Style changes, HTML tidying, and minor bug fixes.

2016-07-14 13:01:42 -07:00 · 2016-07-14 13:01:42 -07:00 · 0fd0a0b0b9
commit 0fd0a0b0b9
parent 2e6ab3b1a6
1 changed files with 129 additions and 86 deletions
--- a/lynis_report.pl
+++ b/lynis_report.pl
@ -3,7 +3,7 @@
 use strict;
 use warnings;
 use feature qw( switch );
-#if ($] ge '5.018000') { no warnings "experimental::smartmatch"; } 
+no if $] ge '5.018', warnings => "experimental::smartmatch";
 use Term::ANSIColor;
 use Getopt::Long qw( :config no_ignore_case bundling );
 use Data::Dumper;
@ -16,6 +16,8 @@ GetOptions(
 	'o|output=s'	=>	\$output,
 );

+if ($help) { &usage; }
+
 my %to_bool = (	0 => 'false', 1 => 'true' );
 my %to_long_severity = ( 'C' => 'Critical', 'S' => 'Severe', 'H' => 'High', 'M' => 'Medium', 'L' => 'Low', 'I' => 'Informational' );

@ -111,6 +113,8 @@ print OUT <<END;
 		<meta >
 		<style>
 			html,body {color: #fff; background-color: #000;}
+			div#content_section {margin: 0 10% 0 10%;}
+			div.content_subsection {margin: 0 5% 0 5%;}
 			table {border-collapse: collapse; border: 1px solid white;}
 			td.good {background-color: #006400; color: #ffffff; font-weight: bold;}
 			td.fair {background-color: #ffd700; color: #000000; font-weight: bold;}
@ -120,6 +124,7 @@ print OUT <<END;
 		</style>
 	</head>
 	<body>
+		<div id="content_section">
 			<h1>lynis Asset Report</h1>
 			<h2><span class="title_shrink">created by</span> lynis_report</h2>
 			<table border="1">
@ -133,54 +138,63 @@ END
 given ($lynis_report_data{'hardening_index'}) {
 	when (($lynis_report_data{'hardening_index'} < 100) and ($lynis_report_data{'hardening_index'} > 90)) {
 		# green
-		print OUT "\t\t\t<td class=\"good\">$lynis_report_data{'hardening_index'}</td>";
+		print OUT "\t\t\t\t<td class=\"good\">$lynis_report_data{'hardening_index'}</td>";
 	}
 	when (($lynis_report_data{'hardening_index'} <= 90) and ($lynis_report_data{'hardening_index'} > 80)) {
 		# yellow
-		print OUT "\t\t\t<td class=\"fair\">$lynis_report_data{'hardening_index'}</td>";
+		print OUT "\t\t\t\t<td class=\"fair\">$lynis_report_data{'hardening_index'}</td>";
 	}
 	when (($lynis_report_data{'hardening_index'} <= 80) and ($lynis_report_data{'hardening_index'} > 65)) {
 		# orange
-		print OUT "\t\t\t<td class=\"poor\">$lynis_report_data{'hardening_index'}</td>";
+		print OUT "\t\t\t\t<td class=\"poor\">$lynis_report_data{'hardening_index'}</td>";
 	}
 	when ($lynis_report_data{'hardening_index'} <= 65) {
 		# red
-		print OUT "\t\t\t<td class=\"dismal\">$lynis_report_data{'hardening_index'}</td>";
+		print OUT "\t\t\t\t<td class=\"dismal\">$lynis_report_data{'hardening_index'}</td>";
 	}
 	default { 
 		# error
 	}
 }

-print OUT "\t\t</tr></table>\n";
+print OUT "\t\t\t</tr></table>\n";
+if (!exists($lynis_report_data{'warning[]'})) {
+	print OUT "<h4>warnings (0):</h4>\n";
+} else {
 	print OUT "<h4>warnings (".scalar(@{$lynis_report_data{'warning[]'}})."):</h4>\n";
+}
 print OUT <<END;
+			<div class="content_subsection">
 				<table border="1">
 					<tr><td>Warning ID</td><td>Description</td><td>Severity</td><td>F4</td></tr>
 END
+if (exists($lynis_report_data{'warning[]'})) {
 	if (ref($lynis_report_data{'warning[]'}) eq 'ARRAY') {
 		if (${$lynis_report_data{'warning[]'}}[0] =~ /\|/) { 									# more than one
 			foreach my $warn ( sort @{$lynis_report_data{'warning[]'}} ) {
 				my ($warn_id,$warn_desc,$warn_sev,$warn_f4) = split(/\|/, $warn);
-			print OUT "<tr><td>$warn_id</td><td>$warn_desc</td><td>$to_long_severity{$warn_sev}</td><td>$warn_f4</td></tr>\n";
+				print OUT "\t\t\t\t\t<tr><td>$warn_id</td><td>$warn_desc</td><td>$to_long_severity{$warn_sev}</td><td>$warn_f4</td></tr>\n";
 			}
 		} elsif (${$lynis_report_data{'warning[]'}}[0] =~ /[A-Z]{4}\-\d{4}/) {					# one warning
 			my $warn_id = ${$lynis_report_data{'warning[]'}}[0];
 			my $warn_desc = ${$lynis_report_data{'warning[]'}}[1];
 			my $warn_sev = ${$lynis_report_data{'warning[]'}}[2];
 			my $warn_f4 = ${$lynis_report_data{'warning[]'}}[3];
-		print OUT "<tr><td>$warn_id</td><td>$warn_desc</td><td>$to_long_severity{$warn_sev}</td><td>$warn_f4</td></tr>\n";
+			print OUT "\t\t\t\t\t<tr><td>$warn_id</td><td>$warn_desc</td><td>$to_long_severity{$warn_sev}</td><td>$warn_f4</td></tr>\n";
 		} else {
 			die colored("Unexpected ARRAY format! \n", "bold red");
 		}
 	} else {
 		die colored("warning[] not ARRAY ref!: ".ref($lynis_report_data{'warning[]'})."\n", "bold red");
 	}
+}
 print OUT <<END;
 				</table>
+			</div>
 END
-print OUT "\t\t<h4>suggestions (".scalar(@{$lynis_report_data{'suggestion[]'}})."):</h4>\n";
+print OUT "\t\t\t<h4>suggestions (".scalar(@{$lynis_report_data{'suggestion[]'}})."):</h4>\n";
 print OUT <<END;
+			<div class="content_subsection">
 				<table border="1">
 					<tr><td>Suggestion ID</td><td>Description</td><td>Severity</td><td>F4</td></tr>
 END
@ -191,22 +205,26 @@ if ((ref($lynis_report_data{'suggestion[]'}) eq 'ARRAY') and
 		if ($sug_desc eq 'Consider hardening SSH configuration') {
 			$sug_desc .= ": $sug_sev"; $sug_sev = '-';
 		}
-		print OUT "\t\t\t<tr><td>$sug_id</td><td>$sug_desc</td><td>$sug_sev</td><td>$sug_f4</td></tr>\n";
+		print OUT "\t\t\t\t\t<tr><td>$sug_id</td><td>$sug_desc</td><td>$sug_sev</td><td>$sug_f4</td></tr>\n";
 	}
 }
 print OUT <<END;
 				</table>
+			</div>
 			<h4>manual checks:</h4>
 			<ul>
 END
+if ((exists($lynis_report_data{'manual[]'})) and (scalar(@{$lynis_report_data{'manual[]'}}) > 0)) {
 	foreach my $man ( sort @{$lynis_report_data{'manual[]'}} ) {
 		#print Dumper($man);
 		print OUT "<li>$man</li>\n";
 	}
+}
 print OUT <<END;
 			</ul>
 			<hr />
 			<a name="lynis_info"><h4>lynis info:</h4></a>
+			<div class="content_subsection">
 				<table border="1">
 					<tr>
 						<td>lynis version:</td><td>$lynis_report_data{'lynis_version'}</td><td>lynis tests done:</td><td>$lynis_report_data{'lynis_tests_done'}</td>
@ -223,14 +241,14 @@ print OUT <<END;
 					<tr>
 END

-print OUT "\t\t\t\t<td>phase 1 plugins enabled:</td><td colspan=\"3\">";
-print OUT "\t\t\t\t\t<table border=\"1\">\n";
+print OUT "\t\t\t\t\t\t<td>phase 1 plugins enabled:</td><td colspan=\"3\">\n";
+print OUT "\t\t\t\t\t\t\t<table border=\"1\">\n";
 foreach my $plug ( sort @{$lynis_report_data{'plugin_enabled_phase1[]'}} ) { 
 	my ($n,$v) = split(/\|/, $plug);
-	print OUT "\t\t\t\t\t\t<tr><td>name:</td><td>$n</td><td>version:</td><td>$v</td></tr>\n";
+	print OUT "\t\t\t\t\t\t\t\t<tr><td>name:</td><td>$n</td><td>version:</td><td>$v</td></tr>\n";
 }
-print OUT "\t\t\t\t\t</table>\n";
-print OUT "</td>\n";
+print OUT "\t\t\t\t\t\t\t</table>\n";
+print OUT "\t\t\t\t\t\t</td>\n";
 print OUT <<END;
 					</tr>
 					<tr>
@ -239,19 +257,23 @@ print OUT <<END;
 					<tr><td>hostid:</td><td colspan="3">$lynis_report_data{'hostid'}</td></tr>
 					<tr><td>hostid:</td><td colspan="3">$lynis_report_data{'hostid2'}</td></tr>
 				</table>
+			</div>
 			<hr />
 			<h4><a name="host_info">host info:</a></h4>
+			<div class="content_subsection">
 				<table border="1">
 					<tr><td>hostname:</td><td>$lynis_report_data{'hostname'}</td><td>domainname:</td><td>$lynis_report_data{'domainname'}</td><td>resolv.conf domain:</td><td>$lynis_report_data{'resolv_conf_domain'}</td></tr>
 					<tr><td>os:</td><td>$lynis_report_data{'os'}</td><td>os fullname:</td><td>$lynis_report_data{'os_fullname'}</td><td>os_version:</td><td>$lynis_report_data{'os_version'}</td></tr>
 					<tr><td>GRSecurity:</td><td>$to_bool{$lynis_report_data{'framework_grsecurity'}}</td><td>SELinux:</td><td>$to_bool{$lynis_report_data{'framework_selinux'}}</td><td>memory:</td><td>$lynis_report_data{'memory_size'} $lynis_report_data{'memory_units'}</td></tr>
 					<tr><td>linux version:</td><td>$lynis_report_data{'linux_version'}</td><td>pae enabled:</td><td>$to_bool{$lynis_report_data{'cpu_pae'}}</td><td>nx enabled:</td><td>$to_bool{$lynis_report_data{'cpu_nx'}}</td></tr>
 END
-print OUT "\t\t\t<tr><td>network interfaces:</td><td>".join("<br />\n", @{$lynis_report_data{'network_interface[]'}})."</td><td>ipv4 addresses:</td><td>".join("<br />\n", @{$lynis_report_data{'network_ipv4_address[]'}})."</td><td>ipv6 addresses:</td><td>".join("<br />\n", @{$lynis_report_data{'network_ipv6_address[]'}})."</td></tr>\n";
+print OUT "\t\t\t\t\t<tr><td>network interfaces:</td><td>".join("<br />\n", @{$lynis_report_data{'network_interface[]'}})."</td><td>ipv4 addresses:</td><td>".join("<br />\n", @{$lynis_report_data{'network_ipv4_address[]'}})."</td><td>ipv6 addresses:</td><td>".join("<br />\n", @{$lynis_report_data{'network_ipv6_address[]'}})."</td></tr>\n";
 print OUT <<END;
 					<tr><td>kernel version:</td><td>$lynis_report_data{'linux_kernel_version'}</td><td>kernel release version:</td><td>$lynis_report_data{'linux_kernel_release'}</td><td>uptime (days):</td><td>$lynis_report_data{'uptime_in_days'}</td></tr>
 					<tr><td>vm:</td><td>$to_bool{$lynis_report_data{'vm'}}</td><td>vm_type:</td><td>$lynis_report_data{'vmtype'}</td><td>uptime (secs):</td><td>$lynis_report_data{'uptime_in_seconds'}</td></tr>
 				</table>
+			</div>
+		</div>
 	</body>
 </html>

@ -264,3 +286,24 @@ foreach my $idx ( sort @indexes ) {
 	delete($lynis_report_data{$idx});
 }
 print Dumper(\%lynis_report_data);
+
+###############################################################################
+# subs
+###############################################################################
+sub usage {
+	print <<END;
+
+$0 -h|--help -v|--verbose -E|--excel -o|--output
+
+Where:
+
+-h|--help			Display this useful message, then exit.
+-v|--verbose		Display more detailed output.  This is typically used for
+					debugging, but may provide insight when running into problems.
+-E|--excel			Output the report in Microsoft Excel binary format.  This
+					options is not yet implemented (NYI).
+-o|--output			Specifies the output file to print the report to.
+
+END
+	exit 0;
+}