mirror of
https://github.com/CISOfy/lynis.git
synced 2025-07-31 01:34:23 +02:00
Added debugging and several fixes
This commit is contained in:
mboelen
parent
361e70fa13
commit
8c5f67f624
@ -160,8 +160,8 @@
|
|||||||
logtext "Result: found ${PAM_MODULE} module (generic)"
|
logtext "Result: found ${PAM_MODULE} module (generic)"
|
||||||
if [ ! "${PAM_MODULE_OPTIONS}" = "" ]; then
|
if [ ! "${PAM_MODULE_OPTIONS}" = "" ]; then
|
||||||
for I in ${PAM_MODULE_OPTIONS}; do
|
for I in ${PAM_MODULE_OPTIONS}; do
|
||||||
OPTION=`echo ${PAM_FILE} | awk -F= '{ print $1 }'`
|
OPTION=`echo ${I} | awk -F= '{ print $1 }'`
|
||||||
VALUE=`echo ${PAM_FILE} | awk -F= '{ print $2 }'`
|
VALUE=`echo ${I} | awk -F= '{ print $2 }'`
|
||||||
CREDITS_CONFIGURED=0
|
CREDITS_CONFIGURED=0
|
||||||
case ${OPTION} in
|
case ${OPTION} in
|
||||||
# pam_pwhistory / pam_unix
|
# pam_pwhistory / pam_unix
|
||||||
@ -185,11 +185,14 @@
|
|||||||
# Password strength testing
|
# Password strength testing
|
||||||
pam_cracklib | pam_pwquality)
|
pam_cracklib | pam_pwquality)
|
||||||
logtext "Result: found module ${PAM_MODULE} for password strength testing"
|
logtext "Result: found module ${PAM_MODULE} for password strength testing"
|
||||||
|
Debug "FOUND"
|
||||||
PAM_MODULE_PASSWORD_STRENGTH_TESTED=1
|
PAM_MODULE_PASSWORD_STRENGTH_TESTED=1
|
||||||
if [ ! "${PAM_MODULE_OPTIONS}" = "" ]; then
|
if [ ! "${PAM_MODULE_OPTIONS}" = "" ]; then
|
||||||
|
Debug "Module options configured"
|
||||||
for I in ${PAM_MODULE_OPTIONS}; do
|
for I in ${PAM_MODULE_OPTIONS}; do
|
||||||
OPTION=`echo ${PAM_FILE} | awk -F= '{ print $1 }'`
|
OPTION=`echo ${I} | awk -F= '{ print $1 }'`
|
||||||
VALUE=`echo ${PAM_FILE} | awk -F= '{ print $2 }'`
|
Debug ${OPTION}
|
||||||
|
VALUE=`echo ${I} | awk -F= '{ print $2 }'`
|
||||||
CREDITS_CONFIGURED=0
|
CREDITS_CONFIGURED=0
|
||||||
case ${OPTION} in
|
case ${OPTION} in
|
||||||
minlen)
|
minlen)
|
||||||
@ -222,6 +225,9 @@
|
|||||||
# Uppercase characters
|
# Uppercase characters
|
||||||
if [ ${VALUE} -gt 0 ]; then CREDITS_CONFIGURED=1; fi
|
if [ ${VALUE} -gt 0 ]; then CREDITS_CONFIGURED=1; fi
|
||||||
;;
|
;;
|
||||||
|
*)
|
||||||
|
logtext "Result: unknown option found: ${OPTION} with value ${VALUE}"
|
||||||
|
;;
|
||||||
esac
|
esac
|
||||||
if [ ${CREDITS_CONFIGURED} -eq 1 ]; then
|
if [ ${CREDITS_CONFIGURED} -eq 1 ]; then
|
||||||
logtext "Result: Credits are configured, password length minus 1"
|
logtext "Result: Credits are configured, password length minus 1"
|
||||||
@ -239,8 +245,8 @@
|
|||||||
fi
|
fi
|
||||||
if [ ! "${PAM_MODULE_OPTIONS}" = "" ]; then
|
if [ ! "${PAM_MODULE_OPTIONS}" = "" ]; then
|
||||||
for I in ${PAM_MODULE_OPTIONS}; do
|
for I in ${PAM_MODULE_OPTIONS}; do
|
||||||
OPTION=`echo ${PAM_FILE} | awk -F= '{ print $1 }'`
|
OPTION=`echo ${I} | awk -F= '{ print $1 }'`
|
||||||
VALUE=`echo ${PAM_FILE} | awk -F= '{ print $2 }'`
|
VALUE=`echo ${I} | awk -F= '{ print $2 }'`
|
||||||
case ${OPTION} in
|
case ${OPTION} in
|
||||||
deny)
|
deny)
|
||||||
AUTH_BLOCK_BAD_LOGIN_ATTEMPTS="${VALUE}"
|
AUTH_BLOCK_BAD_LOGIN_ATTEMPTS="${VALUE}"
|
||||||
@ -257,12 +263,12 @@
|
|||||||
;;
|
;;
|
||||||
esac
|
esac
|
||||||
fi
|
fi
|
||||||
Debug "Service: ${PAM_SERVICE}"
|
#Debug "Service: ${PAM_SERVICE}"
|
||||||
Debug "Type: ${PAM_TYPE}"
|
#Debug "Type: ${PAM_TYPE}"
|
||||||
Debug "Control: ${PAM_CONTROL_FLAG}"
|
#Debug "Control: ${PAM_CONTROL_FLAG}"
|
||||||
Debug "Control options: ${PAM_CONTROL_OPTIONS}"
|
#Debug "Control options: ${PAM_CONTROL_OPTIONS}"
|
||||||
Debug "Module: ${PAM_MODULE_NAME}"
|
#Debug "Module: ${PAM_MODULE_NAME}"
|
||||||
Debug "Module options: ${PAM_MODULE_OPTIONS}"
|
#Debug "Module options: ${PAM_MODULE_OPTIONS}"
|
||||||
fi
|
fi
|
||||||
done < ${PAM_FILE}
|
done < ${PAM_FILE}
|
||||||
#ParsePAMLine ${J}
|
#ParsePAMLine ${J}
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user