Welcome to mirror list, hosted at ThFree Co, Russian Federation.

tests_custom.template « include - github.com/CISOfy/lynis.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/include/tests_custom.template
blob: 284c4a6764beb94ffd677ea684c87d8e85c08bed (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114

#!/bin/sh

#################################################################################
#
# Here you could insert your own custom checks
#
# Tips:
# - Make sure to use each test ID only once in Register function and prefix them with CUST
# - Use big steps in numbering, so you can easily put tests in between
# - Want to improve Lynis? Share your checks!
#
#################################################################################
#
    # Test        : CUST-0001
    # Description : We show some lines on the screen

    # Register our first custom test
    # We consider it to be a lightweight test (no heavy IO, or long searches), no network connection needed
    Register --test-no CUST-0001 --weight L --network NO --description "A test case for colors and text display"
    if [ ${SKIPTEST} -eq 0 ]; then
        # The Display function makes it easy to show something on screen, with colors.
        # --indent  defines amount of spaces
        # --text    text to be displayed on screen
        # --result  text at end of line
        # --color   color of result text
        Display --indent 2 --text "- Checking if everything is OK..." --result "${STATUS_OK}" --color GREEN
        Display --indent 4 --text "This shows one level deeper " --result "${STATUS_NO}"TICE --color YELLOW
        Display --indent 6 --text "And even deeper" --result "${STATUS_WARNING}" --color RED

        # Here we could add specific tests, like testing for a directory
        # Most tests use the "if-then-else". If something is true, take one step, otherwise the other.
        if [ -d /tmp ]; then
            LogText "Result: we have a temporary directory"
          else
            LogText "Result: no temporary directory found"
        fi

        # Common examples to use:
        # if [ -f /etc/file ]; then                     =  Test if file exists
        # if [ -d /var/run/mydirectory ]; then          =  Test if directory exists
        # if [ ${MYVARIABLE} -eq 1 ]; then              =  Test if variable is set to 1
        # if [ "${MYVARIABLE}" = "Value" ]; then        =  Test if variable is equal to specific value

        if [ -f /etc/file ]; then
            LogText "Result: Found file /etc/file"
          elif [ -f /etc/file2 ]; then
            LogText "Result: Found file /etc/file2"
          else
            LogText "Result: both /etc/file and /etc/file2 not found"
        fi

        # If a single value is stored in a variable, using case is effective.
        case ${OS} in
            # Only match one value
            "Linux")
                LogText "Found Linux"
                Display --indent 2 --text "OS: Linux" --result "${STATUS_OK}" --color GREEN
            ;;
            # Matching several platforms
            "FreeBSD" | "NetBSD" | "OpenBSD")
                LogText "Found an operating system based on BSD"
                Display --indent 2 --text "OS: *BSD" --result "${STATUS_OK}" --color GREEN
            ;;
            # Catch-all for unknown values
            *)
                LogText "Did find another operating system"
            ;;
        esac

        # Show a warning on screen and in the report. We can specify a detail and how to solve it.
        ReportWarning "${TEST_NO}" "Something was wrong and should be fixed" "/etc/motd" "text:Change your motd"
        ReportSuggestion "${TEST_NO}" "Check if this process is running" "apache" "url:https://cisofy.com/support/"
    fi
#
#################################################################################
#
    # Add a new section to screen output
    InsertSection "Other Tests"
#
#################################################################################
#
    # First check if OPENSSLBINARY is known as a prerequisite for this test.
    if [ ! "${OPENSSLBINARY}" = "" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi
    Register --test-no CUST-0002 --preqs-met ${PREQS_MET} --weight M --network NO --description "Description of custom test"
    if [ ${SKIPTEST} -eq 0 ]; then
        FOUNDPROBLEM=0
        DIR="/my/path"
        LogText "Test: we are going to check if we can find a particular directory (${DIR})"
        # Check if a directory exists
        if [ -d ${DIR} ]; then
            LogText "Result: log entry for easier debugging or additional information"
          else
            FOUNDPROBLEM=1
            LogText "Result: directory ${DIR} was not found!"
            ReportWarning "${TEST_NO}" "This is a test warning line" "${DIR}" "text:Create directory ${DIR}"
        fi

        if [ ${FOUNDPROBLEM} -eq 0 ]; then
            Display --indent 2 --text "- Checking if everything is OK..." --result "${STATUS_OK}" --color GREEN
          else
            Display --indent 2 --text "- Checking if everything is OK..." --result "${STATUS_WARNING}" --color RED
            ReportSuggestion ${TEST_NO} "This is a suggestion"
        fi
    fi
#
#################################################################################
#

# Wait for keypress (unless --quick is being used)
WaitForKeyPress

#
#================================================================================
# Lynis - Security Auditing and System Hardening for Linux and UNIX - https://cisofy.com
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-03 00:53:13 +0300