tyler.durden
/
lynis
mirror of https://github.com/CISOfy/lynis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Change variable name from FIND to FIND_P so is not reset by Register

This commit is contained in:
Marzal 2019-09-19 23:33:19 +02:00
parent 6cf0b28f2c
commit 42ac40aad6
1 changed files with 7 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
include/tests_authentication
View File

@ -742,24 +742,24 @@
case ${LINUX_VERSION} in
"SuSE")
PREQS_MET="YES"
FIND=$(passwd -a -S 2> /dev/null | ${AWKBINARY} '{ if ($2=="P" && $5=="99999") print $1 }')
FIND_P=$(passwd -a -S 2> /dev/null | ${AWKBINARY} '{ if ($2=="P" && $5=="99999") print $1 }')
FIND2=$(passwd -a -S 2> /dev/null | ${AWKBINARY} '{ if ($2=="NP") print $1 }')
;;
*)
PREQS_MET="YES"
FIND=$(passwd --all --status 2> /dev/null | ${AWKBINARY} '{ if ($2=="P" && $5=="99999") print $1 }')
FIND_P=$(passwd --all --status 2> /dev/null | ${AWKBINARY} '{ if ($2=="P" && $5=="99999") print $1 }')
FIND2=$(passwd --all --status 2> /dev/null | ${AWKBINARY} '{ if ($2=="NP") print $1 }')
;;
esac
elif [ ${OS_REDHAT_OR_CLONE} -eq 1 ]; then
PREQS_MET="YES"
FIND=$(for I in $(${AWKBINARY} -F: '{print $1}' ${ROOTDIR}etc/passwd) ; do passwd -S $I | ${AWKBINARY} '{ if ($2=="PS" && $5=="99999") print $1 }' ; done)
FIND_P=$(for I in $(${AWKBINARY} -F: '{print $1}' ${ROOTDIR}etc/passwd) ; do passwd -S $I | ${AWKBINARY} '{ if ($2=="PS" && $5=="99999") print $1 }' ; done)
FIND2=$(for I in $(${AWKBINARY} -F: '{print $1}' ${ROOTDIR}etc/passwd) ; do passwd -S $I | ${AWKBINARY} '{ if ($2=="NP") print $1 }' ; done)
else
LogText "Result: skipping test for this Linux version"
ReportManual "AUTH-9282:01"
PREQS_MET="NO"
FIND=""
FIND_P=""
FIND2=""
fi
else
@ -771,12 +771,12 @@
Register --test-no AUTH-9282 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Checking password protected account without expire date"
if [ ${SKIPTEST} -eq 0 ]; then
LogText "Test: Checking Linux version and password expire date status"
if [ -z "${FIND}" ]; then
if [ -z "${FIND_P}" ]; then
LogText "Result: all accounts seem to have an expire date"
Display --indent 2 --text "- Accounts without expire date" --result "${STATUS_OK}" --color GREEN
else
LogText "Result: found one or more accounts with expire date set"
for I in ${FIND}; do
LogText "Result: found one or more accounts without expire date set"
for I in ${FIND_P}; do
LogText "Account without expire date: ${I}"
done
Display --indent 2 --text "- Accounts without expire date" --result "${STATUS_SUGGESTION}" --color YELLOW