tyler.durden/lynis
1
0
Fork 0
mirror of https://github.com/CISOfy/lynis.git synced 2025-07-27 15:54:09 +02:00
Code Issues Packages Projects Releases Wiki Activity

[AUTH-9204] style changes and add data to report

Browse Source
This commit is contained in:
Michael Boelen 2016-08-25 15:18:44 +02:00
parent f591924115
commit dfb025a863
1 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
include/tests_authentication
View File

@ -40,14 +40,15 @@
if [ ${SKIPTEST} -eq 0 ]; then if [ ${SKIPTEST} -eq 0 ]; then
# Search accounts with UID 0 # Search accounts with UID 0
LogText "Test: Searching accounts with UID 0" LogText "Test: Searching accounts with UID 0"
FIND=`grep ':0:' /etc/passwd | egrep -v '^#|^root:|^(\+:\*)?:0:0:::' | cut -d ":" -f1,3 | grep ':0'` FIND=(${GREPBINARY} ':0:' /etc/passwd | egrep -v '^#|^root:|^(\+:\*)?:0:0:::' | cut -d ":" -f1,3 | grep ':0')
if [ ! "${FIND}" = "" ]; then if [ ! "${FIND}" = "" ]; then
Display --indent 2 --text "- Administrator accounts" --result "${STATUS_WARNING}" --color RED Display --indent 2 --text "- Administrator accounts" --result "${STATUS_WARNING}" --color RED
LogText "Result: Found more than one administrator accounts" LogText "Result: Found more than one administrator accounts"
ReportWarning "${TEST_NO}" "Multiple users with UID 0 found in passwd file" ReportWarning "${TEST_NO}" "Multiple users with UID 0 found in passwd file"
for I in ${FIND}; do for USER in ${FIND}; do
LogText "Administrator account: ${I}" LogText "Administrator account: ${USER}"
if [ "${I}" = "toor" ]; then Report "user_with_uid_zero[]=${USER}"
if [ "${USER}" = "toor" ]; then
LogText "BSD note: default there is a user 'toor' installed. This account is considered useless unless it" LogText "BSD note: default there is a user 'toor' installed. This account is considered useless unless it"
LogText "is assigned a password and used for daily operations or emergencies. ie: bad shell for root user." LogText "is assigned a password and used for daily operations or emergencies. ie: bad shell for root user."
ReportSuggestion ${TEST_NO} "Use vipw to delete the 'toor' user if not used." ReportSuggestion ${TEST_NO} "Use vipw to delete the 'toor' user if not used."