Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/CISOfy/lynis.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/include/functions
diff options
context:
space:
mode:
Diffstat (limited to 'include/functions')
-rw-r--r--include/functions385
1 files changed, 196 insertions, 189 deletions
diff --git a/include/functions b/include/functions
index c03022bc..177a297c 100644
--- a/include/functions
+++ b/include/functions
@@ -124,7 +124,7 @@
HPTOTAL=$((HPTOTAL + HPADDMAX))
if [ ${HPADD} -eq ${HPADDMAX} ]; then
LogText "Hardening: assigned maximum number of hardening points for this item (${HPADDMAX}). Currently having ${HPPOINTS} points (out of ${HPTOTAL})"
- else
+ else
LogText "Hardening: assigned partial number of hardening points (${HPADD} of ${HPADDMAX}). Currently having ${HPPOINTS} points (out of ${HPTOTAL})"
fi
}
@@ -151,7 +151,7 @@
FIND=$(egrep "^${SETTING};" ${SETTINGS_FILE})
if [ -z "${FIND}" ]; then
echo "${SETTING};${VALUE};${DESCRIPTION};" >> ${SETTINGS_FILE}
- else
+ else
Debug "Setting '${SETTING}' was already configured, overwriting previous line '${FIND}' in ${SETTINGS_FILE} with value '${VALUE}'"
# Delete line first, then add new value (inline search and replace is messy)
CreateTempFile
@@ -194,12 +194,12 @@
CHECKFILE=$1
if [ ! -d ${CHECKFILE} -a ! -f ${CHECKFILE} ]; then
PERMS="FILE_NOT_FOUND"
- else
+ else
# If 'file' is an directory, use -d
if [ -d ${CHECKFILE} ]; then
FILEVALUE=$(ls -d -l ${CHECKFILE} | cut -c 2-10)
PROFILEVALUE=$(grep '^permdir' ${PROFILE} | grep ":${CHECKFILE}:" | cut -d: -f3)
- else
+ else
FILEVALUE=$(ls -l ${CHECKFILE} | cut -c 2-10)
PROFILEVALUE=$(grep '^permfile' ${PROFILE} | grep ":${CHECKFILE}:" | cut -d: -f3)
fi
@@ -218,33 +218,32 @@
################################################################################
CheckItem() {
- ITEM_FOUND=0
- RETVAL=255
- if [ $# -eq 2 ]; then
- # Don't search in /dev/null, it's too empty there
- if [ ! "${REPORTFILE}" = "/dev/null" ]; then
- # Check if we can find the main type (with or without brackets)
- LogText "Test: search string $2 in earlier discovered results"
- FIND=$(egrep "^$1(\[\])?=" ${REPORTFILE} | egrep "$2")
- if [ ! "${FIND}" = "" ]; then
- ITEM_FOUND=1
- RETVAL=0
- LogText "Result: found search string (result: $FIND)"
- else
- LogText "Result: search string NOT found"
- RETVAL=1
- fi
- else
- LogText "Skipping search, as /dev/null is being used"
- fi
- return ${RETVAL}
- else
- ReportException ${TEST_NO} "Error in function call to CheckItem"
- fi
+ ITEM_FOUND=0
+ RETVAL=255
+ if [ $# -eq 2 ]; then
+ # Don't search in /dev/null, it's too empty there
+ if [ ! "${REPORTFILE}" = "/dev/null" ]; then
+ # Check if we can find the main type (with or without brackets)
+ LogText "Test: search string $2 in earlier discovered results"
+ FIND=$(egrep "^$1(\[\])?=" ${REPORTFILE} | egrep "$2")
+ if HasData "${FIND}"; then
+ ITEM_FOUND=1
+ RETVAL=0
+ LogText "Result: found search string (result: $FIND)"
+ else
+ LogText "Result: search string NOT found"
+ RETVAL=1
+ fi
+ else
+ LogText "Skipping search, as /dev/null is being used"
+ fi
+ return ${RETVAL}
+ else
+ ReportException ${TEST_NO} "Error in function call to CheckItem"
+ fi
}
-
################################################################################
# Name : CheckUpdates()
# Description : Determine if there is an update available
@@ -344,12 +343,12 @@
RANDOMSTRING1=$(echo lynis-$(od -N4 -tu /dev/random | awk 'NR==1 {print $2} {}'))
TEMP_FILE="/tmp/${RANDOMSTRING1}"
touch ${TEMP_FILE}
- else
+ else
TEMP_FILE=$(mktemp /tmp/lynis.XXXXXXXXXX) || exit 1
fi
if [ ! "${TEMP_FILE}" = "" ]; then
LogText "Action: created temporary file ${TEMP_FILE}"
- else
+ else
Fatal "Could not create a temporary file"
fi
# Add temporary file to queue for cleanup later
@@ -367,13 +366,14 @@
# Determine if a directory exists
DirectoryExists() {
+ if [ $# -eq 0 ]; then ExitFatal "Missing parameter when calling DirectoryExists function"; fi
DIRECTORY_FOUND=0
LogText "Test: checking if directory $1 exists"
if [ -d $1 ]; then
LogText "Result: directory $1 exists"
DIRECTORY_FOUND=1
return 0
- else
+ else
LogText "Result: directory $1 NOT found"
return 1
fi
@@ -434,7 +434,7 @@
Debug "Already discovered default.prf - skipping this file (${PLOC}/${PNAME})"
elif [ "${PNAME}" = "custom.prf" -a ! "${CUSTOM_PROFILE}" = "" ]; then
Debug "Already discovered custom.prf - skipping this file (${PLOC}/${PNAME})"
- else
+ else
if [ "${PLOC}" = "." ]; then FILE="${WORKDIR}/${PNAME}"; else FILE="${PLOC}/${PNAME}"; fi
if [ -r ${FILE} ]; then
PROFILES="${PROFILES} ${FILE}"
@@ -460,7 +460,7 @@
echo "${RED}Fatal error: ${WHITE}No profile defined and could not find default profile${NORMAL}"
echo "Search paths used --> ${tPROFILE_TARGETS}"
ExitCustom 66
- else
+ else
PROFILES=$(echo ${PROFILES} | sed 's/^ //')
fi
}
@@ -513,10 +513,10 @@
if [ "${RESULT}" = "" ]; then
RESULTPART=""
- else
+ else
if [ ${CRONJOB} -eq 0 ]; then
RESULTPART=" [ ${COLOR}${RESULT}${NORMAL} ]"
- else
+ else
RESULTPART=" [ ${RESULT} ]"
fi
fi
@@ -540,7 +540,7 @@
# Check if we already have already discovered a proper echo command tool. It not, set it default to 'echo'.
if [ "${ECHOCMD}" = "" ]; then ECHOCMD="echo"; fi
${ECHOCMD} "\033[${INDENT}C${TEXT}\033[${SPACES}C${RESULTPART}${DEBUGTEXT}"
- else
+ else
echo "${TEXT}${RESULTPART}"
fi
fi
@@ -637,7 +637,7 @@
if [ $# -eq 1 ]; then
LogText "${PROGRAM_NAME} ended with exit code $1."
exit $1
- else
+ else
LogText "${PROGRAM_NAME} ended with exit code 1."
exit 1
fi
@@ -674,13 +674,14 @@
################################################################################
FileExists() {
+ if [ $# -eq 0 ]; then ExitFatal "Missing parameter when calling FileExists function"; fi
FILE_FOUND=0
LogText "Test: checking if file $1 exists"
if [ -f $1 ]; then
LogText "Result: file $1 exists"
FILE_FOUND=1
return 0
- else
+ else
LogText "Result: file $1 NOT found"
return 1
fi
@@ -718,17 +719,18 @@
#
# Returns : 0 (empty), 1 (not empty)
# EMPTY (0 or 1) - deprecated usage
- # Usage : xyz
+ # Usage : if FileIsEmpty /etc/passwd; then
################################################################################
FileIsEmpty() {
+ if [ $# -eq 0 ]; then ExitFatal "Missing parameter when calling FileIsEmpty function"; fi
EMPTY=0
LogText "Test: checking if file $1 is empty"
if [ -z $1 ]; then
LogText "Result: file $1 is empty"
EMPTY=1
return 0
- else
+ else
LogText "Result: file $1 is NOT empty"
return 1
fi
@@ -851,117 +853,117 @@
else
ReportException "GetHostID" "No sha1, sha1sum, csum or openssl binary available on AIX"
fi
- else
+ else
ReportException "GetHostID" "No output from entstat on interfaces: en0, ent0"
fi
;;
"DragonFly" | "FreeBSD")
- FIND=$(${IFCONFIGBINARY} | grep ether | head -1 | awk '{ print $2 }' | tr '[:upper:]' '[:lower:]')
- if [ ! "${FIND}" = "" ]; then
- HOSTID=$(echo ${FIND} | sha1)
- else
- ReportException "GetHostID" "No MAC address returned on DragonFly or FreeBSD"
- fi
+ FIND=$(${IFCONFIGBINARY} | grep ether | head -1 | awk '{ print $2 }' | tr '[:upper:]' '[:lower:]')
+ if HasData "${FIND}"; then
+ HOSTID=$(echo ${FIND} | sha1)
+ else
+ ReportException "GetHostID" "No MAC address returned on DragonFly or FreeBSD"
+ fi
;;
"Linux")
- # Define preferred interfaces
- #PREFERRED_INTERFACES="eth0 eth1 eth2 enp0s25"
-
- # Only use ifconfig if no ip binary has been found
- if [ ! "${IFCONFIGBINARY}" = "" ]; then
- # Determine if we have ETH0 at all (not all Linux distro have this, e.g. Arch)
- HASETH0=$(${IFCONFIGBINARY} | grep "^eth0")
- # Check if we can find it with HWaddr on the line
- FIND=$(${IFCONFIGBINARY} 2> /dev/null | grep "^eth0" | grep -v "eth0:" | grep HWaddr | awk '{ print $5 }' | tr '[:upper:]' '[:lower:]')
-
- # If nothing found, then try first for alternative interface. Else other versions of ifconfig (e.g. Slackware/Arch)
- if [ "${FIND}" = "" ]; then
- FIND=$(${IFCONFIGBINARY} 2> /dev/null | grep HWaddr)
- if [ "${FIND}" = "" ]; then
- # If possible directly address eth0 to avoid risking gathering the incorrect MAC address.
- # If not, then falling back to getting first interface. Better than nothing.
- if [ ! "${HASETH0}" = "" ]; then
- FIND=$(${IFCONFIGBINARY} eth0 2> /dev/null | grep "ether " | awk '{ print $2 }' | tr '[:upper:]' '[:lower:]')
- else
- FIND=$(${IFCONFIGBINARY} 2> /dev/null | grep "ether " | awk '{ print $2 }' | head -1 | tr '[:upper:]' '[:lower:]')
- if [ "${FIND}" = "" ]; then
- ReportException "GetHostID" "No eth0 found (and no ether was found with ifconfig)"
- else
- LogText "Result: No eth0 found (ether found), using first network interface to determine hostid (with ifconfig)"
- fi
+ # Define preferred interfaces
+ #PREFERRED_INTERFACES="eth0 eth1 eth2 enp0s25"
+
+ # Only use ifconfig if no ip binary has been found
+ if [ ! "${IFCONFIGBINARY}" = "" ]; then
+ # Determine if we have ETH0 at all (not all Linux distro have this, e.g. Arch)
+ HASETH0=$(${IFCONFIGBINARY} | grep "^eth0")
+ # Check if we can find it with HWaddr on the line
+ FIND=$(${IFCONFIGBINARY} 2> /dev/null | grep "^eth0" | grep -v "eth0:" | grep HWaddr | awk '{ print $5 }' | tr '[:upper:]' '[:lower:]')
+
+ # If nothing found, then try first for alternative interface. Else other versions of ifconfig (e.g. Slackware/Arch)
+ if IsEmpty "${FIND}"; then
+ FIND=$(${IFCONFIGBINARY} 2> /dev/null | grep HWaddr)
+ if IsEmpty "${FIND}"; then
+ # If possible directly address eth0 to avoid risking gathering the incorrect MAC address.
+ # If not, then falling back to getting first interface. Better than nothing.
+ if HasData "${HASETH0}"; then
+ FIND=$(${IFCONFIGBINARY} eth0 2> /dev/null | grep "ether " | awk '{ print $2 }' | tr '[:upper:]' '[:lower:]')
+ else
+ FIND=$(${IFCONFIGBINARY} 2> /dev/null | grep "ether " | awk '{ print $2 }' | head -1 | tr '[:upper:]' '[:lower:]')
+ if IsEmpty "${FIND}"; then
+ ReportException "GetHostID" "No eth0 found (and no ether was found with ifconfig)"
+ else
+ LogText "Result: No eth0 found (ether found), using first network interface to determine hostid (with ifconfig)"
fi
- else
- FIND=$(${IFCONFIGBINARY} 2> /dev/null | grep HWaddr | head -1 | awk '{ print $5 }' | tr '[:upper:]' '[:lower:]')
- LogText "GetHostID: No eth0 found (but HWaddr was found), using first network interface to determine hostid, with ifconfig"
fi
+ else
+ FIND=$(${IFCONFIGBINARY} 2> /dev/null | grep HWaddr | head -1 | awk '{ print $5 }' | tr '[:upper:]' '[:lower:]')
+ LogText "GetHostID: No eth0 found (but HWaddr was found), using first network interface to determine hostid, with ifconfig"
fi
- else
- # See if we can use ip binary instead
- if [ ! "${IPBINARY}" = "" ]; then
- # Determine if we have the common available eth0 interface
- FIND=$(${IPBINARY} addr show eth0 2> /dev/null | egrep "link/ether " | head -1 | awk '{ print $2 }' | tr '[:upper:]' '[:lower:]')
- if [ "${FIND}" = "" ]; then
- # Determine the MAC address of first interface with the ip command
- FIND=$(${IPBINARY} addr show 2> /dev/null | egrep "link/ether " | head -1 | awk '{ print $2 }' | tr '[:upper:]' '[:lower:]')
- if [ "${FIND}" = "" ]; then
- ReportException "GetHostID" "Can't create hostid (no MAC addresses found)"
- fi
+ fi
+ else
+ # See if we can use ip binary instead
+ if [ ! "${IPBINARY}" = "" ]; then
+ # Determine if we have the common available eth0 interface
+ FIND=$(${IPBINARY} addr show eth0 2> /dev/null | egrep "link/ether " | head -1 | awk '{ print $2 }' | tr '[:upper:]' '[:lower:]')
+ if IsEmpty "${FIND}"; then
+ # Determine the MAC address of first interface with the ip command
+ FIND=$(${IPBINARY} addr show 2> /dev/null | egrep "link/ether " | head -1 | awk '{ print $2 }' | tr '[:upper:]' '[:lower:]')
+ if IsEmpty "${FIND}"; then
+ ReportException "GetHostID" "Can't create hostid (no MAC addresses found)"
fi
- else
- ReportException "GetHostID" "Can't create hostid, missing both ifconfig and ip binary"
fi
+ else
+ ReportException "GetHostID" "Can't create hostid, missing both ifconfig and ip binary"
fi
+ fi
- # Check if we found a HostID
- if [ ! "${FIND}" = "" ]; then
- LogText "Info: using hardware address ${FIND} to create ID"
- HOSTID=$(echo ${FIND} | ${SHA1SUMBINARY} | awk '{ print $1 }')
- LogText "Result: Found HostID: ${HOSTID}"
- else
- ReportException "GetHostID" "Can't create HOSTID, command ip not found"
- fi
+ # Check if we found a HostID
+ if HasData "${FIND}"; then
+ LogText "Info: using hardware address ${FIND} to create ID"
+ HOSTID=$(echo ${FIND} | ${SHA1SUMBINARY} | awk '{ print $1 }')
+ LogText "Result: Found HostID: ${HOSTID}"
+ else
+ ReportException "GetHostID" "Can't create HOSTID, command ip not found"
+ fi
;;
"macOS")
- FIND=$(${IFCONFIGBINARY} en0 | grep ether | head -1 | awk '{ print $2 }' | tr '[:upper:]' '[:lower:]')
- if [ ! "${FIND}" = "" ]; then
- HOSTID=$(echo ${FIND} | shasum | awk '{ print $1 }')
- else
- ReportException "GetHostID" "No MAC address returned on macOS"
- fi
- LYNIS_HOSTID2_PART1=$(hostname -s)
- if [ ! -z "${LYNIS_HOSTID2_PART1}" ]; then
- LogText "Info: using hostname ${LYNIS_HOSTID2_PART1}"
- LYNIS_HOSTID2_PART2=$(sysctl -n kern.uuid 2> /dev/null)
- if [ ! -z "${LYNIS_HOSTID2_PART2}" ]; then
- LogText "Info: using UUID ${LYNIS_HOSTID2_PART2}"
- else
- LogText "Info: could not create HOSTID2 as kern.uuid sysctl key is missing"
- fi
- HOSTID2=$(echo "${LYNIS_HOSTID2_PART1}${LYNIS_HOSTID2_PART2}" | shasum -a 256 | awk '{ print $1 }')
- else
- LogText "Info: could not create HOSTID2 as hostname is missing"
- fi
+ FIND=$(${IFCONFIGBINARY} en0 | grep ether | head -1 | awk '{ print $2 }' | tr '[:upper:]' '[:lower:]')
+ if [ ! "${FIND}" = "" ]; then
+ HOSTID=$(echo ${FIND} | shasum | awk '{ print $1 }')
+ else
+ ReportException "GetHostID" "No MAC address returned on macOS"
+ fi
+ LYNIS_HOSTID2_PART1=$(hostname -s)
+ if [ ! -z "${LYNIS_HOSTID2_PART1}" ]; then
+ LogText "Info: using hostname ${LYNIS_HOSTID2_PART1}"
+ LYNIS_HOSTID2_PART2=$(sysctl -n kern.uuid 2> /dev/null)
+ if [ ! -z "${LYNIS_HOSTID2_PART2}" ]; then
+ LogText "Info: using UUID ${LYNIS_HOSTID2_PART2}"
+ else
+ LogText "Info: could not create HOSTID2 as kern.uuid sysctl key is missing"
+ fi
+ HOSTID2=$(echo "${LYNIS_HOSTID2_PART1}${LYNIS_HOSTID2_PART2}" | shasum -a 256 | awk '{ print $1 }')
+ else
+ LogText "Info: could not create HOSTID2 as hostname is missing"
+ fi
;;
"NetBSD")
- FIND=$(${IFCONFIGBINARY} -a | grep "address:" | head -1 | awk '{ print $2 }' | tr '[:upper:]' '[:lower:]')
- if [ ! "${FIND}" = "" ]; then
- HOSTID=$(echo ${FIND} | sha1)
- else
- ReportException "GetHostID" "No MAC address returned on NetBSD"
- fi
+ FIND=$(${IFCONFIGBINARY} -a | grep "address:" | head -1 | awk '{ print $2 }' | tr '[:upper:]' '[:lower:]')
+ if HasData "${FIND}"; then
+ HOSTID=$(echo ${FIND} | sha1)
+ else
+ ReportException "GetHostID" "No MAC address returned on NetBSD"
+ fi
;;
"OpenBSD")
- FIND=$(${IFCONFIGBINARY} | grep "lladdr " | head -1 | awk '{ print $2 }' | tr '[:upper:]' '[:lower:]')
- if [ ! "${FIND}" = "" ]; then
- HOSTID=$(echo ${FIND} | sha1)
- else
- ReportException "GetHostID" "No MAC address returned on OpenBSD"
- fi
+ FIND=$(${IFCONFIGBINARY} | grep "lladdr " | head -1 | awk '{ print $2 }' | tr '[:upper:]' '[:lower:]')
+ if HasData "${FIND}"; then
+ HOSTID=$(echo ${FIND} | sha1)
+ else
+ ReportException "GetHostID" "No MAC address returned on OpenBSD"
+ fi
;;
"Solaris")
@@ -979,10 +981,10 @@
HOSTID=$(echo ${FIND} | ${SHA1SUMBINARY} | awk '{ print $1 }')
elif [ ! "${OPENSSLBINARY}" = "" ]; then
HOSTID=$(echo ${FIND} | ${OPENSSLBINARY} sha -sha1 | awk '{ print $2 }')
- else
+ else
ReportException "GetHostID" "Can not find sha1/sha1sum or openssl"
fi
- else
+ else
ReportException "GetHostID" "No interface found op Solaris to create HostID"
fi
;;
@@ -1000,7 +1002,7 @@
fi
done
fi
- else
+ else
ReportException "GetHostID" "Can't create HOSTID as there is no SHA1 hash tool available (sha1, sha1sum, openssl)"
fi
@@ -1027,13 +1029,13 @@
if [ ! "${SHA1SUMBINARY}" = "" ]; then
HOSTID=$(cat /etc/ssh/${I} | ${SHA1SUMBINARY} | awk '{ print $1 }')
LogText "result: Created HostID with SSH key ($I): ${HOSTID}"
- else
+ else
ReportException "GetHostID" "Can't create HOSTID with SSH key, as sha1sum binary is missing"
fi
fi
fi
done
- else
+ else
LogText "Result: no /etc/ssh directory found, skipping"
fi
fi
@@ -1055,7 +1057,7 @@
fi
fi
done
- else
+ else
LogText "Result: no /etc/ssh directory found, skipping"
fi
@@ -1216,10 +1218,10 @@
################################################################################
IsEmpty() {
- if [ $# -eq 1 ]; then
- if [ -z "$1" ]; then return 0; else return 1; fi
- else
+ if [ $# -eq 0 ]; then
ExitFatal "Function IsEmpty called without parameters - look in log to determine where this happened, or use sh -x lynis to see all details."
+ else
+ if [ -z "$1" ]; then return 0; else return 1; fi
fi
}
@@ -1232,6 +1234,7 @@
################################################################################
IsRunning() {
+ if [ $# -eq 0 ]; then ExitFatal "Missing parameter when calling IsRunning function"; fi
RUNNING=0
PSOPTIONS=""
if [ ${SHELL_IS_BUSYBOX} -eq 0 ]; then PSOPTIONS=" ax"; fi
@@ -1240,7 +1243,7 @@
RUNNING=1
LogText "IsRunning: process '$1' found (${FIND})"
return 0
- else
+ else
LogText "IsRunning: process '$1' not found"
return 1
fi
@@ -1290,14 +1293,14 @@
if [ "${PERMS}" = "" ]; then
PERMS=$(ls -n ${FILE} | ${AWKBINARY} '{ print $3":"$4 }')
fi
- else
+ else
ReportException "IsOwnedByRoot" "Functions needs 1 argument"
return 255
fi
if [ "${PERMS}" = "0:0" ]; then
if IsDeveloperMode; then LogText "Debug: found incorrect file permissions on ${FILE}"; fi
return 0
- else
+ else
return 1
fi
}
@@ -1340,10 +1343,10 @@
LogText "Result: facter says this machine is not a virtual"
;;
esac
- else
+ else
LogText "Result: facter utility not found"
fi
- else
+ else
LogText "Result: skipped facter test, as we already found machine type"
fi
@@ -1356,10 +1359,10 @@
LogText "Result: found ${FIND}"
SHORT="${FIND}"
fi
- else
+ else
LogText "Result: systemd-detect-virt not found"
fi
- else
+ else
LogText "Result: skipped systemd test, as we already found machine type"
fi
@@ -1372,13 +1375,13 @@
if [ ! "${FIND}" = "" ]; then
LogText "Result: found ${FIND}"
SHORT="${FIND}"
- else
+ else
LogText "Result: can't find hypervisor vendor with lscpu"
fi
- else
+ else
LogText "Result: lscpu not found"
fi
- else
+ else
LogText "Result: skipped lscpu test, as we already found machine type"
fi
@@ -1387,7 +1390,8 @@
if [ "${SHORT}" = "" ]; then
if [ -x /usr/bin/dmidecode ]; then DMIDECODE_BINARY="/usr/bin/dmidecode"
elif [ -x /usr/sbin/dmidecode ]; then DMIDECODE_BINARY="/usr/sbin/dmidecode"
- else DMIDECODE_BINARY=""
+ else
+ DMIDECODE_BINARY=""
fi
if [ ! "${DMIDECODE_BINARY}" = "" -a ${PRIVILEGED} -eq 1 ]; then
LogText "Test: trying to guess virtualization with dmidecode"
@@ -1395,13 +1399,13 @@
if [ ! "${FIND}" = "" ]; then
LogText "Result: found ${FIND}"
SHORT="${FIND}"
- else
+ else
LogText "Result: can't find product name with dmidecode"
fi
- else
+ else
LogText "Result: dmidecode not found (or no access)"
fi
- else
+ else
LogText "Result: skipped dmidecode test, as we already found machine type"
fi
# Other options
@@ -1423,7 +1427,7 @@
if [ ${RUNNING} -eq 1 ]; then SHORT="virtualbox"; fi
IsRunning VBoxClient
if [ ${RUNNING} -eq 1 ]; then SHORT="virtualbox"; fi
- else
+ else
LogText "Result: skipped processes test, as we already found platform"
fi
@@ -1432,10 +1436,10 @@
LogText "Test: checking specific files for Amazon"
if [ -f /etc/ec2_version -a ! -z /etc/ec2_version ]; then
SHORT="amazon-ec2"
- else
+ else
LogText "Result: system not hosted on Amazon"
fi
- else
+ else
LogText "Result: skipped Amazon EC2 test, as we already found platform"
fi
@@ -1450,21 +1454,21 @@
if [ ! "${FIND}" = "" ]; then
SHORT="${FIND}"
fi
- else
+ else
LogText "Result: skipped sysctl test, as we already found platform"
fi
# lshw
- if [ "${SHORT}" = "" ]; then
+ if HasData "${SHORT}"; then
if [ ${PRIVILEGED} -eq 1 ]; then
if [ -x /usr/bin/lshw ]; then
LogText "Test: trying to guess virtualization with lshw"
FIND=$(lshw -quiet -class system 2> /dev/null | awk '{ if ($1=="product:") { print $2 }}')
- if [ ! "${FIND}" = "" ]; then
+ if HasData "${FIND}"; then
LogText "Result: found ${FIND}"
SHORT="${FIND}"
fi
- else
+ else
LogText "Result: lshw not found"
fi
else
@@ -1508,7 +1512,7 @@
elif [ ${ISVIRTUALMACHINE} -eq 2 ]; then
LogText "Result: unknown if this system is a virtual machine"
Report "vm=2"
- else
+ else
LogText "Result: system seems to be non-virtual"
fi
}
@@ -1524,6 +1528,7 @@
################################################################################
IsWorldReadable() {
+ if [ $# -eq 0 ]; then ExitFatal "Missing parameter when calling IsWorldReadable function"; fi
sFILE=$1
# Check for symlink
if [ -L ${sFILE} ]; then
@@ -1533,7 +1538,7 @@
if [ -f ${sFILE} -o -d ${sFILE} ]; then
FINDVAL=$(ls -ld ${sFILE} | cut -c 8)
if [ "${FINDVAL}" = "r" ]; then return 0; else return 1; fi
- else
+ else
return 255
fi
}
@@ -1550,6 +1555,7 @@
# Function IsWorldExecutable
IsWorldExecutable() {
+ if [ $# -eq 0 ]; then ExitFatal "Missing parameter when calling IsWorldExecutable function"; fi
sFILE=$1
# Check for symlink
if [ -L ${sFILE} ]; then
@@ -1559,7 +1565,7 @@
if [ -f ${sFILE} -o -d ${sFILE} ]; then
FINDVAL=$(ls -l ${sFILE} | cut -c 10)
if [ "${FINDVAL}" = "x" ]; then return 0; else return 1; fi
- else
+ else
return 255
fi
}
@@ -1575,6 +1581,7 @@
################################################################################
IsWorldWritable() {
+ if [ $# -eq 0 ]; then ExitFatal "Missing parameter when calling IsWorldWritable function"; fi
sFILE=$1
FileIsWorldWritable=""
@@ -1583,7 +1590,7 @@
FINDVAL=$(ls -ld ${sFILE} | cut -c 9)
if IsDeveloperMode; then Debug "File mode of ${sFILE} is ${FINDVAL}"; fi
if [ "${FINDVAL}" = "w" ]; then return 0; else return 1; fi
- else
+ else
return 255
fi
}
@@ -1752,7 +1759,7 @@
if [ "${VALUE}" = "off" ]; then
LogText "Result: found logging disabled for one virtual host"
NGINX_ACCESS_LOG_DISABLED=1
- else
+ else
if [ ! "${VALUE}" = "" ]; then
# If multiple values follow, select first one
VALUE=$(echo ${VALUE} | awk '{ print $1 }')
@@ -1796,7 +1803,7 @@
if [ ! -f ${FILE} ]; then
NGINX_ERROR_LOG_MISSING=1
fi
- else
+ else
LogText "Warning: did not find a filename after error_log in nginx configuration"
fi
;;
@@ -1908,18 +1915,18 @@
PortIsListening() {
if [ "${LSOFBINARY}" = "" ]; then
return 255
- else
+ else
if [ $# -eq 2 ] && [ $1 = "TCP" -o $1 = "UDP" ]; then
LogText "Test: find service listening on $1:$2"
if [ $1 = "TCP" ]; then FIND=$(${LSOFBINARY} -i${1} -s${1}:LISTEN -P -n | grep ":${2} "); else FIND=$(${LSOFBINARY} -i${1} -P -n | grep ":${2} "); fi
if [ ! "${FIND}" = "" ]; then
LogText "Result: found service listening on port $2 ($1)"
return 0
- else
+ else
LogText "Result: did not find service listening on port $2 ($1)"
return 1
fi
- else
+ else
return 255
ReportException ${TEST_NO} "Error in function call to PortIsListening"
fi
@@ -1945,7 +1952,7 @@
# If the No-Break version of echo is known, use that (usually breaks in combination with -e)
if [ ! "${ECHONB}" = "" ]; then
${ECHONB} "$1"
- else
+ else
${ECHOCMD} -en "$1"
fi
fi
@@ -2023,7 +2030,7 @@
ROOT_ONLY=1
elif [ "$1" = "NO" -o "$1" = "no" ]; then
ROOT_ONLY=0
- else
+ else
Debug "Invalid option for --root-only parameter of Register function"
fi
;;
@@ -2111,7 +2118,7 @@
if IsVerbose; then Debug "Performing test ID ${TEST_NO} (${TEST_DESCRIPTION})"; fi
fi
TESTS_EXECUTED="${TEST_NO}|${TESTS_EXECUTED}"
- else
+ else
if [ ${SKIPLOGTEST} -eq 0 ]; then LogText "Skipped test ${TEST_NO} (${TEST_DESCRIPTION})"; fi
if [ ${SKIPLOGTEST} -eq 0 ]; then LogText "Reason to skip: ${SKIPREASON}"; fi
TESTS_SKIPPED="${TEST_NO}|${TESTS_SKIPPED}"
@@ -2167,7 +2174,7 @@
if [ -f ${PIDFILE} ]; then
rm -f $PIDFILE;
LogText "PID file removed (${PIDFILE})"
- else
+ else
LogText "PID file not found (${PIDFILE})"
fi
fi
@@ -2190,14 +2197,14 @@
if [ -f ${TMPFILE} ]; then
LogText "Action: removing temporary file ${TMPFILE}"
rm -f ${TMPFILE}
- else
+ else
LogText "Info: temporary file ${TMPFILE} was already removed"
fi
- else
+ else
LogText "Found invalid temporary file (${FILE}), not removed. Check your /tmp directory."
fi
done
- else
+ else
LogText "No temporary files to be deleted"
fi
}
@@ -2429,10 +2436,10 @@
LogText "File permissions are OK"
return 0
fi
- else
+ else
ReportException "SafePerms()" "Invalid number of arguments for function"
fi
- else
+ else
PERMS_OK=1
return 0
fi
@@ -2483,11 +2490,11 @@
LogText "Result: found search string '${STRING}'"
if [ ${MASK_LOG} -eq 0 ]; then LogText "Full string returned: ${FIND}"; fi
RETVAL=0
- else
+ else
LogText "Result: search search string '${STRING}' NOT found"
RETVAL=1
fi
- else
+ else
LogText "Skipping search, file (${FILE}) does not exist"
ReportException "${TEST_NO}" "Test is trying to search for a string in nonexistent file"
fi
@@ -2664,7 +2671,7 @@
sFILE="${tFILE}"
LogText "Result: symlink found, pointing to directory ${sFILE}"
FOUNDPATH=1
- else
+ else
# Check the full path of the symlink, strip the filename, copy the path and linked filename together
tDIR=$(echo ${sFILE} | awk '{match($1, "^.*/"); print substr($1, 1, RLENGTH-1)}')
tFILE="${tDIR}/${tFILE}"
@@ -2700,7 +2707,7 @@
LogText "Result: file ${tFILE} in ${tDIR} not found"
fi
fi
- else
+ else
LogText "Result: file ${sFILE} is not a symlink"
fi
# Now check if our new location is actually a file or directory destination
@@ -2710,7 +2717,7 @@
fi
if [ ${FOUNDPATH} -eq 1 ]; then
SYMLINK="${sFILE}"
- else
+ else
SYMLINK=""
fi
}
@@ -2735,7 +2742,7 @@
STRING=$(echo $1 | tr '[:lower:]' '[:upper:]')
if [ "${I}" = "${STRING}" ]; then RETVAL=0; LogText "Atomic test ($1) skipped by configuration (skip-test)"; fi
done
- else
+ else
ReportException "SkipAtomicTest()" "Function called without right number of arguments (1)"
fi
return $RETVAL
@@ -2860,7 +2867,7 @@
if [ "${RETVAL}" -lt 2 ]; then
return ${RESULT}
- else
+ else
Fatal "ERROR: No result returned from function (TestValue). Incorrect usage?"
#ExitFatal
fi
@@ -2964,14 +2971,14 @@
RETVAL=1
if [ "$#" -ne "2" ]; then
ReportException "${TEST_NO}" "Error in function call to ${FUNCNAME}"
- else
+ else
LogText "${FUNCNAME}: checking value for application ${APP}"
LogText "${FUNCNAME}: ${OPTION} is set to ${1}"
if [ "$1" != "$2" ]; then
LogText "${FUNCNAME}: ${1} is not equal to ${2}"
RETVAL=0
- else
+ else
LogText "${FUNCNAME}: ${1} is equal to ${2}"
fi
fi
@@ -2988,14 +2995,14 @@
RETVAL=1
if [ "$#" -ne "2" ]; then
ReportException "${TEST_NO}" "Error in function call to ${FUNCNAME}"
- else
+ else
LogText "${FUNCNAME}: checking value for application ${APP}"
LogText "${FUNCNAME}: ${OPTION} is set to ${1}"
LogText "${FUNCNAME}: checking if ${1} is greater than ${2}"
if [ "$1" > "$2" ]; then
LogText "${FUNCNAME}: ${1} is greater than ${2}"
RETVAL=0
- else
+ else
LogText "${FUNCNAME}: ${1} is not greater than ${2}"
fi
fi
@@ -3013,7 +3020,7 @@
RETVAL=1
if [ "$#" -ne "2" ]; then
ReportException "${TEST_NO}" "Error in function call to ${FUNCNAME}"
- else
+ else
LogText "${FUNCNAME}: checking value for application ${APP}"
LogText "${FUNCNAME}: ${OPTION} is set to ${1}"
LogText "${FUNCNAME}: checking if ${1} is greater or equal ${2}"
@@ -3035,7 +3042,7 @@
RETVAL=1
if [ "$#" -ne "2" ]; then
ReportException "${TEST_NO}" "Error in function call to TestCase_GreaterOrEqual"
- else
+ else
LogText "${FUNCNAME}: checking value for application ${APP}"
LogText "${FUNCNAME}: ${OPTION} is set to ${1}"
@@ -3059,7 +3066,7 @@
RETVAL=1
if [ "$#" -ne "2" ]; then
ReportException "${TEST_NO}" "Error in function call to ${FUNCNAME}"
- else
+ else
LogText "${FUNCNAME}: checking value for application ${APP}"
LogText "${FUNCNAME}: ${OPTION} is set to ${1}"
LogText "${FUNCNAME}: checking if ${1} is less or equal ${2}"
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-19 13:38:58 +0300