diff options
| -rw-r--r-- | include/consts | 1 | ||||
| -rw-r--r-- | include/functions | 4 | ||||
| -rw-r--r-- | include/helper_show | 12 | ||||
| -rw-r--r-- | include/parameters | 1 | ||||
| -rw-r--r-- | include/report | 5 | ||||
| -rwxr-xr-x | lynis | 10 |
6 files changed, 26 insertions, 7 deletions
diff --git a/include/consts b/include/consts index b29bf6f1..ba43c3a6 100644 --- a/include/consts +++ b/include/consts @@ -106,6 +106,7 @@ unset LANG LMDBINARY="" LMDFOUND=0 LOGFILE="" + LOGTEXT=1 LSVGBINARY="" MACHINEID="" MACHINE_ROLE="" diff --git a/include/functions b/include/functions index b912857d..7248a71d 100644 --- a/include/functions +++ b/include/functions @@ -1469,7 +1469,7 @@ ################################################################################ LogText() { - if [ ! "${LOGFILE}" = "" ]; then CDATE=$(date "+%Y-%m-%d %H:%M:%S"); echo "${CDATE} $1" >> ${LOGFILE}; fi + if [ ! "${LOGFILE}" = "" -a ${LOGTEXT} -eq 1 ]; then CDATE=$(date "+%Y-%m-%d %H:%M:%S"); echo "${CDATE} $1" >> ${LOGFILE}; fi } @@ -1480,7 +1480,7 @@ ################################################################################ LogTextBreak() { - if [ ! "${LOGFILE}" = "" ]; then + if [ ! "${LOGFILE}" = "" -a ${LOGTEXT} -eq 1 ]; then CDATE=$(date "+%Y-%m-%d %H:%M:%S") echo "${CDATE} ===---------------------------------------------------------------===" >> ${LOGFILE} fi diff --git a/include/helper_show b/include/helper_show index db5d6724..09baa9fa 100644 --- a/include/helper_show +++ b/include/helper_show @@ -209,6 +209,18 @@ if [ $# -gt 0 ]; then "dbdir") ${ECHOCMD} "${DBDIR}" ;; + "details") + if [ -z "${LOGFILE}" ]; then DisplayError "Could not find log file to parse"; fi + if [ $# -eq 1 ]; then + DisplayError "Provide a test ID" + else + shift + if [ $# -eq 1 ]; then + TESTID="$1" + awk -v search="Performing test ID $TESTID" '$0 ~ search {++f;p=1}p&&f==1;/===---/{p=0}' ${LOGFILE} + fi + fi + ;; "groups") ViewGroups ;; diff --git a/include/parameters b/include/parameters index 402743ee..2c59ab0c 100644 --- a/include/parameters +++ b/include/parameters @@ -121,6 +121,7 @@ RUN_TESTS=0 RUN_UPDATE_CHECK=0 SKIP_PLUGINS=1 + LOGTEXT=0 SHOW_TOOL_TIPS=0 SHOW_PROGRAM_DETAILS=0 shift; HELPER_PARAMS="$@" diff --git a/include/report b/include/report index 03de8a28..0c73d436 100644 --- a/include/report +++ b/include/report @@ -165,9 +165,10 @@ if [ ! "${SWARNINGS}" = "" -o ! "${SSUGGESTIONS}" = "" ]; then echo " ${CYAN}Follow-up${NORMAL}:" echo " ${WHITE}----------------------------${NORMAL}" - echo " ${WHITE}-${NORMAL} Check the logfile for more details (less $LOGFILE)" + echo " ${WHITE}-${NORMAL} Show details of a test (lynis show details TEST-ID)" + echo " ${WHITE}-${NORMAL} Check the logfile for all details (less ${LOGFILE})" echo " ${WHITE}-${NORMAL} Read security controls texts (https://cisofy.com)" - if [ ${UPLOAD_DATA} -eq 0 ]; then echo " ${WHITE}-${NORMAL} Use --upload to upload data (Lynis Enterprise users)"; fi + if [ ${UPLOAD_DATA} -eq 0 ]; then echo " ${WHITE}-${NORMAL} Use --upload to upload data to central system (Lynis Enterprise users)"; fi echo "" fi echo "================================================================================" @@ -228,8 +228,12 @@ Make sure to execute ${PROGRAM_NAME} from untarred directory or check your insta if [ ${PRIVILEGED} -eq 0 ]; then if [ "${LOGFILE}" = "" ]; then # Try creating a log file in temporary directory - touch /tmp/lynis.log - if [ $? -eq 0 ]; then LOGFILE="/tmp/lynis.log"; else LOGFILE="/dev/null"; fi + if [ ! -f /tmp/lynis.log ]; then + touch /tmp/lynis.log + if [ $? -eq 0 ]; then LOGFILE="/tmp/lynis.log"; else LOGFILE="/dev/null"; fi + else + LOGFILE="/tmp/lynis.log" + fi fi if [ "${REPORTFILE}" = "" ]; then touch /tmp/lynis-report.dat @@ -477,7 +481,7 @@ ${NORMAL} # # Clear log file and test if it's writable CDATE=$(date "+%Y-%m-%d %H:%M:%S") - echo "${CDATE} Starting ${PROGRAM_NAME} ${PROGRAM_VERSION} with PID ${OURPID}, build date ${PROGRAM_RELEASE_DATE}" > ${LOGFILE} + if [ ${LOGTEXT} -eq 1 ]; then echo "${CDATE} Starting ${PROGRAM_NAME} ${PROGRAM_VERSION} with PID ${OURPID}, build date ${PROGRAM_RELEASE_DATE}" > ${LOGFILE}; fi if [ $? -gt 0 ]; then Display --indent 2 --text "- Clearing log file (${LOGFILE})... " --result WARNING --color RED echo "${WARNING}Fatal error${NORMAL}: problem while writing to log file. Check location and permissions." |