tyler.durden
/
lynis
mirror of https://github.com/CISOfy/lynis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add detection of chef-client and chef-server as an automation tool

This commit is contained in:
Tim Smith 2015-04-27 10:53:47 -07:00
parent 474d69dfd6
commit a85902c736
3 changed files with 18 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
include/binaries
View File

@ -94,6 +94,7 @@
chkconfig) CHKCONFIGFOUND=1; CHKCONFIGBINARY=${BINARY}; logtext " Found known binary: chkconfig (administration tool) - ${BINARY}" ;; chkconfig) CHKCONFIGFOUND=1; CHKCONFIGBINARY=${BINARY}; logtext " Found known binary: chkconfig (administration tool) - ${BINARY}" ;;
clamscan) CLAMSCANFOUND=1; CLAMSCANBINARY=${BINARY}; logtext " Found known binary: clamscan (AV scanner) - ${BINARY}" ;; clamscan) CLAMSCANFOUND=1; CLAMSCANBINARY=${BINARY}; logtext " Found known binary: clamscan (AV scanner) - ${BINARY}" ;;
cfagent) CFAGENTFOUND=1; CFAGENTBINARY="${BINARY}"; FILE_INT_TOOL_FOUND=1; logtext " Found known binary: cfengine agent (configuration tool) - ${BINARY}" ;; cfagent) CFAGENTFOUND=1; CFAGENTBINARY="${BINARY}"; FILE_INT_TOOL_FOUND=1; logtext " Found known binary: cfengine agent (configuration tool) - ${BINARY}" ;;
chef-client) CHEFCLIENTFOUND=1; CHEFCLIENTBINARY="${BINARY}" logtext " Found known binary: chef-client (chef client daemon) - ${BINARY}" ;;
chkrootkit) CHKROOTKITFOUND=1; CHKROOTKITBINARY="${BINARY}"; MALWARE_SCANNER_INSTALLED=1; logtext " Found known binary: chkrootkit (malware scanner) - ${BINARY}" ;; chkrootkit) CHKROOTKITFOUND=1; CHKROOTKITBINARY="${BINARY}"; MALWARE_SCANNER_INSTALLED=1; logtext " Found known binary: chkrootkit (malware scanner) - ${BINARY}" ;;
comm) COMMBINARY="${BINARY}"; logtext " Found known binary: comm (file compare) - ${BINARY}" ;; comm) COMMBINARY="${BINARY}"; logtext " Found known binary: comm (file compare) - ${BINARY}" ;;
csum) CSUMFOUND=1; CSUMBINARY="${BINARY}"; logtext " Found known binary: csum (hashing tool on AIX) - ${BINARY}" ;; csum) CSUMFOUND=1; CSUMBINARY="${BINARY}"; logtext " Found known binary: csum (hashing tool on AIX) - ${BINARY}" ;;
@ -103,6 +104,7 @@
domainname) DOMAINNAMEFOUND=1; DOMAINNAMEBINARY="${BINARY}"; logtext " Found known binary: domainname (NIS domain) - ${BINARY}" ;; domainname) DOMAINNAMEFOUND=1; DOMAINNAMEBINARY="${BINARY}"; logtext " Found known binary: domainname (NIS domain) - ${BINARY}" ;;
dpkg) DPKGBINARY="${BINARY}"; logtext " Found known binary: dpkg (package management) - ${BINARY}" ;; dpkg) DPKGBINARY="${BINARY}"; logtext " Found known binary: dpkg (package management) - ${BINARY}" ;;
egrep) EGREPFOUND=1; EGREPBINARY=${BINARY}; logtext " Found known binary: egrep (text search) - ${BINARY}" ;; egrep) EGREPFOUND=1; EGREPBINARY=${BINARY}; logtext " Found known binary: egrep (text search) - ${BINARY}" ;;
erchef) CHEFSERVERFOUND=1; CHEFSERVERBINARY="${BINARY}" logtext " Found known binary: erchef (chef server daemon) - ${BINARY}" ;;
exim) EXIMFOUND=1; EXIMBINARY="${BINARY}"; EXIMVERSION=`${BINARY} -bV | grep 'Exim version' | awk '{ print $3 }' | xargs`; logtext "Found ${BINARY} (version ${EXIMVERSION})" ;; exim) EXIMFOUND=1; EXIMBINARY="${BINARY}"; EXIMVERSION=`${BINARY} -bV | grep 'Exim version' | awk '{ print $3 }' | xargs`; logtext "Found ${BINARY} (version ${EXIMVERSION})" ;;
find) FINDFOUND=1; FINDBINARY="${BINARY}"; logtext " Found known binary: find (search tool) - ${BINARY}" ;; find) FINDFOUND=1; FINDBINARY="${BINARY}"; logtext " Found known binary: find (search tool) - ${BINARY}" ;;
g++) GPLUSPLUSFOUND=1; GPLUSPLUSBINARY="${BINARY}"; COMPILER_INSTALLED=1; logtext " Found known binary: g++ (compiler) - ${BINARY}" ;; g++) GPLUSPLUSFOUND=1; GPLUSPLUSBINARY="${BINARY}"; COMPILER_INSTALLED=1; logtext " Found known binary: g++ (compiler) - ${BINARY}" ;;

3
include/consts
View File

@ -26,7 +26,8 @@ BINPATHS="/bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin \
/usr/local/libexec /usr/libexec /usr/sfw/bin /usr/sfw/sbin \ /usr/local/libexec /usr/libexec /usr/sfw/bin /usr/sfw/sbin \
/usr/sfw/libexec /opt/sfw/bin /opt/sfw/sbin /opt/sfw/libexec \ /usr/sfw/libexec /opt/sfw/bin /opt/sfw/sbin /opt/sfw/libexec \
/usr/xpg4/bin /usr/css/bin /usr/ucb /usr/X11R6/bin /usr/X11R7/bin \ /usr/xpg4/bin /usr/css/bin /usr/ucb /usr/X11R6/bin /usr/X11R7/bin \
/usr/pkg/bin /usr/pkg/sbin" /usr/pkg/bin /usr/pkg/sbin /opt/chef/bin /opt/chef-server/sv \
/opt/chefdk/bin"
# Do not use specific language, fall back to default # Do not use specific language, fall back to default
unset LANG unset LANG

14
include/tests_tooling
View File

@ -45,6 +45,20 @@
Display --indent 4 --text "Found: Cfengine (cfagent)" --result FOUND --color GREEN Display --indent 4 --text "Found: Cfengine (cfagent)" --result FOUND --color GREEN
fi fi
# Chef-Client
if [ ! "${CHEFCLIENTBINARY}" = "" ]; then
logtext "Result: Chef client (chef-client) is installed (${CHEFCLIENTBINARY})"
AUTOMATION_TOOL_FOUND=1
Display --indent 4 --text "Found: Chef client (chef-client)" --result FOUND --color GREEN
fi
# Chef-Server
if [ ! "${CHEFSERVERBINARY}" = "" ]; then
logtext "Result: Chef Server (erchef) is installed (${CHEFSERVERBINARY})"
AUTOMATION_TOOL_FOUND=1
Display --indent 4 --text "Found: Chef Server (erchef)" --result FOUND --color GREEN
fi
# Puppet # Puppet
if [ ! "${PUPPETBINARY}" = "" ]; then if [ ! "${PUPPETBINARY}" = "" ]; then
logtext "Result: Puppet is installed (${PUPPETBINARY})" logtext "Result: Puppet is installed (${PUPPETBINARY})"