#!/bin/sh

#################################################################################
#
#   Lynis
# ------------------
#
# Copyright 2007-2008, Michael Boelen (michael@rootkit.nl), The Netherlands
# Web site: http://www.rootkit.nl
#
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
# welcome to redistribute it under the terms of the GNU General Public License.
# See LICENSE file for usage of this software.
#
#################################################################################
#
# Logging and related files
    # Test        : LOGG-2116
    # Description : check for expired SSL certificates
    #if [ -z "${OPENSSLBINARY}" ]; then PREQS_MET="YES" else PREQS_MET="NO"; fi
    #Register --test-no LOGG-2116 --preqs-met ${PREQS_MET} --weight L --network NO --description "Check expire date SSL certificates"
    #if [ ${SKIPTEST} -eq 0 ]; then

#
#################################################################################
#
    InsertSection "Logging and files"
#
#################################################################################
#
    counttests
    logtext "Test: Searching for a logging daemon... "
    FIND=`ps ax | egrep "syslogd|syslog-ng|metalog" | grep -v "grep"`
    if [ "${FIND}" = "" ]
      then
        Display --indent 2 --text "- Checking for a running syslog daemon..." --result WARNING --color RED
	logtext "Warning: Could not find a syslog daemon like syslog, syslog-ng, metalog"
	logtext "Suggestion: Check if any syslog daemon is running and correctly configured."
	logtext "Status: BAD"
	logtext "Impact: MEDIUM"
      else
        Display --indent 2 --text "- Checking for a running syslog daemon..." --result OK --color GREEN
	logtext "Result: Found a logging daemon"
	logtext "Status: OK"
    fi

#YYY insert a check for FreeBSD/OpenBSD /etc/newsyslog.conf
#YYY insert a check for logrotate (/etc/logrotate and logrotate.d)
#YYY insert a check for ng-syslog

logtextbreak

# =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

    counttests
    # Linux/FreeBSD (ntpdate), OpenBSD (ntpd, rdate)
    
    logtext "Test: Searching for a NTP daemon or client... "
    FOUND=0
    FIND=`ps ax | grep "ntpd" | grep -v "grep"`
    if [ ! "${FIND}" = "" ]; then FOUND=1; logtext "Result: Found NTP daemon"; fi
    
    # Check crontab for OpenBSD/FreeBSD
    if [ -f /etc/crontab ]; then
        FIND=`cat /etc/crontab | egrep "ntpdate|rdate" | grep -v '^#'`
        if [ ! "${FIND}" = "" ]; then
            FOUND=1;
	    Display --indent 2 --text "- Checking NTP client (ntpdate or rdate) in crontab file..." --result FOUND --color GREEN
	  else
	    Display --indent 2 --text "- Checking NTP client (ntpdate or rdate) in crontab file..." --result "NOT FOUND" --color WHITE
        fi
    fi
    if [ ${FOUND} -eq 0 ]; then    
        Display --indent 2 --text "- Checking for a running NTP daemon or client..." --result WARNING --color RED
	logtext "Warning: Could not find a NTP daemon or client"
	logtext "Suggestion: Check if any NTP daemon is running or a NTP client gets "
	logtext "executed daily, to prevent big time differences and avoid problems "
	logtext "with services like kerberos, authentication or logging differences."
      else
        Display --indent 2 --text "- Checking for a running NTP daemon or client..." --result OK --color GREEN
	logtext "Result: Found a time syncing daemon/client."
	logtext "Status: OK"
    fi

logtextbreak

#
#################################################################################
#

# YYY Add check to see if remote logging is enabled
#    SYSLOG_FILES="/etc/syslog.conf /etc/syslog-ng/syslog-ng.conf"
#    FIND=`grep '@' $I | grep -v '^#'`

#
#================================================================================
# Lynis - Copyright 2007-2008, Michael Boelen - www.rootkit.nl - The Netherlands
