From 03aaae2bc3a405628d059ae66dfd00459598e617 Mon Sep 17 00:00:00 2001 From: thomashaw Date: Fri, 24 Mar 2017 15:30:30 +0000 Subject: [PATCH] xfce desktop environment: extracted out auto login as root into vulnerability module --- .../unix/desktop/xfce/manifests/install.pp | 6 ----- .../manifests/configure.pp | 5 +++++ .../secgen_metadata.xml | 22 +++++++++++++++++++ .../xfce_lightdm_root_login.pp | 1 + .../xfce_lightdm_root_login.xml | 16 ++++++++++++++ .../security_audit/team_project_scenario.xml | 2 +- 6 files changed, 45 insertions(+), 7 deletions(-) create mode 100644 modules/vulnerabilities/unix/desktop/xfce_lightdm_root_login/manifests/configure.pp create mode 100644 modules/vulnerabilities/unix/desktop/xfce_lightdm_root_login/secgen_metadata.xml create mode 100644 modules/vulnerabilities/unix/desktop/xfce_lightdm_root_login/xfce_lightdm_root_login.pp create mode 100644 scenarios/examples/vulnerability_examples/xfce_lightdm_root_login.xml diff --git a/modules/utilities/unix/desktop/xfce/manifests/install.pp b/modules/utilities/unix/desktop/xfce/manifests/install.pp index 61a6f4353..7448404f6 100644 --- a/modules/utilities/unix/desktop/xfce/manifests/install.pp +++ b/modules/utilities/unix/desktop/xfce/manifests/install.pp @@ -1,11 +1,5 @@ class xfce::install{ - package { ['xfce4','lightdm']: ensure => 'installed', } - - exec { 'lightdm-autologin-root': - require => Package['lightdm'], - command => "/bin/sed -i \'/\\[SeatDefaults\\]/a autologin-user=root\' /etc/lightdm/lightdm.conf" - } } diff --git a/modules/vulnerabilities/unix/desktop/xfce_lightdm_root_login/manifests/configure.pp b/modules/vulnerabilities/unix/desktop/xfce_lightdm_root_login/manifests/configure.pp new file mode 100644 index 000000000..0fde35705 --- /dev/null +++ b/modules/vulnerabilities/unix/desktop/xfce_lightdm_root_login/manifests/configure.pp @@ -0,0 +1,5 @@ +class xfce_lightdm_root_login::configure { + exec { 'lightdm-autologin-root': + command => "/bin/sed -i \'/\\[SeatDefaults\\]/a autologin-user=root\' /etc/lightdm/lightdm.conf" + } +} diff --git a/modules/vulnerabilities/unix/desktop/xfce_lightdm_root_login/secgen_metadata.xml b/modules/vulnerabilities/unix/desktop/xfce_lightdm_root_login/secgen_metadata.xml new file mode 100644 index 000000000..38c7d611d --- /dev/null +++ b/modules/vulnerabilities/unix/desktop/xfce_lightdm_root_login/secgen_metadata.xml @@ -0,0 +1,22 @@ + + + + XFCE w/ LightDM Root Login + Thomas Shaw + MIT + Configures XFCE w/ LightDM to automatically login as root without a password. + + desktop_environment + root_rwx + local + linux + + + update + + + modules/utilities/unix/desktop/xfce + + diff --git a/modules/vulnerabilities/unix/desktop/xfce_lightdm_root_login/xfce_lightdm_root_login.pp b/modules/vulnerabilities/unix/desktop/xfce_lightdm_root_login/xfce_lightdm_root_login.pp new file mode 100644 index 000000000..654f73836 --- /dev/null +++ b/modules/vulnerabilities/unix/desktop/xfce_lightdm_root_login/xfce_lightdm_root_login.pp @@ -0,0 +1 @@ +include xfce_lightdm_root_login::configure diff --git a/scenarios/examples/vulnerability_examples/xfce_lightdm_root_login.xml b/scenarios/examples/vulnerability_examples/xfce_lightdm_root_login.xml new file mode 100644 index 000000000..95af0365e --- /dev/null +++ b/scenarios/examples/vulnerability_examples/xfce_lightdm_root_login.xml @@ -0,0 +1,16 @@ + + + + + + xfce_lightdm_root_login + + + + + + + + diff --git a/scenarios/security_audit/team_project_scenario.xml b/scenarios/security_audit/team_project_scenario.xml index 41c9bef1f..023d249ef 100644 --- a/scenarios/security_audit/team_project_scenario.xml +++ b/scenarios/security_audit/team_project_scenario.xml @@ -264,7 +264,7 @@ desktop - +