diff options
author | Michael Boelen <michael.boelen@cisofy.com> | 2019-08-21 14:41:23 +0300 |
---|---|---|
committer | Michael Boelen <michael.boelen@cisofy.com> | 2019-08-21 14:41:23 +0300 |
commit | ee18e76e976eef981a36a702b6ee0504f0cce645 (patch) | |
tree | fb42518b0249377433d1b177f195036710c95059 /include | |
parent | a7145688423c6a36b9394a0a8162b3dd59e61158 (diff) |
Preparations for forensics scan mode
Diffstat (limited to 'include')
-rw-r--r-- | include/consts | 1 | ||||
-rw-r--r-- | include/helper_show | 2 | ||||
-rw-r--r-- | include/parameters | 63 | ||||
-rw-r--r-- | include/report | 14 |
4 files changed, 43 insertions, 37 deletions
diff --git a/include/consts b/include/consts index 8e98a833..9235b5f4 100644 --- a/include/consts +++ b/include/consts @@ -114,6 +114,7 @@ unset LANG FIND="" FIREWALL_ACTIVE=0 FOUNDPATH=0 + FORENSICS=0 GETENT_BINARY="" GRADMBINARY="" GREPBINARY="grep" diff --git a/include/helper_show b/include/helper_show index 260518d6..594be15b 100644 --- a/include/helper_show +++ b/include/helper_show @@ -30,7 +30,7 @@ COMMANDS="audit configure generate show update upload-only" HELPERS="audit configure show update" -OPTIONS="--auditor\n--cronjob (--cron)\n--debug\n--developer\n--help (-h)\n--license-key\n--log-file\n--manpage (--man)\n--no-colors\n--no-log\n--pentest\n--profile\n--plugin-dir\n--quick (-Q)\n--quiet (-q)\n--report-file\n--reverse-colors\n--skip-plugins\n--tests\n--tests-from-category\n--tests-from-group\n--usecwd\n--upload\n--verbose\n--version (-V)\n--wait\n--warnings-only" +OPTIONS="--auditor\n--cronjob (--cron)\n--debug\n--developer\n--forensics\n--help (-h)\n--log-file\n--manpage (--man)\n--no-colors\n--no-log\n--pentest\n--profile\n--plugin-dir\n--quick (-Q)\n--quiet (-q)\n--report-file\n--reverse-colors\n--skip-plugins\n--tests\n--tests-from-category\n--tests-from-group\n--usecwd\n--upload\n--verbose\n--version (-V)\n--wait\n--warnings-only" SHOW_ARGS="categories changelog commands dbdir details environment eol groups help hostids includedir language license logfile man options os pidfile plugindir profiles release releasedate report settings tests version workdir" SHOW_HELP="lynis show ${BROWN}categories${NORMAL} (display test categories) diff --git a/include/parameters b/include/parameters index 49c0f495..483f2193 100644 --- a/include/parameters +++ b/include/parameters @@ -247,29 +247,9 @@ DEVELOPER_MODE=1 ;; - # Display all available options with short alias - --dump-options | --dumpoptions) - OPTIONS="--auditor - --check-all_(-c) --cronjob_(--cron) - --debug - --help_(-h) - --info - --license-key --log-file - --manpage_(--man) - --no-colors --no-log - --pentest --profile --plugins-dir - --quiet_(-q) --quick_(-Q) - --report-file --reverse-colors - --tests - --upload - --version_(-V)" - for ITEM in ${OPTIONS}; do - echo "${ITEM}" | tr '_' ' ' - done - echo "This option is deprecated" - echo "Use: lynis show options" - - ExitClean + # Enable forensics mode (gather information from a mounted directory) + --forensics) + FORENSICS=1 ;; # View help @@ -277,19 +257,6 @@ VIEWHELP=1 ;; - # View program/database information - --check-update | --check-updates | --info) - echo "This option is deprecated" - echo "Use: lynis update info" - ExitClean - ;; - - # License key for Lynis Enterprise - --license-key) - shift - LICENSE_KEY=$1 - ;; - # Adjust default logfile location --logfile | --log-file) shift @@ -455,6 +422,30 @@ exit 1 ;; + # Soon to be deprecated options + + # View program/database information + --check-update | --check-updates | --info) + echo "This option is deprecated" + echo "Use: lynis update info" + ExitFatal + ;; + + # Display all available options with short alias + --dump-options | --dumpoptions) + echo "This option is deprecated" + echo "Use: lynis show options" + ExitFatal + ;; + + # License key for Lynis Enterprise + --license-key) + echo "This option is deprecated" + echo "Define a license key in /etc/lynis/custom.prf" + ExitFatal + ;; + + # Drop out when using wrong option(s) *) # Wrong option used, we bail out later diff --git a/include/report b/include/report index c340da53..1ec93ffa 100644 --- a/include/report +++ b/include/report @@ -215,6 +215,20 @@ echo " - Malware scanner [${MALWARE}${NORMAL}]" echo "" + echo " ${SECTION}Scan mode${NORMAL}:" + if [ ${FORENSICS} -eq 1 ]; then + echo " Normal [ ] Forensics [V] Pentest [ ]" + elif [ ${PENTESTINGMODE} -eq 1 ]; then + if [ ${PRIVILEGED} -eq 0 ]; then + echo " Normal [ ] Forensics [ ] Pentest [V] (running non-privileged)" + else + echo " Normal [ ] Forensics [ ] Pentest [V] (running privileged)" + fi + else + echo " Normal [V] Forensics [ ] Pentest [ ]" + fi + echo "" + echo " ${SECTION}Lynis modules${NORMAL}:" if [ ${COMPLIANCE_TESTS_PERFORMED} -eq 1 ]; then if [ ${COMPLIANCE_FINDINGS_FOUND} -eq 0 ]; then COMPLIANCE="${GREEN}V"; else COMPLIANCE="${RED}X"; fi |