diff --git a/CHANGELOG b/CHANGELOG index a5b728e1..3e386f86 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -18,6 +18,12 @@ ================================================================================ + * 1.6.2 (2014-09-xx) + + Changes: + - Permissions check has been adjusted to allow packaging and pentest mode + - Store PID file in home directory of user if needed + * 1.6.1 (2014-09-09) New: diff --git a/include/functions b/include/functions index 73750701..e9e972d1 100644 --- a/include/functions +++ b/include/functions @@ -210,6 +210,8 @@ LINESIZE=`echo "${TEXT}" | wc -c | tr -d ' '` SPACES=`expr 62 - ${INDENT} - ${LINESIZE}` if [ ${CRONJOB} -eq 0 ]; then + # Check if we already have already discovered a proper echo command tool. It not, set it default to 'echo'. + if [ "${ECHOCMD}" = "" ]; then ECHOCMD="echo"; fi ${ECHOCMD} "\033[${INDENT}C${TEXT}\033[${SPACES}C${RESULTPART}" else echo "${TEXT}${RESULTPART}" @@ -992,8 +994,8 @@ fi # Other permissions OTHER_PERMS=`echo ${PERMS} | cut -c8-10` - if [ ! "${OTHER_PERMS}" = "---" ]; then - echo "Fatal error: permissions of file $1 are not strict enough. Access to 'other' should be denied." + if [ ! "${OTHER_PERMS}" = "---" -a ! "${OTHER_PERMS}" = "r--" ]; then + echo "Fatal error: permissions of file $1 are not strict enough. Access to 'other' should be denied or read-only." ExitFatal fi # Set PERMS_OK to 1 if no fatal errors occurred diff --git a/lynis b/lynis index 378b7af5..f8d834ff 100755 --- a/lynis +++ b/lynis @@ -347,7 +347,10 @@ # Create new PID file (use work directory if /var/run is not available) if [ ${PENTESTINGMODE} -eq 1 ]; then - PIDFILE="lynis.pid" + # Store it in home directory of user + MYHOMEDIR=`echo ~` + if [ "${MYHOMEDIR}" = "" ]; then HOMEDIR="/tmp"; fi + PIDFILE="${MYHOMEDIR}/lynis.pid" elif [ -d /var/run ]; then PIDFILE="/var/run/lynis.pid" else