mirror of https://github.com/CISOfy/lynis.git
Add a way to signify undetermined EOL
Replace setting an artificaly high date and converted date for
operating systems with no EOL (rolling) or the EOL is still to
be determined. This makes it easier for humans and saves making
a comparison (when using an artifically high converted time)
will always be false (EOL=0).
An example entry
os:AGreatOS 2.0:👎
The converted time (seconds since the epoch) could be specified as
zero but this typically means the OS is out of date (now), A value
of -1 is a convention indicating no EOL.
This commit is contained in:
Brian Ginsbach
parent
1f8b5fafde
commit
52344913d3
|
|
@ -9,6 +9,9 @@
|
|||
#
|
||||
# Date can be converted on Linux using: date "+%s" --date=2020-01-01
|
||||
#
|
||||
# Note: For rolling releases or releases that do not (currently have an
|
||||
# EOL date, leave field three empty and set field four to -1.
|
||||
#
|
||||
# Amazon Linux
|
||||
#
|
||||
os:Amazon Linux:2020-06-30:1593468000:
|
||||
|
|
@ -16,7 +19,7 @@ os:Amazon Linux 2:2023-06-26:1687730400:
|
|||
#
|
||||
# Arch Linux
|
||||
#
|
||||
os:Arch Linux:2286-11-20:9999999999:
|
||||
os:Arch Linux::-1:
|
||||
#
|
||||
# CentOS
|
||||
#
|
||||
|
|
|
|||
|
|
@ -575,13 +575,17 @@
|
|||
EOL_TIMESTAMP=$(awk -v value="${FIND}" -F: '{if ($1=="os" && value ~ $2){print $4}}' ${DBDIR}/software-eol.db | head -n 1)
|
||||
if [ -n "${EOL_TIMESTAMP}" ]; then
|
||||
EOL_DATE=$(awk -v value="${FIND}" -F: '{if ($1=="os" && value ~ $2){print $3}}' ${DBDIR}/software-eol.db | head -n 1)
|
||||
NOW=$(date "+%s")
|
||||
if [ -n "${NOW}" ]; then
|
||||
if [ ${NOW} -gt ${EOL_TIMESTAMP} ]; then
|
||||
EOL=1
|
||||
else
|
||||
EOL=0
|
||||
if [ -n "${EOL_DATE}" ]; then
|
||||
NOW=$(date "+%s")
|
||||
if [ -n "${NOW}" ]; then
|
||||
if [ ${NOW} -gt ${EOL_TIMESTAMP} ]; then
|
||||
EOL=1
|
||||
else
|
||||
EOL=0
|
||||
fi
|
||||
fi
|
||||
else
|
||||
EOL=0
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
|
|
|
|||
Loading…
Reference in New Issue