mirror of https://github.com/CISOfy/lynis.git
Initialize variables and filter out pam-old files
This commit is contained in:
parent
c7c44535e7
commit
b2c73547dd
|
@ -6,19 +6,26 @@
|
|||
#-----------------------------------------------------
|
||||
# PLUGIN_AUTHOR=Michael Boelen <michael.boelen@cisofy.com>
|
||||
# PLUGIN_CATEGORY=authentication
|
||||
# PLUGIN_DATE=2017-04-30
|
||||
# PLUGIN_DATE=2019-07-26
|
||||
# PLUGIN_DESC=PAM
|
||||
# PLUGIN_NAME=pam
|
||||
# PLUGIN_PACKAGE=all
|
||||
# PLUGIN_REQUIRED_TESTS=
|
||||
# PLUGIN_VERSION=1.0.2
|
||||
# PLUGIN_VERSION=1.0.4
|
||||
#-----------------------------------------------------
|
||||
#########################################################################
|
||||
#
|
||||
# Variables
|
||||
CREDITS_D_PASSWORD=""
|
||||
CREDITS_L_PASSWORD=""
|
||||
CREDITS_O_PASSWORD=""
|
||||
CREDITS_U_PASSWORD=""
|
||||
MAX_PASSWORD_RETRY=""
|
||||
MIN_PASSWORD_CLASS=""
|
||||
PAM_DIRECTORY="${ROOTDIR}etc/pam.d"
|
||||
|
||||
#
|
||||
#########################################################################
|
||||
#
|
||||
# Test : PLGN-0008
|
||||
# Description : Check PAM configuration
|
||||
FILE="${ROOTDIR}etc/security/pwquality.conf"
|
||||
|
@ -57,8 +64,9 @@
|
|||
done
|
||||
done
|
||||
fi
|
||||
|
||||
|
||||
#
|
||||
#########################################################################
|
||||
#
|
||||
# Test : PLGN-0010
|
||||
# Description : Check PAM configuration
|
||||
if [ -f ${ROOTDIR}etc/pam.conf -o -d ${PAM_DIRECTORY} ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi
|
||||
|
@ -69,12 +77,12 @@
|
|||
if [ -d ${PAM_DIRECTORY} ]; then
|
||||
LogText "Result: ${PAM_DIRECTORY} exists"
|
||||
if [ ! "${OS}" = "FreeBSD" -a ! "${OS}" = "NetBSD" ]; then
|
||||
FIND_FILES=$(find ${PAM_DIRECTORY} -type f -print)
|
||||
FIND_FILES=$(find ${PAM_DIRECTORY} -not -name "*.pam-old" -type f -print)
|
||||
else
|
||||
if [ -f ${PAM_DIRECTORY}/README ]; then
|
||||
LogText "Skipped checking ${OS} ${PAM_DIRECTORY}/README as a PAM file"
|
||||
fi
|
||||
FIND_FILES=$(find ${PAM_DIRECTORY} -type f -print | grep -v "README")
|
||||
FIND_FILES=$(find ${PAM_DIRECTORY} -not -name "README" -not -name "*.pam-old" -type f -print)
|
||||
fi
|
||||
|
||||
for PAM_FILE in ${FIND_FILES}; do
|
||||
|
|
Loading…
Reference in New Issue