tyler.durden/lynis
1
0
Fork 0
mirror of https://github.com/CISOfy/lynis.git synced 2025-07-28 08:14:10 +02:00
Code Issues Packages Projects Releases Wiki Activity

[PKGS-7388] Readability improvements and initialization

Browse Source
This commit is contained in:
Michael Boelen 2016-07-30 16:40:44 +02:00
parent 0d45379132
commit cfdc8228fd
3 changed files with 26 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
include/consts
View File

@ -78,8 +78,11 @@ unset LANG
CUSTOM_URL_PROTOCOL="" CUSTOM_URL_PROTOCOL=""
DATABASE_ENGINE_RUNNING=0 DATABASE_ENGINE_RUNNING=0
DB2_RUNNING=0 DB2_RUNNING=0
DEBSECANBINARY=""
DEBSUMSBINARY=""
DEVELOPER_MODE=0 DEVELOPER_MODE=0
DISCOVERED_BINARIES="" DISCOVERED_BINARIES=""
DNFBINARY=""
DOCKER_DAEMON_RUNNING=0 DOCKER_DAEMON_RUNNING=0
ECHOCMD="" ECHOCMD=""
ERROR_ON_WARNINGS=0 ERROR_ON_WARNINGS=0
@ -103,6 +106,7 @@ unset LANG
LMDBINARY="" LMDBINARY=""
LMDFOUND=0 LMDFOUND=0
LOGFILE="" LOGFILE=""
LSVGBINARY=""
MACHINEID="" MACHINEID=""
MACHINE_ROLE="" MACHINE_ROLE=""
MALWARE_SCANNER_INSTALLED=0 MALWARE_SCANNER_INSTALLED=0
@ -132,10 +136,12 @@ unset LANG
NGINX_ROOT_FOUND=0 NGINX_ROOT_FOUND=0
NGINX_WEAK_SSL_PROTOCOL_FOUND=0 NGINX_WEAK_SSL_PROTOCOL_FOUND=0
NTPD_ROLE="" NTPD_ROLE=""
OPTION_DEBIAN_SKIP_SECURITY_REPOSITORY=0
ORACLE_RUNNING=0 ORACLE_RUNNING=0
OS=""; OS_MODE="" OS=""; OS_MODE=""
OS_REDHAT_OR_CLONE=0 OS_REDHAT_OR_CLONE=0
OSIRISBINARY="" OSIRISBINARY=""
PACMANBINARY=""
PASSWORD_MAXIMUM_DAYS=-1 PASSWORD_MAXIMUM_DAYS=-1
PASSWORD_MINIMUM_DAYS=-1 PASSWORD_MINIMUM_DAYS=-1
PAM_2F_AUTH_ENABLED=0 PAM_2F_AUTH_ENABLED=0
@ -157,7 +163,9 @@ unset LANG
PSBINARY="ps" PSBINARY="ps"
REDIS_RUNNING=0 REDIS_RUNNING=0
REMOTE_LOGGING_ENABLED=0 REMOTE_LOGGING_ENABLED=0
RESOLV_DOMAINNAME=""
RKHUNTERBINARY="" RKHUNTERBINARY=""
RPCINFOBINARY=""
RPMBINARY="" RPMBINARY=""
RUN_HELPERS=0 RUN_HELPERS=0
RUN_TESTS=1 RUN_TESTS=1
@ -170,6 +178,7 @@ unset LANG
SETTINGS_FILE="" SETTINGS_FILE=""
SET_STRICT=0 SET_STRICT=0
SHELL_IS_BUSYBOX=0 SHELL_IS_BUSYBOX=0
SHOWMOUNTBINARY=""
SHOW_PROGRAM_DETAILS=1 SHOW_PROGRAM_DETAILS=1
SHOW_REPORT=1 SHOW_REPORT=1
SHOW_TOOL_TIPS=1 # Show inline tool tips (default true) SHOW_TOOL_TIPS=1 # Show inline tool tips (default true)
@ -209,6 +218,8 @@ unset LANG
VERBOSE=0 VERBOSE=0
VMTYPE="" VMTYPE=""
VULNERABLE_PACKAGES_FOUND=0 VULNERABLE_PACKAGES_FOUND=0
YUMBINARY=""
ZYPPERBINARY=""
# #
################################################################################# #################################################################################
# #

3
include/profiles
View File

@ -102,7 +102,8 @@
# Do not check security repository in sources.list (Debian/Ubuntu) # Do not check security repository in sources.list (Debian/Ubuntu)
debian_skip_security_repository) debian_skip_security_repository)
OPTION_DEBIAN_SKIP_SECURITY_REPOSITORY="${VALUE}" FIND=$(echo "${VALUE}" | egrep "^(1|true|yes)") && OPTION_DEBIAN_SKIP_SECURITY_REPOSITORY=1
AddSetting "debian-skip-security-repository" "OPTION_DEBIAN_SKIP_SECURITY_REPOSITORY" "Skip checking for a security repository (Debian and others)"
;; ;;
debug) debug)
FIND=`echo "${VALUE}" | egrep "^(1|true|yes)"` && DEBUG=1 FIND=`echo "${VALUE}" | egrep "^(1|true|yes)"` && DEBUG=1

25
include/tests_ports_packages
View File

@ -843,44 +843,45 @@
Register --test-no PKGS-7388 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check security repository in Debian/ubuntu apt sources.list file" Register --test-no PKGS-7388 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check security repository in Debian/ubuntu apt sources.list file"
if [ $SKIPTEST -eq 0 ]; then if [ $SKIPTEST -eq 0 ]; then
FOUND=0 FOUND=0
if [ ! "${OPTION_DEBIAN_SKIP_SECURITY_REPOSITORY}" = "yes" ]; then if [ ${OPTION_DEBIAN_SKIP_SECURITY_REPOSITORY} -eq 0 ]; then
if [ -f /etc/apt/sources.list ]; then if [ -f /etc/apt/sources.list ]; then
LogText "Searching for security.debian.org/security.ubuntu.com or security repositories in /etc/apt/sources.list file" LogText "Searching for security.debian.org/security.ubuntu.com or security repositories in /etc/apt/sources.list file"
FIND=`egrep "security.debian.org|security.ubuntu.com|-security " /etc/apt/sources.list | grep -v '#' | sed 's/ /!space!/g'` FIND=$(egrep "security.debian.org|security.ubuntu.com|-security " /etc/apt/sources.list | grep -v '#' | sed 's/ /!space!/g')
if [ ! "${FIND}" = "" ]; then if [ ! "${FIND}" = "" ]; then
FOUND=1 FOUND=1
Display --indent 2 --text "- Checking security repository in sources.list file" --result "${STATUS_OK}" --color GREEN Display --indent 2 --text "- Checking security repository in sources.list file" --result "${STATUS_OK}" --color GREEN
LogText "Result: Found security repository in /etc/apt/sources.list" LogText "Result: Found security repository in /etc/apt/sources.list"
for I in ${FIND}; do for REPO in ${FIND}; do
I=`echo ${I} | sed 's/!space!/ /g'` REPO=$(echo ${REPO} | sed 's/!space!/ /g')
LogText "Output: ${I}" LogText "Output: ${REPO}"
done done
fi fi
fi fi
if [ -d /etc/apt/sources.list.d ]; then if [ -d /etc/apt/sources.list.d ]; then
LogText "Searching for security.debian.org/security.ubuntu.com or security repositories in /etc/apt/sources.list.d directory" LogText "Searching for security.debian.org/security.ubuntu.com or security repositories in /etc/apt/sources.list.d directory"
FIND=`egrep -r "security.debian.org|security.ubuntu.com|-security " /etc/apt/sources.list.d | grep -v '#' | sed 's/ /!space!/g'` FIND=$(egrep -r "security.debian.org|security.ubuntu.com|-security " /etc/apt/sources.list.d | grep -v '#' | sed 's/ /!space!/g')
if [ ! "${FIND}" = "" ]; then if [ ! -z "${FIND}" ]; then
FOUND=1 FOUND=1
Display --indent 2 --text "- Checking security repository in sources.list.d directory" --result "${STATUS_OK}" --color GREEN Display --indent 2 --text "- Checking security repository in sources.list.d directory" --result "${STATUS_OK}" --color GREEN
LogText "Result: Found security repository in one or more files in directory /etc/apt/sources.list.d" LogText "Result: Found security repository in one or more files in directory /etc/apt/sources.list.d"
for I in ${FIND}; do for REPO in ${FIND}; do
I=`echo ${I} | sed 's/!space!/ /g'` REPO=$(echo ${REPO} | sed 's/!space!/ /g')
LogText "Output: ${I}" LogText "Output: ${REPO}"
done done
fi fi
fi fi
if [ ${FOUND} -eq 1 ]; then if [ ${FOUND} -eq 1 ]; then
LogText "Result: security repository was found" LogText "Result: security repository was found"
AddHP 3 3 AddHP 3 3
else else
Display --indent 2 --text "- Checking security repository in sources.list file or directory" --result "${STATUS_WARNING}" --color RED Display --indent 2 --text "- Checking security repository in sources.list file or directory" --result "${STATUS_WARNING}" --color RED
ReportWarning ${TEST_NO} "M" "Can't find any security repository in /etc/apt/sources.list or sources.list.d directory" ReportWarning ${TEST_NO} "M" "Can't find any security repository in /etc/apt/sources.list or sources.list.d directory"
AddHP 0 3 AddHP 0 3
fi fi
else else
LogText "Skipped as option is set to ignore security repository" LogText "Skipped as option is set to ignore security repository"
fi fi
unset FIND FOUND REPO
fi fi
# #
################################################################################# #################################################################################