mirror of https://github.com/CISOfy/lynis.git
836 lines
38 KiB
Bash
836 lines
38 KiB
Bash
#!/bin/sh
|
|
|
|
#################################################################################
|
|
#
|
|
# Lynis
|
|
# ------------------
|
|
#
|
|
# Copyright 2007-2013, Michael Boelen
|
|
# Copyright 2007-2021, CISOfy
|
|
#
|
|
# Website : https://cisofy.com
|
|
# Blog : http://linux-audit.com
|
|
# GitHub : https://github.com/CISOfy/lynis
|
|
#
|
|
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
|
|
# welcome to redistribute it under the terms of the GNU General Public License.
|
|
# See LICENSE file for usage of this software.
|
|
#
|
|
#################################################################################
|
|
#
|
|
# Operating System detection
|
|
#
|
|
#################################################################################
|
|
#
|
|
# Check operating system
|
|
case $(uname) in
|
|
|
|
# IBM AIX
|
|
AIX)
|
|
OS="AIX"
|
|
OS_NAME="AIX"
|
|
OS_VERSION=$(oslevel)
|
|
OS_FULLNAME="AIX ${OS_VERSION}"
|
|
CPU=$(uname -p)
|
|
HARDWARE=$(uname -M)
|
|
FIND_BINARIES="whereis -b"
|
|
SYSCTL_READKEY=""
|
|
;;
|
|
|
|
# Mac OS X and macOS
|
|
Darwin)
|
|
OS="macOS"
|
|
if [ -x /usr/bin/sw_vers ]; then
|
|
OS_NAME=$(/usr/bin/sw_vers -productName)
|
|
OS_VERSION=$(/usr/bin/sw_vers -productVersion)
|
|
OS_VERSION_NAME="unknown"
|
|
OS_FULLNAME="macOS (unknown version)"
|
|
case ${OS_VERSION} in
|
|
10.0 | 10.0.[0-9]*) OS_FULLNAME="Mac OS X 10.0 (Cheetah)" ;;
|
|
10.1 | 10.1.[0-9]*) OS_FULLNAME="Mac OS X 10.1 (Puma)" ;;
|
|
10.2 | 10.2.[0-9]*) OS_FULLNAME="Mac OS X 10.2 (Jaguar)" ;;
|
|
10.3 | 10.3.[0-9]*) OS_FULLNAME="Mac OS X 10.3 (Panther)" ;;
|
|
10.4 | 10.4.[0-9]*) OS_FULLNAME="Mac OS X 10.4 (Tiger)" ;;
|
|
10.5 | 10.5.[0-9]*) OS_FULLNAME="Mac OS X 10.5 (Leopard)" ;;
|
|
10.6 | 10.6.[0-9]*) OS_FULLNAME="Mac OS X 10.6 (Snow Leopard)" ;;
|
|
10.7 | 10.7.[0-9]*) OS_FULLNAME="Mac OS X 10.7 (Lion)" ;;
|
|
10.8 | 10.8.[0-9]*) OS_FULLNAME="Mac OS X 10.8 (Mountain Lion)" ;;
|
|
10.9 | 10.9.[0-9]*) OS_FULLNAME="Mac OS X 10.9 (Mavericks)" ;;
|
|
10.10 | 10.10.[0-9]*) OS_FULLNAME="Mac OS X 10.10 (Yosemite)" ;;
|
|
10.11 | 10.11.[0-9]*) OS_FULLNAME="Mac OS X 10.11 (El Capitan)" ;;
|
|
10.12 | 10.12.[0-9]*) OS_FULLNAME="macOS Sierra (${OS_VERSION})" ;;
|
|
10.13 | 10.13.[0-9]*) OS_FULLNAME="macOS High Sierra (${OS_VERSION})" ;;
|
|
10.14 | 10.14.[0-9]*) OS_FULLNAME="macOS Mojave (${OS_VERSION})" ;;
|
|
10.15 | 10.15.[0-9]*) OS_FULLNAME="macOS Catalina (${OS_VERSION})" ;;
|
|
11 | 11.[0-9]*) OS_FULLNAME="macOS Big Sur (${OS_VERSION})" ;;
|
|
12 | 12.[0-9]*) OS_FULLNAME="macOS Monterey (${OS_VERSION})" ;;
|
|
*) echo "Unknown macOS version. Do you know what version it is? Create an issue at ${PROGRAM_SOURCE}" ;;
|
|
esac
|
|
else
|
|
# Fall back to a fairly safe name
|
|
OS_NAME="macOS"
|
|
# uname -s -r shows Darwin 16.1.0
|
|
OS_FULLNAME=$(uname -s -r)
|
|
# shows 16.1.0 for Darwin's version, not macOS's
|
|
OS_VERSION=$(uname -r)
|
|
fi
|
|
HARDWARE=$(uname -m)
|
|
HOMEDIRS="/Users"
|
|
FIND_BINARIES="whereis"
|
|
OS_KERNELVERSION=$(uname -r)
|
|
SYSCTL_READKEY=""
|
|
;;
|
|
|
|
# DragonFly BSD
|
|
DragonFly)
|
|
OS="DragonFly"
|
|
OS_NAME="DragonFly BSD"
|
|
OS_FULLNAME=$(uname -s -r)
|
|
OS_VERSION=$(uname -r)
|
|
HARDWARE=$(uname -m)
|
|
HOMEDIRS="/home /root"
|
|
FIND_BINARIES="whereis -q -a -b"
|
|
OS_KERNELVERSION=$(uname -i)
|
|
SYSCTL_READKEY="sysctl -n"
|
|
;;
|
|
|
|
# FreeBSD
|
|
FreeBSD)
|
|
OS="FreeBSD"
|
|
OS_NAME="FreeBSD"
|
|
OS_FULLNAME=$(uname -s -r)
|
|
OS_VERSION=$(uname -r)
|
|
HARDWARE=$(uname -m)
|
|
HOMEDIRS="/home /root"
|
|
FIND_BINARIES="whereis -q -a -b"
|
|
OS_KERNELVERSION=$(uname -i)
|
|
SYSCTL_READKEY="sysctl -n"
|
|
|
|
# TrueOS
|
|
if [ -f /etc/defaults/trueos ]; then
|
|
OS_NAME="TrueOS"
|
|
LogText "Result: found TrueOS file, system is completely based on FreeBSD though. Only adjusting OS name."
|
|
fi
|
|
;;
|
|
|
|
# HP-UX
|
|
HP-UX)
|
|
OS="HP-UX"
|
|
OS_NAME="HP-UX"
|
|
OS_FULLNAME=$(uname -s -r)
|
|
OS_VERSION=$(uname -r)
|
|
HARDWARE=$(uname -m)
|
|
FIND_BINARIES="whereis -b"
|
|
SYSCTL_READKEY=""
|
|
LOGDIR="/var/adm/syslog"
|
|
;;
|
|
|
|
# Linux
|
|
Linux)
|
|
OS="Linux"
|
|
OS_NAME="Linux"
|
|
OS_FULLNAME=""
|
|
OS_VERSION=$(uname -r)
|
|
LINUX_VERSION=""
|
|
HARDWARE=$(uname -m)
|
|
HOMEDIRS="/home"
|
|
FIND_BINARIES="whereis -b"
|
|
OS_KERNELVERSION_FULL=$(uname -r)
|
|
OS_KERNELVERSION=$(echo ${OS_KERNELVERSION_FULL} | sed 's/-.*//')
|
|
if [ -e /dev/grsec ]; then GRSEC_FOUND=1; fi
|
|
|
|
# Generic
|
|
if [ -e /etc/os-release ]; then
|
|
OS_FULLNAME=$(awk -F= '/^PRETTY_NAME=/ {print substr($2,2,length($2)-2)}' /etc/os-release)
|
|
OS_ID=$(grep "^ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
if [ -n "${OS_ID}" ]; then
|
|
case ${OS_ID} in
|
|
"almalinux")
|
|
LINUX_VERSION="AlmaLinux"
|
|
OS_NAME=$(grep "^PRETTY_NAME=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
OS_REDHAT_OR_CLONE=1
|
|
OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
OS_VERSION_FULL=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
;;
|
|
"alpine")
|
|
LINUX_VERSION="Alpine Linux"
|
|
OS_NAME=$(grep "^PRETTY_NAME=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
OS_VERSION_FULL=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
;;
|
|
"amzn")
|
|
LINUX_VERSION="Amazon Linux"
|
|
OS_NAME="Amazon Linux"
|
|
OS_REDHAT_OR_CLONE=1
|
|
OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
;;
|
|
"arch")
|
|
LINUX_VERSION="Arch Linux"
|
|
OS_FULLNAME="Arch Linux"
|
|
OS_VERSION="Rolling release"
|
|
;;
|
|
"arch32")
|
|
LINUX_VERSION="Arch Linux 32"
|
|
OS_FULLNAME="Arch Linux 32"
|
|
OS_VERSION="Rolling release"
|
|
;;
|
|
"artix")
|
|
LINUX_VERSION="Artix Linux"
|
|
OS_FULLNAME="Artix Linux"
|
|
OS_VERSION="Rolling release"
|
|
;;
|
|
"bunsenlabs")
|
|
LINUX_VERSION="BunsenLabs"
|
|
OS_NAME="BunsenLabs"
|
|
OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
OS_VERSION_FULL=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
;;
|
|
"centos")
|
|
LINUX_VERSION="CentOS"
|
|
OS_NAME="CentOS Linux"
|
|
OS_REDHAT_OR_CLONE=1
|
|
OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
;;
|
|
"clear-linux-os")
|
|
LINUX_VERSION="Clear Linux OS"
|
|
OS_NAME="Clear Linux OS"
|
|
OS_REDHAT_OR_CLONE=1
|
|
OS_VERSION="Rolling release"
|
|
;;
|
|
"cloudlinux")
|
|
LINUX_VERSION="CloudLinux"
|
|
OS_NAME="CloudLinux"
|
|
OS_REDHAT_OR_CLONE=1
|
|
OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
;;
|
|
"coreos")
|
|
LINUX_VERSION="CoreOS"
|
|
OS_NAME="CoreOS Linux"
|
|
OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
;;
|
|
"debian")
|
|
LINUX_VERSION="Debian"
|
|
OS_NAME="Debian"
|
|
OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
OS_VERSION_FULL=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
;;
|
|
"devuan")
|
|
LINUX_VERSION="Devuan"
|
|
OS_NAME="Devuan"
|
|
OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
OS_VERSION_FULL=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
;;
|
|
"elementary")
|
|
LINUX_VERSION="elementary OS"
|
|
OS_NAME="elementary OS"
|
|
OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
OS_VERSION_FULL=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
;;
|
|
"endeavouros")
|
|
LINUX_VERSION="EndeavourOS"
|
|
OS_NAME="EndeavourOS"
|
|
OS_VERSION="Rolling release"
|
|
OS_VERSION_FULL="Rolling release"
|
|
;;
|
|
"fedora")
|
|
LINUX_VERSION="Fedora"
|
|
OS_NAME="Fedora Linux"
|
|
OS_REDHAT_OR_CLONE=1
|
|
OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
;;
|
|
"flatcar")
|
|
LINUX_VERSION="Flatcar"
|
|
LINUX_VERSION_LIKE="CoreOS"
|
|
OS_NAME="Flatcar Linux"
|
|
OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
;;
|
|
"garuda")
|
|
LINUX_VERSION="Garuda"
|
|
OS_FULLNAME="Garuda Linux"
|
|
OS_NAME="Garuda"
|
|
OS_VERSION="Rolling release"
|
|
;;
|
|
"gentoo")
|
|
LINUX_VERSION="Gentoo"
|
|
OS_NAME="Gentoo Linux"
|
|
OS_VERSION="Rolling release"
|
|
;;
|
|
"ipfire")
|
|
LINUX_VERSION="IPFire"
|
|
OS_NAME="IPFire"
|
|
OS_VERSION=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
;;
|
|
"kali")
|
|
LINUX_VERSION="Kali"
|
|
LINUX_VERSION_LIKE="Debian"
|
|
OS_NAME="Kali Linux"
|
|
OS_VERSION="Rolling release"
|
|
;;
|
|
"linuxmint")
|
|
LINUX_VERSION="Linux Mint"
|
|
LINUX_VERSION_LIKE="Ubuntu"
|
|
OS_NAME="Linux Mint"
|
|
OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
OS_VERSION_FULL=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
;;
|
|
"mageia")
|
|
LINUX_VERSION="Mageia"
|
|
OS_NAME="Mageia"
|
|
OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
OS_VERSION_FULL=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
;;
|
|
"manjaro" | "manjaro-arm")
|
|
LINUX_VERSION="Manjaro"
|
|
OS_FULLNAME="Manjaro Linux"
|
|
OS_NAME="Manjaro"
|
|
OS_VERSION="Rolling release"
|
|
;;
|
|
"nethserver")
|
|
LINUX_VERSION="NethServer"
|
|
OS_NAME="NethServer"
|
|
OS_REDHAT_OR_CLONE=1
|
|
OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
;;
|
|
"nixos")
|
|
LINUX_VERSION="NixOS"
|
|
OS_NAME="NixOS"
|
|
OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
OS_VERSION_FULL=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
;;
|
|
"ol")
|
|
LINUX_VERSION="Oracle Linux"
|
|
OS_NAME="Oracle Linux"
|
|
OS_REDHAT_OR_CLONE=1
|
|
OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
;;
|
|
"opensuse-tumbleweed")
|
|
LINUX_VERSION="openSUSE Tumbleweed"
|
|
# It's rolling release but has a snapshot version (the date of the snapshot)
|
|
OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
OS_NAME="openSUSE"
|
|
;;
|
|
"opensuse-leap")
|
|
LINUX_VERSION="openSUSE Leap"
|
|
OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
OS_NAME="openSUSE"
|
|
;;
|
|
"opensuse-microos")
|
|
LINUX_VERSION="openSUSE MicroOS"
|
|
OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
OS_NAME="openSUSE"
|
|
;;
|
|
"parrot")
|
|
LINUX_VERSION="Parrot"
|
|
OS_NAME="Parrot GNU/Linux"
|
|
OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
OS_VERSION_FULL=$(grep "^PRETTY_NAME=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
;;
|
|
"pop")
|
|
LINUX_VERSION="Pop!_OS"
|
|
LINUX_VERSION_LIKE="Ubuntu"
|
|
OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
OS_VERSION_FULL=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
OS_NAME="Pop!_OS"
|
|
;;
|
|
"pureos")
|
|
LINUX_VERSION="PureOS"
|
|
LINUX_VERSION_LIKE="Debian"
|
|
OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
OS_VERSION_FULL=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
OS_NAME="PureOS"
|
|
;;
|
|
"raspbian")
|
|
LINUX_VERSION="Raspbian"
|
|
LINUX_VERSION_LIKE="Debian"
|
|
OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
OS_VERSION_FULL=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
OS_NAME="Raspbian"
|
|
;;
|
|
"rhel")
|
|
LINUX_VERSION="RHEL"
|
|
OS_NAME="RHEL"
|
|
OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
OS_VERSION_FULL=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
OS_FULLNAME="${OS_NAME} ${OS_VERSION_FULL}"
|
|
OS_REDHAT_OR_CLONE=1
|
|
;;
|
|
"rocky")
|
|
LINUX_VERSION="Rocky Linux"
|
|
OS_NAME="Rocky Linux"
|
|
OS_REDHAT_OR_CLONE=1
|
|
OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
;;
|
|
"rosa")
|
|
LINUX_VERSION="ROSA Linux"
|
|
OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
OS_VERSION_FULL=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
OS_NAME="ROSA Linux"
|
|
;;
|
|
"slackware")
|
|
LINUX_VERSION="Slackware"
|
|
OS_NAME="Slackware Linux"
|
|
OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
OS_VERSION_FULL=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
;;
|
|
"sles")
|
|
LINUX_VERSION="SLES"
|
|
OS_NAME="openSUSE"
|
|
OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
OS_VERSION_FULL=$(grep "^PRETTY_NAME=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
;;
|
|
"ubuntu")
|
|
LINUX_VERSION="Ubuntu"
|
|
OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
OS_VERSION_FULL=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
OS_NAME="Ubuntu"
|
|
;;
|
|
"void")
|
|
LINUX_VERSION="Void Linux"
|
|
OS_VERSION="Rolling release"
|
|
OS_NAME="Void Linux"
|
|
;;
|
|
"zorin")
|
|
LINUX_VERSION="Zorin OS"
|
|
OS_NAME="Zorin OS"
|
|
OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
OS_VERSION_FULL=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
;;
|
|
*)
|
|
ReportException "OS Detection" "Unknown OS found in /etc/os-release - Please create an issue on GitHub and share the the contents (cat /etc/os-release): ${PROGRAM_SOURCE}"
|
|
;;
|
|
esac
|
|
fi
|
|
fi
|
|
|
|
# Alpine
|
|
if [ -e "/etc/alpine-release" ]; then LINUX_VERSION="Alpine Linux"; OS_VERSION=$(cat /etc/alpine-release); fi
|
|
|
|
# Amazon
|
|
if [ -z "${LINUX_VERSION}" -a -e "/etc/system-release" ]; then
|
|
FIND=$(grep "^Amazon" /etc/system-release)
|
|
if [ -n "${FIND}" ]; then
|
|
OS_REDHAT_OR_CLONE=1
|
|
OS_FULLNAME=$(grep "^Amazon" /etc/system-release)
|
|
OS_VERSION=$(grep "^Amazon" /etc/system-release | awk '{ if ($4=="release") { print $5 } }')
|
|
LINUX_VERSION="Amazon"
|
|
fi
|
|
fi
|
|
|
|
# Arch Linux
|
|
if [ -z "${OS_FULLNAME}" -a -e "/etc/arch-release" ]; then
|
|
OS_FULLNAME="Arch Linux"
|
|
OS_VERSION="Unknown"
|
|
LINUX_VERSION="Arch Linux"
|
|
fi
|
|
|
|
# Chakra Linux
|
|
if [ -e "/etc/chakra-release" ]; then
|
|
OS_FULLNAME=$(grep "^Chakra" /etc/chakra-release)
|
|
OS_VERSION=$(awk '/^Chakra/ { if ($3=="release") { print $4 }}' /etc/chakra-release)
|
|
LINUX_VERSION="Chakra Linux"
|
|
fi
|
|
|
|
# Cobalt
|
|
if [ -e "/etc/cobalt-release" ]; then OS_FULLNAME=$(cat /etc/cobalt-release); fi
|
|
|
|
# CPUBuilders Linux
|
|
if [ -e "/etc/cpub-release" ]; then OS_FULLNAME=$(cat /etc/cpub-release); fi
|
|
|
|
if [ -z "${LINUX_VERSION}" ] && [ -e "/etc/debian_version" ]; then
|
|
# Debian/Ubuntu (***) - Set first to Debian
|
|
OS_VERSION=$(cat /etc/debian_version)
|
|
OS_FULLNAME="Debian ${OS_VERSION}"
|
|
LINUX_VERSION="Debian"
|
|
|
|
# /etc/lsb-release does not exist on Debian
|
|
if [ -e /etc/lsb-release ]; then
|
|
OS_VERSION=$(cat /etc/debian_version)
|
|
FIND=$(grep "^DISTRIB_ID=" /etc/lsb-release | cut -d '=' -f2 | sed 's/"//g')
|
|
if [ "${FIND}" = "Ubuntu" ]; then
|
|
OS_VERSION=$(grep "^DISTRIB_RELEASE=" /etc/lsb-release | cut -d '=' -f2)
|
|
OS_FULLNAME="Ubuntu ${OS_VERSION}"
|
|
LINUX_VERSION="Ubuntu"
|
|
elif [ "${FIND}" = "elementary OS" ]; then
|
|
LINUX_VERSION="elementary OS"
|
|
LINUX_VERSION_LIKE="Ubuntu"
|
|
OS_VERSION=$(grep "^DISTRIB_RELEASE=" /etc/lsb-release | cut -d '=' -f2)
|
|
OS_FULLNAME=$(grep "^DISTRIB_DESCRIPTION=" /etc/lsb-release | cut -d '=' -f2 | sed 's/"//g')
|
|
else
|
|
# Catch all, in case it's unclear what specific release this is.
|
|
OS_FULLNAME="Debian ${OS_VERSION}"
|
|
LINUX_VERSION="Debian"
|
|
fi
|
|
# Ubuntu test (optional) $(grep "[Uu]buntu" /proc/version)
|
|
fi
|
|
fi
|
|
|
|
# Override for Linux Mint, as that is initially detected as Debian or Ubuntu
|
|
if [ -x /usr/bin/lsb_release ]; then
|
|
FIND=$(lsb_release --id | awk -F: '{ print $2 }' | awk '{ print $1 }')
|
|
if [ "${FIND}" = "LinuxMint" ]; then
|
|
LINUX_VERSION="Linux Mint"
|
|
# LMDE (Linux Mint Debian Edition) should be detected as Debian
|
|
LINUX_VERSION_LIKE="Ubuntu"
|
|
OS_VERSION=$(lsb_release --release | awk '{ print $2 }')
|
|
OS_FULLNAME="Linux Mint ${OS_VERSION}"
|
|
fi
|
|
fi
|
|
|
|
# E-smith
|
|
if [ -e "/etc/e-smith-release" ]; then OS_FULLNAME=$(cat /etc/e-smith-release); fi
|
|
|
|
# Gentoo
|
|
if [ -e "/etc/gentoo-release" ]; then LINUX_VERSION="Gentoo"; OS_FULLNAME=$(cat /etc/gentoo-release); fi
|
|
|
|
# Red Hat and others
|
|
if [ -z "${LINUX_VERSION}" -a -e "/etc/redhat-release" ]; then
|
|
OS_REDHAT_OR_CLONE=1
|
|
|
|
# CentOS
|
|
if grep "CentOS" /etc/redhat-release; then
|
|
OS_FULLNAME=$(grep "CentOS" /etc/redhat-release)
|
|
LINUX_VERSION="CentOS"
|
|
OS_VERSION="${OS_FULLNAME}"
|
|
fi
|
|
|
|
# ClearOS
|
|
FIND=$(grep "ClearOS" /etc/redhat-release)
|
|
if [ ! "${FIND}" = "" ]; then
|
|
OS_FULLNAME=$(grep "ClearOS" /etc/redhat-release)
|
|
LINUX_VERSION="ClearOS"
|
|
OS_VERSION="${OS_FULLNAME}"
|
|
fi
|
|
|
|
# Fedora
|
|
FIND=$(grep "Fedora" /etc/redhat-release)
|
|
if [ ! "${FIND}" = "" ]; then
|
|
OS_FULLNAME=$(grep "Fedora" /etc/redhat-release)
|
|
OS_VERSION="${OS_FULLNAME}"
|
|
LINUX_VERSION="Fedora"
|
|
fi
|
|
|
|
|
|
# Oracle Enterprise Linux
|
|
FIND=$(grep "Enterprise Linux Enterprise Linux Server" /etc/redhat-release)
|
|
if [ ! "${FIND}" = "" ]; then
|
|
LINUX_VERSION="Oracle Enterprise Linux"
|
|
OS_FULLNAME=$(grep "Enterprise Linux" /etc/redhat-release)
|
|
OS_VERSION="${OS_FULLNAME}"
|
|
fi
|
|
|
|
# Oracle Enterprise Linux
|
|
if [ -e /etc/oracle-release ]; then
|
|
FIND=$(grep "Oracle Linux Server" /etc/oracle-release)
|
|
if [ ! "${FIND}" = "" ]; then
|
|
LINUX_VERSION="Oracle Enterprise Linux"
|
|
OS_FULLNAME=$(grep "Oracle Linux" /etc/oracle-release)
|
|
OS_VERSION="${OS_FULLNAME}"
|
|
fi
|
|
fi
|
|
|
|
# Oracle VM Server
|
|
if [ -e /etc/ovs-release ]; then
|
|
FIND=$(grep "Oracle VM" /etc/ovs-release)
|
|
if [ ! "${FIND}" = "" ]; then
|
|
LINUX_VERSION="Oracle VM Server"
|
|
OS_FULLNAME=$(grep "Oracle VM" /etc/ovs-release)
|
|
OS_VERSION="${OS_FULLNAME}"
|
|
fi
|
|
fi
|
|
|
|
# Scientific
|
|
FIND=$(grep "Scientific" /etc/redhat-release)
|
|
if [ ! "${FIND}" = "" ]; then
|
|
OS_FULLNAME=$(grep "^Scientific" /etc/redhat-release)
|
|
OS_VERSION=$(grep "^Scientific" /etc/redhat-release | awk '{ if ($3=="release") { print $4 } }')
|
|
LINUX_VERSION="Scientific"
|
|
fi
|
|
|
|
if [ -z "${LINUX_VERSION}" ]; then
|
|
# Red Hat
|
|
FIND=$(grep "Red Hat" /etc/redhat-release)
|
|
if [ ! "${FIND}" = "" ]; then
|
|
OS_FULLNAME=$(grep "Red Hat" /etc/redhat-release)
|
|
OS_VERSION="${OS_FULLNAME}"
|
|
LINUX_VERSION="Red Hat"
|
|
fi
|
|
fi
|
|
|
|
fi
|
|
|
|
# PCLinuxOS
|
|
if [ -f /etc/pclinuxos-release ]; then
|
|
FIND=$(grep "^PCLinuxOS" /etc/pclinuxos-release)
|
|
if [ ! "${FIND}" = "" ]; then
|
|
OS_FULLNAME="PCLinuxOS Linux"
|
|
LINUX_VERSION="PCLinuxOS"
|
|
OS_VERSION=$(grep "^PCLinuxOS" /etc/pclinuxos-release | awk '{ if ($2=="release") { print $3 } }')
|
|
fi
|
|
fi
|
|
|
|
# Sabayon Linux
|
|
if [ -f /etc/sabayon-edition ]; then
|
|
FIND=$(grep "Sabayon Linux" /etc/sabayon-edition)
|
|
if [ ! "${FIND}" = "" ]; then
|
|
OS_FULLNAME="Sabayon Linux"
|
|
LINUX_VERSION="Sabayon"
|
|
OS_VERSION=$(awk '{ print $3 }' /etc/sabayon-edition)
|
|
fi
|
|
fi
|
|
|
|
if [ -f /etc/SLOX-release ]; then
|
|
OS_FULLNAME=$(grep "SuSE Linux" /etc/SLOX-release)
|
|
LINUX_VERSION="SuSE"
|
|
fi
|
|
|
|
# Slackware
|
|
if [ -f /etc/slackware-version ]; then
|
|
LINUX_VERSION="Slackware"
|
|
OS_VERSION=$(grep "^Slackware" /etc/slackware-version | awk '{ if ($1=="Slackware") { print $2 } }')
|
|
OS_FULLNAME="Slackware Linux ${OS_VERSION}"
|
|
fi
|
|
|
|
# SuSE
|
|
if [ -e "/etc/SuSE-release" ]; then
|
|
OS_VERSION=$(head -n 1 /etc/SuSE-release)
|
|
LINUX_VERSION="SuSE"
|
|
fi
|
|
|
|
# Turbo Linux
|
|
if [ -e "/etc/turbolinux-release" ]; then OS_FULLNAME=$(cat /etc/turbolinux-release); fi
|
|
|
|
# YellowDog
|
|
if [ -e "/etc/yellowdog-release" ]; then OS_FULLNAME=$(cat /etc/yellowdog-release); fi
|
|
|
|
# VMware
|
|
if [ -e "/etc/vmware-release" ]; then
|
|
OS_FULLNAME=$(cat /etc/vmware-release)
|
|
OS_VERSION=$(uname -r)
|
|
IS_VMWARE_ESXI=$(vmware -vl | grep VMware ESXi)
|
|
if [ ! "${IS_VMWARE_ESXI}" = "" ]; then
|
|
OS_FULLNAME="VMware ESXi ${OS_VERSION}"
|
|
fi
|
|
fi
|
|
|
|
# ===================================================================
|
|
# Set OS name to the discovered Linux version
|
|
if [ ! "${LINUX_VERSION}" = "" -a "${OS_NAME}" = "Linux" ]; then
|
|
OS_NAME="${LINUX_VERSION}"
|
|
fi
|
|
# If Linux version (full name) is unknown, use uname value
|
|
if [ "${OS_FULLNAME}" = "" ]; then OS_FULLNAME=$(uname -s -r); fi
|
|
SYSCTL_READKEY="sysctl -n"
|
|
;;
|
|
|
|
# NetBSD
|
|
NetBSD)
|
|
OS="NetBSD"
|
|
OS_NAME="NetBSD"
|
|
OS_FULLNAME=$(uname -s -r)
|
|
OS_KERNELVERSION=$(uname -v)
|
|
OS_VERSION=$(uname -r)
|
|
HARDWARE=$(uname -m)
|
|
FIND_BINARIES="whereis"
|
|
SYSCTL_READKEY=""
|
|
;;
|
|
|
|
# OpenBSD
|
|
OpenBSD)
|
|
OS="OpenBSD"
|
|
OS_NAME="OpenBSD"
|
|
OS_FULLNAME=$(uname -s -r)
|
|
OS_KERNELVERSION=$(uname -v)
|
|
OS_VERSION=$(uname -r)
|
|
HARDWARE=$(uname -m)
|
|
FIND_BINARIES="whereis"
|
|
SYSCTL_READKEY=""
|
|
;;
|
|
|
|
# Solaris / OpenSolaris / Ilumos ...
|
|
SunOS)
|
|
OS="Solaris"
|
|
OS_KERNELVERSION=$(uname -v)
|
|
OPENSOLARIS=0
|
|
|
|
if [ -f /etc/os-release ]; then
|
|
OS_ID=$(grep "^ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
OS_VERSION=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
OS_FULLNAME=$(awk -F= '/^PRETTY_NAME=/ {print substr($2,2,length($2)-2)}' /etc/os-release)
|
|
case "${OS_ID}" in
|
|
"solaris")
|
|
OS_NAME="Oracle Solaris"
|
|
;;
|
|
"omnios")
|
|
OS_NAME="OmniOS"
|
|
OPENSOLARIS=1
|
|
;;
|
|
"tribblix")
|
|
OS_NAME="Tribblix"
|
|
OS_FULLNAME="Tribblix ${OS_VERSION}"
|
|
OPENSOLARIS=1
|
|
;;
|
|
"*")
|
|
ReportException "OS Detection" "Unknown OS found in /etc/os-release - Please create issue on GitHub project page: ${PROGRAM_SOURCE}"
|
|
;;
|
|
esac
|
|
elif [ "$(uname -o 2> /dev/null)" == "illumos" ]; then
|
|
OPENSOLARIS=1
|
|
|
|
# Solaris has a free form text file with release information
|
|
if grep "OpenIndiana" /etc/release > /dev/null; then
|
|
OS_NAME="OpenIndiana"
|
|
if grep "Hipster" /etc/release > /dev/null; then
|
|
OS_VERSION="$(tr ' ' '\n' < /etc/release | grep '[[:digit:]]\.[[:digit:]]')"
|
|
OS_FULLNAME="OpenIndiana Hipster $OS_VERSION"
|
|
else
|
|
OS_VERSION="Unknown"
|
|
OS_FULLNAME="OpenIndiana (unknown edition)"
|
|
fi
|
|
elif grep "OmniOS" /etc/release > /dev/null; then
|
|
OS_NAME="OmniOS"
|
|
OS_VERSION="$(tr ' ' '\n' < /etc/release | grep 'r[[:digit:]]')"
|
|
if grep "Community Edition" /etc/release > /dev/null; then
|
|
OS_FULLNAME="OmniOS Community Edition v11 $OS_VERSION"
|
|
fi
|
|
elif grep "SmartOS" /etc/release > /dev/null; then
|
|
OS_NAME="SmartOS"
|
|
OS_VERSION="-"
|
|
OS_FULLNAME="SmartOS"
|
|
else
|
|
OS_NAME="Unknown Illumos"
|
|
fi
|
|
elif grep "SchilliX" /etc/release > /dev/null; then
|
|
OS_NAME="SchilliX"
|
|
OS_FULLNAME="$(head -n 1 /etc/release | xargs)"
|
|
OS_VERSION="$(echo "$OS_FULLNAME" | cut -d '-' -f 2)"
|
|
|
|
OPENSOLARIS=1
|
|
elif head -n 1 < /etc/release | grep "Oracle Solaris" > /dev/null; then
|
|
OS_NAME="Oracle Solaris"
|
|
OS_FULLNAME="$(head -n 1 /etc/release | xargs)"
|
|
OS_VERSION="$(head -n 1 < /etc/release | xargs | cut -d ' ' -f 3)"
|
|
elif head -n 1 < /etc/release | xargs | grep "^Solaris " > /dev/null; then
|
|
OS_NAME="Sun Solaris"
|
|
# Example of /etc/release:
|
|
# Solaris 10 5/08
|
|
# ...
|
|
# Solaris 10 10/09 (Update 8)
|
|
# The first line does not contain the "Update" number,
|
|
# only if present.
|
|
if tail -1 < /etc/release | xargs | grep "^Solaris " > /dev/null; then
|
|
OS_FULLNAME=$(tail -1 < /etc/release | xargs)
|
|
else
|
|
OS_FULLNAME=$(head -1 < /etc/release | xargs)
|
|
fi
|
|
OS_VERSION=$(echo "$OS_FULLNAME" | cut -d ' ' -f 2,3)
|
|
else # Old behaviour
|
|
OS_NAME="Sun Solaris"
|
|
OS_FULLNAME=$(uname -s -r)
|
|
OS_VERSION=$(uname -r)
|
|
fi
|
|
|
|
HARDWARE=$(uname -m)
|
|
if [ -x /usr/bin/isainfo ]; then
|
|
# Returns 32, 64
|
|
OS_MODE=$(/usr/bin/isainfo -b)
|
|
fi
|
|
SYSCTL_READKEY=""
|
|
;;
|
|
|
|
# VMware products
|
|
VMkernel)
|
|
OS="VMware"
|
|
OS_FULLNAME=""
|
|
OS_VERSION=""
|
|
HARDWARE=$(uname -m)
|
|
if [ -e "/etc/vmware-release" ]; then
|
|
OS_FULLNAME=$(cat /etc/vmware-release)
|
|
OS_VERSION=$(uname -r)
|
|
fi
|
|
HAS_VMWARE_UTIL=$(which vmware 2> /dev/null | grep -v "no [^ ]* in ")
|
|
if [ ! "${HAS_VMWARE_UTIL}" = "" ]; then
|
|
IS_VMWARE_ESXI=$(vmware -vl | grep VMware ESXi)
|
|
if [ ! "${IS_VMWARE_ESXI}" = "" ]; then
|
|
OS_NAME="VMware ESXi"
|
|
OS_FULLNAME="VMware ESXi ${OS_VERSION}"
|
|
fi
|
|
fi
|
|
;;
|
|
|
|
|
|
# Unknown or unsupported systems
|
|
*)
|
|
echo "[ ${WARNING}WARNING${NORMAL} ]"
|
|
echo "${WARNING}Error${NORMAL}: ${WHITE}Unknown OS found. No support available yet for this OS or platform...${NORMAL}"
|
|
echo "Please consult the README/documentation for more information."
|
|
exit 1
|
|
;;
|
|
|
|
esac
|
|
|
|
# Set correct echo binary and parameters after detecting operating system
|
|
ECHONB=""
|
|
|
|
case ${OS} in
|
|
"AIX") ECHOCMD="echo"; ECHONB="printf" ;;
|
|
"DragonFly"|"FreeBSD"|"NetBSD") ECHOCMD="echo -e"; ECHONB="echo -n" ;;
|
|
"macOS" | "Mac OS X") ECHOCMD="echo"; ECHONB="/bin/echo -n" ;;
|
|
"Solaris") ECHOCMD="echo" ; test -f /usr/ucb/echo && ECHONB="/usr/ucb/echo -n" ;;
|
|
"Linux")
|
|
# Check if dash is used (Debian/Ubuntu)
|
|
DEFAULT_SHELL=$(ls -l /bin/sh | awk -F'>' '{print $2}')
|
|
case ${DEFAULT_SHELL} in
|
|
" dash") ECHOCMD="/bin/echo -e" ;;
|
|
*) ECHOCMD="echo -e" ;;
|
|
esac
|
|
;;
|
|
*) ECHOCMD="echo -e" ;;
|
|
esac
|
|
|
|
# Check if we have full featured commands, or are using BusyBox as a shell
|
|
if [ -x /bin/busybox ]; then
|
|
if [ -L /bin/ps ]; then
|
|
ShowSymlinkPath /bin/ps
|
|
if [ "${SYMLINK}" = "/bin/busybox" ]; then
|
|
SHELL_IS_BUSYBOX=1
|
|
fi
|
|
fi
|
|
fi
|
|
|
|
# Specific checks for hardware
|
|
|
|
# Detect if we are using a QNAP NAS
|
|
if [ -d /share/CACHEDEV1_DATA/.qpkg ]; then
|
|
QNAP_DEVICE=1
|
|
fi
|
|
|
|
# Check if this OS is end-of-life
|
|
EOL=255
|
|
EOL_DATE=""
|
|
EOL_TIMESTAMP=0
|
|
if [ -n "${OS_VERSION}" ]; then
|
|
if [ -f "${DBDIR}/software-eol.db" ]; then
|
|
FIND="${OS_FULLNAME}"
|
|
EOL_TIMESTAMP=$(awk -v value="${FIND}" -F: '{if ($1=="os" && value ~ $2){print $4}}' ${DBDIR}/software-eol.db | head -n 1)
|
|
if [ -n "${EOL_TIMESTAMP}" ]; then
|
|
EOL_DATE=$(awk -v value="${FIND}" -F: '{if ($1=="os" && value ~ $2){print $3}}' ${DBDIR}/software-eol.db | head -n 1)
|
|
if [ -n "${EOL_DATE}" ]; then
|
|
NOW=$(date "+%s")
|
|
if [ -n "${NOW}" ]; then
|
|
if [ ${NOW} -gt ${EOL_TIMESTAMP} ]; then
|
|
EOL=1
|
|
else
|
|
EOL=0
|
|
fi
|
|
fi
|
|
else
|
|
EOL=0
|
|
fi
|
|
fi
|
|
fi
|
|
fi
|
|
|
|
|
|
#================================================================================
|
|
# Lynis - Security Auditing and System Hardening for Linux and UNIX - https://cisofy.com
|