LogoopenSUSE Build Service > Projects
Sign Up | Log In

View File seccheck-3.0-fix-bashisms.patch of Package seccheck (Project home:Ledest:bashisms)

Index: seccheck-3.0/autologout.sh
===================================================================
--- seccheck-3.0.orig/autologout.sh
+++ seccheck-3.0/autologout.sh
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/bash
 #
 # Small shellscript by Alexander Bergmann <abergmann@suse.com> which checks 
 # for idle user terminals and kills them where applicable. Parameters can be
Index: seccheck-3.0/helper.inc
===================================================================
--- seccheck-3.0.orig/helper.inc
+++ seccheck-3.0/helper.inc
@@ -2,22 +2,22 @@
 # functions used by all modules
 #
 # param: prefix for filename
-function set_tmpdir () {
+set_tmpdir () {
     TMPDIR=`/bin/mktemp -d /tmp/$1.XXXXXX` || exit 1
 }
 
-function run_sysconfig_seccheck () {
+run_sysconfig_seccheck () {
     test -e /etc/sysconfig/seccheck && . /etc/sysconfig/seccheck
 }
 
-function syntax () {
+syntax () {
     /bin/echo "Syntax: $0 "'daily|weekly|monthly'
     exit 1
 }
 
 
 # set which mailer should be used
-function set_mailer () {
+set_mailer () {
     test -z "$MAILER" && test -x "/usr/sbin/sendmail" && MAILER="/usr/sbin/sendmail"
     test -z "$MAILER" && test -x "/usr/bin/mailx" && MAILER="/usr/bin/mailx"
     test -z "$MAILER" && test -x "/usr/lib/sendmail" && MAILER="/usr/lib/sendmail"
@@ -26,7 +26,7 @@ function set_mailer () {
 }
 
 # create necessary directories
-function create_secdir () {
+create_secdir () {
    
     if [ ! -d "$SEC_VAR" ]; then
         rm -rf "$SEC_VAR"
@@ -43,14 +43,14 @@ function create_secdir () {
 # param a username
 # template engine to substitute a variable in a text and prepare it
 # to be sent per email
-function guessable_password_email {
+guessable_password_email () {
     ret_tmpl=`sed "s/{guessable_account}/$1/" blurbs/guessable_passwd.txt`
     echo $ret_tmpl
 }
 
 # those files are needed 
 # param $1 = SEC_DATA, normally /var/lib/seccheck/data
-function initialize_secfiles () {
+initialize_secfiles () {
     for i in "rpm-md5" "sbit" "write" "devices" "write-bin"; do
         if [ ! -e "$1/$i" ] ; then
             touch "$1/$i"
@@ -61,7 +61,7 @@ function initialize_secfiles () {
 # daily changes per email
 # params
 # OLD1, OUT1
-function send_daily_changes () {
+send_daily_changes () {
     local old1=$1
     local out1=$2
     
@@ -88,13 +88,14 @@ EOF
 # use john the ripper to check guessable passwords
 # if you pass "quick" as argument it will simple try to find easy 
 # guessable passwords. otherwise it will use a dictionary
-function check_guessable_passwords () {
+check_guessable_passwords () {
 
-    if type -p john >/dev/null && type -p unshadow >/dev/null ; then
+    if type john >/dev/null 2>&1 && type unshadow >/dev/null 2>&1; then
         # Copy passwd file. Use unique name to avoid races when john takes very long
         SEC_PASSWD="$SEC_VAR/passwd.$$"
         OUT="$TMPDIR/security.out" # random name please
-        echo -e '\nComplete list of user accounts with guessable passwords:'
+        echo
+        echo "Complete list of user accounts with guessable passwords:"
         unshadow /etc/passwd /etc/shadow > $SEC_PASSWD
         if [ "$1" != "quick" ]; then
             nice -n 1 john -single "$SEC_PASSWD" 1> /dev/null 2>&1
@@ -119,7 +120,7 @@ function check_guessable_passwords () {
 
 
 # param mount points
-function check_new_devices () {
+check_new_devices () {
     mnt_point=$1
     local output_file=`mktemp -t new_devices.XXXX` # TEMPDIR is set but not exported.. does it work?
     # warning: bug #51004 ls output depends on root's locale and may be less
@@ -135,7 +136,7 @@ function check_new_devices () {
 }
 
 # check md5sum from files
-function check_md5 () {
+check_md5 () {
     local output_file=`mktemp -t md5.XXXX` # TEMPDIR is set but not exported.. does it work?
     nice -n 1 rpm -Va 2> /dev/null | grep '^5' > "$SEC_DATA/rpm-md5.new"
     diff -uw "$SEC_DATA/rpm-md5" "$SEC_DATA/rpm-md5.new" | \
@@ -148,7 +149,7 @@ function check_md5 () {
     rm -f "$output_file"
 }
 
-function display_programs_with_bound_sockets () {
+display_programs_with_bound_sockets () {
     if [ -x /usr/bin/lsof ]; then
         printf "\nThe following programs have got bound sockets:\n"
         /usr/bin/lsof -i -n -P | egrep 'UDP|TCP.*LISTEN' | sed 's/....[0-9]u  IP.*     /   /' | 
@@ -159,7 +160,7 @@ function display_programs_with_bound_soc
 
 }
 
-function nfs_mounted_with_missing_nosuid () {
+nfs_mounted_with_missing_nosuid () {
     local output_file=`mktemp -t mounted_with_missing_nosuid.XXXX` # TEMPDIR is set but not exported.. does it work?
     /bin/mount | /usr/bin/grep -v nosuid | /usr/bin/grep ' nfs ' |sort > $output_file
     if [ -s "$output_file" ] ; then
@@ -169,7 +170,7 @@ function nfs_mounted_with_missing_nosuid
     rm -f "$output_file"
 }
 
-function list_loaded_kernel_modules () {
+list_loaded_kernel_modules () {
     local output_file=`mktemp -t loaded_kernel_modules.XXXX` # TEMPDIR is set but not exported.. does it work?
     test -e /proc/modules && { 
         lsmod 2> /dev/null | grep -v '^Module .* Used by$' | awk '{print$1}' | sort > $output_file
@@ -182,7 +183,7 @@ function list_loaded_kernel_modules () {
 }
 
 
-function check_for_globally_exported_fs () {
+check_for_globally_exported_fs () {
 
     local output_file=`mktemp -t globally_exported_fs.XXXX` # TEMPDIR is set but not exported.. does it work?
 
Index: seccheck-3.0/security-control.sh
===================================================================
--- seccheck-3.0.orig/security-control.sh
+++ seccheck-3.0/security-control.sh
@@ -9,7 +9,7 @@ VERSION="v3.0"
 MY_DIR=$(dirname $(readlink -f $0))
 . $MY_DIR/basic.inc
 
-source $MY_DIR/helper.inc
+. $MY_DIR/helper.inc
 
 run_sysconfig_seccheck
 
Index: seccheck-3.0/security_daily_helper.inc
===================================================================
--- seccheck-3.0.orig/security_daily_helper.inc
+++ seccheck-3.0/security_daily_helper.inc
@@ -1,5 +1,5 @@
 # tests specific for security-daily.sh
-function check_mailboxes_owned_by_user_and_unreadable () {
+check_mailboxes_owned_by_user_and_unreadable () {
     local output_file=`mktemp -t globally_exported_fs.XXXX` # TEMPDIR is set but not exported.. does it work?
     ls -cl /var/spool/mail | sed 1d | \
     awk '$3 != $9 \
@@ -16,12 +16,12 @@ function check_mailboxes_owned_by_user_a
 # params
 # $1 the sysctl param
 # $2 the returned value expected
-function check_specifics_sysctl_helper () {
+check_specifics_sysctl_helper () {
     test `cat "$SEC_DATA/sysctl" | grep "$1"  | cut -f2 -d'='` -eq "$2"
 }
 
 # some specific security sysctl parameters
-function check_specifics_sysctl () {
+check_specifics_sysctl () {
     
     if [ ! -e "$SEC_DATA/sysctl" ]; then
         /usr/sbin/sysctl -a > "$SEC_DATA/sysctl"
@@ -33,7 +33,7 @@ function check_specifics_sysctl () {
     check_specifics_sysctl_helper "net.ipv4.conf.all.rp_filter" 1 || printf "\nnet.ipv4.conf.all.rp_filter\n is disabled"
 }
 
-function check_systemd_services() {
+check_systemd_services() {
     local output_file=`mktemp -t check_systemd_services.XXXX` # TEMPDIR is set but not exported.. does it work?
     /usr/bin/systemctl list-unit-files --type=service > "$SEC_DATA/systemd_services.new"
     diff -uw "$SEC_DATA/systemd_services" "$SEC_DATA/systemd_services.new" |egrep -v '^\+\+\+ |^--- |^$|^@@' | sed 's/^[+-]/& /' > "$output_file"
@@ -45,14 +45,14 @@ function check_systemd_services() {
     rm -f "$output_file"
 }
 
-function check_sysctl () {
+check_sysctl () {
     local output_file=`mktemp -t check_sysctl.XXXX` # TEMPDIR is set but not exported.. does it work?
     /usr/sbin/sysctl -a > "$SEC_DATA/sysctl.new"
     cat "$SEC_DATA/sysctl.new"
     mv "$SEC_DATA/sysctl.new" "$SEC_DATA/sysctl"
 }
 
-function check_xinetd_services () {
+check_xinetd_services () {
      local output_file=`mktemp -t check_xinetd_services.XXXX` # TEMPDIR is set but not exported.. does it work?
      /sbin/chkconfig --list 2> /dev/null | awk '/xinetd based services/,/""/' | grep -v off > "$SEC_DATA/xinetd.new"
      diff -uw "$SEC_DATA/xinetd" "$SEC_DATA/xinetd.new" |egrep -v '^\+\+\+ |^--- |^$|^@@' | sed 's/^[+-]/& /' > "$output_file"
@@ -64,13 +64,13 @@ function check_xinetd_services () {
      rm -f "$output_file"
 }
 
-function check_ASLR_enabled () {
+check_ASLR_enabled () {
     if test `cat /proc/sys/kernel/randomize_va_space` -ne 2; then
         printf "ASLR isnt enable. By default its enabled.\n"
     fi
 }
 
-function check_leak_kernel_internal_addresses () {
+check_leak_kernel_internal_addresses () {
     if test `cat /proc/sys/kernel/kptr_restrict` -ne 1; then
         printf "/proc/sys/kernel/kptr_restrict should be 1.\n"
     fi
@@ -82,7 +82,7 @@ function check_leak_kernel_internal_addr
 }
 
 # promisc check to catch all cases even from other hosts if
-function check_promisc () {
+check_promisc () {
     # new promisc check
     # rewrite of promisc check to catch all cases even from other hosts if
     # script runs on a central syslog host. Thomas Biege <thomas@suse.de>
@@ -117,7 +117,7 @@ function check_promisc () {
 }
 
 # .rhosts check
-function check_rhosts () {
+check_rhosts () {
     local output_file=`mktemp -t check_rhosts.XXXX` # TEMPDIR is set but not exported.. does it work?
     awk -F: '{ print $1 " " $6 }' /etc/passwd |
     while read uid homedir; do
@@ -141,7 +141,7 @@ function check_rhosts () {
 }
 
 # executables should not be in the /etc/aliases file.
-function no_exec_in_etcaliases () {
+no_exec_in_etcaliases () {
     if [ -s /etc/aliases ]; then
         local output_file=`mktemp -t no_exec_in_etcaliases.XXXX` # TEMPDIR is set but not exported.. does it work?
         grep -v '^#' /etc/aliases | grep '|' > $output_file
@@ -156,7 +156,7 @@ function no_exec_in_etcaliases () {
 }
 
 # it doesnt save it to a file like the others.. why?
-function check_no_plus () {
+check_no_plus () {
     local output_file=`mktemp -t check_no_plus.XXXX` # TEMPDIR is set but not exported.. does it work?
     list="/etc/hosts.equiv /etc/shosts.equiv /etc/hosts.lpd"
     for f in $list ; do
@@ -172,7 +172,7 @@ function check_no_plus () {
 }
 
 # Check home directories.  Directories should not be owned by someone else
-function check_home_directories_owners () {
+check_home_directories_owners () {
     local output_file=`mktemp -t home_directories_owners.XXXX` # TEMPDIR is set but not exported.. does it work?
     awk -F: '/^[^+-]/ { print $1 " " $6 }' /etc/passwd | \
     while read uid homedir; do
@@ -195,7 +195,7 @@ function check_home_directories_owners (
 }
 
 # Files that should not be owned by someone else or writeable.
-function check_special_files_owner () {
+check_special_files_owner () {
     output_file=`mktemp -t specia_files_owner.XXXX` # TEMPDIR is set but not exported.. does it work?
     list=".bashrc .bash_profile .bash_login .bash_logout .cshrc .emacs .exrc \
     .forward .klogin .login .logout .profile .tcshrc .fvwmrc .inputrc .kshrc \
@@ -225,7 +225,7 @@ function check_special_files_owner () {
 }
 
 # checking root's login scrips for secure path and umask
-function check_root_login_scripts () {
+check_root_login_scripts () {
     local output_file=`mktemp -t check_root_login_scripts.0.XXXX` # TEMPDIR is set but not exported.. does it work?
     local tmp_file1=`mktemp -t check_root_login_scripts.1.XXXX` # TEMPDIR is set but not exported.. does it work?
     local tmp_file2=`mktemp -t check_root_login_scripts.2.XXXX` # TEMPDIR is set but not exported.. does it work?
Index: seccheck-3.0/security-daily.sh
===================================================================
--- seccheck-3.0.orig/security-daily.sh
+++ seccheck-3.0/security-daily.sh
@@ -12,9 +12,9 @@
 MY_DIR=$(dirname $(readlink -f $0))
 . $MY_DIR/basic.inc
 
-source $MY_DIR/helper.inc
-source $MY_DIR/security_daily_helper.inc
-source $MY_DIR/user_group_password_helper.inc
+. $MY_DIR/helper.inc
+. $MY_DIR/security_daily_helper.inc
+. $MY_DIR/user_group_password_helper.inc
 
 set_tmpdir "security-daily.sh"
 
Index: seccheck-3.0/security-monthly.sh
===================================================================
--- seccheck-3.0.orig/security-monthly.sh
+++ seccheck-3.0/security-monthly.sh
@@ -8,7 +8,7 @@
 MY_DIR=$(dirname $(readlink -f $0))
 . $MY_DIR/basic.inc
 
-source $MY_DIR/helper.inc
+. $MY_DIR/helper.inc
 
 run_sysconfig_seccheck
 
@@ -35,28 +35,36 @@ fi
 #    fi
 #done
 
-echo -e '\nNOTE: have you checked http://www.novell.com/products/security.html for security updates?!\n'
+echo '
+NOTE: have you checked http://www.novell.com/products/security.html for security updates?!
+'
 
 cat "$OLD1"
 
 check_guessable_passwords "quick"
 
-echo -e '\nComplete list of unused user accounts which have a password assigned:'
+echo "
+Complete list of unused user accounts which have a password assigned:"
 $SEC_BIN/checkneverlogin
 
-echo -e '\nComplete list of writeable and executeable programs:'
+echo "
+Complete list of writeable and executeable programs:"
 cat "$SEC_DATA/write-bin"
 
-echo -e '\nComplete list of suid/sgid files:'
+echo "
+Complete list of suid/sgid files:"
 cat "$SEC_DATA/sbit"
 
-echo -e '\nComplete list of world writeable files:'
+echo "
+Complete list of world writeable files:"
 cat "$SEC_DATA/write"
 
-echo -e '\nComplete list of all changed installed packages:'
+echo "
+Complete list of all changed installed packages:"
 cat "$SEC_DATA/rpm-md5"
 
-echo -e '\nComplete list of (char/block) devices:'
+echo "
+Complete list of (char/block) devices:"
 cat "$SEC_DATA/devices"
 
 exit 0
Index: seccheck-3.0/security_weekly_helper.inc
===================================================================
--- seccheck-3.0.orig/security_weekly_helper.inc
+++ seccheck-3.0/security_weekly_helper.inc
@@ -1,5 +1,5 @@
 # param mount points
-function check_suid_sgid () {
+check_suid_sgid () {
     mnt_point=$1
     local output_file=`mktemp -t suid_sgid.XXXX` # TEMPDIR is set but not exported.. does it work?
     ( nice -n 1 find $mnt_point -mount \( -perm -04000 -o -perm -02000 \) -type f | sort | \
@@ -14,7 +14,7 @@ function check_suid_sgid () {
 }
 
 # param mount points
-function check_writable_executable () {
+check_writable_executable () {
     mnt_point=$1
     local output_file=`mktemp -t writable_executable.XXXX` # TEMPDIR is set but not exported.. does it work?
     ( nice -n 1 find $mnt_point -mount \( -perm -30 -o -perm -3 \) -type f | sort | \
@@ -30,7 +30,7 @@ function check_writable_executable () {
 }
 
 # param mount points
-function check_world_writable () {
+check_world_writable () {
     mnt_point=$1
     local output_file=`mktemp -t world_writable.XXXX` # TEMPDIR is set but not exported.. does it work?
     ( nice -n 1 find $mnt_point -mount -perm -2 \( -type f -o -type d \) -not -perm -01000 | sort > "$SEC_DATA/write.new" ) 2> /dev/null
@@ -46,7 +46,7 @@ function check_world_writable () {
 
 # params 
 # $1 = directory for checkneverlogin
-function check_neverlogin () {
+check_neverlogin () {
     bin_path=$1
     # 
     local output_file=`mktemp -t neverlogin.XXXX` # TEMPDIR is set but not exported.. does it work?
Index: seccheck-3.0/security-weekly.sh
===================================================================
--- seccheck-3.0.orig/security-weekly.sh
+++ seccheck-3.0/security-weekly.sh
@@ -15,9 +15,9 @@
 MY_DIR=$(dirname $(readlink -f $0))
 . $MY_DIR/basic.inc
 
-source $MY_DIR/helper.inc
-source $MY_DIR/security_weekly_helper.inc
-source $MY_DIR/user_group_password_helper.inc
+. $MY_DIR/helper.inc
+. $MY_DIR/security_weekly_helper.inc
+. $MY_DIR/user_group_password_helper.inc
 
 
 
Index: seccheck-3.0/user_group_password_helper.inc
===================================================================
--- seccheck-3.0.orig/user_group_password_helper.inc
+++ seccheck-3.0/user_group_password_helper.inc
@@ -1,6 +1,6 @@
 # user,group and password related functions
 
-function check_passwd () {
+check_passwd () {
 
     local output_file=`mktemp -t check_passwd.XXXX` # TEMPDIR is set but not exported.. does it work?
     # /etc/passwd check
@@ -50,7 +50,8 @@ function check_passwd () {
     awk -F: '{ print $1 " " $3 }' $PW | sort -n -k2 | tee $TMP1 |
     uniq -d -f 1 | awk '{ print $2 }' > $TMP2
     if [ -s "$TMP2" ] ; then
-            echo -e "\n$PW has duplicate user ids:"
+            echo
+            echo "$PW has duplicate user ids:"
             while read uid; do
                     grep -w $uid\$ $TMP1
             done < $TMP2 | column
@@ -59,7 +60,7 @@ function check_passwd () {
     rm -f "$output_file"
 }
 
-function check_shadow () {
+check_shadow () {
     local output_file=`mktemp -t check_passwd.XXXX` # TEMPDIR is set but not exported.. does it work?
     PW="/etc/shadow"
     awk -F: '{
@@ -96,7 +97,7 @@ function check_shadow () {
     rm -f "$output_file"
 }
 
-function check_group () {
+check_group () {
     local output_file=`mktemp -t check_group.XXXX` # TEMPDIR is set but not exported.. does it work?
     GRP=/etc/group
     awk -F: '{
@@ -129,7 +130,7 @@ function check_group () {
     rm -f "$output_file"
 }
 
-function check_ftpusers () {
+check_ftpusers () {
     if [ -s /etc/ftpusers ]; then
         local output_file=`mktemp -t check_ftpusers.XXXX` # TEMPDIR is set but not exported.. does it work?
         grep -q '^root$' /etc/ftpusers || echo root >> $output_file