diff options
| author | Michael Boelen <michael.boelen@cisofy.com> | 2016-07-24 18:22:00 +0300 |
|---|---|---|
| committer | Michael Boelen <michael.boelen@cisofy.com> | 2016-07-24 18:22:00 +0300 |
| commit | 2f4c854ba7790d1c8fb8c664daea6c971f18aa72 (patch) | |
| tree | c3eed34233a165d56df1173b3f08e047b47ae47e /include/tests_accounting | |
| parent | 0b5af4ed387ea0582181e56a56609c4a633cb91f (diff) | |
Rename of categories, introduction of groups
Diffstat (limited to 'include/tests_accounting')
| -rw-r--r-- | include/tests_accounting | 30 |
1 files changed, 15 insertions, 15 deletions
diff --git a/include/tests_accounting b/include/tests_accounting index 22cbd4eb..70b43450 100644 --- a/include/tests_accounting +++ b/include/tests_accounting @@ -32,7 +32,7 @@ # # Test : ACCT-2754 # Description : Check availability FreeBSD accounting data - Register --test-no ACCT-2754 --os FreeBSD --weight L --network NO --description "Check for available FreeBSD accounting information" + Register --test-no ACCT-2754 --os FreeBSD --weight L --network NO --category security --description "Check for available FreeBSD accounting information" if [ ${SKIPTEST} -eq 0 ]; then if [ -f /var/account/acct ]; then Display --indent 2 --text "- Checking accounting information" --result "${STATUS_OK}" --color GREEN @@ -51,7 +51,7 @@ # # Test : ACCT-2760 # Description : Check availability OpenBSD accounting data - Register --test-no ACCT-2760 --os OpenBSD --weight L --network NO --description "Check for available OpenBSD accounting information" + Register --test-no ACCT-2760 --os OpenBSD --weight L --network NO --category security --description "Check for available OpenBSD accounting information" if [ ${SKIPTEST} -eq 0 ]; then if [ -f /var/account/acct ]; then Display --indent 2 --text "- Checking accounting information" --result "${STATUS_OK}" --color GREEN @@ -71,7 +71,7 @@ # Test : ACCT-9622 # Description : Check availability Linux accounting data # Notes : /var/log/pacct (Slackware) - Register --test-no ACCT-9622 --os Linux --weight L --network NO --description "Check for available Linux accounting information" + Register --test-no ACCT-9622 --os Linux --weight L --network NO --category security --description "Check for available Linux accounting information" if [ ${SKIPTEST} -eq 0 ]; then LogText "Test: Check accounting information" if [ -f /var/account/pacct ]; then @@ -99,7 +99,7 @@ # # Test : ACCT-9626 # Description : Check sysstat accounting data - Register --test-no ACCT-9626 --os Linux --weight L --network NO --description "Check for sysstat accounting data" + Register --test-no ACCT-9626 --os Linux --weight L --network NO --category security --description "Check for sysstat accounting data" if [ ${SKIPTEST} -eq 0 ]; then LogText "Test: check /etc/default/sysstat presence" if [ -f /etc/default/sysstat ]; then @@ -135,7 +135,7 @@ # Test : ACCT-9628 # Description : Check auditd status if [ ! "${AUDITDBINARY}" = "" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi - Register --test-no ACCT-9628 --os Linux --weight L --network NO --description "Check for auditd" + Register --test-no ACCT-9628 --os Linux --weight L --network NO --category security --description "Check for auditd" if [ ${SKIPTEST} -eq 0 ]; then LogText "Test: Check auditd status" # Should not get kauditd @@ -164,7 +164,7 @@ # Test : ACCT-9630 # Description : Check auditd rules if [ ! "${AUDITDBINARY}" = "" -a ! "${AUDITCTLBINARY}" = "" -a ${LINUX_AUDITD_RUNNING} -eq 1 ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi - Register --test-no ACCT-9630 --os Linux --preqs-met ${PREQS_MET} --weight L --network NO --root-only YES --description "Check for auditd rules" + Register --test-no ACCT-9630 --os Linux --preqs-met ${PREQS_MET} --weight L --network NO --root-only YES --category security --description "Check for auditd rules" if [ ${SKIPTEST} -eq 0 ]; then LogText "Test: Checking auditd rules" FIND=`${AUDITCTLBINARY} -l | grep -v "No rules"` @@ -190,7 +190,7 @@ # Test : ACCT-9632 # Description : Check auditd configuration file if [ ! "${AUDITDBINARY}" = "" -a ${LINUX_AUDITD_RUNNING} -eq 1 ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi - Register --test-no ACCT-9632 --os Linux --preqs-met ${PREQS_MET} --weight L --network NO --description "Check for auditd configuration file" + Register --test-no ACCT-9632 --os Linux --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check for auditd configuration file" if [ ${SKIPTEST} -eq 0 ]; then LogText "Test: Checking auditd configuration file" for I in ${AUDITD_CONF_LOCS}; do @@ -216,7 +216,7 @@ # Test : ACCT-9634 # Description : Check auditd log file if [ ! "${AUDITDBINARY}" = "" -a ${LINUX_AUDITD_RUNNING} -eq 1 -a ! "${AUDITD_CONF_FILE}" = "" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi - Register --test-no ACCT-9634 --os Linux --preqs-met ${PREQS_MET} --weight L --network NO --description "Check for auditd log file" + Register --test-no ACCT-9634 --os Linux --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check for auditd log file" if [ ${SKIPTEST} -eq 0 ]; then LogText "Test: Checking auditd log file" FIND=`grep "^log_file" ${AUDITD_CONF_FILE} | ${AWKBINARY} '{ if ($1=="log_file" && $2=="=") { print $3 } }'` @@ -243,7 +243,7 @@ # # Test : ACCT-9636 # Description : Check for Snoopy (wrapper for execve() and logger) - Register --test-no ACCT-9636 --os Linux --weight L --network NO --description "Check for Snoopy wrapper and logger" + Register --test-no ACCT-9636 --os Linux --weight L --network NO --category security --description "Check for Snoopy wrapper and logger" if [ ${SKIPTEST} -eq 0 ]; then FILE="/lib/snoopy.so" if [ -f ${FILE} ]; then @@ -274,7 +274,7 @@ # # Test : ACCT-9650 # Description : Check Solaris audit daemon presence - Register --test-no ACCT-9650 --os Solaris --weight L --network NO --description "Check Solaris audit daemon" + Register --test-no ACCT-9650 --os Solaris --weight L --network NO --category security --description "Check Solaris audit daemon" if [ ${SKIPTEST} -eq 0 ]; then LogText "Test: check if audit daemon is running" IsRunning auditd @@ -294,7 +294,7 @@ # Test : ACCT-9652 # Description : Check Solaris auditd service status if [ -x /usr/bin/svcs -a ${SOLARIS_AUDITD_RUNNING} -eq 1 ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi - Register --test-no ACCT-9652 --os Solaris --preqs-met ${PREQS_MET} --weight L --network NO --description "Check auditd SMF status" + Register --test-no ACCT-9652 --os Solaris --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check auditd SMF status" if [ ${SKIPTEST} -eq 0 ]; then LogText "Test: check if auditd service is enabled and online" FIND=`/usr/bin/svcs svc:/system/auditd:default | grep "^online"` @@ -312,7 +312,7 @@ # Test : ACCT-9654 # Description : Check Solaris Basic Security Mode (BSM) in /etc/system if [ ${SOLARIS_AUDITD_RUNNING} -eq 1 ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi - Register --test-no ACCT-9654 --os Solaris --preqs-met ${PREQS_MET} --weight L --network NO --description "Check BSM auditing in /etc/system" + Register --test-no ACCT-9654 --os Solaris --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check BSM auditing in /etc/system" if [ ${SKIPTEST} -eq 0 ]; then LogText "Test: check if BSM is enabled in /etc/system" if [ -f /etc/system ]; then @@ -333,7 +333,7 @@ # Test : ACCT-9656 # Description : Check Solaris BSM (c2audit) module status if [ ${SOLARIS_AUDITD_RUNNING} -eq 1 ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi - Register --test-no ACCT-9656 --os Solaris --preqs-met ${PREQS_MET} --weight L --network NO --description "Check BSM auditing in module list" + Register --test-no ACCT-9656 --os Solaris --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check BSM auditing in module list" if [ ${SKIPTEST} -eq 0 ]; then LogText "Test: check if c2audit module is active" if [ -x /usr/sbin/modinfo ]; then @@ -355,7 +355,7 @@ # Test : ACCT-9662 # Description : Check location for audit events if [ ${SOLARIS_AUDITD_RUNNING} -eq 1 ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi - Register --test-no ACCT-9660 --os Solaris --preqs-met ${PREQS_MET} --weight L --network NO --description "Check location of audit events" + Register --test-no ACCT-9660 --os Solaris --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check location of audit events" if [ ${SKIPTEST} -eq 0 ]; then LogText "Test: check /etc/security/audit_control for event logging location" if [ -f /etc/security/audit_control ]; then @@ -388,7 +388,7 @@ # Test : ACCT-9672 # Description : check auditstat if [ ${SOLARIS_AUDITD_RUNNING} -eq 1 ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi - Register --test-no ACCT-9662 --os Solaris --preqs-met ${PREQS_MET} --weight L --network NO --description "Check Solaris auditing stats" + Register --test-no ACCT-9662 --os Solaris --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check Solaris auditing stats" if [ ${SKIPTEST} -eq 0 ]; then LogText "Test: Check auditing statistics" if [ -x /usr/sbin/auditstat ]; then |