This file is indexed.

/usr/lib/tiger/scripts/check_xinetd is in tiger 1:3.2.3-10.

This file is owned by root:root, with mode 0o755.

The actual contents of the file can be viewed below.

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
#!/bin/sh
#
#     tiger - A UN*X security checking system
#     Copyright (C) 2003 Michael Sconzo, Javier Fernandez-Sanguino Peña
#
#    This program is free software; you can redistribute it and/or modify
#    it under the terms of the GNU General Public License as published by
#    the Free Software Foundation; either version 1, or (at your option)
#    any later version.
#
#    This program is distributed in the hope that it will be useful,
#    but WITHOUT ANY WARRANTY; without even the implied warranty of
#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#    GNU General Public License for more details.
#
#     Please see the file `COPYING' for the complete copyright notice.
#
#  check_xinetd - 02/11/2003
# 
#  Checks which xinetd services are enabled or disabled.
#
#  11/08/2007 - jfs - Change message calls so that they can be filtered 
#                     (Debian bug #411534)
#  11/19/2003 - jfs - Added more verbose check if the configuration file
#              does not exist. Fix syntax error. Thanks to Ryan Bradetich.
#  08/19/2003 - jfs - Allow override of XINETDCONF and fix error
#  08/12/2003 - jfs - Now write messages for disabled services too. Also
#               fixed some errors.
#  08/11/2003 - jfs - Fixed dependancies. Now uses XINETDCONF instead of 
#               hardcoding the location. Added additional checks
#               to avoid errors and use message instead of echo.
#
#-----------------------------------------------------------------------------
# TODO:
#
# - xinetd checks should determine if insecure services are active or
#   running as root when not needed.
# - check if the xinetd configuration file is writable
# - check if the xinetd files under the xinetd directory are writable 
# - it could also check vs the tiger's provided operating system's
#   XINETDFILE to determine changes in services just as check_inetd does
#
#-----------------------------------------------------------------------------
#
TigerInstallDir="/usr/lib/tiger"

#
# Set default base directory.
# Order or preference:
#      -B option
#      TIGERHOMEDIR environment variable
#      TigerInstallDir installed location
#
basedir=${TIGERHOMEDIR:=$TigerInstallDir}

for parm
do
   case $parm in
   -B) basedir=$2; break;;
   esac
done
#
# Verify that a config file exists there, and if it does
# source it.
#
[ ! -r $basedir/config ] && {
  echo "--ERROR-- [init002e] No 'config' file in \`$basedir'."
  exit 1
}
. $basedir/config

. $BASEDIR/initdefs
#
# If run in test mode (-t) this will verify that all required
# elements are set.
#
[ "$Tiger_TESTMODE" = 'Y' ] && {
  haveallcmds GREP AWK LS || exit 1
  haveallfiles BASEDIR || exit 1
  
  echo "--CONFIG-- [init003c] $0: Configuration ok..."
  exit 0
}

#------------------------------------------------------------------------
haveallcmds GREP AWK LS || exit 1
# TODO add XINETDCONF to haveallfiles when it's defined in the config
# scripts for all systems
haveallfiles BASEDIR || exit 1

echo
echo "# Performing check of 'xinetd' related services..."

check_xinetconfig()
{
	xinetd_dir="$1"
	$LS $xinetd_dir |
	while read file
	do
		if [ "`$GREP -i 'disable' $xinetd_dir/$file | $AWK '{print $NF}'`" = "no" ] ; 
		then
			service=`$GREP -w 'server' $file | $GREP '=' | $AWK '{print $NF}'`
			message INFO xnet004i "" "Service $file is enabled using: $service."
		else
			message INFO xnet005i "" "Service $file is disabled."
		fi
	done
}

[ -z "$XINETDCONF" ] && XINETDCONF="/etc/xinetd.conf"

if [ -r "$XINETDCONF" ] ; then
	$GREP 'includedir' $XINETDCONF | $AWK '{print $NF}' |
	while read xinetd_directory
	do
		if [ -d "$xinetd_directory" ] 
		then
			check_xinetconfig $xinetd_directory
		else
			message ERROR xnet002e "" "The location included in $XINETDCONF is not a directory"
		fi
	done
else
	if [ ! -f "$XINETDCONF" ] ; then
		message ERROR xnet001e "" "It appears that xinetd is not installed, cannot find file $XINETDCONF."
	else
	        message ERROR xnet003e "" "Cannot read file $XINETDCONF."
	fi
fi