diff options
| author | Topi Miettinen <toiwoton@gmail.com> | 2020-03-19 20:45:37 +0300 |
|---|---|---|
| committer | Topi Miettinen <toiwoton@gmail.com> | 2020-03-19 20:45:37 +0300 |
| commit | fb9cdb5c435963b24ea98a729b133fb7714c1592 (patch) | |
| tree | 67cf09b671daa5ecd8576d5eb5fcc985585f8368 /include/binaries | |
| parent | 6d9ebe41365aaf51e41ca4bd322b93a6104e7322 (diff) | |
Enhance SELinux checks
Display and log: permissive types (rules are not enforced), unconfined
processes (not confined by rules) and processes with initrc_t
type (generic type with weak rules).
Signed-off-by: Topi Miettinen <toiwoton@gmail.com>
Diffstat (limited to 'include/binaries')
| -rw-r--r-- | include/binaries | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/include/binaries b/include/binaries index 3f5d72ea..a14434a1 100644 --- a/include/binaries +++ b/include/binaries @@ -249,7 +249,8 @@ samhain) SAMHAINBINARY="${BINARY}"; LogText " Found known binary: samhain (integrity tool) - ${BINARY}" ;; service) SERVICEBINARY="${BINARY}"; LogText " Found known binary: service (system services) - ${BINARY}" ;; sed) SEDBINARY="${BINARY}"; LogText " Found known binary: sed (text stream editor) - ${BINARY}" ;; - sestatus) SESTATUSBINARY="${BINARY}"; LogText " Found known binary: sestatus (SELinux client) - ${BINARY}" ;; + semanage) SEMANAGEBINARY="${BINARY}"; LogText " Found known binary: semanage (SELinux policy management tool) - ${BINARY}" ;; + sestatus) SESTATUSBINARY="${BINARY}"; LogText " Found known binary: sestatus (SELinux status tool) - ${BINARY}" ;; slocate) LOCATEBINARY="${BINARY}"; LogText " Found known binary: slocate (file database) - ${BINARY}" ;; smbd) SMBDBINARY="${BINARY}"; if [ "${OS}" = "macOS" ]; then SMBDVERSION="unknown"; else SMBDVERSION=$(${BINARY} -V | grep "^Version" | awk '{ print $2 }'); fi; LogText "Found ${BINARY} (version ${SMBDVERSION})" ;; smtpctl) SMTPCTLBINARY="${BINARY}"; LogText " Found known binary: smtpctl (OpenSMTPD client) - ${BINARY}" ;; |