#!/bin/sh ################################################################################# # # Lynis # ------------------ # # Copyright 2007-2013, Michael Boelen # Copyright 2013-2016, CISOfy # # Website : https://cisofy.com # Blog : http://linux-audit.com # GitHub : https://github.com/CISOfy/lynis # # Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are # welcome to redistribute it under the terms of the GNU General Public License. # See LICENSE file for usage of this software. # ################################################################################# # # Databases # ################################################################################# # # Paths to DATADIR sMYSQLDBPATHS="/var/lib/mysql" # Paths to my.cnf sMYCNFLOCS="/etc/mysql/my.cnf /usr/etc/my.cnf" # ################################################################################# # InsertSection "Databases" # Test : DBS-1804 # Description : Check if MySQL is being used Register --test-no DBS-1804 --weight L --network NO --description "Checking active MySQL process" if [ ${SKIPTEST} -eq 0 ]; then FIND=`${PSBINARY} ax | egrep "mysqld|mysqld_safe" | grep -v "grep"` if [ "${FIND}" = "" ]; then if [ ${DEBUG} -eq 1 ]; then Display --indent 2 --text "- MySQL process status" --result "NOT FOUND" --color WHITE --debug; fi LogText "Result: MySQL process not active" else Display --indent 2 --text "- MySQL process status" --result "FOUND" --color GREEN LogText "Result: MySQL is active" MYSQL_RUNNING=1 Report "mysql_running=${MYSQL_RUNNING}" fi fi # ################################################################################# # # Test : DBS-1808 # Description : Check MySQL data directory #Register --test-no DBS-1808 --weight L --network NO --description "Checking MySQL data directory" #if [ ${SKIPTEST} -eq 0 ]; then #fi # ################################################################################# # # Test : DBS-1812 # Description : Check data directory permissions #Register --test-no DBS-1812 --weight L --network NO --description "Checking MySQL data directory permissions" #if [ ${SKIPTEST} -eq 0 ]; then #fi # ################################################################################# # # Test : DBS-1816 # Description : Check empty MySQL root password # Notes : Only perform test when MySQL is running and client is available if [ ! "${MYSQLCLIENTBINARY}" = "" -a ${MYSQL_RUNNING} -eq 1 ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi Register --test-no DBS-1816 --preqs-met ${PREQS_MET} --weight L --network NO --description "Checking MySQL root password" if [ ${SKIPTEST} -eq 0 ]; then LogText "Test: Trying to login to local MySQL server without password" FIND=`${MYSQLCLIENTBINARY} -u root --password= --silent --batch --execute="" 2> /dev/null; echo $?` if [ "${FIND}" = "0" ]; then LogText "Result: Login succeeded, no MySQL root password set!" ReportWarning ${TEST_NO} "H" "No MySQL root password set" Display --indent 4 --text "- Checking empty MySQL root password" --result WARNING --color RED AddHP 0 5 else LogText "Result: Login did not succeed, so a MySQL root password is set" Display --indent 4 --text "- Checking MySQL root password" --result OK --color GREEN AddHP 2 2 fi else LogText "Test skipped, MySQL daemon not running or no MySQL client available" fi # ################################################################################# # # Test : DBS-1826 # Description : Check if PostgreSQL is being used Register --test-no DBS-1826 --weight L --network NO --description "Checking active PostgreSQL processes" if [ ${SKIPTEST} -eq 0 ]; then if IsRunning "postgres:"; then Display --indent 2 --text "- PostgreSQL processes status" --result "FOUND" --color GREEN LogText "Result: PostgreSQL is active" POSTGRESQL_RUNNING=1 Report "postgresql_running=${POSTGRESQL_RUNNING}" else if [ ${DEBUG} -eq 1 ]; then Display --indent 2 --text "- PostgreSQL processes status" --result "NOT FOUND" --color WHITE --debug; fi LogText "Result: PostgreSQL process not active" fi fi # ################################################################################# # # Test : DBS-1840 # Description : Check if Oracle is being used # Notes : tnslsnr: Oracle listener # pmon: process monitor # smon: system monitor # dbwr: database writer # lgwr: log writer # arch: archiver (optional) # ckpt: checkpoint (optional) # reco: recovery (optional) Register --test-no DBS-1840 --weight L --network NO --description "Checking active Oracle processes" if [ ${SKIPTEST} -eq 0 ]; then FIND=`${PSBINARY} ax | egrep "ora_pmon|ora_smon|tnslsnr" | grep -v "grep"` if [ "${FIND}" = "" ]; then if [ ${DEBUG} -eq 1 ]; then Display --indent 2 --text "- Oracle processes status" --result "NOT FOUND" --color WHITE --debug; fi LogText "Result: Oracle process(es) not active" else Display --indent 2 --text "- Oracle processes status" --result "FOUND" --color GREEN LogText "Result: Oracle is active" ORACLE_RUNNING=1 Report "oracle_running=${ORACLE_RUNNING}" fi fi # ################################################################################# # # Test : DBS-1842 # Description : Check Oracle home paths from oratab #Register --test-no DBS-1842 --weight L --network NO --description "Checking Oracle home paths" #if [ ${SKIPTEST} -eq 0 ]; then # if [ -f /etc/oratab ]; then # FIND=`grep -v "#" /etc/oratab | awk -F: "{ print $2 }"` # fi #fi # ################################################################################# # # Test : DBS-1860 # Description : Checks if a DB2 instance is currently runnigng Register --test-no DBS-1860 --weight L --network NO --description "Checking active DB2 instances" if [ ${SKIPTEST} -eq 0 ]; then if IsRunning db2sysc; then Display --indent 2 --text "- DB2 instance running" --result "FOUND" --color GREEN LogText "Result: At least one DB2 instance is running" DB2_RUNNING=1 Report "db2_running=${DB2_RUNNING}" else if [ ${DEBUG} -eq 1 ]; then Display --indent 2 --text "- DB2 instance running" --result "NOT FOUND" --color WHITE --debug; fi LogText "Result: No DB2 instances are running" fi fi # ################################################################################# # wait_for_keypress # #================================================================================ # Lynis - Security Auditing and System Hardening for Linux and UNIX - https://cisofy.com