From 19921ab00142c94033f0473febfcf26919db56b9 Mon Sep 17 00:00:00 2001 From: Michael Boelen Date: Thu, 28 Feb 2019 10:19:09 +0100 Subject: Style improvements, typo, variable usage --- include/tests_authentication | 56 ++++++++++++++++++++++---------------------- 1 file changed, 28 insertions(+), 28 deletions(-) diff --git a/include/tests_authentication b/include/tests_authentication index c4f62b64..e0571a49 100644 --- a/include/tests_authentication +++ b/include/tests_authentication @@ -487,35 +487,35 @@ if [ ! -z "${SUDOERS_FILE}" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi Register --test-no AUTH-9252 --preqs-met ${PREQS_MET} --weight L --network NO --root-only YES --category security --description "Check ownership and permissions for sudo configuration files" if [ ${SKIPTEST} -eq 0 ]; then - SUDO_CONFIG_FILES="${SUDOERS_FILE}" - SUDOERS_D="${SUDOERS_FILE}.d" - if [ -d "${SUDOERS_D}" ]; then - LogText "Test: checking drop-in directory (${SUDOERS_D})" - FIND=$(${LSBINARY} -ld ${SUDOERS_D} | ${CUTBINARY} -c 2-10) - FIND1=$(${LSBINARY} -nd ${SUDOERS_D} | ${AWKBINARY} '{print $3$4}') - LogText "Result: Found directory permissions: ${FIND} and owner UID GID: ${FIND1}" - if [ "${FIND}" = "rwxrwx---" -o "${FIND}" = "rwxr-x---" -o "${FIND}" = "rwx------" ] && [ "${FIND1}" = "00" ]; then - LogText "Result: directory ${SUDOERS_D} permissions/ownership OK" - Display --indent 4 --text "- Permissions for directory: ${SUDOERS_D}" --result "${STATUS_OK}" --color GREEN - else - LogText "Result: directory has possibly unsafe permissions/ownership" - Display --indent 4 --text "- Permissions for directory: ${SUDOERS_D}" --result "${STATUS_WARNING}" --color RED - fi - SUDO_CONFIG_FILES="${SUDO_CONFIG_FILES} $(${FINDBINARY} ${SUDOERS_D} -type f -print)" - fi - for f in ${SUDO_CONFIG_FILES}; do - LogText "Test: checking file (${f})" - FIND=$(${LSBINARY} -l ${f} | ${CUTBINARY} -c 2-10) - FIND1=$(${LSBINARY} -n ${f} | ${AWKBINARY} '{print $3$4}') - LogText "Result: Found file permissions: ${FIND} and owner UID GID: ${FIND1}" - if [ "${FIND}" = "rw-------" -o "${FIND}" = "rw-rw----" -o "${FIND}" = "r--r-----" ] && [ "${FIND1}" = "00" ]; then - LogText "Result: file ${f} permissions/ownerhsip OK" - Display --indent 4 --text "- Permissions for: ${f}" --result "${STATUS_OK}" --color GREEN - else - LogText "Result: file has possibly unsafe permissions/ownership" - Display --indent 4 --text "- Permissions for: ${f}" --result "${STATUS_WARNING}" --color RED + SUDO_CONFIG_FILES="${SUDOERS_FILE}" + SUDOERS_D="${SUDOERS_FILE}.d" + if [ -d "${SUDOERS_D}" ]; then + LogText "Test: checking drop-in directory (${SUDOERS_D})" + FIND=$(${LSBINARY} -ld ${SUDOERS_D} | ${CUTBINARY} -c 2-10) + FIND2=$(${LSBINARY} -nd ${SUDOERS_D} | ${AWKBINARY} '{print $3$4}') + LogText "Result: Found directory permissions: ${FIND} and owner UID GID: ${FIND2}" + if [ "${FIND}" = "rwxrwx---" -o "${FIND}" = "rwxr-x---" -o "${FIND}" = "rwx------" ] && [ "${FIND2}" = "00" ]; then + LogText "Result: directory ${SUDOERS_D} permissions/ownership OK" + Display --indent 4 --text "- Permissions for directory: ${SUDOERS_D}" --result "${STATUS_OK}" --color GREEN + else + LogText "Result: directory has possibly unsafe permissions/ownership" + Display --indent 4 --text "- Permissions for directory: ${SUDOERS_D}" --result "${STATUS_WARNING}" --color RED + fi + SUDO_CONFIG_FILES="${SUDO_CONFIG_FILES} $(${FINDBINARY} ${SUDOERS_D} -type f -print)" fi - done + for f in ${SUDO_CONFIG_FILES}; do + LogText "Test: checking file (${f})" + FIND=$(${LSBINARY} -l ${f} | ${CUTBINARY} -c 2-10) + FIND2=$(${LSBINARY} -n ${f} | ${AWKBINARY} '{print $3$4}') + LogText "Result: Found file permissions: ${FIND} and owner UID GID: ${FIND2}" + if [ "${FIND}" = "rw-------" -o "${FIND}" = "rw-rw----" -o "${FIND}" = "r--r-----" ] && [ "${FIND2}" = "00" ]; then + LogText "Result: file ${f} permissions/ownership OK" + Display --indent 4 --text "- Permissions for: ${f}" --result "${STATUS_OK}" --color GREEN + else + LogText "Result: file has possibly unsafe permissions/ownership" + Display --indent 4 --text "- Permissions for: ${f}" --result "${STATUS_WARNING}" --color RED + fi + done fi # ################################################################################# -- cgit v1.2.3