Removed warnings, updated changelog

CHANGELOG

@@ -30,7 +30,10 @@
  - ShowSymlinkPath function to check path behind a symlink
 
  Changes:
+ - Improved inetd test to avoid false positive with xinetd process [INSE-8002]
  - Permissions check has been adjusted to allow packaging and pentest mode
+ - Fix for reading at.deny file [SCHD-7720]
+ - Extended telnet in inetd test [INSE-8016]
  - Removed individual warnings [BOOT-5184]
  - Store PID file in home directory of user if needed
 

debian/rules

@@ -1,8 +1,8 @@
 #!/usr/bin/make -f
 
-build: build-arch build-indep
-build-arch: build-stamp
+build: build-indep build-arch
 build-indep: build-stamp
+build-arch: build-stamp
 build-stamp:
 	dh_testdir
 	touch build-stamp
@@ -36,7 +36,6 @@ install: build
 
 
 # Build architecture-dependent files here.
-binary-arch: build install
 binary-indep: build install
 	dh_testdir
 	dh_testroot
@@ -54,6 +53,8 @@ binary-indep: build install
 	dh_md5sums
 	dh_builddeb
 
+binary-arch: build install
+
 binary: binary-indep binary-arch
 .PHONY: build clean binary-indep binary-arch binary install configure
 

include/tests_boot_services

@@ -58,7 +58,7 @@
                     AddHP 4 4
                 fi
               else
-                logtext "Warning: can not read ${GRUBCONFFILE}"
+                logtext "Result: Can not read ${GRUBCONFFILE} (no permission)"
             fi
         fi
 
@@ -142,7 +142,7 @@
                 fi
                 #YYY (making /etc/lilo.conf immutable is a good idea, chattr +i /etc/lilo.conf)
               else
-                logtext "Warning: can not access ${LILOCONFFILE}"
+                logtext "Result: can not read ${LILOCONFFILE} (no permission)"
             fi
           else
             Display --indent 4 --text "- Checking presence LILO... " --result "NOT FOUND" --color WHITE

include/tests_crypto

@@ -53,11 +53,11 @@
                                 #YYY Dump more information to log file
                             fi
                           else
-                            logtext "Warning: can not read file ${J}"
+                            logtext "Result: can not read file ${J} (no permission)"
                         fi
                     done
                   else
-                    logtext "Warning: No read access to path ${I}"
+                    logtext "Result: can not read path ${I} (no permission)"
                 fi
               else
                 logtext "Result: SSL path ${I} does not exist"

include/tests_networking

@@ -215,7 +215,7 @@
                 FIND2=`${IFCONFIGBINARY} -a | awk '{ if ($1=="inet6") print $2 }'`
                 ;;
             *)
-                logtext "Warning: no support yet for this OS (${OS}) to find IP address information"
+                logtext "Result: no support yet for this OS (${OS}) to find IP address information. You can help improving this test by submitting your details."
                 ReportException "${TEST_NO}:1" "IP address information test not implemented for this operating system"
                 ;;
         esac

include/tests_scheduling

@@ -186,13 +186,14 @@
                         done
                     fi
                   else
-                    logtext "Warning: can not read ${AT_ALLOW}"
+                    logtext "Result: can not read ${AT_ALLOW} (no permission)"
                 fi
              else
                logtext "Result: file ${AT_ALLOW} does not exist"
                logtext "Test: checking for file ${AT_DENY}"
                if [ -f ${AT_DENY} ]; then
-                   if [ -f ${AT_ALLOW} ]; then
+                   FileIsReadable ${AT_DENY}
+                   if [ ${CANREAD} -eq 1 ]; then
                        logtext "Result: file ${AT_DENY} exists, only non listed users can schedule at jobs"
                        FIND=`cat ${AT_DENY} | sort`
                        if [ "${FIND}" = "" ]; then
@@ -203,11 +204,12 @@
                            done
                        fi
                      else
-                       logtext "Warning: can not read ${AT_DENY}"
+                       logtext "Result: can not read ${AT_DENY} (no permission)"
                    fi
                  else
                    logtext "Result: both ${AT_ALLOW} and ${AT_DENY} do not exist"
                    logtext "Note: only root can schedule at jobs"
+                   AddHP 1 1
                fi
             fi
             Display --indent 4 --text "- Checking at users" --result DONE --color GREEN

include/tests_ssh

@@ -64,7 +64,7 @@
                   FOUND=1
                   SSH_DAEMON_CONFIG="${I}/sshd_config"
                 else
-                  logtext "Warning: can not read ${I}/sshd_config file"
+                  logtext "Result: can not read ${I}/sshd_config file (no permission)"
               fi
             fi
         done

include/tests_webservers

@@ -208,7 +208,7 @@
 #	    		        logtext "Result: Value from configuration file yielded the same output as in template"
 #	    		        SERVERTOKENSFOUND=1
 #	    	              else
-#	    		        logtext "Warning: Value of ServerTokens within active configuration is different than from used template."
+#	    		        logtext "Result: Value of ServerTokens within active configuration is different than from used template."
 #	    		        logtext "Found: ${SERVERTOKENSTEST}"
 #	    		        logtext "Expected: ${SERVERTOKENSEXPECTED}"
 #	    		    fi

lynis

@@ -21,7 +21,7 @@
     # Program information
     PROGRAM_name="Lynis"
     PROGRAM_version="1.6.2"
-    PROGRAM_releasedate="11 September 2014"
+    PROGRAM_releasedate="15 September 2014"
     PROGRAM_author="Michael Boelen"
     PROGRAM_author_contact="michael.boelen@cisofy.com"
     PROGRAM_website="http://cisofy.com"