#278 Escaping password items
This commit is contained in:
root
parent
57b30a2955
commit
f7699b4515
1 changed files with 37 additions and 0 deletions
|
|
@ -1086,6 +1086,10 @@ sub remove_empty {
|
||||||
grep { $_ ne '' } @_;
|
grep { $_ ne '' } @_;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
sub grep_file_contents {
|
||||||
|
my $file = shift;
|
||||||
|
my $patt
|
||||||
|
}
|
||||||
sub get_file_contents {
|
sub get_file_contents {
|
||||||
my $file = shift;
|
my $file = shift;
|
||||||
open( my $fh, "<", $file ) or die "Can't open $file for read: $!";
|
open( my $fh, "<", $file ) or die "Can't open $file for read: $!";
|
||||||
|
|
@ -1099,6 +1103,33 @@ sub get_basic_passwords {
|
||||||
return get_file_contents(shift);
|
return get_file_contents(shift);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
sub log_file_recommandations {
|
||||||
|
subheaderprint "Log file Recommendations";
|
||||||
|
infoprint "Log file: " . $myvar{'log_error'}. "(".hr_bytes_rnd((stat $myvar{'log_error'})[7]).")";
|
||||||
|
if (-f "$myvar{'log_error'}") {
|
||||||
|
goodprint "Log file $myvar{'log_error'} exists";
|
||||||
|
} else {
|
||||||
|
badprint "Log file $myvar{'log_error'} doesn't exist";
|
||||||
|
}
|
||||||
|
if ( (stat $myvar{'log_error'})[7] > 0) {
|
||||||
|
goodprint "Log file $myvar{'log_error'} is not empty";
|
||||||
|
} else {
|
||||||
|
badprint "Log file $myvar{'log_error'} is empty";
|
||||||
|
}
|
||||||
|
|
||||||
|
if ( (stat $myvar{'log_error'})[7] < 2*1024*1024) {
|
||||||
|
goodprint "Log file $myvar{'log_error'} is smaller than 32 Mb";
|
||||||
|
} else {
|
||||||
|
badprint "Log file $myvar{'log_error'} is bigger than 32 Mb";
|
||||||
|
push( @generalrec,
|
||||||
|
$myvar{'log_error'} ."is > 32Mb, you should analyze why or implement a rotation log strategy such as logrotate!" );
|
||||||
|
}
|
||||||
|
|
||||||
|
#exit 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
sub cve_recommendations {
|
sub cve_recommendations {
|
||||||
subheaderprint "CVE Security Recommendations";
|
subheaderprint "CVE Security Recommendations";
|
||||||
unless ( defined( $opt{cvefile} ) && -f "$opt{cvefile}" ) {
|
unless ( defined( $opt{cvefile} ) && -f "$opt{cvefile}" ) {
|
||||||
|
|
@ -1612,8 +1643,12 @@ sub security_recommendations {
|
||||||
my $nbins = 0;
|
my $nbins = 0;
|
||||||
my $passreq;
|
my $passreq;
|
||||||
if (@passwords) {
|
if (@passwords) {
|
||||||
|
my $nbInterPass=0;
|
||||||
foreach my $pass (@passwords) {
|
foreach my $pass (@passwords) {
|
||||||
|
$nbInterPass++;
|
||||||
|
|
||||||
$pass =~ s/\s//g;
|
$pass =~ s/\s//g;
|
||||||
|
$pass =~ s/\'/\\\'/g;
|
||||||
chomp($pass);
|
chomp($pass);
|
||||||
|
|
||||||
# Looking for User with user/ uppercase /capitalise weak password
|
# Looking for User with user/ uppercase /capitalise weak password
|
||||||
|
|
@ -1638,6 +1673,7 @@ sub security_recommendations {
|
||||||
$nbins++;
|
$nbins++;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
debugprint "$nbInterPass / ".scalar(@passwords) if ($nbInterPass %1000 ==0);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if ( $nbins > 0 ) {
|
if ( $nbins > 0 ) {
|
||||||
|
|
@ -5793,6 +5829,7 @@ validate_mysql_version; # Check current MySQL version
|
||||||
|
|
||||||
check_architecture; # Suggest 64-bit upgrade
|
check_architecture; # Suggest 64-bit upgrade
|
||||||
system_recommendations; # avoid to many service on the same host
|
system_recommendations; # avoid to many service on the same host
|
||||||
|
log_file_recommandations; # check log file content
|
||||||
check_storage_engines; # Show enabled storage engines
|
check_storage_engines; # Show enabled storage engines
|
||||||
mysql_databases; # Show informations about databases
|
mysql_databases; # Show informations about databases
|
||||||
mysql_indexes; # Show informations about indexes
|
mysql_indexes; # Show informations about indexes
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue