mirror of https://github.com/CISOfy/lynis.git
New command 'lynis show details' to display test details
This commit is contained in:
Michael Boelen
parent
8de53d87be
commit
fdf3ded89f
|
|
@ -106,6 +106,7 @@ unset LANG
|
||||||
LMDBINARY=""
|
LMDBINARY=""
|
||||||
LMDFOUND=0
|
LMDFOUND=0
|
||||||
LOGFILE=""
|
LOGFILE=""
|
||||||
|
LOGTEXT=1
|
||||||
LSVGBINARY=""
|
LSVGBINARY=""
|
||||||
MACHINEID=""
|
MACHINEID=""
|
||||||
MACHINE_ROLE=""
|
MACHINE_ROLE=""
|
||||||
|
|
|
||||||
|
|
@ -1469,7 +1469,7 @@
|
||||||
################################################################################
|
################################################################################
|
||||||
|
|
||||||
LogText() {
|
LogText() {
|
||||||
if [ ! "${LOGFILE}" = "" ]; then CDATE=$(date "+%Y-%m-%d %H:%M:%S"); echo "${CDATE} $1" >> ${LOGFILE}; fi
|
if [ ! "${LOGFILE}" = "" -a ${LOGTEXT} -eq 1 ]; then CDATE=$(date "+%Y-%m-%d %H:%M:%S"); echo "${CDATE} $1" >> ${LOGFILE}; fi
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
@ -1480,7 +1480,7 @@
|
||||||
################################################################################
|
################################################################################
|
||||||
|
|
||||||
LogTextBreak() {
|
LogTextBreak() {
|
||||||
if [ ! "${LOGFILE}" = "" ]; then
|
if [ ! "${LOGFILE}" = "" -a ${LOGTEXT} -eq 1 ]; then
|
||||||
CDATE=$(date "+%Y-%m-%d %H:%M:%S")
|
CDATE=$(date "+%Y-%m-%d %H:%M:%S")
|
||||||
echo "${CDATE} ===---------------------------------------------------------------===" >> ${LOGFILE}
|
echo "${CDATE} ===---------------------------------------------------------------===" >> ${LOGFILE}
|
||||||
fi
|
fi
|
||||||
|
|
|
||||||
|
|
@ -209,6 +209,18 @@ if [ $# -gt 0 ]; then
|
||||||
"dbdir")
|
"dbdir")
|
||||||
${ECHOCMD} "${DBDIR}"
|
${ECHOCMD} "${DBDIR}"
|
||||||
;;
|
;;
|
||||||
|
"details")
|
||||||
|
if [ -z "${LOGFILE}" ]; then DisplayError "Could not find log file to parse"; fi
|
||||||
|
if [ $# -eq 1 ]; then
|
||||||
|
DisplayError "Provide a test ID"
|
||||||
|
else
|
||||||
|
shift
|
||||||
|
if [ $# -eq 1 ]; then
|
||||||
|
TESTID="$1"
|
||||||
|
awk -v search="Performing test ID $TESTID" '$0 ~ search {++f;p=1}p&&f==1;/===---/{p=0}' ${LOGFILE}
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
;;
|
||||||
"groups")
|
"groups")
|
||||||
ViewGroups
|
ViewGroups
|
||||||
;;
|
;;
|
||||||
|
|
|
||||||
|
|
@ -121,6 +121,7 @@
|
||||||
RUN_TESTS=0
|
RUN_TESTS=0
|
||||||
RUN_UPDATE_CHECK=0
|
RUN_UPDATE_CHECK=0
|
||||||
SKIP_PLUGINS=1
|
SKIP_PLUGINS=1
|
||||||
|
LOGTEXT=0
|
||||||
SHOW_TOOL_TIPS=0
|
SHOW_TOOL_TIPS=0
|
||||||
SHOW_PROGRAM_DETAILS=0
|
SHOW_PROGRAM_DETAILS=0
|
||||||
shift; HELPER_PARAMS="$@"
|
shift; HELPER_PARAMS="$@"
|
||||||
|
|
|
||||||
|
|
@ -165,9 +165,10 @@
|
||||||
if [ ! "${SWARNINGS}" = "" -o ! "${SSUGGESTIONS}" = "" ]; then
|
if [ ! "${SWARNINGS}" = "" -o ! "${SSUGGESTIONS}" = "" ]; then
|
||||||
echo " ${CYAN}Follow-up${NORMAL}:"
|
echo " ${CYAN}Follow-up${NORMAL}:"
|
||||||
echo " ${WHITE}----------------------------${NORMAL}"
|
echo " ${WHITE}----------------------------${NORMAL}"
|
||||||
echo " ${WHITE}-${NORMAL} Check the logfile for more details (less $LOGFILE)"
|
echo " ${WHITE}-${NORMAL} Show details of a test (lynis show details TEST-ID)"
|
||||||
|
echo " ${WHITE}-${NORMAL} Check the logfile for all details (less ${LOGFILE})"
|
||||||
echo " ${WHITE}-${NORMAL} Read security controls texts (https://cisofy.com)"
|
echo " ${WHITE}-${NORMAL} Read security controls texts (https://cisofy.com)"
|
||||||
if [ ${UPLOAD_DATA} -eq 0 ]; then echo " ${WHITE}-${NORMAL} Use --upload to upload data (Lynis Enterprise users)"; fi
|
if [ ${UPLOAD_DATA} -eq 0 ]; then echo " ${WHITE}-${NORMAL} Use --upload to upload data to central system (Lynis Enterprise users)"; fi
|
||||||
echo ""
|
echo ""
|
||||||
fi
|
fi
|
||||||
echo "================================================================================"
|
echo "================================================================================"
|
||||||
|
|
|
||||||
10
lynis
10
lynis
|
|
@ -228,8 +228,12 @@ Make sure to execute ${PROGRAM_NAME} from untarred directory or check your insta
|
||||||
if [ ${PRIVILEGED} -eq 0 ]; then
|
if [ ${PRIVILEGED} -eq 0 ]; then
|
||||||
if [ "${LOGFILE}" = "" ]; then
|
if [ "${LOGFILE}" = "" ]; then
|
||||||
# Try creating a log file in temporary directory
|
# Try creating a log file in temporary directory
|
||||||
touch /tmp/lynis.log
|
if [ ! -f /tmp/lynis.log ]; then
|
||||||
if [ $? -eq 0 ]; then LOGFILE="/tmp/lynis.log"; else LOGFILE="/dev/null"; fi
|
touch /tmp/lynis.log
|
||||||
|
if [ $? -eq 0 ]; then LOGFILE="/tmp/lynis.log"; else LOGFILE="/dev/null"; fi
|
||||||
|
else
|
||||||
|
LOGFILE="/tmp/lynis.log"
|
||||||
|
fi
|
||||||
fi
|
fi
|
||||||
if [ "${REPORTFILE}" = "" ]; then
|
if [ "${REPORTFILE}" = "" ]; then
|
||||||
touch /tmp/lynis-report.dat
|
touch /tmp/lynis-report.dat
|
||||||
|
|
@ -477,7 +481,7 @@ ${NORMAL}
|
||||||
#
|
#
|
||||||
# Clear log file and test if it's writable
|
# Clear log file and test if it's writable
|
||||||
CDATE=$(date "+%Y-%m-%d %H:%M:%S")
|
CDATE=$(date "+%Y-%m-%d %H:%M:%S")
|
||||||
echo "${CDATE} Starting ${PROGRAM_NAME} ${PROGRAM_VERSION} with PID ${OURPID}, build date ${PROGRAM_RELEASE_DATE}" > ${LOGFILE}
|
if [ ${LOGTEXT} -eq 1 ]; then echo "${CDATE} Starting ${PROGRAM_NAME} ${PROGRAM_VERSION} with PID ${OURPID}, build date ${PROGRAM_RELEASE_DATE}" > ${LOGFILE}; fi
|
||||||
if [ $? -gt 0 ]; then
|
if [ $? -gt 0 ]; then
|
||||||
Display --indent 2 --text "- Clearing log file (${LOGFILE})... " --result WARNING --color RED
|
Display --indent 2 --text "- Clearing log file (${LOGFILE})... " --result WARNING --color RED
|
||||||
echo "${WARNING}Fatal error${NORMAL}: problem while writing to log file. Check location and permissions."
|
echo "${WARNING}Fatal error${NORMAL}: problem while writing to log file. Check location and permissions."
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue