diff options
-rw-r--r-- | include/profiles | 55 |
1 files changed, 48 insertions, 7 deletions
diff --git a/include/profiles b/include/profiles index ccc2067e..3875ef77 100644 --- a/include/profiles +++ b/include/profiles @@ -61,36 +61,43 @@ # Maximum number of WAITing connections connections_max_wait_state) OPTIONS_CONN_MAX_WAIT_STATE="${VALUE}" + AddSetting "connections-max-wait-state" "${OPTIONS_CONN_MAX_WAIT_STATE}" "Connections (max-wait-state)" ;; # Append something to URL for control information control_url_append) CONTROL_URL_APPEND="${VALUE}" + AddSetting "control-url-append" "${CONTROL_URL_APPEND}" "Control URL (append)" ;; # Prepend an URL before control information link control_url_prepend) CONTROL_URL_PREPEND="${VALUE}" + AddSetting "control-url-prepend" "${CONTROL_URL_PREPEND}" "Control URL (prepend)" ;; # Protocol to use for control information link control_url_protocol) CONTROL_URL_PROTOCOL="${VALUE}" + AddSetting "control-url-protocol" "${CONTROL_URL_PREPEND}" "Control URL (protocol)" ;; # Append something to URL for control information (only applies to CUST-*) - custom_url_append) + custom-url-append | custom_url_append) CUSTOM_URL_APPEND="${VALUE}" + AddSetting "custom-url-append" "${CUSTOM_URL_APPEND}" "Custom URL (append)" ;; # Prepend an URL before control information link (only applies to CUST-*) - custom_url_prepend) + custom-url-prepend | custom_url_prepend) CUSTOM_URL_PREPEND="${VALUE}" + AddSetting "custom-url-prepend" "${CUSTOM_URL_PREPEND}" "Custom URL (prepend)" ;; # Protocol to use for control information link - custom_url_protocol) + custom-url-protocol | custom_url_protocol) CUSTOM_URL_PROTOCOL="${VALUE}" + AddSetting "custom-url-protocol" "${CUSTOM_URL_PREPEND}" "Custom URL (protocol)" ;; # Do not check security repository in sources.list (Debian/Ubuntu) @@ -100,18 +107,21 @@ debug) FIND=`echo "${VALUE}" | egrep "^(1|true|yes)"` && DEBUG=1 Debug "Debug mode set to ${DEBUG}" + AddSetting "debug" "${DEBUG}" "Debugging mode" ;; # Development mode (--developer) developer-mode) FIND=`echo "${VALUE}" | egrep "^(1|true|yes)"` && DEVELOPER_MODE=1 Debug "Developer mode set to ${DEVELOPER_MODE}" + AddSetting "developer" "${DEVELOPER_MODE}" "Developer mode" ;; # Show non-zero exit code when errors are found error-on-warnings) FIND=`echo "${VALUE}" | egrep "^(1|true|yes)"` && ERROR_ON_WARNINGS=1 Debug "Exit with different code on warnings is set to ${ERROR_ON_WARNINGS}" + AddSetting "error-on-warnings" "${ERROR_ON_WARNINGS}" "Use non-zero exit code if one or more warnings were found" ;; # Skip FreeBSD port audit @@ -123,18 +133,21 @@ # Lynis Enterprise: group name group) GROUP_NAME="${VALUE}" + AddSetting "group" "${GROUP_NAME}" "Group" ;; # Language language | lang) LogText "Language set via profile to ${VALUE}" LANGUAGE="${VALUE}" + AddSetting "language" "${LANGUAGE}" "Language" ;; # Lynis Enterprise license key license_key | license-key) LICENSE_KEY="${VALUE}" Report "license_key=${LICENSE_KEY}" + AddSetting "license-key" "${LICENSE_KEY}" "License key" ;; # Do (not) log tests if they have an different operating system @@ -144,18 +157,21 @@ ;; # What type of machine we are scanning (eg. desktop, server, server with storage) - machine_role) + machine-role | machine_role) MACHINE_ROLE="${VALUE}" + AddSetting "machine-role" "${MACHINE_ROLE}" "Machine role (server or desktop)" ;; # Define if any found NTP daemon instance is configured as a server or client - ntpd_role) + ntpd-role | ntpd_role) NTPD_ROLE="${VALUE}" + AddSetting "ntpd-role" "${NTPD_ROLE}" "NTP role (server or client)" ;; # How much seconds to wait between tests pause_between_tests | pause-between-tests) TEST_PAUSE_TIME="${VALUE}" + AddSetting "pause-between-tests" "${TEST_PAUSE_TIME}" "Pause between tests" ;; # Plugin @@ -170,10 +186,11 @@ else LogText "Plugin directory was already set to ${PLUGINDIR} before (most likely as a program argument), not overwriting" fi + AddSetting "plugin-dir" "${PLUGINDIR}" "Plugin directory" ;; # Profile name - profile_name) + profile-name | profile_name) PROFILE_NAME="${VALUE}" ;; @@ -201,6 +218,14 @@ skip-plugins) FIND=`echo "${VALUE}" | egrep "^(1|true|yes)"` && RUN_PLUGINS=0 Debug "Run plugins is set to ${RUN_PLUGINS}" + AddSetting "run-plugins" "${RUN_PLUGINS}" "Run plugins" + ;; + + # SSL paths + ssl-certificate-paths) + SSL_CERTIFICATE_PATHS="${VALUE}" + Debug "SSL paths set to ${SSL_CERTIFICATE_PATHS}" + AddSetting "ssl-certificate-paths" "${SSL_CERTIFICATE_PATHS}" "Paths for SSL certificates" ;; # Which tests to skip (skip-test=ABCD-1234 or skip-test=ABCD-1234:subtest) @@ -219,6 +244,7 @@ skip_upgrade_test | skip-upgrade-test) FIND=`echo "${VALUE}" | egrep "^(1|true|yes)"` && SKIP_UPGRADE_TEST=1 Debug "Skip upgrade test set to ${SKIP_UPGRADE_TEST}" + AddSetting "skip-upgrade-test" "${SKIP_UPGRADE_TEST}" "Skip upgrade test" ;; # Define what kind of scan we are performing @@ -231,73 +257,88 @@ # Server IP or hostname update_server_address) UPDATE_SERVER_ADDRESS="${VALUE}" + AddSetting "update-server-address" "${UPDATE_SERVER_ADDRESS}" "Update server (address)" ;; # Protocol (http, https) update_server_protocol) UPDATE_SERVER_PROTOCOL="${VALUE}" + AddSetting "update-server-protocol" "${UPDATE_SERVER_PROTOCOL}" "Update server (protocol)" ;; # File path to tarball on server update_latest_version_download) UPDATE_LATEST_VERSION_DOWNLOAD="${VALUE}" + AddSetting "update-latest-version-download" "${UPDATE_LATEST_VERSION_DOWNLOAD}" "Update information: file path to latest update" ;; # File path to information file update_latest_version_info) UPDATE_LATEST_VERSION_INFO="${VALUE}" + AddSetting "update-latest-version-info" "${UPDATE_LATEST_VERSION_INFO}" "Update information: file path to information file" ;; # Local directory where lynis directory will be placed update_local_directory) UPDATE_LOCAL_DIRECTORY="${VALUE}" + AddSetting "update-local-directory" "${UPDATE_LOCAL_DIRECTORY}" "Update information: local directory for updates" ;; # Local file to maintain current version update_local_version_info) UPDATE_LOCAL_VERSION_INFO="${VALUE}" + AddSetting "update-local-version-info" "${UPDATE_LOCAL_VERSION_INFO}" "Update information: local file for latest release" ;; # Compression of uploads (enabled by default) upload_compressed | compressed-uploads) if [ "${VALUE}" = "0" ]; then COMPRESSED_UPLOADS=0; fi + AddSetting "compressed-uploads" "${COMPRESSED_UPLOADS}" "Compressed uploads" ;; # Options during upload of data upload_options | upload-options) UPLOAD_OPTIONS="${VALUE}" + AddSetting "upload-options" "${UPLOAD_OPTIONS}" "Upload options" ;; # Proxy settings - upload_proxy_port | proxy-port) + upload_proxy_port | proxy-port | upload-proxy-port) UPLOAD_PROXY_PORT="${VALUE}" + AddSetting "upload-proxy-port" "${UPLOAD_PROXY_PORT}" "Proxy port" ;; upload_proxy_protocol | proxy-protocol) UPLOAD_PROXY_PROTOCOL="${VALUE}" + AddSetting "upload-proxy-protocol" "${UPLOAD_PROXY_PROTOCOL}" "Proxy protocol" ;; upload_proxy_server | proxy-server) UPLOAD_PROXY_SERVER="${VALUE}" + AddSetting "upload-proxy-server" "${UPLOAD_PROXY_PORT}" "Proxy server" ;; # Receiving system (IP address or hostname) upload_server | upload-server) UPLOAD_SERVER="${VALUE}" + AddSetting "upload-server" "${UPLOAD_SERVER}" "Upload server (ip or hostname)" ;; # Specify an alternative upload tool upload-tool) if [ -f "${VALUE}" ]; then UPLOAD_TOOL="${VALUE}"; fi + AddSetting "upload-tool" "${UPLOAD_TOOL}" "Upload tool" ;; # Specify arguments for an alternative upload tool upload-tool-arguments) UPLOAD_TOOL_ARGS="${VALUE}" + AddSetting "upload-tool-arguments" "${UPLOAD_TOOL_ARGS}" "Upload tool (arguments)" ;; # Verbose output (--verbose) verbose) FIND=`echo "${VALUE}" | egrep "^(1|true|yes)"` && VERBOSE=1 Debug "Verbose set to ${VERBOSE}" + AddSetting "verbose" "${VERBOSE}" "Verbose output" ;; # Catch all bad options and bail out |