrep "(https)" ${AUDIT_FILE})
SSL_USED_FIND=$(grep -E "(https)" ${AUDIT_FILE})
if HasData "${SSL_USED_FIND}"; then
SSL_USED="YES"
@ -213,9 +205,9 @@ InsertSection "Basics"
ReportSuggestion "Use SSL downloads when possible to increase security (DNSSEC, HTTPS, validation of domain, avoid MitM)"
fi
Display --indent 2 --text "Integrity testing performed" --result "${SSL_USED}" --color ${COLOR}
HASHING_USED=$(egrep "(sha1sum|sha256sum|sha512sum)" ${AUDIT_FILE})
HASHING_USED=$(grep -E "(sha1sum|sha256sum|sha512sum)" ${AUDIT_FILE})
Display --indent 2 --text "Hashing" --result "${HASHING_USED}"
KEYS_USED=$(egrep "(apt-key adv)" ${AUDIT_FILE}| sed 's/RUN apt-key adv//g'| sed 's/--keyserver/Key Server:/g' | sed 's/--recv/Key Value:/g')
KEYS_USED=$(grep -E "(apt-key adv)" ${AUDIT_FILE}| sed 's/RUN apt-key adv//g'| sed 's/--keyserver/Key Server:/g' | sed 's/--recv/Key Value:/g')
Display --indent 2 --text "Signing keys used" --result "${KEYS_USED}"
Display --indent 2 --text "All downloads properly checked" --result "?"
else

2
include/parameters
View File

@ -377,7 +377,7 @@
;;
# Scan one or more tests from just on group
--tests-from-group | --tests-from-groups | --test-from-group | --test-from-group)
--tests-from-group | --tests-from-groups | --test-from-group | --test-from-groups)
shift
TEST_GROUP_TO_CHECK=$1
;;

42
include/profiles
View File

@ -35,13 +35,13 @@
# Show deprecation message for old config entries such as 'config:' and 'apache:'
FOUND=0
DATA=$(egrep "^[a-z-]{1,}:" ${PROFILE} | od -An -ta | sed 's/ /!space!/g') # od -An (no file offset), -ta (named character, to be on safe side)
DATA=$(grep -E "^[a-z-]{1,}:" ${PROFILE} | od -An -ta | sed 's/ /!space!/g') # od -An (no file offset), -ta (named character, to be on safe side)
if ! IsEmpty "${DATA}"; then FOUND=1; fi
if [ ${FOUND} -eq 1 ]; then
DisplayWarning "Your profile contains old-style configuration entries. See log file for more details and how to convert these entries"
LogText "Your profile has one or more configuration items that are in an old format (lines starting with key:value). They need to be converted into the new format (key=value)."
LogText "Tip: Use egrep to see the relevant matches (egrep \"^[a-z-]{1,}:\" custom.prf)"
LogText "Tip: Use grep to see the relevant matches (grep -E \"^[a-z-]{1,}:\" custom.prf)"
sleep 30
fi
@ -50,7 +50,7 @@
if ! IsEmpty "${DATA}"; then
DisplayWarning "Your profile '${PROFILE}' contains unexpected characters. See the log file for more information."
LogText "Found unexpected or possibly harmful characters in profile '${PROFILE}'. See which characters matched in the output below and compare them with your profile."
for I in "${DATA}"; do
for I in ${DATA}; do
I=$(echo ${I} | sed 's/!space!/ /g')
LogText "Output: ${I}"
done
@ -59,7 +59,7 @@
fi
# Now parse the profile and filter out unwanted characters
DATA=$(egrep "^config:|^[a-z-].*=" ${PROFILE} | tr -dc '[:alnum:]/\[\]\(\)_\|,\.:;= \n\r-' | sed 's/ /!space!/g')
DATA=$(grep -E "^config:|^[a-z-].*=" ${PROFILE} | tr -dc '[:alnum:]/\[\]\(\)_\|,\.:;= \n\r-' | sed 's/ /!space!/g')
for CONFIGOPTION in ${DATA}; do
if ContainsString "^config:" "${CONFIGOPTION}"; then
# Old style configuration
@ -76,7 +76,7 @@
# Is Lynis Enterprise allowed to purge this system when it is becomes outdated?
allow-auto-purge)
FIND=$(echo "${VALUE}" | egrep "^(1|true|yes)$")
FIND=$(echo "${VALUE}" | grep -E "^(1|true|yes)$")
if [ -n "${FIND}" ]; then
Report "allow-auto-purge=1"
else
@ -109,7 +109,7 @@
colors)
# Quick mode (SKIP_PLUGINS) might already be set outside profile, so store in different variable
SETTING_COLORS=1 # default is yes
FIND=$(echo "${VALUE}" | egrep "^(0|false|no)$") && COLORS=0
FIND=$(echo "${VALUE}" | grep -E "^(0|false|no)$") && COLORS=0
if [ -n "${FIND}" ]; then SETTING_COLORS=0; RemoveColors; fi
Debug "Colors set to ${SETTING_COLORS}"
AddSetting "colors" "${SETTING_COLORS}" "Colored screen output"
@ -165,27 +165,27 @@
# Do not check security repository in sources.list (Debian/Ubuntu)
debian-skip-security-repository | debian_skip_security_repository)
FIND=$(echo "${VALUE}" | egrep "^(1|true|yes)") && OPTION_DEBIAN_SKIP_SECURITY_REPOSITORY=1
FIND=$(echo "${VALUE}" | grep -E "^(1|true|yes)") && OPTION_DEBIAN_SKIP_SECURITY_REPOSITORY=1
AddSetting "debian-skip-security-repository" "OPTION_DEBIAN_SKIP_SECURITY_REPOSITORY" "Skip checking for a security repository (Debian and others)"
;;
# Debug status to show more details while running program
debug)
FIND=$(echo "${VALUE}" | egrep "^(1|true|yes)") && DEBUG=1
FIND=$(echo "${VALUE}" | grep -E "^(1|true|yes)") && DEBUG=1
Debug "Debug mode set to '${DEBUG}'"
AddSetting "debug" "${DEBUG}" "Debugging mode"
;;
# Development mode (--developer)
developer-mode)
FIND=$(echo "${VALUE}" | egrep "^(1|true|yes)") && DEVELOPER_MODE=1
FIND=$(echo "${VALUE}" | grep -E "^(1|true|yes)") && DEVELOPER_MODE=1
Debug "Developer mode set to ${DEVELOPER_MODE}"
AddSetting "developer" "${DEVELOPER_MODE}" "Developer mode"
;;
# Show non-zero exit code when errors are found
error-on-warnings)
FIND=$(echo "${VALUE}" | egrep "^(1|true|yes)") && ERROR_ON_WARNINGS=1
FIND=$(echo "${VALUE}" | grep -E "^(1|true|yes)") && ERROR_ON_WARNINGS=1
Debug "Exit with different code on warnings is set to ${ERROR_ON_WARNINGS}"
AddSetting "error-on-warnings" "${ERROR_ON_WARNINGS}" "Use non-zero exit code if one or more warnings were found"
;;
@ -238,7 +238,7 @@
# Do (not) log tests if they have an different operating system
log-tests-incorrect-os | log_tests_incorrect_os)
FIND=$(echo "${VALUE}" | egrep "^(0|false|no)") && SETTING_LOG_TESTS_INCORRECT_OS=0
FIND=$(echo "${VALUE}" | grep -E "^(0|false|no)") && SETTING_LOG_TESTS_INCORRECT_OS=0
Debug "Logging of tests with incorrect operating system set to ${SETTING_LOG_TESTS_INCORRECT_OS}"
LOG_INCORRECT_OS=${SETTING_LOG_TESTS_INCORRECT_OS}
;;
@ -290,7 +290,7 @@
quick)
# Quick mode might already be set outside profile, so store in different variable
SETTING_QUICK_MODE=1 # default is yes
FIND=$(echo "${VALUE}" | egrep "^(0|false|no)$") && QUICKMODE=0
FIND=$(echo "${VALUE}" | grep -E "^(0|false|no)$") && QUICKMODE=0
if [ -n "${FIND}" ]; then SETTING_QUICK_MODE=1; fi
Debug "Quickmode set to ${SETTING_QUICK_MODE}"
AddSetting "quick" "${SETTING_QUICK_MODE}" "Quick mode (non-interactive)"
@ -299,7 +299,7 @@
# Refresh software repositories
refresh-repositories)
SETTING_REFRESH_REPOSITORIES=1 # default is yes
FIND=$(echo "${VALUE}" | egrep "^(0|false|no)$") && REFRESH_REPOSITORIES=0
FIND=$(echo "${VALUE}" | grep -E "^(0|false|no)$") && REFRESH_REPOSITORIES=0
if [ -n "${FIND}" ]; then SETTING_REFRESH_REPOSITORIES=0; fi
Debug "Refreshing repositories set to ${SETTING_REFRESH_REPOSITORIES}"
AddSetting "refresh-repositories" "${SETTING_REFRESH_REPOSITORIES}" "Refresh repositories (for vulnerable package detection)"
@ -308,7 +308,7 @@
# Show more details in report
show-report-solution)
SETTING_SHOW_REPORT_SOLUTION=${SHOW_REPORT_SOLUTION}
FIND=$(echo "${VALUE}" | egrep "^(0|false|no)$") && SHOW_REPORT_SOLUTION=0
FIND=$(echo "${VALUE}" | grep -E "^(0|false|no)$") && SHOW_REPORT_SOLUTION=0
if [ -n "${FIND}" ]; then SETTING_SHOW_REPORT_SOLUTION=0; fi
Debug "Show report details (solution) set to ${SETTING_SHOW_REPORT_SOLUTION}"
;;
@ -316,7 +316,7 @@
# Inline tips about tool (default enabled)
show_tool_tips | show-tool-tips)
SETTING_SHOW_TOOL_TIPS=1 # default is yes
FIND=$(echo "${VALUE}" | egrep "^(0|false|no)$") && SHOW_TOOL_TIPS=0
FIND=$(echo "${VALUE}" | grep -E "^(0|false|no)$") && SHOW_TOOL_TIPS=0
if [ -n "${FIND}" ]; then SETTING_SHOW_TOOL_TIPS=0; fi
Debug "Show tool tips set to ${SETTING_SHOW_TOOL_TIPS}"
AddSetting "show-tool-tips" "${SETTING_SHOW_TOOL_TIPS}" "Show tool tips"
@ -326,7 +326,7 @@
show-warnings-only)
QUIET=1
QUICKMODE=1
FIND=$(echo "${VALUE}" | egrep "^(1|true|yes)$") && SHOW_WARNINGS_ONLY=1
FIND=$(echo "${VALUE}" | grep -E "^(1|true|yes)$") && SHOW_WARNINGS_ONLY=1
Debug "Show warnings only set to ${SHOW_WARNINGS_ONLY}"
AddSetting "show-warnings-only" "${SHOW_WARNINGS_ONLY}" "Show only warnings"
;;
@ -335,7 +335,7 @@
skip-plugins)
# Skip plugins (SKIP_PLUGINS) might already be set, so store in different variable
SETTING_SKIP_PLUGINS=0 # default is no
FIND=$(echo "${VALUE}" | egrep "^(1|true|yes)$") && SKIP_PLUGINS=1
FIND=$(echo "${VALUE}" | grep -E "^(1|true|yes)$") && SKIP_PLUGINS=1
if [ -n "${FIND}" ]; then SETTING_SKIP_PLUGINS=1; fi
Debug "Skip plugins is set to ${SETTING_SKIP_PLUGINS}"
AddSetting "skip-plugins" "${SETTING_SKIP_PLUGINS}" "Skip plugins"
@ -349,7 +349,7 @@
# Do not check the latest version on the internet
skip_upgrade_test | skip-upgrade-test)
FIND=$(echo "${VALUE}" | egrep "^(1|true|yes)") && SKIP_UPGRADE_TEST=1
FIND=$(echo "${VALUE}" | grep -E "^(1|true|yes)") && SKIP_UPGRADE_TEST=1
Debug "Skip upgrade test set to ${SKIP_UPGRADE_TEST}"
;;
@ -369,7 +369,7 @@
# Set strict mode for development and quality purposes
strict)
FIND=$(echo "${VALUE}" | egrep "^(1|true|yes)") && SET_STRICT=1
FIND=$(echo "${VALUE}" | grep -E "^(1|true|yes)") && SET_STRICT=1
;;
# The name of the customer/client that uses this system
@ -398,7 +398,7 @@
# Perform upload
upload)
SETTING_UPLOAD=no # default
FIND=$(echo "${VALUE}" | egrep "^(1|true|yes)$") && UPLOAD_DATA=1
FIND=$(echo "${VALUE}" | grep -E "^(1|true|yes)$") && UPLOAD_DATA=1
if [ -n "${FIND}" ]; then SETTING_UPLOAD=1; fi
Debug "Upload set to ${SETTING_UPLOAD}"
AddSetting "upload" "${SETTING_UPLOAD}" "Data upload after scanning"
@ -452,7 +452,7 @@
# Verbose output (--verbose)
verbose)
FIND=$(echo "${VALUE}" | egrep "^(1|true|yes)") && VERBOSE=1
FIND=$(echo "${VALUE}" | grep -E "^(1|true|yes)") && VERBOSE=1
Debug "Verbose set to ${VERBOSE}"
AddSetting "verbose" "${VERBOSE}" "Verbose output"
;;

2
include/tests_authentication
View File

@ -863,7 +863,7 @@
NOW=$(date "+%s")
fi
DAYS_SINCE_EPOCH=$((${NOW}/86400))
DAYS_SINCE_EPOCH=$((NOW / 86400))
LogText "Data: Days since epoch is ${DAYS_SINCE_EPOCH}"
LogText "Test: collecting accounts which have an expired password (last day changed + maximum change time)"
# Skip fields with a !, *, or x, or !* (field $3 is last changed, $5 is maximum changed)

17
include/tests_boot_services
View File

@ -749,14 +749,14 @@
Linux)
# Idle time, not real uptime
if [ -f /proc/uptime ]; then
UPTIME_IN_SECS=$(cat /proc/uptime | ${CUTBINARY} -d ' ' -f1 | ${CUTBINARY} -d '.' -f1)
UPTIME_IN_SECS=$(${CUTBINARY} -d ' ' -f1 /proc/uptime | ${CUTBINARY} -d '.' -f1)
else
Display --indent 2 --text "- Checking uptime" --result "${STATUS_SKIPPED}" --color YELLOW
ReportException "${TEST_NO}:1" "No uptime test available for this operating system (/proc/uptime missing)"
fi
;;
;;
DragonFly | FreeBSD | macOS)
DragonFly | FreeBSD | macOS)
if [ -n "${SYSCTLBINARY}" ]; then
TIME_BOOT=$(${SYSCTLBINARY} kern.boottime | ${AWKBINARY} '{ print $5 }' | ${SEDBINARY} -e 's/,//' | ${GREPBINARY} "[0-9]")
TIME_NOW=$(date "+%s")
@ -771,9 +771,9 @@
Display --indent 2 --text "- Checking uptime" --result "${STATUS_SKIPPED}" --color YELLOW
ReportException "${TEST_NO}:4" "No uptime test available for this operating system (sysctl missing)"
fi
;;
;;
NetBSD | OpenBSD)
NetBSD | OpenBSD)
if [ -n "${SYSCTLBINARY}" ]; then
TIME_BOOT=$(${SYSCTLBINARY} -n kern.boottime)
TIME_NOW=$(date "+%s")
@ -788,7 +788,7 @@
Display --indent 2 --text "- Checking uptime" --result "${STATUS_SKIPPED}" --color YELLOW
ReportException "${TEST_NO}:4" "No uptime test available for this operating system (sysctl missing)"
fi
;;
;;
Solaris)
if [ -n "${KSTATBINARY}" ]; then
@ -797,15 +797,16 @@
Display --indent 2 --text "- Checking uptime" --result "${STATUS_SKIPPED}" --color YELLOW
ReportException "${TEST_NO}:2" "No uptime test available for this operating system (kstat missing)"
fi
;;
;;
*)
Display --indent 2 --text "- Checking uptime" --result "${STATUS_SKIPPED}" --color YELLOW
# Want to help improving Lynis? Share your operating system and a way to determine the uptime (in seconds)
ReportException "${TEST_NO}:3" "No uptime test available yet for this operating system"
;;
;;
esac
if [ -n "${UPTIME_IN_SECS}" ]; then
UPTIME_IN_DAYS=$((UPTIME_IN_SECS / 60 / 60 / 24))
LogText "Uptime (in seconds): ${UPTIME_IN_SECS}"

2
include/tests_firewalls
View File

@ -115,7 +115,7 @@
FIND="$FIND""\n"$(${IPTABLESBINARY} -t ${TABLE} --numeric --list | ${EGREPBINARY} -z -o -w '[A-Z]+' | tr -d '\0' | ${AWKBINARY} -v t=${TABLE} 'NR%2 {printf "%s %s ",t, $0 ; next;}1')
done
echo "${FIND}" | while read line; do
echo "${FIND}" | while read -r line; do
table=$(echo ${line} | ${AWKBINARY} '{ print $1 }')
chainname=$(echo ${line} | ${AWKBINARY} '{ print $2 }')
policy=$(echo ${line} | ${AWKBINARY} '{ print $3 }')

4
include/tests_mail_messaging
View File

@ -203,7 +203,7 @@
esac
LogText "Test: Exim Try Verify Hosts"
if [ ! -z "${EXIM_TRY_VERIFY_HOSTS}" ]; then
if [ -n "${EXIM_TRY_VERIFY_HOSTS}" ]; then
LogText "Result: Try Verify Hosts enabled"
case "${EXIM_TYPE}" in
"INTERNET HOST" )
@ -219,7 +219,7 @@
fi
LogText "Test: Exim Verify Hosts"
if [ ! -z "${EXIM_VERIFY_HOSTS}" ]; then
if [ -n "${EXIM_VERIFY_HOSTS}" ]; then
LogText "Result: Verify Hosts enabled"
case "${EXIM_TYPE}" in
"INTERNET HOST" )

2
include/tests_printers_spools
View File

@ -276,7 +276,7 @@
#################################################################################
#
if [ -n ${PRINTING_DAEMON} ]; then Report "printing_daemon=${PRINTING_DAEMON}"; fi
if [ -n "${PRINTING_DAEMON}" ]; then Report "printing_daemon=${PRINTING_DAEMON}"; fi
WaitForKeyPress

4
include/tests_webservers
View File

@ -157,7 +157,7 @@
done
# Search Server aliases
for J in $(${GREPBINARY} "ServerAlias" ${I} | ${GREPBINARY} -v "^#" | ${SEDBINARY} "s/\s*ServerAlias //g" | ${SEDBINARY} "s/#.*//g"); do
if [ -n ${J} ]; then
if [ -n "${J}" ]; then
tVHOSTS="${tVHOSTS} ${J}"
cVHOSTS=$((cVHOSTS + 1))
fi
@ -170,7 +170,7 @@
# Log all virtual hosts we found
for J in ${tVHOSTS}; do
if [ -n ${J} ]; then
if [ -n "${J}" ]; then
LogText "Virtual host: ${J}"
#Report "apache_vhost_name[]=${J}"
fi