tyler.durden/lynis
1
0
Fork 0
mirror of https://github.com/CISOfy/lynis.git synced 2025-10-31 19:34:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
lynis/include/parameters

327 lines
9.6 KiB
Bash
Raw Blame History

#!/bin/sh
#################################################################################
#
# Lynis
# ------------------
#
# Copyright 2007-2013, Michael Boelen
# Copyright 2013-2016, CISOfy
#
# Website : https://cisofy.com
# Blog : http://linux-audit.com
# GitHub : https://github.com/CISOfy/lynis
#
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
# welcome to redistribute it under the terms of the GNU General Public License.
# See LICENSE file for usage of this software.
#
#################################################################################
#
# Parameter checks
#
#################################################################################
#
# Check number of parameters submitted (at least one is needed)
PARAMCOUNT=$#
while [ $# -ge 1 ]; do
case $1 in
# Helpers first
audit)
CHECK_BINARIES=0
RUN_HELPERS=1
HELPER="audit"
RUN_PLUGINS=0
RUN_TESTS=0
if [ ! $2 = "" ]; then
case $2 in
"dockerfile")
if [ "$3" = "" ]; then
echo "${RED}Error: ${WHITE}Missing file name or URL${NORMAL}"
echo "Example: lynis audit dockerfile /root/Dockerfile"
ExitFatal
else
shift; shift
HELPER_PARAMS="$1 $2 $3"
HELPER="audit_dockerfile"
break
fi
;;
"system")
CHECK_BINARIES=1
HELPER=""
RUN_PLUGINS=1
RUN_TESTS=1
shift
#break
;;
esac
else
echo "${RED}Error: ${WHITE}Need a target to audit${NORMAL}"
echo " "
echo "Examples:"
echo "lynis audit dockerfile"
echo "lynis audit system"
ExitFatal
fi
#break
;;
show)
CHECK_BINARIES=0
RUN_HELPERS=1
HELPER="show"
RUN_PLUGINS=0
RUN_TESTS=0
QUIET=1
SHOW_PROGRAM_DETAILS=0
shift
HELPER_PARAMS="$1 $2"
break
#if [ ! $2 = "" ]; then
# shift
# HELPER_PARAMS="$1 $2"
# break
# else
# echo "${RED}Error: ${WHITE}Need more specifics for show${NORMAL}"
# echo " "
# echo "Examples:"
# echo "lynis show config"
# echo "lynis show plugins"
# echo "lynis show version"
# ExitFatal
#fi
;;
update)
CHECK_BINARIES=0
RUN_HELPERS=1
HELPER="update"
RUN_PLUGINS=0
RUN_TESTS=0
SHOW_PROGRAM_DETAILS=0
if [ ! $2 = "" ]; then
shift
HELPER_PARAMS="$1 $2"
break
else
echo "${RED}Error: ${WHITE}Need a target for update${NORMAL}"
echo " "
echo "Examples:"
echo "lynis update info"
echo "lynis update release"
ExitFatal
fi
;;
# Assign auditor to report
--auditor)
shift
AUDITORNAME=$1
;;
# Perform tests
-c | --check-all | --checkall)
CHECK=1
;;
# Show settings file
--config)
SHOW_SETTINGS_FILE=1
;;
# Cronjob support
--cronjob | --cron)
CRONJOB=1;
# Use some defaults (-c, -Q, no colors)
CHECK=1; QUICKMODE=1; NEVERBREAK=1
# Get rid of the colors
NORMAL=""; WARNING=""; SECTION=""; NOTICE=""; OK=""; BAD=""; CYAN=""; MAGENTA=""; PURPLE=""; YELLOW=""; WHITE=""; GREEN=""; RED=""
;;
# Perform tests with additional debugging information on screen
--debug)
DEBUG=1
;;
# Display all available options with short alias
--dump-options | --dumpoptions)
OPTIONS="--auditor
--check-all_(-c) --config --cronjob_(--cron)
--debug
--help_(-h)
--info
--license-key --log-file
--manpage_(--man)
--no-colors --no-log
--pentest --profile --plugins-dir
--quiet_(-q) --quick_(-Q)
--report-file --reverse-colors
--tests --tests-category
--upload
--version_(-V) --view-categories"
for I in ${OPTIONS}; do
echo "${I}" | tr '_' ' '
done
ExitClean
;;
# View help
--help | -h)
VIEWHELP=1
;;
# View program/database information
--check-update | --check-updates | --info)
echo "This option is deprecated"
echo "Use: lynis update info"
ExitClean
;;
# License key for Lynis Enterprise
--license-key)
shift
LICENSE_KEY=$1
;;
# Adjust default logfile location
--logfile | --log-file)
shift
LOGFILE=$1
;;
# Don't use colors
--no-colors | --nocolors)
NORMAL=""; WARNING=""; SECTION=""; NOTICE=""; OK=""; BAD=""; CYAN=""; MAGENTA=""; PURPLE=""; YELLOW=""; WHITE=""; GREEN=""; RED=""
;;
# Disable logging
--no-log | --nolog)
LOGFILE="/dev/null"
;;
--pentest | --pen-test)
PENTESTINGMODE=1
;;
# Define a custom profile file
--profile)
shift
SEARCH_PROFILES=$1
;;
# Define a custom plugin directory
--plugindir | --plugin-dir | --plugins-dir)
shift
PLUGINDIR=$1
LASTCHAR=`echo $1 | awk '{ print substr($0, length($0))}'`
if [ "${LASTCHAR}" = "/" ]; then
echo "${RED}Error:${WHITE} plugin directory path should not end with a slash${NORMAL}"
ExitCustom 65
fi
if [ ! -d ${PLUGINDIR} ]; then
echo "${RED}Error:${WHITE} invalid plugin directory ${PLUGINDIR}${NORMAL}"
ExitCustom 66
fi
;;
# Quiet mode
-q | --quiet)
QUIET=1
# Run non-interactive
QUICKMODE=1
;;
# Non-interactive mode
-Q | --quick)
QUICKMODE=1
;;
# Define alternative report file
--report-file)
shift
REPORTFILE=$1
;;
# Strip the colors which aren't clearly visible on light backgrounds
--reverse-colors)
#NORMAL="";
SECTION="${NORMAL}";
NOTICE="${NORMAL}";
#OK="";
#BAD="";
CYAN="${NORMAL}";
GREEN="${NORMAL}";
YELLOW="${NORMAL}";
WHITE="${NORMAL}";
PURPLE="${NORMAL}";
#GREEN="";
#RED=""
;;
# Only scan these tests
--tests)
shift
TESTS_TO_PERFORM=$1
;;
# Scan one or more categories only
--tests-category)
shift
TESTS_CATEGORY_TO_PERFORM=$1
;;
# Lynis Enterprise: upload data to central node
--upload)
UPLOAD_DATA=1
;;
--verbose)
VERBOSE=1
;;
# Version number
-V | --version)
echo "${PROGRAM_VERSION}"
exit 0
;;
--view-categories | --list-categories | --show-categories)
ViewCategories
exit 0
;;
# View man page
--view-manpage | --man | --manpage)
if [ -f lynis.8 ]; then
nroff -man lynis.8
exit 0
else
echo "Error: man page file not found (lynis.8)"
echo "If you are running an installed version of Lynis, use 'man lynis'"
exit 1
fi
;;
# Warnings
--warnings-only | --show-warnings-only)
SHOW_WARNINGS_ONLY=1
QUICKMODE=1
QUIET=1
;;
# Drop out when using wrong option(s)
*)
# Wrong option used, we bail out later
WRONGOPTION=1
WRONGOPTION_value=$1
;;
esac
shift
done
#================================================================================
# Lynis - Security Auditing and System Hardening for Linux and UNIX - https://cisofy.com
Reference in New Issue View Git Blame Copy Permalink