diff options
| author | Michael Boelen <michael.boelen@cisofy.com> | 2019-12-06 17:55:29 +0300 |
|---|---|---|
| committer | Michael Boelen <michael.boelen@cisofy.com> | 2019-12-06 17:55:29 +0300 |
| commit | b2c73547dddebf2620a9fffd972fff6bd072977d (patch) | |
| tree | 15207811b6d8adeafbba326107b85e3925bf6ba7 /plugins | |
| parent | c7c44535e708839bba3dde323a609d4271f8fe8d (diff) | |
Initialize variables and filter out pam-old files
Diffstat (limited to 'plugins')
| -rw-r--r-- | plugins/plugin_pam_phase1 | 22 |
1 files changed, 15 insertions, 7 deletions
diff --git a/plugins/plugin_pam_phase1 b/plugins/plugin_pam_phase1 index f4866db7..361918de 100644 --- a/plugins/plugin_pam_phase1 +++ b/plugins/plugin_pam_phase1 @@ -6,19 +6,26 @@ #----------------------------------------------------- # PLUGIN_AUTHOR=Michael Boelen <michael.boelen@cisofy.com> # PLUGIN_CATEGORY=authentication -# PLUGIN_DATE=2017-04-30 +# PLUGIN_DATE=2019-07-26 # PLUGIN_DESC=PAM # PLUGIN_NAME=pam # PLUGIN_PACKAGE=all # PLUGIN_REQUIRED_TESTS= -# PLUGIN_VERSION=1.0.2 +# PLUGIN_VERSION=1.0.4 #----------------------------------------------------- ######################################################################### # # Variables + CREDITS_D_PASSWORD="" + CREDITS_L_PASSWORD="" + CREDITS_O_PASSWORD="" + CREDITS_U_PASSWORD="" MAX_PASSWORD_RETRY="" + MIN_PASSWORD_CLASS="" PAM_DIRECTORY="${ROOTDIR}etc/pam.d" - +# +######################################################################### +# # Test : PLGN-0008 # Description : Check PAM configuration FILE="${ROOTDIR}etc/security/pwquality.conf" @@ -57,8 +64,9 @@ done done fi - - +# +######################################################################### +# # Test : PLGN-0010 # Description : Check PAM configuration if [ -f ${ROOTDIR}etc/pam.conf -o -d ${PAM_DIRECTORY} ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi @@ -69,12 +77,12 @@ if [ -d ${PAM_DIRECTORY} ]; then LogText "Result: ${PAM_DIRECTORY} exists" if [ ! "${OS}" = "FreeBSD" -a ! "${OS}" = "NetBSD" ]; then - FIND_FILES=$(find ${PAM_DIRECTORY} -type f -print) + FIND_FILES=$(find ${PAM_DIRECTORY} -not -name "*.pam-old" -type f -print) else if [ -f ${PAM_DIRECTORY}/README ]; then LogText "Skipped checking ${OS} ${PAM_DIRECTORY}/README as a PAM file" fi - FIND_FILES=$(find ${PAM_DIRECTORY} -type f -print | grep -v "README") + FIND_FILES=$(find ${PAM_DIRECTORY} -not -name "README" -not -name "*.pam-old" -type f -print) fi for PAM_FILE in ${FIND_FILES}; do |