#!/bin/sh

#################################################################################
#
#   Lynis
# ------------------
#
# Copyright 2007-2015, Michael Boelen (michael.boelen@cisofy.com)
# Web site: https://cisofy.com
#
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
# welcome to redistribute it under the terms of the GNU General Public License.
# See LICENSE file for usage of this software.
#
#################################################################################
#
# Parameter checks
#
#################################################################################
#

    # Check number of parameters submitted (at least one is needed)
    PARAMCOUNT=$#
    while [ $# -ge 1 ]; do
        case $1 in
            # Helpers first
            audit)
                CHECK_BINARIES=0
                RUN_HELPERS=1
                HELPER="audit"
                RUN_PLUGINS=0
                RUN_TESTS=0
                if [ ! $2 = "" ]; then
                    case $2 in
                        "dockerfile")
                            if [ "$3" = "" ]; then
                                Display --text "${RED}Error: ${WHITE}Missing file name or URL${NORMAL}"
                                Display --text "Example: lynis audit dockerfile /root/Dockerfile"
                                ExitFatal
                              else
                                shift; shift
                                HELPER_PARAMS="$1 $2 $3"
                                HELPER="audit_dockerfile"
                                break
                            fi
                        ;;
                        "system")
                            CHECK_BINARIES=1
                            HELPER=""
                            RUN_PLUGINS=1
                            RUN_TESTS=1
                            shift
                            #break
                        ;;
                    esac
                  else
                    Display --text "${RED}Error: ${WHITE}Need a target to audit${NORMAL}"
                    Display --text " "
                    Display --text "Examples:"
                    Display --text "lynis audit dockerfile"
                    Display --text "lynis audit system"
                    ExitFatal
                fi
                #break
            ;;

            # Helpers first
            update)
                CHECK_BINARIES=0
                RUN_HELPERS=1
                HELPER="update"
                RUN_PLUGINS=0
                RUN_TESTS=0
                SHOW_PROGRAM_DETAILS=0
                if [ ! $2 = "" ]; then
                    shift
                    HELPER_PARAMS="$1 $2"
                    break
                  else
                    Display --text "${RED}Error: ${WHITE}Need a target for update${NORMAL}"
                    Display --text " "
                    Display --text "Examples:"
                    Display --text "lynis update info"
                    Display --text "lynis update release"
                    ExitFatal
                fi
            ;;

          # Assign auditor to report
          --auditor)
             shift
             AUDITORNAME=$1
          ;;

          # Perform tests
          -c | --check-all | --checkall)
             CHECK=1
          ;;

          # Cronjob support
          --cronjob | --cron)
             CRONJOB=1;
             # Use some defaults (-c, -Q, no colors)
             CHECK=1; QUICKMODE=1; NEVERBREAK=1
             # Get rid of the colors
             NORMAL=""; WARNING=""; SECTION=""; NOTICE=""; OK=""; BAD=""; CYAN=""; MAGENTA=""; PURPLE=""; YELLOW=""; WHITE=""; GREEN=""; RED=""
          ;;

          # Perform tests with additional debugging information on screen
          --debug)
              DEBUG=1
          ;;

          --dump-options | --dumpoptions)
              OPTIONS="--auditor --check-all_(-c) --cronjob --debug --help --info --license-key --log-file --manpage --no-colors --no-log --pentest --profile --plugins-dir --quiet --quick --report-file --reverse-colors --tests --tests-category --upload --version --view-categories"
              for I in ${OPTIONS}; do
                  echo "${I}"
              done
              ExitClean
          ;;
          # View help
          --help | -h)
              VIEWHELP=1
          ;;

          # View program/database information
          --check-update | --check-updates | --info)
              echo "This option is deprecated"
              echo "Use: lynis update info"
              ExitClean
          ;;

          # License key for Lynis Enterprise
          --license-key)
             shift
             LICENSE_KEY=$1
          ;;

          # Adjust default logfile location
          --logfile | --log-file)
             shift
             LOGFILE=$1
          ;;

          # Don't use colors
          --no-colors | --nocolors)
              NORMAL=""; WARNING=""; SECTION=""; NOTICE=""; OK=""; BAD=""; CYAN=""; MAGENTA=""; PURPLE=""; YELLOW=""; WHITE=""; GREEN=""; RED=""
          ;;

          # Disable logging
          --no-log | --nolog)
             LOGFILE="/dev/null"
          ;;

          --pentest | --pen-test)
             PENTESTINGMODE=1
          ;;

          # Define a custom profile file
          --profile)
             shift
             PROFILE=$1
          ;;

          # Define a custom plugin directory
          --plugin-dir | --plugins-dir)
             shift
             PLUGINDIR=$1
             LASTCHAR=`echo $1 | awk '{ print substr($0, length($0))}'`
             if [ "${LASTCHAR}" = "/" ]; then
                 echo "${RED}Error:${WHITE} plugin directory path should not end with a slash${NORMAL}"
                 ExitFatal
             fi
             if [ ! -d ${PLUGINDIR} ]; then
                 echo "${RED}Error:${WHITE} invalid plugin directory ${PLUGINDIR}${NORMAL}"
                 ExitFatal
             fi
          ;;

          # Quiet mode
          -q | --quiet)
             QUIET=1
             # Run non-interactive
             QUICKMODE=1
          ;;

          # Non-interactive mode
          -Q | --quick)
             QUICKMODE=1
          ;;

          --report-file)
              shift
              REPORTFILE=$1
          ;;

          # Strip the colors which aren't clearly visible on light backgrounds
          --reverse-colors)
              #NORMAL="";
              SECTION="${NORMAL}";
              NOTICE="${NORMAL}";
              #OK="";
              #BAD="";
              CYAN="${NORMAL}";
              GREEN="${NORMAL}";
              YELLOW="${NORMAL}";
              WHITE="${NORMAL}";
              PURPLE="${NORMAL}";
              #GREEN="";
              #RED=""
          ;;

          # Only scan these tests
          --tests)
              shift
              TESTS_TO_PERFORM=$1
          ;;

          # Scan one or more categories only
          --tests-category)
              shift
              TESTS_CATEGORY_TO_PERFORM=$1
          ;;

          # Lynis Enterprise: upload data to central node
          --upload)
              UPLOAD_DATA=1
          ;;

          # Version number
          -V | --version)
             echo "${PROGRAM_version}"
             exit 0
          ;;

          --view-categories | --list-categories | --show-categories)
             ViewCategories
             exit 0
          ;;

          # View man page
          --view-manpage | --man | --manpage)
             if [ -f lynis.8 ]; then
                 nroff -man lynis.8
                 exit 0
               else
                 echo "Error: man page file not found (lynis.8)"
                 echo "If you are running an installed version of Lynis, use 'man lynis'"
                 exit 1
             fi
          ;;

          # Drop out when using wrong option(s)
          *)
              # Wrong option used, we bail out later
              WRONGOPTION=1
              WRONGOPTION_value=$1
          ;;

        esac
        shift

    done

#================================================================================
# Lynis - Copyright 2007-2015, Michael Boelen, CISOfy - https://cisofy.com