From 0c686bb6ea4972423ad78c93f80449e1e862f6c1 Mon Sep 17 00:00:00 2001 From: Simon Biewald Date: Sat, 14 Nov 2020 20:27:39 +0000 Subject: Use the new status strings in tests See-Also: HEAD^ Signed-off-by: Simon Biewald --- include/tests_authentication | 12 ++++++------ include/tests_firewalls | 4 ++-- include/tests_insecure_services | 8 ++++---- include/tests_networking | 2 +- include/tests_ports_packages | 2 +- 5 files changed, 14 insertions(+), 14 deletions(-) diff --git a/include/tests_authentication b/include/tests_authentication index b27e59c7..ce2205ca 100644 --- a/include/tests_authentication +++ b/include/tests_authentication @@ -502,7 +502,7 @@ FIND=$(${EGREPBINARY} "^passwd" /etc/nsswitch.conf | ${EGREPBINARY} "compat|nisplus") if [ -z "${FIND}" ]; then LogText "Result: NIS+ authentication not enabled" - Display --indent 2 --text "- NIS+ authentication support" --result "NOT ENABLED" --color WHITE + Display --indent 2 --text "- NIS+ authentication support" --result "${STATUS_NOT_ENABLED}" --color WHITE else FIND2=$(${EGREPBINARY} "^passwd_compat" ${ROOTDIR}etc/nsswitch.conf | ${GREPBINARY} "nisplus") FIND3=$(${EGREPBINARY} "^passwd" ${ROOTDIR}etc/nsswitch.conf | ${GREPBINARY} "nisplus") @@ -511,7 +511,7 @@ Display --indent 2 --text "- NIS+ authentication support" --result "${STATUS_ENABLED}" --color GREEN else LogText "Result: NIS+ authentication not enabled" - Display --indent 2 --text "- NIS+ authentication support" --result "NOT ENABLED" --color WHITE + Display --indent 2 --text "- NIS+ authentication support" --result "${STATUS_NOT_ENABLED}" --color WHITE fi fi else @@ -529,7 +529,7 @@ FIND=$(${EGREPBINARY} "^passwd" /etc/nsswitch.conf | ${EGREPBINARY} "compat|nis" | ${GREPBINARY} -v "nisplus") if [ -z "${FIND}" ]; then LogText "Result: NIS authentication not enabled" - Display --indent 2 --text "- NIS authentication support" --result "NOT ENABLED" --color WHITE + Display --indent 2 --text "- NIS authentication support" --result "${STATUS_NOT_ENABLED}" --color WHITE else FIND2=$(${EGREPBINARY} "^passwd_compat" /etc/nsswitch.conf | ${GREPBINARY} "nis" | ${GREPBINARY} -v "nisplus") FIND3=$(${EGREPBINARY} "^passwd" /etc/nsswitch.conf | ${GREPBINARY} "nis" | ${GREPBINARY} -v "nisplus") @@ -538,7 +538,7 @@ Display --indent 2 --text "- NIS authentication support" --result "${STATUS_ENABLED}" --color GREEN else LogText "Result: NIS authentication not enabled" - Display --indent 2 --text "- NIS authentication support" --result "NOT ENABLED" --color WHITE + Display --indent 2 --text "- NIS authentication support" --result "${STATUS_NOT_ENABLED}" --color WHITE fi fi else @@ -1475,7 +1475,7 @@ if [ ${FOUND} -eq 1 ]; then Display --indent 2 --text "- Checking account locking" --result "${STATUS_ENABLED}" --color GREEN else - Display --indent 2 --text "- Checking account locking" --result "NOT ENABLED" --color YELLOW + Display --indent 2 --text "- Checking account locking" --result "${STATUS_NOT_ENABLED}" --color YELLOW fi fi # @@ -1489,7 +1489,7 @@ FIND=$(${EGREPBINARY} "^passwd" ${ROOTDIR}etc/nsswitch.conf | ${GREPBINARY} "ldap") if [ "${FIND}" = "" ]; then LogText "Result: LDAP authentication not enabled" - Display --indent 2 --text "- LDAP authentication support" --result "NOT ENABLED" --color WHITE + Display --indent 2 --text "- LDAP authentication support" --result "${STATUS_NOT_ENABLED}" --color WHITE else LogText "Result: LDAP authentication enabled" Display --indent 2 --text "- LDAP authentication support" --result "${STATUS_ENABLED}" --color GREEN diff --git a/include/tests_firewalls b/include/tests_firewalls index 4d0ba748..685f2452 100644 --- a/include/tests_firewalls +++ b/include/tests_firewalls @@ -539,7 +539,7 @@ Register --test-no FIRE-4590 --weight L --network NO --category security --description "Check firewall status" if [ ${SKIPTEST} -eq 0 ]; then if [ ${FIREWALL_ACTIVE} -eq 1 ]; then - Display --indent 2 --text "- Checking host based firewall" --result "ACTIVE" --color GREEN + Display --indent 2 --text "- Checking host based firewall" --result "${STATUS_ACTIVE}" --color GREEN LogText "Result: host based firewall or packet filter is active" Report "manual[]=Verify if there is a formal process for testing and applying firewall rules" Report "manual[]=Verify all traffic is filtered the right way between the different security zones" @@ -548,7 +548,7 @@ Report "manual[]=Make sure an explicit deny all is the default policy for all unmatched traffic" AddHP 5 5 else - Display --indent 2 --text "- Checking host based firewall" --result "NOT ACTIVE" --color YELLOW + Display --indent 2 --text "- Checking host based firewall" --result "${STATUS_NOT_ACTIVE}" --color YELLOW LogText "Result: no host based firewall/packet filter found or configured" ReportSuggestion "${TEST_NO}" "Configure a firewall/packet filter to filter incoming and outgoing traffic" AddHP 0 5 diff --git a/include/tests_insecure_services b/include/tests_insecure_services index 230d117e..2ba308b3 100644 --- a/include/tests_insecure_services +++ b/include/tests_insecure_services @@ -63,11 +63,11 @@ LogText "Test: Searching for active inet daemon" if IsRunning "inetd"; then LogText "Result: inetd is running" - Display --indent 4 --text "- inetd status" --result "ACTIVE" --color GREEN + Display --indent 4 --text "- inetd status" --result "${STATUS_ACTIVE}" --color GREEN INETD_ACTIVE=1 else LogText "Result: inetd is NOT running" - Display --indent 4 --text "- inetd status" --result "NOT ACTIVE" --color GREEN + Display --indent 4 --text "- inetd status" --result "${STATUS_NOT_ACTIVE}" --color GREEN fi fi # @@ -158,11 +158,11 @@ LogText "Test: Searching for active extended internet services daemon (xinetd)" if IsRunning "xinetd"; then LogText "Result: xinetd is running" - Display --indent 4 --text "- xinetd status" --result "ACTIVE" --color GREEN + Display --indent 4 --text "- xinetd status" --result "${STATUS_ACTIVE}" --color GREEN XINETD_ACTIVE=1 else LogText "Result: xinetd is NOT running" - Display --indent 4 --text "- xinetd status" --result "NOT ACTIVE" --color GREEN + Display --indent 4 --text "- xinetd status" --result "${STATUS_NOT_ACTIVE}" --color GREEN fi fi # diff --git a/include/tests_networking b/include/tests_networking index 9e63088b..9bf5a082 100644 --- a/include/tests_networking +++ b/include/tests_networking @@ -683,7 +683,7 @@ Display --indent 2 --text "- Checking status DHCP client" --result "${STATUS_RUNNING}" --color WHITE DHCP_CLIENT_RUNNING=1 else - Display --indent 2 --text "- Checking status DHCP client" --result "NOT ACTIVE" --color WHITE + Display --indent 2 --text "- Checking status DHCP client" --result "${STATUS_NOT_ACTIVE}" --color WHITE fi fi # diff --git a/include/tests_ports_packages b/include/tests_ports_packages index c2978be6..2e827813 100644 --- a/include/tests_ports_packages +++ b/include/tests_ports_packages @@ -1232,7 +1232,7 @@ ReportSuggestion "${TEST_NO}" "Install a package audit tool to determine vulnerable packages" LogText "Result: no package audit tool found" else - Display --indent 2 --text "- Checking package audit tool" --result INSTALLED --color GREEN + Display --indent 2 --text "- Checking package audit tool" --result "${STATUS_INSTALLED}" --color GREEN Display --indent 4 --text "Found: ${PACKAGE_AUDIT_TOOL}" LogText "Result: found package audit tool: ${PACKAGE_AUDIT_TOOL}" fi -- cgit v1.2.3