diff options
| author | Michael Boelen <michael.boelen@cisofy.com> | 2017-09-18 20:50:41 +0300 |
|---|---|---|
| committer | Michael Boelen <michael.boelen@cisofy.com> | 2017-09-18 20:50:41 +0300 |
| commit | 19bbc4272f073fa3f8052d1f61134cc1cc00e168 (patch) | |
| tree | 3c85d96c0a04895c5cd7cd1da7d9bc0a596cbfe7 /include/tests_shells | |
| parent | 76b4afb14d441fb3e1d2c6b616cea263df1faf48 (diff) | |
[SHLL-6220] Improved detection of shell settings like TMOUT
Diffstat (limited to 'include/tests_shells')
| -rw-r--r-- | include/tests_shells | 31 |
1 files changed, 21 insertions, 10 deletions
diff --git a/include/tests_shells b/include/tests_shells index c668dd83..377cb712 100644 --- a/include/tests_shells +++ b/include/tests_shells @@ -101,18 +101,23 @@ # Description : check for idle session killing tools or settings Register --test-no SHLL-6220 --weight L --network NO --category security --description "Checking available and valid shells" if [ ${SKIPTEST} -eq 0 ]; then + + IDLE_TIMEOUT_METHOD="" + IDLE_TIMEOUT_READONLY="" + LogText "Test: Search for session timeout tools or settings in shell" IsRunning timeoutd if [ ${RUNNING} -eq 1 ]; then IDLE_TIMEOUT=1 LogText "Result: found timeoutd process to kill idle sesions" - Report="session_timeout_method=timeout daemon" + IDLE_TIMEOUT_METHOD="timeout-daemon" fi IsRunning autolog if [ ${RUNNING} -eq 1 ]; then IDLE_TIMEOUT=1 LogText "Result: found autolog process to kill idle sesions" Report="session_timeout_method[]=autolog" + IDLE_TIMEOUT_METHOD="autolog" fi if [ -f ${ROOTDIR}etc/profile ]; then @@ -132,7 +137,7 @@ else LogText "Result: found several TMOUT values configured in ${ROOTDIR}etc/profile" fi - Report "session_timeout_method[]=profile" + IDLE_TIMEOUT_METHOD="profile" else LogText "Result: could not find TMOUT setting in ${ROOTDIR}etc/profile" fi @@ -147,10 +152,10 @@ done if [ ${N} -gt 0 ]; then LogText "Result: found readonly setting in ${ROOTDIR}etc/profile (readonly or typeset -r)" - Report "session_timeout_set_readonly=1" + IDLE_TIMEOUT_READONLY=1 else LogText "Result: NO readonly setting found in ${ROOTDIR}etc/profile (readonly or typeset -r)" - Report "session_timeout_set_readonly=0" + IDLE_TIMEOUT_READONLY=0 fi else LogText "Result: could not find export, readonly or typeset -r in ${ROOTDIR}etc/profile" @@ -163,10 +168,9 @@ FIND=$(${LSBINARY} ${ROOTDIR}etc/profile.d/*.sh 2> /dev/null) if [ ! -z "${FIND}" ]; then # Determine if we can find a TMOUT value - FIND=$(${CATBINARY} ${ROOTDIR}etc/profile.d/*.sh 2> /dev/null | ${GREPBINARY} 'TMOUT=' | ${TRBINARY} -d ' ' | ${TRBINARY} -d '\t' | ${GREPBINARY} -v "^#" | ${SEDBINARY} 's/export//' | ${SEDBINARY} 's/#.*//' | ${AWKBINARY} -F= '{ print $2 }') + FIND=$(${FINDBINARY} ${ROOTDIR}etc/profile.d -name "*.sh" -type f -exec cat {} \; 2> /dev/null | ${GREPBINARY} 'TMOUT=' | ${TRBINARY} -d ' ' | ${TRBINARY} -d '\t' | ${GREPBINARY} -v "^#" | ${SEDBINARY} 's/export//' | ${SEDBINARY} 's/#.*//' | ${AWKBINARY} -F= '{ print $2 }') # Determine if the value is exported (with export, readonly, or typeset) - FIND2=$(${CATBINARY} ${ROOTDIR}etc/profile.d/*.sh 2> /dev/null | ${GREPBINARY} '\(export\|readonly\|typeset -r\)[ \t]*TMOUT' | ${GREPBINARY} -v "^#" | ${SEDBINARY} 's/#.*//' | ${AWKBINARY} '{ print $1 }') - + FIND2=$(${FINDBINARY} ${ROOTDIR}etc/profile.d -name "*.sh" -type f -exec cat {} \; 2> /dev/null | ${GREPBINARY} '\(export\|readonly\|typeset -r\)[ \t]*TMOUT' | ${GREPBINARY} -v "^#" | ${SEDBINARY} 's/#.*//' | ${AWKBINARY} '{ print $1 }') if [ ! -z "${FIND}" ]; then N=0; IDLE_TIMEOUT=1 for I in ${FIND}; do @@ -179,7 +183,7 @@ else LogText "Result: found several TMOUT values configured in one of the files in ${ROOTDIR}etc/profile.d directory" fi - Report "session_timeout_method[]=profile" + IDLE_TIMEOUT_METHOD="profile.d" else LogText "Result: could not find TMOUT setting in ${ROOTDIR}etc/profile.d/*.sh" fi @@ -194,10 +198,10 @@ done if [ ${N} -gt 0 ]; then LogText "Result: found readonly setting in ${ROOTDIR}etc/profile (readonly or typeset -r)" - Report "session_timeout_set_readonly=1" + IDLE_TIMEOUT_READONLY=1 else LogText "Result: NO readonly setting found in ${ROOTDIR}etc/profile (readonly or typeset -r)" - Report "session_timeout_set_readonly=0" + IDLE_TIMEOUT_READONLY=0 fi else LogText "Result: could not find export, readonly or typeset -r in ${ROOTDIR}etc/profile" @@ -207,6 +211,13 @@ LogText "Result: skip ${ROOTDIR}etc/profile.d directory test, directory not available on this system" fi + if [ ! -z "${IDLE_TIMEOUT_METHOD}" ]; then + Report "session_timeout_method[]=${IDLE_TIMEOUT_METHOD}" + fi + if [ ! -z "${IDLE_TIMEOUT_READONLY}" ]; then + Report "session_timeout_set_readonly=${IDLE_TIMEOUT_READONLY}" + fi + if [ ${IDLE_TIMEOUT} -eq 1 ]; then Display --indent 4 --text "- Session timeout settings/tools" --result "${STATUS_FOUND}" --color GREEN AddHP 3 3 |