From 87f559695267d114bde01b5dc8f2be4425aade41 Mon Sep 17 00:00:00 2001
From: Michael Boelen <michael.boelen@cisofy.com>
Date: Tue, 8 Oct 2019 15:15:18 +0200
Subject: [PATCH] Added new test DBS-1828

---
 CHANGELOG.md            |  1 +
 db/tests.db             |  1 +
 include/tests_databases | 25 +++++++++++++++++++++++++
 3 files changed, 27 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 9679fa2f..49e08904 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -47,6 +47,7 @@ Using the relevant options, the scan will change base on the intended goal.
 - New profile option: disable-plugin - disables a single plugin
 - New profile option: ssl-certificate-paths-to-ignore - ignore a path
 - New test: CRYP-7930 - test for LUKS encryption
+- New test: DBS-1828  - PostgreSQL configuration files
 - New test: FINT-4316 - presence of AIDE database and size test
 - New test: INSE-8314 - test for NIS client
 - New test: INSE-8316 - test for NIS server
diff --git a/db/tests.db b/db/tests.db
index 000883e2..b43cef54 100644
--- a/db/tests.db
+++ b/db/tests.db
@@ -92,6 +92,7 @@ DBS-1816:test:security:databases::Checking MySQL root password:
 DBS-1818:test:security:databases::MongoDB status:
 DBS-1820:test:security:databases::Check MongoDB authentication:
 DBS-1826:test:security:databases::Checking active PostgreSQL processes:
+DBS-1828:test:security:databases::PostgreSQL configuration files:
 DBS-1840:test:security:databases::Checking active Oracle processes:
 DBS-1860:test:security:databases::Checking active DB2 instances:
 DBS-1880:test:security:databases::Checking active Redis processes:
diff --git a/include/tests_databases b/include/tests_databases
index 3ece8a99..16ea6786 100644
--- a/include/tests_databases
+++ b/include/tests_databases
@@ -179,6 +179,31 @@
     fi
 #
 #################################################################################
+#
+    # Test        : DBS-1828
+    # Description : Test PostgreSQL configuration file(s)
+    #
+    # Authentication:
+    # /var/lib/pgsql/data/pg_hba.conf
+    #
+    # Configuration
+    # Arch            /var/lib/postgres/data/postgresql.conf
+    # CentOS/Fedora   /var/lib/pgsql/data/postgresql.conf
+    # Ubuntu          /etc/postgresql/x.y/main/postgresql.conf
+
+    if [ "${POSTGRESQL_RUNNING}" -eq 1 ]; then PREQS_MET="YES"; SKIPREASON=""; else PREQS_MET="NO"; SKIPREASON="PostgreSQL not installed or not running"; fi
+
+    Register --test-no DBS-1828 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Test PostgreSQL configuration"
+    if [ ${SKIPTEST} -eq 0 ]; then
+        FIND_PATHS="${ROOTDIR}etc/postgres ${ROOTDIR}var/lib/postgres/data"
+        CONFIG_FILES=$(${FINDBINARY} ${FIND_PATHS} -type f -name "postgresql.conf" -print0 2> /dev/null | ${TRBINARY} -cd '[:print:]\0' | ${TRBINARY} -d '\n' | ${TRBINARY} '\0' '\n' | xargs -i sh -c 'test -r "{}" && echo "{}" | ${SEDBINARY} "s/ /:space:/g"')
+        for CF in ${CONFIG_FILES}; do
+            Report "postgresql_config_file[]=${CF}"
+            LogText "Found configuration file (${CF})"
+        done
+    fi
+#
+#################################################################################
 #
     # Test        : DBS-1840
     # Description : Check if Oracle is being used