diff options
| author | mboelen <michael@cisofy.com> | 2015-12-21 23:17:15 +0300 |
|---|---|---|
| committer | mboelen <michael@cisofy.com> | 2015-12-21 23:17:15 +0300 |
| commit | d16b38eff83a8dca405e21e1c34205289f3d0832 (patch) | |
| tree | d9db1eac3d4ead003f0e1b4fbfbabf0ddeb66c1e /include/tests_nameservices | |
| parent | 83a44827e03543146e39c37c33f14ebca6f40a29 (diff) | |
Rename of logtext and report functions, upcoming year change
Diffstat (limited to 'include/tests_nameservices')
| -rw-r--r-- | include/tests_nameservices | 230 |
1 files changed, 115 insertions, 115 deletions
diff --git a/include/tests_nameservices b/include/tests_nameservices index 14fac534..7f807618 100644 --- a/include/tests_nameservices +++ b/include/tests_nameservices @@ -5,7 +5,7 @@ # Lynis # ------------------ # -# Copyright 2007-2015, Michael Boelen, CISOfy (michael.boelen@cisofy.com) +# Copyright 2007-2016, Michael Boelen, CISOfy (michael.boelen@cisofy.com) # Web site: https://cisofy.com # # Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are @@ -39,17 +39,17 @@ # Description : Check main domain (domain <domain name> in /etc/resolv.conf) Register --test-no NAME-4016 --weight L --network NO --description "Check /etc/resolv.conf default domain" if [ ${SKIPTEST} -eq 0 ]; then - logtext "Test: check /etc/resolv.conf for default domain" + LogText "Test: check /etc/resolv.conf for default domain" if [ -f /etc/resolv.conf ]; then - logtext "Result: /etc/resolv.conf found" + LogText "Result: /etc/resolv.conf found" FIND=`awk '/^domain/ { print $2 }' /etc/resolv.conf` if [ "${FIND}" = "" ]; then - logtext "Result: no default domain found" + LogText "Result: no default domain found" Display --indent 2 --text "- Checking default DNS search domain" --result NONE --color WHITE else - logtext "Result: found default domain" - logtext "Output: ${FIND}" - report "resolv_conf_domain=${FIND}" + LogText "Result: found default domain" + LogText "Output: ${FIND}" + Report "resolv_conf_domain=${FIND}" Display --indent 2 --text "- Checking default DNS search domain" --result FOUND --color GREEN RESOLV_DOMAINNAME="${FIND}" fi @@ -64,41 +64,41 @@ Register --test-no NAME-4018 --weight L --network NO --description "Check /etc/resolv.conf search domains" if [ ${SKIPTEST} -eq 0 ]; then N=0 - logtext "Test: check /etc/resolv.conf for search domains" + LogText "Test: check /etc/resolv.conf for search domains" if [ -f /etc/resolv.conf ]; then - logtext "Result: /etc/resolv.conf found" + LogText "Result: /etc/resolv.conf found" FIND=`awk '/^search/ { print $2 }' /etc/resolv.conf` if [ "${FIND}" = "" ]; then - logtext "Result: no search domains found, default domain is being used" + LogText "Result: no search domains found, default domain is being used" else for I in ${FIND}; do - logtext "Found search domain: ${I}" - report "resolv_conf_search_domain[]=${I}" + LogText "Found search domain: ${I}" + Report "resolv_conf_search_domain[]=${I}" N=`expr ${N} + 1` done # Warn if we have more than 6 search domains, which is maximum in most resolvers if [ ${N} -gt 6 ]; then - logtext "Result: Found ${N} search domains" + LogText "Result: Found ${N} search domains" Display --indent 2 --text "- Checking search domains" --result WARNING --color YELLOW ReportWarning ${TEST_NO} "L" "Found more than 6 search domains, which is usually more than the maximum allowed number in most resolvers" else - logtext "Result: Found ${N} search domains" + LogText "Result: Found ${N} search domains" Display --indent 2 --text "- Checking search domains" --result FOUND --color GREEN fi fi else - logtext "Result: /etc/resolv.conf does not exist, skipping test" + LogText "Result: /etc/resolv.conf does not exist, skipping test" Display --indent 2 --text "- Checking search domains" --result "NOT FOUND" --color YELLOW fi # Check amount of search domains (max 1) FIND=`grep -c "^search" /etc/resolv.conf` if [ ! "${FIND}" = "0" -a ! "${FIND}" = "1" ]; then - logtext "Result: found ${FIND} line(s) with a search statement (expecting less than 2 lines)" + LogText "Result: found ${FIND} line(s) with a search statement (expecting less than 2 lines)" Display --indent 4 --text "- Checking search domains lines" --result "CONFIG ERROR" --color YELLOW ReportWarning ${TEST_NO} "L" "Found more than 1 search lines in /etc/resolv.conf, which is probably a misconfiguration" else - logtext "Result: found ${FIND} line(s) with a search statement (expecting less than 2 lines)" + LogText "Result: found ${FIND} line(s) with a search statement (expecting less than 2 lines)" fi fi # @@ -108,24 +108,24 @@ # Description : Check non default resolv.conf options Register --test-no NAME-4020 --weight L --network NO --description "Check non default options" if [ ${SKIPTEST} -eq 0 ]; then - logtext "Test: check /etc/resolv.conf for non default options" + LogText "Test: check /etc/resolv.conf for non default options" if [ -f /etc/resolv.conf ]; then - logtext "Result: /etc/resolv.conf found" + LogText "Result: /etc/resolv.conf found" FIND=`grep "^options" /etc/resolv.conf | awk '{ print $2 }'` if [ "${FIND}" = "" ]; then - logtext "Result: no specific other options configured in /etc/resolv.conf" + LogText "Result: no specific other options configured in /etc/resolv.conf" Display --indent 2 --text "- Checking /etc/resolv.conf options" --result "NONE" --color WHITE else for I in ${FIND}; do - logtext "Found option: ${I}" - report "resolv_conf_option[]=${I}" + LogText "Found option: ${I}" + Report "resolv_conf_option[]=${I}" #rotate --> add performance tune point #timeout <3 --> add performe tune point done Display --indent 2 --text "- Checking /etc/resolv.conf options" --result "FOUND" --color GREEN fi else - logtext "Result: /etc/resolv.conf not found, test skipped" + LogText "Result: /etc/resolv.conf not found, test skipped" Display --indent 2 --text "- Checking /etc/resolv.conf options" --result "NOT FOUND" --color YELLOW fi fi @@ -137,7 +137,7 @@ Register --test-no NAME-4024 --os Solaris --weight L --network NO --description "Solaris uname -n output" if [ ${SKIPTEST} -eq 0 ]; then FIND=`uname -n` - logtext "Result: 'uname -n' returned ${FIND}" + LogText "Result: 'uname -n' returned ${FIND}" Display --indent 2 --text "- Checking uname -n output" --result DONE --color GREEN fi # @@ -148,14 +148,14 @@ # Notes : If a system is standalone, /etc/nodename should contain a system name only, not FQDN Register --test-no NAME-4026 --os Solaris --weight L --network NO --description "Check /etc/nodename" if [ ${SKIPTEST} -eq 0 ]; then - logtext "Test: checking /etc/nodename" + LogText "Test: checking /etc/nodename" if [ -f /etc/nodename ]; then - logtext "Result: file /etc/nodename exists" + LogText "Result: file /etc/nodename exists" FIND=`cat /etc/nodename` - logtext "Output: ${FIND}" + LogText "Output: ${FIND}" Display --indent 2 --text "- Checking /etc/nodename" --result "DONE" --color GREEN else - logtext "Result: file /etc/nodename could not be found" + LogText "Result: file /etc/nodename could not be found" Display --indent 2 --text "- Checking /etc/nodename" --result "NONE FOUND" --color YELLOW fi fi @@ -169,49 +169,49 @@ if [ ${SKIPTEST} -eq 0 ]; then DOMAINNAME="" # NIS - #logtext "Test: Checking file /etc/domainname" + #LogText "Test: Checking file /etc/domainname" #if [ -f /etc/domainname ]; then - # logtext "Result: file /etc/domainname exists" + # LogText "Result: file /etc/domainname exists" # FIND2=`cat /etc/domainname` # if [ ! "${FIND}" = "" ]; then - # logtext "Found domain name: ${FIND}" + # LogText "Found domain name: ${FIND}" # DOMAINNAME="${FIND}" # else - # logtext "Result: no domain name found in file" + # LogText "Result: no domain name found in file" # fi # else - # logtext "Result: file /etc/domainname does not exist" + # LogText "Result: file /etc/domainname does not exist" #fi - logtext "Test: Checking if dnsdomainname command is available" + LogText "Test: Checking if dnsdomainname command is available" if [ ! "${DNSDOMAINNAMEBINARY}" = "" ]; then FIND2=`${DNSDOMAINNAMEBINARY} 2> /dev/null` if [ ! "${FIND2}" = "" ]; then - logtext "Result: dnsdomainname command returned a value" - logtext "Found domain name: ${FIND2}" + LogText "Result: dnsdomainname command returned a value" + LogText "Found domain name: ${FIND2}" DOMAINNAME="${FIND2}" else - logtext "Result: dnsdomainname command returned no value" + LogText "Result: dnsdomainname command returned no value" fi else - logtext "Result: dnsdomainname binary not found, skip specific test" + LogText "Result: dnsdomainname binary not found, skip specific test" fi # If files and commands can't be found, use defined value from resolv.conf if [ "${DOMAINNAME}" = "" ]; then if [ ! "${RESOLV_DOMAINNAME}" = "" ]; then - logtext "Result: using domain name from /etc/resolv.conf" + LogText "Result: using domain name from /etc/resolv.conf" DOMAINNAME=${RESOLV_DOMAINNAME} else - logtext "Result: using domain name from FQDN hostname" + LogText "Result: using domain name from FQDN hostname" #DOMAINNAME=${FQDN#${HOSTNAME}.} DOMAINNAME=`echo ${FQDN} | cut -d . -f2-` fi fi if [ ! "${DOMAINNAME}" = "" ]; then - logtext "Result: found domain name" - report "domainname=${DOMAINNAME}" + LogText "Result: found domain name" + Report "domainname=${DOMAINNAME}" Display --indent 2 --text "- Searching DNS domain name" --result "FOUND" --color GREEN Display --indent 6 --text "Domain name: ${DOMAINNAME}" else @@ -226,14 +226,14 @@ # Description : Check name service caching daemon (NSCD) status Register --test-no NAME-4032 --weight L --network NO --description "Check nscd status" if [ ${SKIPTEST} -eq 0 ]; then - logtext "Test: checking nscd status" + LogText "Test: checking nscd status" IsRunning nscd if [ ${RUNNING} -eq 1 ]; then NAME_CACHE_USED=1 - logtext "Result: nscd is running" + LogText "Result: nscd is running" Display --indent 2 --text "- Checking nscd status" --result RUNNING --color GREEN else - logtext "Result: nscd is not running" + LogText "Result: nscd is not running" Display --indent 2 --text "- Checking nscd status" --result "NOT FOUND" --color WHITE fi fi @@ -244,15 +244,15 @@ # Description : Check name service caching daemon (Unbound) status Register --test-no NAME-4034 --weight L --network NO --description "Check Unbound status" if [ ${SKIPTEST} -eq 0 ]; then - logtext "Test: checking Unbound (unbound) status" + LogText "Test: checking Unbound (unbound) status" IsRunning unbound if [ ${RUNNING} -eq 1 ]; then UNBOUND_RUNNING=1 NAME_CACHE_USED=1 - logtext "Result: Unbound daemon is running" + LogText "Result: Unbound daemon is running" Display --indent 2 --text "- Checking Unbound status" --result RUNNING --color GREEN else - logtext "Result: Unbound daemon is not running" + LogText "Result: Unbound daemon is not running" Display --indent 2 --text "- Checking Unbound status" --result "NOT FOUND" --color WHITE fi fi @@ -266,20 +266,20 @@ if [ ${SKIPTEST} -eq 0 ]; then FIND=`which unbound-checkconf` if [ ! "${FIND}" = "" ]; then - logtext "Test: running unbound-checkconf" + LogText "Test: running unbound-checkconf" # Don't capture any output, just gather exit code (0 is fine, otherwise bad) FIND=`unbound-checkconf > /dev/null 2>&1` if [ $? -eq 0 ]; then UNBOUND_CONFIG_OK=1 - logtext "Result: Configuration is fine" + LogText "Result: Configuration is fine" Display --indent 2 --text "- Checking configuration file" --result OK --color GREEN else - logtext "Result: Unbound daemon is not running" + LogText "Result: Unbound daemon is not running" Display --indent 2 --text "- Checking configuration file" --result "NOT OK" --color YELLOW ReportWarning "${TEST_NO}" "L" "Found Unbound configuration file issues (run unbound-checkconf)" fi else - logtext "Result: skipped, can't find unbound-checkconf utility" + LogText "Result: skipped, can't find unbound-checkconf utility" fi fi # @@ -289,14 +289,14 @@ # Description : Check if BIND is running Register --test-no NAME-4202 --weight L --network NO --description "Check BIND status" if [ ${SKIPTEST} -eq 0 ]; then - logtext "Test: Checking for running BIND instance" + LogText "Test: Checking for running BIND instance" IsRunning named if [ ${RUNNING} -eq 1 ]; then - logtext "Result: found BIND process" + LogText "Result: found BIND process" Display --indent 2 --text "- Checking BIND status" --result "FOUND" --color GREEN BIND_RUNNING=1 else - logtext "Result: BIND not running" + LogText "Result: BIND not running" Display --indent 2 --text "- Checking BIND status" --result "NOT FOUND" --color WHITE fi fi @@ -308,11 +308,11 @@ if [ ${BIND_RUNNING} -eq 1 ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi Register --test-no NAME-4204 --preqs-met ${PREQS_MET} --weight L --network NO --description "Search BIND configuration file" if [ ${SKIPTEST} -eq 0 ]; then - logtext "Test: Search BIND configuration file" + LogText "Test: Search BIND configuration file" for I in ${BIND_CONFIG_LOCS}; do if [ -f ${I}/named.conf ]; then BIND_CONFIG_LOCATION="${I}/named.conf" - logtext "Result: found configuration file (${BIND_CONFIG_LOCATION})" + LogText "Result: found configuration file (${BIND_CONFIG_LOCATION})" fi done if [ ! "${BIND_CONFIG_LOCATION}" = "" ]; then @@ -329,20 +329,20 @@ if [ ${BIND_RUNNING} -eq 1 -a ! "${BIND_CONFIG_LOCATION}" = "" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi Register --test-no NAME-4206 --preqs-met ${PREQS_MET} --weight L --network NO --description "Check BIND configuration consistency" if [ ${SKIPTEST} -eq 0 ]; then - logtext "Test: searching for named-checkconf binary" + LogText "Test: searching for named-checkconf binary" if [ ! "${NAMEDCHECKCONFBINARY}" = "" ]; then - logtext "Result: named-checkconf is installed" + LogText "Result: named-checkconf is installed" FIND=`${NAMEDCHECKCONFBINARY} ${BIND_CONFIG_LOCATION}; echo $?` if [ "${FIND}" = "0" ]; then - logtext "Result: configuration file ${BIND_CONFIG_LOCATION} seems to be fine" + LogText "Result: configuration file ${BIND_CONFIG_LOCATION} seems to be fine" Display --indent 4 --text "- Checking BIND configuration consistency" --result "OK" --color GREEN else - logtext "Result: possible errors found in ${BIND_CONFIG_LOCATION}" + LogText "Result: possible errors found in ${BIND_CONFIG_LOCATION}" Display --indent 4 --text "- Checking BIND configuration consistency" --result WARNING --color RED ReportWarning ${TEST_NO} "Errors discovered in BIND configuration file" fi else - logtext "Result: named-checkconf not found, skipping test" + LogText "Result: named-checkconf not found, skipping test" fi fi # @@ -360,14 +360,14 @@ if [ ${BIND_RUNNING} -eq 1 -a ! "${BIND_CONFIG_LOCATION}" = "" -a ! "${DIGBINARY}" = "" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi Register --test-no NAME-4210 --preqs-met ${PREQS_MET} --weight L --network NO --description "Check DNS banner" if [ ${SKIPTEST} -eq 0 ]; then - logtext "Test: Trying to determine version from banner" + LogText "Test: Trying to determine version from banner" FIND=`${DIGBINARY} @localhost version.bind chaos txt | grep "^version.bind" | grep TXT | egrep "[0-9].[0-9].[0-9]*"` if [ "${FIND}" = "" ]; then - logtext "Result: no useful information in banner found" + LogText "Result: no useful information in banner found" Display --indent 4 --text "- Checking BIND version in banner" --result "OK" --color GREEN AddHP 2 2 else - logtext "Result: possible BIND version available in version banner" + LogText "Result: possible BIND version available in version banner" Display --indent 4 --text "- Checking BIND version in banner" --result WARNING --color RED ReportWarning ${TEST_NO} "M" "Found BIND version in banner" ReportSuggestion ${TEST_NO} "The version in BIND can be masked by defining 'version none' in the configuration file" @@ -402,14 +402,14 @@ # Description : Check if PowerDNS is running Register --test-no NAME-4230 --weight L --network NO --description "Check PowerDNS status" if [ ${SKIPTEST} -eq 0 ]; then - logtext "Test: Checking for running PowerDNS instance" + LogText "Test: Checking for running PowerDNS instance" IsRunning pdns_server if [ ${RUNNING} -eq 1 ]; then - logtext "Result: found PowerDNS process" + LogText "Result: found PowerDNS process" Display --indent 2 --text "- Checking PowerDNS status" --result "RUNNING" --color GREEN POWERDNS_RUNNING=1 else - logtext "Result: PowerDNS not running" + LogText "Result: PowerDNS not running" Display --indent 2 --text "- Checking PowerDNS status" --result "NOT FOUND" --color WHITE fi fi @@ -421,11 +421,11 @@ if [ ${POWERDNS_RUNNING} -eq 1 ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi Register --test-no NAME-4232 --preqs-met ${PREQS_MET} --weight L --network NO --description "Search PowerDNS configuration file" if [ ${SKIPTEST} -eq 0 ]; then - logtext "Test: Search PowerDNS configuration file" + LogText "Test: Search PowerDNS configuration file" for I in ${POWERDNS_CONFIG_LOCS}; do if [ -f ${I}/pdns.conf ]; then POWERDNS_AUTH_CONFIG_LOCATION="${I}/pdns.conf" - logtext "Result: found configuration file (${POWERDNS_AUTH_CONFIG_LOCATION})" + LogText "Result: found configuration file (${POWERDNS_AUTH_CONFIG_LOCATION})" fi done if [ ! "${POWERDNS_AUTH_CONFIG_LOCATION}" = "" ]; then @@ -451,15 +451,15 @@ if [ ${POWERDNS_RUNNING} -eq 1 -a ! "${POWERDNS_AUTH_CONFIG_LOCATION}" = "" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi Register --test-no NAME-4236 --preqs-met ${PREQS_MET} --weight L --network NO --description "Check PowerDNS backends" if [ ${SKIPTEST} -eq 0 ]; then - logtext "Test: Checking for PowerDNS backends" + LogText "Test: Checking for PowerDNS backends" FIND=`awk -F= '/^launch/ { print $2 }' ${POWERDNS_AUTH_CONFIG_LOCATION}` if [ ! "${FIND}" = "" ]; then for I in ${FIND}; do - logtext "Found backend: ${I}" + LogText "Found backend: ${I}" done Display --indent 4 --text "- Checking PowerDNS backends" --result "FOUND" --color GREEN else - logtext "Result: no PowerDNS backends found" + LogText "Result: no PowerDNS backends found" Display --indent 4 --text "- Checking PowerDNS backends" --result "NOT FOUND" --color YELLOW fi fi @@ -471,24 +471,24 @@ if [ ${POWERDNS_RUNNING} -eq 1 -a ! "${POWERDNS_AUTH_CONFIG_LOCATION}" = "" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi Register --test-no NAME-4238 --preqs-met ${PREQS_MET} --weight L --network NO --description "Check PowerDNS authoritive status" if [ ${SKIPTEST} -eq 0 ]; then - logtext "Test: Checking for PowerDNS master status" + LogText "Test: Checking for PowerDNS master status" FIND=`grep "^master=yes" ${POWERDNS_AUTH_CONFIG_LOCATION}` if [ ! "${FIND}" = "" ]; then - logtext "Found master=yes in configuration file" + LogText "Found master=yes in configuration file" Display --indent 4 --text "- PowerDNS authoritive master: YES" POWERDNS_AUTH_MASTER=1 else - logtext "Result: most likely not master (no master=yes)" + LogText "Result: most likely not master (no master=yes)" Display --indent 4 --text "- PowerDNS authoritive master: NO" fi - logtext "Test: Checking for PowerDNS slave status" + LogText "Test: Checking for PowerDNS slave status" FIND=`grep "^slave=yes" ${POWERDNS_AUTH_CONFIG_LOCATION}` if [ ! "${FIND}" = "" ]; then - logtext "Found slave=yes in configuration file" + LogText "Found slave=yes in configuration file" Display --indent 4 --text "- PowerDNS authoritive slave: YES" POWERDNS_AUTH_SLAVE=1 else - logtext "Result: most likely not slave (no slave=yes)" + LogText "Result: most likely not slave (no slave=yes)" Display --indent 4 --text "- PowerDNS authoritive slave: NO" fi fi @@ -499,21 +499,21 @@ # Description : Check NIS ypbind daemon status Register --test-no NAME-4304 --weight L --network NO --description "Check NIS ypbind status" if [ ${SKIPTEST} -eq 0 ]; then - logtext "Test: Checking status of ypbind daemon" + LogText "Test: Checking status of ypbind daemon" IsRunning ypbind if [ ${RUNNING} -eq 1 ]; then - logtext "Result: ypbind is running" + LogText "Result: ypbind is running" Display --indent 2 --text "- Checking ypbind status" --result "FOUND" --color GREEN YPBIND_RUNNING=1 IsRunning ypldap if [ ${RUNNING} -eq 1 ]; then - logtext "Result: ypldap is running" + LogText "Result: ypldap is running" Display --indent 2 --text "- Checking ypldap status" --result "FOUND" --color GREEN else ReportSuggestion "Disable the usage of NIS/NIS+ and use an alternative like LDAP or Kerberos instead" fi else - logtext "Result: ypbind is not active" + LogText "Result: ypbind is not active" Display --indent 2 --text "- Checking ypbind status" --result "NOT FOUND" --color WHITE fi fi @@ -526,58 +526,58 @@ if [ ${YPBIND_RUNNING} -eq 1 ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi Register --test-no NAME-4306 --preqs-met ${PREQS_MET} --weight L --network NO --description "Check NIS domain" if [ ${SKIPTEST} -eq 0 ]; then - logtext "Test: Checking `domainname` for NIS domain value" + LogText "Test: Checking `domainname` for NIS domain value" FIND=`${DOMAINNAMEBINARY} | grep -v "(none)"` if [ ! "${FIND}" = "" ]; then - logtext "Value: ${FIND}" + LogText "Value: ${FIND}" NISDOMAIN="${FIND}" else - logtext "Result: no NIS domain found in command output" + LogText "Result: no NIS domain found in command output" fi # Solaris / Linux style - logtext "Test: Checking file /etc/defaultdomain" + LogText "Test: Checking file /etc/defaultdomain" if [ -f /etc/defaultdomain ]; then - logtext "Result: file /etc/defaultdomain exists" + LogText "Result: file /etc/defaultdomain exists" FIND2=`cat /etc/defaultdomain` if [ ! "${FIND2}" = "" ]; then - logtext "Output: ${FIND2}" + LogText "Output: ${FIND2}" NISDOMAIN="${FIND2}" else - logtext "Result: no NIS domain found in file" + LogText "Result: no NIS domain found in file" fi fi # Red Hat style - logtext "Test: checking /etc/sysconfig/network" + LogText "Test: checking /etc/sysconfig/network" if [ -f /etc/sysconfig/network ]; then - logtext "Result: file /etc/sysconfig/network exists" - logtext "Test: checking NISDOMAIN value in file" + LogText "Result: file /etc/sysconfig/network exists" + LogText "Test: checking NISDOMAIN value in file" FIND3=`grep "^NISDOMAIN" /etc/sysconfig/network | awk -F= '{ print $2 }' | sed 's/"//g'` if [ ! "${FIND3}" = "" ]; then - logtext "Found NIS domain: ${FIND3}" + LogText "Found NIS domain: ${FIND3}" NISDOMAIN="${FIND3}" else - logtext "Result: No NIS domain found in file" + LogText "Result: No NIS domain found in file" fi else - logtext "Result: file /etc/sysconfig/network does not exist" + LogText "Result: file /etc/sysconfig/network does not exist" fi if [ ! "${SYSCTLBINARY}" = "" ]; then # Check sysctl (e.g. FreeBSD) - logtext "Test: checking sysctl for kern.domainname" + LogText "Test: checking sysctl for kern.domainname" FIND=`${SYSCTLBINARY} -a 2>&1 | grep "^kern.domainname" | awk -F: '{ print $2 }' | sed 's/ //g' | grep -v "^$"` if [ ! "${FIND}" = "" ]; then - logtext "Result: found NIS domain via sysctl" + LogText "Result: found NIS domain via sysctl" NISDOMAIN="${FIND}" fi fi # Check if we found any NIS domain if [ ! "${NISDOMAIN}" = "" ]; then - logtext "Found NIS domain: ${NISDOMAIN}" - report "nisdomain=${NISDOMAIN}" + LogText "Found NIS domain: ${NISDOMAIN}" + Report "nisdomain=${NISDOMAIN}" Display --indent 4 --text "- Checking NIS domain" --result "FOUND" --color GREEN else - logtext "Result: No NIS domain found" + LogText "Result: No NIS domain found" Display --indent 4 --text "- Checking NIS domain" --result "UNKNOWN" --color YELLOW fi fi @@ -592,20 +592,20 @@ # Description : Check /etc/hosts configuration Register --test-no NAME-4402 --weight L --network NO --description "Check duplicate line in /etc/hosts" if [ ${SKIPTEST} -eq 0 ]; then - logtext "Test: check duplicate line in /etc/hosts" + LogText "Test: check duplicate line in /etc/hosts" if [ -f /etc/hosts ]; then sFIND=`egrep -v '^(#|$)' /etc/hosts | awk '{ print $1, $2 }' | sort | uniq -d` if [ "${sFIND}" = "" ]; then - logtext "Result: OK, no duplicate lines found" + LogText "Result: OK, no duplicate lines found" Display --indent 4 --text "- Checking /etc/hosts (duplicates)" --result OK --color GREEN else - logtext "Found duplicate line: ${sFIND}" - logtext "Result: found duplicate line" + LogText "Found duplicate line: ${sFIND}" + LogText "Result: found duplicate line" Display --indent 4 --text "- Checking /etc/hosts (duplicates)" --result SUGGESTION --color YELLOW ReportSuggestion "${TEST_NO}" "Remove duplicate lines in /etc/hosts" fi else - logtext "Result: /etc/hosts not found, test skipped" + LogText "Result: /etc/hosts not found, test skipped" Display --indent 4 --text "Searching duplicate line" --result "SKIPPED" --color YELLOW fi fi @@ -617,17 +617,17 @@ if [ ! "${HOSTNAME}" = "" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi Register --test-no NAME-4404 --preqs-met ${PREQS_MET} --weight L --network NO --description "Check /etc/hosts contains an entry for this server name" if [ ${SKIPTEST} -eq 0 ]; then - logtext "Test: Check /etc/hosts contains an entry for this server name" + LogText "Test: Check /etc/hosts contains an entry for this server name" if [ -f /etc/hosts ]; then sFIND=`egrep -v '^(#|$|^::1\s|localhost)' /etc/hosts | grep ${HOSTNAME}` if [ "${sFIND}" != "" ]; then - logtext "Result: Found entry for ${HOSTNAME} in /etc/hosts" + LogText "Result: Found entry for ${HOSTNAME} in /etc/hosts" Display --indent 4 --text "- Checking /etc/hosts (hostname)" --result OK --color GREEN else - logtext "Result: No entry found for ${HOSTNAME} in /etc/hosts" + LogText "Result: No entry found for ${HOSTNAME} in /etc/hosts" Display --indent 4 --text "- Checking /etc/hosts (hostname)" --result SUGGESTION --color YELLOW ReportSuggestion ${TEST_NO} "Add the IP name and FQDN to /etc/hosts for proper name resolving" - logtext "Risk: No entry for the server name [hostname] in /etc/hosts may cause unexpected performance problems for local connections" + LogText "Risk: No entry for the server name [hostname] in /etc/hosts may cause unexpected performance problems for local connections" fi fi fi @@ -639,15 +639,15 @@ if [ ! "${HOSTNAME}" = "" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi Register --test-no NAME-4406 --preqs-met ${PREQS_MET} --weight L --network NO --description "Check server hostname mapping" if [ ${SKIPTEST} -eq 0 ]; then - logtext "Test: Check server hostname not locally mapped in /etc/hosts" + LogText "Test: Check server hostname not locally mapped in /etc/hosts" sFIND=`egrep -v '^(#|$)' /etc/hosts | egrep '(localhost|^::1\s)' | grep -w ${HOSTNAME}` if [ ! "${sFIND}" = "" ]; then - logtext "Result: Found this server hostname mapped to a local address" + LogText "Result: Found this server hostname mapped to a local address" Display --indent 4 --text "- Checking /etc/hosts (localhost)" --result SUGGESTION --color YELLOW - logtext "Information: Linking the hostname to the localhost entry may break some resolving. Split resolving so that localhost resolves back to 127.0.0.1 (and ::1) and the hostname of the machine to the real IP address on the network interface." + LogText "Information: Linking the hostname to the localhost entry may break some resolving. Split resolving so that localhost resolves back to 127.0.0.1 (and ::1) and the hostname of the machine to the real IP address on the network interface." ReportSuggestion ${TEST_NO} "Split resolving between localhost and the hostname of the system" else - logtext "Result: this server hostname is not mapped to a local address" + LogText "Result: this server hostname is not mapped to a local address" Display --indent 4 --text "- Checking /etc/hosts (localhost)" --result OK --color GREEN fi fi @@ -660,4 +660,4 @@ wait_for_keypress # #================================================================================ -# Lynis - Copyright 2007-2015, Michael Boelen, CISOfy - https://cisofy.com +# Lynis - Copyright 2007-2016, Michael Boelen, CISOfy - https://cisofy.com |