tyler.durden
/
lynis
mirror of https://github.com/CISOfy/lynis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

The XFS root FS is not checked (#190) 

At line 431, you should maybe add some tests...
This commit is contained in:
Yann ILAS 2016-05-11 15:16:28 +02:00 committed by Michael Boelen
parent 668a1fd0e5
commit 527955211b
1 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
include/tests_filesystems
View File

@ -391,7 +391,7 @@
Register --test-no FILE-6368 --os Linux --weight L --network NO --root-only YES --description "Checking ACL support on root file system"
if [ ${SKIPTEST} -eq 0 ]; then
FOUND=0
LogText "Test: Checking acl option on root file system"
LogText "Test: Checking acl option on ext[2-4] root file system"
FIND=`mount | ${AWKBINARY} '{ if ($3=="/" && $5~/ext[2-4]/) { print $6 } }' | grep acl`
if [ ! "${FIND}" = "" ]; then
LogText "Result: found ACL option"
@ -424,6 +424,13 @@
fi
fi
LogText "Test: Checking acl option on xfs root file system"
FIND=`mount | ${AWKBINARY} '{ if ($3=="/" && $5~/xfs/) { print $6 } }' | egrep 'no_acl|no_user_xattr'`
if [ "${FIND}" = "" ]; then
FOUND=1
# some other tests to do ?
fi
if [ ${FOUND} -eq 0 ]; then
LogText "Result: ACL option NOT enabled on root file system"
LogText "Additional information: if file access need to be more restricted, ACLs could be used. Install the acl utilities and remount the file system with the acl option"