tyler.durden/lynis
1
0
Fork 0
mirror of https://github.com/CISOfy/lynis.git synced 2025-07-15 09:54:30 +02:00
Code Issues Packages Projects Releases Wiki Activity

enhance nginx config detection to correctly include confs via relative path and wildcards

Browse Source
This commit is contained in:
Kristian Schuster 2019-09-18 20:47:09 +02:00
parent 6cf0b28f2c
commit ccb8b2b615
No known key found for this signature in database
GPG Key ID: 41D9CF63A7E6A4EB
1 changed files with 24 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
include/functions
View File

@ -2249,6 +2249,30 @@
if [ "${CONF}" = "${VALUE}" ]; then FOUND=1; LogText "Found this file already in our configuration files array (additions), not adding to queue"; fi if [ "${CONF}" = "${VALUE}" ]; then FOUND=1; LogText "Found this file already in our configuration files array (additions), not adding to queue"; fi
done done
if [ ${FOUND} -eq 0 ]; then NGINX_CONF_FILES_ADDITIONS="${NGINX_CONF_FILES_ADDITIONS} ${VALUE}"; fi if [ ${FOUND} -eq 0 ]; then NGINX_CONF_FILES_ADDITIONS="${NGINX_CONF_FILES_ADDITIONS} ${VALUE}"; fi
# Check if include value is a relative path only
elif [ -f "${CONFIG_FILE%nginx.conf}${VALUE%;*}" ]; then
VALUE="${CONFIG_FILE%nginx.conf}${VALUE}"
FOUND=0
for CONF in ${NGINX_CONF_FILES}; do
if [ "${CONF}" = "${VALUE}" ]; then FOUND=1; LogText "Found this file already in our configuration files array, not adding to queue"; fi
done
for CONF in ${NGINX_CONF_FILES_ADDITIONS}; do
if [ "${CONF}" = "${VALUE}" ]; then FOUND=1; LogText "Found this file already in our configuration files array (additions), not adding to queue"; fi
done
if [ ${FOUND} -eq 0 ]; then NGINX_CONF_FILES_ADDITIONS="${NGINX_CONF_FILES_ADDITIONS} ${VALUE}"; fi
# Check for additional config files included as follows
# "include sites-enabled/*.conf"
elif [ $(echo ${VALUE} | grep -F -c "*.conf") -gt 0 ]; then
for FOUND_CONF in $(ls ${CONFIG_FILE%nginx.conf}${VALUE%;*}); do
FOUND=0
for CONF in ${NGINX_CONF_FILES}; do
if [ "${CONF}" = "${FOUND_CONF}" ]; then FOUND=1; LogText "Found this file already in our configuration files array, not adding to queue"; fi
done
for CONF in ${NGINX_CONF_FILES_ADDITIONS}; do
if [ "${CONF}" = "${FOUND_CONF}" ]; then FOUND=1; LogText "Found this file already in our configuration files array (additions), not adding to queue"; fi
done
if [ ${FOUND} -eq 0 ]; then NGINX_CONF_FILES_ADDITIONS="${NGINX_CONF_FILES_ADDITIONS} ${FOUND_CONF}"; fi
done
else else
LogText "Result: this include does not point to a file" LogText "Result: this include does not point to a file"
fi fi