debian-cis/bin/hardening/4.1.1.1_install_auditd.sh

#!/bin/bash

# run-shellcheck
#
# CIS Debian Hardening
#

#
# 4.1.1.1 Ensure auditing is installed (Scored)
#

set -e # One error, it's over
set -u # One variable unset, it's over

# shellcheck disable=2034
HARDENING_LEVEL=4
# shellcheck disable=2034
DESCRIPTION="Install auditd."

PACKAGE="auditd"

# This function will be called if the script status is on enabled / audit mode
audit() {
    is_pkg_installed "$PACKAGE"
    if [ "$FNRET" != 0 ]; then
        crit "$PACKAGE is not installed!"
    else
        ok "$PACKAGE is installed"
    fi
}

# This function will be called if the script status is on enabled mode
apply() {
    is_pkg_installed "$PACKAGE"
    if [ "$FNRET" = 0 ]; then
        ok "$PACKAGE is installed"
    else
        warn "$PACKAGE is absent, installing it"
        apt_install "$PACKAGE"
    fi
}

# This function will check config parameters required
check_config() {
    :
}

# Source Root Dir Parameter
if [ -r /etc/default/cis-hardening ]; then
    # shellcheck source=../../debian/default
    . /etc/default/cis-hardening
fi
if [ -z "$CIS_LIB_DIR" ]; then
    echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment."
    echo "Cannot source CIS_LIB_DIR variable, aborting."
    exit 128
fi

# Main function, will call the proper functions given the configuration (audit, enabled, disabled)
if [ -r "${CIS_LIB_DIR}"/main.sh ]; then
    # shellcheck source=../../lib/main.sh
    . "${CIS_LIB_DIR}"/main.sh
else
    echo "Cannot find main.sh, have you correctly defined your root directory? Current value is $CIS_LIB_DIR in /etc/default/cis-hardening"
    exit 128
fi
Add new checks (blank for now) 2020-12-22 14:42:45 +01:00			`#!/bin/bash`

			`# run-shellcheck`
			`#`
			`# CIS Debian Hardening`
			`#`

			`#`
			`# 4.1.1.1 Ensure auditing is installed (Scored)`
			`#`

			`set -e # One error, it's over`
			`set -u # One variable unset, it's over`

			`# shellcheck disable=2034`
			`HARDENING_LEVEL=4`
			`# shellcheck disable=2034`
			`DESCRIPTION="Install auditd."`

ADD(4.1.1.1): add auditd install 2020-12-24 16:20:02 +01:00			`PACKAGE="auditd"`

Add new checks (blank for now) 2020-12-22 14:42:45 +01:00			`# This function will be called if the script status is on enabled / audit mode`
Add commentaries, renum scripts 2020-12-22 15:58:10 +01:00			`audit() {`
ADD(4.1.1.1): add auditd install 2020-12-24 16:20:02 +01:00			`is_pkg_installed "$PACKAGE"`
			`if [ "$FNRET" != 0 ]; then`
			`crit "$PACKAGE is not installed!"`
			`else`
			`ok "$PACKAGE is installed"`
			`fi`
Add new checks (blank for now) 2020-12-22 14:42:45 +01:00			`}`

			`# This function will be called if the script status is on enabled mode`
Add commentaries, renum scripts 2020-12-22 15:58:10 +01:00			`apply() {`
ADD(4.1.1.1): add auditd install 2020-12-24 16:20:02 +01:00			`is_pkg_installed "$PACKAGE"`
			`if [ "$FNRET" = 0 ]; then`
			`ok "$PACKAGE is installed"`
			`else`
			`warn "$PACKAGE is absent, installing it"`
			`apt_install "$PACKAGE"`
			`fi`
Add new checks (blank for now) 2020-12-22 14:42:45 +01:00			`}`

			`# This function will check config parameters required`
			`check_config() {`
			`:`
			`}`

			`# Source Root Dir Parameter`
			`if [ -r /etc/default/cis-hardening ]; then`
			`# shellcheck source=../../debian/default`
			`. /etc/default/cis-hardening`
			`fi`
Replace CIS_ROOT_DIR by a more flexible system (#204) * Replace CIS_ROOT_DIR by a more flexible system * Try to adapt the logic change to the functional tests 2023-09-25 14:24:01 +02:00			`if [ -z "$CIS_LIB_DIR" ]; then`
Add commentaries, renum scripts 2020-12-22 15:58:10 +01:00			`echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment."`
Replace CIS_ROOT_DIR by a more flexible system (#204) * Replace CIS_ROOT_DIR by a more flexible system * Try to adapt the logic change to the functional tests 2023-09-25 14:24:01 +02:00			`echo "Cannot source CIS_LIB_DIR variable, aborting."`
Add new checks (blank for now) 2020-12-22 14:42:45 +01:00			`exit 128`
			`fi`

			`# Main function, will call the proper functions given the configuration (audit, enabled, disabled)`
Replace CIS_ROOT_DIR by a more flexible system (#204) * Replace CIS_ROOT_DIR by a more flexible system * Try to adapt the logic change to the functional tests 2023-09-25 14:24:01 +02:00			`if [ -r "${CIS_LIB_DIR}"/main.sh ]; then`
Add new checks (blank for now) 2020-12-22 14:42:45 +01:00			`# shellcheck source=../../lib/main.sh`
Replace CIS_ROOT_DIR by a more flexible system (#204) * Replace CIS_ROOT_DIR by a more flexible system * Try to adapt the logic change to the functional tests 2023-09-25 14:24:01 +02:00			`. "${CIS_LIB_DIR}"/main.sh`
Add new checks (blank for now) 2020-12-22 14:42:45 +01:00			`else`
Replace CIS_ROOT_DIR by a more flexible system (#204) * Replace CIS_ROOT_DIR by a more flexible system * Try to adapt the logic change to the functional tests 2023-09-25 14:24:01 +02:00			`echo "Cannot find main.sh, have you correctly defined your root directory? Current value is $CIS_LIB_DIR in /etc/default/cis-hardening"`
Add new checks (blank for now) 2020-12-22 14:42:45 +01:00			`exit 128`
			`fi`