/usr/share/lynis/include/tests_custom.template is in lynis 2.1.1-1.
This file is owned by root:root, with mode 0o600.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 | #!/bin/sh
#################################################################################
#
# Lynis
# ------------------
#
# Copyright 2007-2015, Michael Boelen, CISOfy (michael.boelen@cisofy.com)
# Web site: https://cisofy.com
#
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
# welcome to redistribute it under the terms of the GNU General Public License.
# See LICENSE file for usage of this software.
#
#################################################################################
#
# Here you could insert your own custom checks
#
# Tips:
# - Make sure to use each test ID only once in Register function
# - Use big steps in numbering, so you can easily put tests in between
# - Want to improve Lynis? Share your checks!
#
#################################################################################
#
# This has already been inserted, but you might reuse it to split your tests
# InsertSection "Custom Checks"
#
#################################################################################
#
# Test : CUST-0010
# Author : Your name <e-mail address>
# Description : Check for something interesting - template
# Notes : This test first checks if OpenSSL binary was found
# * Prerequisites Check
# -----------------------
#
# Check first if any dependency. If it doesn't meet, the test will be skipped after registration (SKIPTEST == 1)
#
# Examples:
# -f /etc/file = Test if file exists
# -d /var/run/mydirectory = Test if directory exists
# ${MYVARIABLE} -eq 1 = Test if variable is set to 1
# "${MYVARIABLE}" = "Value" = Test if variable is equal to specific value
if [ -f /etc/myfile ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi
# * Registration of Test
# ------------------------
#
# Register the test, with custom ID CUST-0010, and only execute it when the prerequisites were met
Register --test-no CUST-0010 --preqs-met ${PREQS_MET} --weight L --network NO --description "Description of what this test does"
# Or we could use this test without any dependencies
# Register --test-no CUST-0010 --weight L --network NO --description "Description of what this test does"
# If everything is fine, perform test
if [ ${SKIPTEST} -eq 0 ]; then
FOUND=0
logtext "Test: checking something"
if [ ${FOUND} -eq 0 ]; then
Display --indent 4 --text "- Performing custom test" --result OK --color GREEN
logtext "Result: the test result looks great!"
# Optional: create a suggestion after a specific finding
#ReportSuggestion "${TEST_NO}" "This is my suggestion to improve the system even further."
else
Display --indent 4 --text "- Performing custom test" --result WARNING --color RED
logtext "Result: this test had a bad result :("
# Throw a warning to the screen and report
ReportWarning ${TEST_NO} "M" "This is a warning message"
fi
fi
#
#################################################################################
#
wait_for_keypress
#
#================================================================================
# Lynis - Copyright 2007-2015, Michael Boelen, CISOfy - https://cisofy.com
|