Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/CISOfy/lynis.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/include/tests_accounting
diff options
context:
space:
mode:
authorMichael Boelen <michael.boelen@cisofy.com>2017-04-23 21:06:54 +0300
committerMichael Boelen <michael.boelen@cisofy.com>2017-04-23 21:06:54 +0300
commit70ea29483a5fcb82ddc89d656227194560b502f2 (patch)
treed90db794f0ae7419b81e2b466ec017565ca176eb /include/tests_accounting
parent9e9b95e1daf9d64d7753d37b48e88697b297fa36 (diff)
Code enhancements
Diffstat (limited to 'include/tests_accounting')
-rw-r--r--include/tests_accounting48
1 files changed, 24 insertions, 24 deletions
diff --git a/include/tests_accounting b/include/tests_accounting
index 596a9da8..8faae399 100644
--- a/include/tests_accounting
+++ b/include/tests_accounting
@@ -76,19 +76,19 @@
LogText "Test: Check accounting information"
if [ -f ${ROOTDIR}var/account/pacct ]; then
Display --indent 2 --text "- Checking accounting information" --result "${STATUS_OK}" --color GREEN
- LogText "Result: /var/account/pacct available"
+ LogText "Result: ${ROOTDIR}var/account/pacct available"
AddHP 3 3
elif [ -f ${ROOTDIR}var/log/account/pacct ]; then
Display --indent 2 --text "- Checking accounting information" --result "${STATUS_OK}" --color GREEN
- LogText "Result: /var/log/account/pacct available"
+ LogText "Result: ${ROOTDIR}var/log/account/pacct available"
AddHP 3 3
elif [ -f ${ROOTDIR}var/log/pacct ]; then
Display --indent 2 --text "- Checking accounting information" --result "${STATUS_OK}" --color GREEN
- LogText "Result: /var/log/pacct available"
+ LogText "Result: ${ROOTDIR}var/log/pacct available"
AddHP 3 3
else
Display --indent 2 --text "- Checking accounting information" --result "${STATUS_NOT_FOUND}" --color YELLOW
- LogText "Result: No accounting information available (/var/account/pacct, /var/log/account/pact nor /var/log/pact exist)"
+ LogText "Result: No accounting information available (${ROOTDIR}var/account/pacct, ${ROOTDIR}var/log/account/pact nor ${ROOTDIR}var/log/pact exist)"
LogText "Remark: Possibly there is another location where the accounting data is stored"
ReportSuggestion ${TEST_NO} "Enable process accounting"
AddHP 2 3
@@ -101,11 +101,11 @@
# Description : Check sysstat accounting data
Register --test-no ACCT-9626 --os Linux --weight L --network NO --category security --description "Check for sysstat accounting data"
if [ ${SKIPTEST} -eq 0 ]; then
- LogText "Test: check /etc/default/sysstat presence"
+ LogText "Test: check ${ROOTDIR}etc/default/sysstat presence"
if [ -f ${ROOTDIR}etc/default/sysstat ]; then
LogText "Result: ${ROOTDIR}etc/default/sysstat found"
FIND=$(${GREPBINARY} "^ENABLED" ${ROOTDIR}etc/default/sysstat | ${GREPBINARY} -i true)
- if [ ! "${FIND}" = "" ]; then
+ if [ ! -z "${FIND}" ]; then
LogText "Result: sysstat enabled via ${ROOTDIR}etc/default/sysstat"
Display --indent 2 --text "- Checking sysstat accounting data" --result "${STATUS_ENABLED}" --color GREEN
else
@@ -124,7 +124,7 @@
ReportSuggestion ${TEST_NO} "Enable sysstat to collect accounting (cron disabled)"
fi
else
- LogText "Result: sysstat not found via ${ROOTDIR}etc/default/sysstat or /etc/cron.d/sysstat"
+ LogText "Result: sysstat not found via ${ROOTDIR}etc/default/sysstat or ${ROOTDIR}etc/cron.d/sysstat"
Display --indent 2 --text "- Checking sysstat accounting data" --result "${STATUS_NOT_FOUND}" --color YELLOW
ReportSuggestion ${TEST_NO} "Enable sysstat to collect accounting (no results)"
fi
@@ -134,7 +134,7 @@
#
# Test : ACCT-9628
# Description : Check auditd status
- if [ ! "${AUDITDBINARY}" = "" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi
+ if [ ! -z "${AUDITDBINARY}" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi
Register --test-no ACCT-9628 --os Linux --weight L --network NO --category security --description "Check for auditd"
if [ ${SKIPTEST} -eq 0 ]; then
LogText "Test: Check auditd status"
@@ -189,7 +189,7 @@
#
# Test : ACCT-9632
# Description : Check auditd configuration file
- if [ ! "${AUDITDBINARY}" = "" -a ${LINUX_AUDITD_RUNNING} -eq 1 ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi
+ if [ ! -z "${AUDITDBINARY}" -a ${LINUX_AUDITD_RUNNING} -eq 1 ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi
Register --test-no ACCT-9632 --os Linux --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check for auditd configuration file"
if [ ${SKIPTEST} -eq 0 ]; then
LogText "Test: Checking auditd configuration file"
@@ -202,7 +202,7 @@
fi
done
# Check if we discovered the configuration file. It should be there is the binaries are available and process is running
- if [ ! "${AUDITD_CONF_FILE}" = "" ]; then
+ if [ ! -z "${AUDITD_CONF_FILE}" ]; then
Display --indent 4 --text "- Checking audit configuration file" --result "${STATUS_OK}" --color GREEN
else
LogText "Result: could not find auditd configuration file"
@@ -252,14 +252,14 @@
if [ -f ${ROOTDIR}etc/ld.so.preload ]; then
LogText "Result: found ${ROOTDIR}etc/ld.so.preload, testing if snoopy.so is listed"
FIND=$(${GREPBINARY} ${FILE} ${ROOTDIR}etc/ld.so.preload)
- if [ ! "${FIND}" = "" ]; then
+ if [ ! -z "${FIND}" ]; then
LogText "Result: found snoopy in ld.so.preload"
LogText "Output: ${FIND}"
Display --indent 6 --text "- Library in ld.so.preload" --result "LOADED" --color GREEN
Report "audit_trail_tool[]=snoopy"
else
Display --indent 6 --text "- Library in ld.so.preload" --result "${STATUS_NOT_FOUND}" --color YELLOW
- ReportSuggestion ${TEST_NO} "Snoopy is installed but not loaded via /etc/ld.so.preload"
+ ReportSuggestion ${TEST_NO} "Snoopy is installed but not loaded via ${ROOTDIR}etc/ld.so.preload"
AddHP 3 3
fi
else
@@ -293,11 +293,11 @@
#
# Test : ACCT-9652
# Description : Check Solaris auditd service status
- if [ -x /usr/bin/svcs -a ${SOLARIS_AUDITD_RUNNING} -eq 1 ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi
+ if [ -x ${ROOTDIR}usr/bin/svcs -a ${SOLARIS_AUDITD_RUNNING} -eq 1 ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi
Register --test-no ACCT-9652 --os Solaris --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check auditd SMF status"
if [ ${SKIPTEST} -eq 0 ]; then
LogText "Test: check if auditd service is enabled and online"
- FIND=$(/usr/bin/svcs svc:/system/auditd:default | ${GREPBINARY} "^online")
+ FIND=$(${ROOTDIR}usr/bin/svcs svc:/system/auditd:default | ${GREPBINARY} "^online")
if [ ! -z "${FIND}" ]; then
LogText "Result: auditd service is online"
Display --indent 4 --text "- Checking Solaris audit daemon status" --result "${STATUS_ON}"LINE --color GREEN
@@ -312,7 +312,7 @@
# Test : ACCT-9654
# Description : Check Solaris Basic Security Mode (BSM) in /etc/system
if [ ${SOLARIS_AUDITD_RUNNING} -eq 1 ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi
- Register --test-no ACCT-9654 --os Solaris --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check BSM auditing in /etc/system"
+ Register --test-no ACCT-9654 --os Solaris --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check BSM auditing in ${ROOTDIR}etc/system"
if [ ${SKIPTEST} -eq 0 ]; then
LogText "Test: check if BSM is enabled in ${ROOTDIR}etc/system"
if [ -f ${ROOTDIR}etc/system ]; then
@@ -337,9 +337,9 @@
Register --test-no ACCT-9656 --os Solaris --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check BSM auditing in module list"
if [ ${SKIPTEST} -eq 0 ]; then
LogText "Test: check if c2audit module is active"
- if [ -x /usr/sbin/modinfo ]; then
- FIND=$(/usr/sbin/modinfo | ${GREPBINARY} c2audit)
- if [ ! "${FIND}" = "" ]; then
+ if [ -x ${ROOTDIR}usr/sbin/modinfo ]; then
+ FIND=$(${ROOTDIR}usr/sbin/modinfo | ${GREPBINARY} c2audit)
+ if [ ! -z "${FIND}" ]; then
LogText "Result: c2audit found in modinfo output"
Display --indent 4 --text "- Checking Solaris BSM (modules list)" --result "${STATUS_ENABLED}" --color GREEN
else
@@ -347,7 +347,7 @@
Display --indent 4 --text "- Checking Solaris BSM (modules list)" --result "${STATUS_NOT_FOUND}" --color YELLOW
fi
else
- LogText "Result: /usr/sbin/modinfo does not exist, skipping test"
+ LogText "Result: ${ROOTDIR}usr/sbin/modinfo does not exist, skipping test"
fi
fi
#
@@ -358,11 +358,11 @@
if [ ${SOLARIS_AUDITD_RUNNING} -eq 1 ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi
Register --test-no ACCT-9660 --os Solaris --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check location of audit events"
if [ ${SKIPTEST} -eq 0 ]; then
- LogText "Test: check /etc/security/audit_control for event logging location"
+ LogText "Test: check ${ROOTDIR}etc/security/audit_control for event logging location"
if [ -f ${ROOTDIR}etc/security/audit_control ]; then
LogText "Result: file ${ROOTDIR}etc/security/audit_control found"
FIND=$(${GREPBINARY} "^dir" ${ROOTDIR}etc/security/audit_control | ${AWKBINARY} -F: '{ print $2 }')
- if [ ! "${FIND}" = "" ]; then
+ if [ ! -z "${FIND}" ]; then
LogText "Result: found location ${FIND}"
LogText "Test: Checking if location is a valid directory"
if [ -d ${FIND} ]; then
@@ -392,14 +392,14 @@
Register --test-no ACCT-9662 --os Solaris --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check Solaris auditing stats"
if [ ${SKIPTEST} -eq 0 ]; then
LogText "Test: Check auditing statistics"
- if [ -x /usr/sbin/auditstat ]; then
- FIND=$(/usr/sbin/auditstat | ${TRBINARY} -s ' ' ',')
+ if [ -x ${ROOTDIR}usr/sbin/auditstat ]; then
+ FIND=$(${ROOTDIR}usr/sbin/auditstat | ${TRBINARY} -s ' ' ',')
for ITEM in ${FIND}; do
LogText "Output: ${ITEM}"
done
Display --indent 4 --text "- Checking Solaris audit statistics" --result "${STATUS_DONE}" --color GREEN
else
- LogText "Result: /usr/sbin/auditstat not found, skipping test"
+ LogText "Result: ${ROOTDIR}usr/sbin/auditstat not found, skipping test"
Display --indent 4 --text "- Checking Solaris audit statistics" --result "${STATUS_SKIPPED}" --color YELLOW
fi
fi
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-19 10:45:40 +0300