From fdf3ded89f7a205a69d150f2ba629f68ca46db5f Mon Sep 17 00:00:00 2001
From: Michael Boelen <michael.boelen@cisofy.com>
Date: Fri, 26 Aug 2016 14:05:20 +0200
Subject: New command 'lynis show details' to display test details

---
 include/consts      |  1 +
 include/functions   |  4 ++--
 include/helper_show | 12 ++++++++++++
 include/parameters  |  1 +
 include/report      |  5 +++--
 lynis               | 10 +++++++---
 6 files changed, 26 insertions(+), 7 deletions(-)

diff --git a/include/consts b/include/consts
index b29bf6f1..ba43c3a6 100644
--- a/include/consts
+++ b/include/consts
@@ -106,6 +106,7 @@ unset LANG
     LMDBINARY=""
     LMDFOUND=0
     LOGFILE=""
+    LOGTEXT=1
     LSVGBINARY=""
     MACHINEID=""
     MACHINE_ROLE=""
diff --git a/include/functions b/include/functions
index b912857d..7248a71d 100644
--- a/include/functions
+++ b/include/functions
@@ -1469,7 +1469,7 @@
     ################################################################################
 
     LogText() {
-        if [ ! "${LOGFILE}" = "" ]; then CDATE=$(date "+%Y-%m-%d %H:%M:%S"); echo "${CDATE} $1" >> ${LOGFILE}; fi
+        if [ ! "${LOGFILE}" = "" -a ${LOGTEXT} -eq 1 ]; then CDATE=$(date "+%Y-%m-%d %H:%M:%S"); echo "${CDATE} $1" >> ${LOGFILE}; fi
     }
 
 
@@ -1480,7 +1480,7 @@
     ################################################################################
 
     LogTextBreak() {
-        if [ ! "${LOGFILE}" = "" ]; then
+        if [ ! "${LOGFILE}" = "" -a ${LOGTEXT} -eq 1 ]; then
             CDATE=$(date "+%Y-%m-%d %H:%M:%S")
             echo "${CDATE} ===---------------------------------------------------------------===" >> ${LOGFILE}
         fi
diff --git a/include/helper_show b/include/helper_show
index db5d6724..09baa9fa 100644
--- a/include/helper_show
+++ b/include/helper_show
@@ -209,6 +209,18 @@ if [ $# -gt 0 ]; then
         "dbdir")
             ${ECHOCMD} "${DBDIR}"
             ;;
+        "details")
+            if [ -z "${LOGFILE}" ]; then DisplayError "Could not find log file to parse"; fi
+            if [ $# -eq 1 ]; then
+                DisplayError "Provide a test ID"
+              else
+                shift
+                if [ $# -eq 1 ]; then
+                    TESTID="$1"
+                    awk -v search="Performing test ID $TESTID" '$0 ~ search {++f;p=1}p&&f==1;/===---/{p=0}' ${LOGFILE}
+                fi
+            fi
+            ;;
         "groups")
             ViewGroups
             ;;
diff --git a/include/parameters b/include/parameters
index 402743ee..2c59ab0c 100644
--- a/include/parameters
+++ b/include/parameters
@@ -121,6 +121,7 @@
                 RUN_TESTS=0
                 RUN_UPDATE_CHECK=0
                 SKIP_PLUGINS=1
+                LOGTEXT=0
                 SHOW_TOOL_TIPS=0
                 SHOW_PROGRAM_DETAILS=0
                 shift; HELPER_PARAMS="$@"
diff --git a/include/report b/include/report
index 03de8a28..0c73d436 100644
--- a/include/report
+++ b/include/report
@@ -165,9 +165,10 @@
             if [ ! "${SWARNINGS}" = "" -o ! "${SSUGGESTIONS}" = "" ]; then
                 echo "  ${CYAN}Follow-up${NORMAL}:"
                 echo "  ${WHITE}----------------------------${NORMAL}"
-                echo "  ${WHITE}-${NORMAL} Check the logfile for more details (less $LOGFILE)"
+                echo "  ${WHITE}-${NORMAL} Show details of a test (lynis show details TEST-ID)"
+                echo "  ${WHITE}-${NORMAL} Check the logfile for all details (less ${LOGFILE})"
                 echo "  ${WHITE}-${NORMAL} Read security controls texts (https://cisofy.com)"
-                if [ ${UPLOAD_DATA} -eq 0 ]; then echo "  ${WHITE}-${NORMAL} Use --upload to upload data (Lynis Enterprise users)"; fi
+                if [ ${UPLOAD_DATA} -eq 0 ]; then echo "  ${WHITE}-${NORMAL} Use --upload to upload data to central system (Lynis Enterprise users)"; fi
                 echo ""
             fi
             echo "================================================================================"
diff --git a/lynis b/lynis
index 9bf19a9a..b9402459 100755
--- a/lynis
+++ b/lynis
@@ -228,8 +228,12 @@ Make sure to execute ${PROGRAM_NAME} from untarred directory or check your insta
     if [ ${PRIVILEGED} -eq 0 ]; then
         if [ "${LOGFILE}" = "" ]; then
             # Try creating a log file in temporary directory
-            touch /tmp/lynis.log
-            if [ $? -eq 0 ]; then LOGFILE="/tmp/lynis.log"; else LOGFILE="/dev/null"; fi
+            if [ ! -f /tmp/lynis.log ]; then
+                touch /tmp/lynis.log
+                if [ $? -eq 0 ]; then LOGFILE="/tmp/lynis.log"; else LOGFILE="/dev/null"; fi
+            else
+                LOGFILE="/tmp/lynis.log"
+            fi
         fi
         if [ "${REPORTFILE}" = "" ]; then
             touch /tmp/lynis-report.dat
@@ -477,7 +481,7 @@ ${NORMAL}
 #
     # Clear log file and test if it's writable
     CDATE=$(date "+%Y-%m-%d %H:%M:%S")
-    echo "${CDATE} Starting ${PROGRAM_NAME} ${PROGRAM_VERSION} with PID ${OURPID}, build date ${PROGRAM_RELEASE_DATE}" > ${LOGFILE}
+    if [ ${LOGTEXT} -eq 1 ]; then echo "${CDATE} Starting ${PROGRAM_NAME} ${PROGRAM_VERSION} with PID ${OURPID}, build date ${PROGRAM_RELEASE_DATE}" > ${LOGFILE}; fi
     if [ $? -gt 0 ]; then
         Display --indent 2 --text "- Clearing log file (${LOGFILE})... " --result WARNING --color RED
         echo "${WARNING}Fatal error${NORMAL}: problem while writing to log file. Check location and permissions."
-- 
cgit v1.2.3