diff options
| -rw-r--r-- | CHANGELOG.md | 1 | ||||
| -rw-r--r-- | db/tests.db | 1 | ||||
| -rw-r--r-- | include/tests_databases | 25 |
3 files changed, 27 insertions, 0 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index 9679fa2f..49e08904 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -47,6 +47,7 @@ Using the relevant options, the scan will change base on the intended goal. - New profile option: disable-plugin - disables a single plugin - New profile option: ssl-certificate-paths-to-ignore - ignore a path - New test: CRYP-7930 - test for LUKS encryption +- New test: DBS-1828 - PostgreSQL configuration files - New test: FINT-4316 - presence of AIDE database and size test - New test: INSE-8314 - test for NIS client - New test: INSE-8316 - test for NIS server diff --git a/db/tests.db b/db/tests.db index 000883e2..b43cef54 100644 --- a/db/tests.db +++ b/db/tests.db @@ -92,6 +92,7 @@ DBS-1816:test:security:databases::Checking MySQL root password: DBS-1818:test:security:databases::MongoDB status: DBS-1820:test:security:databases::Check MongoDB authentication: DBS-1826:test:security:databases::Checking active PostgreSQL processes: +DBS-1828:test:security:databases::PostgreSQL configuration files: DBS-1840:test:security:databases::Checking active Oracle processes: DBS-1860:test:security:databases::Checking active DB2 instances: DBS-1880:test:security:databases::Checking active Redis processes: diff --git a/include/tests_databases b/include/tests_databases index 3ece8a99..16ea6786 100644 --- a/include/tests_databases +++ b/include/tests_databases @@ -180,6 +180,31 @@ # ################################################################################# # + # Test : DBS-1828 + # Description : Test PostgreSQL configuration file(s) + # + # Authentication: + # /var/lib/pgsql/data/pg_hba.conf + # + # Configuration + # Arch /var/lib/postgres/data/postgresql.conf + # CentOS/Fedora /var/lib/pgsql/data/postgresql.conf + # Ubuntu /etc/postgresql/x.y/main/postgresql.conf + + if [ "${POSTGRESQL_RUNNING}" -eq 1 ]; then PREQS_MET="YES"; SKIPREASON=""; else PREQS_MET="NO"; SKIPREASON="PostgreSQL not installed or not running"; fi + + Register --test-no DBS-1828 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Test PostgreSQL configuration" + if [ ${SKIPTEST} -eq 0 ]; then + FIND_PATHS="${ROOTDIR}etc/postgres ${ROOTDIR}var/lib/postgres/data" + CONFIG_FILES=$(${FINDBINARY} ${FIND_PATHS} -type f -name "postgresql.conf" -print0 2> /dev/null | ${TRBINARY} -cd '[:print:]\0' | ${TRBINARY} -d '\n' | ${TRBINARY} '\0' '\n' | xargs -i sh -c 'test -r "{}" && echo "{}" | ${SEDBINARY} "s/ /:space:/g"') + for CF in ${CONFIG_FILES}; do + Report "postgresql_config_file[]=${CF}" + LogText "Found configuration file (${CF})" + done + fi +# +################################################################################# +# # Test : DBS-1840 # Description : Check if Oracle is being used # Notes : tnslsnr: Oracle listener |