diff options
| author | Michael Boelen <michael.boelen@cisofy.com> | 2016-05-19 18:23:01 +0300 |
|---|---|---|
| committer | Michael Boelen <michael.boelen@cisofy.com> | 2016-05-19 18:23:01 +0300 |
| commit | 7b769214cd5389ae5f17766089c27572af0329ed (patch) | |
| tree | 261d7ecde77e0635f1c7292e3882b462f02adcd8 /include/tests_accounting | |
| parent | 9dafcac6b08a8e48946183bafff6c1b45fa4f236 (diff) | |
Split auditd between Linux and Solaris, store if an audit daemon is running
Diffstat (limited to 'include/tests_accounting')
| -rw-r--r-- | include/tests_accounting | 22 |
1 files changed, 14 insertions, 8 deletions
diff --git a/include/tests_accounting b/include/tests_accounting index 7ea03ff7..0c0ba8bb 100644 --- a/include/tests_accounting +++ b/include/tests_accounting @@ -24,7 +24,8 @@ # AUDITD_CONF_LOCS="/etc /etc/audit" AUDITD_CONF_FILE="" - AUDITD_RUNNING=0 + LINUX_AUDITD_RUNNING=0 + AUDIT_DAEMON_RUNNING=0 SOLARIS_AUDITD_RUNNING=0 # ################################################################################# @@ -142,9 +143,10 @@ if [ ${RUNNING} -eq 1 ]; then LogText "Result: auditd running" Display --indent 2 --text "- Checking auditd" --result ENABLED --color GREEN - AUDITD_RUNNING=1 - Report "audit_daemon_running=1" + LINUX_AUDITD_RUNNING=1 + AUDIT_DAEMON_RUNNING=1 Report "audit_trail_tool[]=auditd" + Report "linux_auditd_running=1" AddHP 4 4 else LogText "Result: auditd not active" @@ -152,9 +154,8 @@ if [ ! "${VMTYPE}" = "openvz" ]; then ReportSuggestion ${TEST_NO} "Enable auditd to collect audit information" fi - AUDITD_RUNNING=0 - Report "audit_daemon_running=0" AddHP 0 1 + Report "linux_auditd_running=0" fi fi # @@ -162,7 +163,7 @@ # # Test : ACCT-9630 # Description : Check auditd rules - if [ ! "${AUDITDBINARY}" = "" -a ! "${AUDITCTLBINARY}" = "" -a ${AUDITD_RUNNING} -eq 1 ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi + if [ ! "${AUDITDBINARY}" = "" -a ! "${AUDITCTLBINARY}" = "" -a ${LINUX_AUDITD_RUNNING} -eq 1 ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi Register --test-no ACCT-9630 --os Linux --preqs-met ${PREQS_MET} --weight L --network NO --root-only YES --description "Check for auditd rules" if [ ${SKIPTEST} -eq 0 ]; then LogText "Test: Checking auditd rules" @@ -188,7 +189,7 @@ # # Test : ACCT-9632 # Description : Check auditd configuration file - if [ ! "${AUDITDBINARY}" = "" -a ${AUDITD_RUNNING} -eq 1 ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi + if [ ! "${AUDITDBINARY}" = "" -a ${LINUX_AUDITD_RUNNING} -eq 1 ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi Register --test-no ACCT-9632 --os Linux --preqs-met ${PREQS_MET} --weight L --network NO --description "Check for auditd configuration file" if [ ${SKIPTEST} -eq 0 ]; then LogText "Test: Checking auditd configuration file" @@ -214,7 +215,7 @@ # # Test : ACCT-9634 # Description : Check auditd log file - if [ ! "${AUDITDBINARY}" = "" -a ${AUDITD_RUNNING} -eq 1 -a ! "${AUDITD_CONF_FILE}" = "" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi + if [ ! "${AUDITDBINARY}" = "" -a ${LINUX_AUDITD_RUNNING} -eq 1 -a ! "${AUDITD_CONF_FILE}" = "" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi Register --test-no ACCT-9634 --os Linux --preqs-met ${PREQS_MET} --weight L --network NO --description "Check for auditd log file" if [ ${SKIPTEST} -eq 0 ]; then LogText "Test: Checking auditd log file" @@ -280,6 +281,7 @@ if [ ${RUNNING} -eq 1 ]; then LogText "Result: Solaris audit daemon is running" SOLARIS_AUDITD_RUNNING=1 + AUDIT_DAEMON_RUNNING=1 Display --indent 2 --text "- Checking Solaris audit daemon status" --result RUNNING --color GREEN else LogText "Result: Solaris audit daemon is not running" @@ -403,6 +405,10 @@ # ################################################################################# # + Report "audit_daemon_running=${AUDIT_DAEMON_RUNNING}" +# +################################################################################# +# WaitForKeyPress |