"Fossies" - the Fresh Open Source Software Archive

Member "lynis/include/consts" (22 Jul 2021, 11012 Bytes) of package /linux/misc/lynis-3.0.6.tar.gz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) Bash source code syntax highlighting (style: standard) with prefixed line numbers and code folding option. Alternatively you can here view or download the uninterpreted source code file. See also the latest Fossies "Diffs" side-by-side code changes report for "consts": 3.0.5_vs_3.0.6.

    1 #!/bin/sh
    2 
    3 #################################################################################
    4 #
    5 #   Lynis
    6 # ------------------
    7 #
    8 # Copyright 2007-2013, Michael Boelen
    9 # Copyright 2007-2021, CISOfy
   10 #
   11 # Website  : https://cisofy.com
   12 # Blog     : http://linux-audit.com
   13 # GitHub   : https://github.com/CISOfy/lynis
   14 #
   15 # Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
   16 # welcome to redistribute it under the terms of the GNU General Public License.
   17 # See LICENSE file for usage of this software.
   18 #
   19 #################################################################################
   20 #
   21 # Consts
   22 #
   23 #################################################################################
   24 #
   25 
   26 # Paths where system and program binaries are typically located
   27 BIN_PATHS="/bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin \
   28           /usr/local/libexec /usr/libexec \
   29           /usr/sfw/bin /usr/sfw/sbin /usr/sfw/libexec \
   30           /opt/sfw/bin /opt/sfw/sbin /opt/sfw/libexec \
   31           /usr/xpg4/bin /usr/css/bin /usr/ucb /usr/X11R6/bin /usr/X11R7/bin \
   32           /usr/pkg/bin /usr/pkg/sbin /usr/gnu/bin"
   33 
   34 ETC_PATHS="/etc /usr/local/etc"
   35 
   36 #
   37 #################################################################################
   38 #
   39 # Initialize defaults
   40 #
   41 #################################################################################
   42 #
   43 # == Variable initializing ==
   44 #
   45     APTBINARY=""
   46     ARCH_AUDIT_BINARY=""
   47     AUDITORNAME=""
   48     AUDITCTLBINARY=""
   49     AUDITDBINARY=""
   50     AUTH_FAILED_LOGINS_LOGGED=0
   51     AUTH_UNLOCK_TIME=-1
   52     PROFILE=""
   53     REPORTFILE=""
   54     AFICKBINARY=""
   55     AIDEBINARY=""
   56     AASTATUSBINARY=""
   57     AUDITD_RUNNING=0
   58     APPLICATION_FIREWALL_ACTIVE=0
   59     BINARY_SCAN_FINISHED=0
   60     BLKIDBINARY=""
   61     BOOTCTLBINARY=""
   62     CAT_BINARY=""
   63     CCBINARY=""
   64     CFAGENTBINARY=""
   65     CHECK=0
   66     CHECK_BINARIES=1
   67     CHECK_OPTION_ARRAY=""
   68     CHKROOTKITBINARY=""
   69     CHKCONFIGBINARY=""
   70     CLAMCONF_BINARY=""
   71     CLAMSCANBINARY=""
   72     CLANGBINARY=""
   73     CMDBINARY=""
   74     COLORS=1
   75     COMPLIANCE_ENABLE_CIS=0
   76     COMPLIANCE_ENABLE_HIPAA=0
   77     COMPLIANCE_ENABLE_ISO27001=0
   78     COMPLIANCE_ENABLE_PCI_DSS=0
   79     COMPLIANCE_TESTS_PERFORMED=0
   80     COMPLIANCE_FINDINGS_FOUND=0
   81     COMPRESSED_UPLOADS=0
   82     CONTROL_URL_APPEND=""
   83     CONTROL_URL_PREPEND=""
   84     CONTROL_URL_PROTOCOL=""
   85     CONTAINER_TYPE=""
   86     CREATE_REPORT_FILE=1
   87     CRYPTSETUPBINARY=""
   88     CSUMBINARY=""
   89     CURRENT_TS=0
   90     CUSTOM_URL_APPEND=""
   91     CUSTOM_URL_PREPEND=""
   92     CUSTOM_URL_PROTOCOL=""
   93     CUTBINARY=""
   94     DATABASE_ENGINE_RUNNING=0
   95     DB2_RUNNING=0
   96     DBUSDAEMONBINARY=""
   97     DEBSECANBINARY=""
   98     DEBSUMSBINARY=""
   99     DEVELOPER_MODE=0
  100     DEVOPS_MODE=0
  101     DIGBINARY=""
  102     DISABLED_PLUGINS=""
  103     DISCOVERED_BINARIES=""
  104     DMIDECODEBINARY=""
  105     DNFBINARY=""
  106     DNSDOMAINNAMEBINARY=""
  107     DOCKERBINARY=""
  108     DOCKER_DAEMON_RUNNING=0
  109     DPKGBINARY=""
  110     ECHOCMD=""
  111     ERROR_ON_WARNINGS=0
  112     EQUERYBINARY=""
  113     EVMCTLBINARY=""
  114     EXIMBINARY=""
  115     FAIL2BANBINARY=""
  116     FILEBINARY=""
  117     FILEVALUE=""
  118     FIND=""
  119     FIREWALL_ACTIVE=0
  120     FOUNDPATH=0
  121     FORENSICS_MODE=0
  122     GCCBINARY=""
  123     GETENT_BINARY=""
  124     GRADMBINARY=""
  125     GREPBINARY="grep"
  126     GROUP_NAME=""
  127     GRPCKBINARY=""
  128     GRSEC_FOUND=0
  129     GRUBCONFFILE=""
  130     GRUB2INSTALLBINARY=""
  131     HAS_PACKAGE_MANAGER=0
  132     HAS_SYSTEMD=0
  133     HEADBINARY=""
  134     HELPER=""
  135     HOSTID=""
  136     HOSTID_GEN="unknown"
  137     HOSTID2=""
  138     HOSTID2_GEN="unknown"
  139     HTTPDBINARY=""
  140     IDS_IPS_TOOL_FOUND=0
  141     IFCONFIGBINARY=""
  142     INTEGRITYSETUPBINARY=""
  143     IPBINARY=""
  144     IPFBINARY=""
  145     IPTABLESBINARY=""
  146     JOURNALCTLBINARY=""
  147     KLDSTATBINARY=""
  148     LAUNCHCTL_BINARY=""
  149     LDAP_CLIENT_CONFIG_FILE=""
  150     LICENSE_KEY=""
  151     LICENSE_SERVER=""
  152     LINUX_VERSION=""
  153     LINUX_VERSION_LIKE=""
  154     LINUXCONFIGFILE=""
  155     LMDBINARY=""
  156     LMDFOUND=0
  157     LOCATEBINARY=""
  158     LOGFILE=""
  159     LOGDIR=""
  160     LOGROTATEBINARY=""
  161     LOGTEXT=1
  162     LSBLKBINARY=""
  163     LSMODBINARY=""
  164     LSOFBINARY=""
  165     LSOF_EXTRA_OPTIONS=""
  166     LSVGBINARY=""
  167     LYNIS_CRONJOB=""
  168     MACHINEID=""
  169     MACHINE_ROLE=""
  170     MALWARE_SCANNER_INSTALLED=0
  171     MIN_PASSWORD_LENGTH=-1
  172     MONGODB_RUNNING=0
  173     MOUNTBINARY=""
  174     MTREEBINARY=""
  175     MYSQLCLIENTBINARY=""
  176     MYSQL_RUNNING=0
  177     N_PLUGIN=0
  178     N_PLUGIN_ENABLED=0
  179     NAME_CACHE_USED=0
  180     NETWORK_INTERFACES=""
  181     NFTBINARY=""
  182     NGINX_ACCESS_LOG_DISABLED=0
  183     NGINX_ACCESS_LOG_MISSING=0
  184     NGINX_ALIAS_FOUND=0
  185     NGINX_ALLOW_FOUND=0
  186     NGINX_DENY_FOUND=0
  187     NGINX_ERROR_LOG_DEBUG=0
  188     NGINX_ERROR_LOG_MISSING=0
  189     NGINX_EVENTS_COUNTER=0
  190     NGINX_EXPIRES_FOUND=0
  191     NGINX_FASTCGI_FOUND=0
  192     NGINX_FASTCGI_PARAMS_FOUND=0
  193     NGINX_FASTCGI_PASS_FOUND=0
  194     NGINX_HTTP_COUNTER=0
  195     NGINX_LISTEN_FOUND=0
  196     NGINX_LOCATION_COUNTER=0
  197     NGINX_LOCATION_FOUND=0
  198     NGINX_SERVER_COUNTER=0
  199     NGINX_SSL_CIPHERS=0
  200     NGINX_SSL_ON=0
  201     NGINX_SSL_PREFER_SERVER_CIPHERS=0
  202     NGINX_SSL_PROTOCOLS=0
  203     NGINX_RETURN_FOUND=0
  204     NGINX_ROOT_FOUND=0
  205     NGINX_WEAK_SSL_PROTOCOL_FOUND=0
  206     NTPCTLBINARY=""
  207     NTPD_ROLE=""
  208     NTPQBINARY=""
  209     OPENSSLBINARY=""
  210     OPTION_DEBIAN_SKIP_SECURITY_REPOSITORY=0
  211     OPTIONS_CONN_MAX_WAIT_STATE=""
  212     ORACLE_RUNNING=0
  213     OS=""
  214     OS_KERNELVERSION=""
  215     OS_KERNELVERSION_FULL=""
  216     OS_MODE=""
  217     OS_REDHAT_OR_CLONE=0
  218     OSIRISBINARY=""
  219     PACMANBINARY=""
  220     PAM_PASSWORD_PWHISTORY_AMOUNT=""
  221     PASSWORD_MAXIMUM_DAYS=-1
  222     PASSWORD_MINIMUM_DAYS=-1
  223     PAM_2F_AUTH_ENABLED=0
  224     PAM_2F_AUTH_REQUIRED=0
  225     PAM_AUTH_BRUTE_FORCE_PROTECTION=0
  226     PAM_PASSWORD_HISTORY_AMOUNT=0
  227     PAM_PASSWORD_HISTORY_ENABLED=0
  228     PAM_PASSWORD_STRENGTH_TESTED=0
  229     PAM_PASSWORD_PWHISTORY_ENABLED=0
  230     PAM_PASSWORD_UXHISTORY_ENABLED=0
  231     PFCTLBINARY=""
  232     PFFOUND=0
  233     PGREPBINARY=""
  234     PIDFILE=""
  235     PKG_BINARY=""
  236     PKGINFOBINARY=""
  237     PKGADMINBINARY=""
  238     PLUGINDIR=""
  239     PLUGIN_PHASE=0
  240     POSTFIXBINARY=""
  241     POSTGRESQL_RUNNING=0
  242     PREVIOUS_TEST="No test ID"
  243     PREVIOUS_TS=0
  244     PROFILES=""
  245     PROFILEVALUE=""
  246     PSBINARY="ps"
  247     PSOPTIONS=""
  248     PUPPETBINARY=""
  249     QNAP_DEVICE=0
  250     READLINKBINARY=""
  251     REDIS_RUNNING=0
  252     REFRESH_REPOSITORIES=1
  253     REMOTE_LOGGING_ENABLED=0
  254     RESOLV_DOMAINNAME=""
  255     RESOLVECTLBINARY=""
  256     RKHUNTERBINARY=""
  257     ROOTDIR="/"
  258     ROOTSHBINARY=""
  259     RPCINFOBINARY=""
  260     RPMBINARY=""
  261     RUN_HELPERS=0
  262     RUN_TESTS=1
  263     RUN_UPDATE_CHECK=1
  264     SALTMASTERBINARY=""
  265     SALTMINIONBINARY=""
  266     SAMHAINBINARY=""
  267     SCAN_TEST_HEAVY=""; SCAN_TEST_MEDIUM=""; SCAN_TEST_LOW=""
  268     SEARCH_PROFILES=""
  269     SEARCH_VERSION=""
  270     SESTATUSBINARY=""
  271     SERVICE_MANAGER=""
  272     SETBINARY=""
  273     SETTINGS=""
  274     SETTINGS_FILE=""
  275     SET_STRICT=0
  276     SHA1SUMBINARY=""
  277     SHA256SUMBINARY=""
  278     SHELL_IS_BUSYBOX=0
  279     SHOWMOUNTBINARY=""
  280     SHOW_PROGRAM_DETAILS=1
  281     SHOW_REPORT=1
  282     SHOW_REPORT_SOLUTION=1
  283     SHOW_TOOL_TIPS=1                    # Show inline tool tips (default true)
  284     SHOW_WARNINGS_ONLY=0
  285     SKIP_GETHOSTID=0
  286     SKIP_PLUGINS=0
  287     SKIP_TESTS=""
  288     SKIP_VM_DETECTION=0
  289     SKIPREASON=""
  290     SKIPPED_TESTS_ROOTONLY=""
  291     SLOW_TEST_THRESHOLD=10
  292     SMTPCTLBINARY=""
  293     SNORTBINARY=""
  294     SSBINARY=""
  295     SSHKEYSCANBINARY=""
  296     SSHKEYSCANFOUND=0
  297     SSL_CERTIFICATE_INCLUDE_PACKAGES=0
  298     SSL_CERTIFICATE_PATHS=""
  299     SSL_CERTIFICATE_PATHS_TO_IGNORE=""
  300     STUNNELBINARY=""
  301     SWUPDBINARY=""
  302     SYSLOGNGBINARY=""
  303     SYSTEMCTLBINARY=""
  304     SYSTEMDANALYZEBINARY=""
  305     SYSTEM_IS_NOTEBOOK=255
  306     TEMP_FILE=""
  307     TEMP_FILES=""
  308     TEST_SKIP_ALWAYS=""
  309     TEST_AVAILABLE_CATEGORIES="performance privacy security"
  310     TEST_CATEGORY_TO_CHECK="all"
  311     TEST_GROUP_TO_CHECK="all"
  312     TESTS_EXECUTED=""
  313     TESTS_SKIPPED=""
  314     TIMEDATECTL=""
  315     TMPFILE=""
  316     TOMOYOINITBINARY=""
  317     TOOLTIP_SHOWED=0
  318     TOTAL_SUGGESTIONS=0
  319     TOTAL_WARNINGS=0
  320     TRBINARY=""
  321     TRIPWIREBINARY=""
  322     UEFI_BOOTED=0
  323     UEFI_BOOTED_SECURE=0
  324     UNAMEBINARY=""
  325     UNBOUND_RUNNING=0
  326     UNIQBINARY=""
  327     UPDATE_CHECK_SKIPPED=0
  328     UPLOAD_OPTIONS=""
  329     UPLOAD_PROXY_PORT=""
  330     UPLOAD_PROXY_PROTOCOL=""
  331     UPLOAD_PROXY_SERVER=""
  332     UPLOAD_SERVER=""
  333     UPLOAD_TOOL=""
  334     UPLOAD_TOOL_ARGS=""
  335     USBGUARDBINARY=""
  336     USBGUARD_CONFIG=""
  337     USBGUARD_ROOT=""
  338     VALUE=""
  339     VERBOSE=0
  340     VERITYSETUPBINARY=""
  341     VGDISPLAYBINARY=""
  342     VMTYPE=""
  343     VULNERABLE_PACKAGES_FOUND=0
  344     WCBINARY=""
  345     XARGSBINARY=""
  346     XBPSBINARY=""
  347     YUMBINARY=""
  348     ZYPPERBINARY=""
  349 
  350 #
  351 #################################################################################
  352 #
  353 # * Options
  354 #
  355 #################################################################################
  356 #
  357     CRONJOB=0                   # Run as a cronjob
  358     CTESTS_PERFORMED=0          # Number of tests which are performed
  359     DEBUG=0                     # Debugging mode (to screen)
  360     HPPOINTS=0                  # Number of hardening points
  361     HPTOTAL=0                   # Maximum number of hardening points
  362     LOG_INCORRECT_OS=1          # Log tests with incorrect OS
  363     NEVERBREAK=0                # Don't wait for user input
  364     QUICKMODE=1                 # Don't wait for user input
  365     QUIET=0                     # Show normal messages and warnings as well
  366     SKIPLOGTEST=0               # Skip logging for one test
  367     SKIP_UPGRADE_TEST=0         # Skip upgrade test
  368     TESTS_TO_PERFORM=""         # Which tests only to perform
  369     TEST_PAUSE_TIME=0           # Default pause time
  370     TOTAL_TESTS=0               # Total amount of tests (counter)
  371     UPLOAD_DATA=0               # Upload of data to central node
  372     VIEWHELP=0                  # Show help
  373     WRONGOPTION=0               # A wrong option is used
  374 #
  375 #################################################################################
  376 #
  377     # Installed packages and other settings
  378     COMPILER_INSTALLED=0
  379 #
  380 #################################################################################
  381 #
  382 # * Colors
  383 #
  384 # For improved display
  385 #
  386 #################################################################################
  387 #
  388 
  389     # Normal color names (BG will color background)
  390     BG_BLUE="$(printf '\033[0;44m')"
  391     CYAN="$(printf '\033[0;36m')"
  392     BLUE="$(printf '\033[0;34m')"
  393     BROWN="$(printf '\033[0;33m')"
  394     DARKGRAY="$(printf '\033[0;30m')"
  395     GRAY="$(printf '\033[0;37m')"
  396     GREEN="$(printf '\033[1;32m')"
  397     LIGHTBLUE="$(printf '\033[0;94m')"
  398     MAGENTA="$(printf '\033[1;35m')"
  399     PURPLE="$(printf '\033[0;35m')"
  400     RED="$(printf '\033[1;31m')"
  401     YELLOW="$(printf '\033[1;33m')"
  402     WHITE="$(printf '\033[1;37m')"
  403 
  404     # Special markup
  405     BOLD="${WHITE}"
  406     NORMAL="$(printf '\033[0m')"
  407 
  408     # Semantic names
  409     BG_WARNING="$(printf '\033[30;43m')"  # Yellow background with grey text
  410     HEADER="${WHITE}"
  411     WARNING="${RED}"
  412     SECTION="${YELLOW}"
  413     NOTICE="${YELLOW}"
  414     OK="${GREEN}"
  415     BAD="${RED}"
  416 
  417 #
  418 #################################################################################
  419 #
  420 
  421 #================================================================================
  422 # Lynis - Security Auditing and System Hardening for Linux and UNIX - https://cisofy.com