"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "include/tests_ports_packages" between
lynis-3.0.1.tar.gz and lynis-3.0.2.tar.gz

About: Lynis is a security and system auditing tool.

tests_ports_packages  (lynis-3.0.1):tests_ports_packages  (lynis-3.0.2)
skipping to change at line 25 skipping to change at line 25
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are # Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
# welcome to redistribute it under the terms of the GNU General Public License. # welcome to redistribute it under the terms of the GNU General Public License.
# See LICENSE file for usage of this software. # See LICENSE file for usage of this software.
# #
################################################################################ # ################################################################################ #
# #
# Ports and packages # Ports and packages
# #
################################################################################ # ################################################################################ #
# #
InsertSection "Ports and packages" InsertSection "${SECTION_PORTS_AND_PACKAGES}"
PACKAGE_MGR_PKG=0 PACKAGE_MGR_PKG=0
PACKAGE_AUDIT_TOOL="" PACKAGE_AUDIT_TOOL=""
PACKAGE_AUDIT_TOOL_FOUND=0 PACKAGE_AUDIT_TOOL_FOUND=0
PACMANCONF="${ROOTDIR}etc/pacman.conf" PACMANCONF="${ROOTDIR}etc/pacman.conf"
INSTALLED_PACKAGES="" INSTALLED_PACKAGES=""
# #
################################################################################ # ################################################################################ #
# #
Display --indent 2 --text "- Searching package managers" Display --indent 2 --text "- Searching package managers"
# #
skipping to change at line 1235 skipping to change at line 1235
# Test : PKGS-7398 # Test : PKGS-7398
# Description : Check package audit tool # Description : Check package audit tool
Register --test-no PKGS-7398 --weight L --network YES --category security -- description "Check for package audit tool" Register --test-no PKGS-7398 --weight L --network YES --category security -- description "Check for package audit tool"
if [ ${SKIPTEST} -eq 0 ]; then if [ ${SKIPTEST} -eq 0 ]; then
LogText "Test: checking for package audit tool" LogText "Test: checking for package audit tool"
if [ ${PACKAGE_AUDIT_TOOL_FOUND} -eq 0 ]; then if [ ${PACKAGE_AUDIT_TOOL_FOUND} -eq 0 ]; then
Display --indent 2 --text "- Checking package audit tool" --result " ${STATUS_NONE}" --color RED Display --indent 2 --text "- Checking package audit tool" --result " ${STATUS_NONE}" --color RED
ReportSuggestion "${TEST_NO}" "Install a package audit tool to deter mine vulnerable packages" ReportSuggestion "${TEST_NO}" "Install a package audit tool to deter mine vulnerable packages"
LogText "Result: no package audit tool found" LogText "Result: no package audit tool found"
else else
Display --indent 2 --text "- Checking package audit tool" --result I NSTALLED --color GREEN Display --indent 2 --text "- Checking package audit tool" --result " ${STATUS_INSTALLED}" --color GREEN
Display --indent 4 --text "Found: ${PACKAGE_AUDIT_TOOL}" Display --indent 4 --text "Found: ${PACKAGE_AUDIT_TOOL}"
LogText "Result: found package audit tool: ${PACKAGE_AUDIT_TOOL}" LogText "Result: found package audit tool: ${PACKAGE_AUDIT_TOOL}"
fi fi
fi fi
# #
################################################################################ # ################################################################################ #
# #
# Description : HP-UX packages # Description : HP-UX packages
# Notes : swlist -l fileset (|${GREPBINARY} patch) / print_manifest # Notes : swlist -l fileset (|${GREPBINARY} patch) / print_manifest
# #
skipping to change at line 1292 skipping to change at line 1292
else else
LogText "Result: found ${KERNELS} kernel packages on the system, which is fine" LogText "Result: found ${KERNELS} kernel packages on the system, which is fine"
fi fi
fi fi
if [ "${ZYPPERBINARY}" ]; then if [ "${ZYPPERBINARY}" ]; then
TESTED=1 TESTED=1
KERNELS=$(${ZYPPERBINARY} --non-interactive -n se --type package --m atch-exact --installed-only "kernel-default" 2> /dev/null | ${GREPBINARY} "kerne l-default" | ${WCBINARY} -l) KERNELS=$(${ZYPPERBINARY} --non-interactive -n se --type package --m atch-exact --installed-only "kernel-default" 2> /dev/null | ${GREPBINARY} "kerne l-default" | ${WCBINARY} -l)
if [ ${KERNELS} -eq 0 ]; then if [ ${KERNELS} -eq 0 ]; then
LogText "Result: found no kernels from zypper output, which is u nexpected." LogText "Result: found no kernels from zypper output, which is u nexpected."
ReportException "KRNL-5840:3" "Could not find any kernel package s via package manager. Maybe using a different kernel package?" ReportException "${TEST_NO}" "Could not find any kernel packages via package manager. Maybe using a different kernel package?"
elif [ ${KERNELS} -gt 3 ]; then elif [ ${KERNELS} -gt 3 ]; then
LogText "Result: found more than 5 kernel packages on the system , which might indicate lack of regular cleanups" LogText "Result: found more than 5 kernel packages on the system , which might indicate lack of regular cleanups"
ReportSuggestion "${TEST_NO}" "Remove any unneeded kernel packag es" ReportSuggestion "${TEST_NO}" "Remove any unneeded kernel packag es"
else else
LogText "Result: found ${KERNELS} kernel packages on the system, which is fine" LogText "Result: found ${KERNELS} kernel packages on the system, which is fine"
fi fi
fi fi
if [ ${KERNELS} -eq 0 -a ${TESTED} -eq 1 ]; then if [ ${KERNELS} -eq 0 -a ${TESTED} -eq 1 ]; then
ReportException "KRNL-5840:1" "Could not find any kernel packages vi # Only report exception if there are kernels actually there. For exa
a package manager" mple, LXC use the kernel of host system
case "${OS}" in
"Linux")
if [ -d "${ROOTDIR}boot" ]; then
if [ -z "$(${FINDBINARY} /boot -maxdepth 1 -type f -name
'vmlinuz*' -print -quit)" ]; then
ReportException "${TEST_NO}" "Could not find any ker
nel packages via package manager"
fi
fi
;;
*)
ReportException "${TEST_NO}" "Could not find any kernel pack
ages via package manager"
;;
esac
fi fi
Report "installed_kernel_packages=${KERNELS}" Report "installed_kernel_packages=${KERNELS}"
fi fi
# #
################################################################################ # ################################################################################ #
# #
# Test : PKGS-7420 # Test : PKGS-7420
# Description : Detect toolkit to automatically download and apply upgrades # Description : Detect toolkit to automatically download and apply upgrades
Register --test-no PKGS-7420 --weight L --network NO --category security --d escription "Detect toolkit to automatically download and apply upgrades" Register --test-no PKGS-7420 --weight L --network NO --category security --d escription "Detect toolkit to automatically download and apply upgrades"
 End of changes. 4 change blocks. 
5 lines changed or deleted 20 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)