diff options
author | mboelen <michael@cisofy.com> | 2016-03-24 12:34:16 +0300 |
---|---|---|
committer | mboelen <michael@cisofy.com> | 2016-03-24 12:34:16 +0300 |
commit | a3084da623d293016ce2ff7144734799249bc456 (patch) | |
tree | 05671c6c23af63d765abb242badb395aa4586b5c | |
parent | c364fbe9b85205facc04998f5a4fb28a4ff55029 (diff) |
Improved templates and examples
-rw-r--r-- | include/tests_custom.template | 124 | ||||
-rw-r--r-- | plugins/custom_plugin.template | 59 |
2 files changed, 120 insertions, 63 deletions
diff --git a/include/tests_custom.template b/include/tests_custom.template index 384843f3..63220bb3 100644 --- a/include/tests_custom.template +++ b/include/tests_custom.template @@ -5,67 +5,107 @@ # Here you could insert your own custom checks # # Tips: -# - Make sure to use each test ID only once in Register function +# - Make sure to use each test ID only once in Register function and prefix them with CUST # - Use big steps in numbering, so you can easily put tests in between # - Want to improve Lynis? Share your checks! # ################################################################################# # -# This has already been inserted, but you might reuse it to split your tests -# InsertSection "Custom Checks" -# -################################################################################# -# - # Test : CUST-0010 - # Author : Your name <e-mail address> - # Description : Check for something interesting - template - # Notes : This test first checks if OpenSSL binary was found + # Test : CUST-0001 + # Description : We show some lines on the screen - # * Prerequisites Check - # ----------------------- - # - # Check first if any dependency. If it doesn't meet, the test will be skipped after registration (SKIPTEST == 1) - # - # Examples: - # -f /etc/file = Test if file exists - # -d /var/run/mydirectory = Test if directory exists - # ${MYVARIABLE} -eq 1 = Test if variable is set to 1 - # "${MYVARIABLE}" = "Value" = Test if variable is equal to specific value + # Register our first custom test + # We consider it to be a lightweight test (no heavy IO, or long searches), no network connection needed + Register --test-no CUST-0001 --weight L --network NO --description "A test case for colors and text display" + if [ ${SKIPTEST} -eq 0 ]; then + # The Display function makes it easy to show something on screen, with colors. + # --indent defines amount of spaces + # --text text to be displayed on screen + # --result text at end of line + # --color color of result text + Display --indent 2 --text "- Checking if everything is OK..." --result OK --color GREEN + Display --indent 4 --text "This shows one level deeper " --result NOTICE --color YELLOW + Display --indent 6 --text "And even deeper" --result WARNING --color RED - if [ -f /etc/myfile ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi + # Here we could add specific tests, like testing for a directory + # Most tests use the "if-then-else". If something is true, take one step, otherwise the other. + if [ -d /tmp ]; then + LogText "Result: we have a temporary directory" + else + LogText "Result: no temporary directory found" + fi - # * Registration of Test - # ------------------------ - # - # Register the test, with custom ID CUST-0010, and only execute it when the prerequisites were met - Register --test-no CUST-0010 --preqs-met ${PREQS_MET} --weight L --network NO --description "Description of what this test does" + # Common examples to use: + # if [ -f /etc/file ]; then = Test if file exists + # if [ -d /var/run/mydirectory ]; then = Test if directory exists + # if [ ${MYVARIABLE} -eq 1 ]; then = Test if variable is set to 1 + # if [ "${MYVARIABLE}" = "Value" ]; then = Test if variable is equal to specific value - # Or we could use this test without any dependencies - # Register --test-no CUST-0010 --weight L --network NO --description "Description of what this test does" + if [ -f /etc/file ]; then + LogText "Result: Found file /etc/file" + elif [ -f /etc/file2 ]; then + LogText "Result: Found file /etc/file2" + else + LogText "Result: both /etc/file and /etc/file2 not found" + fi - # If everything is fine, perform test - if [ ${SKIPTEST} -eq 0 ]; then - FOUND=0 - LogText "Test: checking something" - if [ ${FOUND} -eq 0 ]; then - Display --indent 4 --text "- Performing custom test" --result OK --color GREEN - LogText "Result: the test result looks great!" + # If a single value is stored in a variable, using case is effective. + case ${OS} in + # Only match one value + "Linux") + LogText "Found Linux" + Display --indent 2 --text "OS: Linux" --result OK --color GREEN + ;; + # Matching several platforms + "FreeBSD"|"NetBSD"|"OpenBSD") + LogText "Found an operating system based on BSD" + Display --indent 2 --text "OS: *BSD" --result OK --color GREEN + # Catch-all for unknown values + *) + LogText "Did find another operating system" + ;; + esac - # Optional: create a suggestion after a specific finding - #ReportSuggestion "${TEST_NO}" "This is my suggestion to improve the system even further." + # Show a warning on screen and in the report. We can specify a detail and how to solve it. + ReportWarning "${TEST_NO}" "Something was wrong and should be fixed" "/etc/motd" "text:Change your motd" + ReportSuggestion "${TEST_NO}" "Check if this process is running" "apache" "url:https://cisofy.com/support/" + fi +# +################################################################################# +# + # Add a new section to screen output + InsertSection "Other Tests" +# +################################################################################# +# + # First check if OPENSSLBINARY is known as a prerequisite for this test. + if [ ! "${OPENSSLBINARY}" = "" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi + Register --test-no CUST-0002 --preqs-met ${PREQS_MET} --weight M --network NO --description "Description of custom test" + if [ ${SKIPTEST} -eq 0 ]; then + FOUNDPROBLEM=0 + DIR="/my/path" + LogText "Test: we are going to check if we can find a particular directory (${DIR})" + # Check if a directory exists + if [ -d ${DIR} ]; then + LogText "Result: log entry for easier debugging or additional information" + else + FOUNDPROBLEM=1 + LogText "Result: directory ${DIR} was not found!" + ReportWarning "${TEST_NO}" "This is a test warning line" "${DIR}" "text:Create directory ${DIR}" + fi + if [ ${FOUNDPROBLEM} -eq 0 ]; then + Display --indent 2 --text "- Checking if everything is OK..." --result OK --color GREEN else - Display --indent 4 --text "- Performing custom test" --result WARNING --color RED - LogText "Result: this test had a bad result :(" - # Throw a warning to the screen and report - ReportWarning ${TEST_NO} "M" "This is a warning message" + Display --indent 2 --text "- Checking if everything is OK..." --result WARNING --color RED + ReportSuggestion ${TEST_NO} "This is a suggestion" fi fi - # ################################################################################# # +# Wait for keypress (unless --quick is being used) wait_for_keypress # diff --git a/plugins/custom_plugin.template b/plugins/custom_plugin.template index d0a16cfc..8890cec1 100644 --- a/plugins/custom_plugin.template +++ b/plugins/custom_plugin.template @@ -1,11 +1,12 @@ #!/bin/sh + # -------------------------- CUT THIS SECTION --------------------------- -# This is a template to create a personal plugin +# This is a template to create a customized plugin # # Each plugin should at least have several variables defined with the # prefix PLUGIN_* (see below) # -# To add a section header, use the InsertSection function (see below) +# If you want to learn what functions you can use, check include/functions # # -------------------------- CUT THIS SECTION --------------------------- @@ -19,43 +20,59 @@ # PLUGIN_NAME=[plugin_name] # PLUGIN_REQUIRED_TESTS= #----------------------------------------------------- -######################################################################### # +######################################################################### # + # Add custom section to screen output + InsertSection "Custom Plugin" # -######################################################################### +################################################################################# # -# Add custom section to screen output -# InsertSection "Personal Plugin" + # Test : CUST-0001 + # Description : We show some lines on the screen + + # Register our first custom test + # We consider it to be a lightweight test (no heavy IO, or long searches), no network connection needed + Register --test-no CUST-0001 --weight L --network NO --description "A test case for colors and text display" + if [ ${SKIPTEST} -eq 0 ]; then + # The Display function makes it easy to show something on screen, with colors. + # --indent defines amount of spaces + # --text text to be displayed on screen + # --result text at end of line + # --color color of result text + Display --indent 2 --text "- Checking if everything is OK..." --result OK --color GREEN + Display --indent 4 --text "This shows one level deeper " --result NOTICE --color YELLOW + Display --indent 6 --text "And even deeper" --result WARNING --color RED + + # Show a warning on screen and in the report. We can specify a detail and how to solve it. + ReportWarning "${TEST_NO}" "Something was wrong and should be fixed" "/etc/motd" "text:Change your motd" + ReportSuggestion "${TEST_NO}" "Check if this process is running" "apache" "url:https://cisofy.com/support/" + fi # ################################################################################# # - # Test : CUS-0000 - # Description : check for an ordinary directory! # First check if OPENSSLBINARY is known as a prerequisite for this test. if [ ! -z "${OPENSSLBINARY}" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi - Register --test-no CUS-0000 --preqs-met ${PREQS_MET} --weight L --network NO --description "Description of custom test" - - # Just do check without any prerequisites - Register --test-no CUS-0000 --weight L --network NO --description "Description of custom test" + Register --test-no CUST-0001 --preqs-met ${PREQS_MET} --weight M --network NO --description "Description of custom test" if [ ${SKIPTEST} -eq 0 ]; then FOUNDPROBLEM=0 + DIR="/my/path" + LogText "Test: we are going to check if we can find a particular directory (${DIR})" # Check if a directory exists - if [ -d /my/path ]; then - logtext "Result: log entry for easier debugging or additional information" - else - FOUNDPROBLEM=1 - logtext "Result: problem found!" - ReportWarning ${TEST_NO} "M" "This is a test warning line" + if [ -d ${DIR} ]; then + LogText "Result: log entry for easier debugging or additional information" + else + FOUNDPROBLEM=1 + LogText "Result: directory ${DIR} was not found!" + ReportWarning "${TEST_NO}" "This is a test warning line" "${DIR}" "text:Create directory ${DIR}" fi if [ ${FOUNDPROBLEM} -eq 0 ]; then - Display --indent 2 --text "- Checking xxx..." --result OK --color GREEN + Display --indent 2 --text "- Checking if everything is OK..." --result OK --color GREEN else - Display --indent 2 --text "- Checking xxx..." --result WARNING --color RED + Display --indent 2 --text "- Checking if everything is OK..." --result WARNING --color RED ReportSuggestion ${TEST_NO} "This is a suggestion" - ReportWarning ${TEST_NO} "M" "This is a medium level warning" fi fi # |