From b2c73547dddebf2620a9fffd972fff6bd072977d Mon Sep 17 00:00:00 2001
From: Michael Boelen <michael.boelen@cisofy.com>
Date: Fri, 6 Dec 2019 15:55:29 +0100
Subject: Initialize variables and filter out pam-old files

---
 plugins/plugin_pam_phase1 | 22 +++++++++++++++-------
 1 file changed, 15 insertions(+), 7 deletions(-)

(limited to 'plugins')

diff --git a/plugins/plugin_pam_phase1 b/plugins/plugin_pam_phase1
index f4866db7..361918de 100644
--- a/plugins/plugin_pam_phase1
+++ b/plugins/plugin_pam_phase1
@@ -6,19 +6,26 @@
 #-----------------------------------------------------
 # PLUGIN_AUTHOR=Michael Boelen <michael.boelen@cisofy.com>
 # PLUGIN_CATEGORY=authentication
-# PLUGIN_DATE=2017-04-30
+# PLUGIN_DATE=2019-07-26
 # PLUGIN_DESC=PAM
 # PLUGIN_NAME=pam
 # PLUGIN_PACKAGE=all
 # PLUGIN_REQUIRED_TESTS=
-# PLUGIN_VERSION=1.0.2
+# PLUGIN_VERSION=1.0.4
 #-----------------------------------------------------
 #########################################################################
 #
     # Variables
+    CREDITS_D_PASSWORD=""
+    CREDITS_L_PASSWORD=""
+    CREDITS_O_PASSWORD=""
+    CREDITS_U_PASSWORD=""
     MAX_PASSWORD_RETRY=""
+    MIN_PASSWORD_CLASS=""
     PAM_DIRECTORY="${ROOTDIR}etc/pam.d"
-
+#
+#########################################################################
+#
     # Test        : PLGN-0008
     # Description : Check PAM configuration
     FILE="${ROOTDIR}etc/security/pwquality.conf"
@@ -57,8 +64,9 @@
             done
         done
     fi
-
-
+#
+#########################################################################
+#
     # Test        : PLGN-0010
     # Description : Check PAM configuration
     if [ -f ${ROOTDIR}etc/pam.conf -o -d ${PAM_DIRECTORY} ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi
@@ -69,12 +77,12 @@
         if [ -d ${PAM_DIRECTORY} ]; then
             LogText "Result: ${PAM_DIRECTORY} exists"
             if [ ! "${OS}" = "FreeBSD" -a ! "${OS}" = "NetBSD" ]; then
-                FIND_FILES=$(find ${PAM_DIRECTORY} -type f -print)
+                FIND_FILES=$(find ${PAM_DIRECTORY} -not -name "*.pam-old" -type f -print)
             else
                 if [ -f ${PAM_DIRECTORY}/README ]; then
                     LogText "Skipped checking ${OS} ${PAM_DIRECTORY}/README as a PAM file"
                 fi
-                FIND_FILES=$(find ${PAM_DIRECTORY} -type f -print | grep -v "README")
+                FIND_FILES=$(find ${PAM_DIRECTORY} -not -name "README" -not -name "*.pam-old" -type f -print)
             fi
 
             for PAM_FILE in ${FIND_FILES}; do
-- 
cgit v1.2.3