Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/CISOfy/lynis.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/lynis
diff options
context:
space:
mode:
authormboelen <michael@cisofy.com>2016-04-27 16:37:07 +0300
committermboelen <michael@cisofy.com>2016-04-27 16:37:07 +0300
commit2cab82f71fb52bc6088f1066e68d56e5b7e95314 (patch)
tree06c51d31933495be4f8295bfda911dbb637d9c72 /lynis
parentb453190cd793cfd0c035903b68b3fa70a9946960 (diff)
Replaced logtext and report with proper functions
Diffstat (limited to 'lynis')
-rwxr-xr-xlynis202
1 files changed, 101 insertions, 101 deletions
diff --git a/lynis b/lynis
index 86a8ddad..95289939 100755
--- a/lynis
+++ b/lynis
@@ -490,22 +490,22 @@ ${NORMAL}
exit 1
fi
logtextbreak
- logtext "### ${PROGRAM_COPYRIGHT} ###"
+ LogText "### ${PROGRAM_COPYRIGHT} ###"
# Clear report file (to avoid appending to an existing file)
echo "# ${PROGRAM_NAME} Report" > ${REPORTFILE}
- report "report_version_major=${REPORT_version_major}"
- report "report_version_minor=${REPORT_version_minor}"
+ Report "report_version_major=${REPORT_version_major}"
+ Report "report_version_minor=${REPORT_version_minor}"
CDATE=`date "+%F %H:%M:%S"`
- report "report_datetime_start=${CDATE}"
- report "auditor=${AUDITORNAME}"
- report "lynis_version=${PROGRAM_VERSION}"
- report "os=${OS}"
- report "os_name=${OS_NAME}"
- report "os_fullname=${OS_FULLNAME}"
- report "os_version=${OS_VERSION}"
- if [ "${OS}" = "Linux" ]; then report "linux_version=${LINUX_VERSION}"; fi
- report "hostname=${HOSTNAME}"
+ Report "report_datetime_start=${CDATE}"
+ Report "auditor=${AUDITORNAME}"
+ Report "lynis_version=${PROGRAM_VERSION}"
+ Report "os=${OS}"
+ Report "os_name=${OS_NAME}"
+ Report "os_fullname=${OS_FULLNAME}"
+ Report "os_version=${OS_VERSION}"
+ if [ "${OS}" = "Linux" ]; then Report "linux_version=${LINUX_VERSION}"; fi
+ Report "hostname=${HOSTNAME}"
if [ "${HOSTNAME}" = "" ]; then
HOSTNAME="no-hostname"
@@ -530,7 +530,7 @@ ${NORMAL}
#
# Plugin directory test
if [ "${PLUGINDIR}" = "" ]; then
- #logtext "Result: Searching for plugindir"
+ #LogText "Result: Searching for plugindir"
tPLUGIN_TARGETS="/usr/local/lynis/plugins /usr/local/share/lynis/plugins /usr/share/lynis/plugins /etc/lynis/plugins ./plugins"
for I in ${tPLUGIN_TARGETS}; do
if [ -d ${I} ]; then
@@ -575,31 +575,31 @@ ${NORMAL}
echo " ---------------------------------------------------"
fi
- logtext "Program version: ${PROGRAM_VERSION}"
- logtext "Operating system: ${OS}"
- logtext "Operating system name: ${OS_NAME}"
- logtext "Operating system version: ${OS_VERSION}"
- if [ ! "${OS_MODE}" = "" ]; then logtext "Operating system mode: ${OS_MODE}"; fi
- logtext "Kernel version: ${OS_KERNELVERSION}"
+ LogText "Program version: ${PROGRAM_VERSION}"
+ LogText "Operating system: ${OS}"
+ LogText "Operating system name: ${OS_NAME}"
+ LogText "Operating system version: ${OS_VERSION}"
+ if [ ! "${OS_MODE}" = "" ]; then LogText "Operating system mode: ${OS_MODE}"; fi
+ LogText "Kernel version: ${OS_KERNELVERSION}"
if [ ! "${OS_KERNELVERSION_FULL}" = "" ]; then
- logtext "Kernel version (full): ${OS_KERNELVERSION_FULL}"
- fi
- logtext "Hardware platform: ${HARDWARE}"
- logtext "-----------------------------------------------------"
- logtext "Hostname: ${HOSTNAME}"
- logtext "Auditor: ${AUDITORNAME}"
- logtext "Profiles: ${PROFILES}"
- logtext "Work directory: ${WORKDIR}"
- logtext "Include directory: ${INCLUDEDIR}"
- logtext "Plugin directory: ${PLUGINDIR}"
- logtext "-----------------------------------------------------"
- logtext "Log file: ${LOGFILE}"
- logtext "Report file: ${REPORTFILE}"
- logtext "Report version: ${REPORT_version}"
- logtext "-----------------------------------------------------"
- logtext "BusyBox used: ${SHELL_IS_BUSYBOX}"
-
- report "plugin_directory=${PLUGINDIR}"
+ LogText "Kernel version (full): ${OS_KERNELVERSION_FULL}"
+ fi
+ LogText "Hardware platform: ${HARDWARE}"
+ LogText "-----------------------------------------------------"
+ LogText "Hostname: ${HOSTNAME}"
+ LogText "Auditor: ${AUDITORNAME}"
+ LogText "Profiles: ${PROFILES}"
+ LogText "Work directory: ${WORKDIR}"
+ LogText "Include directory: ${INCLUDEDIR}"
+ LogText "Plugin directory: ${PLUGINDIR}"
+ LogText "-----------------------------------------------------"
+ LogText "Log file: ${LOGFILE}"
+ LogText "Report file: ${REPORTFILE}"
+ LogText "Report version: ${REPORT_version}"
+ LogText "-----------------------------------------------------"
+ LogText "BusyBox used: ${SHELL_IS_BUSYBOX}"
+
+ Report "plugin_directory=${PLUGINDIR}"
logtextbreak
#
@@ -609,49 +609,49 @@ ${NORMAL}
#
#################################################################################
#
- logtext "Test: Checking for program update..."
+ LogText "Test: Checking for program update..."
UPDATE_AVAILABLE=0
if [ ${SKIP_UPGRADE_TEST} -eq 1 ]; then
- logtext "Upgrade test skipped due profile option set (skip_upgrade_test)"
+ LogText "Upgrade test skipped due profile option set (skip_upgrade_test)"
PROGRAM_LV="${PROGRAM_AC}"
else
CheckUpdates
fi
if [ "${PROGRAM_AC}" = "" -o "${PROGRAM_LV}" = "" ]; then
Display --indent 2 --text "- Program update status... " --result UNKNOWN --color YELLOW
- logtext "Result: Update check failed. No network connection?"
- logtext "Info: to perform an automatic update check, outbound DNS connections should be allowed (TXT record)."
+ LogText "Result: Update check failed. No network connection?"
+ LogText "Info: to perform an automatic update check, outbound DNS connections should be allowed (TXT record)."
# Set both to safe values
PROGRAM_AC=0; PROGRAM_LV=0
else
- logtext "Current installed version : ${PROGRAM_AC}"
- logtext "Latest stable version : ${PROGRAM_LV}"
+ LogText "Current installed version : ${PROGRAM_AC}"
+ LogText "Latest stable version : ${PROGRAM_LV}"
if [ ${PROGRAM_LV} -gt ${PROGRAM_AC} ]; then
# Check if current version is REALLY outdated (10 versions ago)
PROGRAM_MINVERSION=`expr ${PROGRAM_LV} - 10`
- logtext "Minimum required version : ${PROGRAM_MINVERSION}"
+ LogText "Minimum required version : ${PROGRAM_MINVERSION}"
if [ ${PROGRAM_MINVERSION} -gt ${PROGRAM_AC} ]; then
Display --indent 2 --text "- Program update status... " --result "WARNING" --color RED
- logtext "Result: This version is VERY outdated. Newer ${PROGRAM_NAME} release available!"
+ LogText "Result: This version is VERY outdated. Newer ${PROGRAM_NAME} release available!"
ReportWarning "LYNIS" "Version of Lynis is very old and should be updated"
- report "lynis_update_available=1"
+ Report "lynis_update_available=1"
UPDATE_AVAILABLE=1
else
Display --indent 2 --text "- Program update status... " --result "UPDATE AVAILABLE" --color YELLOW
- logtext "Result: newer ${PROGRAM_NAME} release available!"
+ LogText "Result: newer ${PROGRAM_NAME} release available!"
ReportSuggestion "LYNIS" "Version of Lynis outdated, consider upgrading to the latest version"
- report "lynis_update_available=1"
+ Report "lynis_update_available=1"
UPDATE_AVAILABLE=1
fi
else
if [ ${UPDATE_CHECK_SKIPPED} -eq 0 ]; then
Display --indent 2 --text "- Program update status... " --result "NO UPDATE" --color GREEN
- logtext "No ${PROGRAM_NAME} update available."
- report "lynis_update_available=0"
+ LogText "No ${PROGRAM_NAME} update available."
+ Report "lynis_update_available=0"
else
Display --indent 2 --text "- Program update status... " --result "SKIPPED" --color YELLOW
- logtext "Update check skipped due to constraints (e.g. missing dig binary)"
- report "lynis_update_available=-1"
+ LogText "Update check skipped due to constraints (e.g. missing dig binary)"
+ Report "lynis_update_available=-1"
fi
fi
fi
@@ -754,13 +754,13 @@ ${NORMAL}
if [ ${PLUGIN_PHASE} -eq 1 ]; then
Display --text "Note: plugins have more extensive tests, which may take a few minutes to complete"
Display --text " "
- logtext "Searching plugins..."
+ LogText "Searching plugins..."
fi
# Search plugins
FIND_PLUGINS=`find ${PLUGINDIR} -type f -name "plugin_[a-z]*" -exec echo \{\} \; | sort`
for PLUGIN_FILE in ${FIND_PLUGINS}; do
- logtext "Found plugin file: ${PLUGIN_FILE}"
+ LogText "Found plugin file: ${PLUGIN_FILE}"
# Double check if output is a valid file name
if [ -f ${PLUGIN_FILE} ]; then
FIND2=`grep "^# PLUGIN_NAME=" ${PLUGIN_FILE} | awk -F= '{ print $2 }'`
@@ -769,15 +769,15 @@ ${NORMAL}
# Check if the plugin is enabled in any of the profiles
PLUGIN_ENABLED_STATE=0
for PROFILE in ${PROFILES}; do
- logtext "Action: checking plugin status in profile: ${PROFILE}"
+ LogText "Action: checking plugin status in profile: ${PROFILE}"
FIND3=`grep "^plugin=${FIND2}" ${PROFILE}`
if [ ! "${FIND3}" = "" ]; then
- logtext "Result: plugin enabled in profile (${PROFILE})"
+ LogText "Result: plugin enabled in profile (${PROFILE})"
PLUGIN_ENABLED_STATE=1
fi
done
if [ ${PLUGIN_ENABLED_STATE} -eq 1 ]; then
- logtext "Result: plugin ${FIND2} is enabled"
+ LogText "Result: plugin ${FIND2} is enabled"
# Plugins should have at least a _phase1 part, _phase2 is optional at this moment
PLUGINFILE="${PLUGINDIR}/plugin_${FIND2}_phase${PLUGIN_PHASE}"
if [ -f ${PLUGINFILE} ]; then
@@ -785,40 +785,40 @@ ${NORMAL}
PLUGIN_VERSION_NODOTS=`echo ${PLUGIN_VERSION} | sed 's/.//g'`
FIND4=`ls -l ${PLUGINFILE} | cut -c 2-10`
if [ "${FIND4}" = "rw-r--r--" -o "${FIND4}" = "rw-r-----" -o "${FIND4}" = "rw-------" -o "${FIND4}" = "r--------" ]; then
- logtext "Including plugin file: ${PLUGINFILE} (version: ${PLUGIN_VERSION})"
- report "plugin_enabled_phase${PLUGIN_PHASE}[]=${FIND2}|${PLUGIN_VERSION}|"
+ LogText "Including plugin file: ${PLUGINFILE} (version: ${PLUGIN_VERSION})"
+ Report "plugin_enabled_phase${PLUGIN_PHASE}[]=${FIND2}|${PLUGIN_VERSION}|"
if [ ${PLUGIN_PHASE} -eq 1 ]; then N_PLUGIN_ENABLED=`expr ${N_PLUGIN_ENABLED} + 1`; fi
Display --indent 2 --text "- ${CYAN}Plugin${NORMAL}: ${WHITE}${FIND2}${NORMAL}"
if [ ${PLUGIN_PHASE} -eq 1 ]; then Progress " ["; fi
. ${PLUGINFILE}
if [ ${PLUGIN_PHASE} -eq 1 ]; then Progress "]"; Progress --finish; fi
logtextbreak
- logtext "Result: ${FIND2} plugin (phase ${PLUGIN_PHASE}) finished"
+ LogText "Result: ${FIND2} plugin (phase ${PLUGIN_PHASE}) finished"
else
- logtext "Plugin ${FIND2}: Skipped (bad file permissions, should be 640, 600 or 400)"
+ LogText "Plugin ${FIND2}: Skipped (bad file permissions, should be 640, 600 or 400)"
fi
else
- logtext "Plugin ${FIND2}: Skipped (can't find file ${PLUGINFILE})"
+ LogText "Plugin ${FIND2}: Skipped (can't find file ${PLUGINFILE})"
fi
else
- logtext "Plugin ${FIND2}: Skipped (not enabled)"
+ LogText "Plugin ${FIND2}: Skipped (not enabled)"
fi
else
- logtext "Skipping plugin file ${PLUGIN_FILE} (no valid plugin name found)"
+ LogText "Skipping plugin file ${PLUGIN_FILE} (no valid plugin name found)"
fi
fi
- logtext "--"
+ LogText "--"
done
- logtext "Result: Found ${N_PLUGIN} plugins of which ${N_PLUGIN_ENABLED} are enabled"
- logtext "Result: Plugins ${PLUGIN_PHASE} finished"
+ LogText "Result: Found ${N_PLUGIN} plugins of which ${N_PLUGIN_ENABLED} are enabled"
+ LogText "Result: Plugins ${PLUGIN_PHASE} finished"
}
RunPlugins 1
if [ ${N_PLUGIN_ENABLED} -eq 0 ]; then
Display --indent 2 --text "- Plugins enabled " --result "NONE" --color WHITE
- report "plugins_enabled=0"
+ Report "plugins_enabled=0"
else
- report "plugins_enabled=1"
+ Report "plugins_enabled=1"
fi
fi
#
@@ -829,16 +829,16 @@ ${NORMAL}
GetHostID
# Check if result is not empty (no blank, or hash of blank value, or minus, or zeros)
if [ ! "${HOSTID}" = "-" -a ! "${HOSTID}" = "" -a ! "${HOSTID}" = "adc83b19e793491b1c6ea0fd8b46cd9f32e592fc" -a ! "${HOSTID}" = "6ef1338f520d075957424741d7ed35ab5966ae97" ]; then
- logtext "Info: found valid HostID ${HOSTID}"
- report "hostid=${HOSTID}"
+ LogText "Info: found valid HostID ${HOSTID}"
+ Report "hostid=${HOSTID}"
else
- logtext "Info: no HostID found or invalid one"
+ LogText "Info: no HostID found or invalid one"
fi
if [ ! "${MACHINEID}" = "" ]; then
- logtext "Info: found a machine ID ${MACHINEID}"
- report "machineid=${MACHINEID}"
+ LogText "Info: found a machine ID ${MACHINEID}"
+ Report "machineid=${MACHINEID}"
else
- logtext "Info: no machine ID found"
+ LogText "Info: no machine ID found"
fi
#
#################################################################################
@@ -849,7 +849,7 @@ ${NORMAL}
logtextbreak
# Test sections
if [ "${TESTS_CATEGORY_TO_PERFORM}" = "" ]; then
- logtext "Info: perform tests from all categories"
+ LogText "Info: perform tests from all categories"
INCLUDE_TESTS="boot_services kernel memory_processes authentication shells \
filesystems storage storage_nfs nameservices ports_packages networking printers_spools \
@@ -859,7 +859,7 @@ ${NORMAL}
kernel_hardening hardening"
else
INCLUDE_TESTS="${TESTS_CATEGORY_TO_PERFORM}"
- logtext "Info: only performing tests from categories: ${TESTS_CATEGORY_TO_PERFORM}"
+ LogText "Info: only performing tests from categories: ${TESTS_CATEGORY_TO_PERFORM}"
fi
# Include available tests
@@ -871,7 +871,7 @@ ${NORMAL}
if [ "${FIND}" = "rw-r--r--" -o "${FIND}" = "rw-r-----" -o "${FIND}" = "rw-------" -o "${FIND}" = "r--------" ]; then
. ${INCLUDEDIR}/tests_${INCLUDE_TEST}
else
- logtext "Exception: skipping test category ${INCLUDE_TEST}, file ${INCLUDEDIR}/tests_${INCLUDE_TEST} has bad permissions (should be 640, 600 or 400)"
+ LogText "Exception: skipping test category ${INCLUDE_TEST}, file ${INCLUDEDIR}/tests_${INCLUDE_TEST} has bad permissions (should be 640, 600 or 400)"
ReportWarning "NONE" "H" "Invalid permissions on tests file tests_${INCLUDE_TEST}"
# Insert a section and warn user also on screen
InsertSection "General"
@@ -890,19 +890,19 @@ ${NORMAL}
if [ ${RUN_TESTS} -eq 1 ]; then
InsertSection "Custom Tests"
- logtext "Test: Checking for tests_custom file"
+ LogText "Test: Checking for tests_custom file"
# Custom tests
if [ -f ${INCLUDEDIR}/tests_custom ]; then
- logtext "Result: tests_custom file found in include directory"
- logtext "Test: checking file permissions of tests_custom file"
+ LogText "Result: tests_custom file found in include directory"
+ LogText "Test: checking file permissions of tests_custom file"
FIND=`ls -l ${INCLUDEDIR}/tests_custom | cut -c 2-10`
if [ "${FIND}" = "rw-r--r--" -o "${FIND}" = "rw-r-----" -o "${FIND}" = "rw-------" -o "${FIND}" = "r--------" ]; then
Display --indent 2 --text "- Start custom tests... "
- logtext "Result: file permissions fine, running custom tests"
+ LogText "Result: file permissions fine, running custom tests"
SafePerms ${INCLUDEDIR}/tests_custom
. ${INCLUDEDIR}/tests_custom
else
- logtext "Exception: skipping custom tests, file has bad permissions (should be 640, 600 or 400)"
+ LogText "Exception: skipping custom tests, file has bad permissions (should be 640, 600 or 400)"
ReportWarning "NONE" "H" "Invalid permissions on custom tests file"
Display --indent 2 --text "- Running custom tests... " --result "WARNING" --color RED
fi
@@ -919,10 +919,10 @@ ${NORMAL}
#
if [ ${RUN_HELPERS} -eq 1 ]; then
if [ ! "${HELPER}" = "" ]; then
- logtext "Helper tool is $HELPER"
+ LogText "Helper tool is $HELPER"
if [ -f ${INCLUDEDIR}/helper_${HELPER} ]; then
SafePerms ${INCLUDEDIR}/helper_${HELPER}
- logtext "Running helper tool ${HELPER} with params: ${HELPER_PARAMS}"
+ LogText "Running helper tool ${HELPER} with params: ${HELPER_PARAMS}"
InsertPluginSection "Helper: ${HELPER}"
. ${INCLUDEDIR}/helper_${HELPER} ${HELPER_PARAMS}
else
@@ -948,9 +948,9 @@ ${NORMAL}
#################################################################################
#
# Store total performed tests
- report "lynis_tests_done=${CTESTS_PERFORMED}"
+ Report "lynis_tests_done=${CTESTS_PERFORMED}"
CDATE=`date "+%F %H:%M:%S"`
- report "report_datetime_end=${CDATE}"
+ Report "report_datetime_end=${CDATE}"
# Show report
if [ -f ${INCLUDEDIR}/report ]; then SafePerms ${INCLUDEDIR}/report; . ${INCLUDEDIR}/report; fi
@@ -958,15 +958,15 @@ ${NORMAL}
# Show tool tips
if [ -f ${INCLUDEDIR}/hints_tips ]; then SafePerms ${INCLUDEDIR}/hints_tips; . ${INCLUDEDIR}/hints_tips; fi
- logtext "================================================================================"
- logtext "Tests performed: ${CTESTS_PERFORMED}"
- logtext "Total tests: ${TOTAL_TESTS}"
- logtext "Active plugins: ${N_PLUGIN_ENABLED}"
- logtext "Total plugins: ${N_PLUGIN}"
- logtext "================================================================================"
- report "tests_executed=${TESTS_EXECUTED}"
- report "tests_skipped=${TESTS_SKIPPED}"
- report "finish=true"
+ LogText "================================================================================"
+ LogText "Tests performed: ${CTESTS_PERFORMED}"
+ LogText "Total tests: ${TOTAL_TESTS}"
+ LogText "Active plugins: ${N_PLUGIN_ENABLED}"
+ LogText "Total plugins: ${N_PLUGIN}"
+ LogText "================================================================================"
+ Report "tests_executed=${TESTS_EXECUTED}"
+ Report "tests_skipped=${TESTS_SKIPPED}"
+ Report "finish=true"
# Upload data
if [ ${UPLOAD_DATA} -eq 1 ]; then
@@ -978,11 +978,11 @@ ${NORMAL}
fi
fi
- logtext "${PROGRAM_NAME} ${PROGRAM_VERSION}"
- logtext "${PROGRAM_COPYRIGHT}"
- logtext "${PROGRAM_EXTRAINFO}"
- logtext "Program ended successfully"
- logtext "================================================================================"
+ LogText "${PROGRAM_NAME} ${PROGRAM_VERSION}"
+ LogText "${PROGRAM_COPYRIGHT}"
+ LogText "${PROGRAM_EXTRAINFO}"
+ LogText "Program ended successfully"
+ LogText "================================================================================"
# Clean exit (Delete PID file)
if [ ${TOTAL_WARNINGS} -gt 0 ]; then
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-12 12:23:56 +0300