tyler.durden
/
lynis
mirror of https://github.com/CISOfy/lynis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Added debugging and several fixes

This commit is contained in:
mboelen 2015-10-15 20:10:21 +02:00
parent 361e70fa13
commit 8c5f67f624
1 changed files with 18 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
plugins/plugin_pam_phase1
View File

@ -160,8 +160,8 @@
logtext "Result: found ${PAM_MODULE} module (generic)"
if [ ! "${PAM_MODULE_OPTIONS}" = "" ]; then
for I in ${PAM_MODULE_OPTIONS}; do
OPTION=`echo ${PAM_FILE} | awk -F= '{ print $1 }'`
VALUE=`echo ${PAM_FILE} | awk -F= '{ print $2 }'`
OPTION=`echo ${I} | awk -F= '{ print $1 }'`
VALUE=`echo ${I} | awk -F= '{ print $2 }'`
CREDITS_CONFIGURED=0
case ${OPTION} in
# pam_pwhistory / pam_unix
@ -185,11 +185,14 @@
# Password strength testing
pam_cracklib | pam_pwquality)
logtext "Result: found module ${PAM_MODULE} for password strength testing"
Debug "FOUND"
PAM_MODULE_PASSWORD_STRENGTH_TESTED=1
if [ ! "${PAM_MODULE_OPTIONS}" = "" ]; then
Debug "Module options configured"
for I in ${PAM_MODULE_OPTIONS}; do
OPTION=`echo ${PAM_FILE} | awk -F= '{ print $1 }'`
VALUE=`echo ${PAM_FILE} | awk -F= '{ print $2 }'`
OPTION=`echo ${I} | awk -F= '{ print $1 }'`
Debug ${OPTION}
VALUE=`echo ${I} | awk -F= '{ print $2 }'`
CREDITS_CONFIGURED=0
case ${OPTION} in
minlen)
@ -222,6 +225,9 @@
# Uppercase characters
if [ ${VALUE} -gt 0 ]; then CREDITS_CONFIGURED=1; fi
;;
*)
logtext "Result: unknown option found: ${OPTION} with value ${VALUE}"
;;
esac
if [ ${CREDITS_CONFIGURED} -eq 1 ]; then
logtext "Result: Credits are configured, password length minus 1"
@ -239,8 +245,8 @@
fi
if [ ! "${PAM_MODULE_OPTIONS}" = "" ]; then
for I in ${PAM_MODULE_OPTIONS}; do
OPTION=`echo ${PAM_FILE} | awk -F= '{ print $1 }'`
VALUE=`echo ${PAM_FILE} | awk -F= '{ print $2 }'`
OPTION=`echo ${I} | awk -F= '{ print $1 }'`
VALUE=`echo ${I} | awk -F= '{ print $2 }'`
case ${OPTION} in
deny)
AUTH_BLOCK_BAD_LOGIN_ATTEMPTS="${VALUE}"
@ -257,12 +263,12 @@
;;
esac
fi
Debug "Service: ${PAM_SERVICE}"
Debug "Type: ${PAM_TYPE}"
Debug "Control: ${PAM_CONTROL_FLAG}"
Debug "Control options: ${PAM_CONTROL_OPTIONS}"
Debug "Module: ${PAM_MODULE_NAME}"
Debug "Module options: ${PAM_MODULE_OPTIONS}"
#Debug "Service: ${PAM_SERVICE}"
#Debug "Type: ${PAM_TYPE}"
#Debug "Control: ${PAM_CONTROL_FLAG}"
#Debug "Control options: ${PAM_CONTROL_OPTIONS}"
#Debug "Module: ${PAM_MODULE_NAME}"
#Debug "Module options: ${PAM_MODULE_OPTIONS}"
fi
done < ${PAM_FILE}
#ParsePAMLine ${J}