From 5048099df8bf21c63b1e6fb2afd7f3ad427900f5 Mon Sep 17 00:00:00 2001
From: "thibault.dewailly" <thibault.dewailly@ovh.net>
Date: Wed, 20 Apr 2016 14:36:55 +0200
Subject: [PATCH] Fixed 8.2.4 check file exists before testing rights

---
 bin/hardening/8.2.4_set_logfile_perm.sh | 25 +++++++++++++++----------
 bin/postinstall/tripwire.sh             |  2 +-
 debian/default                          |  4 ++--
 3 files changed, 18 insertions(+), 13 deletions(-)

diff --git a/bin/hardening/8.2.4_set_logfile_perm.sh b/bin/hardening/8.2.4_set_logfile_perm.sh
index 9e3e84e..ddf9523 100755
--- a/bin/hardening/8.2.4_set_logfile_perm.sh
+++ b/bin/hardening/8.2.4_set_logfile_perm.sh
@@ -19,18 +19,23 @@ GROUP='adm'
 audit () {
     FILES=$(grep "file(" $SYSLOG_BASEDIR/syslog-ng.conf | grep '"' | cut -d'"' -f 2)
     for FILE in $FILES; do
-        has_file_correct_ownership $FILE $USER $GROUP
-        if [ $FNRET = 0 ]; then
-            ok "$FILE has correct ownership"
+        does_file_exist $FILE
+        if [ $FNRET != 0 ]; then
+            crit "$FILE does not exist"
         else
-            crit "$FILE is not $USER:$GROUP ownership set"
+            has_file_correct_ownership $FILE $USER $GROUP
+            if [ $FNRET = 0 ]; then
+                ok "$FILE has correct ownership"
+            else
+                crit "$FILE is not $USER:$GROUP ownership set"
+            fi
+            has_file_correct_permissions $FILE $PERMISSIONS
+            if [ $FNRET = 0 ]; then
+                ok "$FILE has correct permissions"
+            else
+                crit "$FILE has not $PERMISSIONS permissions set"
+            fi 
         fi
-        has_file_correct_permissions $FILE $PERMISSIONS
-        if [ $FNRET = 0 ]; then
-            ok "$FILE has correct permissions"
-        else
-            crit "$FILE has not $PERMISSIONS permissions set"
-        fi 
     done
 }
 
diff --git a/bin/postinstall/tripwire.sh b/bin/postinstall/tripwire.sh
index bb043e7..3533830 100755
--- a/bin/postinstall/tripwire.sh
+++ b/bin/postinstall/tripwire.sh
@@ -4,7 +4,7 @@
 # CIS Debian 7 Hardening
 #
 
-# If you followed this CIS hardenning, this script follows 8.3.1_install_tripwire.sh
+# If you followed this CIS hardening, this script follows 8.3.1_install_tripwire.sh
 # After installing tripwire, you may want to run those few commented commands to make it fully functionnal
 
 echo "Generating Site key file..."
diff --git a/debian/default b/debian/default
index 242de44..f4db83d 100644
--- a/debian/default
+++ b/debian/default
@@ -1,5 +1,5 @@
-# Default file for CIS Debian hardenning scripts
+# Default file for CIS Debian hardening scripts
 
-# Define here root directory for CIS debian hardenning scripts
+# Define here root directory for CIS debian hardening scripts
 CIS_ROOT_DIR='/opt/cis-hardening'