mirror of https://github.com/CISOfy/lynis.git
[DBS-1882] include redis.conf
This commit is contained in:
parent
336dcb4811
commit
bb83598ff1
|
@ -41,7 +41,7 @@
|
||||||
if [ "${FIND}" = "" ]; then
|
if [ "${FIND}" = "" ]; then
|
||||||
if [ ${DEBUG} -eq 1 ]; then Display --indent 2 --text "- MySQL process status" --result "${STATUS_NOT_FOUND}" --color WHITE --debug; fi
|
if [ ${DEBUG} -eq 1 ]; then Display --indent 2 --text "- MySQL process status" --result "${STATUS_NOT_FOUND}" --color WHITE --debug; fi
|
||||||
LogText "Result: MySQL process not active"
|
LogText "Result: MySQL process not active"
|
||||||
else
|
else
|
||||||
Display --indent 2 --text "- MySQL process status" --result "${STATUS_FOUND}" --color GREEN
|
Display --indent 2 --text "- MySQL process status" --result "${STATUS_FOUND}" --color GREEN
|
||||||
LogText "Result: MySQL is active"
|
LogText "Result: MySQL is active"
|
||||||
MYSQL_RUNNING=1
|
MYSQL_RUNNING=1
|
||||||
|
@ -257,37 +257,39 @@
|
||||||
Register --test-no DBS-1882 --weight L --network NO --preqs-met "${PREQS_MET}" --skip-reason "${SKIPREASON}" --category security --description "Redis configuration file"
|
Register --test-no DBS-1882 --weight L --network NO --preqs-met "${PREQS_MET}" --skip-reason "${SKIPREASON}" --category security --description "Redis configuration file"
|
||||||
if [ ${SKIPTEST} -eq 0 ]; then
|
if [ ${SKIPTEST} -eq 0 ]; then
|
||||||
PATHS="${ROOTDIR}etc/redis ${ROOTDIR}usr/local/etc/redis"
|
PATHS="${ROOTDIR}etc/redis ${ROOTDIR}usr/local/etc/redis"
|
||||||
|
ALLFILES=$(${LSBINARY} ${ROOTDIR}etc/redis.conf 2> /dev/null)
|
||||||
FOUND=0
|
FOUND=0
|
||||||
for DIR in ${PATHS}; do
|
for DIR in ${PATHS}; do
|
||||||
LogText "Action: scanning directory (${DIR}) for Redis configuration files"
|
LogText "Action: scanning directory (${DIR}) for Redis configuration files"
|
||||||
FILES=$(${LSBINARY} ${DIR}/*.conf 2> /dev/null)
|
FILES=$(${LSBINARY} ${DIR}/*.conf 2> /dev/null)
|
||||||
if [ ! -z "${FILES}" ]; then
|
if [ ! -z "${FILES}" ]; then
|
||||||
for CONFFILE in ${FILES}; do
|
ALLFILES="${ALLFILES} ${FILES}"
|
||||||
if FileIsReadable ${CONFFILE}; then
|
|
||||||
LogText "Action: checking if ${CONFFILE} is a Sentinel configuration file"
|
|
||||||
# Exclude Sentinel configuration file
|
|
||||||
FIND=$(${GREPBINARY} "^sentinel " ${CONFFILE})
|
|
||||||
if [ ! -z "${FIND}" ]; then
|
|
||||||
LogText "Result: file is a Sentinel configuration file, skipping it"
|
|
||||||
else
|
|
||||||
LogText "Result: file is NOT a Sentinel configuration file. Now scanning if it is a Redis configuration file"
|
|
||||||
FIND=$(${GREPBINARY} "Redis" ${CONFFILE})
|
|
||||||
if [ ! -z "${FIND}" ]; then
|
|
||||||
REDIS_CONFIGURATION_FILES="${REDIS_CONFIGURATION_FILES} ${CONFFILE}"
|
|
||||||
REDIS_CONFIGURATION_FOUND=1
|
|
||||||
LogText "Result: found a Redis configuration file (${CONFFILE})"
|
|
||||||
else
|
|
||||||
LogText "Result: this file does not look like a Redis file (${CONFFILE})"
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
else
|
|
||||||
LogText "Could not read this file, so skipping it"
|
|
||||||
fi
|
|
||||||
done
|
|
||||||
else
|
else
|
||||||
LogText "Result: no configuration files found in this directory"
|
LogText "Result: no configuration files found in this directory"
|
||||||
fi
|
fi
|
||||||
done
|
done
|
||||||
|
for CONFFILE in ${ALLFILES}; do
|
||||||
|
if FileIsReadable ${CONFFILE}; then
|
||||||
|
LogText "Action: checking if ${CONFFILE} is a Sentinel configuration file"
|
||||||
|
# Exclude Sentinel configuration file
|
||||||
|
FIND=$(${GREPBINARY} "^sentinel " ${CONFFILE})
|
||||||
|
if [ ! -z "${FIND}" ]; then
|
||||||
|
LogText "Result: file is a Sentinel configuration file, skipping it"
|
||||||
|
else
|
||||||
|
LogText "Result: file is NOT a Sentinel configuration file. Now scanning if it is a Redis configuration file"
|
||||||
|
FIND=$(${GREPBINARY} "Redis" ${CONFFILE})
|
||||||
|
if [ ! -z "${FIND}" ]; then
|
||||||
|
REDIS_CONFIGURATION_FILES="${REDIS_CONFIGURATION_FILES} ${CONFFILE}"
|
||||||
|
REDIS_CONFIGURATION_FOUND=1
|
||||||
|
LogText "Result: found a Redis configuration file (${CONFFILE})"
|
||||||
|
else
|
||||||
|
LogText "Result: this file does not look like a Redis file (${CONFFILE})"
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
else
|
||||||
|
LogText "Could not read this file, so skipping it"
|
||||||
|
fi
|
||||||
|
done
|
||||||
# Sort the list of discovered configuration files so we can make them unique
|
# Sort the list of discovered configuration files so we can make them unique
|
||||||
REDIS_CONFIGURATION_FILES=$(echo ${REDIS_CONFIGURATION_FILES} | ${SEDBINARY} 's/^ //' | ${TRBINARY} ' ' '\n' | ${SORTBINARY} | ${UNIQBINARY} | ${TRBINARY} '\n' ' ')
|
REDIS_CONFIGURATION_FILES=$(echo ${REDIS_CONFIGURATION_FILES} | ${SEDBINARY} 's/^ //' | ${TRBINARY} ' ' '\n' | ${SORTBINARY} | ${UNIQBINARY} | ${TRBINARY} '\n' ' ')
|
||||||
for FILE in ${REDIS_CONFIGURATION_FILES}; do
|
for FILE in ${REDIS_CONFIGURATION_FILES}; do
|
||||||
|
|
Loading…
Reference in New Issue