[AUTH-9282][AUTH-9283] Add support for RedHad and clones (CISOfy#609)

[AUTH-9282][AUTH-9283] Add support for Red Hat and clones
AutoloadDev · Dec 17, 2018 · 47e37bf · 47e37bf
1 parent d024d52
commit 47e37bf
Showing 1 changed file with 10 additions and 6 deletions.
diff --git a/include/tests_authentication b/include/tests_authentication
@@ -711,20 +711,24 @@
             case ${LINUX_VERSION} in
                 "SuSE")
                     PREQS_MET="YES"
-                    FIND=$(passwd -a -S 2> /dev/null | ${AWKBINARY} '{ if ($2=="P" && $5=="99999") print $1 }')
+                    FIND1=$(passwd -a -S 2> /dev/null | ${AWKBINARY} '{ if ($2=="P" && $5=="99999") print $1 }')
                     FIND2=$(passwd -a -S 2> /dev/null | ${AWKBINARY} '{ if ($2=="NP") print $1 }')
                     ;;
                 *)
                     PREQS_MET="YES"
-                    FIND=$(passwd --all --status 2> /dev/null | ${AWKBINARY} '{ if ($2=="P" && $5=="99999") print $1 }')
+                    FIND1=$(passwd --all --status 2> /dev/null | ${AWKBINARY} '{ if ($2=="P" && $5=="99999") print $1 }')
                     FIND2=$(passwd --all --status 2> /dev/null | ${AWKBINARY} '{ if ($2=="NP") print $1 }')
                     ;;
             esac
-        else
+	elif [ ${OS_REDHAT_OR_CLONE} -eq 1 ]; then
+            PREQS_MET="YES"
+            FIND1=$(for I in $(${AWKBINARY} -F: '{print $1}' ${ROOTDIR}etc/passwd) ; do passwd -S $I | ${AWKBINARY} '{ if ($2=="PS" && $5=="99999") print $1 }' ; done)
+            FIND2=$(for I in $(${AWKBINARY} -F: '{print $1}' ${ROOTDIR}etc/passwd) ; do passwd -S $I | ${AWKBINARY} '{ if ($2=="NP") print $1 }' ; done)
+	else
             LogText "Result: skipping test for this Linux version"
             ReportManual "AUTH-9282:01"
             PREQS_MET="NO"
-            FIND=""
+            FIND1=""
             FIND2=""
         fi
      else
@@ -736,12 +740,12 @@
     Register --test-no AUTH-9282 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Checking password protected account without expire date"
     if [ ${SKIPTEST} -eq 0 ]; then
         LogText "Test: Checking Linux version and password expire date status"
-        if [ -z "${FIND}" ]; then
+        if [ -z "${FIND1}" ]; then
             LogText "Result: all accounts seem to have an expire date"
             Display --indent 2 --text "- Accounts without expire date" --result "${STATUS_OK}" --color GREEN
         else
             LogText "Result: found one or more accounts with expire date set"
-            for I in ${FIND}; do
+            for I in ${FIND1}; do
                 LogText "Account without expire date: ${I}"
             done
             Display --indent 2 --text "- Accounts without expire date" --result "${STATUS_SUGGESTION}" --color YELLOW