forked from aquasecurity/linux-bench
-
Notifications
You must be signed in to change notification settings - Fork 3
/
utils.go
119 lines (102 loc) · 2.79 KB
/
utils.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
package main
import (
"os/exec"
"regexp"
"strings"
)
func GetOperatingSystem() (platform string, err error) {
out, err := exec.Command("bash", "-c", "cat /etc/os-release").Output()
if err != nil {
return "", err
} else {
output := strings.ToLower(string(out))
output = strings.Replace(output, `"`, "", -1)
output = strings.Replace(output, `_id`, "", -1) // version_id kills the regex
flagRe := regexp.MustCompile("id" + `=([^ \n]*)`)
vals := flagRe.FindStringSubmatch(output)
if len(vals) > 1 {
platform = vals[1]
}
platform += getPlatformVersion(output, platform)
}
return platform, nil
}
func GetBootLoader() (boot string, err error) {
out, err := exec.Command("grub-install", "--version").Output()
if err != nil {
out, err = exec.Command("bash", "-c", "ls /boot | grep grub").Output()
if err != nil {
out, err = exec.Command("bash", "-c", "ls /boot/boot | grep grub").Output()
if err != nil {
return "", err
}
}
}
output := strings.ToLower(string(out))
if strings.Contains(output, "grub2") {
boot = "grub2"
} else if strings.Contains(output, "grub") {
boot = "grub"
}
return boot, nil
}
func GetSystemLogManager() (syslog string, err error) {
out, err := exec.Command("bash", "-c", "sudo lsof +D /var/log | grep /var/log/syslog | cut -f1 -d' '").Output()
if err != nil {
out, err := exec.Command("bash", "-c", "service rsyslog status").Output()
if err != nil {
return "", err
}
output := strings.ToLower(string(out))
if strings.Contains(output, "active (running)") {
syslog = "rsyslog"
} else {
syslog = "syslog-ng"
}
} else {
output := strings.ToLower(string(out))
if strings.Contains(output, "syslog-ng") {
syslog = "syslog-ng"
} else {
syslog = "rsyslog"
}
}
return syslog, nil
}
func GetLSM() (lsm string, err error) {
out, err := exec.Command("bash", "-c", "sudo apparmor_status").Output()
if err != nil {
out, err = exec.Command("bash", "-c", "sestatus").Output()
if err != nil {
return "", err
} else {
output := strings.ToLower(string(out))
space := regexp.MustCompile(`\s+`)
output = space.ReplaceAllString(output, " ")
if strings.Contains(output, "selinux status: enabled") {
lsm = "selinux"
}
}
} else {
output := strings.ToLower(string(out))
if strings.Contains(output, "apparmor module is loaded") {
lsm = "apparmor"
}
}
return lsm, nil
}
func getPlatformVersion(output, platform string) string {
flagRe := regexp.MustCompile(`version[_id]*=([^ \n]*)`)
vals := flagRe.FindStringSubmatch(output)
if len(vals) > 1 {
switch platform {
case "rhel":
return vals[1][:1] // Get the major version only, examaple: 7.6 will return 7
case "ubuntu":
return vals[1][:2] // Get the major version only, examaple: 18.04 will return 18
default:
return ""
}
}
return ""
}