added TRBINARY + fix nftables check (#276)

fixes #273
2016-09-06 20:58:30 +02:00 · 2016-09-06 20:58:30 +02:00 · a596bdc349
parent 8c811778dd
commit a596bdc349
2 changed files with 3 additions and 1 deletions
--- a/include/binaries
+++ b/include/binaries
@ -201,6 +201,7 @@
                            syslog-ng)              SYSLOGNGFOUND=1;       SYSLOGNGBINARY="${BINARY}"; SYSLOGNGVERSION=`${BINARY} -V 2>&1 | grep "^syslog-ng" | awk '{ print $2 }'`; LogText "Found ${BINARY} (version ${SYSLOGNGVERSION})"                         ;;
                            systemctl)              SYSTEMCTLFOUND=1;      SYSTEMCTLBINARY="${BINARY}"; SERVICE_MANAGER="systemd";                        LogText "  Found known binary: systemctl (client to systemd) - ${BINARY}"                                 ;;
                            timedatectl)            TIMEDATECTLFOUND=1;    TIMEDATECTL="${BINARY}";                                                       LogText "  Found known binary: timedatectl (timedate client) - ${BINARY}"                                 ;;
+                            tr)                     TRFOUND=1;             TRBINARY="${BINARY}";                                                          LogText "  Found known binary: tr (text transformation) - ${BINARY}"                                      ;;
                            tripwire)               TRIPWIREFOUND=1;       TRIPWIREBINARY="${BINARY}";                                                    LogText "  Found known binary: tripwire (file integrity) - ${BINARY}"                                     ;;
                            tune2fs)                TUNE2FSFOUND=1;        TUNE2FSBINARY="${BINARY}";                                                     LogText "  Found known binary: tune2fs (file system tool) - ${BINARY}"                                    ;;
                            vgdisplay)              VGDISPLAYFOUND=1;      VGDISPLAYBINARY="${BINARY}";                                                   LogText "  Found known binary: vgdisplay (LVM tool) - ${BINARY}"                                          ;;
--- a/include/tests_firewalls
+++ b/include/tests_firewalls
@ -388,6 +388,7 @@
        if [ ! -z "${FIND}" ]; then
            LogText "Result: found nftables kernel module"
            FIREWALL_SOFTWARE="nftables"
+            FIREWALL_ACTIVE=1
            NFTABLES_ACTIVE=1
            Report "firewall_software[]=nftables"
        else
@ -403,7 +404,7 @@
    Register --test-no FIRE-4538 --os Linux --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check nftables basic configuration"
    if [ ${SKIPTEST} -eq 0 ]; then
        # Retrieve nft version
-        NFT_VERSION=$(${NFTBINARY} --version 2> /dev/null | ${AWKBINARY} '{ if ($1=="nftables") { print $2 }}' | tr -d 'v')
+        NFT_VERSION=$(${NFTBINARY} --version 2> /dev/null | ${AWKBINARY} '{ if ($1=="nftables") { print $2 }}' | ${TRBINARY} -d 'v')
        Report "nft_version=${NFT_VERSION}"
        LogText "Result: found version ${NFT_VERSION} of nft"
    fi