tyler.durden
/
lynis
mirror of https://github.com/CISOfy/lynis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Added DisplayManual function, friendly name for compliance, minor enhancements

This commit is contained in:
mboelen 2015-10-01 22:40:29 +02:00
parent 3f8b826585
commit ac87ce4c79
1 changed files with 47 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

59
include/functions
View File

@ -28,6 +28,7 @@
# DigitsOnly Return only the digits from a string # DigitsOnly Return only the digits from a string
# DirectoryExists Check if a directory exists on the disk # DirectoryExists Check if a directory exists on the disk
# Display Output text to screen with colors and identation # Display Output text to screen with colors and identation
# DisplayManual Output text to screen without any layout
# ExitClean Stop the program (cleanly), with exit code 0 # ExitClean Stop the program (cleanly), with exit code 0
# ExitCustom Stop the program (cleanly), with custom exit code # ExitCustom Stop the program (cleanly), with custom exit code
# ExitFatal Stop the program (cleanly), with exit code 1 # ExitFatal Stop the program (cleanly), with exit code 1
@ -102,7 +103,6 @@
} }
################################################################################ ################################################################################
# Name : CheckItem() # Name : CheckItem()
# Description : Check if a specific item exists in the report # Description : Check if a specific item exists in the report
@ -177,12 +177,18 @@
fi fi
} }
# More information on the screen ################################################################################
# Name : Debug
# Description : Show additional information on screen
# Returns : Nothing
################################################################################
Debug() Debug()
{ {
if [ ${DEBUG} -eq 1 ]; then echo "DEBUG: $1"; fi if [ ${DEBUG} -eq 1 ]; then echo "DEBUG: $1"; fi
} }
################################################################################ ################################################################################
# Name : DigitsOnly # Name : DigitsOnly
# Description : Only extract numbers from a string # Description : Only extract numbers from a string
@ -197,10 +203,15 @@
VALUE=`echo ${VALUE} | grep -Eo '[0-9]{1,}'` VALUE=`echo ${VALUE} | grep -Eo '[0-9]{1,}'`
fi fi
logtext "Returning value: ${VALUE}" logtext "Returning value: ${VALUE}"
#return $VALUE
} }
# Display text
################################################################################
# Name : Display
# Description : Show text on screen, with markup
# Returns : Nothing
################################################################################
Display() Display()
{ {
INDENT=0; TEXT=""; RESULT=""; COLOR=""; SPACES=0 INDENT=0; TEXT=""; RESULT=""; COLOR=""; SPACES=0
@ -263,6 +274,21 @@
fi fi
} }
################################################################################
# Name : DisplayManual
# Description : Show text on screen, without any markup
# Returns : Nothing
################################################################################
DisplayManual()
{
if [ ${QUIET} -eq 0 ]; then
${ECHOCMD} "$1"
fi
}
# Clean exit (removing temp files, PID files) # Clean exit (removing temp files, PID files)
ExitClean() ExitClean()
{ {
@ -1471,21 +1497,30 @@
# Should we show this non-compliance on screen? # Should we show this non-compliance on screen?
SHOW=0 SHOW=0
case ${STANDARD_NAME} in case ${STANDARD_NAME} in
cis)
if [ ${COMPLIANCE_ENABLE_CIS} -eq 1 ]; then SHOW=1; fi
STANDARD_FRIENDLY_NAME="CIS"
;;
hipaa) hipaa)
if [ ${COMPLIANCE_HIPAA} -eq 1 ]; then SHOW=1; fi if [ ${COMPLIANCE_ENABLE_HIPAA} -eq 1 ]; then SHOW=1; fi
STANDARD_FRIENDLY_NAME="HIPAA"
;; ;;
iso27001) iso27001)
if [ ${COMPLIANCE_ISO27001} -eq 1 ]; then SHOW=1; fi if [ ${COMPLIANCE_ENABLE_ISO27001} -eq 1 ]; then SHOW=1; fi
STANDARD_FRIENDLY_NAME="ISO27001"
;; ;;
pci-dss) pci-dss)
if [ ${COMPLIANCE_PCI_DSS} -eq 1 ]; then SHOW=1; fi if [ ${COMPLIANCE_ENABLE_PCI_DSS} -eq 1 ]; then SHOW=1; fi
STANDARD_FRIENDLY_NAME="PCI DSS"
;; ;;
esac esac
# Only display if standard is enabled in the profile # Only display if standard is enabled in the profile and mark system as non-compliant
if [ ${SHOW} -eq 1 ]; then if [ ${SHOW} -eq 1 ]; then
Display --indent 2 --text "[${WHITE}${STANDARD_NAME} ${STANDARD_VERSION}${NORMAL}] ${STANDARD_SECTION} ${STANDARD_SECTION_TITLE}" COMPLIANCE_FINDINGS_FOUND=1
Display --indent 2 --text "Details: ${REASON}" DisplayManual " [${WHITE}${STANDARD_FRIENDLY_NAME} ${STANDARD_VERSION}${NORMAL}] - ${CYAN}Section ${STANDARD_SECTION}${NORMAL} - ${WHITE}${STANDARD_SECTION_TITLE}${NORMAL}"
Display --indent 2 --text "Values: ${RED}${ACTUAL_VALUE}${NORMAL} / ${WHITE}${EXPECTED_VALUE}${NORMAL}" DisplayManual " - Details: ${REASON}"
DisplayManual " - Configuration: ${RED}${ACTUAL_VALUE}${NORMAL} / ${EXPECTED_VALUE}"
DisplayManual ""
fi fi
} }
@ -1494,7 +1529,7 @@
# Name : ShowSymlinkPath() # Name : ShowSymlinkPath()
# Description : Check if we can find the path behind a symlink # Description : Check if we can find the path behind a symlink
# Parameters : $1 = file # Parameters : $1 = file
# Returns : FOUNDPATH (0 not found, 1 found path)) # Returns : FOUNDPATH (0 not found, 1 found path)
################################################################################ ################################################################################
ShowSymlinkPath() ShowSymlinkPath()