From 3407a1dbe6c1498386f6bfa5ff8f1706e8fbdf9e Mon Sep 17 00:00:00 2001 From: Michael Boelen Date: Sat, 17 Aug 2019 16:49:11 +0200 Subject: [FILE-7524] optimized test with new function and changed warning to suggestion --- include/tests_file_permissions | 40 +++++++++++++++++++++++++--------------- 1 file changed, 25 insertions(+), 15 deletions(-) (limited to 'include/tests_file_permissions') diff --git a/include/tests_file_permissions b/include/tests_file_permissions index 108b830e..35e28753 100644 --- a/include/tests_file_permissions +++ b/include/tests_file_permissions @@ -32,27 +32,37 @@ if [ ${SKIPTEST} -eq 0 ]; then Display --indent 2 --text "- Starting file permissions check" LogText "Test: Checking file permissions" + FOUND=0 for PROFILE in ${PROFILES}; do LogText "Using profile ${PROFILE} for baseline." - FIND=$(${EGREPBINARY} '^permfile=|^permdir=' ${PROFILE} | ${CUTBINARY} -d= -f2 | ${CUTBINARY} -d: -f1) - for I in ${FIND}; do - LogText "Checking ${I}" - CheckFilePermissions "${I}" - LogText " Expected permissions: ${PROFILEVALUE}" - LogText " Actual permissions: ${FILEVALUE}" - LogText " Result: $PERMS" - if [ "${PERMS}" = "FILE_NOT_FOUND" ]; then - if IsVerbose; then Display --indent 4 --text "${I}" --result "${STATUS_NOT_FOUND}" --color WHITE; fi - elif [ "${PERMS}" = "OK" ]; then - Display --indent 4 --text "${I}" --result "${STATUS_OK}" --color GREEN - elif [ "${PERMS}" = "BAD" ]; then - Display --indent 4 --text "${I}" --result "${STATUS_WARNING}" --color RED - ReportWarning ${TEST_NO} "Incorrect permissions for file ${I}" + FILES=$(${EGREPBINARY} '^permfile=|^permdir=' ${PROFILE} | ${CUTBINARY} -d= -f2 | ${CUTBINARY} -d: -f1) + for F in ${FILES}; do + LogText "Test: checking file/directory ${F}" + if [ -f "${F}" ]; then + PERMS=$(${GREPBINARY} '^permfile=' ${PROFILE} | ${GREPBINARY} "=${F}:" | ${CUTBINARY} -d: -f2) + if HasCorrectFilePermissions "${F}" "${PERMS}"; then + Display --indent 4 --text "File: ${F}" --result "${STATUS_OK}" --color GREEN + else + Display --indent 4 --text "File: ${F}" --result "${STATUS_SUGGESTION}" --color YELLOW + FOUND=1 + fi + elif [ -d "${F}" ]; then + PERMS=$(${GREPBINARY} '^permdir=' ${PROFILE} | ${GREPBINARY} "=${F}:" | ${CUTBINARY} -d: -f2) + if HasCorrectFilePermissions "${F}" "${PERMS}"; then + Display --indent 4 --text "Directory: ${F}" --result "${STATUS_OK}" --color GREEN + else + Display --indent 4 --text "Directory: ${F}" --result "${STATUS_SUGGESTION}" --color YELLOW + FOUND=1 + fi else - LogText "UNKNOWN status for file" + if IsVerbose; then Display --indent 4 --text "${F}" --result "${STATUS_NOT_FOUND}" --color WHITE; fi + LogText "Skipping file/directory ${F} as it does not exist on this system" fi done done + if [ ${FOUND} -eq 1 ]; then + ReportSuggestion "${TEST_NO}" "Consider restricting file permissions" "See screen output or log file" "text:Use chmod to change file permissions" + fi fi # ################################################################################# -- cgit v1.2.3