From 7ec81715aab4e92d88c3ac1df0460230e713fe59 Mon Sep 17 00:00:00 2001 From: Michael Boelen Date: Mon, 15 Jul 2019 19:57:23 +0200 Subject: [PATCH] Minor cleanup --- include/tests_usb | 37 ++++++++++++++++++------------------- 1 file changed, 18 insertions(+), 19 deletions(-) diff --git a/include/tests_usb b/include/tests_usb index 6c874364..4f5eff59 100644 --- a/include/tests_usb +++ b/include/tests_usb @@ -130,7 +130,6 @@ # ################################################################################# # - # Test : USB-3000 # Description : Perform USBGuard check Register --test-no USB-3000 --os Linux --weight L --network NO --category security --description "Check for presence of USBGuard" @@ -141,8 +140,8 @@ AddHP 1 1 LogText "Checking USBGuard configuration file" - if [ -f /etc/usbguard/usbguard-daemon.conf ]; then - USBGUARD_CONFIG="/etc/usbguard/usbguard-daemon.conf" + if [ -f ${ROOTDIR}etc/usbguard/usbguard-daemon.conf ]; then + USBGUARD_CONFIG="${ROOTDIR}etc/usbguard/usbguard-daemon.conf" else USBGUARD_CONFIG="" fi @@ -160,7 +159,7 @@ "true") Display --indent 6 --text "- Restore controller device state" --result "${USBGUARD_RESTORE_POLICY}" --color YELLOW LogText " Consider changing RestoreControllerDeviceState to \"false\"" - # To-Be-Added: assign TEST_NO, create documentation, and enable the suggestion + # TODO: assign TEST_NO, create documentation, and enable the suggestion # ReportSuggestion ${TEST_NO} "Consider hardening USBGuard configuration" "RestoreControllerDeviceState (${USBGUARD_RESTORE_POLICY} --> false)" AddHP 0 1 ;; @@ -171,7 +170,7 @@ *) LogText "Result: Invalid configuration for RestoreControllerDeviceState" Display --indent 6 --text "- Restore controller device state" --result "Invalid" --color RED - # To-Be-Added: assign TEST_NO, create documentation, and enable the suggestion + # TODO: assign TEST_NO, create documentation, and enable the suggestion # ReportSuggestion ${TEST_NO} "Fix USBGuard configuration" "RestoreControllerDeviceState invalid \"${USBGUARD_RESTORE_POLICY}\"" AddHP 0 1 ;; @@ -188,21 +187,21 @@ if [ ! -z "${USBGUARD_CONTROLLER_POLICY}" ]; then LogText "Result: PresentControllerPolicy = ${USBGUARD_CONTROLLER_POLICY}" case "${USBGUARD_CONTROLLER_POLICY}" in - "allow"|"keep") + "allow" | "keep") Display --indent 6 --text "- Rule for controllers connected before daemon starts" --result "${USBGUARD_CONTROLLER_POLICY}" --color YELLOW LogText " Consider changing PresentControllerPolicy to \"apply-policy\", \"block\" or \"reject\"" - # To-Be-Added: assign TEST_NO, create documentation, and enable the suggestion + # TODO: assign TEST_NO, create documentation, and enable the suggestion # ReportSuggestion ${TEST_NO} "Consider hardening USBGuard configuration" "PresentControllerPolicy (${USBGUARD_CONTROLLER_POLICY} --> (apply-policy|block|reject)" AddHP 0 1 ;; - "apply-policy"|"block"|"reject") + "apply-policy" | "block" | "reject") Display --indent 6 --text "- Rule for controllers connected before daemon starts" --result "${USBGUARD_CONTROLLER_POLICY}" --color GREEN AddHP 1 1 ;; *) LogText "Result: Invalid configuration for PresentControllerPolicy" Display --indent 6 --text "- Rule for controllers connected before daemon starts" --result "Invalid" --color RED - # To-Be-Added: assign TEST_NO, create documentation, and enable the suggestion + # TODO: assign TEST_NO, create documentation, and enable the suggestion # ReportSuggestion ${TEST_NO} "Fix USBGuard configuration" "PresentControllerPolicy invalid \"${USBGUARD_CONTROLLER_POLICY}\"" AddHP 0 1 ;; @@ -218,21 +217,21 @@ if [ ! -z "${USBGUARD_DEVICE_POLICY}" ]; then LogText "Result: PresentDevicePolicy = ${USBGUARD_DEVICE_POLICY}" case "${USBGUARD_DEVICE_POLICY}" in - "allow"|"keep") + "allow" | "keep") Display --indent 6 --text "- Rule for devices connected before daemon starts" --result "${USBGUARD_DEVICE_POLICY}" --color YELLOW LogText " Consider changing PresentDevicePolicy to \"apply-policy\", \"block\" or \"reject\"" - # To-Be-Added: assign TEST_NO, create documentation, and enable the suggestion + # TODO: assign TEST_NO, create documentation, and enable the suggestion # ReportSuggestion ${TEST_NO} "Consider hardening USBGuard configuration" "PresentDevicePolicy (${USBGUARD_DEVICE_POLICY} --> (apply-policy|block|reject)" AddHP 0 1 ;; - "apply-policy"|"block"|"reject") + "apply-policy" | "block" | "reject") Display --indent 6 --text "- Rule for devices connected before daemon starts" --result "${USBGUARD_DEVICE_POLICY}" --color GREEN AddHP 1 1 ;; *) LogText "Result: Invalid configuration for PresentDevicePolicy" Display --indent 6 --text "- Rule for devices connected before daemon starts" --result "Invalid" --color RED - # To-Be-Added: assign TEST_NO, create documentation, and enable the suggestion + # TODO: assign TEST_NO, create documentation, and enable the suggestion # ReportSuggestion ${TEST_NO} "Fix USBGuard configuration" "PresentDevicePolicy invalid \"${USBGUARD_DEVICE_POLICY}\"" AddHP 0 1 ;; @@ -248,21 +247,21 @@ if [ ! -z "${USBGUARD_INSERTED_POLICY}" ]; then LogText "Result: InsertedDevicePolicy = ${USBGUARD_INSERTED_POLICY}" case "${USBGUARD_INSERTED_POLICY}" in - "allow"|"keep") + "allow" | "keep") Display --indent 6 --text "- Rule for devices inserted after daemon starts" --result "${USBGUARD_INSERTED_POLICY}" --color YELLOW LogText " Consider changing InsertedDevicePolicy to \"apply-policy\", \"block\" or \"reject\"" - # To-Be-Added: assign TEST_NO, create documentation, and enable the suggestion + # TODO: assign TEST_NO, create documentation, and enable the suggestion # ReportSuggestion ${TEST_NO} "Consider hardening USBGuard configuration" "InsertedDevicePolicy (${USBGUARD_INSERTED_POLICY} --> (apply-policy|block|reject)" AddHP 0 1 ;; - "apply-policy"|"block"|"reject") + "apply-policy" | "block" | "reject") Display --indent 6 --text "- Rule for devices inserted after daemon starts" --result "${USBGUARD_INSERTED_POLICY}" --color GREEN AddHP 1 1 ;; *) LogText "Result: Invalid configuration for InsertedDevicePolicy" Display --indent 6 --text "- Rule for devices inserted after daemon starts" --result "Invalid" --color RED - # To-Be-Added: assign TEST_NO, create documentation, and enable the suggestion + # TODO: assign TEST_NO, create documentation, and enable the suggestion # ReportSuggestion ${TEST_NO} "Fix USBGuard configuration" "InsertedDevicePolicy invalid \"${USBGUARD_INSERTED_POLICY}\"" AddHP 0 1 ;; @@ -281,7 +280,7 @@ "allow") Display --indent 6 --text "- Rule for devices not in RuleFile" --result "${USBGUARD_DEFAULT_POLICY}" --color YELLOW LogText " Consider changing ImplicitPolicyTarget to \"block\" or \"reject\"" - # To-Be-Added: assign TEST_NO, create documentation, and enable the suggestion + # TODO: assign TEST_NO, create documentation, and enable the suggestion # ReportSuggestion ${TEST_NO} "Consider hardening USBGuard configuration" "ImplicitPolicyTarget (${USBGUARD_DEFAULT_POLICY} --> (block|reject)" AddHP 0 1 ;; @@ -292,7 +291,7 @@ *) LogText "Result: Invalid configuration for ImplicitPolicyTarget" Display --indent 6 --text "- Rule for devices not in RuleFile" --result "Invalid" --color RED - # To-Be-Added: assign TEST_NO, create documentation, and enable the suggestion + # TODO: assign TEST_NO, create documentation, and enable the suggestion # ReportSuggestion ${TEST_NO} "Fix USBGuard configuration" "ImplicitPolicyTarget invalid \"${USBGUARD_DEFAULT_POLICY}\"" AddHP 0 1 ;;