diff options
author | Michael Boelen <michael.boelen@cisofy.com> | 2016-05-12 12:26:39 +0300 |
---|---|---|
committer | Michael Boelen <michael.boelen@cisofy.com> | 2016-05-12 12:26:39 +0300 |
commit | 91acefeb6e2dd3e8cf97230db08d537b28402b0e (patch) | |
tree | 439eff697239f0fefa132b3b053b41f0dfede04a /lynis | |
parent | 4225611b5b868ce191596db1293abcb95c3af3ff (diff) |
Only allow 1 default.prf and 1 custom.prf to be used
Diffstat (limited to 'lynis')
-rwxr-xr-x | lynis | 21 |
1 files changed, 17 insertions, 4 deletions
@@ -193,7 +193,7 @@ Make sure to execute ${PROGRAM_NAME} from untarred directory or check your insta if [ ${MYID} -eq 0 ]; then PRIVILEGED=1 else - echo "Starting Lynis non-privileged" + Debug "Starting Lynis non-privileged" # Implied pentesting mode if not performed by root user PENTESTINGMODE=1 fi @@ -256,13 +256,26 @@ ${NORMAL} # Try to find a default and custom profile, unless one was specified manually if [ "${PROFILE}" = "" ]; then + CUSTOM_PROFILE="" + DEFAULT_PROFILE="" tPROFILE_NAMES="default.prf custom.prf" tPROFILE_TARGETS="/usr/local/etc/lynis /etc/lynis /usr/local/lynis ." for PNAME in ${tPROFILE_NAMES}; do for PLOC in ${tPROFILE_TARGETS}; do - FILE="${PLOC}/${PNAME}" - if [ -r ${FILE} ]; then - PROFILES="${PROFILES} ${FILE}" + # Only use one default.prf + if [ "${PNAME}" = "default.prf" -a ! "${DEFAULT_PROFILE}" = "" ]; then + Debug "Already discovered default.prf - skipping this file (${PLOC}/${PNAME})" + elif [ "${PNAME}" = "custom.prf" -a ! "${CUSTOM_PROFILE}" = "" ]; then + Debug "Already discovered custom.prf - skipping this file (${PLOC}/${PNAME})" + else + FILE="${PLOC}/${PNAME}" + if [ -r ${FILE} ]; then + PROFILES="${PROFILES} ${FILE}" + case ${PNAME} in + "custom.prf") CUSTOM_PROFILE="${FILE}" ;; + "default.prf") DEFAULT_PROFILE="${FILE}" ;; + esac + fi fi done done |