Command line option for slow test threshold

IMHO it should be OK to run long tests if we count with it. Example: lynis audit system --slow-warning 300 Will warn when test takes longer than 300 seconds, instead of default 10.
2020-07-02 22:47:13 +02:00 · 2020-07-02 22:47:13 +02:00 · f94817f66f
parent 1da058d6de
commit f94817f66f
5 changed files with 21 additions and 2 deletions
--- a/extras/bash_completion.d/lynis
+++ b/extras/bash_completion.d/lynis
@ -179,7 +179,7 @@ _lynis()
        *)
            COMPREPLY=( $( compgen -W ' \
                --auditor --cronjob --debug --quick --quiet --logfile --no-colors --no-log --pentest --reverse-colors \
-                --tests --tests-from-category --tests-from-group --upload --verbose' -- "$cur" ) )
+                --tests --tests-from-category --tests-from-group --upload --verbose --slow-warning' -- "$cur" ) )
            ;;
    esac

--- a/include/consts
+++ b/include/consts
@ -273,6 +273,7 @@ ETC_PATHS="/etc /usr/local/etc"
    SKIP_VM_DETECTION=0
    SKIPREASON=""
    SKIPPED_TESTS_ROOTONLY=""
+    SLOW_TEST_THRESHOLD=10
    SMTPCTLBINARY=""
    SNORTBINARY=""
    SSHKEYSCANBINARY=""
--- a/include/functions
+++ b/include/functions
@ -2586,7 +2586,7 @@
        CURRENT_TS=$(GetTimestamp)
        if [ ${PREVIOUS_TS} -gt 0 ]; then
            SLOW_TEST=0
-            TIME_THRESHOLD=10  # seconds
+            TIME_THRESHOLD=$SLOW_TEST_THRESHOLD  # seconds

            # Calculate timing and determine if we use seconds or nanoseconds (more precise)
            TIME_DIFF=$((CURRENT_TS - PREVIOUS_TS))
--- a/include/parameters
+++ b/include/parameters
@ -423,6 +423,23 @@
                QUIET=1
            ;;

+            # Warning when test is slow
+            --slow-warning)
+                if [ $# -gt 1 ]; then
+                    shift
+
+                    if [ "$1" -gt 0 ] 2>/dev/null; then
+                        SLOW_TEST_THRESHOLD="$1"
+                    else
+                        echo "Argument has to be number."
+                        exit 1
+                    fi
+                else
+                    echo "Specify threshold as number of seconds above which should Lynis warn about long test."
+                    exit 1
+                fi
+            ;;
+
            --tests-category | --tests-categories | --view-categories | --list-categories | --show-categories)
                echo "Error: Deprecated option ($1)"
                exit 1
--- a/1
+++ b/1
@ -453,6 +453,7 @@ ${YELLOW}Note: ${WHITE}Cancelling the program can leave temporary files behind${
    ${GRAY}--verbose${NORMAL}                         : Show more details on screen
    ${GRAY}--version (-V)${NORMAL}                    : Display version number and quit
    ${GRAY}--wait${NORMAL}                            : Wait between a set of tests
+    ${GRAY}--slow-warning ${BROWN}<seconds>${NORMAL}  : Threshold for slow test warning in seconds (default 10)

    ${WHITE}Enterprise options${NORMAL}
    ${GRAY}--plugindir ${BROWN}<path>${NORMAL}                : Define path of available plugins