diff options
author | Brian Ginsbach <brian.ginsbach@gmail.com> | 2020-04-02 22:00:23 +0300 |
---|---|---|
committer | Brian Ginsbach <brian.ginsbach@gmail.com> | 2020-04-03 04:09:01 +0300 |
commit | 6308682caee9a060e9915c8b85be36ef015ced7c (patch) | |
tree | 1cb7860748877fdf142c2745549183b5d68ebc5b /include/tests_authentication | |
parent | 64033da973deb14d7632798904b5f24c06816390 (diff) |
Combine AUTH-9218 and AUTH-9489
These two tests are essentially identical. There is no need separate
the DragonFly and FreeBSD tests. This will make it easier to add
support for other BSD systems.
Diffstat (limited to 'include/tests_authentication')
-rw-r--r-- | include/tests_authentication | 46 |
1 files changed, 1 insertions, 45 deletions
diff --git a/include/tests_authentication b/include/tests_authentication index d005882a..74389ad8 100644 --- a/include/tests_authentication +++ b/include/tests_authentication @@ -157,51 +157,7 @@ # Test : AUTH-9218 # Description : Check login shells for passwordless accounts # Notes : Results should be checked - Register --test-no AUTH-9218 --os FreeBSD --weight L --network NO --category security --description "Check login shells for passwordless accounts" - if [ ${SKIPTEST} -eq 0 ]; then - FOUND=0 - LogText "Test: Checking login shells" - if [ -f ${ROOTDIR}etc/master.passwd ]; then - # Check for all shells, except: (/usr)/sbin/nologin /nonexistent - FIND=$(${GREPBINARY} "[a-z]:\*:" /etc/master.passwd | ${EGREPBINARY} -v '^#|/sbin/nologin|/usr/sbin/nologin|/nonexistent' | ${SEDBINARY} 's/ /!space!/g') - if [ "${FIND}" = "" ]; then - Display --indent 2 --text "- Login shells" --result "${STATUS_OK}" --color GREEN - else - Display --indent 2 --text "- Login shells" --result "${STATUS_WARNING}" --color RED - for LINE in ${FIND}; do - LINE=$(echo ${LINE} | ${SEDBINARY} 's/!space!/ /g') - SHELL=$(echo ${LINE} | ${AWKBINARY} -F: '{ print $10 }') - LogText "Output: ${LINE}" - if [ -z "${SHELL}" ]; then - LogText "Result: found no shell on line" - else - LogText "Result: found possible harmful shell ${SHELL}" - if [ -f ${SHELL} ]; then - LogText "Result: shell ${SHELL} does exist" - FOUND=1 - else - LogText "Result: shell ${SHELL} does not exist" - ReportSuggestion "${TEST_NO}" "Determine if account is needed, as shell ${SHELL} does not exist" - fi - fi - done - if [ ${FOUND} -eq 1 ]; then - ReportWarning "${TEST_NO}" "Possible harmful shell found (for passwordless account!)" - fi - fi - else - Display --indent 2 --text "- Login shells" --result "${STATUS_SKIPPED}" --color WHITE - LogText "Result: No /etc/master.passwd file found" - fi - unset LINE SHELL - fi -# -################################################################################# -# - # Test : AUTH-9489 - # Description : Check login shells for passwordless accounts - # Notes : Results should be checked - Register --test-no AUTH-9489 --os DragonFly --weight L --network NO --category security --description "Check login shells for passwordless accounts" + Register --test-no AUTH-9218 --os "DragonFly FreeBSD" --weight L --network NO --category security --description "Check login shells for passwordless accounts" if [ ${SKIPTEST} -eq 0 ]; then FOUND=0 LogText "Test: Checking login shells" |