New option: --usecwd to run from current working directory

2019-07-25 11:34:58 +02:00 · 2019-07-25 11:34:58 +02:00 · b384fa2887
parent 022f427a69
commit b384fa2887
4 changed files with 37 additions and 18 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -27,6 +27,7 @@ measures to further tighten any possible misuse.
 - New function: Readonly - mark variable read-only (security)
 - New function: SafeFile - test file type and call permission check
 - New function: SafeInput - check for safe input (security)
+- New option: --usecwd - run from the current working directory
 - New profile option: disable-plugin - disables a single plugin
 - New profile option: ssl-certificate-paths-to-ignore - ignore a path
 - New test: CRYP-7930 - disk or file system encryption testing
--- a/include/functions
+++ b/include/functions
@ -435,7 +435,11 @@
            DEFAULT_PROFILE=""
            PROFILEDIR=""
            tPROFILE_NAMES="default.prf custom.prf"
-            tPROFILE_TARGETS="/usr/local/etc/lynis /etc/lynis /usr/local/lynis ."
+            if [ ${USE_CWD} -eq 1 ]; then
+                tPROFILE_TARGETS="."
+            else
+                tPROFILE_TARGETS="/usr/local/etc/lynis /etc/lynis /usr/local/lynis ."
+            fi
            for PNAME in ${tPROFILE_NAMES}; do
                for PLOC in ${tPROFILE_TARGETS}; do
                    # Only use one default.prf
--- a/include/parameters
+++ b/include/parameters
@ -414,6 +414,10 @@
                UPLOAD_DATA=1
            ;;

+            --usecwd)
+                return
+            ;;
+
            --verbose)
                VERBOSE=1
            ;;
--- a/44
+++ b/44
@ -77,15 +77,21 @@
    WORKDIR=$(pwd)

    # Test from which directories we can use all functions and tests
-    INCLUDEDIR=""
-    tINCLUDE_TARGETS="/usr/local/include/lynis /usr/local/lynis/include /usr/share/lynis/include ./include"  # Default paths to check (CWD as last option, in case we run from standalone)
-    for I in ${tINCLUDE_TARGETS}; do
-        if [ "${I}" = "./include" ]; then
-            if [ -d "${WORKDIR}/include" ]; then INCLUDEDIR="${WORKDIR}/include"; fi
-        elif [ -d ${I} -a -z "${INCLUDEDIR}" ]; then
-            INCLUDEDIR=${I}
-        fi
-    done
+    USE_CWD=0
+    if case "$@" in *--usecwd*) true;; *) false;; esac; then
+        USE_CWD=1
+        INCLUDEDIR="./include"
+    else
+        INCLUDEDIR=""
+        tINCLUDE_TARGETS="/usr/local/include/lynis /usr/local/lynis/include /usr/share/lynis/include ./include"  # Default paths to check (CWD as last option, in case we run from standalone)
+        for I in ${tINCLUDE_TARGETS}; do
+            if [ "${I}" = "./include" ]; then
+                if [ -d "${WORKDIR}/include" ]; then INCLUDEDIR="${WORKDIR}/include"; fi
+            elif [ -d ${I} -a -z "${INCLUDEDIR}" ]; then
+                INCLUDEDIR=${I}
+            fi
+        done
+    fi

    # Drop out if our include directory can't be found
    if [ -z "${INCLUDEDIR}" ]; then
@ -94,14 +100,18 @@
    fi

    # Test for database directory
-    DBDIR=""; tDB_TARGETS="/usr/local/share/lynis/db /usr/local/lynis/db /usr/share/lynis/db ./db"
-    for I in ${tDB_TARGETS}; do
-        if [ "${I}" = "./db" ]; then
-            if [ -d "${WORKDIR}/db" ]; then DBDIR="${WORKDIR}/db"; fi
-        elif [ -d ${I} -a -z "${DBDIR}" ]; then
-            DBDIR="${I}"
-        fi
-    done
+    if [ ${USE_CWD} -eq 1 ]; then
+        DBDIR="./db"
+    else
+        DBDIR=""; tDB_TARGETS="/usr/local/share/lynis/db /usr/local/lynis/db /usr/share/lynis/db ./db"
+        for I in ${tDB_TARGETS}; do
+            if [ "${I}" = "./db" ]; then
+                if [ -d "${WORKDIR}/db" ]; then DBDIR="${WORKDIR}/db"; fi
+            elif [ -d ${I} -a -z "${DBDIR}" ]; then
+                DBDIR="${I}"
+            fi
+        done
+    fi
 #
 #################################################################################
 #