Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/CISOfy/lynis.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMichael Boelen <michael.boelen@cisofy.com>2017-09-16 15:08:26 +0300
committerMichael Boelen <michael.boelen@cisofy.com>2017-09-16 15:08:26 +0300
commit499f7d5015b3d31a8ad3b0e555e72916a846c2cb (patch)
treeaf4db12aefd4cca1cd39d97ae6d43b4192878db3
parentccf9db18f85e480ed18dfd2d502b23f017fd0767 (diff)
Improve process detection
Diffstat
-rw-r--r--include/binaries10
-rw-r--r--include/consts1
-rw-r--r--include/functions13
3 files changed, 15 insertions, 9 deletions
diff --git a/include/binaries b/include/binaries
index 3e295583..1cd7e3d1 100644
--- a/include/binaries
+++ b/include/binaries
@@ -173,7 +173,7 @@
lsattr) LSATTRFOUND=1; LSATTRBINARY="${BINARY}"; LogText " Found known binary: lsattr (file attributes) - ${BINARY}" ;;
lsmod) LSMODFOUND=1; LSMODBINARY="${BINARY}"; LogText " Found known binary: lsmod (kernel modules) - ${BINARY}" ;;
lsof) LSOFFOUND=1; LSOFBINARY="${BINARY}"; LogText " Found known binary: lsof (open files) - ${BINARY}" ;;
- lynx) LYNXFOUND=1; LYNXBINARY="${BINARY}"; LYNXVERSION=$(${BINARY} -version | grep "^Lynx Version" | cut -d ' ' -f3); LogText "Found known binary: lynx (browser) - ${BINARY} (version ${LYNXVERSION})" ;;
+ lynx) LYNXFOUND=1; LYNXBINARY="${BINARY}"; LYNXVERSION=$(${BINARY} -version | grep "^Lynx Version" | cut -d ' ' -f3); LogText "Found known binary: lynx (browser) - ${BINARY} (version ${LYNXVERSION})" ;;
maldet) LMDFOUND=1; LMDBINARY="${BINARY}"; MALWARE_SCANNER_INSTALLED=1; LogText " Found known binary: maldet (Linux Malware Detect, malware scanner) - ${BINARY}" ;;
md5) MD5FOUND=1; MD5BINARY="${BINARY}"; LogText " Found known binary: md5 (hash tool) - ${BINARY}" ;;
md5sum) MD5FOUND=1; MD5BINARY="${BINARY}"; LogText " Found known binary: md5sum (hash tool) - ${BINARY}" ;;
@@ -185,13 +185,13 @@
mysql) MYSQLCLIENTFOUND=1; MYSQLCLIENTBINARY="${BINARY}"; MYSQLCLIENTVERSION=$(${BINARY} -V | awk '{ if ($4=="Distrib") { print $5 }}' | sed 's/,//g') ; LogText "Found ${BINARY} (version: ${MYSQLCLIENTVERSION})" ;;
netstat) NETSTATFOUND=1; NETSTATBINARY="${BINARY}"; LogText " Found known binary: netstat (network statistics) - ${BINARY}" ;;
nft) NFTFOUND=1; NFTBINARY="${BINARY}"; LogText " Found known binary: nft (nftables client) - ${BINARY}" ;;
- nmap) NMAPFOUND=1; NMAPBINARY="${BINARY}"; NMAPVERSION=$(${BINARY} -V | grep "^Nmap version" | awk '{ print $3 }'); LogText "Found ${BINARY} (version ${NMAPVERSION})" ;;
+ nmap) NMAPFOUND=1; NMAPBINARY="${BINARY}"; NMAPVERSION=$(${BINARY} -V | grep "^Nmap version" | awk '{ print $3 }'); LogText "Found ${BINARY} (version ${NMAPVERSION})" ;;
ntpq) NTPQFOUND=1; NTPQBINARY="${BINARY}"; LogText " Found known binary ntpq (time daemon client) - ${BINARY}" ;;
osiris) OSIRISFOUND=1; OSIRISBINARY="${BINARY}"; LogText " Found known binary: osiris - ${BINARY}" ;;
- openssl) OPENSSLFOUND=1; OPENSSLBINARY="${BINARY}"; OPENSSLVERSION=$(${BINARY} version 2> /dev/null | head -n 1 | awk '{ print $2 }' | xargs); LogText "Found ${BINARY} (version ${OPENSSLVERSION})" ;;
+ openssl) OPENSSLFOUND=1; OPENSSLBINARY="${BINARY}"; OPENSSLVERSION=$(${BINARY} version 2> /dev/null | head -n 1 | awk '{ print $2 }' | xargs); LogText "Found ${BINARY} (version ${OPENSSLVERSION})" ;;
pacman) PACMANFOUND=1; PACMANBINARY="${BINARY}"; LogText " Found known binary: pacman (package manager) - ${BINARY}" ;;
- perl) PERLFOUND=1; PERLBINARY="${BINARY}"; PERLVERSION=$(${BINARY} -V:version | sed 's/^version=//' | sed 's/;//' | xargs); LogText "Found ${BINARY} (version ${PERLVERSION})" ;;
- pgrep) PGREPBINARY=${BINARY}; LogText " Found known binary: pgrep (search in process list) - ${BINARY}" ;;
+ perl) PERLFOUND=1; PERLBINARY="${BINARY}"; PERLVERSION=$(${BINARY} -V:version | sed 's/^version=//' | sed 's/;//' | xargs); LogText "Found ${BINARY} (version ${PERLVERSION})" ;;
+ pgrep) PGREPBINARY="${BINARY}"; LogText " Found known binary: pgrep (search in process list) - ${BINARY}" ;;
php) PHPFOUND=1; PHPBINARY="${BINARY}"; PHPVERSION=$(${BINARY} -v | awk '{ if ($1=="PHP") { print $2 }}' | head -1); LogText "Found known binary: php (programming language interpreter) - ${BINARY} (version ${PHPVERSION})" ;;
pkg)
PKG_BINARY="${BINARY}"
diff --git a/include/consts b/include/consts
index 21f3af02..19ef079b 100644
--- a/include/consts
+++ b/include/consts
@@ -195,6 +195,7 @@ unset LANG
PAM_PASSWORD_UXHISTORY_ENABLED=0
PFCTLBINARY=""
PFFOUND=0
+ PGREPBINARY=""
PIDFILE=""
PKG_BINARY=""
PKGADMINBINARY=""
diff --git a/include/functions b/include/functions
index 1f073112..e4036825 100644
--- a/include/functions
+++ b/include/functions
@@ -1245,10 +1245,15 @@
IsRunning() {
if [ $# -eq 0 ]; then ExitFatal "Missing parameter when calling IsRunning function"; fi
RUNNING=0
- PSOPTIONS=" -o args="
- if [ ${SHELL_IS_BUSYBOX} -eq 0 ]; then PSOPTIONS=" -o args= -C $1"; fi
- FIND=$(${PSBINARY} ${PSOPTIONS} | egrep "( |/)$1" | grep -v "grep")
- if [ ! "${FIND}" = "" ]; then
+ if [ ! -z "${PGREPBINARY}" ]; then
+ FIND=$(${PGREPBINARY} -x $1)
+ else
+ PSOPTIONS=" -o args="
+ if [ ${SHELL_IS_BUSYBOX} -eq 0 ]; then PSOPTIONS=" -o args= -C $1"; fi
+ FIND=$(${PSBINARY} ${PSOPTIONS} | egrep "( |/)$1" | grep -v "grep")
+ fi
+
+ if [ ! -z "${FIND}" ]; then
RUNNING=1
LogText "IsRunning: process '$1' found (${FIND})"
return 0
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-30 03:09:47 +0300