tyler.durden
/
lynis
mirror of https://github.com/CISOfy/lynis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Adjusted hints to solve wrong file permissions

This commit is contained in:
mboelen 2014-09-08 19:40:08 +02:00
parent 2ce4cf5c57
commit 9ed32c4e2f
1 changed files with 4 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
lynis
View File

@ -91,19 +91,19 @@
ISSUE=0 ISSUE=0
# Check permissions of include/consts file # Check permissions of include/consts file
if [ ! "${PERMS}" = "r--------" -a ! "${PERMS}" = "rw-------" ]; then if [ ! "${PERMS}" = "r--------" -a ! "${PERMS}" = "rw-------" ]; then
ISSUE=1; echo "[!] Change file permissions of ${INCLUDEDIR}/consts to 600." ISSUE=1; echo "[!] Change file permissions of ${INCLUDEDIR}/consts to 600."; echo " Command: chmod 600 ${INCLUDEDIR}/consts"
fi fi
# Check permissions of include/functions file # Check permissions of include/functions file
if [ ! "${PERMS2}" = "r--------" -a ! "${PERMS2}" = "rw-------" ]; then if [ ! "${PERMS2}" = "r--------" -a ! "${PERMS2}" = "rw-------" ]; then
ISSUE=1; echo "[!] Change file permissions of ${INCLUDEDIR}/functions to 600." ISSUE=1; echo "[!] Change file permissions of ${INCLUDEDIR}/functions to 600."; echo " Command: chmod 600 ${INCLUDEDIR}/functions"
fi fi
# Check if owner of both files is root user, or the same user which is running Lynis (for pentester mode) # Check if owner of both files is root user, or the same user which is running Lynis (for pentester mode)
if [ ! "${OWNER}" = "root" -a ! "${OWNERID}" = "0" -a ! "${MYID}" = "${OWNER2ID}" ]; then if [ ! "${OWNER}" = "root" -a ! "${OWNERID}" = "0" -a ! "${MYID}" = "${OWNER2ID}" ]; then
ISSUE=1; echo "[!] Change ownership of ${INCLUDEDIR}/consts to 'root' or similar (found: ${OWNER} with UID ${OWNERID})." ISSUE=1; echo "[!] Change ownership of ${INCLUDEDIR}/consts to 'root' or similar (found: ${OWNER} with UID ${OWNERID})."; echo " Command: chown root:root ${INCLUDEDIR}/consts"
fi fi
# Check if owner of both files is root user, or the same user which is running Lynis (for pentester mode) # Check if owner of both files is root user, or the same user which is running Lynis (for pentester mode)
if [ ! "${OWNER2}" = "root" -a ! "${OWNER2ID}" = "0" -a ! "${MYID}" = "${OWNER2ID}" ]; then if [ ! "${OWNER2}" = "root" -a ! "${OWNER2ID}" = "0" -a ! "${MYID}" = "${OWNER2ID}" ]; then
ISSUE=1; echo "[!] Change ownership of ${INCLUDEDIR}/functions to 'root' or similar (found: ${OWNER2} with UID ${OWNER2ID})." ISSUE=1; echo "[!] Change ownership of ${INCLUDEDIR}/functions to 'root' or similar (found: ${OWNER2} with UID ${OWNER2ID})."; echo " Command: chown root:root ${INCLUDEDIR}/functions"
fi fi
if [ ${ISSUE} -eq 0 ]; then if [ ${ISSUE} -eq 0 ]; then
@ -113,10 +113,6 @@
echo ""; echo ""; echo ""; echo "";
echo "[X] Security check failed: See action above to correct this issue." echo "[X] Security check failed: See action above to correct this issue."
echo " Please change ownership and permissions of the related files and start Lynis again." echo " Please change ownership and permissions of the related files and start Lynis again."
echo ""
echo "Related commands:"
echo "chown root:root ${INCLUDEDIR}/*"
echo "chmod 600 ${INCLUDEDIR}/*"
echo ""; echo ""; echo ""; echo "";
exit 1 exit 1
fi fi