tyler.durden
/
lynis
mirror of https://github.com/CISOfy/lynis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Switched order for interface detection on Linux

This commit is contained in:
Michael Boelen 2021-07-08 14:54:49 +02:00
parent 46b5ecea2f
commit 5d96098a82
No known key found for this signature in database
GPG Key ID: 26141F77A09D7F04
1 changed files with 19 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
include/functions
View File

@ -990,9 +990,23 @@
;; ;;
"Linux") "Linux")
# Try fetching information from /sys in case 'ip' is not available or does not give expected results
if IsEmpty "${FIND}" -a -d /sys/class/net ]; then
NET_INTERFACES=$(${FINDBINARY} /sys/class/net ! -type d -exec realpath {} \; 2> /dev/null | sort | awk -F'/' '!/virtual/ && /devices/ {for (x=1;x<=NF;x++) if ($x~"net") print $(x+1)}')
for INTERFACE in ${NET_INTERFACES}; do
if grep -q -s 'up' "/sys/class/net/${INTERFACE}/operstate"; then
LogText "Interface '${INTERFACE}' is up, fetching MAC address"
FIND=$(head -1 "/sys/class/net/${INTERFACE}/address" | tr '[:upper:]' '[:lower:]')
if HasData "${FIND}"; then
HOSTID_GEN="linux-sys-interface-up"
break
fi
fi
done
fi
# First try ip, as it is available to most modern Linux distributions # Next is to try ip, as it is available to most modern Linux distributions
if [ -n "${IPBINARY}" ]; then if IsEmpty "${FIND}" && [ -n "${IPBINARY}" ]; then
LogText "Info: trying output from 'ip' to generate HostID" LogText "Info: trying output from 'ip' to generate HostID"
# Determine if we have the common available eth0 interface. If so, give that priority. # Determine if we have the common available eth0 interface. If so, give that priority.
# Note: apply sorting in case there would be multiple MAC addresses linked to increase predictable end result # Note: apply sorting in case there would be multiple MAC addresses linked to increase predictable end result
@ -1022,21 +1036,7 @@
fi fi
fi fi
# Try fetching information from /sys in case 'ip' is not available or does not give expected results # Finally try ifconfig
if IsEmpty "${FIND}" && [ ${PRIVILEGED} -eq 1 -a -d /sys/class/net ]; then
NET_INTERFACES=$(${FINDBINARY} /sys/class/net ! -type d -exec realpath {} \; 2> /dev/null | sort | awk -F'/' '!/virtual/ && /devices/ {for (x=1;x<=NF;x++) if ($x~"net") print $(x+1)}')
for INTERFACE in ${NET_INTERFACES}; do
if grep -s 'up' "/sys/class/net/${INTERFACE}/operstate"; then
LogText "Interface '${INTERFACE}' is up, fetching MAC address"
FIND=$(head -1 "/sys/class/net/${INTERFACE}/address" | tr '[:upper:]' '[:lower:]')
if HasData "${FIND}"; then
HOSTID_GEN="linux-sys-interface-up"
break
fi
fi
done
fi
if IsEmpty "${FIND}" && [ -n "${IFCONFIGBINARY}" ]; then if IsEmpty "${FIND}" && [ -n "${IFCONFIGBINARY}" ]; then
LogText "Info: no information found from 'ip' or in /sys, trying output from 'ifconfig'" LogText "Info: no information found from 'ip' or in /sys, trying output from 'ifconfig'"
# Determine if we have the eth0 interface (not all Linux distributions have this, e.g. Arch) # Determine if we have the eth0 interface (not all Linux distributions have this, e.g. Arch)
@ -1073,9 +1073,9 @@
fi fi
fi fi
# Check if we found a HostID # Check if we found a MAC address to generate the HostID
if HasData "${FIND}"; then if HasData "${FIND}"; then
LogText "Info: using hardware address ${FIND} to create HostID" LogText "Info: using hardware address '${FIND}' to create HostID"
HOSTID=$(echo ${FIND} | ${SHA1SUMBINARY} | awk '{ print $1 }') HOSTID=$(echo ${FIND} | ${SHA1SUMBINARY} | awk '{ print $1 }')
LogText "Result: Found HostID: ${HOSTID}" LogText "Result: Found HostID: ${HOSTID}"
else else