tyler.durden
/
lynis
mirror of https://github.com/CISOfy/lynis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Added FINT-4316

This commit is contained in:
Michael Boelen 2019-08-26 08:02:11 +02:00
parent 22a7f4fd6d
commit f89aa98408
No known key found for this signature in database
GPG Key ID: 26141F77A09D7F04
2 changed files with 33 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
db/tests.db
View File

@ -121,6 +121,7 @@ FILE-7524:test:security:file_permissions::Perform file permissions check:
FINT-4310:test:security:file_integrity::AFICK availability:
FINT-4314:test:security:file_integrity::AIDE availability:
FINT-4315:test:security:file_integrity::Check AIDE configuration file:
FINT-4316:test:security:file_integirty::Presence of AIDE database and size check:
FINT-4318:test:security:file_integrity::Osiris availability:
FINT-4322:test:security:file_integrity::Samhain availability:
FINT-4326:test:security:file_integrity::Tripwire availability:

32
include/tests_file_integrity
View File

@ -98,6 +98,38 @@
fi
#
#################################################################################
#
# Test : FINT-4316
# Description : Presence of AIDE database and size check
if [ -n "${AIDEBINARY}" -a -n "${AIDECONFIG}" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi
Register --test-no FINT-4316 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Presence of AIDE database and size check"
if [ ${SKIPTEST} -eq 0 ]; then
AIDE_DB=$(${GREPBINARY} ^database= ${AIDECONFIG} | ${SEDBINARY} "s/.*://")
if case ${AIDE_DB} in @@*) ;; *) false;; esac; then
I=$(${GREPBINARY} "@@define.*DBDIR" ${AIDECONFIG} | ${AWKBINARY} '{print $3}')
AIDE_DB=$(echo ${AIDE_DB} | ${SEDBINARY} "s#.*}#${I}#")
fi
LogText "Test: search for AIDE database on disk ${AIDE_DB}"
if [ ! -e "${AIDE_DB}" ]; then
Display --indent 6 --text "- AIDE database" --result "${STATUS_NOT_FOUND}" --color RED
LogText "Result: AIDE database ${AIDE_DB} does not exist"
ReportWarning "${TEST_NO}" "No AIDE database was found, needed for AIDE functionality"
else
LogText "Checking database size ${AIDE_DB}"
if [ -s "${AIDE_DB}" ]; then
Display --indent 6 --text "- AIDE database" --result "${STATUS_FOUND}" --color GREEN
LogText "Result: AIDE database ${AIDE_DB} exist and has a size greater than zero"
else
Display --indent 6 --text "- AIDE database" --result "${STATUS_WARNING}" --color YELLOW
LogText "Result: AIDE database ${AIDE_DB} exist but has a size of zero"
ReportSuggestion "${TEST_NO}" "Check the AIDE database as it may contain errors"
fi
fi
unset AIDE_DB I
fi
#
#################################################################################
#
# Test : FINT-4318
# Description : Check if Osiris is installed