tyler.durden
/
lynis
mirror of https://github.com/CISOfy/lynis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Combine NetBSD and OpenBSD AUTH-9234 check 

Both NetBSD and OpenBSD have `useradd(8)`, so they can share logic
checking `/etc/usermgmt.conf` for the default user UID range.
This commit is contained in:
Brian Ginsbach 2020-03-21 16:16:34 -05:00
parent 044c78452b
commit f56c3b5f94
1 changed files with 2 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
include/tests_authentication
View File

@ -373,7 +373,7 @@
fi
;;
"NetBSD")
"NetBSD"|"OpenBSD")
if [ -f ${ROOTDIR}etc/usermgmt.conf ]; then
UID_RANGE=$(${GREPBINARY} "^range" ${ROOTDIR}etc/usermgmt.conf | ${AWKBINARY} '{ sub(/\.\./, "-", $2); print $2 }')
fi
@ -386,15 +386,10 @@
UID_MAX=60000
LogText "Result: no configured user id range specified; using default ${UID_MIN}-${UID_MAX}"
fi
LogText "NetBSD real users output (ID = 0, or ${UID_MIN}-${UID_MAX}, but not 32767):"
LogText "${OS} real users output (ID = 0, or ${UID_MIN}-${UID_MAX}, but not 32767):"
FIND=$(${AWKBINARY} -v UID_MIN="${UID_MIN}" -v UID_MAX="${UID_MAX}" -F: '($3 >= UID_MIN && $3 <= UID_MAX && $3 != 32767) || ($3 == 0) { print $1","$3 }' /etc/passwd)
;;
"OpenBSD")
LogText "OpenBSD real users output (ID = 0, or 1000-60000, but not 32767):"
FIND=$(${AWKBINARY} -F: '($3 >= 1000 && $3 <= 60000 && $3 != 32767) || ($3 == 0) { print $1","$3 }' /etc/passwd)
;;
"Solaris")
LogText "Solaris real users output (ID =0, or 100+, but not 60001/65534):"
FIND=$(${AWKBINARY} -F: '($3 >= 100 && $3 != 60001 && $3 != 65534) || ($3 == 0) { print $1","$3 }' /etc/passwd)