Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/CISOfy/lynis.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--CHANGELOG.md1
-rw-r--r--include/functions6
-rw-r--r--include/parameters4
-rwxr-xr-xlynis44
4 files changed, 37 insertions, 18 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md
index ef46558d..173316bf 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -27,6 +27,7 @@ measures to further tighten any possible misuse.
- New function: Readonly - mark variable read-only (security)
- New function: SafeFile - test file type and call permission check
- New function: SafeInput - check for safe input (security)
+- New option: --usecwd - run from the current working directory
- New profile option: disable-plugin - disables a single plugin
- New profile option: ssl-certificate-paths-to-ignore - ignore a path
- New test: CRYP-7930 - disk or file system encryption testing
diff --git a/include/functions b/include/functions
index 24facbdc..fb82e319 100644
--- a/include/functions
+++ b/include/functions
@@ -435,7 +435,11 @@
DEFAULT_PROFILE=""
PROFILEDIR=""
tPROFILE_NAMES="default.prf custom.prf"
- tPROFILE_TARGETS="/usr/local/etc/lynis /etc/lynis /usr/local/lynis ."
+ if [ ${USE_CWD} -eq 1 ]; then
+ tPROFILE_TARGETS="."
+ else
+ tPROFILE_TARGETS="/usr/local/etc/lynis /etc/lynis /usr/local/lynis ."
+ fi
for PNAME in ${tPROFILE_NAMES}; do
for PLOC in ${tPROFILE_TARGETS}; do
# Only use one default.prf
diff --git a/include/parameters b/include/parameters
index ede08267..967f62c0 100644
--- a/include/parameters
+++ b/include/parameters
@@ -414,6 +414,10 @@
UPLOAD_DATA=1
;;
+ --usecwd)
+ return
+ ;;
+
--verbose)
VERBOSE=1
;;
diff --git a/lynis b/lynis
index 992fb3dd..eb05bf9e 100755
--- a/lynis
+++ b/lynis
@@ -77,15 +77,21 @@
WORKDIR=$(pwd)
# Test from which directories we can use all functions and tests
- INCLUDEDIR=""
- tINCLUDE_TARGETS="/usr/local/include/lynis /usr/local/lynis/include /usr/share/lynis/include ./include" # Default paths to check (CWD as last option, in case we run from standalone)
- for I in ${tINCLUDE_TARGETS}; do
- if [ "${I}" = "./include" ]; then
- if [ -d "${WORKDIR}/include" ]; then INCLUDEDIR="${WORKDIR}/include"; fi
- elif [ -d ${I} -a -z "${INCLUDEDIR}" ]; then
- INCLUDEDIR=${I}
- fi
- done
+ USE_CWD=0
+ if case "$@" in *--usecwd*) true;; *) false;; esac; then
+ USE_CWD=1
+ INCLUDEDIR="./include"
+ else
+ INCLUDEDIR=""
+ tINCLUDE_TARGETS="/usr/local/include/lynis /usr/local/lynis/include /usr/share/lynis/include ./include" # Default paths to check (CWD as last option, in case we run from standalone)
+ for I in ${tINCLUDE_TARGETS}; do
+ if [ "${I}" = "./include" ]; then
+ if [ -d "${WORKDIR}/include" ]; then INCLUDEDIR="${WORKDIR}/include"; fi
+ elif [ -d ${I} -a -z "${INCLUDEDIR}" ]; then
+ INCLUDEDIR=${I}
+ fi
+ done
+ fi
# Drop out if our include directory can't be found
if [ -z "${INCLUDEDIR}" ]; then
@@ -94,14 +100,18 @@
fi
# Test for database directory
- DBDIR=""; tDB_TARGETS="/usr/local/share/lynis/db /usr/local/lynis/db /usr/share/lynis/db ./db"
- for I in ${tDB_TARGETS}; do
- if [ "${I}" = "./db" ]; then
- if [ -d "${WORKDIR}/db" ]; then DBDIR="${WORKDIR}/db"; fi
- elif [ -d ${I} -a -z "${DBDIR}" ]; then
- DBDIR="${I}"
- fi
- done
+ if [ ${USE_CWD} -eq 1 ]; then
+ DBDIR="./db"
+ else
+ DBDIR=""; tDB_TARGETS="/usr/local/share/lynis/db /usr/local/lynis/db /usr/share/lynis/db ./db"
+ for I in ${tDB_TARGETS}; do
+ if [ "${I}" = "./db" ]; then
+ if [ -d "${WORKDIR}/db" ]; then DBDIR="${WORKDIR}/db"; fi
+ elif [ -d ${I} -a -z "${DBDIR}" ]; then
+ DBDIR="${I}"
+ fi
+ done
+ fi
#
#################################################################################
#
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-19 13:47:05 +0300