mirror of
https://github.com/CISOfy/lynis.git
synced 2025-07-23 22:04:39 +02:00
commit
cad55d8bec
@ -1282,6 +1282,9 @@
|
|||||||
CHECK_PERMISSION=$(echo "-${CHECK_PERMISSION}" | ${AWKBINARY} '{k=0;for(i=0;i<=8;i++)k+=((substr($1,i+2,1)~/[rwx]/)*2^(8-i));if(k)printf("%0o",k)}')
|
CHECK_PERMISSION=$(echo "-${CHECK_PERMISSION}" | ${AWKBINARY} '{k=0;for(i=0;i<=8;i++)k+=((substr($1,i+2,1)~/[rwx]/)*2^(8-i));if(k)printf("%0o",k)}')
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
# Add leading zeros if necessary
|
||||||
|
CHECK_PERMISSION=$(echo "${CHECK_PERMISSION}" | ${AWKBINARY} '{printf "%03d",$1}')
|
||||||
|
|
||||||
# First try stat command
|
# First try stat command
|
||||||
LogText "Test: checking if file ${CHECKFILE} is ${CHECK_PERMISSION}"
|
LogText "Test: checking if file ${CHECKFILE} is ${CHECK_PERMISSION}"
|
||||||
if [ -n "${STATBINARY}" ]; then
|
if [ -n "${STATBINARY}" ]; then
|
||||||
@ -1300,7 +1303,11 @@
|
|||||||
*)
|
*)
|
||||||
# Only use find when OS is NOT AIX and binaries are NOT busybox
|
# Only use find when OS is NOT AIX and binaries are NOT busybox
|
||||||
if [ ${SHELL_IS_BUSYBOX} -eq 0 ]; then
|
if [ ${SHELL_IS_BUSYBOX} -eq 0 ]; then
|
||||||
DATA=$(${FINDBINARY} ${CHECKFILE} -printf "%m")
|
if [ -d ${CHECKFILE} ]; then
|
||||||
|
DATA=$(${FINDBINARY} ${CHECKFILE} -maxdepth 0 -printf "%m")
|
||||||
|
else
|
||||||
|
DATA=$(${FINDBINARY} ${CHECKFILE} -printf "%m")
|
||||||
|
fi
|
||||||
fi
|
fi
|
||||||
;;
|
;;
|
||||||
esac
|
esac
|
||||||
@ -1318,13 +1325,16 @@
|
|||||||
|
|
||||||
# Convert permissions to octal when needed
|
# Convert permissions to octal when needed
|
||||||
case ${DATA} in
|
case ${DATA} in
|
||||||
"r"|"w"|"x"|"-")
|
[-r][-w][-x][-r][-w][-x][-r][-w][-x] )
|
||||||
LogText "Converting value ${DATA} to octal"
|
LogText "Converting value ${DATA} to octal"
|
||||||
DATA=$(echo ${DATA} | ${AWKBINARY} '{k=0;for(i=0;i<=8;i++)k+=((substr($1,i+2,1)~/[rwx]/)*2^(8-i));if(k)printf("%0o",k)}')
|
# add a dummy character as first character so it looks like output is a normal file
|
||||||
if [ "${DATA}" = "0" ]; then DATA="000"; fi
|
DATA=$(echo "-${DATA}" | ${AWKBINARY} '{k=0;for(i=0;i<=8;i++)k+=((substr($1,i+2,1)~/[rwx]/)*2^(8-i));if(k)printf("%0o",k)}')
|
||||||
;;
|
;;
|
||||||
esac
|
esac
|
||||||
|
|
||||||
|
# Add leading zeros if necessary
|
||||||
|
DATA=$(echo "${DATA}" | ${AWKBINARY} '{printf "%03d",$1}')
|
||||||
|
|
||||||
if [ -n "${DATA}" ]; then
|
if [ -n "${DATA}" ]; then
|
||||||
if [ "${DATA}" = "${CHECK_PERMISSION}" ]; then
|
if [ "${DATA}" = "${CHECK_PERMISSION}" ]; then
|
||||||
LogText "Outcome: correct permissions (${DATA})"
|
LogText "Outcome: correct permissions (${DATA})"
|
||||||
|
Loading…
x
Reference in New Issue
Block a user