#!/bin/sh

#################################################################################
#
#   Lynis
# ------------------
#
# Copyright 2007-2013, Michael Boelen
# Copyright 2013-2016, CISOfy
#
# Website  : https://cisofy.com
# Blog     : http://linux-audit.com
# GitHub   : https://github.com/CISOfy/lynis
#
# Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
# welcome to redistribute it under the terms of the GNU General Public License.
# See LICENSE file for usage of this software.
#
#################################################################################
#
# Name services
#
#################################################################################
#
    InsertSection "Name services"
#
#################################################################################
#
    BIND_RUNNING=0
    BIND_CONFIG_LOCS="/etc /etc/bind /usr/local/etc /usr/local/etc/namedb"
    BIND_CONFIG_LOCATIONS=""
    POWERDNS_RUNNING=0
    POWERDNS_CONFIG_LOCS="/etc/powerdns /usr/local/etc"
    POWERDNS_AUTH_CONFIG_LOCATION=""
    POWERDNS_AUTH_MASTER=0
    POWERDNS_AUTH_SLAVE=0
    UNBOUND_CONFIG_OK=0
    YPBIND_RUNNING=0
#
#################################################################################
#
    # Test        : NAME-4016
    # Description : Check main domain (domain <domain name> in /etc/resolv.conf)
    Register --test-no NAME-4016 --weight L --network NO --description "Check /etc/resolv.conf default domain"
    if [ ${SKIPTEST} -eq 0 ]; then
        LogText "Test: check /etc/resolv.conf for default domain"
        if [ -f /etc/resolv.conf ]; then
            LogText "Result: /etc/resolv.conf found"
            FIND=`awk '/^domain/ { print $2 }' /etc/resolv.conf`
            if [ "${FIND}" = "" ]; then
                LogText "Result: no default domain found"
                Display --indent 2 --text "- Checking default DNS search domain" --result NONE --color WHITE
              else
                LogText "Result: found default domain"
                LogText "Output: ${FIND}"
                Report "resolv_conf_domain=${FIND}"
                Display --indent 2 --text "- Checking default DNS search domain" --result FOUND --color GREEN
                RESOLV_DOMAINNAME="${FIND}"
            fi
        fi
    fi
#
#################################################################################
#
    # Test        : NAME-4018
    # Description : Check search domains in /etc/resolv.conf
    # Notes       : Maximum of one search keyword is allowed in /etc/resolv.conf
    Register --test-no NAME-4018 --weight L --network NO --description "Check /etc/resolv.conf search domains"
    if [ ${SKIPTEST} -eq 0 ]; then
        N=0
        LogText "Test: check /etc/resolv.conf for search domains"
        if [ -f /etc/resolv.conf ]; then
            LogText "Result: /etc/resolv.conf found"
            FIND=`awk '/^search/ { print $2 }' /etc/resolv.conf`
            if [ "${FIND}" = "" ]; then
                LogText "Result: no search domains found, default domain is being used"
              else
                for I in ${FIND}; do
                    LogText "Found search domain: ${I}"
                    Report "resolv_conf_search_domain[]=${I}"
                    N=`expr ${N} + 1`
                done
                # Warn if we have more than 6 search domains, which is maximum in most resolvers
                if [ ${N} -gt 6 ]; then
                    LogText "Result: Found ${N} search domains"
                    Display --indent 2 --text "- Checking search domains" --result WARNING --color YELLOW
                    ReportWarning ${TEST_NO} "L" "Found more than 6 search domains, which is usually more than the maximum allowed number in most resolvers"
                  else
                    LogText "Result: Found ${N} search domains"
                    Display --indent 2 --text "- Checking search domains" --result FOUND --color GREEN
                fi
            fi
          else
            LogText "Result: /etc/resolv.conf does not exist, skipping test"
            Display --indent 2 --text "- Checking search domains" --result "NOT FOUND" --color YELLOW
        fi

        # Check amount of search domains (max 1)
            FIND=`grep -c "^search" /etc/resolv.conf`
            if [ ! "${FIND}" = "0" -a ! "${FIND}" = "1" ]; then
                LogText "Result: found ${FIND} line(s) with a search statement (expecting less than 2 lines)"
                Display --indent 4 --text "- Checking search domains lines" --result "CONFIG ERROR" --color YELLOW
                ReportWarning ${TEST_NO} "L" "Found more than 1 search lines in /etc/resolv.conf, which is probably a misconfiguration"
              else
                LogText "Result: found ${FIND} line(s) with a search statement (expecting less than 2 lines)"
            fi
    fi
#
#################################################################################
#
    # Test        : NAME-4020
    # Description : Check non default resolv.conf options
    Register --test-no NAME-4020 --weight L --network NO --description "Check non default options"
    if [ ${SKIPTEST} -eq 0 ]; then
        LogText "Test: check /etc/resolv.conf for non default options"
        if [ -f /etc/resolv.conf ]; then
            LogText "Result: /etc/resolv.conf found"
            FIND=`grep "^options" /etc/resolv.conf | awk '{ print $2 }'`
            if [ "${FIND}" = "" ]; then
                LogText "Result: no specific other options configured in /etc/resolv.conf"
                Display --indent 2 --text "- Checking /etc/resolv.conf options" --result "NONE" --color WHITE
              else
                for I in ${FIND}; do
                    LogText "Found option: ${I}"
                    Report "resolv_conf_option[]=${I}"
                    #rotate --> add performance tune point
                    #timeout <3 --> add performe tune point
                done
                Display --indent 2 --text "- Checking /etc/resolv.conf options" --result "FOUND" --color GREEN
            fi
          else
            LogText "Result: /etc/resolv.conf not found, test skipped"
            Display --indent 2 --text "- Checking /etc/resolv.conf options" --result "NOT FOUND" --color YELLOW
        fi
    fi
#
#################################################################################
#
    # Test        : NAME-4024
    # Description : Check Solaris uname -n output
    Register --test-no NAME-4024 --os Solaris --weight L --network NO --description "Solaris uname -n output"
    if [ ${SKIPTEST} -eq 0 ]; then
        FIND=`uname -n`
        LogText "Result: 'uname -n' returned ${FIND}"
        Display --indent 2 --text "- Checking uname -n output" --result DONE --color GREEN
    fi
#
#################################################################################
#
    # Test        : NAME-4026
    # Description : Check Solaris /etc/nodename
    # Notes       : If a system is standalone, /etc/nodename should contain a system name only, not FQDN
    Register --test-no NAME-4026 --os Solaris --weight L --network NO --description "Check /etc/nodename"
    if [ ${SKIPTEST} -eq 0 ]; then
        LogText "Test: checking /etc/nodename"
        if [ -f /etc/nodename ]; then
            LogText "Result: file /etc/nodename exists"
            FIND=`cat /etc/nodename`
            LogText "Output: ${FIND}"
            Display --indent 2 --text "- Checking /etc/nodename" --result "DONE" --color GREEN
          else
            LogText "Result: file /etc/nodename could not be found"
            Display --indent 2 --text "- Checking /etc/nodename" --result "NONE FOUND" --color YELLOW
        fi
    fi
#
#################################################################################
#
    # Test        : NAME-4028
    # Description : Check DNS domain name
    # To Do       : grep ^DOMAINNAME /etc/conf.d/domainname (remove "'s)
    Register --test-no NAME-4028 --weight L --network NO --description "Check domain name"
    if [ ${SKIPTEST} -eq 0 ]; then
        DOMAINNAME=""
        # NIS
        #LogText "Test: Checking file /etc/domainname"
        #if [ -f /etc/domainname ]; then
        #    LogText "Result: file /etc/domainname exists"
        #    FIND2=`cat /etc/domainname`
        #        if [ ! "${FIND}" = "" ]; then
        #        LogText "Found domain name: ${FIND}"
        #        DOMAINNAME="${FIND}"
        #      else
        #        LogText "Result: no domain name found in file"
        #    fi
        #  else
        #    LogText "Result: file /etc/domainname does not exist"
        #fi

        LogText "Test: Checking if dnsdomainname command is available"
        if [ ! "${DNSDOMAINNAMEBINARY}" = "" ]; then
            FIND2=`${DNSDOMAINNAMEBINARY} 2> /dev/null`
            if [ ! "${FIND2}" = "" ]; then
                LogText "Result: dnsdomainname command returned a value"
                LogText "Found domain name: ${FIND2}"
                DOMAINNAME="${FIND2}"
              else
                LogText "Result: dnsdomainname command returned no value"
            fi
          else
            LogText "Result: dnsdomainname binary not found, skip specific test"
        fi

        # If files and commands can't be found, use defined value from resolv.conf
        if [ "${DOMAINNAME}" = "" ]; then
            if [ ! "${RESOLV_DOMAINNAME}" = "" ]; then
                LogText "Result: using domain name from /etc/resolv.conf"
                DOMAINNAME=${RESOLV_DOMAINNAME}
              else
                LogText "Result: using domain name from FQDN hostname"
                #DOMAINNAME=${FQDN#${HOSTNAME}.}
                DOMAINNAME=`echo ${FQDN} | cut -d . -f2-`
            fi
        fi

        if [ ! "${DOMAINNAME}" = "" ]; then
            LogText "Result: found domain name"
            Report "domainname=${DOMAINNAME}"
            Display --indent 2 --text "- Searching DNS domain name" --result "FOUND" --color GREEN
            Display --indent 6 --text "Domain name: ${DOMAINNAME}"
          else
            Display --indent 2 --text "- Searching DNS domain name" --result "UNKNOWN" --color YELLOW
            ReportSuggestion ${TEST_NO} "Check DNS configuration for the dns domain name"
        fi
    fi
#
#################################################################################
#
    # Test        : NAME-4032
    # Description : Check name service caching daemon (NSCD) status
    Register --test-no NAME-4032 --weight L --network NO --description "Check nscd status"
    if [ ${SKIPTEST} -eq 0 ]; then
        LogText "Test: checking nscd status"
        IsRunning nscd
        if [ ${RUNNING} -eq 1 ]; then
            NAME_CACHE_USED=1
            LogText "Result: nscd is running"
            Display --indent 2 --text "- Checking nscd status" --result RUNNING --color GREEN
          else
            LogText "Result: nscd is not running"
            Display --indent 2 --text "- Checking nscd status" --result "NOT FOUND" --color WHITE
        fi
    fi
#
#################################################################################
#
    # Test        : NAME-4034
    # Description : Check name service caching daemon (Unbound) status
    Register --test-no NAME-4034 --weight L --network NO --description "Check Unbound status"
    if [ ${SKIPTEST} -eq 0 ]; then
        LogText "Test: checking Unbound (unbound) status"
        IsRunning unbound
        if [ ${RUNNING} -eq 1 ]; then
            UNBOUND_RUNNING=1
            NAME_CACHE_USED=1
            LogText "Result: Unbound daemon is running"
            Display --indent 2 --text "- Checking Unbound status" --result RUNNING --color GREEN
          else
            LogText "Result: Unbound daemon is not running"
            Display --indent 2 --text "- Checking Unbound status" --result "NOT FOUND" --color WHITE
       fi
    fi
#
#################################################################################
#
    # Test        : NAME-4036
    # Description : Checking Unbound configuration file
    if [ ${UNBOUND_RUNNING} -eq 1 ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi
    Register --test-no NAME-4036 --preqs-met ${PREQS_MET}  --weight L --network NO --description "Check Unbound configuration file"
    if [ ${SKIPTEST} -eq 0 ]; then
        FIND=`which unbound-checkconf`
        if [ ! "${FIND}" = "" ]; then
            LogText "Test: running unbound-checkconf"
            # Don't capture any output, just gather exit code (0 is fine, otherwise bad)
            FIND=`unbound-checkconf > /dev/null 2>&1`
            if [ $? -eq 0 ]; then
                UNBOUND_CONFIG_OK=1
                LogText "Result: Configuration is fine"
                Display --indent 2 --text "- Checking configuration file" --result OK --color GREEN
              else
                LogText "Result: Unbound daemon is not running"
                Display --indent 2 --text "- Checking configuration file" --result "NOT OK" --color YELLOW
                ReportWarning "${TEST_NO}" "L" "Found Unbound configuration file issues (run unbound-checkconf)"
            fi
          else
            LogText "Result: skipped, can't find unbound-checkconf utility"
        fi
    fi
#
#################################################################################
#
    # Test        : NAME-4202
    # Description : Check if BIND is running
    Register --test-no NAME-4202 --weight L --network NO --description "Check BIND status"
    if [ ${SKIPTEST} -eq 0 ]; then
        LogText "Test: Checking for running BIND instance"
        IsRunning named
        if [ ${RUNNING} -eq 1 ]; then
            LogText "Result: found BIND process"
            Display --indent 2 --text "- Checking BIND status" --result "FOUND" --color GREEN
            BIND_RUNNING=1
          else
            LogText "Result: BIND not running"
            Display --indent 2 --text "- Checking BIND status" --result "NOT FOUND" --color WHITE
        fi
    fi
#
#################################################################################
#
    # Test        : NAME-4204
    # Description : Check configuration file of BIND
    if [ ${BIND_RUNNING} -eq 1 ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi
    Register --test-no NAME-4204 --preqs-met ${PREQS_MET} --weight L --network NO --description "Search BIND configuration file"
    if [ ${SKIPTEST} -eq 0 ]; then
        LogText "Test: Search BIND configuration file"
        for I in ${BIND_CONFIG_LOCS}; do
            if [ -f ${I}/named.conf ]; then
                BIND_CONFIG_LOCATION="${I}/named.conf"
                LogText "Result: found configuration file (${BIND_CONFIG_LOCATION})"
            fi
        done
        if [ ! "${BIND_CONFIG_LOCATION}" = "" ]; then
            Display --indent 4 --text "- Checking BIND configuration file" --result "FOUND" --color GREEN
          else
            Display --indent 4 --text "- Checking BIND configuration file" --result "NOT FOUND" --color YELLOW
        fi
    fi
#
#################################################################################
#
    # Test        : NAME-4206
    # Description : Check BIND configuration file consistency
    if [ ${BIND_RUNNING} -eq 1 -a ! "${BIND_CONFIG_LOCATION}" = "" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi
    Register --test-no NAME-4206 --preqs-met ${PREQS_MET} --weight L --network NO --description "Check BIND configuration consistency"
    if [ ${SKIPTEST} -eq 0 ]; then
        LogText "Test: searching for named-checkconf binary"
        if [ ! "${NAMEDCHECKCONFBINARY}" = "" ]; then
            LogText "Result: named-checkconf is installed"
            FIND=`${NAMEDCHECKCONFBINARY} ${BIND_CONFIG_LOCATION}; echo $?`
            if [ "${FIND}" = "0" ]; then
                LogText "Result: configuration file ${BIND_CONFIG_LOCATION} seems to be fine"
                Display --indent 4 --text "- Checking BIND configuration consistency" --result "OK" --color GREEN
              else
                LogText "Result: possible errors found in ${BIND_CONFIG_LOCATION}"
                Display --indent 4 --text "- Checking BIND configuration consistency" --result WARNING --color RED
                ReportWarning ${TEST_NO} "Errors discovered in BIND configuration file"
            fi
          else
            LogText "Result: named-checkconf not found, skipping test"
        fi
    fi
#
#################################################################################
#
    # Test        : NAME-4208
    # Description : Check DNS server type (master, slave, caching, forwarding)
    #Register --test-no NAME-4050 --weight L --network NO --description "Check nscd status"
    #if [ ${SKIPTEST} -eq 0 ]; then
#
#################################################################################
#
    # Test        : NAME-4210
    # Description : Check if we can determine useful information from banner
    if [ ${BIND_RUNNING} -eq 1 -a ! "${BIND_CONFIG_LOCATION}" = "" -a ! "${DIGBINARY}" = "" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi
    Register --test-no NAME-4210 --preqs-met ${PREQS_MET} --weight L --network NO --description "Check DNS banner"
    if [ ${SKIPTEST} -eq 0 ]; then
        LogText "Test: Trying to determine version from banner"
        FIND=`${DIGBINARY} @localhost version.bind chaos txt | grep "^version.bind" | grep TXT | egrep "[0-9].[0-9].[0-9]*"`
        if [ "${FIND}" = "" ]; then
            LogText "Result: no useful information in banner found"
            Display --indent 4 --text "- Checking BIND version in banner" --result "OK" --color GREEN
            AddHP 2 2
          else
            LogText "Result: possible BIND version available in version banner"
            Display --indent 4 --text "- Checking BIND version in banner" --result WARNING --color RED
            ReportWarning ${TEST_NO} "M" "Found BIND version in banner"
            ReportSuggestion ${TEST_NO} "The version in BIND can be masked by defining 'version none' in the configuration file"
            AddHP 0 2
        fi
    fi
#
#################################################################################
#
    # Test        : NAME-4212
    # Description : Check version option in BIND configuration
    #if [ ${BIND_RUNNING} -eq 1 -a ! "${BIND_CONFIG_LOCATION}" = "" -a ! "${DIGBINARY}" = "" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi
    #Register --test-no NAME-4212 --preqs-met ${PREQS_MET} --weight L --network NO --description "Check version setting in configuration"
#
#################################################################################
#
    # Test        : NAME-4220
    # Description : Check if we can perform a zone transfer of primary domain
    #Register --test-no NAME-4220 --weight L --network NO --description "Check zone transfer"
    #if [ ${SKIPTEST} -eq 0 ]; then
#
#################################################################################
#
    # Test        : NAME-4222
    # Description : Check if we can perform a zone transfer of PTR (of primary domain)
    #Register --test-no NAME-4222 --weight L --network NO --description "Check zone transfer"
    #if [ ${SKIPTEST} -eq 0 ]; then
#
#################################################################################
#
    # Test        : NAME-4230
    # Description : Check if PowerDNS is running
    Register --test-no NAME-4230 --weight L --network NO --description "Check PowerDNS status"
    if [ ${SKIPTEST} -eq 0 ]; then
        LogText "Test: Checking for running PowerDNS instance"
        IsRunning pdns_server
        if [ ${RUNNING} -eq 1 ]; then
            LogText "Result: found PowerDNS process"
            Display --indent 2 --text "- Checking PowerDNS status" --result "RUNNING" --color GREEN
            POWERDNS_RUNNING=1
          else
            LogText "Result: PowerDNS not running"
            Display --indent 2 --text "- Checking PowerDNS status" --result "NOT FOUND" --color WHITE
        fi
    fi
#
#################################################################################
#
    # Test        : NAME-4232
    # Description : Check PowerDNS configuration file
    if [ ${POWERDNS_RUNNING} -eq 1 ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi
    Register --test-no NAME-4232 --preqs-met ${PREQS_MET} --weight L --network NO --description "Search PowerDNS configuration file"
    if [ ${SKIPTEST} -eq 0 ]; then
        LogText "Test: Search PowerDNS configuration file"
        for I in ${POWERDNS_CONFIG_LOCS}; do
            if [ -f ${I}/pdns.conf ]; then
                POWERDNS_AUTH_CONFIG_LOCATION="${I}/pdns.conf"
                LogText "Result: found configuration file (${POWERDNS_AUTH_CONFIG_LOCATION})"
            fi
        done
        if [ ! "${POWERDNS_AUTH_CONFIG_LOCATION}" = "" ]; then
            Display --indent 4 --text "- Checking PowerDNS configuration file" --result "FOUND" --color GREEN
          else
            Display --indent 4 --text "- Checking PowerDNS configuration file" --result "NOT FOUND" --color YELLOW
        fi
    fi
#
#################################################################################
#
#    # Test        : NAME-4234
#    # Description : Check PowerDNS configuration file consistency
#    if [ ${POWERDNS_RUNNING} -eq 1 -a ! "${POWERDNS_AUTH_CONFIG_LOCATION}" = "" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi
#    Register --test-no NAME-4234 --weight L --network NO --description "Check PowerDNS configuration consistency"
#    if [ ${SKIPTEST} -eq 0 ]; then
#    fi
#
#################################################################################
#
    # Test        : NAME-4236
    # Description : Check PowerDNS server backends
    if [ ${POWERDNS_RUNNING} -eq 1 -a ! "${POWERDNS_AUTH_CONFIG_LOCATION}" = "" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi
    Register --test-no NAME-4236 --preqs-met ${PREQS_MET} --weight L --network NO --description "Check PowerDNS backends"
    if [ ${SKIPTEST} -eq 0 ]; then
        LogText "Test: Checking for PowerDNS backends"
        FIND=`awk -F= '/^launch/ { print $2 }' ${POWERDNS_AUTH_CONFIG_LOCATION}`
        if [ ! "${FIND}" = "" ]; then
            for I in ${FIND}; do
                LogText "Found backend: ${I}"
            done
            Display --indent 4 --text "- Checking PowerDNS backends" --result "FOUND" --color GREEN
          else
            LogText "Result: no PowerDNS backends found"
            Display --indent 4 --text "- Checking PowerDNS backends" --result "NOT FOUND" --color YELLOW
        fi
    fi
#
#################################################################################
#
    # Test        : NAME-4238
    # Description : Check PowerDNS authoritive status
    if [ ${POWERDNS_RUNNING} -eq 1 -a ! "${POWERDNS_AUTH_CONFIG_LOCATION}" = "" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi
    Register --test-no NAME-4238 --preqs-met ${PREQS_MET} --weight L --network NO --description "Check PowerDNS authoritive status"
    if [ ${SKIPTEST} -eq 0 ]; then
        LogText "Test: Checking for PowerDNS master status"
        FIND=`grep "^master=yes" ${POWERDNS_AUTH_CONFIG_LOCATION}`
        if [ ! "${FIND}" = "" ]; then
            LogText "Found master=yes in configuration file"
            Display --indent 4 --text "- PowerDNS authoritive master: YES"
            POWERDNS_AUTH_MASTER=1
          else
            LogText "Result: most likely not master (no master=yes)"
            Display --indent 4 --text "- PowerDNS authoritive master: NO"
        fi
        LogText "Test: Checking for PowerDNS slave status"
        FIND=`grep "^slave=yes" ${POWERDNS_AUTH_CONFIG_LOCATION}`
        if [ ! "${FIND}" = "" ]; then
            LogText "Found slave=yes in configuration file"
            Display --indent 4 --text "- PowerDNS authoritive slave: YES"
            POWERDNS_AUTH_SLAVE=1
          else
            LogText "Result: most likely not slave (no slave=yes)"
            Display --indent 4 --text "- PowerDNS authoritive slave: NO"
        fi
    fi
#
#################################################################################
#
    # Test        : NAME-4302
    # Description : Check NIS ypbind daemon status
    Register --test-no NAME-4304 --weight L --network NO --description "Check NIS ypbind status"
    if [ ${SKIPTEST} -eq 0 ]; then
        LogText "Test: Checking status of ypbind daemon"
        IsRunning ypbind
        if [ ${RUNNING} -eq 1 ]; then
            LogText "Result: ypbind is running"
            Display --indent 2 --text "- Checking ypbind status" --result "FOUND" --color GREEN
            YPBIND_RUNNING=1
            IsRunning ypldap
            if [ ${RUNNING} -eq 1 ]; then
                LogText "Result: ypldap is running"
                Display --indent 2 --text "- Checking ypldap status" --result "FOUND" --color GREEN
            else
                ReportSuggestion "Disable the usage of NIS/NIS+ and use an alternative like LDAP or Kerberos instead"
            fi
          else
            LogText "Result: ypbind is not active"
            Display --indent 2 --text "- Checking ypbind status" --result "NOT FOUND" --color WHITE
        fi
    fi
#
#################################################################################
#
    # Test        : NAME-4306
    # Description : Check NIS domain
    # Notes       : FreeBSD: sysctl kern.domainname
    if [ ${YPBIND_RUNNING} -eq 1 ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi
    Register --test-no NAME-4306 --preqs-met ${PREQS_MET} --weight L --network NO --description "Check NIS domain"
    if [ ${SKIPTEST} -eq 0 ]; then
        LogText "Test: Checking `domainname` for NIS domain value"
        FIND=`${DOMAINNAMEBINARY} | grep -v "(none)"`
        if [ ! "${FIND}" = "" ]; then
            LogText "Value: ${FIND}"
            NISDOMAIN="${FIND}"
          else
            LogText "Result: no NIS domain found in command output"
        fi
        # Solaris / Linux style
        LogText "Test: Checking file /etc/defaultdomain"
        if [ -f /etc/defaultdomain ]; then
            LogText "Result: file /etc/defaultdomain exists"
            FIND2=`cat /etc/defaultdomain`
            if [ ! "${FIND2}" = "" ]; then
                LogText "Output: ${FIND2}"
                NISDOMAIN="${FIND2}"
              else
                LogText "Result: no NIS domain found in file"
            fi
        fi
        # Red Hat style
        LogText "Test: checking /etc/sysconfig/network"
        if [ -f /etc/sysconfig/network ]; then
            LogText "Result: file /etc/sysconfig/network exists"
            LogText "Test: checking NISDOMAIN value in file"
            FIND3=`grep "^NISDOMAIN" /etc/sysconfig/network | awk -F= '{ print $2 }' | sed 's/"//g'`
            if [ ! "${FIND3}" = "" ]; then
                LogText "Found NIS domain: ${FIND3}"
                NISDOMAIN="${FIND3}"
              else
                LogText "Result: No NIS domain found in file"
            fi
          else
            LogText "Result: file /etc/sysconfig/network does not exist"
        fi

        if [ ! "${SYSCTLBINARY}" = "" ]; then
            # Check sysctl (e.g. FreeBSD)
            LogText "Test: checking sysctl for kern.domainname"
            FIND=`${SYSCTLBINARY} -a 2>&1 | grep "^kern.domainname" | awk -F: '{ print $2 }' | sed 's/ //g' | grep -v "^$"`
            if [ ! "${FIND}" = "" ]; then
                LogText "Result: found NIS domain via sysctl"
                NISDOMAIN="${FIND}"
            fi
        fi
        # Check if we found any NIS domain
        if [ ! "${NISDOMAIN}" = "" ]; then
            LogText "Found NIS domain: ${NISDOMAIN}"
            Report "nisdomain=${NISDOMAIN}"
            Display --indent 4 --text "- Checking NIS domain" --result "FOUND" --color GREEN
          else
            LogText "Result: No NIS domain found"
            Display --indent 4 --text "- Checking NIS domain" --result "UNKNOWN" --color YELLOW
        fi
    fi
#
#################################################################################
#
    if [ -f /etc/hosts ]; then
      Display --indent 2 --text "- Checking /etc/hosts"
    fi

    # Test        : NAME-4402
    # Description : Check /etc/hosts configuration
    Register --test-no NAME-4402 --weight L --network NO --description "Check duplicate line in /etc/hosts"
    if [ ${SKIPTEST} -eq 0 ]; then
        LogText "Test: check duplicate line in /etc/hosts"
        if [ -f /etc/hosts ]; then
            sFIND=`egrep -v '^(#|$)' /etc/hosts | awk '{ print $1, $2 }' | sort | uniq -d`
            if [ "${sFIND}" = "" ]; then
                LogText "Result: OK, no duplicate lines found"
                Display --indent 4 --text "- Checking /etc/hosts (duplicates)" --result OK --color GREEN
              else
                LogText "Found duplicate line: ${sFIND}"
                LogText "Result: found duplicate line"
                Display --indent 4 --text "- Checking /etc/hosts (duplicates)" --result SUGGESTION --color YELLOW
                ReportSuggestion "${TEST_NO}" "Remove duplicate lines in /etc/hosts"
            fi
        else
          LogText "Result: /etc/hosts not found, test skipped"
          Display --indent 4 --text "Searching duplicate line" --result "SKIPPED" --color YELLOW
        fi
     fi
#
#################################################################################
#
    # Test        : NAME-4404
    # Description : Check /etc/hosts contains an entry for this server name
    if [ ! "${HOSTNAME}" = "" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi
    Register --test-no NAME-4404 --preqs-met ${PREQS_MET} --weight L --network NO --description "Check /etc/hosts contains an entry for this server name"
    if [ ${SKIPTEST} -eq 0 ]; then
        LogText "Test: Check /etc/hosts contains an entry for this server name"
        if [ -f /etc/hosts ]; then
            sFIND=`egrep -v '^(#|$|^::1\s|localhost)' /etc/hosts | grep -i ${HOSTNAME}`
            if [ "${sFIND}" != "" ]; then
                LogText "Result: Found entry for ${HOSTNAME} in /etc/hosts"
                Display --indent 4 --text "- Checking /etc/hosts (hostname)" --result OK --color GREEN
              else
                LogText "Result: No entry found for ${HOSTNAME} in /etc/hosts"
                Display --indent 4 --text "- Checking /etc/hosts (hostname)" --result SUGGESTION --color YELLOW
                ReportSuggestion ${TEST_NO} "Add the IP name and FQDN to /etc/hosts for proper name resolving"
                LogText "Risk: No entry for the server name [hostname] in /etc/hosts may cause unexpected performance problems for local connections"
            fi
         fi
     fi
#
#################################################################################
#
    # Test        : NAME-4406
    # Description : Check server hostname mapping
    if [ ! "${HOSTNAME}" = "" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi
    Register --test-no NAME-4406 --preqs-met ${PREQS_MET} --weight L --network NO --description "Check server hostname mapping"
    if [ ${SKIPTEST} -eq 0 ]; then
        LogText "Test: Check server hostname not locally mapped in /etc/hosts"
        sFIND=`egrep -v '^(#|$)' /etc/hosts | egrep '^(localhost|::1)\s' | grep -w ${HOSTNAME}`
        if  [ ! "${sFIND}" = "" ]; then
          LogText "Result: Found this server hostname mapped to a local address"
          LogText "Output: ${sFIND}"
          Display --indent 4 --text "- Checking /etc/hosts (localhost)" --result SUGGESTION --color YELLOW
          LogText "Information: Linking the hostname to the localhost entry may break some resolving. Split resolving so that localhost resolves back to 127.0.0.1 (and ::1) and the hostname of the machine to the real IP address on the network interface."
          ReportSuggestion ${TEST_NO} "Split resolving between localhost and the hostname of the system"
        else
          LogText "Result: this server hostname is not mapped to a local address"
          Display --indent 4 --text "- Checking /etc/hosts (localhost)" --result OK --color GREEN
        fi
    fi
#
#################################################################################
#

report ="name_cache_used=${NAME_CACHE_USED}"
wait_for_keypress

#
#================================================================================
# Lynis - Security Auditing and System Hardening for Linux and UNIX - https://cisofy.com
