From 0c053eef560c874885070d821307fd7fc84cb00e Mon Sep 17 00:00:00 2001
From: "thibault.dewailly" <thibault.dewailly@ovh.net>
Date: Fri, 10 Mar 2017 17:26:55 +0100
Subject: [PATCH] [10.2] Fixed result parsing in case of spaces in passwd list

---
 bin/hardening/10.2_disable_system_accounts.sh | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/bin/hardening/10.2_disable_system_accounts.sh b/bin/hardening/10.2_disable_system_accounts.sh
index 8b5ec97..38e4e05 100755
--- a/bin/hardening/10.2_disable_system_accounts.sh
+++ b/bin/hardening/10.2_disable_system_accounts.sh
@@ -18,7 +18,8 @@ RESULT=''
 # This function will be called if the script status is on enabled / audit mode
 audit () {
     info "Checking if admin accounts have a login shell different than $SHELL"
-    RESULT=$(egrep -v "^\+" $FILE | awk -F: '($1!="root" && $1!="sync" && $1!="shutdown" && $1!="halt" && $3<1000 && $7!="/usr/sbin/nologin" && $7!="/bin/false") {print}') 
+    RESULT=$(egrep -v "^\+" $FILE | awk -F: '($1!="root" && $1!="sync" && $1!="shutdown" && $1!="halt" && $3<1000 && $7!="/usr/sbin/nologin" && $7!="/bin/false") {print}')
+    IFS=$'\n'
     for LINE in $RESULT; do
         debug "line : $LINE"
         ACCOUNT=$( echo $LINE | cut -d: -f 1 )
@@ -43,6 +44,7 @@ audit () {
 # This function will be called if the script status is on enabled mode
 apply () {
     RESULT=$(egrep -v "^\+" $FILE | awk -F: '($1!="root" && $1!="sync" && $1!="shutdown" && $1!="halt" && $3<1000 && $7!="/usr/sbin/nologin" && $7!="/bin/false") {print}')
+    IFS=$'\n'
     for LINE in $RESULT; do
         debug "line : $LINE"
         ACCOUNT=$( echo $LINE | cut -d: -f 1 )
@@ -85,7 +87,7 @@ else
         echo "No CIS_ROOT_DIR variable, aborting"
         exit 128
     fi
-fi 
+fi
 
 # Main function, will call the proper functions given the configuration (audit, enabled, disabled)
 if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then