1#!/bin/sh
2
3#################################################################################
4#
5#   Lynis
6# ------------------
7#
8# Copyright 2007-2013, Michael Boelen
9# Copyright 2007-2021, CISOfy
10#
11# Website  : https://cisofy.com
12# Blog     : http://linux-audit.com
13# GitHub   : https://github.com/CISOfy/lynis
14#
15# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
16# welcome to redistribute it under the terms of the GNU General Public License.
17# See LICENSE file for usage of this software.
18#
19######################################################################
20#
21# Helper program to configure Lynis
22#
23######################################################################
24#
25# How to use:
26# ------------
27#
28# Run:
29#   lynis configure settings quick
30#   lynis configure settings quick=yes:debug=yes
31#
32######################################################################
33
34    CONFIGURE_CRONJOB=0
35    CONFIGURE_SETTINGS=0
36
37    # Check configure mode
38    if [ "${HELPER_PARAMS}" = "" ]; then
39        ${ECHOCMD} "${YELLOW}Provide one or more configuration settings${NORMAL}"
40        ${ECHOCMD} ""
41        ${ECHOCMD} "Examples:"
42        ${ECHOCMD} "  $0 configure cronjob"
43        ${ECHOCMD} ""
44        ${ECHOCMD} "  $0 configure settings quick"
45        ${ECHOCMD} "  $0 configure settings debug:developer-mode:quick"
46        ${ECHOCMD} "  $0 configure settings debug=yes:developer-mode=no:quick=yes"
47        ${ECHOCMD} ""
48        ExitClean
49    elif [ "$1" = "cronjob" ]; then
50        CONFIGURE_CRONJOB=1
51    elif [ "$1" = "settings" ]; then
52        CONFIGURE_SETTINGS=1
53    fi
54
55
56    # Perform activities depending on requested task
57    if [ ${CONFIGURE_CRONJOB} -eq 1 ]; then
58
59        ${ECHOCMD} "Automatic configuration for cronjobs is not implemented yet."
60        ExitClean
61
62    elif [ ${CONFIGURE_SETTINGS} -eq 1 ]; then
63
64        # Determine where profiles are stored
65        if [ -z "${PROFILEDIR}" ]; then
66            ${ECHOCMD} "Can not configure Lynis, as profile directory is unknown"
67            ExitFatal
68        fi
69        if [ -z "${CUSTOM_PROFILE}" ]; then
70            ${ECHOCMD} "No custom profile found yet."
71            ${ECHOCMD} "Suggestion: create one with 'touch custom.prf' or 'touch /etc/lynis/custom.prf'"
72            ExitFatal
73        fi
74
75        CONFIGURE_SETTINGS=$(echo $2 | sed 's/:/ /g')
76        for I in ${CONFIGURE_SETTINGS}; do
77            SETTING=$(echo ${I} | awk -F= '{print $1}')
78            VALUE=$(echo ${I} | awk -F= '{print $2}')
79            if [ "${VALUE}" = "" ]; then
80                ${ECHOCMD} "Profile:          ${CUSTOM_PROFILE}"
81                Debug "Did not find a value configured on the command line for setting ${SETTING}"
82                #read VALUE
83                else
84                  Debug "Setting '${SETTING}' should be configured with value '${VALUE}'"
85                  FIND=$(grep "^${SETTING}" ${CUSTOM_PROFILE})
86                  if [ "${FIND}" = "" ]; then
87                      ${ECHOCMD} "Configuring setting '${CYAN}${SETTING}${NORMAL}'"
88                      echo "${SETTING}=${VALUE}" >> ${CUSTOM_PROFILE}
89                      if [ $? -eq 0 ]; then ${ECHOCMD} "${GREEN}Setting changed${NORMAL}"; fi
90                    else
91                      ${ECHOCMD} "${YELLOW}Notice${NORMAL}: Setting '${CYAN}${SETTING}${NORMAL}' was already configured (not changed)${NORMAL}"
92                      ${ECHOCMD} "        Current value: ${WHITE}${FIND}${NORMAL}"
93                      ${ECHOCMD} ""
94                  fi
95            fi
96            # Now check if value is in line with expected type (boolean, integer, string)
97            # =To be implemented=
98        done
99        ${ECHOCMD} ""
100        ${ECHOCMD} ""
101        ExitClean
102
103    fi
104
105    ExitClean
106
107# The End
108