diff options
-rw-r--r-- | CHANGELOG | 3 | ||||
-rwxr-xr-x | debian/rules | 7 | ||||
-rw-r--r-- | include/tests_boot_services | 4 | ||||
-rw-r--r-- | include/tests_crypto | 4 | ||||
-rw-r--r-- | include/tests_networking | 2 | ||||
-rw-r--r-- | include/tests_scheduling | 8 | ||||
-rw-r--r-- | include/tests_ssh | 2 | ||||
-rw-r--r-- | include/tests_webservers | 2 | ||||
-rwxr-xr-x | lynis | 2 |
9 files changed, 20 insertions, 14 deletions
@@ -30,7 +30,10 @@ - ShowSymlinkPath function to check path behind a symlink Changes: + - Improved inetd test to avoid false positive with xinetd process [INSE-8002] - Permissions check has been adjusted to allow packaging and pentest mode + - Fix for reading at.deny file [SCHD-7720] + - Extended telnet in inetd test [INSE-8016] - Removed individual warnings [BOOT-5184] - Store PID file in home directory of user if needed diff --git a/debian/rules b/debian/rules index 6df8c0ed..cf69ec6e 100755 --- a/debian/rules +++ b/debian/rules @@ -1,8 +1,8 @@ #!/usr/bin/make -f -build: build-arch build-indep -build-arch: build-stamp +build: build-indep build-arch build-indep: build-stamp +build-arch: build-stamp build-stamp: dh_testdir touch build-stamp @@ -36,7 +36,6 @@ install: build # Build architecture-dependent files here. -binary-arch: build install binary-indep: build install dh_testdir dh_testroot @@ -54,6 +53,8 @@ binary-indep: build install dh_md5sums dh_builddeb +binary-arch: build install + binary: binary-indep binary-arch .PHONY: build clean binary-indep binary-arch binary install configure diff --git a/include/tests_boot_services b/include/tests_boot_services index 774a126f..56a283d4 100644 --- a/include/tests_boot_services +++ b/include/tests_boot_services @@ -58,7 +58,7 @@ AddHP 4 4 fi else - logtext "Warning: can not read ${GRUBCONFFILE}" + logtext "Result: Can not read ${GRUBCONFFILE} (no permission)" fi fi @@ -142,7 +142,7 @@ fi #YYY (making /etc/lilo.conf immutable is a good idea, chattr +i /etc/lilo.conf) else - logtext "Warning: can not access ${LILOCONFFILE}" + logtext "Result: can not read ${LILOCONFFILE} (no permission)" fi else Display --indent 4 --text "- Checking presence LILO... " --result "NOT FOUND" --color WHITE diff --git a/include/tests_crypto b/include/tests_crypto index 719617a0..a20087c8 100644 --- a/include/tests_crypto +++ b/include/tests_crypto @@ -53,11 +53,11 @@ #YYY Dump more information to log file fi else - logtext "Warning: can not read file ${J}" + logtext "Result: can not read file ${J} (no permission)" fi done else - logtext "Warning: No read access to path ${I}" + logtext "Result: can not read path ${I} (no permission)" fi else logtext "Result: SSL path ${I} does not exist" diff --git a/include/tests_networking b/include/tests_networking index 6535a493..fb6c4f6b 100644 --- a/include/tests_networking +++ b/include/tests_networking @@ -215,7 +215,7 @@ FIND2=`${IFCONFIGBINARY} -a | awk '{ if ($1=="inet6") print $2 }'` ;; *) - logtext "Warning: no support yet for this OS (${OS}) to find IP address information" + logtext "Result: no support yet for this OS (${OS}) to find IP address information. You can help improving this test by submitting your details." ReportException "${TEST_NO}:1" "IP address information test not implemented for this operating system" ;; esac diff --git a/include/tests_scheduling b/include/tests_scheduling index 14359189..1ec7410e 100644 --- a/include/tests_scheduling +++ b/include/tests_scheduling @@ -186,13 +186,14 @@ done fi else - logtext "Warning: can not read ${AT_ALLOW}" + logtext "Result: can not read ${AT_ALLOW} (no permission)" fi else logtext "Result: file ${AT_ALLOW} does not exist" logtext "Test: checking for file ${AT_DENY}" if [ -f ${AT_DENY} ]; then - if [ -f ${AT_ALLOW} ]; then + FileIsReadable ${AT_DENY} + if [ ${CANREAD} -eq 1 ]; then logtext "Result: file ${AT_DENY} exists, only non listed users can schedule at jobs" FIND=`cat ${AT_DENY} | sort` if [ "${FIND}" = "" ]; then @@ -203,11 +204,12 @@ done fi else - logtext "Warning: can not read ${AT_DENY}" + logtext "Result: can not read ${AT_DENY} (no permission)" fi else logtext "Result: both ${AT_ALLOW} and ${AT_DENY} do not exist" logtext "Note: only root can schedule at jobs" + AddHP 1 1 fi fi Display --indent 4 --text "- Checking at users" --result DONE --color GREEN diff --git a/include/tests_ssh b/include/tests_ssh index 8905511b..b434d5fb 100644 --- a/include/tests_ssh +++ b/include/tests_ssh @@ -64,7 +64,7 @@ FOUND=1 SSH_DAEMON_CONFIG="${I}/sshd_config" else - logtext "Warning: can not read ${I}/sshd_config file" + logtext "Result: can not read ${I}/sshd_config file (no permission)" fi fi done diff --git a/include/tests_webservers b/include/tests_webservers index 4348993a..e6f00154 100644 --- a/include/tests_webservers +++ b/include/tests_webservers @@ -208,7 +208,7 @@ # logtext "Result: Value from configuration file yielded the same output as in template" # SERVERTOKENSFOUND=1 # else -# logtext "Warning: Value of ServerTokens within active configuration is different than from used template." +# logtext "Result: Value of ServerTokens within active configuration is different than from used template." # logtext "Found: ${SERVERTOKENSTEST}" # logtext "Expected: ${SERVERTOKENSEXPECTED}" # fi @@ -21,7 +21,7 @@ # Program information PROGRAM_name="Lynis" PROGRAM_version="1.6.2" - PROGRAM_releasedate="11 September 2014" + PROGRAM_releasedate="15 September 2014" PROGRAM_author="Michael Boelen" PROGRAM_author_contact="michael.boelen@cisofy.com" PROGRAM_website="http://cisofy.com" |