diff options
| author | Marzal <2069735+Marzal@users.noreply.github.com> | 2019-09-29 22:15:29 +0300 |
|---|---|---|
| committer | Marzal <2069735+Marzal@users.noreply.github.com> | 2019-09-29 22:15:29 +0300 |
| commit | a052a107d3f6da9836cb2c9a22d9dc1068e80bc7 (patch) | |
| tree | b5a2e0296443e55b4fbaf1ecb125db130a680bc2 /include/tests_storage | |
| parent | 7d430d5abc2a8d3b0754df8b2b19f63294c84813 (diff) | |
SC2086
Diffstat (limited to 'include/tests_storage')
| -rw-r--r-- | include/tests_storage | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/include/tests_storage b/include/tests_storage index 1e3d93c3..c355a72b 100644 --- a/include/tests_storage +++ b/include/tests_storage @@ -32,10 +32,10 @@ # Description : Check for disabled firewire storage # Explanation : Best option is to use the install function, otherwise drivers can still be loaded manually Register --test-no STRG-1846 --os Linux --weight L --network NO --category security --description "Check if firewire storage is disabled" - if [ ${SKIPTEST} -eq 0 ]; then + if [ "${SKIPTEST}" -eq 0 ]; then FOUND=0 LogText "Test: Checking firewire storage driver in directory /etc/modprobe.d and configuration file /etc/modprobe.conf" - if [ -d ${ROOTDIR}etc/modprobe.d ]; then + if [ -d "${ROOTDIR}etc/modprobe.d" ]; then FIND=$(${LSBINARY} ${ROOTDIR}etc/modprobe.d/* 2> /dev/null) if [ -n "${FIND}" ]; then FIND1=$(${EGREPBINARY} "blacklist (ohci1394|firewire[-_]ohci|firewire-core)" ${ROOTDIR}etc/modprobe.d/* | ${GREPBINARY} -v "#") @@ -48,9 +48,9 @@ LogText "Result: skipping ${ROOTDIR}etc/modprobe.d, directory found but no files in it" fi fi - if [ -f ${ROOTDIR}etc/modprobe.conf ]; then - FIND1=$(${EGREPBINARY} -r "blacklist (ohci1394|firewire[-_]ohci|firewire-core)" ${ROOTDIR}etc/modprobe.conf | ${GREPBINARY} -v "#") - FIND2=$(${EGREPBINARY} -r "install (ohci1394|firewire[-_]ohci|firewire-core) /bin/(false|true)" ${ROOTDIR}etc/modprobe.conf | ${GREPBINARY} -v "#") + if [ -f "${ROOTDIR}etc/modprobe.conf" ]; then + FIND1=$(${EGREPBINARY} -r "blacklist (ohci1394|firewire[-_]ohci|firewire-core)" "${ROOTDIR}etc/modprobe.conf" | ${GREPBINARY} -v "#") + FIND2=$(${EGREPBINARY} -r "install (ohci1394|firewire[-_]ohci|firewire-core) /bin/(false|true)" "${ROOTDIR}etc/modprobe.conf" | ${GREPBINARY} -v "#") if [ -n "${FIND1}" -o -n "${FIND2}" ]; then FOUND=1 LogText "Result: found firewire ohci driver in disabled state" @@ -60,7 +60,7 @@ if [ ${FOUND} -eq 0 ]; then LogText "Result: firewire ohci driver is not explicitly disabled" Display --indent 2 --text "- Checking firewire ohci driver (modprobe config)" --result "NOT DISABLED" --color WHITE - ReportSuggestion ${TEST_NO} "Disable drivers like firewire storage when not used, to prevent unauthorized storage or data theft" + ReportSuggestion "${TEST_NO}" "Disable drivers like firewire storage when not used, to prevent unauthorized storage or data theft" # after blacklisting modules, make sure to remove them from the initram filesystem: update-initramfs -u AddHP 2 3 else |