diff options
author | Mincă Daniel Andrei <dminca@users.noreply.github.com> | 2016-04-04 14:18:35 +0300 |
---|---|---|
committer | Michael Boelen <michael@cisofy.com> | 2016-04-04 14:18:35 +0300 |
commit | 287a0e72a5caa008778dcd788d76fa9641f6fb60 (patch) | |
tree | e3d62a85746d9cbe7abda91c522ebd0066f0f36d /lynis | |
parent | 95944c00354c9ad31e6383ee39fea9a5264d364d (diff) |
Replace repetitive echo commands with single printf statement
* Format includedir conditional
Signed-off-by: Daniel Andrei Minca <mandrei17@gmail.com>
* Clean echos from security check message
Signed-off-by: Daniel Andrei Minca <mandrei17@gmail.com>
* Clean echos from Beta disclaimer
Signed-off-by: Daniel Andrei Minca <mandrei17@gmail.com>
* Clean echos from 2 instances of Lynis conditional
Signed-off-by: Daniel Andrei Minca <mandrei17@gmail.com>
* Format the 'Bail out if no param' condtitional
Signed-off-by: Daniel Andrei Minca <mandrei17@gmail.com>
* Format the 'non-priviledged scan mode' message
Signed-off-by: Daniel Andrei Minca <mandrei17@gmail.com>
Diffstat (limited to 'lynis')
-rwxr-xr-x | lynis | 259 |
1 files changed, 135 insertions, 124 deletions
@@ -69,10 +69,10 @@ for I in ${tINCLUDE_TARGETS}; do if [ -d ${I} ]; then INCLUDEDIR=${I}; fi; done # Drop out if our include directory can't be found - if [ "${INCLUDEDIR}" = "" ]; then - echo "Fatal error: can't find include directory" - echo "Make sure to execute ${PROGRAM_name} from untarred directory or check your installation." + printf "%s" " +Fatal error: can't find include directory +Make sure to execute ${PROGRAM_name} from untarred directory or check your installation." exit 1 fi @@ -134,37 +134,39 @@ fi fi if [ ${SHOWPERMERROR} -eq 1 ]; then - echo "" - echo "[!] Change ownership of ${INCLUDEDIR}/${FILE} to 'root' or similar (found: ${OWNER} with UID ${OWNERID})." - echo "" - echo " Command:" - echo " # chown 0:0 ${INCLUDEDIR}/${FILE}" - echo "" + printf "%s" " + +[!] Change ownership of ${INCLUDEDIR}/${FILE} to 'root' or similar (found: ${OWNER} with UID ${OWNERID}). + + Command: + # chown 0:0 ${INCLUDEDIR}/${FILE} +" fi # Now if there is an issue with permissions, show it to the user and let them decide how to continue. if [ ${ISSUE} -eq 1 ]; then - echo "" - echo "[X] Security check failed" - echo "" - echo " Why do I see this error?" - echo " -------------------------------" - echo " This is a protection mechanism to prevent the root user from executing user created files. The files may be altered, or including malicious pieces of script." - echo ""; echo "" - echo " What can I do?" - echo " ---------------------" - echo " Option 1) Check if a trusted user created the files (e.g. due to using Git, Homebrew or similar)." - echo " If you trust these files, you can decide to continue this run by pressing ENTER." - echo "" - echo " Option 2) Change ownership and permissions of the related files (or full directory)." - echo "" - echo " Commands (full directory):" - echo " # cd .." - echo " # chown -R 0:0 lynis" - echo " # cd lynis" - echo " ./lynis audit system" - echo ""; echo ""; - echo "[ Press ENTER to continue, or CTRL+C to cancel ]" + printf "%s" " +[X] Security check failed + + Why do I see this error? + ------------------------------- + This is a protection mechanism to prevent the root user from executing user created files. The files may be altered, or including malicious pieces of script. + + What can I do? + --------------------- + Option 1) Check if a trusted user created the files (e.g. due to using Git, Homebrew or similar). + If you trust these files, you can decide to continue this run by pressing ENTER. + + Option 2) Change ownership and permissions of the related files (or full directory). + + Commands (full directory): + # cd .. + # chown -R 0:0 lynis + # cd lynis + ./lynis audit system + + +[ Press ENTER to continue, or CTRL+C to cancel ]" read DUMMY fi . ${INCLUDEDIR}/consts @@ -255,31 +257,34 @@ # if [ ${QUIET} -eq 0 ]; then - echo "" - echo "${WHITE}[ ${PROGRAM_name} ${PROGRAM_version} ]${NORMAL}" - echo "" - echo "################################################################################" - echo " ${PROGRAM_license}" - echo "" - echo " ${PROGRAM_copyright}" - echo " ${PROGRAM_extrainfo}" - echo "################################################################################" + printf "%s" " + +${WHITE}[ ${PROGRAM_name} ${PROGRAM_version} ]${NORMAL} + +################################################################################ + ${PROGRAM_license} + + ${PROGRAM_copyright} + ${PROGRAM_extrainfo} +################################################################################" fi if [ "${PROGRAM_releasetype}" = "beta" ]; then - echo "${WHITE}" - echo " #########################################################" - echo " # ${YELLOW}BETA VERSION${WHITE} #" - echo " #########################################################" - echo "" - echo " Thank you for testing a beta release. Make sure to read" - echo " all available documentation before proceeding and/or" - echo " requesting support. Due the nature of beta releases, it" - echo " is possible new features give unexpected warnings." - echo "" - echo "" - echo " #########################################################" - echo "${NORMAL}"; echo "" + printf "%s" " +${WHITE} + ######################################################### + # ${YELLOW}BETA VERSION${WHITE} # + ######################################################### + + Thank you for testing a beta release. Make sure to read + all available documentation before proceeding and/or + requesting support. Due the nature of beta releases, it + is possible new features give unexpected warnings. + + + ######################################################### +${NORMAL} +" fi # ################################################################################# @@ -332,18 +337,19 @@ # Check if there is already a PID file in any of the locations (incorrect termination of previous instance) if [ -f "${MYHOMEDIR}/lynis.pid" -o -f "./lynis.pid" -o -f "/var/run/lynis.pid" ]; then - echo "" - echo " ${WARNING}Warning${NORMAL}: ${WHITE}PID file exists, probably another Lynis process is running.${NORMAL}" - echo " ------------------------------------------------------------------------------" - echo " If you are unsure another Lynis process is running currently, you are advised " - echo " to stop current process and check the process list first. If you cancelled" - echo " (by using CTRL+C) a previous instance, you can ignore this message." - echo " " - echo " You are advised to check for temporary files after program completion." - echo " ------------------------------------------------------------------------------" - echo "" - echo " ${YELLOW}Note: ${WHITE}Cancelling the program can leave temporary files behind${NORMAL}" - echo "" + printf "%s" " + +${WARNING}Warning${NORMAL}: ${WHITE}PID file exists, probably another Lynis process is running.${NORMAL} +------------------------------------------------------------------------------ +If you are unsure another Lynis process is running currently, you are advised +to stop current process and check the process list first. If you cancelled +(by using CTRL+C) a previous instance, you can ignore this message. + +You are advised to check for temporary files after program completion. +------------------------------------------------------------------------------ + +${YELLOW}Note: ${WHITE}Cancelling the program can leave temporary files behind${NORMAL} +" wait_for_keypress # Deleting any stale PID files that might exist. Note: Display function does not work yet at this point @@ -371,46 +377,47 @@ # # Bail out if we didn't get any parameter, or incorrect ones if [ ${PARAMCOUNT} -eq 0 -o ${WRONGOPTION} -eq 1 -o ${VIEWHELP} -eq 1 ]; then - echo "" - echo " Usage: lynis ${WHITE}[options] ${CYAN}mode${NORMAL}" - echo "" - echo "" - echo " ${CYAN}Mode:${NORMAL}" - echo "" - echo " ${GREEN}audit${NORMAL}" - echo " audit system : Perform security scan" - echo " audit dockerfile <file> : Analyze Dockerfile" - echo "" - echo " ${GREEN}update${NORMAL}" - echo " update info : Show update details" - echo " update release : Update Lynis release" - echo "" - echo "" - echo " ${WHITE}Scan options:${NORMAL}" - echo " --auditor \"<name>\" : Auditor name" - echo " --dump-options : See all available options" - echo " --no-log : Don't create a log file" - echo " --pentest : Non-privileged scan (useful for pentest)" - echo " --profile <profile> : Scan the system with the given profile file" - echo " --quick (-Q) : Quick mode, don't wait for user input" - echo " --tests \"<tests>\" : Run only tests defined by <tests>" - echo " --tests-category \"<category>\" : Run only tests defined by <category>" - echo "" - echo " ${WHITE}Layout options:${NORMAL}" - echo " --no-colors : Don't use colors in output" - echo " --quiet (-q) : No output, except warnings" - echo " --reverse-colors : Optimize color display for light backgrounds" - echo "" - echo " ${WHITE}Misc options:${NORMAL}" - echo " --debug : Debug logging to screen" - echo " --view-manpage (--man) : View man page" - echo " --version (-V) : Display version number and quit" - echo "" - echo " ${WHITE}Enterprise options:${NORMAL}" - echo " --plugin-dir \"<path>\" : Define path of available plugins" - echo " --upload : Upload data to central node" - echo "" - echo "" + printf "%s" " + + Usage: lynis ${WHITE}[options] ${CYAN}mode${NORMAL} + + + ${CYAN}Mode:${NORMAL} + + ${GREEN}audit${NORMAL} + audit system : Perform security scan + audit dockerfile <file> : Analyze Dockerfile + + ${GREEN}update${NORMAL} + update info : Show update details + update release : Update Lynis release + + + ${WHITE}Scan options:${NORMAL} + --auditor \"<name>\" : Auditor name + --dump-options : See all available options + --no-log : Don't create a log file + --pentest : Non-privileged scan (useful for pentest) + --profile <profile> : Scan the system with the given profile file + --quick (-Q) : Quick mode, don't wait for user input + --tests \"<tests>\" : Run only tests defined by <tests> + --tests-category \"<category>\" : Run only tests defined by <category> + + ${WHITE}Layout options:${NORMAL} + --no-colors : Don't use colors in output + --quiet (-q) : No output, except warnings + --reverse-colors : Optimize color display for light backgrounds + + ${WHITE}Misc options:${NORMAL} + --debug : Debug logging to screen + --view-manpage (--man) : View man page + --version (-V) : Display version number and quit + + ${WHITE}Enterprise options:${NORMAL} + --plugin-dir \"<path>\" : Define path of available plugins + --upload : Upload data to central node + +" if [ ${WRONGOPTION} -eq 1 ]; then echo " ${RED}Error${NORMAL}: ${WHITE}Invalid option '${WRONGOPTION_value}'${NORMAL}" @@ -431,28 +438,32 @@ ################################################################################# # if [ ${PRIVILEGED} -eq 0 ]; then - echo "${WHITE}" - echo " ###################################################################" - echo " # #" - echo " # ${PURPLE}NON-PRIVILEGED SCAN MODE${WHITE} #" - echo " # #" - echo " ###################################################################" - echo "${NORMAL}" - echo " ${YELLOW}NOTES:${NORMAL}" - echo " --------------" - echo " ${WHITE}*${NORMAL} Some tests will be skipped (as they require root permissions)" - echo " ${WHITE}*${NORMAL} Some tests might fail silently or give different results" - echo "" + printf "%s" " +${WHITE} + ################################################################### + # # + # ${PURPLE}NON-PRIVILEGED SCAN MODE${WHITE} # + # # + ################################################################### +${NORMAL} + ${YELLOW}NOTES:${NORMAL} + -------------- + ${WHITE}*${NORMAL} Some tests will be skipped (as they require root permissions) + ${WHITE}*${NORMAL} Some tests might fail silently or give different results +" if [ "${LOGFILE}" = "" -o "${LOGFILE}" = "/dev/null" ]; then - echo " ${RED}WARNING:${NORMAL}" - echo " ${WHITE}*${NORMAL} No suggestions or warnings will be displayed in report (due to missing log file)" - echo "" + printf "%s" " +${RED}WARNING:${NORMAL} +${WHITE}*${NORMAL} No suggestions or warnings will be displayed in report (due to missing log file) +" fi - echo "" - echo " ${WHITE}Press [ENTER] to continue or [CTRL] + C to break${NORMAL}" - echo "" - echo " ###################################################################" - echo "${NORMAL}"; echo "" + printf "%s" " + + ${WHITE}Press [ENTER] to continue or [CTRL] + C to break${NORMAL} + + ################################################################### +${NORMAL} +" if [ ${QUICKMODE} -eq 0 ]; then read void; fi fi # |