From 4add6ddc33158d837072af6eca217601605fe052 Mon Sep 17 00:00:00 2001 From: Thibault Ayanides Date: Fri, 27 Nov 2020 09:22:47 +0100 Subject: [PATCH] IMP(shellcheck): add prefix to define shell (SC2148) --- lib/common.sh | 1 + lib/constants.sh | 1 + lib/main.sh | 1 + lib/utils.sh | 1 + tests/hardening/1.1.1.1_disable_freevxfs.sh | 1 + tests/hardening/1.1.1.2_disable_jffs2.sh | 1 + tests/hardening/1.1.1.3_disable_hfs.sh | 1 + tests/hardening/1.1.1.4_disable_hfsplus.sh | 1 + tests/hardening/1.1.1.5_disable_udf.sh | 1 + tests/hardening/1.1.1.6_disable_cramfs.sh | 1 + tests/hardening/1.1.1.7_disable_squashfs.sh | 1 + tests/hardening/1.1.10_var_tmp_noexec.sh | 1 + tests/hardening/1.1.11_var_log_partition.sh | 1 + tests/hardening/1.1.12_var_log_audit_partition.sh | 1 + tests/hardening/1.1.13_home_partition.sh | 1 + tests/hardening/1.1.14_home_nodev.sh | 1 + tests/hardening/1.1.15_run_shm_nodev.sh | 1 + tests/hardening/1.1.16_run_shm_nosuid.sh | 1 + tests/hardening/1.1.17_run_shm_noexec.sh | 1 + tests/hardening/1.1.18_removable_device_nodev.sh | 1 + tests/hardening/1.1.19_removable_device_nosuid.sh | 1 + tests/hardening/1.1.20_removable_device_noexec.sh | 1 + tests/hardening/1.1.21_sticky_bit_world_writable_folder.sh | 1 + tests/hardening/1.1.22_disable_automounting.sh | 1 + tests/hardening/1.1.2_tmp_partition.sh | 1 + tests/hardening/1.1.3_tmp_nodev.sh | 1 + tests/hardening/1.1.4_tmp_nosuid.sh | 1 + tests/hardening/1.1.5_tmp_noexec.sh | 1 + tests/hardening/1.1.6_var_partition.sh | 1 + tests/hardening/1.1.7_var_tmp_partition.sh | 1 + tests/hardening/1.1.8_var_tmp_nodev.sh | 1 + tests/hardening/1.1.9_var_tmp_nosuid.sh | 1 + tests/hardening/1.4.1_bootloader_ownership.sh | 1 + tests/hardening/1.4.2_bootloader_password.sh | 1 + tests/hardening/1.4.3_root_password.sh | 1 + tests/hardening/1.5.1_restrict_core_dumps.sh | 1 + tests/hardening/1.5.2_enable_nx_support.sh | 1 + tests/hardening/1.5.3_enable_randomized_vm_placement.sh | 1 + tests/hardening/1.5.4_disable_prelink.sh | 1 + tests/hardening/1.6.2.1_enable_apparmor.sh | 1 + tests/hardening/1.7.1.1_remove_os_info_motd.sh | 1 + tests/hardening/1.7.1.2_remove_os_info_issue.sh | 1 + tests/hardening/1.7.1.3_remove_os_info_issue_net.sh | 1 + tests/hardening/1.7.1.4_motd_perms.sh | 1 + tests/hardening/1.7.2_graphical_warning_banners.sh | 1 + tests/hardening/1.8_install_updates.sh | 1 + tests/hardening/2.1.1_disable_xinetd.sh | 1 + tests/hardening/2.2.1.1_use_time_sync.sh | 1 + tests/hardening/2.2.1.2_configure_ntp.sh | 1 + tests/hardening/2.2.1.3_configure_chrony.sh | 1 + tests/hardening/2.2.10_disable_http_server.sh | 1 + tests/hardening/2.2.11_disable_imap_pop.sh | 1 + tests/hardening/2.2.12_disable_samba.sh | 1 + tests/hardening/2.2.13_disable_http_proxy.sh | 1 + tests/hardening/2.2.14_disable_snmp_server.sh | 1 + tests/hardening/2.2.15_mta_localhost.sh | 1 + tests/hardening/2.2.16_disable_rsync.sh | 1 + tests/hardening/2.2.18_disable_telnet_server.sh | 1 + tests/hardening/2.2.2_disable_xwindow_system.sh | 1 + tests/hardening/2.2.3_disable_avahi_server.sh | 1 + tests/hardening/2.2.4_disable_print_server.sh | 1 + tests/hardening/2.2.5_disable_dhcp.sh | 1 + tests/hardening/2.2.6_disable_ldap.sh | 1 + tests/hardening/2.2.7_disable_nfs_rpc.sh | 1 + tests/hardening/2.2.8_disable_dns_server.sh | 1 + tests/hardening/2.2.9_disable_ftp.sh | 1 + tests/hardening/2.3.1_disable_nis.sh | 1 + tests/hardening/2.3.2_disable_rsh_client.sh | 1 + tests/hardening/2.3.3_disable_talk_client.sh | 1 + tests/hardening/2.3.4_disable_telnet_client.sh | 1 + tests/hardening/2.3.5_disable_ldap_client.sh | 1 + tests/hardening/3.1.1_disable_ip_forwarding.sh | 1 + tests/hardening/3.1.2_disable_send_packet_redirects.sh | 1 + tests/hardening/3.2.1_disable_source_routed_packets.sh | 1 + tests/hardening/3.2.2_disable_icmp_redirect.sh | 1 + tests/hardening/3.2.3_disable_secure_icmp_redirect.sh | 1 + tests/hardening/3.2.4_log_martian_packets.sh | 1 + tests/hardening/3.2.5_ignore_broadcast_requests.sh | 1 + tests/hardening/3.2.6_enable_bad_error_message_protection.sh | 1 + tests/hardening/3.2.7_enable_source_route_validation.sh | 1 + tests/hardening/3.2.8_enable_tcp_syn_cookies.sh | 1 + tests/hardening/3.2.9_disable_ipv6_router_advertisement.sh | 1 + tests/hardening/3.3.1_install_tcp_wrapper.sh | 1 + tests/hardening/3.3.2_hosts_allow.sh | 1 + tests/hardening/3.3.3_hosts_deny.sh | 1 + tests/hardening/3.3.4_hosts_allow_permissions.sh | 1 + tests/hardening/3.3.5_hosts_deny_permissions.sh | 1 + tests/hardening/3.4.1_disable_dccp.sh | 1 + tests/hardening/3.4.2_disable_sctp.sh | 1 + tests/hardening/3.4.3_disable_rds.sh | 1 + tests/hardening/3.4.4_disable_tipc.sh | 1 + tests/hardening/3.5.1.1_net_fw_default_policy_drop.sh | 1 + tests/hardening/3.5_enable_firewall.sh | 1 + tests/hardening/3.6_disable_wireless.sh | 1 + tests/hardening/3.7_disable_ipv6.sh | 1 + tests/hardening/4.1.1.1_audit_log_storage.sh | 1 + tests/hardening/4.1.1.2_halt_when_audit_log_full.sh | 1 + tests/hardening/4.1.1.3_keep_all_audit_logs.sh | 1 + tests/hardening/4.1.10_record_dac_edit.sh | 1 + tests/hardening/4.1.11_record_failed_access_file.sh | 1 + tests/hardening/4.1.12_record_privileged_commands.sh | 1 + tests/hardening/4.1.13_record_successful_mount.sh | 1 + tests/hardening/4.1.14_record_file_deletions.sh | 1 + tests/hardening/4.1.15_record_sudoers_edit.sh | 1 + tests/hardening/4.1.16_record_sudo_usage.sh | 1 + tests/hardening/4.1.17_record_kernel_modules.sh | 1 + tests/hardening/4.1.18_freeze_auditd_conf.sh | 1 + tests/hardening/4.1.2_enable_auditd.sh | 1 + tests/hardening/4.1.3_audit_bootloader.sh | 1 + tests/hardening/4.1.4_record_date_time_edit.sh | 1 + tests/hardening/4.1.5_record_user_group_edit.sh | 1 + tests/hardening/4.1.6_record_network_edit.sh | 1 + tests/hardening/4.1.7_record_mac_edit.sh | 1 + tests/hardening/4.1.8_record_login_logout.sh | 1 + tests/hardening/4.1.9_record_session_init.sh | 1 + tests/hardening/4.2.2.1_enable_syslog-ng.sh | 1 + tests/hardening/4.2.2.2_configure_syslog-ng.sh | 1 + tests/hardening/4.2.2.3_syslog_ng_logfiles_perm.sh | 1 + tests/hardening/4.2.2.4_syslog-ng_remote_host.sh | 1 + tests/hardening/4.2.2.5_remote_syslog-ng_acl.sh | 1 + tests/hardening/4.2.3_install_syslog-ng.sh | 1 + tests/hardening/4.2.4_logs_permissions.sh | 1 + tests/hardening/4.3_configure_logrotate.sh | 1 + tests/hardening/5.1.1_enable_cron.sh | 1 + tests/hardening/5.1.2_crontab_perm_ownership.sh | 1 + tests/hardening/5.1.3_cron_hourly_perm_ownership.sh | 1 + tests/hardening/5.1.4_cron_daily_perm_ownership.sh | 1 + tests/hardening/5.1.5_cron_weekly_perm_ownership.sh | 1 + tests/hardening/5.1.6_cron_monthly_perm_ownership.sh | 1 + tests/hardening/5.1.7_cron_d_perm_ownership.sh | 1 + tests/hardening/5.1.8_cron_users.sh | 1 + tests/hardening/5.2.10_disable_root_login.sh | 1 + tests/hardening/5.2.11_disable_sshd_permitemptypasswords.sh | 1 + tests/hardening/5.2.12_disable_sshd_setenv.sh | 1 + tests/hardening/5.2.13_sshd_ciphers.sh | 1 + tests/hardening/5.2.14_ssh_cry_mac.sh | 1 + tests/hardening/5.2.15_ssh_cry_kex.sh | 1 + tests/hardening/5.2.16_sshd_idle_timeout.sh | 1 + tests/hardening/5.2.17_sshd_login_grace_time.sh | 1 + tests/hardening/5.2.18_sshd_limit_access.sh | 1 + tests/hardening/5.2.19_ssh_banner.sh | 1 + tests/hardening/5.2.1_sshd_conf_perm_ownership.sh | 1 + tests/hardening/5.2.2_ssh_host_private_keys_perm_ownership.sh | 1 + tests/hardening/5.2.3_ssh_host_public_keys_perm_ownership.sh | 1 + tests/hardening/5.2.4_sshd_protocol.sh | 1 + tests/hardening/5.2.5_sshd_loglevel.sh | 1 + tests/hardening/5.2.6_disable_x11_forwarding.sh | 1 + tests/hardening/5.2.7_sshd_maxauthtries.sh | 1 + tests/hardening/5.2.8_enable_sshd_ignorerhosts.sh | 1 + tests/hardening/5.2.9_disable_sshd_hostbasedauthentication.sh | 1 + tests/hardening/5.3.1_enable_pwquality.sh | 1 + tests/hardening/5.3.2_enable_lockout_failed_password.sh | 1 + tests/hardening/5.3.3_limit_password_reuse.sh | 1 + tests/hardening/5.3.4_acc_pam_sha512.sh | 1 + tests/hardening/5.4.1.1_set_password_exp_days.sh | 1 + tests/hardening/5.4.1.2_set_password_min_days_change.sh | 1 + tests/hardening/5.4.1.3_set_password_exp_warning_days.sh | 1 + tests/hardening/5.4.1.4_lock_inactive_user_account.sh | 1 + tests/hardening/5.4.2_disable_system_accounts.sh | 1 + tests/hardening/5.4.3_default_root_group.sh | 1 + tests/hardening/5.4.4_default_umask.sh | 1 + tests/hardening/5.5_secure_tty.sh | 1 + tests/hardening/5.6_restrict_su.sh | 1 + tests/hardening/6.1.10_find_world_writable_file.sh | 1 + tests/hardening/6.1.11_find_unowned_files.sh | 1 + tests/hardening/6.1.12_find_ungrouped_files.sh | 1 + tests/hardening/6.1.13_find_suid_files.sh | 1 + tests/hardening/6.1.14_find_sgid_files.sh | 1 + tests/hardening/6.1.5_etc_passwd_permissions.sh | 1 + tests/hardening/6.1.6_etc_shadow_permissions.sh | 1 + tests/hardening/6.1.7_etc_group_permissions.sh | 1 + tests/hardening/6.2.10_check_user_dot_file_perm.sh | 1 + tests/hardening/6.2.11_find_user_forward_files.sh | 1 + tests/hardening/6.2.12_find_user_netrc_files.sh | 1 + tests/hardening/6.2.13_set_perm_on_user_netrc.sh | 1 + tests/hardening/6.2.14_find_user_rhosts_files.sh | 1 + tests/hardening/6.2.15_find_passwd_group_inconsistencies.sh | 1 + tests/hardening/6.2.16_check_duplicate_uid.sh | 1 + tests/hardening/6.2.17_check_duplicate_gid.sh | 1 + tests/hardening/6.2.18_check_duplicate_username.sh | 1 + tests/hardening/6.2.19_check_duplicate_groupname.sh | 1 + tests/hardening/6.2.1_remove_empty_password_field.sh | 1 + tests/hardening/6.2.20_shadow_group_empty.sh | 1 + tests/hardening/6.2.2_remove_legacy_passwd_entries.sh | 1 + tests/hardening/6.2.3_remove_legacy_shadow_entries.sh | 1 + tests/hardening/6.2.4_remove_legacy_group_entries.sh | 1 + tests/hardening/6.2.5_find_0_uid_non_root_account.sh | 1 + tests/hardening/6.2.6_sanitize_root_path.sh | 1 + tests/hardening/6.2.7_users_valid_homedir.sh | 1 + tests/hardening/6.2.8_check_user_dir_perm.sh | 1 + tests/hardening/6.2.9_users_valid_homedir.sh | 1 + tests/hardening/8.0_enable_auditd_kernel.sh | 1 + tests/hardening/8.3.1_install_tripwire.sh | 1 + tests/hardening/8.3.2_tripwire_cron.sh | 1 + tests/hardening/99.1_timeout_tty.sh | 1 + tests/hardening/99.2_disable_usb_devices.sh | 1 + tests/hardening/99.3.1_acc_shadow_sha512.sh | 1 + tests/hardening/99.3.2_acc_sudoers_no_all.sh | 1 + tests/hardening/99.3.4_acc_logindefs_sha512.sh | 1 + tests/hardening/99.5.1_ssh_auth_pubk_only.sh | 1 + tests/hardening/99.5.2.3_ssh_cry_rekey.sh | 1 + tests/hardening/99.5.3_ssh_disable_features.sh | 1 + tests/hardening/99.5.4_ssh_keys_from.sh | 1 + tests/hardening/99.5.5_ssh_strict_modes.sh | 1 + tests/hardening/99.5.6_ssh_sys_accept_env.sh | 1 + tests/hardening/99.5.7_ssh_sys_no_legacy.sh | 1 + tests/hardening/99.5.8_ssh_sys_sandbox.sh | 1 + tests/hardening/99.5.9_ssh_loglevel.sh | 1 + 208 files changed, 208 insertions(+) diff --git a/lib/common.sh b/lib/common.sh index ab25bcd..694421b 100644 --- a/lib/common.sh +++ b/lib/common.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # CIS Debian Hardening common functions # run-shellcheck diff --git a/lib/constants.sh b/lib/constants.sh index a189a85..b11c6ac 100644 --- a/lib/constants.sh +++ b/lib/constants.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # Defines constants for CIS Debian Hardening # run-shellcheck diff --git a/lib/main.sh b/lib/main.sh index fde802c..6c427ef 100644 --- a/lib/main.sh +++ b/lib/main.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck LONG_SCRIPT_NAME=$(basename $0) diff --git a/lib/utils.sh b/lib/utils.sh index 4cbbc93..76544ce 100644 --- a/lib/utils.sh +++ b/lib/utils.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # CIS Debian Hardening Utility functions # run-shellcheck diff --git a/tests/hardening/1.1.1.1_disable_freevxfs.sh b/tests/hardening/1.1.1.1_disable_freevxfs.sh index f0715cd..14fd16c 100644 --- a/tests/hardening/1.1.1.1_disable_freevxfs.sh +++ b/tests/hardening/1.1.1.1_disable_freevxfs.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { if [ -f "/.dockerenv" ]; then diff --git a/tests/hardening/1.1.1.2_disable_jffs2.sh b/tests/hardening/1.1.1.2_disable_jffs2.sh index 71e89fd..2fa4239 100644 --- a/tests/hardening/1.1.1.2_disable_jffs2.sh +++ b/tests/hardening/1.1.1.2_disable_jffs2.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { if [ -f "/.dockerenv" ]; then diff --git a/tests/hardening/1.1.1.3_disable_hfs.sh b/tests/hardening/1.1.1.3_disable_hfs.sh index 71e89fd..2fa4239 100644 --- a/tests/hardening/1.1.1.3_disable_hfs.sh +++ b/tests/hardening/1.1.1.3_disable_hfs.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { if [ -f "/.dockerenv" ]; then diff --git a/tests/hardening/1.1.1.4_disable_hfsplus.sh b/tests/hardening/1.1.1.4_disable_hfsplus.sh index 71e89fd..2fa4239 100644 --- a/tests/hardening/1.1.1.4_disable_hfsplus.sh +++ b/tests/hardening/1.1.1.4_disable_hfsplus.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { if [ -f "/.dockerenv" ]; then diff --git a/tests/hardening/1.1.1.5_disable_udf.sh b/tests/hardening/1.1.1.5_disable_udf.sh index 97bd0e8..4d02f29 100644 --- a/tests/hardening/1.1.1.5_disable_udf.sh +++ b/tests/hardening/1.1.1.5_disable_udf.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { if [ -f "/.dockerenv" ]; then diff --git a/tests/hardening/1.1.1.6_disable_cramfs.sh b/tests/hardening/1.1.1.6_disable_cramfs.sh index 71e89fd..2fa4239 100644 --- a/tests/hardening/1.1.1.6_disable_cramfs.sh +++ b/tests/hardening/1.1.1.6_disable_cramfs.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { if [ -f "/.dockerenv" ]; then diff --git a/tests/hardening/1.1.1.7_disable_squashfs.sh b/tests/hardening/1.1.1.7_disable_squashfs.sh index 97bd0e8..4d02f29 100644 --- a/tests/hardening/1.1.1.7_disable_squashfs.sh +++ b/tests/hardening/1.1.1.7_disable_squashfs.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { if [ -f "/.dockerenv" ]; then diff --git a/tests/hardening/1.1.10_var_tmp_noexec.sh b/tests/hardening/1.1.10_var_tmp_noexec.sh index 973bddc..a5243cb 100644 --- a/tests/hardening/1.1.10_var_tmp_noexec.sh +++ b/tests/hardening/1.1.10_var_tmp_noexec.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/1.1.11_var_log_partition.sh b/tests/hardening/1.1.11_var_log_partition.sh index 973bddc..a5243cb 100644 --- a/tests/hardening/1.1.11_var_log_partition.sh +++ b/tests/hardening/1.1.11_var_log_partition.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/1.1.12_var_log_audit_partition.sh b/tests/hardening/1.1.12_var_log_audit_partition.sh index 973bddc..a5243cb 100644 --- a/tests/hardening/1.1.12_var_log_audit_partition.sh +++ b/tests/hardening/1.1.12_var_log_audit_partition.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/1.1.13_home_partition.sh b/tests/hardening/1.1.13_home_partition.sh index 973bddc..a5243cb 100644 --- a/tests/hardening/1.1.13_home_partition.sh +++ b/tests/hardening/1.1.13_home_partition.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/1.1.14_home_nodev.sh b/tests/hardening/1.1.14_home_nodev.sh index 973bddc..a5243cb 100644 --- a/tests/hardening/1.1.14_home_nodev.sh +++ b/tests/hardening/1.1.14_home_nodev.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/1.1.15_run_shm_nodev.sh b/tests/hardening/1.1.15_run_shm_nodev.sh index 682c3d2..a9dafd8 100644 --- a/tests/hardening/1.1.15_run_shm_nodev.sh +++ b/tests/hardening/1.1.15_run_shm_nodev.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/1.1.16_run_shm_nosuid.sh b/tests/hardening/1.1.16_run_shm_nosuid.sh index c811f03..dd9e258 100644 --- a/tests/hardening/1.1.16_run_shm_nosuid.sh +++ b/tests/hardening/1.1.16_run_shm_nosuid.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/1.1.17_run_shm_noexec.sh b/tests/hardening/1.1.17_run_shm_noexec.sh index c811f03..dd9e258 100644 --- a/tests/hardening/1.1.17_run_shm_noexec.sh +++ b/tests/hardening/1.1.17_run_shm_noexec.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/1.1.18_removable_device_nodev.sh b/tests/hardening/1.1.18_removable_device_nodev.sh index 973bddc..a5243cb 100644 --- a/tests/hardening/1.1.18_removable_device_nodev.sh +++ b/tests/hardening/1.1.18_removable_device_nodev.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/1.1.19_removable_device_nosuid.sh b/tests/hardening/1.1.19_removable_device_nosuid.sh index 973bddc..a5243cb 100644 --- a/tests/hardening/1.1.19_removable_device_nosuid.sh +++ b/tests/hardening/1.1.19_removable_device_nosuid.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/1.1.20_removable_device_noexec.sh b/tests/hardening/1.1.20_removable_device_noexec.sh index 973bddc..a5243cb 100644 --- a/tests/hardening/1.1.20_removable_device_noexec.sh +++ b/tests/hardening/1.1.20_removable_device_noexec.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/1.1.21_sticky_bit_world_writable_folder.sh b/tests/hardening/1.1.21_sticky_bit_world_writable_folder.sh index f706d49..609e7a9 100755 --- a/tests/hardening/1.1.21_sticky_bit_world_writable_folder.sh +++ b/tests/hardening/1.1.21_sticky_bit_world_writable_folder.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/1.1.22_disable_automounting.sh b/tests/hardening/1.1.22_disable_automounting.sh index 973bddc..a5243cb 100644 --- a/tests/hardening/1.1.22_disable_automounting.sh +++ b/tests/hardening/1.1.22_disable_automounting.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/1.1.2_tmp_partition.sh b/tests/hardening/1.1.2_tmp_partition.sh index 973bddc..a5243cb 100644 --- a/tests/hardening/1.1.2_tmp_partition.sh +++ b/tests/hardening/1.1.2_tmp_partition.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/1.1.3_tmp_nodev.sh b/tests/hardening/1.1.3_tmp_nodev.sh index 973bddc..a5243cb 100644 --- a/tests/hardening/1.1.3_tmp_nodev.sh +++ b/tests/hardening/1.1.3_tmp_nodev.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/1.1.4_tmp_nosuid.sh b/tests/hardening/1.1.4_tmp_nosuid.sh index 973bddc..a5243cb 100644 --- a/tests/hardening/1.1.4_tmp_nosuid.sh +++ b/tests/hardening/1.1.4_tmp_nosuid.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/1.1.5_tmp_noexec.sh b/tests/hardening/1.1.5_tmp_noexec.sh index 973bddc..a5243cb 100644 --- a/tests/hardening/1.1.5_tmp_noexec.sh +++ b/tests/hardening/1.1.5_tmp_noexec.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/1.1.6_var_partition.sh b/tests/hardening/1.1.6_var_partition.sh index 973bddc..a5243cb 100644 --- a/tests/hardening/1.1.6_var_partition.sh +++ b/tests/hardening/1.1.6_var_partition.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/1.1.7_var_tmp_partition.sh b/tests/hardening/1.1.7_var_tmp_partition.sh index 973bddc..a5243cb 100644 --- a/tests/hardening/1.1.7_var_tmp_partition.sh +++ b/tests/hardening/1.1.7_var_tmp_partition.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/1.1.8_var_tmp_nodev.sh b/tests/hardening/1.1.8_var_tmp_nodev.sh index 973bddc..a5243cb 100644 --- a/tests/hardening/1.1.8_var_tmp_nodev.sh +++ b/tests/hardening/1.1.8_var_tmp_nodev.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/1.1.9_var_tmp_nosuid.sh b/tests/hardening/1.1.9_var_tmp_nosuid.sh index 973bddc..a5243cb 100644 --- a/tests/hardening/1.1.9_var_tmp_nosuid.sh +++ b/tests/hardening/1.1.9_var_tmp_nosuid.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/1.4.1_bootloader_ownership.sh b/tests/hardening/1.4.1_bootloader_ownership.sh index b0ebe2a..af007f7 100644 --- a/tests/hardening/1.4.1_bootloader_ownership.sh +++ b/tests/hardening/1.4.1_bootloader_ownership.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { if [ -f "/.dockerenv" ]; then diff --git a/tests/hardening/1.4.2_bootloader_password.sh b/tests/hardening/1.4.2_bootloader_password.sh index b0ebe2a..af007f7 100644 --- a/tests/hardening/1.4.2_bootloader_password.sh +++ b/tests/hardening/1.4.2_bootloader_password.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { if [ -f "/.dockerenv" ]; then diff --git a/tests/hardening/1.4.3_root_password.sh b/tests/hardening/1.4.3_root_password.sh index b0ebe2a..af007f7 100644 --- a/tests/hardening/1.4.3_root_password.sh +++ b/tests/hardening/1.4.3_root_password.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { if [ -f "/.dockerenv" ]; then diff --git a/tests/hardening/1.5.1_restrict_core_dumps.sh b/tests/hardening/1.5.1_restrict_core_dumps.sh index 180f73f..56e1d6d 100644 --- a/tests/hardening/1.5.1_restrict_core_dumps.sh +++ b/tests/hardening/1.5.1_restrict_core_dumps.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { if [ -f "/.dockerenv" ]; then diff --git a/tests/hardening/1.5.2_enable_nx_support.sh b/tests/hardening/1.5.2_enable_nx_support.sh index b0ebe2a..af007f7 100644 --- a/tests/hardening/1.5.2_enable_nx_support.sh +++ b/tests/hardening/1.5.2_enable_nx_support.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { if [ -f "/.dockerenv" ]; then diff --git a/tests/hardening/1.5.3_enable_randomized_vm_placement.sh b/tests/hardening/1.5.3_enable_randomized_vm_placement.sh index 973bddc..a5243cb 100644 --- a/tests/hardening/1.5.3_enable_randomized_vm_placement.sh +++ b/tests/hardening/1.5.3_enable_randomized_vm_placement.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/1.5.4_disable_prelink.sh b/tests/hardening/1.5.4_disable_prelink.sh index b333419..f85b20d 100644 --- a/tests/hardening/1.5.4_disable_prelink.sh +++ b/tests/hardening/1.5.4_disable_prelink.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/1.6.2.1_enable_apparmor.sh b/tests/hardening/1.6.2.1_enable_apparmor.sh index 5fb1267..599b1d1 100644 --- a/tests/hardening/1.6.2.1_enable_apparmor.sh +++ b/tests/hardening/1.6.2.1_enable_apparmor.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { if [ -f "/.dockerenv" ]; then diff --git a/tests/hardening/1.7.1.1_remove_os_info_motd.sh b/tests/hardening/1.7.1.1_remove_os_info_motd.sh index b333419..f85b20d 100644 --- a/tests/hardening/1.7.1.1_remove_os_info_motd.sh +++ b/tests/hardening/1.7.1.1_remove_os_info_motd.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/1.7.1.2_remove_os_info_issue.sh b/tests/hardening/1.7.1.2_remove_os_info_issue.sh index b333419..f85b20d 100644 --- a/tests/hardening/1.7.1.2_remove_os_info_issue.sh +++ b/tests/hardening/1.7.1.2_remove_os_info_issue.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/1.7.1.3_remove_os_info_issue_net.sh b/tests/hardening/1.7.1.3_remove_os_info_issue_net.sh index b333419..f85b20d 100644 --- a/tests/hardening/1.7.1.3_remove_os_info_issue_net.sh +++ b/tests/hardening/1.7.1.3_remove_os_info_issue_net.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/1.7.1.4_motd_perms.sh b/tests/hardening/1.7.1.4_motd_perms.sh index b333419..f85b20d 100644 --- a/tests/hardening/1.7.1.4_motd_perms.sh +++ b/tests/hardening/1.7.1.4_motd_perms.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/1.7.2_graphical_warning_banners.sh b/tests/hardening/1.7.2_graphical_warning_banners.sh index b333419..f85b20d 100644 --- a/tests/hardening/1.7.2_graphical_warning_banners.sh +++ b/tests/hardening/1.7.2_graphical_warning_banners.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/1.8_install_updates.sh b/tests/hardening/1.8_install_updates.sh index 973bddc..a5243cb 100644 --- a/tests/hardening/1.8_install_updates.sh +++ b/tests/hardening/1.8_install_updates.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/2.1.1_disable_xinetd.sh b/tests/hardening/2.1.1_disable_xinetd.sh index b333419..f85b20d 100644 --- a/tests/hardening/2.1.1_disable_xinetd.sh +++ b/tests/hardening/2.1.1_disable_xinetd.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/2.2.1.1_use_time_sync.sh b/tests/hardening/2.2.1.1_use_time_sync.sh index a171856..1f26e20 100644 --- a/tests/hardening/2.2.1.1_use_time_sync.sh +++ b/tests/hardening/2.2.1.1_use_time_sync.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { # Make all variable local to the function by using `local` diff --git a/tests/hardening/2.2.1.2_configure_ntp.sh b/tests/hardening/2.2.1.2_configure_ntp.sh index b333419..f85b20d 100644 --- a/tests/hardening/2.2.1.2_configure_ntp.sh +++ b/tests/hardening/2.2.1.2_configure_ntp.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/2.2.1.3_configure_chrony.sh b/tests/hardening/2.2.1.3_configure_chrony.sh index b333419..f85b20d 100644 --- a/tests/hardening/2.2.1.3_configure_chrony.sh +++ b/tests/hardening/2.2.1.3_configure_chrony.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/2.2.10_disable_http_server.sh b/tests/hardening/2.2.10_disable_http_server.sh index 973bddc..a5243cb 100644 --- a/tests/hardening/2.2.10_disable_http_server.sh +++ b/tests/hardening/2.2.10_disable_http_server.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/2.2.11_disable_imap_pop.sh b/tests/hardening/2.2.11_disable_imap_pop.sh index 973bddc..a5243cb 100644 --- a/tests/hardening/2.2.11_disable_imap_pop.sh +++ b/tests/hardening/2.2.11_disable_imap_pop.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/2.2.12_disable_samba.sh b/tests/hardening/2.2.12_disable_samba.sh index 973bddc..a5243cb 100644 --- a/tests/hardening/2.2.12_disable_samba.sh +++ b/tests/hardening/2.2.12_disable_samba.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/2.2.13_disable_http_proxy.sh b/tests/hardening/2.2.13_disable_http_proxy.sh index 973bddc..a5243cb 100644 --- a/tests/hardening/2.2.13_disable_http_proxy.sh +++ b/tests/hardening/2.2.13_disable_http_proxy.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/2.2.14_disable_snmp_server.sh b/tests/hardening/2.2.14_disable_snmp_server.sh index 973bddc..a5243cb 100644 --- a/tests/hardening/2.2.14_disable_snmp_server.sh +++ b/tests/hardening/2.2.14_disable_snmp_server.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/2.2.15_mta_localhost.sh b/tests/hardening/2.2.15_mta_localhost.sh index b333419..f85b20d 100644 --- a/tests/hardening/2.2.15_mta_localhost.sh +++ b/tests/hardening/2.2.15_mta_localhost.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/2.2.16_disable_rsync.sh b/tests/hardening/2.2.16_disable_rsync.sh index b333419..f85b20d 100644 --- a/tests/hardening/2.2.16_disable_rsync.sh +++ b/tests/hardening/2.2.16_disable_rsync.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/2.2.18_disable_telnet_server.sh b/tests/hardening/2.2.18_disable_telnet_server.sh index b333419..f85b20d 100755 --- a/tests/hardening/2.2.18_disable_telnet_server.sh +++ b/tests/hardening/2.2.18_disable_telnet_server.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/2.2.2_disable_xwindow_system.sh b/tests/hardening/2.2.2_disable_xwindow_system.sh index 973bddc..a5243cb 100644 --- a/tests/hardening/2.2.2_disable_xwindow_system.sh +++ b/tests/hardening/2.2.2_disable_xwindow_system.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/2.2.3_disable_avahi_server.sh b/tests/hardening/2.2.3_disable_avahi_server.sh index 973bddc..a5243cb 100644 --- a/tests/hardening/2.2.3_disable_avahi_server.sh +++ b/tests/hardening/2.2.3_disable_avahi_server.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/2.2.4_disable_print_server.sh b/tests/hardening/2.2.4_disable_print_server.sh index 973bddc..a5243cb 100644 --- a/tests/hardening/2.2.4_disable_print_server.sh +++ b/tests/hardening/2.2.4_disable_print_server.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/2.2.5_disable_dhcp.sh b/tests/hardening/2.2.5_disable_dhcp.sh index 973bddc..a5243cb 100644 --- a/tests/hardening/2.2.5_disable_dhcp.sh +++ b/tests/hardening/2.2.5_disable_dhcp.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/2.2.6_disable_ldap.sh b/tests/hardening/2.2.6_disable_ldap.sh index 973bddc..a5243cb 100644 --- a/tests/hardening/2.2.6_disable_ldap.sh +++ b/tests/hardening/2.2.6_disable_ldap.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/2.2.7_disable_nfs_rpc.sh b/tests/hardening/2.2.7_disable_nfs_rpc.sh index 973bddc..a5243cb 100644 --- a/tests/hardening/2.2.7_disable_nfs_rpc.sh +++ b/tests/hardening/2.2.7_disable_nfs_rpc.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/2.2.8_disable_dns_server.sh b/tests/hardening/2.2.8_disable_dns_server.sh index 973bddc..a5243cb 100644 --- a/tests/hardening/2.2.8_disable_dns_server.sh +++ b/tests/hardening/2.2.8_disable_dns_server.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/2.2.9_disable_ftp.sh b/tests/hardening/2.2.9_disable_ftp.sh index 973bddc..a5243cb 100644 --- a/tests/hardening/2.2.9_disable_ftp.sh +++ b/tests/hardening/2.2.9_disable_ftp.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/2.3.1_disable_nis.sh b/tests/hardening/2.3.1_disable_nis.sh index 973bddc..a5243cb 100644 --- a/tests/hardening/2.3.1_disable_nis.sh +++ b/tests/hardening/2.3.1_disable_nis.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/2.3.2_disable_rsh_client.sh b/tests/hardening/2.3.2_disable_rsh_client.sh index 973bddc..a5243cb 100644 --- a/tests/hardening/2.3.2_disable_rsh_client.sh +++ b/tests/hardening/2.3.2_disable_rsh_client.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/2.3.3_disable_talk_client.sh b/tests/hardening/2.3.3_disable_talk_client.sh index 973bddc..a5243cb 100644 --- a/tests/hardening/2.3.3_disable_talk_client.sh +++ b/tests/hardening/2.3.3_disable_talk_client.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/2.3.4_disable_telnet_client.sh b/tests/hardening/2.3.4_disable_telnet_client.sh index b333419..f85b20d 100644 --- a/tests/hardening/2.3.4_disable_telnet_client.sh +++ b/tests/hardening/2.3.4_disable_telnet_client.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/2.3.5_disable_ldap_client.sh b/tests/hardening/2.3.5_disable_ldap_client.sh index b333419..f85b20d 100644 --- a/tests/hardening/2.3.5_disable_ldap_client.sh +++ b/tests/hardening/2.3.5_disable_ldap_client.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/3.1.1_disable_ip_forwarding.sh b/tests/hardening/3.1.1_disable_ip_forwarding.sh index 1e7211e..1346bee 100644 --- a/tests/hardening/3.1.1_disable_ip_forwarding.sh +++ b/tests/hardening/3.1.1_disable_ip_forwarding.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/3.1.2_disable_send_packet_redirects.sh b/tests/hardening/3.1.2_disable_send_packet_redirects.sh index b333419..f85b20d 100644 --- a/tests/hardening/3.1.2_disable_send_packet_redirects.sh +++ b/tests/hardening/3.1.2_disable_send_packet_redirects.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/3.2.1_disable_source_routed_packets.sh b/tests/hardening/3.2.1_disable_source_routed_packets.sh index b333419..f85b20d 100644 --- a/tests/hardening/3.2.1_disable_source_routed_packets.sh +++ b/tests/hardening/3.2.1_disable_source_routed_packets.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/3.2.2_disable_icmp_redirect.sh b/tests/hardening/3.2.2_disable_icmp_redirect.sh index b333419..f85b20d 100644 --- a/tests/hardening/3.2.2_disable_icmp_redirect.sh +++ b/tests/hardening/3.2.2_disable_icmp_redirect.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/3.2.3_disable_secure_icmp_redirect.sh b/tests/hardening/3.2.3_disable_secure_icmp_redirect.sh index b333419..f85b20d 100644 --- a/tests/hardening/3.2.3_disable_secure_icmp_redirect.sh +++ b/tests/hardening/3.2.3_disable_secure_icmp_redirect.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/3.2.4_log_martian_packets.sh b/tests/hardening/3.2.4_log_martian_packets.sh index b333419..f85b20d 100644 --- a/tests/hardening/3.2.4_log_martian_packets.sh +++ b/tests/hardening/3.2.4_log_martian_packets.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/3.2.5_ignore_broadcast_requests.sh b/tests/hardening/3.2.5_ignore_broadcast_requests.sh index b333419..f85b20d 100644 --- a/tests/hardening/3.2.5_ignore_broadcast_requests.sh +++ b/tests/hardening/3.2.5_ignore_broadcast_requests.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/3.2.6_enable_bad_error_message_protection.sh b/tests/hardening/3.2.6_enable_bad_error_message_protection.sh index b333419..f85b20d 100755 --- a/tests/hardening/3.2.6_enable_bad_error_message_protection.sh +++ b/tests/hardening/3.2.6_enable_bad_error_message_protection.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/3.2.7_enable_source_route_validation.sh b/tests/hardening/3.2.7_enable_source_route_validation.sh index b333419..f85b20d 100755 --- a/tests/hardening/3.2.7_enable_source_route_validation.sh +++ b/tests/hardening/3.2.7_enable_source_route_validation.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/3.2.8_enable_tcp_syn_cookies.sh b/tests/hardening/3.2.8_enable_tcp_syn_cookies.sh index b333419..f85b20d 100644 --- a/tests/hardening/3.2.8_enable_tcp_syn_cookies.sh +++ b/tests/hardening/3.2.8_enable_tcp_syn_cookies.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/3.2.9_disable_ipv6_router_advertisement.sh b/tests/hardening/3.2.9_disable_ipv6_router_advertisement.sh index b333419..f85b20d 100644 --- a/tests/hardening/3.2.9_disable_ipv6_router_advertisement.sh +++ b/tests/hardening/3.2.9_disable_ipv6_router_advertisement.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/3.3.1_install_tcp_wrapper.sh b/tests/hardening/3.3.1_install_tcp_wrapper.sh index b333419..f85b20d 100644 --- a/tests/hardening/3.3.1_install_tcp_wrapper.sh +++ b/tests/hardening/3.3.1_install_tcp_wrapper.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/3.3.2_hosts_allow.sh b/tests/hardening/3.3.2_hosts_allow.sh index b333419..f85b20d 100644 --- a/tests/hardening/3.3.2_hosts_allow.sh +++ b/tests/hardening/3.3.2_hosts_allow.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/3.3.3_hosts_deny.sh b/tests/hardening/3.3.3_hosts_deny.sh index b333419..f85b20d 100644 --- a/tests/hardening/3.3.3_hosts_deny.sh +++ b/tests/hardening/3.3.3_hosts_deny.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/3.3.4_hosts_allow_permissions.sh b/tests/hardening/3.3.4_hosts_allow_permissions.sh index b333419..f85b20d 100644 --- a/tests/hardening/3.3.4_hosts_allow_permissions.sh +++ b/tests/hardening/3.3.4_hosts_allow_permissions.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/3.3.5_hosts_deny_permissions.sh b/tests/hardening/3.3.5_hosts_deny_permissions.sh index b333419..f85b20d 100644 --- a/tests/hardening/3.3.5_hosts_deny_permissions.sh +++ b/tests/hardening/3.3.5_hosts_deny_permissions.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/3.4.1_disable_dccp.sh b/tests/hardening/3.4.1_disable_dccp.sh index b333419..f85b20d 100644 --- a/tests/hardening/3.4.1_disable_dccp.sh +++ b/tests/hardening/3.4.1_disable_dccp.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/3.4.2_disable_sctp.sh b/tests/hardening/3.4.2_disable_sctp.sh index b333419..f85b20d 100644 --- a/tests/hardening/3.4.2_disable_sctp.sh +++ b/tests/hardening/3.4.2_disable_sctp.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/3.4.3_disable_rds.sh b/tests/hardening/3.4.3_disable_rds.sh index b333419..f85b20d 100644 --- a/tests/hardening/3.4.3_disable_rds.sh +++ b/tests/hardening/3.4.3_disable_rds.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/3.4.4_disable_tipc.sh b/tests/hardening/3.4.4_disable_tipc.sh index b333419..f85b20d 100644 --- a/tests/hardening/3.4.4_disable_tipc.sh +++ b/tests/hardening/3.4.4_disable_tipc.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/3.5.1.1_net_fw_default_policy_drop.sh b/tests/hardening/3.5.1.1_net_fw_default_policy_drop.sh index b333419..f85b20d 100644 --- a/tests/hardening/3.5.1.1_net_fw_default_policy_drop.sh +++ b/tests/hardening/3.5.1.1_net_fw_default_policy_drop.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/3.5_enable_firewall.sh b/tests/hardening/3.5_enable_firewall.sh index b333419..f85b20d 100644 --- a/tests/hardening/3.5_enable_firewall.sh +++ b/tests/hardening/3.5_enable_firewall.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/3.6_disable_wireless.sh b/tests/hardening/3.6_disable_wireless.sh index b333419..f85b20d 100644 --- a/tests/hardening/3.6_disable_wireless.sh +++ b/tests/hardening/3.6_disable_wireless.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/3.7_disable_ipv6.sh b/tests/hardening/3.7_disable_ipv6.sh index b333419..f85b20d 100644 --- a/tests/hardening/3.7_disable_ipv6.sh +++ b/tests/hardening/3.7_disable_ipv6.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/4.1.1.1_audit_log_storage.sh b/tests/hardening/4.1.1.1_audit_log_storage.sh index 2966a59..8f4e661 100644 --- a/tests/hardening/4.1.1.1_audit_log_storage.sh +++ b/tests/hardening/4.1.1.1_audit_log_storage.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/4.1.1.2_halt_when_audit_log_full.sh b/tests/hardening/4.1.1.2_halt_when_audit_log_full.sh index 833c220..433d518 100644 --- a/tests/hardening/4.1.1.2_halt_when_audit_log_full.sh +++ b/tests/hardening/4.1.1.2_halt_when_audit_log_full.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/4.1.1.3_keep_all_audit_logs.sh b/tests/hardening/4.1.1.3_keep_all_audit_logs.sh index 17cef7c..8a56bc2 100644 --- a/tests/hardening/4.1.1.3_keep_all_audit_logs.sh +++ b/tests/hardening/4.1.1.3_keep_all_audit_logs.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/4.1.10_record_dac_edit.sh b/tests/hardening/4.1.10_record_dac_edit.sh index 3df1636..af5baf0 100644 --- a/tests/hardening/4.1.10_record_dac_edit.sh +++ b/tests/hardening/4.1.10_record_dac_edit.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/4.1.11_record_failed_access_file.sh b/tests/hardening/4.1.11_record_failed_access_file.sh index d0b91a6..323c47d 100644 --- a/tests/hardening/4.1.11_record_failed_access_file.sh +++ b/tests/hardening/4.1.11_record_failed_access_file.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/4.1.12_record_privileged_commands.sh b/tests/hardening/4.1.12_record_privileged_commands.sh index e5d43a4..9665e1e 100644 --- a/tests/hardening/4.1.12_record_privileged_commands.sh +++ b/tests/hardening/4.1.12_record_privileged_commands.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/4.1.13_record_successful_mount.sh b/tests/hardening/4.1.13_record_successful_mount.sh index 9ed4a97..246e400 100644 --- a/tests/hardening/4.1.13_record_successful_mount.sh +++ b/tests/hardening/4.1.13_record_successful_mount.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/4.1.14_record_file_deletions.sh b/tests/hardening/4.1.14_record_file_deletions.sh index f8af37a..089d35e 100644 --- a/tests/hardening/4.1.14_record_file_deletions.sh +++ b/tests/hardening/4.1.14_record_file_deletions.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/4.1.15_record_sudoers_edit.sh b/tests/hardening/4.1.15_record_sudoers_edit.sh index 5045bd2..0469235 100644 --- a/tests/hardening/4.1.15_record_sudoers_edit.sh +++ b/tests/hardening/4.1.15_record_sudoers_edit.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/4.1.16_record_sudo_usage.sh b/tests/hardening/4.1.16_record_sudo_usage.sh index f00f69c..0c17e0f 100644 --- a/tests/hardening/4.1.16_record_sudo_usage.sh +++ b/tests/hardening/4.1.16_record_sudo_usage.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/4.1.17_record_kernel_modules.sh b/tests/hardening/4.1.17_record_kernel_modules.sh index 4d2be30..d2522a4 100644 --- a/tests/hardening/4.1.17_record_kernel_modules.sh +++ b/tests/hardening/4.1.17_record_kernel_modules.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/4.1.18_freeze_auditd_conf.sh b/tests/hardening/4.1.18_freeze_auditd_conf.sh index 330369b..6b4c17f 100644 --- a/tests/hardening/4.1.18_freeze_auditd_conf.sh +++ b/tests/hardening/4.1.18_freeze_auditd_conf.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/4.1.2_enable_auditd.sh b/tests/hardening/4.1.2_enable_auditd.sh index f0130b5..a88d6cc 100644 --- a/tests/hardening/4.1.2_enable_auditd.sh +++ b/tests/hardening/4.1.2_enable_auditd.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/4.1.3_audit_bootloader.sh b/tests/hardening/4.1.3_audit_bootloader.sh index b0ebe2a..af007f7 100644 --- a/tests/hardening/4.1.3_audit_bootloader.sh +++ b/tests/hardening/4.1.3_audit_bootloader.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { if [ -f "/.dockerenv" ]; then diff --git a/tests/hardening/4.1.4_record_date_time_edit.sh b/tests/hardening/4.1.4_record_date_time_edit.sh index ae9f01a..2ada4f6 100644 --- a/tests/hardening/4.1.4_record_date_time_edit.sh +++ b/tests/hardening/4.1.4_record_date_time_edit.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/4.1.5_record_user_group_edit.sh b/tests/hardening/4.1.5_record_user_group_edit.sh index 09b8551..093f063 100644 --- a/tests/hardening/4.1.5_record_user_group_edit.sh +++ b/tests/hardening/4.1.5_record_user_group_edit.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/4.1.6_record_network_edit.sh b/tests/hardening/4.1.6_record_network_edit.sh index c4625c0..68bb326 100644 --- a/tests/hardening/4.1.6_record_network_edit.sh +++ b/tests/hardening/4.1.6_record_network_edit.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/4.1.7_record_mac_edit.sh b/tests/hardening/4.1.7_record_mac_edit.sh index d230ebf..b0c0236 100644 --- a/tests/hardening/4.1.7_record_mac_edit.sh +++ b/tests/hardening/4.1.7_record_mac_edit.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/4.1.8_record_login_logout.sh b/tests/hardening/4.1.8_record_login_logout.sh index fb126df..9f2d3df 100644 --- a/tests/hardening/4.1.8_record_login_logout.sh +++ b/tests/hardening/4.1.8_record_login_logout.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/4.1.9_record_session_init.sh b/tests/hardening/4.1.9_record_session_init.sh index 18c6e7b..2240abf 100644 --- a/tests/hardening/4.1.9_record_session_init.sh +++ b/tests/hardening/4.1.9_record_session_init.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/4.2.2.1_enable_syslog-ng.sh b/tests/hardening/4.2.2.1_enable_syslog-ng.sh index b333419..f85b20d 100644 --- a/tests/hardening/4.2.2.1_enable_syslog-ng.sh +++ b/tests/hardening/4.2.2.1_enable_syslog-ng.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/4.2.2.2_configure_syslog-ng.sh b/tests/hardening/4.2.2.2_configure_syslog-ng.sh index b333419..f85b20d 100644 --- a/tests/hardening/4.2.2.2_configure_syslog-ng.sh +++ b/tests/hardening/4.2.2.2_configure_syslog-ng.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/4.2.2.3_syslog_ng_logfiles_perm.sh b/tests/hardening/4.2.2.3_syslog_ng_logfiles_perm.sh index b333419..f85b20d 100644 --- a/tests/hardening/4.2.2.3_syslog_ng_logfiles_perm.sh +++ b/tests/hardening/4.2.2.3_syslog_ng_logfiles_perm.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/4.2.2.4_syslog-ng_remote_host.sh b/tests/hardening/4.2.2.4_syslog-ng_remote_host.sh index fc63839..3c4ffec 100644 --- a/tests/hardening/4.2.2.4_syslog-ng_remote_host.sh +++ b/tests/hardening/4.2.2.4_syslog-ng_remote_host.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { diff --git a/tests/hardening/4.2.2.5_remote_syslog-ng_acl.sh b/tests/hardening/4.2.2.5_remote_syslog-ng_acl.sh index b333419..f85b20d 100644 --- a/tests/hardening/4.2.2.5_remote_syslog-ng_acl.sh +++ b/tests/hardening/4.2.2.5_remote_syslog-ng_acl.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/4.2.3_install_syslog-ng.sh b/tests/hardening/4.2.3_install_syslog-ng.sh index b333419..f85b20d 100755 --- a/tests/hardening/4.2.3_install_syslog-ng.sh +++ b/tests/hardening/4.2.3_install_syslog-ng.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/4.2.4_logs_permissions.sh b/tests/hardening/4.2.4_logs_permissions.sh index b333419..f85b20d 100755 --- a/tests/hardening/4.2.4_logs_permissions.sh +++ b/tests/hardening/4.2.4_logs_permissions.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/4.3_configure_logrotate.sh b/tests/hardening/4.3_configure_logrotate.sh index b333419..f85b20d 100644 --- a/tests/hardening/4.3_configure_logrotate.sh +++ b/tests/hardening/4.3_configure_logrotate.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/5.1.1_enable_cron.sh b/tests/hardening/5.1.1_enable_cron.sh index b333419..f85b20d 100644 --- a/tests/hardening/5.1.1_enable_cron.sh +++ b/tests/hardening/5.1.1_enable_cron.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/5.1.2_crontab_perm_ownership.sh b/tests/hardening/5.1.2_crontab_perm_ownership.sh index 63b2fb2..2bb0c2e 100644 --- a/tests/hardening/5.1.2_crontab_perm_ownership.sh +++ b/tests/hardening/5.1.2_crontab_perm_ownership.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/5.1.3_cron_hourly_perm_ownership.sh b/tests/hardening/5.1.3_cron_hourly_perm_ownership.sh index be6edf8..73ad9c2 100644 --- a/tests/hardening/5.1.3_cron_hourly_perm_ownership.sh +++ b/tests/hardening/5.1.3_cron_hourly_perm_ownership.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/5.1.4_cron_daily_perm_ownership.sh b/tests/hardening/5.1.4_cron_daily_perm_ownership.sh index 57b66e2..bbbd78f 100644 --- a/tests/hardening/5.1.4_cron_daily_perm_ownership.sh +++ b/tests/hardening/5.1.4_cron_daily_perm_ownership.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/5.1.5_cron_weekly_perm_ownership.sh b/tests/hardening/5.1.5_cron_weekly_perm_ownership.sh index 72fa18a..bf09fc8 100644 --- a/tests/hardening/5.1.5_cron_weekly_perm_ownership.sh +++ b/tests/hardening/5.1.5_cron_weekly_perm_ownership.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/5.1.6_cron_monthly_perm_ownership.sh b/tests/hardening/5.1.6_cron_monthly_perm_ownership.sh index f0baafd..56ff380 100644 --- a/tests/hardening/5.1.6_cron_monthly_perm_ownership.sh +++ b/tests/hardening/5.1.6_cron_monthly_perm_ownership.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/5.1.7_cron_d_perm_ownership.sh b/tests/hardening/5.1.7_cron_d_perm_ownership.sh index 7228a72..6c653c1 100644 --- a/tests/hardening/5.1.7_cron_d_perm_ownership.sh +++ b/tests/hardening/5.1.7_cron_d_perm_ownership.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/5.1.8_cron_users.sh b/tests/hardening/5.1.8_cron_users.sh index 80807b8..8d1ca71 100644 --- a/tests/hardening/5.1.8_cron_users.sh +++ b/tests/hardening/5.1.8_cron_users.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/5.2.10_disable_root_login.sh b/tests/hardening/5.2.10_disable_root_login.sh index 41c63c4..0e523e6 100644 --- a/tests/hardening/5.2.10_disable_root_login.sh +++ b/tests/hardening/5.2.10_disable_root_login.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/5.2.11_disable_sshd_permitemptypasswords.sh b/tests/hardening/5.2.11_disable_sshd_permitemptypasswords.sh index 361dadb..06313d9 100644 --- a/tests/hardening/5.2.11_disable_sshd_permitemptypasswords.sh +++ b/tests/hardening/5.2.11_disable_sshd_permitemptypasswords.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/5.2.12_disable_sshd_setenv.sh b/tests/hardening/5.2.12_disable_sshd_setenv.sh index 549da9b..bd2e5d6 100644 --- a/tests/hardening/5.2.12_disable_sshd_setenv.sh +++ b/tests/hardening/5.2.12_disable_sshd_setenv.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/5.2.13_sshd_ciphers.sh b/tests/hardening/5.2.13_sshd_ciphers.sh index 0f49f42..3a5030b 100644 --- a/tests/hardening/5.2.13_sshd_ciphers.sh +++ b/tests/hardening/5.2.13_sshd_ciphers.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/5.2.14_ssh_cry_mac.sh b/tests/hardening/5.2.14_ssh_cry_mac.sh index 7fe8a1b..2b82aee 100644 --- a/tests/hardening/5.2.14_ssh_cry_mac.sh +++ b/tests/hardening/5.2.14_ssh_cry_mac.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/5.2.15_ssh_cry_kex.sh b/tests/hardening/5.2.15_ssh_cry_kex.sh index 8f60dd0..4fae4d6 100644 --- a/tests/hardening/5.2.15_ssh_cry_kex.sh +++ b/tests/hardening/5.2.15_ssh_cry_kex.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/5.2.16_sshd_idle_timeout.sh b/tests/hardening/5.2.16_sshd_idle_timeout.sh index 438d9a6..efc3877 100644 --- a/tests/hardening/5.2.16_sshd_idle_timeout.sh +++ b/tests/hardening/5.2.16_sshd_idle_timeout.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/5.2.17_sshd_login_grace_time.sh b/tests/hardening/5.2.17_sshd_login_grace_time.sh index b2aea94..5b326ba 100755 --- a/tests/hardening/5.2.17_sshd_login_grace_time.sh +++ b/tests/hardening/5.2.17_sshd_login_grace_time.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/5.2.18_sshd_limit_access.sh b/tests/hardening/5.2.18_sshd_limit_access.sh index 976d038..d22306b 100644 --- a/tests/hardening/5.2.18_sshd_limit_access.sh +++ b/tests/hardening/5.2.18_sshd_limit_access.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/5.2.19_ssh_banner.sh b/tests/hardening/5.2.19_ssh_banner.sh index bcf1f0e..98ecc01 100644 --- a/tests/hardening/5.2.19_ssh_banner.sh +++ b/tests/hardening/5.2.19_ssh_banner.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/5.2.1_sshd_conf_perm_ownership.sh b/tests/hardening/5.2.1_sshd_conf_perm_ownership.sh index 589fc96..d2263d7 100644 --- a/tests/hardening/5.2.1_sshd_conf_perm_ownership.sh +++ b/tests/hardening/5.2.1_sshd_conf_perm_ownership.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/5.2.2_ssh_host_private_keys_perm_ownership.sh b/tests/hardening/5.2.2_ssh_host_private_keys_perm_ownership.sh index cc095a5..664515b 100755 --- a/tests/hardening/5.2.2_ssh_host_private_keys_perm_ownership.sh +++ b/tests/hardening/5.2.2_ssh_host_private_keys_perm_ownership.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/5.2.3_ssh_host_public_keys_perm_ownership.sh b/tests/hardening/5.2.3_ssh_host_public_keys_perm_ownership.sh index 7eb3778..cb83567 100755 --- a/tests/hardening/5.2.3_ssh_host_public_keys_perm_ownership.sh +++ b/tests/hardening/5.2.3_ssh_host_public_keys_perm_ownership.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/5.2.4_sshd_protocol.sh b/tests/hardening/5.2.4_sshd_protocol.sh index f311fee..2072dfa 100644 --- a/tests/hardening/5.2.4_sshd_protocol.sh +++ b/tests/hardening/5.2.4_sshd_protocol.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/5.2.5_sshd_loglevel.sh b/tests/hardening/5.2.5_sshd_loglevel.sh index 42f1ef3..cc54796 100644 --- a/tests/hardening/5.2.5_sshd_loglevel.sh +++ b/tests/hardening/5.2.5_sshd_loglevel.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/5.2.6_disable_x11_forwarding.sh b/tests/hardening/5.2.6_disable_x11_forwarding.sh index 1d45b25..6fdb78e 100644 --- a/tests/hardening/5.2.6_disable_x11_forwarding.sh +++ b/tests/hardening/5.2.6_disable_x11_forwarding.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/5.2.7_sshd_maxauthtries.sh b/tests/hardening/5.2.7_sshd_maxauthtries.sh index 7e5b274..9bb8e04 100644 --- a/tests/hardening/5.2.7_sshd_maxauthtries.sh +++ b/tests/hardening/5.2.7_sshd_maxauthtries.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/5.2.8_enable_sshd_ignorerhosts.sh b/tests/hardening/5.2.8_enable_sshd_ignorerhosts.sh index 83b268c..ddaa318 100644 --- a/tests/hardening/5.2.8_enable_sshd_ignorerhosts.sh +++ b/tests/hardening/5.2.8_enable_sshd_ignorerhosts.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/5.2.9_disable_sshd_hostbasedauthentication.sh b/tests/hardening/5.2.9_disable_sshd_hostbasedauthentication.sh index d5a53ad..34782d6 100644 --- a/tests/hardening/5.2.9_disable_sshd_hostbasedauthentication.sh +++ b/tests/hardening/5.2.9_disable_sshd_hostbasedauthentication.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/5.3.1_enable_pwquality.sh b/tests/hardening/5.3.1_enable_pwquality.sh index 4445c2a..c230ad8 100644 --- a/tests/hardening/5.3.1_enable_pwquality.sh +++ b/tests/hardening/5.3.1_enable_pwquality.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { diff --git a/tests/hardening/5.3.2_enable_lockout_failed_password.sh b/tests/hardening/5.3.2_enable_lockout_failed_password.sh index 6f3e08d..b89dad0 100644 --- a/tests/hardening/5.3.2_enable_lockout_failed_password.sh +++ b/tests/hardening/5.3.2_enable_lockout_failed_password.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/5.3.3_limit_password_reuse.sh b/tests/hardening/5.3.3_limit_password_reuse.sh index 3f24583..08606a2 100644 --- a/tests/hardening/5.3.3_limit_password_reuse.sh +++ b/tests/hardening/5.3.3_limit_password_reuse.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/5.3.4_acc_pam_sha512.sh b/tests/hardening/5.3.4_acc_pam_sha512.sh index 421786f..4a0e3d2 100644 --- a/tests/hardening/5.3.4_acc_pam_sha512.sh +++ b/tests/hardening/5.3.4_acc_pam_sha512.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/5.4.1.1_set_password_exp_days.sh b/tests/hardening/5.4.1.1_set_password_exp_days.sh index 5ea33e4..bd0903e 100644 --- a/tests/hardening/5.4.1.1_set_password_exp_days.sh +++ b/tests/hardening/5.4.1.1_set_password_exp_days.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/5.4.1.2_set_password_min_days_change.sh b/tests/hardening/5.4.1.2_set_password_min_days_change.sh index 228d4c1..31cf936 100644 --- a/tests/hardening/5.4.1.2_set_password_min_days_change.sh +++ b/tests/hardening/5.4.1.2_set_password_min_days_change.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/5.4.1.3_set_password_exp_warning_days.sh b/tests/hardening/5.4.1.3_set_password_exp_warning_days.sh index 7cb7785..65aafce 100644 --- a/tests/hardening/5.4.1.3_set_password_exp_warning_days.sh +++ b/tests/hardening/5.4.1.3_set_password_exp_warning_days.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/5.4.1.4_lock_inactive_user_account.sh b/tests/hardening/5.4.1.4_lock_inactive_user_account.sh index b333419..f85b20d 100644 --- a/tests/hardening/5.4.1.4_lock_inactive_user_account.sh +++ b/tests/hardening/5.4.1.4_lock_inactive_user_account.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/5.4.2_disable_system_accounts.sh b/tests/hardening/5.4.2_disable_system_accounts.sh index 590b1bb..3488177 100644 --- a/tests/hardening/5.4.2_disable_system_accounts.sh +++ b/tests/hardening/5.4.2_disable_system_accounts.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { cp -a /etc/passwd /tmp/passwd.bak diff --git a/tests/hardening/5.4.3_default_root_group.sh b/tests/hardening/5.4.3_default_root_group.sh index bcf8c32..118d213 100644 --- a/tests/hardening/5.4.3_default_root_group.sh +++ b/tests/hardening/5.4.3_default_root_group.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/5.4.4_default_umask.sh b/tests/hardening/5.4.4_default_umask.sh index 9842774..2c65ee1 100644 --- a/tests/hardening/5.4.4_default_umask.sh +++ b/tests/hardening/5.4.4_default_umask.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/5.5_secure_tty.sh b/tests/hardening/5.5_secure_tty.sh index b333419..f85b20d 100644 --- a/tests/hardening/5.5_secure_tty.sh +++ b/tests/hardening/5.5_secure_tty.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/5.6_restrict_su.sh b/tests/hardening/5.6_restrict_su.sh index 54af608..0b67092 100644 --- a/tests/hardening/5.6_restrict_su.sh +++ b/tests/hardening/5.6_restrict_su.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/6.1.10_find_world_writable_file.sh b/tests/hardening/6.1.10_find_world_writable_file.sh index 700529f..5547201 100755 --- a/tests/hardening/6.1.10_find_world_writable_file.sh +++ b/tests/hardening/6.1.10_find_world_writable_file.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { diff --git a/tests/hardening/6.1.11_find_unowned_files.sh b/tests/hardening/6.1.11_find_unowned_files.sh index f05dc66..5247870 100755 --- a/tests/hardening/6.1.11_find_unowned_files.sh +++ b/tests/hardening/6.1.11_find_unowned_files.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/6.1.12_find_ungrouped_files.sh b/tests/hardening/6.1.12_find_ungrouped_files.sh index 29213fd..19fffc7 100755 --- a/tests/hardening/6.1.12_find_ungrouped_files.sh +++ b/tests/hardening/6.1.12_find_ungrouped_files.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/6.1.13_find_suid_files.sh b/tests/hardening/6.1.13_find_suid_files.sh index 5362467..4655210 100755 --- a/tests/hardening/6.1.13_find_suid_files.sh +++ b/tests/hardening/6.1.13_find_suid_files.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running void to generate the conf file that will later be edited diff --git a/tests/hardening/6.1.14_find_sgid_files.sh b/tests/hardening/6.1.14_find_sgid_files.sh index ffda6d6..6dc332f 100755 --- a/tests/hardening/6.1.14_find_sgid_files.sh +++ b/tests/hardening/6.1.14_find_sgid_files.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running void to generate the conf file that will later be edited diff --git a/tests/hardening/6.1.5_etc_passwd_permissions.sh b/tests/hardening/6.1.5_etc_passwd_permissions.sh index 743950b..b52c9a3 100644 --- a/tests/hardening/6.1.5_etc_passwd_permissions.sh +++ b/tests/hardening/6.1.5_etc_passwd_permissions.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/6.1.6_etc_shadow_permissions.sh b/tests/hardening/6.1.6_etc_shadow_permissions.sh index 6df1fd7..a7c86b9 100644 --- a/tests/hardening/6.1.6_etc_shadow_permissions.sh +++ b/tests/hardening/6.1.6_etc_shadow_permissions.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/6.1.7_etc_group_permissions.sh b/tests/hardening/6.1.7_etc_group_permissions.sh index 9f4306d..6ed5526 100644 --- a/tests/hardening/6.1.7_etc_group_permissions.sh +++ b/tests/hardening/6.1.7_etc_group_permissions.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/6.2.10_check_user_dot_file_perm.sh b/tests/hardening/6.2.10_check_user_dot_file_perm.sh index fda93e8..0f2a4ec 100644 --- a/tests/hardening/6.2.10_check_user_dot_file_perm.sh +++ b/tests/hardening/6.2.10_check_user_dot_file_perm.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/6.2.11_find_user_forward_files.sh b/tests/hardening/6.2.11_find_user_forward_files.sh index 50f03a2..6990827 100644 --- a/tests/hardening/6.2.11_find_user_forward_files.sh +++ b/tests/hardening/6.2.11_find_user_forward_files.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/6.2.12_find_user_netrc_files.sh b/tests/hardening/6.2.12_find_user_netrc_files.sh index 29252bc..ca50906 100644 --- a/tests/hardening/6.2.12_find_user_netrc_files.sh +++ b/tests/hardening/6.2.12_find_user_netrc_files.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/6.2.13_set_perm_on_user_netrc.sh b/tests/hardening/6.2.13_set_perm_on_user_netrc.sh index 3717e22..5d86d81 100644 --- a/tests/hardening/6.2.13_set_perm_on_user_netrc.sh +++ b/tests/hardening/6.2.13_set_perm_on_user_netrc.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/6.2.14_find_user_rhosts_files.sh b/tests/hardening/6.2.14_find_user_rhosts_files.sh index 34539c6..904cb34 100755 --- a/tests/hardening/6.2.14_find_user_rhosts_files.sh +++ b/tests/hardening/6.2.14_find_user_rhosts_files.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/6.2.15_find_passwd_group_inconsistencies.sh b/tests/hardening/6.2.15_find_passwd_group_inconsistencies.sh index 8e1da73..3f2029d 100644 --- a/tests/hardening/6.2.15_find_passwd_group_inconsistencies.sh +++ b/tests/hardening/6.2.15_find_passwd_group_inconsistencies.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/6.2.16_check_duplicate_uid.sh b/tests/hardening/6.2.16_check_duplicate_uid.sh index 7f8354a..18b7197 100644 --- a/tests/hardening/6.2.16_check_duplicate_uid.sh +++ b/tests/hardening/6.2.16_check_duplicate_uid.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/6.2.17_check_duplicate_gid.sh b/tests/hardening/6.2.17_check_duplicate_gid.sh index ce9313d..f7aeaa9 100644 --- a/tests/hardening/6.2.17_check_duplicate_gid.sh +++ b/tests/hardening/6.2.17_check_duplicate_gid.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/6.2.18_check_duplicate_username.sh b/tests/hardening/6.2.18_check_duplicate_username.sh index 95d6b2b..8f27c9e 100644 --- a/tests/hardening/6.2.18_check_duplicate_username.sh +++ b/tests/hardening/6.2.18_check_duplicate_username.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/6.2.19_check_duplicate_groupname.sh b/tests/hardening/6.2.19_check_duplicate_groupname.sh index ce9d96d..5445b3a 100644 --- a/tests/hardening/6.2.19_check_duplicate_groupname.sh +++ b/tests/hardening/6.2.19_check_duplicate_groupname.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/6.2.1_remove_empty_password_field.sh b/tests/hardening/6.2.1_remove_empty_password_field.sh index 8dc5891..e833dfb 100644 --- a/tests/hardening/6.2.1_remove_empty_password_field.sh +++ b/tests/hardening/6.2.1_remove_empty_password_field.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/6.2.20_shadow_group_empty.sh b/tests/hardening/6.2.20_shadow_group_empty.sh index 92f1a56..3fb0a61 100644 --- a/tests/hardening/6.2.20_shadow_group_empty.sh +++ b/tests/hardening/6.2.20_shadow_group_empty.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/6.2.2_remove_legacy_passwd_entries.sh b/tests/hardening/6.2.2_remove_legacy_passwd_entries.sh index 9e6592a..0e58e83 100644 --- a/tests/hardening/6.2.2_remove_legacy_passwd_entries.sh +++ b/tests/hardening/6.2.2_remove_legacy_passwd_entries.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/6.2.3_remove_legacy_shadow_entries.sh b/tests/hardening/6.2.3_remove_legacy_shadow_entries.sh index de2cdc6..d0d0661 100644 --- a/tests/hardening/6.2.3_remove_legacy_shadow_entries.sh +++ b/tests/hardening/6.2.3_remove_legacy_shadow_entries.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/6.2.4_remove_legacy_group_entries.sh b/tests/hardening/6.2.4_remove_legacy_group_entries.sh index 68c38d9..bd1a804 100644 --- a/tests/hardening/6.2.4_remove_legacy_group_entries.sh +++ b/tests/hardening/6.2.4_remove_legacy_group_entries.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/6.2.5_find_0_uid_non_root_account.sh b/tests/hardening/6.2.5_find_0_uid_non_root_account.sh index 4a598f2..40bd8a6 100644 --- a/tests/hardening/6.2.5_find_0_uid_non_root_account.sh +++ b/tests/hardening/6.2.5_find_0_uid_non_root_account.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/6.2.6_sanitize_root_path.sh b/tests/hardening/6.2.6_sanitize_root_path.sh index 72dc9d2..353aa14 100644 --- a/tests/hardening/6.2.6_sanitize_root_path.sh +++ b/tests/hardening/6.2.6_sanitize_root_path.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/6.2.7_users_valid_homedir.sh b/tests/hardening/6.2.7_users_valid_homedir.sh index 19229d5..cf76db2 100755 --- a/tests/hardening/6.2.7_users_valid_homedir.sh +++ b/tests/hardening/6.2.7_users_valid_homedir.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/6.2.8_check_user_dir_perm.sh b/tests/hardening/6.2.8_check_user_dir_perm.sh index 5e22d1d..ad3479b 100644 --- a/tests/hardening/6.2.8_check_user_dir_perm.sh +++ b/tests/hardening/6.2.8_check_user_dir_perm.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/6.2.9_users_valid_homedir.sh b/tests/hardening/6.2.9_users_valid_homedir.sh index 2ab3741..00c62fa 100644 --- a/tests/hardening/6.2.9_users_valid_homedir.sh +++ b/tests/hardening/6.2.9_users_valid_homedir.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running void to generate the conf file that will later be edited diff --git a/tests/hardening/8.0_enable_auditd_kernel.sh b/tests/hardening/8.0_enable_auditd_kernel.sh index b0ebe2a..af007f7 100644 --- a/tests/hardening/8.0_enable_auditd_kernel.sh +++ b/tests/hardening/8.0_enable_auditd_kernel.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { if [ -f "/.dockerenv" ]; then diff --git a/tests/hardening/8.3.1_install_tripwire.sh b/tests/hardening/8.3.1_install_tripwire.sh index b333419..f85b20d 100644 --- a/tests/hardening/8.3.1_install_tripwire.sh +++ b/tests/hardening/8.3.1_install_tripwire.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/8.3.2_tripwire_cron.sh b/tests/hardening/8.3.2_tripwire_cron.sh index 3b3af16..d21be3d 100644 --- a/tests/hardening/8.3.2_tripwire_cron.sh +++ b/tests/hardening/8.3.2_tripwire_cron.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/99.1_timeout_tty.sh b/tests/hardening/99.1_timeout_tty.sh index da5c079..7b84d5f 100644 --- a/tests/hardening/99.1_timeout_tty.sh +++ b/tests/hardening/99.1_timeout_tty.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/99.2_disable_usb_devices.sh b/tests/hardening/99.2_disable_usb_devices.sh index 050ddb0..ac6df4e 100644 --- a/tests/hardening/99.2_disable_usb_devices.sh +++ b/tests/hardening/99.2_disable_usb_devices.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { if [ -f "/.dockerenv" ]; then diff --git a/tests/hardening/99.3.1_acc_shadow_sha512.sh b/tests/hardening/99.3.1_acc_shadow_sha512.sh index 87ab2f4..40b2251 100644 --- a/tests/hardening/99.3.1_acc_shadow_sha512.sh +++ b/tests/hardening/99.3.1_acc_shadow_sha512.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/99.3.2_acc_sudoers_no_all.sh b/tests/hardening/99.3.2_acc_sudoers_no_all.sh index 90892be..1c53269 100644 --- a/tests/hardening/99.3.2_acc_sudoers_no_all.sh +++ b/tests/hardening/99.3.2_acc_sudoers_no_all.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { # shellcheck disable=2154 diff --git a/tests/hardening/99.3.4_acc_logindefs_sha512.sh b/tests/hardening/99.3.4_acc_logindefs_sha512.sh index c584b6d..86999b5 100644 --- a/tests/hardening/99.3.4_acc_logindefs_sha512.sh +++ b/tests/hardening/99.3.4_acc_logindefs_sha512.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/99.5.1_ssh_auth_pubk_only.sh b/tests/hardening/99.5.1_ssh_auth_pubk_only.sh index 042294a..561fd14 100644 --- a/tests/hardening/99.5.1_ssh_auth_pubk_only.sh +++ b/tests/hardening/99.5.1_ssh_auth_pubk_only.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/99.5.2.3_ssh_cry_rekey.sh b/tests/hardening/99.5.2.3_ssh_cry_rekey.sh index c072418..3a918f7 100644 --- a/tests/hardening/99.5.2.3_ssh_cry_rekey.sh +++ b/tests/hardening/99.5.2.3_ssh_cry_rekey.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/99.5.3_ssh_disable_features.sh b/tests/hardening/99.5.3_ssh_disable_features.sh index 74fa0d0..4c03694 100644 --- a/tests/hardening/99.5.3_ssh_disable_features.sh +++ b/tests/hardening/99.5.3_ssh_disable_features.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/99.5.4_ssh_keys_from.sh b/tests/hardening/99.5.4_ssh_keys_from.sh index 61071b4..22848ec 100644 --- a/tests/hardening/99.5.4_ssh_keys_from.sh +++ b/tests/hardening/99.5.4_ssh_keys_from.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { # shellcheck disable=2154 diff --git a/tests/hardening/99.5.5_ssh_strict_modes.sh b/tests/hardening/99.5.5_ssh_strict_modes.sh index 6085453..f247cbe 100644 --- a/tests/hardening/99.5.5_ssh_strict_modes.sh +++ b/tests/hardening/99.5.5_ssh_strict_modes.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/99.5.6_ssh_sys_accept_env.sh b/tests/hardening/99.5.6_ssh_sys_accept_env.sh index 27f9fe6..fcd5503 100644 --- a/tests/hardening/99.5.6_ssh_sys_accept_env.sh +++ b/tests/hardening/99.5.6_ssh_sys_accept_env.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/99.5.7_ssh_sys_no_legacy.sh b/tests/hardening/99.5.7_ssh_sys_no_legacy.sh index 46ed25a..34a19e2 100644 --- a/tests/hardening/99.5.7_ssh_sys_no_legacy.sh +++ b/tests/hardening/99.5.7_ssh_sys_no_legacy.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/99.5.8_ssh_sys_sandbox.sh b/tests/hardening/99.5.8_ssh_sys_sandbox.sh index 2c1b0e8..c2388a9 100644 --- a/tests/hardening/99.5.8_ssh_sys_sandbox.sh +++ b/tests/hardening/99.5.8_ssh_sys_sandbox.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host diff --git a/tests/hardening/99.5.9_ssh_loglevel.sh b/tests/hardening/99.5.9_ssh_loglevel.sh index 3e4e2a3..880636a 100644 --- a/tests/hardening/99.5.9_ssh_loglevel.sh +++ b/tests/hardening/99.5.9_ssh_loglevel.sh @@ -1,3 +1,4 @@ +# shellcheck shell=bash # run-shellcheck test_audit() { describe Running on blank host