tyler.durden/lynis
1
0
Fork 0
mirror of https://github.com/CISOfy/lynis.git synced 2025-07-29 08:44:21 +02:00
Code Issues Packages Projects Releases Wiki Activity

Allow strict code checking for developers

Browse Source
This commit is contained in:
Michael Boelen 2016-07-28 11:39:10 +02:00
parent db5d825701
commit af999d3207
5 changed files with 27 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
developer.prf
View File

@ -4,4 +4,5 @@
debug=yes debug=yes
developer-mode=yes developer-mode=yes
quick=yes quick=yes
strict=yes
verbose=yes verbose=yes

5
include/consts
View File

@ -58,6 +58,7 @@ unset LANG
BINARY_SCAN_FINISHED=0 BINARY_SCAN_FINISHED=0
CHECK=0 CHECK=0
CHECK_BINARIES=1 CHECK_BINARIES=1
CHECK_OPTION_ARRAY=""
CHKROOTKITBINARY="" CHKROOTKITBINARY=""
CHKCONFIGBINARY="" CHKCONFIGBINARY=""
COLORS=1 COLORS=1
@ -80,6 +81,7 @@ unset LANG
DEVELOPER_MODE=0 DEVELOPER_MODE=0
DISCOVERED_BINARIES="" DISCOVERED_BINARIES=""
DOCKER_DAEMON_RUNNING=0 DOCKER_DAEMON_RUNNING=0
ECHOCMD=""
ERROR_ON_WARNINGS=0 ERROR_ON_WARNINGS=0
FILEVALUE="" FILEVALUE=""
FIND="" FIND=""
@ -95,6 +97,7 @@ unset LANG
HOSTID="" HOSTID=""
IDS_IPS_TOOL_FOUND=0 IDS_IPS_TOOL_FOUND=0
IPTABLESBINARY="" IPTABLESBINARY=""
LDAP_CLIENT_CONFIG_FILE=""
LINUX_VERSION="" LINUX_VERSION=""
LINUXCONFIGFILE="" LINUXCONFIGFILE=""
LMDBINARY="" LMDBINARY=""
@ -149,6 +152,7 @@ unset LANG
PLUGIN_PHASE=0 PLUGIN_PHASE=0
POSTGRES_RUNNING=0 POSTGRES_RUNNING=0
PRIVILEGED=0 PRIVILEGED=0
PROFILES=""
PROFILEVALUE="" PROFILEVALUE=""
PSBINARY="ps" PSBINARY="ps"
REDIS_RUNNING=0 REDIS_RUNNING=0
@ -164,6 +168,7 @@ unset LANG
SERVICE_MANAGER="" SERVICE_MANAGER=""
SETTINGS="" SETTINGS=""
SETTINGS_FILE="" SETTINGS_FILE=""
SET_STRICT=0
SHELL_IS_BUSYBOX=0 SHELL_IS_BUSYBOX=0
SHOW_PROGRAM_DETAILS=1 SHOW_PROGRAM_DETAILS=1
SHOW_REPORT=1 SHOW_REPORT=1

3
include/parameters
View File

@ -122,8 +122,7 @@
SHOW_TOOL_TIPS=0 SHOW_TOOL_TIPS=0
QUIET=1 QUIET=1
SHOW_PROGRAM_DETAILS=0 SHOW_PROGRAM_DETAILS=0
shift shift; HELPER_PARAMS="$@"
HELPER_PARAMS="$1 $2"
break break
;; ;;

6
include/profiles
View File

@ -254,6 +254,12 @@
AddSetting "skip-upgrade-test" "${SKIP_UPGRADE_TEST}" "Skip upgrade test" AddSetting "skip-upgrade-test" "${SKIP_UPGRADE_TEST}" "Skip upgrade test"
;; ;;
# Set strict mode for development and quality purposes
strict)
FIND=`echo "${VALUE}" | egrep "^(1|true|yes)"` && SET_STRICT=1
AddSetting "strict" "${SET_STRICT}" "Perform strict test of scripts"
;;
# Define what kind of scan we are performing # Define what kind of scan we are performing
test_scan_mode | test-scan-mode) test_scan_mode | test-scan-mode)
if [ "${VALUE}" = "light" ]; then SCAN_TEST_LIGHT="YES"; SCAN_TEST_MEDIUM="NO"; SCAN_TEST_HEAVY="NO"; fi if [ "${VALUE}" = "light" ]; then SCAN_TEST_LIGHT="YES"; SCAN_TEST_MEDIUM="NO"; SCAN_TEST_HEAVY="NO"; fi

21
lynis
View File

@ -50,7 +50,12 @@
REPORT_version_major="1"; REPORT_version_minor="0" REPORT_version_major="1"; REPORT_version_minor="0"
REPORT_version="${REPORT_version_major}.${REPORT_version_minor}" REPORT_version="${REPORT_version_major}.${REPORT_version_minor}"
DISPLAY_LANG=$LANG # required by function Display to deal with multi-bytes characters. DISPLAY_LANG="${LANG}" # required by function Display to deal with multi-bytes characters.
# Code quality:
# Set strict checking for development version for first part of code. After
# initialization this is checked with strict profile option.
if [ ${PROGRAM_RELEASE_TYPE} = "dev" ]; then set -u; fi
# #
################################################################################# #################################################################################
@ -192,7 +197,6 @@ Make sure to execute ${PROGRAM_NAME} from untarred directory or check your insta
# Now include files if permissions are correct, or user decided to continue # Now include files if permissions are correct, or user decided to continue
. ${INCLUDEDIR}/consts . ${INCLUDEDIR}/consts
. ${INCLUDEDIR}/functions . ${INCLUDEDIR}/functions
# #
################################################################################# #################################################################################
# #
@ -204,10 +208,6 @@ Make sure to execute ${PROGRAM_NAME} from untarred directory or check your insta
# Use safe umask for the files we create # Use safe umask for the files we create
umask 027 umask 027
# Drop out on unintialised variables / fatal errors
#set -u
#
# #
################################################################################# #################################################################################
# #
@ -518,12 +518,19 @@ ${NORMAL}
# #
################################################################################# #################################################################################
# #
# Read profile/language # Read profile, set code checks, define language
# #
################################################################################# #################################################################################
# #
ParseProfiles ParseProfiles
# Define if we keep working in strict mode (development)
if [ ${SET_STRICT} -eq 0 ]; then
set +u # Allow uninitialized variables
else
set -u # Do not allow unitialized variables
fi
# Import a different language when configured # Import a different language when configured
if [ ! "${LANGUAGE}" = "en" ]; then if [ ! "${LANGUAGE}" = "en" ]; then
LogText "Language is set to ${LANGUAGE}" LogText "Language is set to ${LANGUAGE}"