fix: --set-hardening-level is messing with configuration files (#285)

fix issue #275 Co-authored-by: damien cavagnini <damien.cavagnini@corp.ovh.com>
2025-08-30 19:34:07 +02:00 · 2025-08-07 17:03:09 +02:00
parent 4b4faf62b3
commit 1926758707
1 changed files with 1 additions and 1 deletions
--- a/bin/hardening.sh
+++ b/bin/hardening.sh
@@ -304,7 +304,7 @@ if [ -n "$SET_HARDENING_LEVEL" ] && [ "$SET_HARDENING_LEVEL" != 0 ]; then
        fi
        wantedstatus=disabled
        [ "$script_level" -le "$SET_HARDENING_LEVEL" ] && wantedstatus=enabled
-        sed -i -re "s/^status=.+/status=$wantedstatus/" "${CIS_CONF_DIR}/conf.d/$SCRIPT_BASENAME.cfg"
+        sed --follow-symlinks -i -re "s/^status=.+/status=$wantedstatus/" "${CIS_CONF_DIR}/conf.d/$SCRIPT_BASENAME.cfg"
    done
    echo "Configuration modified to enable scripts for hardening level at or below $SET_HARDENING_LEVEL"
    exit 0