"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "include/tests_databases" between
lynis-3.0.5.tar.gz and lynis-3.0.6.tar.gz

About: Lynis is a security and system auditing tool.

tests_databases  (lynis-3.0.5):tests_databases  (lynis-3.0.6)
skipping to change at line 177 skipping to change at line 177
fi fi
fi fi
fi fi
# #
################################################################################ # ################################################################################ #
# #
# Test : DBS-1826 # Test : DBS-1826
# Description : Check if PostgreSQL is being used # Description : Check if PostgreSQL is being used
Register --test-no DBS-1826 --weight L --network NO --category security --de scription "Checking active PostgreSQL processes" Register --test-no DBS-1826 --weight L --network NO --category security --de scription "Checking active PostgreSQL processes"
if [ ${SKIPTEST} -eq 0 ]; then if [ ${SKIPTEST} -eq 0 ]; then
if IsRunning "postgres:"; then if IsRunning "postgres"; then
Display --indent 2 --text "- PostgreSQL processes status" --result " ${STATUS_FOUND}" --color GREEN Display --indent 2 --text "- PostgreSQL processes status" --result " ${STATUS_FOUND}" --color GREEN
LogText "Result: PostgreSQL is active" LogText "Result: PostgreSQL is active"
POSTGRESQL_RUNNING=1 POSTGRESQL_RUNNING=1
DATABASE_ENGINE_RUNNING=1 DATABASE_ENGINE_RUNNING=1
Report "postgresql_running=${POSTGRESQL_RUNNING}" Report "postgresql_running=${POSTGRESQL_RUNNING}"
else else
if [ ${DEBUG} -eq 1 ]; then Display --indent 2 --text "- PostgreSQL processes status" --result "${STATUS_NOT_FOUND}" --color WHITE --debug; fi if [ ${DEBUG} -eq 1 ]; then Display --indent 2 --text "- PostgreSQL processes status" --result "${STATUS_NOT_FOUND}" --color WHITE --debug; fi
LogText "Result: PostgreSQL process not active" LogText "Result: PostgreSQL process not active"
fi fi
fi fi
skipping to change at line 206 skipping to change at line 206
# #
# Configuration # Configuration
# Arch /var/lib/postgres/data/postgresql.conf # Arch /var/lib/postgres/data/postgresql.conf
# CentOS/Fedora /var/lib/pgsql/data/postgresql.conf # CentOS/Fedora /var/lib/pgsql/data/postgresql.conf
# Ubuntu /etc/postgresql/x.y/main/postgresql.conf # Ubuntu /etc/postgresql/x.y/main/postgresql.conf
if [ "${POSTGRESQL_RUNNING}" -eq 1 ]; then PREQS_MET="YES"; SKIPREASON=""; e lse PREQS_MET="NO"; SKIPREASON="PostgreSQL not installed or not running"; fi if [ "${POSTGRESQL_RUNNING}" -eq 1 ]; then PREQS_MET="YES"; SKIPREASON=""; e lse PREQS_MET="NO"; SKIPREASON="PostgreSQL not installed or not running"; fi
Register --test-no DBS-1828 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Test PostgreSQL configuration" Register --test-no DBS-1828 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Test PostgreSQL configuration"
if [ ${SKIPTEST} -eq 0 ]; then if [ ${SKIPTEST} -eq 0 ]; then
FIND_PATHS="${ROOTDIR}etc/postgres ${ROOTDIR}var/lib/postgres/data" FIND_PATHS="${ROOTDIR}etc/postgres ${ROOTDIR}var/lib/postgres/data ${ROO
CONFIG_FILES=$(${FINDBINARY} ${FIND_PATHS} -type f -name "postgresql.con TDIR}usr/local/pgsql/data"
f" -print0 2> /dev/null | ${TRBINARY} -cd '[:print:]\0' | ${TRBINARY} -d '\n' | CONFIG_FILES=$(${FINDBINARY} ${FIND_PATHS} -type f -name "*.conf" -print
${TRBINARY} '\0' '\n' | xargs -i sh -c 'test -r "{}" && echo "{}" | ${SEDBINARY} 0 2> /dev/null | ${TRBINARY} -cd '[:print:]\0' | ${TRBINARY} -d '\n' | ${TRBINAR
"s/ /:space:/g"') Y} '\0' '\n' | xargs -i sh -c 'test -r "{}" && echo "{}"' | ${SEDBINARY} "s/ /:s
pace:/g")
for CF in ${CONFIG_FILES}; do for CF in ${CONFIG_FILES}; do
Report "postgresql_config_file[]=${CF}" Report "postgresql_config_file[]=${CF}"
LogText "Found configuration file (${CF})" LogText "Found configuration file (${CF})"
if IsWorldReadable ${CF}; then
LogText "Result: configuration file ${CF} is world readable, thi
s might leak sensitive information!"
ReportWarning "${TEST_NO}" "PostgreSQL configuration file ${CF}
is world readable and might leak sensitive details" "${CF}" "Use chmod 600 to ch
ange file permissions"
else
LogText "Result: great, configuration file ${CF} is not world re
adable"
fi
done done
fi fi
# #
################################################################################ # ################################################################################ #
# #
# Test : DBS-1840 # Test : DBS-1840
# Description : Check if Oracle is being used # Description : Check if Oracle is being used
# Notes : tnslsnr: Oracle listener # Notes : tnslsnr: Oracle listener
# pmon: process monitor # pmon: process monitor
# smon: system monitor # smon: system monitor
 End of changes. 3 change blocks. 
6 lines changed or deleted 17 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)