diff options
| author | Michael Boelen <michael.boelen@cisofy.com> | 2016-08-12 10:57:03 +0300 |
|---|---|---|
| committer | Michael Boelen <michael.boelen@cisofy.com> | 2016-08-12 10:57:03 +0300 |
| commit | 889a57fc030dbd49d775d43ff72bf8059c86122a (patch) | |
| tree | 1bedeec39a8d3c8d138e6575e9a338c5351aa70d | |
| parent | 1a6da634271f7d1a183def15c7240ae4af54259b (diff) | |
Added DBS-1888 to test for Redis bound to localhost
| -rw-r--r-- | db/tests.db | 2 | ||||
| -rw-r--r-- | include/tests_databases | 24 |
2 files changed, 26 insertions, 0 deletions
diff --git a/db/tests.db b/db/tests.db index e44b12cd..aba6acbb 100644 --- a/db/tests.db +++ b/db/tests.db @@ -89,6 +89,8 @@ DBS-1860:test:security:databases::Checking active DB2 instances: DBS-1880:test:security:databases::Checking active Redis processes: DBS-1882:test:security:databases::Redis configuration file: DBS-1884:test:security:databases::Redis configuration (requirepass): +DBS-1886:test:security:databases::Redis configuration (CONFIG command renamed): +DBS-1888:test:security:databases::Redis configuration (bind on localhost): FINT-4310:test:security:file_integrity::AFICK availability: FINT-4314:test:security:file_integrity::AIDE availability: FINT-4315:test:security:file_integrity::Check AIDE configuration file: diff --git a/include/tests_databases b/include/tests_databases index c32bf0a0..53a3d84f 100644 --- a/include/tests_databases +++ b/include/tests_databases @@ -254,6 +254,30 @@ # ################################################################################# # + # Test : DBS-1888 + # Description : Determine Redis configuration option: bind on localhost + if [ ${REDIS_RUNNING} -eq 1 -a ${REDIS_CONFIGURATION_FOUND} -eq 1 ]; then PREQS_METS="YES"; else PREQS_MET="NO"; fi + Register --test-no DBS-1888 --weight L --network NO --preqs-met "${PREQS_MET}" --category security --description "Redis: bind on localhost" + if [ ${SKIPTEST} -eq 0 ]; then + if FileIsReadable ${REDIS_CONFIGURATION}; then + if SearchItem "^bind (localhost|127\.)" "${REDIS_CONFIGURATION}" "--sensitive"; then + LogText "Result: found 'bind on localhost' configured" + AddHP 3 3 + Display --indent 4 --text "- Redis (bind on localhost)" --result "${STATUS_FOUND}" --color GREEN + Report "redis_bind_localhost=1" + else + AddHP 0 3 + Display --indent 4 --text "- Redis (bind on localhost)" --result "${STATUS_NOT_FOUND}" --color YELLOW + ReportSuggestion "${TEST_NO}" "Use 'bind' setting to listen on localhost for Redis instance" "${REDIS_CONFIGURATION}" "solution:configure 'bind localhost' to listen on localhost only" + Report "redis_bind_localhost=0" + fi + else + LogText "Result: test skipped, as we can't read configuration file" + fi + fi +# +################################################################################# +# if [ ${DATABASE_ENGINE_RUNNING} -eq 0 ]; then Display --indent 4 --text "No database engines found" |