From 19267587075b2a1d6a947a1600299fd2f65f72b9 Mon Sep 17 00:00:00 2001
From: damcav35 <51324122+damcav35@users.noreply.github.com>
Date: Thu, 7 Aug 2025 17:03:09 +0200
Subject: [PATCH] fix: --set-hardening-level is messing with configuration
 files (#285)

fix issue #275

Co-authored-by: damien cavagnini <damien.cavagnini@corp.ovh.com>
---
 bin/hardening.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bin/hardening.sh b/bin/hardening.sh
index 31d72ea..bf96e79 100755
--- a/bin/hardening.sh
+++ b/bin/hardening.sh
@@ -304,7 +304,7 @@ if [ -n "$SET_HARDENING_LEVEL" ] && [ "$SET_HARDENING_LEVEL" != 0 ]; then
         fi
         wantedstatus=disabled
         [ "$script_level" -le "$SET_HARDENING_LEVEL" ] && wantedstatus=enabled
-        sed -i -re "s/^status=.+/status=$wantedstatus/" "${CIS_CONF_DIR}/conf.d/$SCRIPT_BASENAME.cfg"
+        sed --follow-symlinks -i -re "s/^status=.+/status=$wantedstatus/" "${CIS_CONF_DIR}/conf.d/$SCRIPT_BASENAME.cfg"
     done
     echo "Configuration modified to enable scripts for hardening level at or below $SET_HARDENING_LEVEL"
     exit 0