Initialize variables and filter out pam-old files

2019-12-06 15:55:29 +01:00 · 2019-12-06 15:55:29 +01:00 · b2c73547dd
parent c7c44535e7
commit b2c73547dd
1 changed files with 15 additions and 7 deletions
--- a/plugins/plugin_pam_phase1
+++ b/plugins/plugin_pam_phase1
@ -6,19 +6,26 @@
 #-----------------------------------------------------
 # PLUGIN_AUTHOR=Michael Boelen <michael.boelen@cisofy.com>
 # PLUGIN_CATEGORY=authentication
-# PLUGIN_DATE=2017-04-30
+# PLUGIN_DATE=2019-07-26
 # PLUGIN_DESC=PAM
 # PLUGIN_NAME=pam
 # PLUGIN_PACKAGE=all
 # PLUGIN_REQUIRED_TESTS=
-# PLUGIN_VERSION=1.0.2
+# PLUGIN_VERSION=1.0.4
 #-----------------------------------------------------
 #########################################################################
 #
    # Variables
+    CREDITS_D_PASSWORD=""
+    CREDITS_L_PASSWORD=""
+    CREDITS_O_PASSWORD=""
+    CREDITS_U_PASSWORD=""
    MAX_PASSWORD_RETRY=""
+    MIN_PASSWORD_CLASS=""
    PAM_DIRECTORY="${ROOTDIR}etc/pam.d"
-
+#
+#########################################################################
+#
    # Test        : PLGN-0008
    # Description : Check PAM configuration
    FILE="${ROOTDIR}etc/security/pwquality.conf"
@ -57,8 +64,9 @@
            done
        done
    fi
-
-
+#
+#########################################################################
+#
    # Test        : PLGN-0010
    # Description : Check PAM configuration
    if [ -f ${ROOTDIR}etc/pam.conf -o -d ${PAM_DIRECTORY} ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi
@ -69,12 +77,12 @@
        if [ -d ${PAM_DIRECTORY} ]; then
            LogText "Result: ${PAM_DIRECTORY} exists"
            if [ ! "${OS}" = "FreeBSD" -a ! "${OS}" = "NetBSD" ]; then
-                FIND_FILES=$(find ${PAM_DIRECTORY} -type f -print)
+                FIND_FILES=$(find ${PAM_DIRECTORY} -not -name "*.pam-old" -type f -print)
            else
                if [ -f ${PAM_DIRECTORY}/README ]; then
                    LogText "Skipped checking ${OS} ${PAM_DIRECTORY}/README as a PAM file"
                fi
-                FIND_FILES=$(find ${PAM_DIRECTORY} -type f -print | grep -v "README")
+                FIND_FILES=$(find ${PAM_DIRECTORY} -not -name "README" -not -name "*.pam-old" -type f -print)
            fi

            for PAM_FILE in ${FIND_FILES}; do