New command 'lynis show details' to display test details

This commit is contained in:
Michael Boelen 2016-08-26 14:05:20 +02:00
parent 8de53d87be
commit fdf3ded89f
6 changed files with 26 additions and 7 deletions

View File

@ -106,6 +106,7 @@ unset LANG
LMDBINARY=""
LMDFOUND=0
LOGFILE=""
LOGTEXT=1
LSVGBINARY=""
MACHINEID=""
MACHINE_ROLE=""

View File

@ -1469,7 +1469,7 @@
################################################################################
LogText() {
if [ ! "${LOGFILE}" = "" ]; then CDATE=$(date "+%Y-%m-%d %H:%M:%S"); echo "${CDATE} $1" >> ${LOGFILE}; fi
if [ ! "${LOGFILE}" = "" -a ${LOGTEXT} -eq 1 ]; then CDATE=$(date "+%Y-%m-%d %H:%M:%S"); echo "${CDATE} $1" >> ${LOGFILE}; fi
}
@ -1480,7 +1480,7 @@
################################################################################
LogTextBreak() {
if [ ! "${LOGFILE}" = "" ]; then
if [ ! "${LOGFILE}" = "" -a ${LOGTEXT} -eq 1 ]; then
CDATE=$(date "+%Y-%m-%d %H:%M:%S")
echo "${CDATE} ===---------------------------------------------------------------===" >> ${LOGFILE}
fi

View File

@ -209,6 +209,18 @@ if [ $# -gt 0 ]; then
"dbdir")
${ECHOCMD} "${DBDIR}"
;;
"details")
if [ -z "${LOGFILE}" ]; then DisplayError "Could not find log file to parse"; fi
if [ $# -eq 1 ]; then
DisplayError "Provide a test ID"
else
shift
if [ $# -eq 1 ]; then
TESTID="$1"
awk -v search="Performing test ID $TESTID" '$0 ~ search {++f;p=1}p&&f==1;/===---/{p=0}' ${LOGFILE}
fi
fi
;;
"groups")
ViewGroups
;;

View File

@ -121,6 +121,7 @@
RUN_TESTS=0
RUN_UPDATE_CHECK=0
SKIP_PLUGINS=1
LOGTEXT=0
SHOW_TOOL_TIPS=0
SHOW_PROGRAM_DETAILS=0
shift; HELPER_PARAMS="$@"

View File

@ -165,9 +165,10 @@
if [ ! "${SWARNINGS}" = "" -o ! "${SSUGGESTIONS}" = "" ]; then
echo " ${CYAN}Follow-up${NORMAL}:"
echo " ${WHITE}----------------------------${NORMAL}"
echo " ${WHITE}-${NORMAL} Check the logfile for more details (less $LOGFILE)"
echo " ${WHITE}-${NORMAL} Show details of a test (lynis show details TEST-ID)"
echo " ${WHITE}-${NORMAL} Check the logfile for all details (less ${LOGFILE})"
echo " ${WHITE}-${NORMAL} Read security controls texts (https://cisofy.com)"
if [ ${UPLOAD_DATA} -eq 0 ]; then echo " ${WHITE}-${NORMAL} Use --upload to upload data (Lynis Enterprise users)"; fi
if [ ${UPLOAD_DATA} -eq 0 ]; then echo " ${WHITE}-${NORMAL} Use --upload to upload data to central system (Lynis Enterprise users)"; fi
echo ""
fi
echo "================================================================================"

10
lynis
View File

@ -228,8 +228,12 @@ Make sure to execute ${PROGRAM_NAME} from untarred directory or check your insta
if [ ${PRIVILEGED} -eq 0 ]; then
if [ "${LOGFILE}" = "" ]; then
# Try creating a log file in temporary directory
touch /tmp/lynis.log
if [ $? -eq 0 ]; then LOGFILE="/tmp/lynis.log"; else LOGFILE="/dev/null"; fi
if [ ! -f /tmp/lynis.log ]; then
touch /tmp/lynis.log
if [ $? -eq 0 ]; then LOGFILE="/tmp/lynis.log"; else LOGFILE="/dev/null"; fi
else
LOGFILE="/tmp/lynis.log"
fi
fi
if [ "${REPORTFILE}" = "" ]; then
touch /tmp/lynis-report.dat
@ -477,7 +481,7 @@ ${NORMAL}
#
# Clear log file and test if it's writable
CDATE=$(date "+%Y-%m-%d %H:%M:%S")
echo "${CDATE} Starting ${PROGRAM_NAME} ${PROGRAM_VERSION} with PID ${OURPID}, build date ${PROGRAM_RELEASE_DATE}" > ${LOGFILE}
if [ ${LOGTEXT} -eq 1 ]; then echo "${CDATE} Starting ${PROGRAM_NAME} ${PROGRAM_VERSION} with PID ${OURPID}, build date ${PROGRAM_RELEASE_DATE}" > ${LOGFILE}; fi
if [ $? -gt 0 ]; then
Display --indent 2 --text "- Clearing log file (${LOGFILE})... " --result WARNING --color RED
echo "${WARNING}Fatal error${NORMAL}: problem while writing to log file. Check location and permissions."