tyler.durden
/
lynis
mirror of https://github.com/CISOfy/lynis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Added CRYP-7930

This commit is contained in:
Michael Boelen 2019-07-09 10:33:51 +02:00
parent f3f6be6630
commit 6891f64c39
No known key found for this signature in database
GPG Key ID: 26141F77A09D7F04
2 changed files with 22 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
db/tests.db
View File

@ -84,6 +84,7 @@ CONT-8107:test:performance:containers::Check number of unused Docker containers:
CONT-8108:test:security:containers::Check file permissions for Docker files:
CORE-1000:test:performance:system_integrity::Check all system binaries:
CRYP-7902:test:security:crypto::Check expire date of SSL certificates:
CRYP-7930:test:security:crypto::Determine if system uses disk or file encryption:
DNS-1600:test:security:dns::Validating that the DNSSEC signatures are checked:
DBS-1804:test:security:databases::Checking active MySQL process:
DBS-1816:test:security:databases::Checking MySQL root password:

21
include/tests_crypto
View File

@ -128,6 +128,27 @@
fi
#
#################################################################################
#
# Test : CRYP-7930
# Description : Determine if system uses disk or file encryption
Register --test-no CRYP-7930 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Determine if system uses disk or file encryption"
if [ ${SKIPTEST} -eq 0 ]; then
FILE="${ROOTDIR}etc/crypttab"
if [ -f ${FILE} ]; then
DATA=$(${GREPBINARY} "^[a-z]" ${ROOTDIR}etc/crypttab | ${SEDBINARY} 's/[:blank:]/__space__/g' | ${TRBINARY} -d '[:cntrl:]')
for LINE in ${DATA}; do
LINE=$(echo ${LINE} | ${SEDBINARY} 's/__space__/ /g')
if ContainsString "luks," "${LINE}"; then
PARTITION=$(echo ${LINE} | ${AWKBINARY} '{print $1}' | ${AWKBINARY} -F_ '{print $1}')
LogText "Result: Found LUKS encryption on partition ${PARTITION}"
Report "encryption[]=luks,partition,${PARTITION}"
fi
done
unset DATA LINE PARTITION
fi
fi
#
#################################################################################
#
WaitForKeyPress