mirror of
https://github.com/ovh/debian-cis.git
synced 2024-12-25 23:35:36 +01:00
IMP(shellcheck): replace deprecated egrep (SC2196)
This commit is contained in:
parent
1c56bd9930
commit
36528b55e0
@ -27,7 +27,7 @@ ACCEPTED_SHELLS_GREP=''
|
||||
audit() {
|
||||
shells_to_grep_helper
|
||||
info "Checking if admin accounts have a login shell different than $ACCEPTED_SHELLS"
|
||||
RESULT=$(egrep -v "^\+" $FILE | awk -F: '($1!="root" && $1!="sync" && $1!="shutdown" && $1!="halt" && $3<1000 ) {print}' | grep -v $ACCEPTED_SHELLS_GREP || true)
|
||||
RESULT=$(grep -Ev "^\+" $FILE | awk -F: '($1!="root" && $1!="sync" && $1!="shutdown" && $1!="halt" && $3<1000 ) {print}' | grep -v $ACCEPTED_SHELLS_GREP || true)
|
||||
IFS_BAK=$IFS
|
||||
IFS=$'\n'
|
||||
for LINE in $RESULT; do
|
||||
@ -54,7 +54,7 @@ audit() {
|
||||
|
||||
# This function will be called if the script status is on enabled mode
|
||||
apply() {
|
||||
RESULT=$(egrep -v "^\+" $FILE | awk -F: '($1!="root" && $1!="sync" && $1!="shutdown" && $1!="halt" && $3<1000 ) {print}' | grep -v $ACCEPTED_SHELLS_GREP || true)
|
||||
RESULT=$(grep -Ev "^\+" $FILE | awk -F: '($1!="root" && $1!="sync" && $1!="shutdown" && $1!="halt" && $3<1000 ) {print}' | grep -v $ACCEPTED_SHELLS_GREP || true)
|
||||
IFS_BAK=$IFS
|
||||
IFS=$'\n'
|
||||
for LINE in $RESULT; do
|
||||
|
@ -21,7 +21,7 @@ ERRORS=0
|
||||
|
||||
# This function will be called if the script status is on enabled / audit mode
|
||||
audit() {
|
||||
for DIR in $(get_db passwd | egrep -v '(root|halt|sync|shutdown)' | awk -F: '($7 != "/usr/sbin/nologin" && $7 != "/bin/false" && $7 !="/nonexistent" ) { print $6 }'); do
|
||||
for DIR in $(get_db passwd | grep -Ev '(root|halt|sync|shutdown)' | awk -F: '($7 != "/usr/sbin/nologin" && $7 != "/bin/false" && $7 !="/nonexistent" ) { print $6 }'); do
|
||||
debug "Working on $DIR"
|
||||
for FILE in "$DIR"/.[A-Za-z0-9]*; do
|
||||
if [ ! -h "$FILE" ] && [ -f "$FILE" ]; then
|
||||
@ -45,7 +45,7 @@ audit() {
|
||||
|
||||
# This function will be called if the script status is on enabled mode
|
||||
apply() {
|
||||
for DIR in $(get_db passwd | egrep -v '(root|halt|sync|shutdown)' | awk -F: '($7 != "/usr/sbin/nologin" && $7 != "/bin/false" && $7 !="/nonexistent" ) { print $6 }'); do
|
||||
for DIR in $(get_db passwd | grep -Ev '(root|halt|sync|shutdown)' | awk -F: '($7 != "/usr/sbin/nologin" && $7 != "/bin/false" && $7 !="/nonexistent" ) { print $6 }'); do
|
||||
for FILE in "$DIR"/.[A-Za-z0-9]*; do
|
||||
if [ ! -h "$FILE" ] && [ -f "$FILE" ]; then
|
||||
FILEPERM=$(ls -ld "$FILE" | cut -f1 -d" ")
|
||||
|
@ -22,7 +22,7 @@ FILENAME='.forward'
|
||||
|
||||
# This function will be called if the script status is on enabled / audit mode
|
||||
audit() {
|
||||
for DIR in $(get_db passwd | egrep -v '(root|halt|sync|shutdown)' | awk -F: '($7 != "/usr/sbin/nologin" && $7 != "/bin/false" && $7 !="/nonexistent" ) { print $6 }'); do
|
||||
for DIR in $(get_db passwd | grep -Ev '(root|halt|sync|shutdown)' | awk -F: '($7 != "/usr/sbin/nologin" && $7 != "/bin/false" && $7 !="/nonexistent" ) { print $6 }'); do
|
||||
debug "Working on $DIR"
|
||||
for FILE in $DIR/$FILENAME; do
|
||||
if [ ! -h "$FILE" ] && [ -f "$FILE" ]; then
|
||||
|
@ -22,7 +22,7 @@ FILENAME='.netrc'
|
||||
|
||||
# This function will be called if the script status is on enabled / audit mode
|
||||
audit() {
|
||||
for DIR in $(get_db passwd | egrep -v '(root|halt|sync|shutdown)' | awk -F: '($7 != "/usr/sbin/nologin" && $7 != "/bin/false" && $7 !="/nonexistent" ) { print $6 }'); do
|
||||
for DIR in $(get_db passwd | grep -Ev '(root|halt|sync|shutdown)' | awk -F: '($7 != "/usr/sbin/nologin" && $7 != "/bin/false" && $7 !="/nonexistent" ) { print $6 }'); do
|
||||
debug "Working on $DIR"
|
||||
for FILE in $DIR/$FILENAME; do
|
||||
if [ ! -h "$FILE" ] && [ -f "$FILE" ]; then
|
||||
|
@ -22,7 +22,7 @@ ERRORS=0
|
||||
|
||||
# This function will be called if the script status is on enabled / audit mode
|
||||
audit() {
|
||||
for DIR in $(get_db passwd | egrep -v '(root|halt|sync|shutdown)' | awk -F: '($7 != "/usr/sbin/nologin" && $7 != "/bin/false" && $7 !="/nonexistent" ) { print $6 }'); do
|
||||
for DIR in $(get_db passwd | grep -Ev '(root|halt|sync|shutdown)' | awk -F: '($7 != "/usr/sbin/nologin" && $7 != "/bin/false" && $7 !="/nonexistent" ) { print $6 }'); do
|
||||
debug "Working on $DIR"
|
||||
for FILE in $DIR/.netrc; do
|
||||
if [ ! -h "$FILE" ] && [ -f "$FILE" ]; then
|
||||
@ -45,7 +45,7 @@ audit() {
|
||||
|
||||
# This function will be called if the script status is on enabled mode
|
||||
apply() {
|
||||
for DIR in $(cat /etc/passwd | egrep -v '(root|halt|sync|shutdown)' | awk -F: '($7 != "/usr/sbin/nologin" && $7 != "/bin/false" && $7 !="/nonexistent" ) { print $6 }'); do
|
||||
for DIR in $(cat /etc/passwd | grep -Ev '(root|halt|sync|shutdown)' | awk -F: '($7 != "/usr/sbin/nologin" && $7 != "/bin/false" && $7 !="/nonexistent" ) { print $6 }'); do
|
||||
debug "Working on $DIR"
|
||||
for FILE in $DIR/.netrc; do
|
||||
if [ ! -h "$FILE" ] && [ -f "$FILE" ]; then
|
||||
|
@ -22,7 +22,7 @@ FILENAME=".rhosts"
|
||||
|
||||
# This function will be called if the script status is on enabled / audit mode
|
||||
audit() {
|
||||
for DIR in $(get_db passwd | egrep -v '(root|halt|sync|shutdown)' | awk -F: '($7 != "/usr/sbin/nologin" && $7 != "/bin/false" && $7 !="/nonexistent" ) { print $6 }'); do
|
||||
for DIR in $(get_db passwd | grep -Ev '(root|halt|sync|shutdown)' | awk -F: '($7 != "/usr/sbin/nologin" && $7 != "/bin/false" && $7 !="/nonexistent" ) { print $6 }'); do
|
||||
debug "Working on $DIR"
|
||||
for FILE in $DIR/$FILENAME; do
|
||||
if [ ! -h "$FILE" ] && [ -f "$FILE" ]; then
|
||||
|
@ -21,7 +21,7 @@ ERRORS=0
|
||||
|
||||
# This function will be called if the script status is on enabled / audit mode
|
||||
audit() {
|
||||
for dir in $(get_db passwd | /bin/egrep -v '(root|halt|sync|shutdown)' | awk -F: '($7 != "/usr/sbin/nologin" && $7 != "/sbin/nologin" && $7 != "/bin/false" && $7 !="/nonexistent" ) { print $6 }'); do
|
||||
for dir in $(get_db passwd | grep -Ev '(root|halt|sync|shutdown)' | awk -F: '($7 != "/usr/sbin/nologin" && $7 != "/sbin/nologin" && $7 != "/bin/false" && $7 !="/nonexistent" ) { print $6 }'); do
|
||||
debug "Working on $dir"
|
||||
debug "Exceptions : $EXCEPTIONS"
|
||||
debug "echo \"$EXCEPTIONS\" | grep -q $dir"
|
||||
@ -60,7 +60,7 @@ audit() {
|
||||
|
||||
# This function will be called if the script status is on enabled mode
|
||||
apply() {
|
||||
for dir in $(get_db passwd | /bin/egrep -v '(root|halt|sync|shutdown)' | awk -F: '($7 != "/usr/sbin/nologin" && $7 != "/sbin/nologin" && $7 != "/bin/false" && $7 !="/nonexistent" ) { print $6 }'); do
|
||||
for dir in $(get_db passwd | grep -Ev '(root|halt|sync|shutdown)' | awk -F: '($7 != "/usr/sbin/nologin" && $7 != "/sbin/nologin" && $7 != "/bin/false" && $7 !="/nonexistent" ) { print $6 }'); do
|
||||
debug "Working on $dir"
|
||||
debug "Exceptions : $EXCEPTIONS"
|
||||
debug "echo \"$EXCEPTIONS\" | grep -q $dir"
|
||||
|
Loading…
Reference in New Issue
Block a user