mirror of
https://github.com/CISOfy/lynis.git
synced 2025-09-26 11:19:27 +02:00
d388e5d269
New variable OPENSOLARIS to distringuish between Oracle Solaris and OpenSolaris derivates. The edge case of OpenSolaris itself is not yet solved, but OpenSolaris itself should be very rare these days. Currently detected and distinguished Solaris variants are: - Oracle Solaris >= 11 (exluding Solaris Express and OpenSolaris) - Solaris < 11 (as "Sun Solaris") - OmniosCE (but not old Omnios) - OpenIndiana - Shillix - SmartOS - Tribblix - "Unknown Illumos" for unknown distributions based on Illumos Lynis will fall back to "Sun Solaris" with "SunOS 5.X" for unknown distributions.
746 lines
32 KiB
Bash
746 lines
32 KiB
Bash
#!/bin/sh
|
|
|
|
#################################################################################
|
|
#
|
|
# Lynis
|
|
# ------------------
|
|
#
|
|
# Copyright 2007-2013, Michael Boelen
|
|
# Copyright 2007-2020, CISOfy
|
|
#
|
|
# Website : https://cisofy.com
|
|
# Blog : http://linux-audit.com
|
|
# GitHub : https://github.com/CISOfy/lynis
|
|
#
|
|
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
|
|
# welcome to redistribute it under the terms of the GNU General Public License.
|
|
# See LICENSE file for usage of this software.
|
|
#
|
|
#################################################################################
|
|
#
|
|
# Operating System detection
|
|
#
|
|
#################################################################################
|
|
#
|
|
# Check operating system
|
|
case $(uname) in
|
|
|
|
# IBM AIX
|
|
AIX)
|
|
OS="AIX"
|
|
OS_NAME="AIX"
|
|
OS_VERSION=$(oslevel)
|
|
OS_FULLNAME="AIX ${OS_VERSION}"
|
|
CPU=$(uname -p)
|
|
HARDWARE=$(uname -M)
|
|
FIND_BINARIES="whereis -b"
|
|
SYSCTL_READKEY=""
|
|
;;
|
|
|
|
# Mac OS X and macOS
|
|
Darwin)
|
|
OS="macOS"
|
|
if [ -x /usr/bin/sw_vers ]; then
|
|
OS_NAME=$(/usr/bin/sw_vers -productName)
|
|
OS_VERSION=$(/usr/bin/sw_vers -productVersion)
|
|
OS_VERSION_NAME="unknown"
|
|
OS_FULLNAME="macOS (unknown version)"
|
|
case ${OS_VERSION} in
|
|
10.0 | 10.0.[0-9]*) OS_FULLNAME="Mac OS X 10.0 (Cheetah)" ;;
|
|
10.1 | 10.1.[0-9]*) OS_FULLNAME="Mac OS X 10.1 (Puma)" ;;
|
|
10.2 | 10.2.[0-9]*) OS_FULLNAME="Mac OS X 10.2 (Jaguar)" ;;
|
|
10.3 | 10.3.[0-9]*) OS_FULLNAME="Mac OS X 10.3 (Panther)" ;;
|
|
10.4 | 10.4.[0-9]*) OS_FULLNAME="Mac OS X 10.4 (Tiger)" ;;
|
|
10.5 | 10.5.[0-9]*) OS_FULLNAME="Mac OS X 10.5 (Leopard)" ;;
|
|
10.6 | 10.6.[0-9]*) OS_FULLNAME="Mac OS X 10.6 (Snow Leopard)" ;;
|
|
10.7 | 10.7.[0-9]*) OS_FULLNAME="Mac OS X 10.7 (Lion)" ;;
|
|
10.8 | 10.8.[0-9]*) OS_FULLNAME="Mac OS X 10.8 (Mountain Lion)" ;;
|
|
10.9 | 10.9.[0-9]*) OS_FULLNAME="Mac OS X 10.9 (Mavericks)" ;;
|
|
10.10 | 10.10.[0-9]*) OS_FULLNAME="Mac OS X 10.10 (Yosemite)" ;;
|
|
10.11 | 10.11.[0-9]*) OS_FULLNAME="Mac OS X 10.11 (El Capitan)" ;;
|
|
10.12 | 10.12.[0-9]*) OS_FULLNAME="macOS Sierra (${OS_VERSION})" ;;
|
|
10.13 | 10.13.[0-9]*) OS_FULLNAME="macOS High Sierra (${OS_VERSION})" ;;
|
|
10.14 | 10.14.[0-9]*) OS_FULLNAME="macOS Mojave (${OS_VERSION})" ;;
|
|
10.15 | 10.15.[0-9]*) OS_FULLNAME="macOS Catalina (${OS_VERSION})" ;;
|
|
11.0 | 11.0[0-9]*) OS_FULLNAME="macOS Big Sur (${OS_VERSION})" ;;
|
|
*) echo "Unknown macOS version. Do you know what version it is? Create an issue at ${PROGRAM_SOURCE}" ;;
|
|
esac
|
|
else
|
|
# Fall back to a fairly safe name
|
|
OS_NAME="macOS"
|
|
# uname -s -r shows Darwin 16.1.0
|
|
OS_FULLNAME=$(uname -s -r)
|
|
# shows 16.1.0 for Darwin's version, not macOS's
|
|
OS_VERSION=$(uname -r)
|
|
fi
|
|
HARDWARE=$(uname -m)
|
|
HOMEDIRS="/Users"
|
|
FIND_BINARIES="whereis"
|
|
OS_KERNELVERSION=$(uname -r)
|
|
SYSCTL_READKEY=""
|
|
;;
|
|
|
|
# DragonFly BSD
|
|
DragonFly)
|
|
OS="DragonFly"
|
|
OS_NAME="DragonFly BSD"
|
|
OS_FULLNAME=$(uname -s -r)
|
|
OS_VERSION=$(uname -r)
|
|
HARDWARE=$(uname -m)
|
|
HOMEDIRS="/home /root"
|
|
FIND_BINARIES="whereis -q -a -b"
|
|
OS_KERNELVERSION=$(uname -i)
|
|
SYSCTL_READKEY="sysctl -n"
|
|
;;
|
|
|
|
# FreeBSD
|
|
FreeBSD)
|
|
OS="FreeBSD"
|
|
OS_NAME="FreeBSD"
|
|
OS_FULLNAME=$(uname -s -r)
|
|
OS_VERSION=$(uname -r)
|
|
HARDWARE=$(uname -m)
|
|
HOMEDIRS="/home /root"
|
|
FIND_BINARIES="whereis -q -a -b"
|
|
OS_KERNELVERSION=$(uname -i)
|
|
SYSCTL_READKEY="sysctl -n"
|
|
|
|
# TrueOS
|
|
if [ -f /etc/defaults/trueos ]; then
|
|
OS_NAME="TrueOS"
|
|
LogText "Result: found TrueOS file, system is completely based on FreeBSD though. Only adjusting OS name."
|
|
fi
|
|
;;
|
|
|
|
# HP-UX
|
|
HP-UX)
|
|
OS="HP-UX"
|
|
OS_NAME="HP-UX"
|
|
OS_FULLNAME=$(uname -s -r)
|
|
OS_VERSION=$(uname -r)
|
|
HARDWARE=$(uname -m)
|
|
FIND_BINARIES="whereis -b"
|
|
SYSCTL_READKEY=""
|
|
LOGDIR="/var/adm/syslog"
|
|
;;
|
|
|
|
# Linux
|
|
Linux)
|
|
OS="Linux"
|
|
OS_NAME="Linux"
|
|
OS_FULLNAME=""
|
|
OS_VERSION=$(uname -r)
|
|
LINUX_VERSION=""
|
|
HARDWARE=$(uname -m)
|
|
HOMEDIRS="/home"
|
|
FIND_BINARIES="whereis -b"
|
|
OS_KERNELVERSION_FULL=$(uname -r)
|
|
OS_KERNELVERSION=$(echo ${OS_KERNELVERSION_FULL} | sed 's/-.*//')
|
|
if [ -e /dev/grsec ]; then GRSEC_FOUND=1; fi
|
|
|
|
# Generic
|
|
if [ -e /etc/os-release ]; then
|
|
OS_FULLNAME=$(awk -F= '/^PRETTY_NAME=/ {print substr($2,2,length($2)-2)}' /etc/os-release)
|
|
OS_ID=$(grep "^ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
if [ -n "${OS_ID}" ]; then
|
|
case ${OS_ID} in
|
|
"alpine")
|
|
LINUX_VERSION="Alpine Linux"
|
|
OS_NAME=$(grep "^PRETTY_NAME=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
OS_VERSION_FULL=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
;;
|
|
"amzn")
|
|
LINUX_VERSION="Amazon Linux"
|
|
OS_NAME="Amazon Linux"
|
|
OS_REDHAT_OR_CLONE=1
|
|
OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
;;
|
|
"arch")
|
|
LINUX_VERSION="Arch Linux"
|
|
OS_FULLNAME="Arch Linux"
|
|
OS_VERSION="Rolling release"
|
|
;;
|
|
"centos")
|
|
LINUX_VERSION="CentOS"
|
|
OS_NAME="CentOS Linux"
|
|
OS_REDHAT_OR_CLONE=1
|
|
OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
;;
|
|
"clear-linux-os")
|
|
LINUX_VERSION="Clear Linux OS"
|
|
OS_NAME="Clear Linux OS"
|
|
OS_REDHAT_OR_CLONE=1
|
|
OS_VERSION="Rolling release"
|
|
;;
|
|
"cloudlinux")
|
|
LINUX_VERSION="CloudLinux"
|
|
OS_NAME="CloudLinux"
|
|
OS_REDHAT_OR_CLONE=1
|
|
OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
;;
|
|
"coreos")
|
|
LINUX_VERSION="CoreOS"
|
|
OS_NAME="CoreOS Linux"
|
|
OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
;;
|
|
"debian")
|
|
LINUX_VERSION="Debian"
|
|
OS_NAME="Debian"
|
|
OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
OS_VERSION_FULL=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
;;
|
|
"fedora")
|
|
LINUX_VERSION="Fedora"
|
|
OS_NAME="Fedora Linux"
|
|
OS_REDHAT_OR_CLONE=1
|
|
OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
;;
|
|
"flatcar")
|
|
LINUX_VERSION="Flatcar"
|
|
LINUX_VERSION_LIKE="CoreOS"
|
|
OS_NAME="Flatcar Linux"
|
|
OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
;;
|
|
"gentoo")
|
|
LINUX_VERSION="Gentoo"
|
|
OS_NAME="Gentoo Linux"
|
|
OS_VERSION="Rolling release"
|
|
;;
|
|
"kali")
|
|
LINUX_VERSION="Kali"
|
|
OS_NAME="Kali Linux"
|
|
OS_VERSION="Rolling release"
|
|
;;
|
|
"linuxmint")
|
|
LINUX_VERSION="Linux Mint"
|
|
OS_NAME="Linux Mint"
|
|
OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
OS_VERSION_FULL=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
;;
|
|
"mageia")
|
|
LINUX_VERSION="Mageia"
|
|
OS_NAME="Mageia"
|
|
OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
OS_VERSION_FULL=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
;;
|
|
"manjaro")
|
|
LINUX_VERSION="Manjaro"
|
|
OS_FULLNAME="Manjaro Linux"
|
|
OS_NAME="Manjaro"
|
|
OS_VERSION="Rolling release"
|
|
;;
|
|
"ol")
|
|
LINUX_VERSION="Oracle Linux"
|
|
OS_NAME="Oracle Linux"
|
|
OS_REDHAT_OR_CLONE=1
|
|
OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
;;
|
|
"opensuse-tumbleweed")
|
|
LINUX_VERSION="openSUSE Tumbleweed"
|
|
# It's rolling release but has a snapshot version (the date of the snapshot)
|
|
OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
OS_NAME="openSUSE"
|
|
;;
|
|
"opensuse-leap")
|
|
LINUX_VERSION="openSUSE Leap"
|
|
OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
OS_NAME="openSUSE"
|
|
;;
|
|
"pop")
|
|
LINUX_VERSION="Pop!_OS"
|
|
OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
OS_VERSION_FULL=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
OS_NAME="Pop!_OS"
|
|
;;
|
|
"pureos")
|
|
LINUX_VERSION="PureOS"
|
|
OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
OS_VERSION_FULL=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
OS_NAME="PureOS"
|
|
;;
|
|
"raspbian")
|
|
LINUX_VERSION="Raspbian"
|
|
OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
OS_VERSION_FULL=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
OS_NAME="Raspbian"
|
|
;;
|
|
"rhel")
|
|
LINUX_VERSION="RHEL"
|
|
OS_NAME="RHEL"
|
|
OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
OS_VERSION_FULL=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
OS_FULLNAME="${OS_NAME} ${OS_VERSION_FULL}"
|
|
OS_REDHAT_OR_CLONE=1
|
|
;;
|
|
"rosa")
|
|
LINUX_VERSION="ROSA Linux"
|
|
OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
OS_VERSION_FULL=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
OS_NAME="ROSA Linux"
|
|
;;
|
|
"slackware")
|
|
LINUX_VERSION="Slackware"
|
|
OS_NAME="Slackware Linux"
|
|
OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
OS_VERSION_FULL=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
;;
|
|
"sles")
|
|
LINUX_VERSION="SLES"
|
|
OS_NAME="openSUSE"
|
|
OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
OS_VERSION_FULL=$(grep "^PRETTY_NAME=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
;;
|
|
"ubuntu")
|
|
LINUX_VERSION="Ubuntu"
|
|
OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
OS_VERSION_FULL=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
OS_NAME="Ubuntu"
|
|
;;
|
|
"void")
|
|
LINUX_VERSION="Void Linux"
|
|
OS_VERSION="Rolling release"
|
|
OS_NAME="Void Linux"
|
|
;;
|
|
"zorin")
|
|
LINUX_VERSION="Zorin OS"
|
|
OS_NAME="Zorin OS"
|
|
OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
OS_VERSION_FULL=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
;;
|
|
*)
|
|
ReportException "OS Detection" "Unknown OS found in /etc/os-release - Please create issue on GitHub project page: ${PROGRAM_SOURCE}"
|
|
;;
|
|
esac
|
|
fi
|
|
fi
|
|
|
|
# Alpine
|
|
if [ -e "/etc/alpine-release" ]; then LINUX_VERSION="Alpine Linux"; OS_VERSION=$(cat /etc/alpine-release); fi
|
|
|
|
# Amazon
|
|
if [ -z "${LINUX_VERSION}" -a -e "/etc/system-release" ]; then
|
|
FIND=$(grep "^Amazon" /etc/system-release)
|
|
if [ -n "${FIND}" ]; then
|
|
OS_REDHAT_OR_CLONE=1
|
|
OS_FULLNAME=$(grep "^Amazon" /etc/system-release)
|
|
OS_VERSION=$(grep "^Amazon" /etc/system-release | awk '{ if ($4=="release") { print $5 } }')
|
|
LINUX_VERSION="Amazon"
|
|
fi
|
|
fi
|
|
|
|
# Arch Linux
|
|
if [ -z "${OS_FULLNAME}" -a -e "/etc/arch-release" ]; then
|
|
OS_FULLNAME="Arch Linux"
|
|
OS_VERSION="Unknown"
|
|
LINUX_VERSION="Arch Linux"
|
|
fi
|
|
|
|
# Chakra Linux
|
|
if [ -e "/etc/chakra-release" ]; then
|
|
OS_FULLNAME=$(grep "^Chakra" /etc/chakra-release)
|
|
OS_VERSION=$(awk '/^Chakra/ { if ($3=="release") { print $4 }}' /etc/chakra-release)
|
|
LINUX_VERSION="Chakra Linux"
|
|
fi
|
|
|
|
# Cobalt
|
|
if [ -e "/etc/cobalt-release" ]; then OS_FULLNAME=$(cat /etc/cobalt-release); fi
|
|
|
|
# CPUBuilders Linux
|
|
if [ -e "/etc/cpub-release" ]; then OS_FULLNAME=$(cat /etc/cpub-release); fi
|
|
|
|
# Debian/Ubuntu (***) - Set first to Debian
|
|
if [ -e "/etc/debian_version" ]; then
|
|
OS_VERSION=$(cat /etc/debian_version)
|
|
OS_FULLNAME="Debian ${OS_VERSION}"
|
|
LINUX_VERSION="Debian"
|
|
fi
|
|
|
|
# /etc/lsb-release does not exist on Debian
|
|
if [ -e "/etc/debian_version" -a -e /etc/lsb-release ]; then
|
|
OS_VERSION=$(cat /etc/debian_version)
|
|
FIND=$(grep "^DISTRIB_ID=" /etc/lsb-release | cut -d '=' -f2 | sed 's/"//g')
|
|
if [ "${FIND}" = "Ubuntu" ]; then
|
|
OS_VERSION=$(grep "^DISTRIB_RELEASE=" /etc/lsb-release | cut -d '=' -f2)
|
|
OS_FULLNAME="Ubuntu ${OS_VERSION}"
|
|
LINUX_VERSION="Ubuntu"
|
|
elif [ "${FIND}" = "elementary OS" ]; then
|
|
LINUX_VERSION="elementary OS"
|
|
OS_VERSION=$(grep "^DISTRIB_RELEASE=" /etc/lsb-release | cut -d '=' -f2)
|
|
OS_FULLNAME=$(grep "^DISTRIB_DESCRIPTION=" /etc/lsb-release | cut -d '=' -f2 | sed 's/"//g')
|
|
else
|
|
# Catch all, in case it's unclear what specific release this is.
|
|
OS_FULLNAME="Debian ${OS_VERSION}"
|
|
LINUX_VERSION="Debian"
|
|
fi
|
|
# Ubuntu test (optional) $(grep "[Uu]buntu" /proc/version)
|
|
fi
|
|
|
|
# Override for Linux Mint, as that is initially detected as Debian or Ubuntu
|
|
if [ -x /usr/bin/lsb_release ]; then
|
|
FIND=$(lsb_release --id | awk -F: '{ print $2 }' | awk '{ print $1 }')
|
|
if [ "${FIND}" = "LinuxMint" ]; then
|
|
LINUX_VERSION="Linux Mint"
|
|
OS_VERSION=$(lsb_release --release | awk '{ print $2 }')
|
|
OS_FULLNAME="Linux Mint ${OS_VERSION}"
|
|
fi
|
|
fi
|
|
|
|
# E-smith
|
|
if [ -e "/etc/e-smith-release" ]; then OS_FULLNAME=$(cat /etc/e-smith-release); fi
|
|
|
|
# Gentoo
|
|
if [ -e "/etc/gentoo-release" ]; then LINUX_VERSION="Gentoo"; OS_FULLNAME=$(cat /etc/gentoo-release); fi
|
|
|
|
# Red Hat and others
|
|
if [ -z "${LINUX_VERSION}" -a -e "/etc/redhat-release" ]; then
|
|
OS_REDHAT_OR_CLONE=1
|
|
|
|
# CentOS
|
|
if grep "CentOS" /etc/redhat-release; then
|
|
OS_FULLNAME=$(grep "CentOS" /etc/redhat-release)
|
|
LINUX_VERSION="CentOS"
|
|
OS_VERSION="${OS_FULLNAME}"
|
|
fi
|
|
|
|
# ClearOS
|
|
FIND=$(grep "ClearOS" /etc/redhat-release)
|
|
if [ ! "${FIND}" = "" ]; then
|
|
OS_FULLNAME=$(grep "ClearOS" /etc/redhat-release)
|
|
LINUX_VERSION="ClearOS"
|
|
OS_VERSION="${OS_FULLNAME}"
|
|
fi
|
|
|
|
# Fedora
|
|
FIND=$(grep "Fedora" /etc/redhat-release)
|
|
if [ ! "${FIND}" = "" ]; then
|
|
OS_FULLNAME=$(grep "Fedora" /etc/redhat-release)
|
|
OS_VERSION="${OS_FULLNAME}"
|
|
LINUX_VERSION="Fedora"
|
|
fi
|
|
|
|
|
|
# Oracle Enterprise Linux
|
|
FIND=$(grep "Enterprise Linux Enterprise Linux Server" /etc/redhat-release)
|
|
if [ ! "${FIND}" = "" ]; then
|
|
LINUX_VERSION="Oracle Enterprise Linux"
|
|
OS_FULLNAME=$(grep "Enterprise Linux" /etc/redhat-release)
|
|
OS_VERSION="${OS_FULLNAME}"
|
|
fi
|
|
|
|
# Oracle Enterprise Linux
|
|
if [ -e /etc/oracle-release ]; then
|
|
FIND=$(grep "Oracle Linux Server" /etc/oracle-release)
|
|
if [ ! "${FIND}" = "" ]; then
|
|
LINUX_VERSION="Oracle Enterprise Linux"
|
|
OS_FULLNAME=$(grep "Oracle Linux" /etc/oracle-release)
|
|
OS_VERSION="${OS_FULLNAME}"
|
|
fi
|
|
fi
|
|
|
|
# Oracle VM Server
|
|
if [ -e /etc/ovs-release ]; then
|
|
FIND=$(grep "Oracle VM" /etc/ovs-release)
|
|
if [ ! "${FIND}" = "" ]; then
|
|
LINUX_VERSION="Oracle VM Server"
|
|
OS_FULLNAME=$(grep "Oracle VM" /etc/ovs-release)
|
|
OS_VERSION="${OS_FULLNAME}"
|
|
fi
|
|
fi
|
|
|
|
# Scientific
|
|
FIND=$(grep "Scientific" /etc/redhat-release)
|
|
if [ ! "${FIND}" = "" ]; then
|
|
OS_FULLNAME=$(grep "^Scientific" /etc/redhat-release)
|
|
OS_VERSION=$(grep "^Scientific" /etc/redhat-release | awk '{ if ($3=="release") { print $4 } }')
|
|
LINUX_VERSION="Scientific"
|
|
fi
|
|
|
|
if [ -z "${LINUX_VERSION}" ]; then
|
|
# Red Hat
|
|
FIND=$(grep "Red Hat" /etc/redhat-release)
|
|
if [ ! "${FIND}" = "" ]; then
|
|
OS_FULLNAME=$(grep "Red Hat" /etc/redhat-release)
|
|
OS_VERSION="${OS_FULLNAME}"
|
|
LINUX_VERSION="Red Hat"
|
|
fi
|
|
fi
|
|
|
|
fi
|
|
|
|
# PCLinuxOS
|
|
if [ -f /etc/pclinuxos-release ]; then
|
|
FIND=$(grep "^PCLinuxOS" /etc/pclinuxos-release)
|
|
if [ ! "${FIND}" = "" ]; then
|
|
OS_FULLNAME="PCLinuxOS Linux"
|
|
LINUX_VERSION="PCLinuxOS"
|
|
OS_VERSION=$(grep "^PCLinuxOS" /etc/pclinuxos-release | awk '{ if ($2=="release") { print $3 } }')
|
|
fi
|
|
fi
|
|
|
|
# Sabayon Linux
|
|
if [ -f /etc/sabayon-edition ]; then
|
|
FIND=$(grep "Sabayon Linux" /etc/sabayon-edition)
|
|
if [ ! "${FIND}" = "" ]; then
|
|
OS_FULLNAME="Sabayon Linux"
|
|
LINUX_VERSION="Sabayon"
|
|
OS_VERSION=$(awk '{ print $3 }' /etc/sabayon-edition)
|
|
fi
|
|
fi
|
|
|
|
if [ -f /etc/SLOX-release ]; then
|
|
OS_FULLNAME=$(grep "SuSE Linux" /etc/SLOX-release)
|
|
LINUX_VERSION="SuSE"
|
|
fi
|
|
|
|
# Slackware
|
|
if [ -f /etc/slackware-version ]; then
|
|
LINUX_VERSION="Slackware"
|
|
OS_VERSION=$(grep "^Slackware" /etc/slackware-version | awk '{ if ($1=="Slackware") { print $2 } }')
|
|
OS_FULLNAME="Slackware Linux ${OS_VERSION}"
|
|
fi
|
|
|
|
# SuSE
|
|
if [ -e "/etc/SuSE-release" ]; then
|
|
OS_VERSION=$(head -n 1 /etc/SuSE-release)
|
|
LINUX_VERSION="SuSE"
|
|
fi
|
|
|
|
# Turbo Linux
|
|
if [ -e "/etc/turbolinux-release" ]; then OS_FULLNAME=$(cat /etc/turbolinux-release); fi
|
|
|
|
# YellowDog
|
|
if [ -e "/etc/yellowdog-release" ]; then OS_FULLNAME=$(cat /etc/yellowdog-release); fi
|
|
|
|
# VMware
|
|
if [ -e "/etc/vmware-release" ]; then
|
|
OS_FULLNAME=$(cat /etc/vmware-release)
|
|
OS_VERSION=$(uname -r)
|
|
IS_VMWARE_ESXI=$(vmware -vl | grep VMware ESXi)
|
|
if [ ! "${IS_VMWARE_ESXI}" = "" ]; then
|
|
OS_FULLNAME="VMware ESXi ${OS_VERSION}"
|
|
fi
|
|
fi
|
|
|
|
# ===================================================================
|
|
# Set OS name to the discovered Linux version
|
|
if [ ! "${LINUX_VERSION}" = "" -a "${OS_NAME}" = "Linux" ]; then
|
|
OS_NAME="${LINUX_VERSION}"
|
|
fi
|
|
# If Linux version (full name) is unknown, use uname value
|
|
if [ "${OS_FULLNAME}" = "" ]; then OS_FULLNAME=$(uname -s -r); fi
|
|
SYSCTL_READKEY="sysctl -n"
|
|
;;
|
|
|
|
# NetBSD
|
|
NetBSD)
|
|
OS="NetBSD"
|
|
OS_NAME="NetBSD"
|
|
OS_FULLNAME=$(uname -s -r)
|
|
OS_KERNELVERSION=$(uname -v)
|
|
OS_VERSION=$(uname -r)
|
|
HARDWARE=$(uname -m)
|
|
FIND_BINARIES="whereis"
|
|
SYSCTL_READKEY=""
|
|
;;
|
|
|
|
# OpenBSD
|
|
OpenBSD)
|
|
OS="OpenBSD"
|
|
OS_NAME="OpenBSD"
|
|
OS_FULLNAME=$(uname -s -r)
|
|
OS_KERNELVERSION=$(uname -v)
|
|
OS_VERSION=$(uname -r)
|
|
HARDWARE=$(uname -m)
|
|
FIND_BINARIES="whereis"
|
|
SYSCTL_READKEY=""
|
|
;;
|
|
|
|
# Solaris / OpenSolaris / Ilumos ...
|
|
SunOS)
|
|
OS="Solaris"
|
|
OS_KERNELVERSION=$(uname -v)
|
|
OPENSOLARIS=0
|
|
|
|
if [ -f /etc/os-release ]; then
|
|
OS_ID=$(grep "^ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
OS_VERSION=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
|
|
OS_FULLNAME=$(awk -F= '/^PRETTY_NAME=/ {print substr($2,2,length($2)-2)}' /etc/os-release)
|
|
case "${OS_ID}" in
|
|
"solaris")
|
|
OS_NAME="Oracle Solaris"
|
|
;;
|
|
"omnios")
|
|
OS_NAME="OmniOS"
|
|
OPENSOLARIS=1
|
|
;;
|
|
"tribblix")
|
|
OS_NAME="Tribblix"
|
|
OS_FULLNAME="Tribblix ${OS_VERSION}"
|
|
OPENSOLARIS=1
|
|
;;
|
|
"*")
|
|
ReportException "OS Detection" "Unknown OS found in /etc/os-release - Please create issue on GitHub project page: ${PROGRAM_SOURCE}"
|
|
;;
|
|
esac
|
|
elif [ "$(uname -o 2> /dev/null)" == "illumos" ]; then
|
|
OPENSOLARIS=1
|
|
|
|
# Solaris has a free form text file with release information
|
|
if grep "OpenIndiana" /etc/release > /dev/null; then
|
|
OS_NAME="OpenIndiana"
|
|
if grep "Hipster" /etc/release > /dev/null; then
|
|
OS_VERSION="$(tr ' ' '\n' < /etc/release | grep '[[:digit:]]\.[[:digit:]]')"
|
|
OS_FULLNAME="OpenIndiana Hipster $OS_VERSION"
|
|
else
|
|
OS_VERSION="Unknown"
|
|
OS_FULLNAME="OpenIndiana (unknown edition)"
|
|
fi
|
|
elif grep "OmniOS" /etc/release > /dev/null; then
|
|
OS_NAME="OmniOS"
|
|
OS_VERSION="$(tr ' ' '\n' < /etc/release | grep 'r[[:digit:]]')"
|
|
if grep "Community Edition" /etc/release > /dev/null; then
|
|
OS_FULLNAME="OmniOS Community Edition v11 $OS_VERSION"
|
|
fi
|
|
elif grep "SmartOS" /etc/release > /dev/null; then
|
|
OS_NAME="SmartOS"
|
|
OS_VERSION="-"
|
|
OS_FULLNAME="SmartOS"
|
|
else
|
|
OS_NAME="Unknown Illumos"
|
|
fi
|
|
elif grep "SchilliX" /etc/release > /dev/null; then
|
|
OS_NAME="SchilliX"
|
|
OS_FULLNAME="$(head -n 1 /etc/release | xargs)"
|
|
OS_VERSION="$(echo "$OS_FULLNAME" | cut -d '-' -f 2)"
|
|
|
|
OPENSOLARIS=1
|
|
elif head -n 1 < /etc/release | grep "Oracle Solaris" > /dev/null; then
|
|
OS_NAME="Oracle Solaris"
|
|
OS_FULLNAME="$(head -n 1 /etc/release | xargs)"
|
|
OS_VERSION="$(head -n 1 < /etc/release | xargs | cut -d ' ' -f 3)"
|
|
elif head -n 1 < /etc/release | xargs | grep "^Solaris " > /dev/null; then
|
|
OS_NAME="Sun Solaris"
|
|
# Example of /etc/release:
|
|
# Solaris 10 5/08
|
|
# ...
|
|
# Solaris 10 10/09 (Update 8)
|
|
# The first line does not contain the "Update" number,
|
|
# only if present.
|
|
if tail -1 < /etc/release | xargs | grep "^Solaris " > /dev/null; then
|
|
OS_FULLNAME=$(tail -1 < /etc/release | xargs)
|
|
else
|
|
OS_FULLNAME=$(head -1 < /etc/release | xargs)
|
|
fi
|
|
OS_VERSION=$(echo "$OS_FULLNAME" | cut -d ' ' -f 2,3)
|
|
else # Old behaviour
|
|
OS_NAME="Sun Solaris"
|
|
OS_FULLNAME=$(uname -s -r)
|
|
OS_VERSION=$(uname -r)
|
|
fi
|
|
|
|
HARDWARE=$(uname -m)
|
|
if [ -x /usr/bin/isainfo ]; then
|
|
# Returns 32, 64
|
|
OS_MODE=$(/usr/bin/isainfo -b)
|
|
fi
|
|
SYSCTL_READKEY=""
|
|
;;
|
|
|
|
# VMware products
|
|
VMkernel)
|
|
OS="VMware"
|
|
OS_FULLNAME=""
|
|
OS_VERSION=""
|
|
HARDWARE=$(uname -m)
|
|
if [ -e "/etc/vmware-release" ]; then
|
|
OS_FULLNAME=$(cat /etc/vmware-release)
|
|
OS_VERSION=$(uname -r)
|
|
fi
|
|
HAS_VMWARE_UTIL=$(which vmware 2> /dev/null | grep -v "no [^ ]* in ")
|
|
if [ ! "${HAS_VMWARE_UTIL}" = "" ]; then
|
|
IS_VMWARE_ESXI=$(vmware -vl | grep VMware ESXi)
|
|
if [ ! "${IS_VMWARE_ESXI}" = "" ]; then
|
|
OS_NAME="VMware ESXi"
|
|
OS_FULLNAME="VMware ESXi ${OS_VERSION}"
|
|
fi
|
|
fi
|
|
;;
|
|
|
|
|
|
# Unknown or unsupported systems
|
|
*)
|
|
echo "[ ${WARNING}WARNING${NORMAL} ]"
|
|
echo "${WARNING}Error${NORMAL}: ${WHITE}Unknown OS found. No support available yet for this OS or platform...${NORMAL}"
|
|
echo "Please consult the README/documentation for more information."
|
|
exit 1
|
|
;;
|
|
|
|
esac
|
|
|
|
# Set correct echo binary and parameters after detecting operating system
|
|
ECHONB=""
|
|
|
|
case ${OS} in
|
|
"AIX") ECHOCMD="echo"; ECHONB="printf" ;;
|
|
"DragonFly"|"FreeBSD"|"NetBSD") ECHOCMD="echo -e"; ECHONB="echo -n" ;;
|
|
"macOS" | "Mac OS X") ECHOCMD="echo"; ECHONB="/bin/echo -n" ;;
|
|
"Solaris") ECHOCMD="echo" ; test -f /usr/ucb/echo && ECHONB="/usr/ucb/echo -n" ;;
|
|
"Linux")
|
|
# Check if dash is used (Debian/Ubuntu)
|
|
DEFAULT_SHELL=$(ls -l /bin/sh | awk -F'>' '{print $2}')
|
|
case ${DEFAULT_SHELL} in
|
|
" dash") ECHOCMD="/bin/echo -e" ;;
|
|
*) ECHOCMD="echo -e" ;;
|
|
esac
|
|
;;
|
|
*) ECHOCMD="echo -e" ;;
|
|
esac
|
|
|
|
# Check if we have full featured commands, or are using BusyBox as a shell
|
|
if [ -x /bin/busybox ]; then
|
|
if [ -L /bin/ps ]; then
|
|
ShowSymlinkPath /bin/ps
|
|
if [ "${SYMLINK}" = "/bin/busybox" ]; then
|
|
SHELL_IS_BUSYBOX=1
|
|
fi
|
|
fi
|
|
fi
|
|
|
|
# Specific checks for hardware
|
|
|
|
# Detect if we are using a QNAP NAS
|
|
if [ -d /share/CACHEDEV1_DATA/.qpkg ]; then
|
|
QNAP_DEVICE=1
|
|
fi
|
|
|
|
# Check if this OS is end-of-life
|
|
EOL=255
|
|
EOL_DATE=""
|
|
EOL_TIMESTAMP=0
|
|
if [ -n "${OS_VERSION}" ]; then
|
|
if [ -f "${DBDIR}/software-eol.db" ]; then
|
|
FIND="${OS_FULLNAME}"
|
|
EOL_TIMESTAMP=$(awk -v value="${FIND}" -F: '{if ($1=="os" && value ~ $2){print $4}}' ${DBDIR}/software-eol.db | head -n 1)
|
|
if [ -n "${EOL_TIMESTAMP}" ]; then
|
|
EOL_DATE=$(awk -v value="${FIND}" -F: '{if ($1=="os" && value ~ $2){print $3}}' ${DBDIR}/software-eol.db | head -n 1)
|
|
if [ -n "${EOL_DATE}" ]; then
|
|
NOW=$(date "+%s")
|
|
if [ -n "${NOW}" ]; then
|
|
if [ ${NOW} -gt ${EOL_TIMESTAMP} ]; then
|
|
EOL=1
|
|
else
|
|
EOL=0
|
|
fi
|
|
fi
|
|
else
|
|
EOL=0
|
|
fi
|
|
fi
|
|
fi
|
|
fi
|
|
|
|
|
|
#================================================================================
|
|
# Lynis - Security Auditing and System Hardening for Linux and UNIX - https://cisofy.com
|