include/tests_tooling


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128

#!/bin/sh

#################################################################################
#
#   Lynis
# ------------------
#
# Copyright 2007-2015, Michael Boelen (michael@rootkit.nl), The Netherlands
# Web site: http://www.rootkit.nl
#
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
# welcome to redistribute it under the terms of the GNU General Public License.
# See LICENSE file for usage of this software.
#
#################################################################################
#
    AUTOMATION_TOOL_FOUND=0
    AUTOMATION_TOOL_RUNNING=""
    BACKUP_AGENT_FOUND=0
    PUPPET_MASTER_RUNNING=0
    SALT_MASTER_RUNNING=0
    SALT_MINION_RUNNING=0
#
#################################################################################
#
    InsertSection "Software: System tooling"
#
#################################################################################
#
# Automation
#
#################################################################################
#
    # Test        : TOOL-5002
    # Description : Check if automation tools are found
    Register --test-no TOOL-5002 --weight L --network NO --description "Checking for automation tools"
    if [ ${SKIPTEST} -eq 0 ]; then

        Display --indent 2 --text "- Checking automation tooling"

        # Cfengine
        if [ ! "${CFAGENTBINARY}" = "" ]; then
            logtext "Result: Cfengine (cfagent) is installed (${CFAGENTBINARY})"
            AUTOMATION_TOOL_FOUND=1
            Display --indent 4 --text "Found: Cfengine (cfagent)" --result FOUND --color GREEN
        fi

        CHEF_LOCATIONS="/opt/chef/bin /opt/chef-server/sv /opt/chefdk/bin"
        for I in ${CHEF_LOCATIONS}; do
            if [ -d ${I} ]; then
                if [ -f ${I}/chef-client ]; then
                    CHEFCLIENTBINARY="${I}/chef-client"
                    AUTOMATION_TOOL_FOUND=1
                    Display --indent 4 --text "Found: Chef client (chef-client)" --result FOUND --color GREEN
                    logtext "Result: found chef-client (chef client daemon) in ${I}"
                fi
                if [ -f ${I}/erchef ]; then
                    CHEFSERVERBINARY="${I}/erchef"
                    logtext "Result: Chef Server (erchef) is installed (${CHEFSERVERBINARY})"
                    AUTOMATION_TOOL_FOUND=1
                    Display --indent 4 --text "Found: Chef Server (erchef)" --result FOUND --color GREEN
                    logtext "Result: found erchef (chef server daemon) in ${I}"
                fi
            fi
        done

        # Puppet
        if [ ! "${PUPPETBINARY}" = "" ]; then
            logtext "Result: Puppet is installed (${PUPPETBINARY})"
            AUTOMATION_TOOL_FOUND=1
            Display --indent 4 --text "Found: Puppet (agent)" --result FOUND --color GREEN
        fi
        IsRunning "puppet master"
        if [ ${RUNNING} -eq 1 ]; then
            logtext "Result: found puppet master"
            PUPPET_MASTER_RUNNING=1
            report "automation_tool_running[]=puppet"
            Display --indent 4 --text "Found: Puppet (master)" --result FOUND --color GREEN
        fi

        # SaltStack
        if [ ! "${SALTMINIONBINARY}" = "" ]; then
            logtext "Result: SaltStack (salt-minion) is installed (${SALTMINIONBINARY})"
            AUTOMATION_TOOL_FOUND=1
            SALT_MINION_RUNNING=1
            Display --indent 4 --text "Found: SaltStack minion (salt-minion)" --result FOUND --color GREEN
        fi
        if [ ! "${SALTMASTERBINARY}" = "" ]; then
            logtext "Result: SaltStack (salt-master) is installed (${SALTMASTERBINARY})"
            AUTOMATION_TOOL_FOUND=1
            Display --indent 4 --text "Found: SaltStack master (salt-master)" --result FOUND --color GREEN
        fi
        IsRunning "salt-master"
        if [ ${RUNNING} -eq 1 ]; then
            logtext "Result: found SaltStack (master)"
            SALT_MASTER_RUNNING=1
            report "automation_tool_running[]=saltstack-master"
            Display --indent 4 --text "Found: SaltStack (master)" --result FOUND --color GREEN
        fi

        if [ ${AUTOMATION_TOOL_FOUND} -eq 1 ]; then
            Display --indent 2 --text "- Automation tooling" --result FOUND --color GREEN
          else
            Display --indent 2 --text "- Automation tooling" --result "NOT FOUND" --color YELLOW
            ReportSuggestion ${TEST_NO} "Determine if automation tools are present for system management"
        fi
    fi
#
#################################################################################
#
# Backup tools
#
#################################################################################
#
    # Netvault
    # Rsync in cron
#
#################################################################################
#
    report "puppet_master=${PUPPET_MASTER_RUNNING}"
    report "salt_master=${SALT_MASTER_RUNNING}"
    report "salt_minion=${SALT_MINION_RUNNING}"


    wait_for_keypress
#
#================================================================================
# Lynis - Copyright 2007-2015, CISOfy - https://cisofy.com