From 5c38a0bdb48b4d8f264931111eaefb4ad4b4500e Mon Sep 17 00:00:00 2001 From: Michael Boelen Date: Fri, 13 Sep 2019 11:47:39 +0200 Subject: [PATCH] Tests using lsof may ignore threads (if supported) --- include/binaries | 10 +++++++++- include/consts | 2 ++ include/functions | 2 +- include/tests_logging | 8 ++++---- include/tests_networking | 2 +- 5 files changed, 17 insertions(+), 7 deletions(-) diff --git a/include/binaries b/include/binaries index 661e0d41..d8a28cfa 100644 --- a/include/binaries +++ b/include/binaries @@ -189,7 +189,15 @@ lsattr) LSATTRBINARY="${BINARY}"; LogText " Found known binary: lsattr (file attributes) - ${BINARY}" ;; lsblk) LSBLKBINARY="${BINARY}"; LogText " Found known binary: lsblk (block devices) - ${BINARY}" ;; lsmod) LSMODBINARY="${BINARY}"; LogText " Found known binary: lsmod (kernel modules) - ${BINARY}" ;; - lsof) LSOFBINARY="${BINARY}"; LogText " Found known binary: lsof (open files) - ${BINARY}" ;; + lsof) + LSOFBINARY="${BINARY}" + LogText " Found known binary: lsof (open files) - ${BINARY}" + DATA=$(${LSOFBINARY} -h 2>&1 | grep "\-K \[i\] list\|\(i\)gn tasKs") + if [ $? -eq 0 ]; then + LogText "Note: added -K i to ignore tasks on Linux" + LSOF_EXTRA_OPTIONS=" -K i" + fi + ;; lsvg) LSVGBINARY=${BINARY}; LogText " Found known binary: lsvg (volume manager) - ${BINARY}" ;; lvdisplay) LVDISPLAYBINARY="${BINARY}"; LogText " Found known binary: lvdisplay (LVM tool) - ${BINARY}" ;; lynx) LYNXBINARY="${BINARY}"; LYNXVERSION=$(${BINARY} -version | grep "^Lynx Version" | cut -d ' ' -f3); LogText "Found known binary: lynx (browser) - ${BINARY} (version ${LYNXVERSION})" ;; diff --git a/include/consts b/include/consts index 47d1bc06..9d99f606 100644 --- a/include/consts +++ b/include/consts @@ -150,6 +150,8 @@ unset LANG LOGDIR="" LOGTEXT=1 LSMODBINARY="" + LSOFBINARY="" + LSOF_EXTRA_OPTIONS="" LSVGBINARY="" LYNIS_CRONJOB="" MACHINEID="" diff --git a/include/functions b/include/functions index 9719b0ae..73549ad9 100644 --- a/include/functions +++ b/include/functions @@ -2336,7 +2336,7 @@ else if [ $# -eq 2 ] && [ $1 = "TCP" -o $1 = "UDP" ]; then LogText "Test: find service listening on $1:$2" - if [ $1 = "TCP" ]; then FIND=$(${LSOFBINARY} -i${1} -s${1}:LISTEN -P -n | grep ":${2} "); else FIND=$(${LSOFBINARY} -i${1} -P -n | grep ":${2} "); fi + if [ $1 = "TCP" ]; then FIND=$(${LSOFBINARY}${LSOF_EXTRA_OPTIONS} -i${1} -s${1}:LISTEN -P -n | grep ":${2} "); else FIND=$(${LSOFBINARY}${LSOF_EXTRA_OPTIONS} -i${1} -P -n | grep ":${2} "); fi if [ ! "${FIND}" = "" ]; then LogText "Result: found service listening on port $2 ($1)" return 0 diff --git a/include/tests_logging b/include/tests_logging index 7b370681..51e4d246 100644 --- a/include/tests_logging +++ b/include/tests_logging @@ -510,7 +510,7 @@ if [ ${SKIPTEST} -eq 0 ]; then LogText "Test: checking open log files with lsof" if [ -n "${LSOFBINARY}" ]; then - FIND=$(${LSOFBINARY} -n 2>&1 | ${GREPBINARY} "log$" | ${EGREPBINARY} -v "WARNING|Output information" | ${AWKBINARY} '{ if ($5=="REG") { print $9 } }' | ${SORTBINARY} -u | ${GREPBINARY} -v "^$") + FIND=$(${LSOFBINARY}${LSOF_EXTRA_OPTIONS} -n 2>&1 | ${GREPBINARY} "log$" | ${EGREPBINARY} -v "WARNING|Output information" | ${AWKBINARY} '{ if ($5=="REG") { print $9 } }' | ${SORTBINARY} -u | ${GREPBINARY} -v "^$") for I in ${FIND}; do LogText "Found logfile: ${I}" done @@ -548,7 +548,7 @@ LSOF_GREP="${LSOF_GREP}|anacron|awk|run-parts" fi - FIND=$(${LSOFBINARY} -n +L 1 2>&1 | ${EGREPBINARY} -vw "${LSOF_GREP}" | ${EGREPBINARY} -v '/dev/zero|/\[aio\]' | ${AWKBINARY} '{ if ($5=="REG") { printf "%s(%s)\n", $10, $1 } }' | ${GREPBINARY} -v "^$" | ${SORTBINARY} -u) + FIND=$(${LSOFBINARY}${LSOF_EXTRA_OPTIONS} -n +L 1 2>&1 | ${EGREPBINARY} -vw "${LSOF_GREP}" | ${EGREPBINARY} -v '/dev/zero|/\[aio\]' | ${AWKBINARY} '{ if ($5=="REG") { printf "%s(%s)\n", $10, $1 } }' | ${GREPBINARY} -v "^$" | ${SORTBINARY} -u) if [ -n "${FIND}" ]; then LogText "Result: found one or more files which are deleted, but still in use" for I in ${FIND}; do @@ -567,10 +567,10 @@ # # Test : LOGG-2192 # Description : Check for open log files which are empty. This may indicate a problem with log rotation, or unused services - if [ ! "${LSOFBINARY}" = "" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi + if [ -n "${LSOFBINARY}" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi Register --test-no LOGG-2192 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Checking for open log files that are empty" if [ ${SKIPTEST} -eq 0 ]; then - FIND=$(${LSOFBINARY} -n -w | ${AWKBINARY} '{if ($5=="REG" && $7=="0" && $9 ~ /log$/) {print $1","$9}}' | ${SORTBINARY} | uniq) + FIND=$(${LSOFBINARY}${LSOF_EXTRA_OPTIONS} -n -w | ${AWKBINARY} '{if ($5=="REG" && $7=="0" && $9 ~ /log$/) {print $1","$9}}' | ${SORTBINARY} | uniq) if [ -n "${FIND}" ]; then for I in ${FIND}; do LogText "Found an opened logfile that is empty: ${I}" diff --git a/include/tests_networking b/include/tests_networking index a04fe393..36b86671 100644 --- a/include/tests_networking +++ b/include/tests_networking @@ -402,7 +402,7 @@ if [ -n "${LSOFBINARY}" ]; then LogText "Test: Retrieving lsof information to find listening ports" # UDP and TCP combined - FIND=$(${LSOFBINARY} -i -P | ${AWKBINARY} '{ print $9"|"$8"|"$1"|" }' | ${SEDBINARY} 's/\(.*\)\-\>.*\(\|.*\)/\1\2/' | ${SEDBINARY} 's/\*/'$IP'/' | ${SORTBINARY} -u | ${GREPBINARY} -v "NAME") + FIND=$(${LSOFBINARY}${LSOF_EXTRA_OPTIONS} -i -P | ${AWKBINARY} '{ print $9"|"$8"|"$1"|" }' | ${SEDBINARY} 's/\(.*\)\-\>.*\(\|.*\)/\1\2/' | ${SEDBINARY} 's/\*/'$IP'/' | ${SORTBINARY} -u | ${GREPBINARY} -v "NAME") else FIND="" fi