From 361e70fa13a2c8151b9478ab30f7383481f54f13 Mon Sep 17 00:00:00 2001 From: mboelen Date: Thu, 15 Oct 2015 19:54:58 +0200 Subject: Changed path and added debugging to log file --- plugins/plugin_pam_phase1 | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'plugins') diff --git a/plugins/plugin_pam_phase1 b/plugins/plugin_pam_phase1 index f271460a..5222111e 100644 --- a/plugins/plugin_pam_phase1 +++ b/plugins/plugin_pam_phase1 @@ -15,7 +15,7 @@ #----------------------------------------------------- ######################################################################### # - PAM_DIRECTORY="/root/pam.d" + PAM_DIRECTORY="/etc/pam.d" # Test : PLGN-0010 # Description : Check PAM configuration if [ -f /etc/pam.conf -o -d /etc/pam.d ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi @@ -30,7 +30,7 @@ #if [ -f /etc/pam.conf ]; then FIND="/etc/pam.conf ${FIND}"; fi for PAM_FILE in ${FIND_FILES}; do #echo "" - #echo "* ${PAM_FILE}" + logtext "Now checking PAM file ${PAM_FILE}" while read line; do # Strip empty lines, commented lines, tabs, line breaks (\), then finally remove all double spaces LINE=`echo $line | grep -v "^#" | grep -v "^$" | tr '\011' ' ' | sed 's/\\\n/ /' | sed 's/ / /g'` @@ -285,7 +285,7 @@ report "authentication_two_factor_enabled=${PAM_2F_AUTH_ENABLED}" logtext "[PAM] PAM 2F authentication required: ${PAM_2F_AUTH_REQUIRED}" report "authentication_two_factor_required=${PAM_2F_AUTH_ENABLED}" -if [ ! "${AUTH_UNLOCK_TIME}" = "" ]; then +if [ ! "${AUTH_UNLOCK_TIME}" = "-1" ]; then logtext "[PAM] Authentication unlock time: ${AUTH_UNLOCK_TIME}" report "authentication_unlock_time=${AUTH_UNLOCK_TIME}" else @@ -304,7 +304,7 @@ if [ ${PAM_AUTH_BRUTE_FORCE_PROTECTION} -eq 1 ]; then report "authentication_brute_force_protection=1" fi -if [ ! "${MIN_PASSWORD_LENGTH}" = "" ]; then +if [ ! "${MIN_PASSWORD_LENGTH}" = "-1" ]; then logtext "[PAM] Minimum password length: ${MIN_PASSWORD_LENGTH}" report "minimum_password_length=${MIN_PASSWORD_LENGTH}" else -- cgit v1.2.3