#!/bin/sh

#################################################################################
#
#   Lynis
# ------------------
#
# Copyright 2007-2008, Michael Boelen (michael@rootkit.nl), The Netherlands
# Web site: http://www.rootkit.nl
#
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
# welcome to redistribute it under the terms of the GNU General Public License.
# See LICENSE file for usage of this software.
#
#################################################################################
#
# Logging and related files
#
#################################################################################
#
    InsertSection "Logging and files"

    # Test        : LOGG-2130
    # Description : Check for a running syslog daemon
    Register --test-no LOGG-2130 --weight L --network NO --description "Check for running syslog daemon"
    if [ ${SKIPTEST} -eq 0 ]; then
        logtext "Test: Searching for a logging daemon... "
        FIND=`ps ax | egrep "syslogd|syslog-ng|metalog" | grep -v "grep"`
        if [ "${FIND}" = "" ]; then
            Display --indent 2 --text "- Checking for a running syslog daemon..." --result WARNING --color RED
	    logtext "Result: Could not find a syslog daemon like syslog, syslog-ng, metalog"
	    logtext "Suggestion: Check if any syslog daemon is running and correctly configured."
	    ReportWarning ${TEST_NO} "H" "No syslog daemon found"
	  else
	    Display --indent 2 --text "- Checking for a running syslog daemon..." --result OK --color GREEN
	    logtext "Result: Found a logging daemon"
	fi
    fi
#
#################################################################################
#
    # Test        : LOGG-2134
    # Description : Check for Syslog-NG configuration file consistency
    if [ ! -z "${SYSLOGNGBINARY}" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi
    Register --test-no LOGG-2134 --preqs-met ${PREQS_MET} --weight L --network NO --description "Checking Syslog-NG configuration file consistency"
    if [ ${SKIPTEST} -eq 0 ]; then
	FIND=`${SYSLOGNGBINARY} -s; echo $?`
	if [ "${FIND}" = "0" ]; then
	    logtext "Result: Syslog-NG configuration file seems to be consistent"
	    Display --indent 2 --text "- Checking Syslog-NG consistency" --result OK --color GREEN
	  else
	    logtext "Result: Syslog-NG configuration file seems NOT to be consistent"
	    Display --indent 2 --text "- Checking Syslog-NG consistency" --result WARNING --color RED
	    ReportWarning ${TEST_NO} "L" "Found one or more problems in Syslog-NG configuration file"
	    ReportSuggestion ${TEST_NO} "Check the Syslog-NG configuration file and/or run a manual consistency check with: syslog-ng -s"
	fi
    fi
#
#################################################################################
#

# YYY Add check to see if remote logging is enabled
#    SYSLOG_FILES="/etc/syslog.conf /etc/syslog-ng/syslog-ng.conf"
#    FIND=`grep '@' $I | grep -v '^#'`
#
# YYY insert a check for FreeBSD/OpenBSD /etc/newsyslog.conf
# YYY insert a check for logrotate (/etc/logrotate and logrotate.d)


wait_for_keypress

#
#================================================================================
# Lynis - Copyright 2007-2008, Michael Boelen - www.rootkit.nl - The Netherlands
