diff options
author | Michael Boelen <michael.boelen@cisofy.com> | 2019-08-21 14:41:23 +0300 |
---|---|---|
committer | Michael Boelen <michael.boelen@cisofy.com> | 2019-08-21 14:41:23 +0300 |
commit | ee18e76e976eef981a36a702b6ee0504f0cce645 (patch) | |
tree | fb42518b0249377433d1b177f195036710c95059 | |
parent | a7145688423c6a36b9394a0a8162b3dd59e61158 (diff) |
Preparations for forensics scan mode
-rw-r--r-- | include/consts | 1 | ||||
-rw-r--r-- | include/helper_show | 2 | ||||
-rw-r--r-- | include/parameters | 63 | ||||
-rw-r--r-- | include/report | 14 | ||||
-rwxr-xr-x | lynis | 11 |
5 files changed, 50 insertions, 41 deletions
diff --git a/include/consts b/include/consts index 8e98a833..9235b5f4 100644 --- a/include/consts +++ b/include/consts @@ -114,6 +114,7 @@ unset LANG FIND="" FIREWALL_ACTIVE=0 FOUNDPATH=0 + FORENSICS=0 GETENT_BINARY="" GRADMBINARY="" GREPBINARY="grep" diff --git a/include/helper_show b/include/helper_show index 260518d6..594be15b 100644 --- a/include/helper_show +++ b/include/helper_show @@ -30,7 +30,7 @@ COMMANDS="audit configure generate show update upload-only" HELPERS="audit configure show update" -OPTIONS="--auditor\n--cronjob (--cron)\n--debug\n--developer\n--help (-h)\n--license-key\n--log-file\n--manpage (--man)\n--no-colors\n--no-log\n--pentest\n--profile\n--plugin-dir\n--quick (-Q)\n--quiet (-q)\n--report-file\n--reverse-colors\n--skip-plugins\n--tests\n--tests-from-category\n--tests-from-group\n--usecwd\n--upload\n--verbose\n--version (-V)\n--wait\n--warnings-only" +OPTIONS="--auditor\n--cronjob (--cron)\n--debug\n--developer\n--forensics\n--help (-h)\n--log-file\n--manpage (--man)\n--no-colors\n--no-log\n--pentest\n--profile\n--plugin-dir\n--quick (-Q)\n--quiet (-q)\n--report-file\n--reverse-colors\n--skip-plugins\n--tests\n--tests-from-category\n--tests-from-group\n--usecwd\n--upload\n--verbose\n--version (-V)\n--wait\n--warnings-only" SHOW_ARGS="categories changelog commands dbdir details environment eol groups help hostids includedir language license logfile man options os pidfile plugindir profiles release releasedate report settings tests version workdir" SHOW_HELP="lynis show ${BROWN}categories${NORMAL} (display test categories) diff --git a/include/parameters b/include/parameters index 49c0f495..483f2193 100644 --- a/include/parameters +++ b/include/parameters @@ -247,29 +247,9 @@ DEVELOPER_MODE=1 ;; - # Display all available options with short alias - --dump-options | --dumpoptions) - OPTIONS="--auditor - --check-all_(-c) --cronjob_(--cron) - --debug - --help_(-h) - --info - --license-key --log-file - --manpage_(--man) - --no-colors --no-log - --pentest --profile --plugins-dir - --quiet_(-q) --quick_(-Q) - --report-file --reverse-colors - --tests - --upload - --version_(-V)" - for ITEM in ${OPTIONS}; do - echo "${ITEM}" | tr '_' ' ' - done - echo "This option is deprecated" - echo "Use: lynis show options" - - ExitClean + # Enable forensics mode (gather information from a mounted directory) + --forensics) + FORENSICS=1 ;; # View help @@ -277,19 +257,6 @@ VIEWHELP=1 ;; - # View program/database information - --check-update | --check-updates | --info) - echo "This option is deprecated" - echo "Use: lynis update info" - ExitClean - ;; - - # License key for Lynis Enterprise - --license-key) - shift - LICENSE_KEY=$1 - ;; - # Adjust default logfile location --logfile | --log-file) shift @@ -455,6 +422,30 @@ exit 1 ;; + # Soon to be deprecated options + + # View program/database information + --check-update | --check-updates | --info) + echo "This option is deprecated" + echo "Use: lynis update info" + ExitFatal + ;; + + # Display all available options with short alias + --dump-options | --dumpoptions) + echo "This option is deprecated" + echo "Use: lynis show options" + ExitFatal + ;; + + # License key for Lynis Enterprise + --license-key) + echo "This option is deprecated" + echo "Define a license key in /etc/lynis/custom.prf" + ExitFatal + ;; + + # Drop out when using wrong option(s) *) # Wrong option used, we bail out later diff --git a/include/report b/include/report index c340da53..1ec93ffa 100644 --- a/include/report +++ b/include/report @@ -215,6 +215,20 @@ echo " - Malware scanner [${MALWARE}${NORMAL}]" echo "" + echo " ${SECTION}Scan mode${NORMAL}:" + if [ ${FORENSICS} -eq 1 ]; then + echo " Normal [ ] Forensics [V] Pentest [ ]" + elif [ ${PENTESTINGMODE} -eq 1 ]; then + if [ ${PRIVILEGED} -eq 0 ]; then + echo " Normal [ ] Forensics [ ] Pentest [V] (running non-privileged)" + else + echo " Normal [ ] Forensics [ ] Pentest [V] (running privileged)" + fi + else + echo " Normal [V] Forensics [ ] Pentest [ ]" + fi + echo "" + echo " ${SECTION}Lynis modules${NORMAL}:" if [ ${COMPLIANCE_TESTS_PERFORMED} -eq 1 ]; then if [ ${COMPLIANCE_FINDINGS_FOUND} -eq 0 ]; then COMPLIANCE="${GREEN}V"; else COMPLIANCE="${RED}X"; fi @@ -429,10 +429,9 @@ ${YELLOW}Note: ${WHITE}Cancelling the program can leave temporary files behind${ ${WHITE}Options:${NORMAL} - ${GRAY}--no-log${NORMAL} : Don't create a log file - ${GRAY}--pentest${NORMAL} : Non-privileged scan (useful for pentest) - ${GRAY}--profile ${BROWN}<profile>${NORMAL} : Scan the system with the given profile file - ${GRAY}--quick (-Q)${NORMAL} : Quick mode, don't wait for user input + ${WHITE}Alternative system audit modes${NORMAL} + ${GRAY}--forensics${NORMAL} : Perform forensics on a running or mounted system + ${GRAY}--pentest${NORMAL} : Non-privileged, show points of interest for pentesting ${WHITE}Layout options${NORMAL} ${GRAY}--no-colors${NORMAL} : Don't use colors in output @@ -441,9 +440,12 @@ ${YELLOW}Note: ${WHITE}Cancelling the program can leave temporary files behind${ ${WHITE}Misc options${NORMAL} ${GRAY}--debug${NORMAL} : Debug logging to screen + ${GRAY}--no-log${NORMAL} : Don't create a log file + ${GRAY}--profile ${BROWN}<profile>${NORMAL} : Scan the system with the given profile file ${GRAY}--view-manpage (--man)${NORMAL} : View man page ${GRAY}--verbose${NORMAL} : Show more details on screen ${GRAY}--version (-V)${NORMAL} : Display version number and quit + ${GRAY}--wait${NORMAL} : Wait between a set of tests ${WHITE}Enterprise options${NORMAL} ${GRAY}--plugindir ${BROWN}<path>${NORMAL} : Define path of available plugins @@ -451,6 +453,7 @@ ${YELLOW}Note: ${WHITE}Cancelling the program can leave temporary files behind${ More options available. Run '$0 show options', or use the man page. + " if [ ${WRONGOPTION} -eq 1 ]; then |