Package: lynis
Version: 1.3.9-1
Severity: normal
Dear Maintainer,
I've encountered a small misconfiguration in an egrep search in a lynis
script. When checking for crontab jobs, the script tests_scheduling
checks for lines that start with [0-9], and while this is appropriate
for most cases, it misses two that may still be an issue. Both cases
involve when the crontab line starts with an '*'.
If the job in question should run every minute (so is just '*'), then
the line will be missed by the egrep test.
The second issue is if the job in question should run at a specified
interval, such as every 15 minutes. That will be specified a */15 and
will also be missed.
I've been able to fix this issue by simply adding an '*' to the
characters to be searched by egrep. (patch attached) With that simple
change, it catches both of the missed crontab lines.
Thank you for your attention to this minor issue,
Dave Vehrs
-- System Information:
Debian Release: jessie/sid
APT prefers testing-updates
APT policy: (500, 'testing-updates'), (500, 'testing'), (1,
'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.12-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
lynis depends on no packages.
Versions of packages lynis recommends:
ii menu 2.1.46
Versions of packages lynis suggests:
ii dnsutils 1:9.8.4.dfsg.P1-6+nmu3
-- no debconf information
--
Dave Vehrs dve...@gmail.com
--- tests_scheduling.orig 2014-01-19 13:29:05.389660917 -0700
+++ tests_scheduling 2014-01-19 13:30:03.382641879 -0700
@@ -32,7 +32,7 @@
if [ ${SKIPTEST} -eq 0 ]; then
FindCronJob()
{
- sCRONJOBS=`egrep '^([0-9])' $1 | tr '\t' ' ' | tr -s ' ' | tr ' ' ','`
+ sCRONJOBS=`egrep '^([0-9*])' $1 | tr '\t' ' ' | tr -s ' ' | tr ' ' ','`
}
