diff --git a/include/tests_boot_services b/include/tests_boot_services index fe5707e4..19db6a83 100644 --- a/include/tests_boot_services +++ b/include/tests_boot_services @@ -656,7 +656,13 @@ # Test : BOOT-5180 # Description : Check for Linux boot services (Debian style) # Notes : Debian 8+ shows runlevel 5 - if [ "${LINUX_VERSION}" = "Debian" -o "${LINUX_VERSION}" = "Ubuntu" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi + if [ "${LINUX_VERSION}" = "Debian" ] || [ "${LINUX_VERSION}" = "Ubuntu" ] || + [ "${LINUX_VERSION_LIKE}" = "Debian" ] || [ "${LINUX_VERSION_LIKE}" = "Ubuntu" ]; then + PREQS_MET="YES" + else + PREQS_MET="NO" + fi + Register --test-no BOOT-5180 --os Linux --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check for Linux boot services (Debian style)" if [ ${SKIPTEST} -eq 0 ]; then # Runlevel check diff --git a/include/tests_kernel b/include/tests_kernel index 011d02c6..5d1a881e 100644 --- a/include/tests_kernel +++ b/include/tests_kernel @@ -81,7 +81,7 @@ fi else LogText "Result: file ${ROOTDIR}etc/inittab not found" - if [ "${LINUX_VERSION}" = "Debian" -o "${LINUX_VERSION}" = "Ubuntu" ]; then + if [ "${LINUX_VERSION}" = "Debian" ] || [ "${LINUX_VERSION}" = "Ubuntu" ] || [ "${LINUX_VERSION_LIKE}" = "Debian" ] || [ "${LINUX_VERSION_LIKE}" = "Ubuntu" ]; then LogText "Test: Checking run level with who -r, for Debian based systems" FIND=$(who -r | ${AWKBINARY} '{ if ($1=="run-level") { print $2 } }') if HasData "${FIND}"; then @@ -368,7 +368,12 @@ # # Test : KRNL-5788 # Description : Checking availability new kernel - if [ "${LINUX_VERSION}" = "Debian" -o "${LINUX_VERSION}" = "Ubuntu" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi + if [ "${LINUX_VERSION}" = "Debian" ] || [ "${LINUX_VERSION}" = "Ubuntu" ] || + [ "${LINUX_VERSION_LIKE}" = "Debian" ] || [ "${LINUX_VERSION_LIKE}" = "Ubuntu" ]; then + PREQS_MET="YES" + else + PREQS_MET="NO" + fi Register --test-no KRNL-5788 --os Linux --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Checking availability new Linux kernel" if [ ${SKIPTEST} -eq 0 ]; then HAS_VMLINUZ=0 diff --git a/include/tests_ports_packages b/include/tests_ports_packages index 286da608..a29af876 100644 --- a/include/tests_ports_packages +++ b/include/tests_ports_packages @@ -600,8 +600,8 @@ # # Test : PKGS-7366 # Description : Checking if debsecan is installed and enabled on Debian systems - if [ -n "${DEBSECANBINARY}" -a "${OS}" = "Linux" -a "${LINUX_VERSION}" = "Debian" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi - Register --test-no "PKGS-7366" --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Checking for debsecan utility" + if [ -n "${DEBSECANBINARY}" ] && ( [ "${LINUX_VERSION}" = "Debian" ] || [ "${LINUX_VERSION_LIKE}" = "Debian" ] ); then PREQS_MET="YES"; else PREQS_MET="NO"; fi + Register --test-no "PKGS-7366" --preqs-met ${PREQS_MET} --os Linux --weight L --network NO --category security --description "Checking for debsecan utility" if [ ${SKIPTEST} -eq 0 ]; then if [ -n "${DEBSECANBINARY}" ]; then LogText "Result: debsecan utility is installed" @@ -986,7 +986,9 @@ PREQS_MET="NO" if [ -f ${ROOTDIR}etc/apt/sources.list -a -d ${ROOTDIR}etc/apt/sources.list.d ]; then case "${LINUX_VERSION}" in - "Debian" | "Linux Mint" | "Ubuntu") + "Debian" | "Linux Mint" | "Ubuntu" | "Pop!_OS") + # Todo: PureOS (not rolling) has security repositories + # Todo: Debian sid does not have a security repository. PREQS_MET="YES" ;; *) @@ -1042,7 +1044,13 @@ # # Test : PKGS-7390 # Description : Check Ubuntu database consistency - if [ "${LINUX_VERSION}" = "Ubuntu" -a -x ${ROOTDIR}usr/bin/apt-get ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi + if ([ "${LINUX_VERSION}" = "Debian" ] || [ "${LINUX_VERSION}" = "Ubuntu" ] || + [ "${LINUX_VERSION_LIKE}" = "Debian" ] || [ "${LINUX_VERSION_LIKE}" = "Ubuntu" ]) && [ -x "${ROOTDIR}usr/bin/apt-get" ]; then + PREQS_MET="YES" + else + PREQS_MET="NO" + fi + Register --test-no PKGS-7390 --os Linux --preqs-met ${PREQS_MET} --root-only YES --weight L --network NO --category security --description "Check Ubuntu database consistency" if [ ${SKIPTEST} -eq 0 ]; then LogText "Test: Package database consistency by running apt-get check" @@ -1191,7 +1199,13 @@ # # Test : PKGS-7394 # Description : Check Ubuntu upgradeable packages - if [ "${LINUX_VERSION}" = "Ubuntu" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi + if ([ "${LINUX_VERSION}" = "Debian" ] || [ "${LINUX_VERSION}" = "Ubuntu" ] || + [ "${LINUX_VERSION_LIKE}" = "Debian" ] || [ "${LINUX_VERSION_LIKE}" = "Ubuntu" ]) && [ -x "${ROOTDIR}usr/bin/apt-get" ]; then + PREQS_MET="YES" + else + PREQS_MET="NO" + fi + Register --test-no PKGS-7394 --os Linux --preqs-met ${PREQS_MET} --weight L --network YES --category security --description "Check for Ubuntu updates" if [ ${SKIPTEST} -eq 0 ]; then LogText "Test: checking ${ROOTDIR}usr/bin/apt-show-versions" @@ -1317,37 +1331,39 @@ case "${OS}" in "Linux") - case "${LINUX_VERSION}" in - "CentOS" | "Debian" | "Fedora" | "RHEL" | "Ubuntu") - + for DIST in CentOS Debian Fedora RHEL Ubuntu; do + if [ "${LINUX_VERSION}" = "${DIST}" ] || [ "${LINUX_VERSION_LIKE}" = "${DIST}" ]; then UNATTENDED_UPGRADES_OPTION_AVAILABLE=1 - # Test available tools for Linux - if [ -f "${ROOTDIR}bin/auter" ]; then - UNATTENDED_UPGRADES_TOOL="auter" - UNATTENDED_UPGRADES_TOOLKIT=1 - LogText "Result: found ${UNATTENDED_UPGRADES_TOOL}" - Report "unattended_upgrade_tool[]=${UNATTENDED_UPGRADES_TOOL}" - fi - if [ -f "${ROOTDIR}sbin/yum-cron" ]; then - UNATTENDED_UPGRADES_TOOL="yum-cron" - UNATTENDED_UPGRADES_TOOLKIT=1 - LogText "Result: found ${UNATTENDED_UPGRADES_TOOL}" - Report "unattended_upgrade_tool[]=${UNATTENDED_UPGRADES_TOOL}" - fi - if [ -f "${ROOTDIR}usr/bin/dnf-automatic" ]; then - UNATTENDED_UPGRADES_TOOL="dnf-automatic" - UNATTENDED_UPGRADES_TOOLKIT=1 - LogText "Result: found ${UNATTENDED_UPGRADES_TOOL}" - Report "unattended_upgrade_tool[]=${UNATTENDED_UPGRADES_TOOL}" - fi - if [ -f "${ROOTDIR}usr/bin/unattended-upgrade" ]; then - UNATTENDED_UPGRADES_TOOL="unattended-upgrade" - UNATTENDED_UPGRADES_TOOLKIT=1 - LogText "Result: found ${UNATTENDED_UPGRADES_TOOL}" - Report "unattended_upgrade_tool[]=${UNATTENDED_UPGRADES_TOOL}" - fi - ;; - esac + fi + done + + if [ $UNATTENDED_UPGRADES_OPTION_AVAILABLE -eq 1 ]; then + # Test available tools for Linux + if [ -f "${ROOTDIR}bin/auter" ]; then + UNATTENDED_UPGRADES_TOOL="auter" + UNATTENDED_UPGRADES_TOOLKIT=1 + LogText "Result: found ${UNATTENDED_UPGRADES_TOOL}" + Report "unattended_upgrade_tool[]=${UNATTENDED_UPGRADES_TOOL}" + fi + if [ -f "${ROOTDIR}sbin/yum-cron" ]; then + UNATTENDED_UPGRADES_TOOL="yum-cron" + UNATTENDED_UPGRADES_TOOLKIT=1 + LogText "Result: found ${UNATTENDED_UPGRADES_TOOL}" + Report "unattended_upgrade_tool[]=${UNATTENDED_UPGRADES_TOOL}" + fi + if [ -f "${ROOTDIR}usr/bin/dnf-automatic" ]; then + UNATTENDED_UPGRADES_TOOL="dnf-automatic" + UNATTENDED_UPGRADES_TOOLKIT=1 + LogText "Result: found ${UNATTENDED_UPGRADES_TOOL}" + Report "unattended_upgrade_tool[]=${UNATTENDED_UPGRADES_TOOL}" + fi + if [ -f "${ROOTDIR}usr/bin/unattended-upgrade" ]; then + UNATTENDED_UPGRADES_TOOL="unattended-upgrade" + UNATTENDED_UPGRADES_TOOLKIT=1 + LogText "Result: found ${UNATTENDED_UPGRADES_TOOL}" + Report "unattended_upgrade_tool[]=${UNATTENDED_UPGRADES_TOOL}" + fi + fi ;; esac