FIX(8.2.x): fix grep and find in audit scripts

2024-11-22 13:37:02 +01:00 · 2019-03-18 16:19:05 +01:00 · 2019-03-18 16:19:05 +01:00 · 02673826a0
commit 02673826a0
parent d5d5a39109
3 changed files with 3 additions and 4 deletions
--- a/bin/hardening/8.2.4_set_logfile_perm.sh
+++ b/bin/hardening/8.2.4_set_logfile_perm.sh
@ -31,7 +31,7 @@ audit () {
            warn "$FILE does not exist"
        else
            FOUND_EXC=0
-            if grep "$FILE" <(tr ' ' '\n' <<< "$EXCEPTIONS" | cut -d ":" -f 1); then
+            if grep -q "$FILE" <(tr ' ' '\n' <<< "$EXCEPTIONS" | cut -d ":" -f 1); then
                debug "$FILE is found in exceptions"
                debug "Setting special user:group:perm"
                FOUND_EXC=1
@ -73,7 +73,7 @@ apply () {
            filedir=$(dirname "${FILE#/var/log/}")
            if [ ! "$filedir" = "." ] && [ ! -d /var/log/"$filedir" ]; then
                debug "Creating /var/log/$filedir for $FILE"
-                debug "mkdir -p /var/log/"$filedir""
+                debug "mkdir -p /var/log/$filedir"
                mkdir -p /var/log/"$filedir"
            fi
            touch "$FILE"
--- a/bin/hardening/8.2.5_syslog-ng_remote_host.sh
+++ b/bin/hardening/8.2.5_syslog-ng_remote_host.sh
@ -19,7 +19,7 @@ PATTERN='destination[[:alnum:][:space:]*{]+(tcp|udp)[[:space:]]*\(\"[[:alnum:].]
 # This function will be called if the script status is on enabled / audit mode
 audit () {
    FOUND=0
-    FILES="$SYSLOG_BASEDIR/syslog-ng.conf $(find -L $SYSLOG_BASEDIR/conf.d/ -type f)"
+    FILES="$SYSLOG_BASEDIR/syslog-ng.conf $($SUDO_CMD find -L $SYSLOG_BASEDIR/conf.d/ -type f)"
    for FILE in $FILES; do
       does_pattern_exist_in_file_multiline "$FILE" "$PATTERN"
        if [ $FNRET = 0 ]; then
--- a/tests/hardening/8.2.5_syslog-ng_remote_host.sh
+++ b/tests/hardening/8.2.5_syslog-ng_remote_host.sh
@ -1,6 +1,5 @@
 # run-shellcheck
 test_audit() {
 #set -x
    describe Running on blank host
    register_test retvalshouldbe 1