From 5b2404dab85e59c034378e244d592306d198c2fd Mon Sep 17 00:00:00 2001 From: Charles Herlin Date: Wed, 25 Oct 2017 14:50:39 +0200 Subject: [PATCH] Applying batch edit to all hardening/*.sh scripts for new CIS_ROOT_DIR management --- bin/hardening/1.1_install_updates.sh | 16 ++++++------ bin/hardening/10.1.1_set_password_exp_days.sh | 16 ++++++------ .../10.1.2_set_password_min_days_change.sh | 16 ++++++------ .../10.1.3_set_password_exp_warning_days.sh | 16 ++++++------ bin/hardening/10.2_disable_system_accounts.sh | 14 +++++------ bin/hardening/10.3_default_root_group.sh | 16 ++++++------ bin/hardening/10.4_default_umask.sh | 14 +++++------ .../10.5_lock_inactive_user_account.sh | 16 ++++++------ bin/hardening/11.1_warning_banners.sh | 16 ++++++------ .../11.2_remove_os_info_warning_banners.sh | 16 ++++++------ .../11.3_graphical_warning_banners.sh | 16 ++++++------ bin/hardening/12.10_find_suid_files.sh | 16 ++++++------ bin/hardening/12.11_find_sgid_files.sh | 16 ++++++------ bin/hardening/12.1_etc_passwd_permissions.sh | 16 ++++++------ bin/hardening/12.2_etc_shadow_permissions.sh | 16 ++++++------ bin/hardening/12.3_etc_group_permissions.sh | 16 ++++++------ bin/hardening/12.4_etc_passwd_ownership.sh | 16 ++++++------ bin/hardening/12.5_etc_shadow_ownership.sh | 16 ++++++------ bin/hardening/12.6_etc_group_ownership.sh | 16 ++++++------ .../12.7_find_world_writable_file.sh | 16 ++++++------ bin/hardening/12.8_find_unowned_files.sh | 16 ++++++------ bin/hardening/12.9_find_ungrouped_files.sh | 16 ++++++------ bin/hardening/13.10_find_user_rhosts_files.sh | 16 ++++++------ ...13.11_find_passwd_group_inconsistencies.sh | 16 ++++++------ bin/hardening/13.12_users_valid_homedir.sh | 16 ++++++------ .../13.13_check_user_homedir_ownership.sh | 16 ++++++------ bin/hardening/13.14_check_duplicate_uid.sh | 16 ++++++------ bin/hardening/13.15_check_duplicate_gid.sh | 16 ++++++------ .../13.16_check_duplicate_username.sh | 16 ++++++------ .../13.17_check_duplicate_groupname.sh | 16 ++++++------ bin/hardening/13.18_find_user_netrc_files.sh | 16 ++++++------ .../13.19_find_user_forward_files.sh | 16 ++++++------ .../13.1_remove_empty_password_field.sh | 16 ++++++------ bin/hardening/13.20_shadow_group_empty.sh | 16 ++++++------ .../13.2_remove_legacy_passwd_entries.sh | 16 ++++++------ .../13.3_remove_legacy_shadow_entries.sh | 16 ++++++------ .../13.4_remove_legacy_group_entries.sh | 16 ++++++------ .../13.5_find_0_uid_non_root_account.sh | 16 ++++++------ bin/hardening/13.6_sanitize_root_path.sh | 16 ++++++------ bin/hardening/13.7_check_user_dir_perm.sh | 16 ++++++------ .../13.8_check_user_dot_file_perm.sh | 16 ++++++------ bin/hardening/13.9_set_perm_on_user_netrc.sh | 16 ++++++------ bin/hardening/2.10_home_nodev.sh | 16 ++++++------ bin/hardening/2.11_removable_device_nodev.sh | 16 ++++++------ bin/hardening/2.12_removable_device_noexec.sh | 16 ++++++------ bin/hardening/2.13_removable_device_nosuid.sh | 16 ++++++------ bin/hardening/2.14_run_shm_nodev.sh | 16 ++++++------ bin/hardening/2.15_run_shm_nosuid.sh | 16 ++++++------ bin/hardening/2.16_run_shm_noexec.sh | 16 ++++++------ .../2.17_sticky_bit_world_writable_folder.sh | 16 ++++++------ bin/hardening/2.18_disable_cramfs.sh | 16 ++++++------ bin/hardening/2.19_disable_freevxfs.sh | 16 ++++++------ bin/hardening/2.1_tmp_partition.sh | 16 ++++++------ bin/hardening/2.20_disable_jffs2.sh | 16 ++++++------ bin/hardening/2.21_disable_hfs.sh | 16 ++++++------ bin/hardening/2.22_disable_hfsplus.sh | 16 ++++++------ bin/hardening/2.23_disable_squashfs.sh | 16 ++++++------ bin/hardening/2.24_disable_udf.sh | 16 ++++++------ bin/hardening/2.25_disable_automounting.sh | 16 ++++++------ bin/hardening/2.2_tmp_nodev.sh | 16 ++++++------ bin/hardening/2.3_tmp_nosuid.sh | 16 ++++++------ bin/hardening/2.4_tmp_noexec.sh | 16 ++++++------ bin/hardening/2.5_var_partition.sh | 16 ++++++------ bin/hardening/2.6.1_var_tmp_partition.sh | 16 ++++++------ bin/hardening/2.6.2_var_tmp_nodev.sh | 16 ++++++------ bin/hardening/2.6.3_var_tmp_nosuid.sh | 16 ++++++------ bin/hardening/2.6.4_var_tmp_noexec.sh | 16 ++++++------ bin/hardening/2.7_var_log_partition.sh | 16 ++++++------ bin/hardening/2.8_var_log_audit_partition.sh | 16 ++++++------ bin/hardening/2.9_home_partition.sh | 16 ++++++------ bin/hardening/3.1_bootloader_ownership.sh | 16 ++++++------ bin/hardening/3.2_bootloader_permissions.sh | 16 ++++++------ bin/hardening/3.3_bootloader_password.sh | 16 ++++++------ bin/hardening/3.4_root_password.sh | 16 ++++++------ bin/hardening/4.1_restrict_core_dumps.sh | 16 ++++++------ bin/hardening/4.2_enable_nx_support.sh | 16 ++++++------ .../4.3_enable_randomized_vm_placement.sh | 16 ++++++------ bin/hardening/4.4_disable_prelink.sh | 16 ++++++------ bin/hardening/4.5_enable_apparmor.sh | 16 ++++++------ bin/hardening/5.1.1_disable_nis.sh | 16 ++++++------ bin/hardening/5.1.2_disable_rsh.sh | 16 ++++++------ bin/hardening/5.1.3_disable_rsh_client.sh | 16 ++++++------ bin/hardening/5.1.4_disable_talk.sh | 16 ++++++------ bin/hardening/5.1.5_disable_talk_client.sh | 16 ++++++------ bin/hardening/5.1.6_disable_telnet_server.sh | 16 ++++++------ bin/hardening/5.1.7_disable_tftp_server.sh | 16 ++++++------ bin/hardening/5.1.8_disable_inetd.sh | 16 ++++++------ bin/hardening/5.2_disable_chargen.sh | 16 ++++++------ bin/hardening/5.3_disable_daytime.sh | 16 ++++++------ bin/hardening/5.4_disable_echo.sh | 16 ++++++------ bin/hardening/5.5_disable_discard.sh | 16 ++++++------ bin/hardening/5.6_disable_time.sh | 16 ++++++------ bin/hardening/6.10_disable_http_server.sh | 16 ++++++------ bin/hardening/6.11_disable_imap_pop.sh | 16 ++++++------ bin/hardening/6.12_disable_samba.sh | 16 ++++++------ bin/hardening/6.13_disable_http_proxy.sh | 16 ++++++------ bin/hardening/6.14_disable_snmp_server.sh | 16 ++++++------ bin/hardening/6.15_mta_localhost.sh | 16 ++++++------ bin/hardening/6.16_disable_rsync.sh | 16 ++++++------ bin/hardening/6.1_disable_xwindow_system.sh | 16 ++++++------ bin/hardening/6.2_disable_avahi_server.sh | 16 ++++++------ bin/hardening/6.3_disable_print_server.sh | 16 ++++++------ bin/hardening/6.4_disable_dhcp.sh | 16 ++++++------ bin/hardening/6.5_configure_ntp.sh | 16 ++++++------ bin/hardening/6.6_disable_ldap.sh | 16 ++++++------ bin/hardening/6.7_disable_nfs_rpc.sh | 16 ++++++------ bin/hardening/6.8_disable_dns_server.sh | 16 ++++++------ bin/hardening/6.9_disable_ftp.sh | 16 ++++++------ bin/hardening/7.1.1_disable_ip_forwarding.sh | 16 ++++++------ .../7.1.2_disable_send_packet_redirects.sh | 16 ++++++------ .../7.2.1_disable_source_routed_packets.sh | 16 ++++++------ bin/hardening/7.2.2_disable_icmp_redirect.sh | 16 ++++++------ .../7.2.3_disable_secure_icmp_redirect.sh | 16 ++++++------ bin/hardening/7.2.4_log_martian_packets.sh | 16 ++++++------ .../7.2.5_ignore_broadcast_requests.sh | 16 ++++++------ ...2.6_enable_bad_error_message_protection.sh | 16 ++++++------ .../7.2.7_enable_source_route_validation.sh | 16 ++++++------ bin/hardening/7.2.8_enable_tcp_syn_cookies.sh | 16 ++++++------ ...7.3.1_disable_ipv6_router_advertisement.sh | 16 ++++++------ bin/hardening/7.3.2_disable_ipv6_redirect.sh | 16 ++++++------ bin/hardening/7.3.3_disable_ipv6.sh | 16 ++++++------ bin/hardening/7.4.1_install_tcp_wrapper.sh | 16 ++++++------ bin/hardening/7.4.2_hosts_allow.sh | 16 ++++++------ .../7.4.3_hosts_allow_permissions.sh | 16 ++++++------ bin/hardening/7.4.4_hosts_deny.sh | 16 ++++++------ bin/hardening/7.4.5_hosts_deny_permissions.sh | 16 ++++++------ bin/hardening/7.5.1_disable_dccp.sh | 16 ++++++------ bin/hardening/7.5.2_disable_sctp.sh | 16 ++++++------ bin/hardening/7.5.3_disable_rds.sh | 16 ++++++------ bin/hardening/7.5.4_disable_tipc.sh | 16 ++++++------ bin/hardening/7.6_disable_wireless.sh | 25 +++++++++++++------ bin/hardening/7.7_enable_firewall.sh | 16 ++++++------ bin/hardening/8.0_enable_auditd_kernel.sh | 16 ++++++------ bin/hardening/8.1.1.1_audit_log_storage.sh | 16 ++++++------ .../8.1.1.2_halt_when_audit_log_full.sh | 16 ++++++------ bin/hardening/8.1.1.3_keep_all_audit_logs.sh | 16 ++++++------ bin/hardening/8.1.10_record_dac_edit.sh | 16 ++++++------ .../8.1.11_record_failed_access_file.sh | 16 ++++++------ .../8.1.12_record_privileged_commands.sh | 16 ++++++------ .../8.1.13_record_successful_mount.sh | 16 ++++++------ bin/hardening/8.1.14_record_file_deletions.sh | 16 ++++++------ bin/hardening/8.1.15_record_sudoers_edit.sh | 16 ++++++------ bin/hardening/8.1.16_record_sudo_usage.sh | 16 ++++++------ bin/hardening/8.1.17_record_kernel_modules.sh | 16 ++++++------ bin/hardening/8.1.18_freeze_auditd_conf.sh | 16 ++++++------ bin/hardening/8.1.2_enable_auditd.sh | 16 ++++++------ bin/hardening/8.1.3_audit_bootloader.sh | 16 ++++++------ bin/hardening/8.1.4_record_date_time_edit.sh | 16 ++++++------ bin/hardening/8.1.5_record_user_group_edit.sh | 16 ++++++------ bin/hardening/8.1.6_record_network_edit.sh | 16 ++++++------ bin/hardening/8.1.7_record_mac_edit.sh | 16 ++++++------ bin/hardening/8.1.8_record_login_logout.sh | 16 ++++++------ bin/hardening/8.1.9_record_session_init.sh | 16 ++++++------ bin/hardening/8.2.1_install_syslog-ng.sh | 16 ++++++------ bin/hardening/8.2.2_enable_syslog-ng.sh | 16 ++++++------ bin/hardening/8.2.3_configure_syslog-ng.sh | 16 ++++++------ bin/hardening/8.2.4_set_logfile_perm.sh | 16 ++++++------ bin/hardening/8.2.5_syslog-ng_remote_host.sh | 16 ++++++------ bin/hardening/8.2.6_remote_syslog-ng_acl.sh | 16 ++++++------ bin/hardening/8.3.1_install_tripwire.sh | 16 ++++++------ bin/hardening/8.3.2_tripwire_cron.sh | 14 +++++------ bin/hardening/8.4_configure_logrotate.sh | 16 ++++++------ bin/hardening/9.1.1_enable_cron.sh | 16 ++++++------ bin/hardening/9.1.2_crontab_perm_ownership.sh | 16 ++++++------ .../9.1.3_cron_hourly_perm_ownership.sh | 16 ++++++------ .../9.1.4_cron_daily_perm_ownership.sh | 16 ++++++------ .../9.1.5_cron_weekly_perm_ownership.sh | 16 ++++++------ .../9.1.6_cron_monthly_perm_ownership.sh | 16 ++++++------ bin/hardening/9.1.7_cron_d_perm_ownership.sh | 16 ++++++------ bin/hardening/9.1.8_cron_users.sh | 16 ++++++------ bin/hardening/9.2.1_enable_cracklib.sh | 16 ++++++------ .../9.2.2_enable_lockout_failed_password.sh | 16 ++++++------ bin/hardening/9.2.3_limit_password_reuse.sh | 16 ++++++------ bin/hardening/9.3.10_disable_sshd_setenv.sh | 16 ++++++------ bin/hardening/9.3.11_sshd_ciphers.sh | 16 ++++++------ bin/hardening/9.3.12_sshd_idle_timeout.sh | 16 ++++++------ bin/hardening/9.3.13_sshd_limit_access.sh | 16 ++++++------ bin/hardening/9.3.14_ssh_banner.sh | 16 ++++++------ bin/hardening/9.3.1_sshd_protocol.sh | 16 ++++++------ bin/hardening/9.3.2_sshd_loglevel.sh | 16 ++++++------ .../9.3.3_sshd_conf_perm_ownership.sh | 16 ++++++------ bin/hardening/9.3.4_disable_x11_forwarding.sh | 16 ++++++------ bin/hardening/9.3.5_sshd_maxauthtries.sh | 16 ++++++------ .../9.3.6_enable_sshd_ignorerhosts.sh | 16 ++++++------ ....7_disable_sshd_hostbasedauthentication.sh | 16 ++++++------ bin/hardening/9.3.8_disable_root_login.sh | 16 ++++++------ ...9.3.9_disable_sshd_permitemptypasswords.sh | 16 ++++++------ bin/hardening/9.4_secure_tty.sh | 16 ++++++------ bin/hardening/9.5_restrict_su.sh | 16 ++++++------ bin/hardening/99.1_timeout_tty.sh | 14 +++++------ bin/hardening/99.2_disable_usb_devices.sh | 14 +++++------ 191 files changed, 1342 insertions(+), 1713 deletions(-) diff --git a/bin/hardening/1.1_install_updates.sh b/bin/hardening/1.1_install_updates.sh index 657dc79..d62b853 100755 --- a/bin/hardening/1.1_install_updates.sh +++ b/bin/hardening/1.1_install_updates.sh @@ -45,16 +45,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/10.1.1_set_password_exp_days.sh b/bin/hardening/10.1.1_set_password_exp_days.sh index ce7dcbc..4a64535 100755 --- a/bin/hardening/10.1.1_set_password_exp_days.sh +++ b/bin/hardening/10.1.1_set_password_exp_days.sh @@ -73,16 +73,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/10.1.2_set_password_min_days_change.sh b/bin/hardening/10.1.2_set_password_min_days_change.sh index a4eef31..3dbfc9b 100755 --- a/bin/hardening/10.1.2_set_password_min_days_change.sh +++ b/bin/hardening/10.1.2_set_password_min_days_change.sh @@ -73,16 +73,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/10.1.3_set_password_exp_warning_days.sh b/bin/hardening/10.1.3_set_password_exp_warning_days.sh index 3ff35c1..db7c922 100755 --- a/bin/hardening/10.1.3_set_password_exp_warning_days.sh +++ b/bin/hardening/10.1.3_set_password_exp_warning_days.sh @@ -73,16 +73,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/10.2_disable_system_accounts.sh b/bin/hardening/10.2_disable_system_accounts.sh index 0dcb6a9..54cd0ee 100755 --- a/bin/hardening/10.2_disable_system_accounts.sh +++ b/bin/hardening/10.2_disable_system_accounts.sh @@ -89,15 +89,13 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) diff --git a/bin/hardening/10.3_default_root_group.sh b/bin/hardening/10.3_default_root_group.sh index 51a389e..b32b855 100755 --- a/bin/hardening/10.3_default_root_group.sh +++ b/bin/hardening/10.3_default_root_group.sh @@ -41,16 +41,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/10.4_default_umask.sh b/bin/hardening/10.4_default_umask.sh index 5e9f4e4..81c7a6d 100755 --- a/bin/hardening/10.4_default_umask.sh +++ b/bin/hardening/10.4_default_umask.sh @@ -91,15 +91,13 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) diff --git a/bin/hardening/10.5_lock_inactive_user_account.sh b/bin/hardening/10.5_lock_inactive_user_account.sh index 967a39a..7a3b991 100755 --- a/bin/hardening/10.5_lock_inactive_user_account.sh +++ b/bin/hardening/10.5_lock_inactive_user_account.sh @@ -33,16 +33,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/11.1_warning_banners.sh b/bin/hardening/11.1_warning_banners.sh index 6b1fda5..0f05ad7 100755 --- a/bin/hardening/11.1_warning_banners.sh +++ b/bin/hardening/11.1_warning_banners.sh @@ -67,16 +67,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/11.2_remove_os_info_warning_banners.sh b/bin/hardening/11.2_remove_os_info_warning_banners.sh index 56c4f04..1f43e59 100755 --- a/bin/hardening/11.2_remove_os_info_warning_banners.sh +++ b/bin/hardening/11.2_remove_os_info_warning_banners.sh @@ -47,16 +47,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/11.3_graphical_warning_banners.sh b/bin/hardening/11.3_graphical_warning_banners.sh index 1149c4e..0127d5d 100755 --- a/bin/hardening/11.3_graphical_warning_banners.sh +++ b/bin/hardening/11.3_graphical_warning_banners.sh @@ -29,16 +29,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/12.10_find_suid_files.sh b/bin/hardening/12.10_find_suid_files.sh index 971f0e1..ff0571b 100755 --- a/bin/hardening/12.10_find_suid_files.sh +++ b/bin/hardening/12.10_find_suid_files.sh @@ -53,16 +53,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/12.11_find_sgid_files.sh b/bin/hardening/12.11_find_sgid_files.sh index db1b91e..50421d5 100755 --- a/bin/hardening/12.11_find_sgid_files.sh +++ b/bin/hardening/12.11_find_sgid_files.sh @@ -54,16 +54,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/12.1_etc_passwd_permissions.sh b/bin/hardening/12.1_etc_passwd_permissions.sh index d833292..1a413fe 100755 --- a/bin/hardening/12.1_etc_passwd_permissions.sh +++ b/bin/hardening/12.1_etc_passwd_permissions.sh @@ -43,16 +43,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/12.2_etc_shadow_permissions.sh b/bin/hardening/12.2_etc_shadow_permissions.sh index f5ea517..97f4476 100755 --- a/bin/hardening/12.2_etc_shadow_permissions.sh +++ b/bin/hardening/12.2_etc_shadow_permissions.sh @@ -43,16 +43,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/12.3_etc_group_permissions.sh b/bin/hardening/12.3_etc_group_permissions.sh index 89d3230..f87b3d0 100755 --- a/bin/hardening/12.3_etc_group_permissions.sh +++ b/bin/hardening/12.3_etc_group_permissions.sh @@ -43,16 +43,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/12.4_etc_passwd_ownership.sh b/bin/hardening/12.4_etc_passwd_ownership.sh index 3219378..3ad54c6 100755 --- a/bin/hardening/12.4_etc_passwd_ownership.sh +++ b/bin/hardening/12.4_etc_passwd_ownership.sh @@ -58,16 +58,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/12.5_etc_shadow_ownership.sh b/bin/hardening/12.5_etc_shadow_ownership.sh index c63ead0..b4f0949 100755 --- a/bin/hardening/12.5_etc_shadow_ownership.sh +++ b/bin/hardening/12.5_etc_shadow_ownership.sh @@ -58,16 +58,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/12.6_etc_group_ownership.sh b/bin/hardening/12.6_etc_group_ownership.sh index 7f5c676..9d009bb 100755 --- a/bin/hardening/12.6_etc_group_ownership.sh +++ b/bin/hardening/12.6_etc_group_ownership.sh @@ -58,16 +58,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/12.7_find_world_writable_file.sh b/bin/hardening/12.7_find_world_writable_file.sh index d97872a..64485f8 100755 --- a/bin/hardening/12.7_find_world_writable_file.sh +++ b/bin/hardening/12.7_find_world_writable_file.sh @@ -44,16 +44,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/12.8_find_unowned_files.sh b/bin/hardening/12.8_find_unowned_files.sh index 53d8644..b914276 100755 --- a/bin/hardening/12.8_find_unowned_files.sh +++ b/bin/hardening/12.8_find_unowned_files.sh @@ -46,16 +46,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/12.9_find_ungrouped_files.sh b/bin/hardening/12.9_find_ungrouped_files.sh index 68a81c5..64d5b73 100755 --- a/bin/hardening/12.9_find_ungrouped_files.sh +++ b/bin/hardening/12.9_find_ungrouped_files.sh @@ -46,16 +46,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/13.10_find_user_rhosts_files.sh b/bin/hardening/13.10_find_user_rhosts_files.sh index 7db4077..7980b49 100755 --- a/bin/hardening/13.10_find_user_rhosts_files.sh +++ b/bin/hardening/13.10_find_user_rhosts_files.sh @@ -44,16 +44,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening FILE, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/13.11_find_passwd_group_inconsistencies.sh b/bin/hardening/13.11_find_passwd_group_inconsistencies.sh index a52def2..b7aa8c7 100755 --- a/bin/hardening/13.11_find_passwd_group_inconsistencies.sh +++ b/bin/hardening/13.11_find_passwd_group_inconsistencies.sh @@ -42,16 +42,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening FILE, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/13.12_users_valid_homedir.sh b/bin/hardening/13.12_users_valid_homedir.sh index 2566779..ad4d621 100755 --- a/bin/hardening/13.12_users_valid_homedir.sh +++ b/bin/hardening/13.12_users_valid_homedir.sh @@ -45,16 +45,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening FILE, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/13.13_check_user_homedir_ownership.sh b/bin/hardening/13.13_check_user_homedir_ownership.sh index 053ead2..31d59d5 100755 --- a/bin/hardening/13.13_check_user_homedir_ownership.sh +++ b/bin/hardening/13.13_check_user_homedir_ownership.sh @@ -56,16 +56,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening FILE, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/13.14_check_duplicate_uid.sh b/bin/hardening/13.14_check_duplicate_uid.sh index 63ee17f..0294d13 100755 --- a/bin/hardening/13.14_check_duplicate_uid.sh +++ b/bin/hardening/13.14_check_duplicate_uid.sh @@ -45,16 +45,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening FILE, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/13.15_check_duplicate_gid.sh b/bin/hardening/13.15_check_duplicate_gid.sh index d0fd19c..93b7864 100755 --- a/bin/hardening/13.15_check_duplicate_gid.sh +++ b/bin/hardening/13.15_check_duplicate_gid.sh @@ -45,16 +45,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening FILE, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/13.16_check_duplicate_username.sh b/bin/hardening/13.16_check_duplicate_username.sh index bc3c2ed..140e244 100755 --- a/bin/hardening/13.16_check_duplicate_username.sh +++ b/bin/hardening/13.16_check_duplicate_username.sh @@ -45,16 +45,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening FILE, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/13.17_check_duplicate_groupname.sh b/bin/hardening/13.17_check_duplicate_groupname.sh index 5c73c71..cb7df6f 100755 --- a/bin/hardening/13.17_check_duplicate_groupname.sh +++ b/bin/hardening/13.17_check_duplicate_groupname.sh @@ -45,16 +45,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening FILE, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/13.18_find_user_netrc_files.sh b/bin/hardening/13.18_find_user_netrc_files.sh index a98d084..763eaad 100755 --- a/bin/hardening/13.18_find_user_netrc_files.sh +++ b/bin/hardening/13.18_find_user_netrc_files.sh @@ -44,16 +44,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening FILE, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/13.19_find_user_forward_files.sh b/bin/hardening/13.19_find_user_forward_files.sh index c8bdca0..e855014 100755 --- a/bin/hardening/13.19_find_user_forward_files.sh +++ b/bin/hardening/13.19_find_user_forward_files.sh @@ -44,16 +44,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening FILE, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/13.1_remove_empty_password_field.sh b/bin/hardening/13.1_remove_empty_password_field.sh index dac0c87..09d03c4 100755 --- a/bin/hardening/13.1_remove_empty_password_field.sh +++ b/bin/hardening/13.1_remove_empty_password_field.sh @@ -47,16 +47,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/13.20_shadow_group_empty.sh b/bin/hardening/13.20_shadow_group_empty.sh index 33f8b3f..c08ab96 100755 --- a/bin/hardening/13.20_shadow_group_empty.sh +++ b/bin/hardening/13.20_shadow_group_empty.sh @@ -54,16 +54,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening FILE, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/13.2_remove_legacy_passwd_entries.sh b/bin/hardening/13.2_remove_legacy_passwd_entries.sh index 267cf93..7457227 100755 --- a/bin/hardening/13.2_remove_legacy_passwd_entries.sh +++ b/bin/hardening/13.2_remove_legacy_passwd_entries.sh @@ -48,16 +48,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/13.3_remove_legacy_shadow_entries.sh b/bin/hardening/13.3_remove_legacy_shadow_entries.sh index 2bcd9bc..227a2d8 100755 --- a/bin/hardening/13.3_remove_legacy_shadow_entries.sh +++ b/bin/hardening/13.3_remove_legacy_shadow_entries.sh @@ -48,16 +48,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/13.4_remove_legacy_group_entries.sh b/bin/hardening/13.4_remove_legacy_group_entries.sh index c4decf5..1a2de0f 100755 --- a/bin/hardening/13.4_remove_legacy_group_entries.sh +++ b/bin/hardening/13.4_remove_legacy_group_entries.sh @@ -48,16 +48,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/13.5_find_0_uid_non_root_account.sh b/bin/hardening/13.5_find_0_uid_non_root_account.sh index 21bb593..8630bdb 100755 --- a/bin/hardening/13.5_find_0_uid_non_root_account.sh +++ b/bin/hardening/13.5_find_0_uid_non_root_account.sh @@ -61,16 +61,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/13.6_sanitize_root_path.sh b/bin/hardening/13.6_sanitize_root_path.sh index d82865c..5b889a5 100755 --- a/bin/hardening/13.6_sanitize_root_path.sh +++ b/bin/hardening/13.6_sanitize_root_path.sh @@ -71,16 +71,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/13.7_check_user_dir_perm.sh b/bin/hardening/13.7_check_user_dir_perm.sh index c3a6c35..3490227 100755 --- a/bin/hardening/13.7_check_user_dir_perm.sh +++ b/bin/hardening/13.7_check_user_dir_perm.sh @@ -105,16 +105,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/13.8_check_user_dot_file_perm.sh b/bin/hardening/13.8_check_user_dot_file_perm.sh index 4157953..011caa4 100755 --- a/bin/hardening/13.8_check_user_dot_file_perm.sh +++ b/bin/hardening/13.8_check_user_dot_file_perm.sh @@ -64,16 +64,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening FILE, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/13.9_set_perm_on_user_netrc.sh b/bin/hardening/13.9_set_perm_on_user_netrc.sh index ac50b3b..bc47579 100755 --- a/bin/hardening/13.9_set_perm_on_user_netrc.sh +++ b/bin/hardening/13.9_set_perm_on_user_netrc.sh @@ -63,16 +63,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening FILE, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/2.10_home_nodev.sh b/bin/hardening/2.10_home_nodev.sh index 084f1d6..5e2072d 100755 --- a/bin/hardening/2.10_home_nodev.sh +++ b/bin/hardening/2.10_home_nodev.sh @@ -68,16 +68,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/2.11_removable_device_nodev.sh b/bin/hardening/2.11_removable_device_nodev.sh index ee6f41b..4ba54d7 100755 --- a/bin/hardening/2.11_removable_device_nodev.sh +++ b/bin/hardening/2.11_removable_device_nodev.sh @@ -56,16 +56,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/2.12_removable_device_noexec.sh b/bin/hardening/2.12_removable_device_noexec.sh index b1912b3..2aeb24a 100755 --- a/bin/hardening/2.12_removable_device_noexec.sh +++ b/bin/hardening/2.12_removable_device_noexec.sh @@ -56,16 +56,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/2.13_removable_device_nosuid.sh b/bin/hardening/2.13_removable_device_nosuid.sh index c6a8f73..082cc22 100755 --- a/bin/hardening/2.13_removable_device_nosuid.sh +++ b/bin/hardening/2.13_removable_device_nosuid.sh @@ -56,16 +56,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/2.14_run_shm_nodev.sh b/bin/hardening/2.14_run_shm_nodev.sh index 41939b5..a72d46c 100755 --- a/bin/hardening/2.14_run_shm_nodev.sh +++ b/bin/hardening/2.14_run_shm_nodev.sh @@ -68,16 +68,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/2.15_run_shm_nosuid.sh b/bin/hardening/2.15_run_shm_nosuid.sh index 4ffbc07..956f425 100755 --- a/bin/hardening/2.15_run_shm_nosuid.sh +++ b/bin/hardening/2.15_run_shm_nosuid.sh @@ -68,16 +68,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/2.16_run_shm_noexec.sh b/bin/hardening/2.16_run_shm_noexec.sh index 84e6765..b803156 100755 --- a/bin/hardening/2.16_run_shm_noexec.sh +++ b/bin/hardening/2.16_run_shm_noexec.sh @@ -68,16 +68,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/2.17_sticky_bit_world_writable_folder.sh b/bin/hardening/2.17_sticky_bit_world_writable_folder.sh index 3188a34..ac4aeb4 100755 --- a/bin/hardening/2.17_sticky_bit_world_writable_folder.sh +++ b/bin/hardening/2.17_sticky_bit_world_writable_folder.sh @@ -43,16 +43,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/2.18_disable_cramfs.sh b/bin/hardening/2.18_disable_cramfs.sh index c2c44f5..c6bfde8 100755 --- a/bin/hardening/2.18_disable_cramfs.sh +++ b/bin/hardening/2.18_disable_cramfs.sh @@ -45,16 +45,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/2.19_disable_freevxfs.sh b/bin/hardening/2.19_disable_freevxfs.sh index b5e7911..9948f05 100755 --- a/bin/hardening/2.19_disable_freevxfs.sh +++ b/bin/hardening/2.19_disable_freevxfs.sh @@ -45,16 +45,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/2.1_tmp_partition.sh b/bin/hardening/2.1_tmp_partition.sh index 2f7b1e2..b411fdd 100755 --- a/bin/hardening/2.1_tmp_partition.sh +++ b/bin/hardening/2.1_tmp_partition.sh @@ -57,16 +57,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/2.20_disable_jffs2.sh b/bin/hardening/2.20_disable_jffs2.sh index d00f8ac..73def79 100755 --- a/bin/hardening/2.20_disable_jffs2.sh +++ b/bin/hardening/2.20_disable_jffs2.sh @@ -45,16 +45,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/2.21_disable_hfs.sh b/bin/hardening/2.21_disable_hfs.sh index 67e546c..e84a1cb 100755 --- a/bin/hardening/2.21_disable_hfs.sh +++ b/bin/hardening/2.21_disable_hfs.sh @@ -45,16 +45,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/2.22_disable_hfsplus.sh b/bin/hardening/2.22_disable_hfsplus.sh index 20b8dd3..8dfdf1c 100755 --- a/bin/hardening/2.22_disable_hfsplus.sh +++ b/bin/hardening/2.22_disable_hfsplus.sh @@ -45,16 +45,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/2.23_disable_squashfs.sh b/bin/hardening/2.23_disable_squashfs.sh index 83ba69e..719092e 100755 --- a/bin/hardening/2.23_disable_squashfs.sh +++ b/bin/hardening/2.23_disable_squashfs.sh @@ -45,16 +45,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/2.24_disable_udf.sh b/bin/hardening/2.24_disable_udf.sh index d271f2d..6a3f3fe 100755 --- a/bin/hardening/2.24_disable_udf.sh +++ b/bin/hardening/2.24_disable_udf.sh @@ -45,16 +45,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/2.25_disable_automounting.sh b/bin/hardening/2.25_disable_automounting.sh index e6ed5ca..8a82e0b 100755 --- a/bin/hardening/2.25_disable_automounting.sh +++ b/bin/hardening/2.25_disable_automounting.sh @@ -44,16 +44,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/2.2_tmp_nodev.sh b/bin/hardening/2.2_tmp_nodev.sh index b9da185..d142636 100755 --- a/bin/hardening/2.2_tmp_nodev.sh +++ b/bin/hardening/2.2_tmp_nodev.sh @@ -68,16 +68,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/2.3_tmp_nosuid.sh b/bin/hardening/2.3_tmp_nosuid.sh index 9852a05..0a06ad4 100755 --- a/bin/hardening/2.3_tmp_nosuid.sh +++ b/bin/hardening/2.3_tmp_nosuid.sh @@ -68,16 +68,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/2.4_tmp_noexec.sh b/bin/hardening/2.4_tmp_noexec.sh index 85d9e71..b5a5c94 100755 --- a/bin/hardening/2.4_tmp_noexec.sh +++ b/bin/hardening/2.4_tmp_noexec.sh @@ -68,16 +68,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/2.5_var_partition.sh b/bin/hardening/2.5_var_partition.sh index e0cdee4..472506b 100755 --- a/bin/hardening/2.5_var_partition.sh +++ b/bin/hardening/2.5_var_partition.sh @@ -57,16 +57,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/2.6.1_var_tmp_partition.sh b/bin/hardening/2.6.1_var_tmp_partition.sh index 92cb896..de005dd 100755 --- a/bin/hardening/2.6.1_var_tmp_partition.sh +++ b/bin/hardening/2.6.1_var_tmp_partition.sh @@ -57,16 +57,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/2.6.2_var_tmp_nodev.sh b/bin/hardening/2.6.2_var_tmp_nodev.sh index ab50f90..468538d 100755 --- a/bin/hardening/2.6.2_var_tmp_nodev.sh +++ b/bin/hardening/2.6.2_var_tmp_nodev.sh @@ -68,16 +68,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/2.6.3_var_tmp_nosuid.sh b/bin/hardening/2.6.3_var_tmp_nosuid.sh index 10da05e..a8a16ad 100755 --- a/bin/hardening/2.6.3_var_tmp_nosuid.sh +++ b/bin/hardening/2.6.3_var_tmp_nosuid.sh @@ -68,16 +68,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/2.6.4_var_tmp_noexec.sh b/bin/hardening/2.6.4_var_tmp_noexec.sh index d738423..417428e 100755 --- a/bin/hardening/2.6.4_var_tmp_noexec.sh +++ b/bin/hardening/2.6.4_var_tmp_noexec.sh @@ -68,16 +68,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/2.7_var_log_partition.sh b/bin/hardening/2.7_var_log_partition.sh index 42276a4..5feac24 100755 --- a/bin/hardening/2.7_var_log_partition.sh +++ b/bin/hardening/2.7_var_log_partition.sh @@ -57,16 +57,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/2.8_var_log_audit_partition.sh b/bin/hardening/2.8_var_log_audit_partition.sh index 0bddf6f..5aab581 100755 --- a/bin/hardening/2.8_var_log_audit_partition.sh +++ b/bin/hardening/2.8_var_log_audit_partition.sh @@ -57,16 +57,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/2.9_home_partition.sh b/bin/hardening/2.9_home_partition.sh index 106f6e8..869208d 100755 --- a/bin/hardening/2.9_home_partition.sh +++ b/bin/hardening/2.9_home_partition.sh @@ -57,16 +57,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/3.1_bootloader_ownership.sh b/bin/hardening/3.1_bootloader_ownership.sh index 9f778b5..b32cec5 100755 --- a/bin/hardening/3.1_bootloader_ownership.sh +++ b/bin/hardening/3.1_bootloader_ownership.sh @@ -66,16 +66,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/3.2_bootloader_permissions.sh b/bin/hardening/3.2_bootloader_permissions.sh index adf8f66..435b6ad 100755 --- a/bin/hardening/3.2_bootloader_permissions.sh +++ b/bin/hardening/3.2_bootloader_permissions.sh @@ -53,16 +53,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/3.3_bootloader_password.sh b/bin/hardening/3.3_bootloader_password.sh index fcdea74..2a73131 100755 --- a/bin/hardening/3.3_bootloader_password.sh +++ b/bin/hardening/3.3_bootloader_password.sh @@ -64,16 +64,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/3.4_root_password.sh b/bin/hardening/3.4_root_password.sh index 7b68169..5076847 100755 --- a/bin/hardening/3.4_root_password.sh +++ b/bin/hardening/3.4_root_password.sh @@ -43,16 +43,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/4.1_restrict_core_dumps.sh b/bin/hardening/4.1_restrict_core_dumps.sh index 246da9c..610889e 100755 --- a/bin/hardening/4.1_restrict_core_dumps.sh +++ b/bin/hardening/4.1_restrict_core_dumps.sh @@ -63,16 +63,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/4.2_enable_nx_support.sh b/bin/hardening/4.2_enable_nx_support.sh index 7cda69f..5c5fdb5 100755 --- a/bin/hardening/4.2_enable_nx_support.sh +++ b/bin/hardening/4.2_enable_nx_support.sh @@ -65,16 +65,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/4.3_enable_randomized_vm_placement.sh b/bin/hardening/4.3_enable_randomized_vm_placement.sh index b183eb1..e8092ca 100755 --- a/bin/hardening/4.3_enable_randomized_vm_placement.sh +++ b/bin/hardening/4.3_enable_randomized_vm_placement.sh @@ -47,16 +47,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/4.4_disable_prelink.sh b/bin/hardening/4.4_disable_prelink.sh index 740af73..cb8eace 100755 --- a/bin/hardening/4.4_disable_prelink.sh +++ b/bin/hardening/4.4_disable_prelink.sh @@ -46,16 +46,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/4.5_enable_apparmor.sh b/bin/hardening/4.5_enable_apparmor.sh index ca18b1a..d41bf46 100755 --- a/bin/hardening/4.5_enable_apparmor.sh +++ b/bin/hardening/4.5_enable_apparmor.sh @@ -43,16 +43,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/5.1.1_disable_nis.sh b/bin/hardening/5.1.1_disable_nis.sh index eca65d7..cb29a72 100755 --- a/bin/hardening/5.1.1_disable_nis.sh +++ b/bin/hardening/5.1.1_disable_nis.sh @@ -44,16 +44,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/5.1.2_disable_rsh.sh b/bin/hardening/5.1.2_disable_rsh.sh index 58b08b5..8335d22 100755 --- a/bin/hardening/5.1.2_disable_rsh.sh +++ b/bin/hardening/5.1.2_disable_rsh.sh @@ -76,16 +76,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/5.1.3_disable_rsh_client.sh b/bin/hardening/5.1.3_disable_rsh_client.sh index e6da543..51926c0 100755 --- a/bin/hardening/5.1.3_disable_rsh_client.sh +++ b/bin/hardening/5.1.3_disable_rsh_client.sh @@ -48,16 +48,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/5.1.4_disable_talk.sh b/bin/hardening/5.1.4_disable_talk.sh index e052c74..166afa1 100755 --- a/bin/hardening/5.1.4_disable_talk.sh +++ b/bin/hardening/5.1.4_disable_talk.sh @@ -75,16 +75,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/5.1.5_disable_talk_client.sh b/bin/hardening/5.1.5_disable_talk_client.sh index 12317b9..bebdfd4 100755 --- a/bin/hardening/5.1.5_disable_talk_client.sh +++ b/bin/hardening/5.1.5_disable_talk_client.sh @@ -47,16 +47,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/5.1.6_disable_telnet_server.sh b/bin/hardening/5.1.6_disable_telnet_server.sh index 6db2b59..8e5d09a 100755 --- a/bin/hardening/5.1.6_disable_telnet_server.sh +++ b/bin/hardening/5.1.6_disable_telnet_server.sh @@ -76,16 +76,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/5.1.7_disable_tftp_server.sh b/bin/hardening/5.1.7_disable_tftp_server.sh index 9921598..9cb4432 100755 --- a/bin/hardening/5.1.7_disable_tftp_server.sh +++ b/bin/hardening/5.1.7_disable_tftp_server.sh @@ -75,16 +75,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/5.1.8_disable_inetd.sh b/bin/hardening/5.1.8_disable_inetd.sh index f032e3e..6fd62cc 100755 --- a/bin/hardening/5.1.8_disable_inetd.sh +++ b/bin/hardening/5.1.8_disable_inetd.sh @@ -47,16 +47,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/5.2_disable_chargen.sh b/bin/hardening/5.2_disable_chargen.sh index e96d435..50b8621 100755 --- a/bin/hardening/5.2_disable_chargen.sh +++ b/bin/hardening/5.2_disable_chargen.sh @@ -56,16 +56,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/5.3_disable_daytime.sh b/bin/hardening/5.3_disable_daytime.sh index 8788a06..273fe94 100755 --- a/bin/hardening/5.3_disable_daytime.sh +++ b/bin/hardening/5.3_disable_daytime.sh @@ -56,16 +56,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/5.4_disable_echo.sh b/bin/hardening/5.4_disable_echo.sh index f52b4dc..30176db 100755 --- a/bin/hardening/5.4_disable_echo.sh +++ b/bin/hardening/5.4_disable_echo.sh @@ -56,16 +56,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/5.5_disable_discard.sh b/bin/hardening/5.5_disable_discard.sh index 254c6a7..d90f9ef 100755 --- a/bin/hardening/5.5_disable_discard.sh +++ b/bin/hardening/5.5_disable_discard.sh @@ -56,16 +56,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/5.6_disable_time.sh b/bin/hardening/5.6_disable_time.sh index a7075db..7334fc4 100755 --- a/bin/hardening/5.6_disable_time.sh +++ b/bin/hardening/5.6_disable_time.sh @@ -56,16 +56,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/6.10_disable_http_server.sh b/bin/hardening/6.10_disable_http_server.sh index f0ca53c..fdf7799 100755 --- a/bin/hardening/6.10_disable_http_server.sh +++ b/bin/hardening/6.10_disable_http_server.sh @@ -49,16 +49,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/6.11_disable_imap_pop.sh b/bin/hardening/6.11_disable_imap_pop.sh index a78b98f..0bd9482 100755 --- a/bin/hardening/6.11_disable_imap_pop.sh +++ b/bin/hardening/6.11_disable_imap_pop.sh @@ -49,16 +49,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/6.12_disable_samba.sh b/bin/hardening/6.12_disable_samba.sh index 1ff4825..0758f78 100755 --- a/bin/hardening/6.12_disable_samba.sh +++ b/bin/hardening/6.12_disable_samba.sh @@ -48,16 +48,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/6.13_disable_http_proxy.sh b/bin/hardening/6.13_disable_http_proxy.sh index 654a596..1f863ce 100755 --- a/bin/hardening/6.13_disable_http_proxy.sh +++ b/bin/hardening/6.13_disable_http_proxy.sh @@ -48,16 +48,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/6.14_disable_snmp_server.sh b/bin/hardening/6.14_disable_snmp_server.sh index 80a1d40..8c52715 100755 --- a/bin/hardening/6.14_disable_snmp_server.sh +++ b/bin/hardening/6.14_disable_snmp_server.sh @@ -48,16 +48,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/6.15_mta_localhost.sh b/bin/hardening/6.15_mta_localhost.sh index f44800a..f835392 100755 --- a/bin/hardening/6.15_mta_localhost.sh +++ b/bin/hardening/6.15_mta_localhost.sh @@ -57,16 +57,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/6.16_disable_rsync.sh b/bin/hardening/6.16_disable_rsync.sh index 72645d7..a6cfc77 100755 --- a/bin/hardening/6.16_disable_rsync.sh +++ b/bin/hardening/6.16_disable_rsync.sh @@ -59,16 +59,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/6.1_disable_xwindow_system.sh b/bin/hardening/6.1_disable_xwindow_system.sh index 1d6e339..2d5180b 100755 --- a/bin/hardening/6.1_disable_xwindow_system.sh +++ b/bin/hardening/6.1_disable_xwindow_system.sh @@ -49,16 +49,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/6.2_disable_avahi_server.sh b/bin/hardening/6.2_disable_avahi_server.sh index cdde0b2..2c509cf 100755 --- a/bin/hardening/6.2_disable_avahi_server.sh +++ b/bin/hardening/6.2_disable_avahi_server.sh @@ -47,16 +47,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/6.3_disable_print_server.sh b/bin/hardening/6.3_disable_print_server.sh index f08321b..8b3cb92 100755 --- a/bin/hardening/6.3_disable_print_server.sh +++ b/bin/hardening/6.3_disable_print_server.sh @@ -48,16 +48,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/6.4_disable_dhcp.sh b/bin/hardening/6.4_disable_dhcp.sh index b0e48bf..85c4724 100755 --- a/bin/hardening/6.4_disable_dhcp.sh +++ b/bin/hardening/6.4_disable_dhcp.sh @@ -48,16 +48,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/6.5_configure_ntp.sh b/bin/hardening/6.5_configure_ntp.sh index aeb2504..b21212f 100755 --- a/bin/hardening/6.5_configure_ntp.sh +++ b/bin/hardening/6.5_configure_ntp.sh @@ -76,16 +76,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/6.6_disable_ldap.sh b/bin/hardening/6.6_disable_ldap.sh index b811c62..0dfe89f 100755 --- a/bin/hardening/6.6_disable_ldap.sh +++ b/bin/hardening/6.6_disable_ldap.sh @@ -48,16 +48,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/6.7_disable_nfs_rpc.sh b/bin/hardening/6.7_disable_nfs_rpc.sh index b43f9ff..f0aa7eb 100755 --- a/bin/hardening/6.7_disable_nfs_rpc.sh +++ b/bin/hardening/6.7_disable_nfs_rpc.sh @@ -48,16 +48,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/6.8_disable_dns_server.sh b/bin/hardening/6.8_disable_dns_server.sh index 856f5db..7689015 100755 --- a/bin/hardening/6.8_disable_dns_server.sh +++ b/bin/hardening/6.8_disable_dns_server.sh @@ -48,16 +48,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/6.9_disable_ftp.sh b/bin/hardening/6.9_disable_ftp.sh index 7a429fc..53054c9 100755 --- a/bin/hardening/6.9_disable_ftp.sh +++ b/bin/hardening/6.9_disable_ftp.sh @@ -49,16 +49,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/7.1.1_disable_ip_forwarding.sh b/bin/hardening/7.1.1_disable_ip_forwarding.sh index 8022ba1..4ad4355 100755 --- a/bin/hardening/7.1.1_disable_ip_forwarding.sh +++ b/bin/hardening/7.1.1_disable_ip_forwarding.sh @@ -49,16 +49,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/7.1.2_disable_send_packet_redirects.sh b/bin/hardening/7.1.2_disable_send_packet_redirects.sh index 4892bde..667b993 100755 --- a/bin/hardening/7.1.2_disable_send_packet_redirects.sh +++ b/bin/hardening/7.1.2_disable_send_packet_redirects.sh @@ -59,16 +59,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/7.2.1_disable_source_routed_packets.sh b/bin/hardening/7.2.1_disable_source_routed_packets.sh index 74f0e32..70fe508 100755 --- a/bin/hardening/7.2.1_disable_source_routed_packets.sh +++ b/bin/hardening/7.2.1_disable_source_routed_packets.sh @@ -57,16 +57,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/7.2.2_disable_icmp_redirect.sh b/bin/hardening/7.2.2_disable_icmp_redirect.sh index 06b424c..a080c1b 100755 --- a/bin/hardening/7.2.2_disable_icmp_redirect.sh +++ b/bin/hardening/7.2.2_disable_icmp_redirect.sh @@ -57,16 +57,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/7.2.3_disable_secure_icmp_redirect.sh b/bin/hardening/7.2.3_disable_secure_icmp_redirect.sh index c0036fc..ca4ffcf 100755 --- a/bin/hardening/7.2.3_disable_secure_icmp_redirect.sh +++ b/bin/hardening/7.2.3_disable_secure_icmp_redirect.sh @@ -57,16 +57,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/7.2.4_log_martian_packets.sh b/bin/hardening/7.2.4_log_martian_packets.sh index 7dc017d..ef56ece 100755 --- a/bin/hardening/7.2.4_log_martian_packets.sh +++ b/bin/hardening/7.2.4_log_martian_packets.sh @@ -57,16 +57,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/7.2.5_ignore_broadcast_requests.sh b/bin/hardening/7.2.5_ignore_broadcast_requests.sh index 35e92c8..044cc46 100755 --- a/bin/hardening/7.2.5_ignore_broadcast_requests.sh +++ b/bin/hardening/7.2.5_ignore_broadcast_requests.sh @@ -57,16 +57,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/7.2.6_enable_bad_error_message_protection.sh b/bin/hardening/7.2.6_enable_bad_error_message_protection.sh index c9861cc..5f99c05 100755 --- a/bin/hardening/7.2.6_enable_bad_error_message_protection.sh +++ b/bin/hardening/7.2.6_enable_bad_error_message_protection.sh @@ -57,16 +57,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/7.2.7_enable_source_route_validation.sh b/bin/hardening/7.2.7_enable_source_route_validation.sh index 8ecdc1b..1ba9588 100755 --- a/bin/hardening/7.2.7_enable_source_route_validation.sh +++ b/bin/hardening/7.2.7_enable_source_route_validation.sh @@ -57,16 +57,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/7.2.8_enable_tcp_syn_cookies.sh b/bin/hardening/7.2.8_enable_tcp_syn_cookies.sh index 3dd8a28..6a828a7 100755 --- a/bin/hardening/7.2.8_enable_tcp_syn_cookies.sh +++ b/bin/hardening/7.2.8_enable_tcp_syn_cookies.sh @@ -57,16 +57,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/7.3.1_disable_ipv6_router_advertisement.sh b/bin/hardening/7.3.1_disable_ipv6_router_advertisement.sh index b7a1d6e..7590b26 100755 --- a/bin/hardening/7.3.1_disable_ipv6_router_advertisement.sh +++ b/bin/hardening/7.3.1_disable_ipv6_router_advertisement.sh @@ -67,16 +67,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/7.3.2_disable_ipv6_redirect.sh b/bin/hardening/7.3.2_disable_ipv6_redirect.sh index 31a330e..41a3992 100755 --- a/bin/hardening/7.3.2_disable_ipv6_redirect.sh +++ b/bin/hardening/7.3.2_disable_ipv6_redirect.sh @@ -67,16 +67,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/7.3.3_disable_ipv6.sh b/bin/hardening/7.3.3_disable_ipv6.sh index d0bf7b5..6805c15 100755 --- a/bin/hardening/7.3.3_disable_ipv6.sh +++ b/bin/hardening/7.3.3_disable_ipv6.sh @@ -67,16 +67,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/7.4.1_install_tcp_wrapper.sh b/bin/hardening/7.4.1_install_tcp_wrapper.sh index 9c9b5b8..ae40dce 100755 --- a/bin/hardening/7.4.1_install_tcp_wrapper.sh +++ b/bin/hardening/7.4.1_install_tcp_wrapper.sh @@ -42,16 +42,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/7.4.2_hosts_allow.sh b/bin/hardening/7.4.2_hosts_allow.sh index bdda7b3..4bc1c4c 100755 --- a/bin/hardening/7.4.2_hosts_allow.sh +++ b/bin/hardening/7.4.2_hosts_allow.sh @@ -43,16 +43,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/7.4.3_hosts_allow_permissions.sh b/bin/hardening/7.4.3_hosts_allow_permissions.sh index edf5fb0..e95fd72 100755 --- a/bin/hardening/7.4.3_hosts_allow_permissions.sh +++ b/bin/hardening/7.4.3_hosts_allow_permissions.sh @@ -43,16 +43,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/7.4.4_hosts_deny.sh b/bin/hardening/7.4.4_hosts_deny.sh index c4129ca..3d57e64 100755 --- a/bin/hardening/7.4.4_hosts_deny.sh +++ b/bin/hardening/7.4.4_hosts_deny.sh @@ -57,16 +57,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/7.4.5_hosts_deny_permissions.sh b/bin/hardening/7.4.5_hosts_deny_permissions.sh index 0e8ab2c..b5b4b65 100755 --- a/bin/hardening/7.4.5_hosts_deny_permissions.sh +++ b/bin/hardening/7.4.5_hosts_deny_permissions.sh @@ -43,16 +43,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/7.5.1_disable_dccp.sh b/bin/hardening/7.5.1_disable_dccp.sh index 54c1853..ac32525 100755 --- a/bin/hardening/7.5.1_disable_dccp.sh +++ b/bin/hardening/7.5.1_disable_dccp.sh @@ -29,16 +29,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/7.5.2_disable_sctp.sh b/bin/hardening/7.5.2_disable_sctp.sh index e22d5cd..4031d92 100755 --- a/bin/hardening/7.5.2_disable_sctp.sh +++ b/bin/hardening/7.5.2_disable_sctp.sh @@ -29,16 +29,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/7.5.3_disable_rds.sh b/bin/hardening/7.5.3_disable_rds.sh index 65f043d..98e3b4b 100755 --- a/bin/hardening/7.5.3_disable_rds.sh +++ b/bin/hardening/7.5.3_disable_rds.sh @@ -29,16 +29,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/7.5.4_disable_tipc.sh b/bin/hardening/7.5.4_disable_tipc.sh index 479e448..a2b4771 100755 --- a/bin/hardening/7.5.4_disable_tipc.sh +++ b/bin/hardening/7.5.4_disable_tipc.sh @@ -29,16 +29,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/7.6_disable_wireless.sh b/bin/hardening/7.6_disable_wireless.sh index fda6894..ee77136 100755 --- a/bin/hardening/7.6_disable_wireless.sh +++ b/bin/hardening/7.6_disable_wireless.sh @@ -29,16 +29,25 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 fi +## Source Root Dir Parameter +#if [ ! -r /etc/default/cis-hardening ]; then +# echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" +# exit 128 +#else +# . /etc/default/cis-hardening +# if [ -z ${CIS_ROOT_DIR:-} ]; then +# echo "No CIS_ROOT_DIR variable, aborting" +# exit 128 +# fi +#fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/7.7_enable_firewall.sh b/bin/hardening/7.7_enable_firewall.sh index c6131e6..4d09912 100755 --- a/bin/hardening/7.7_enable_firewall.sh +++ b/bin/hardening/7.7_enable_firewall.sh @@ -45,16 +45,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/8.0_enable_auditd_kernel.sh b/bin/hardening/8.0_enable_auditd_kernel.sh index 8739aa2..e46c4fc 100755 --- a/bin/hardening/8.0_enable_auditd_kernel.sh +++ b/bin/hardening/8.0_enable_auditd_kernel.sh @@ -46,16 +46,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/8.1.1.1_audit_log_storage.sh b/bin/hardening/8.1.1.1_audit_log_storage.sh index 77b7813..8c8e171 100755 --- a/bin/hardening/8.1.1.1_audit_log_storage.sh +++ b/bin/hardening/8.1.1.1_audit_log_storage.sh @@ -57,16 +57,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/8.1.1.2_halt_when_audit_log_full.sh b/bin/hardening/8.1.1.2_halt_when_audit_log_full.sh index 48ca617..e2e048a 100755 --- a/bin/hardening/8.1.1.2_halt_when_audit_log_full.sh +++ b/bin/hardening/8.1.1.2_halt_when_audit_log_full.sh @@ -75,16 +75,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/8.1.1.3_keep_all_audit_logs.sh b/bin/hardening/8.1.1.3_keep_all_audit_logs.sh index c1fe614..5c9ba2b 100755 --- a/bin/hardening/8.1.1.3_keep_all_audit_logs.sh +++ b/bin/hardening/8.1.1.3_keep_all_audit_logs.sh @@ -75,16 +75,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/8.1.10_record_dac_edit.sh b/bin/hardening/8.1.10_record_dac_edit.sh index 6aae374..755d490 100755 --- a/bin/hardening/8.1.10_record_dac_edit.sh +++ b/bin/hardening/8.1.10_record_dac_edit.sh @@ -57,16 +57,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/8.1.11_record_failed_access_file.sh b/bin/hardening/8.1.11_record_failed_access_file.sh index 7bda7c9..1c4358a 100755 --- a/bin/hardening/8.1.11_record_failed_access_file.sh +++ b/bin/hardening/8.1.11_record_failed_access_file.sh @@ -55,16 +55,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/8.1.12_record_privileged_commands.sh b/bin/hardening/8.1.12_record_privileged_commands.sh index 1bbf4e5..5e1c3db 100755 --- a/bin/hardening/8.1.12_record_privileged_commands.sh +++ b/bin/hardening/8.1.12_record_privileged_commands.sh @@ -55,16 +55,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/8.1.13_record_successful_mount.sh b/bin/hardening/8.1.13_record_successful_mount.sh index 8f5826a..459a603 100755 --- a/bin/hardening/8.1.13_record_successful_mount.sh +++ b/bin/hardening/8.1.13_record_successful_mount.sh @@ -53,16 +53,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/8.1.14_record_file_deletions.sh b/bin/hardening/8.1.14_record_file_deletions.sh index 6b5c476..ba8b683 100755 --- a/bin/hardening/8.1.14_record_file_deletions.sh +++ b/bin/hardening/8.1.14_record_file_deletions.sh @@ -53,16 +53,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/8.1.15_record_sudoers_edit.sh b/bin/hardening/8.1.15_record_sudoers_edit.sh index 64c1cb5..83d0669 100755 --- a/bin/hardening/8.1.15_record_sudoers_edit.sh +++ b/bin/hardening/8.1.15_record_sudoers_edit.sh @@ -53,16 +53,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/8.1.16_record_sudo_usage.sh b/bin/hardening/8.1.16_record_sudo_usage.sh index b0e8a74..91bbfc9 100755 --- a/bin/hardening/8.1.16_record_sudo_usage.sh +++ b/bin/hardening/8.1.16_record_sudo_usage.sh @@ -52,16 +52,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/8.1.17_record_kernel_modules.sh b/bin/hardening/8.1.17_record_kernel_modules.sh index f4500c3..8a8670f 100755 --- a/bin/hardening/8.1.17_record_kernel_modules.sh +++ b/bin/hardening/8.1.17_record_kernel_modules.sh @@ -55,16 +55,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/8.1.18_freeze_auditd_conf.sh b/bin/hardening/8.1.18_freeze_auditd_conf.sh index 4fa408e..da4f454 100755 --- a/bin/hardening/8.1.18_freeze_auditd_conf.sh +++ b/bin/hardening/8.1.18_freeze_auditd_conf.sh @@ -52,16 +52,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/8.1.2_enable_auditd.sh b/bin/hardening/8.1.2_enable_auditd.sh index 50926b7..0d20c33 100755 --- a/bin/hardening/8.1.2_enable_auditd.sh +++ b/bin/hardening/8.1.2_enable_auditd.sh @@ -57,16 +57,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/8.1.3_audit_bootloader.sh b/bin/hardening/8.1.3_audit_bootloader.sh index d1ef1e9..ae98848 100755 --- a/bin/hardening/8.1.3_audit_bootloader.sh +++ b/bin/hardening/8.1.3_audit_bootloader.sh @@ -75,16 +75,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/8.1.4_record_date_time_edit.sh b/bin/hardening/8.1.4_record_date_time_edit.sh index 113777f..5305c24 100755 --- a/bin/hardening/8.1.4_record_date_time_edit.sh +++ b/bin/hardening/8.1.4_record_date_time_edit.sh @@ -56,16 +56,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/8.1.5_record_user_group_edit.sh b/bin/hardening/8.1.5_record_user_group_edit.sh index 46d6adf..0bedb1a 100755 --- a/bin/hardening/8.1.5_record_user_group_edit.sh +++ b/bin/hardening/8.1.5_record_user_group_edit.sh @@ -56,16 +56,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/8.1.6_record_network_edit.sh b/bin/hardening/8.1.6_record_network_edit.sh index 0d3583e..72691d0 100755 --- a/bin/hardening/8.1.6_record_network_edit.sh +++ b/bin/hardening/8.1.6_record_network_edit.sh @@ -57,16 +57,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/8.1.7_record_mac_edit.sh b/bin/hardening/8.1.7_record_mac_edit.sh index 4fa59a4..ad69322 100755 --- a/bin/hardening/8.1.7_record_mac_edit.sh +++ b/bin/hardening/8.1.7_record_mac_edit.sh @@ -52,16 +52,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/8.1.8_record_login_logout.sh b/bin/hardening/8.1.8_record_login_logout.sh index 70572f4..7a04002 100755 --- a/bin/hardening/8.1.8_record_login_logout.sh +++ b/bin/hardening/8.1.8_record_login_logout.sh @@ -54,16 +54,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/8.1.9_record_session_init.sh b/bin/hardening/8.1.9_record_session_init.sh index e3774d1..706cdaf 100755 --- a/bin/hardening/8.1.9_record_session_init.sh +++ b/bin/hardening/8.1.9_record_session_init.sh @@ -54,16 +54,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/8.2.1_install_syslog-ng.sh b/bin/hardening/8.2.1_install_syslog-ng.sh index 03b41a9..a0bddc6 100755 --- a/bin/hardening/8.2.1_install_syslog-ng.sh +++ b/bin/hardening/8.2.1_install_syslog-ng.sh @@ -43,16 +43,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/8.2.2_enable_syslog-ng.sh b/bin/hardening/8.2.2_enable_syslog-ng.sh index 930eefa..8853f1b 100755 --- a/bin/hardening/8.2.2_enable_syslog-ng.sh +++ b/bin/hardening/8.2.2_enable_syslog-ng.sh @@ -45,16 +45,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/8.2.3_configure_syslog-ng.sh b/bin/hardening/8.2.3_configure_syslog-ng.sh index d7ebffa..5107dc7 100755 --- a/bin/hardening/8.2.3_configure_syslog-ng.sh +++ b/bin/hardening/8.2.3_configure_syslog-ng.sh @@ -33,16 +33,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/8.2.4_set_logfile_perm.sh b/bin/hardening/8.2.4_set_logfile_perm.sh index 8796eba..8dcd8e0 100755 --- a/bin/hardening/8.2.4_set_logfile_perm.sh +++ b/bin/hardening/8.2.4_set_logfile_perm.sh @@ -89,16 +89,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/8.2.5_syslog-ng_remote_host.sh b/bin/hardening/8.2.5_syslog-ng_remote_host.sh index 4305cf6..e56fab0 100755 --- a/bin/hardening/8.2.5_syslog-ng_remote_host.sh +++ b/bin/hardening/8.2.5_syslog-ng_remote_host.sh @@ -51,16 +51,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/8.2.6_remote_syslog-ng_acl.sh b/bin/hardening/8.2.6_remote_syslog-ng_acl.sh index eb322b4..340099a 100755 --- a/bin/hardening/8.2.6_remote_syslog-ng_acl.sh +++ b/bin/hardening/8.2.6_remote_syslog-ng_acl.sh @@ -29,16 +29,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/8.3.1_install_tripwire.sh b/bin/hardening/8.3.1_install_tripwire.sh index 60d24c1..887f94f 100755 --- a/bin/hardening/8.3.1_install_tripwire.sh +++ b/bin/hardening/8.3.1_install_tripwire.sh @@ -44,16 +44,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/8.3.2_tripwire_cron.sh b/bin/hardening/8.3.2_tripwire_cron.sh index 45097c1..5aed5c5 100755 --- a/bin/hardening/8.3.2_tripwire_cron.sh +++ b/bin/hardening/8.3.2_tripwire_cron.sh @@ -43,15 +43,13 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) diff --git a/bin/hardening/8.4_configure_logrotate.sh b/bin/hardening/8.4_configure_logrotate.sh index 48a31e6..22ec565 100755 --- a/bin/hardening/8.4_configure_logrotate.sh +++ b/bin/hardening/8.4_configure_logrotate.sh @@ -33,16 +33,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/9.1.1_enable_cron.sh b/bin/hardening/9.1.1_enable_cron.sh index e14aeac..ac8c9c2 100755 --- a/bin/hardening/9.1.1_enable_cron.sh +++ b/bin/hardening/9.1.1_enable_cron.sh @@ -57,16 +57,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/9.1.2_crontab_perm_ownership.sh b/bin/hardening/9.1.2_crontab_perm_ownership.sh index c23e2c5..d785e2f 100755 --- a/bin/hardening/9.1.2_crontab_perm_ownership.sh +++ b/bin/hardening/9.1.2_crontab_perm_ownership.sh @@ -72,16 +72,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/9.1.3_cron_hourly_perm_ownership.sh b/bin/hardening/9.1.3_cron_hourly_perm_ownership.sh index 956816e..aff53f9 100755 --- a/bin/hardening/9.1.3_cron_hourly_perm_ownership.sh +++ b/bin/hardening/9.1.3_cron_hourly_perm_ownership.sh @@ -72,16 +72,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/9.1.4_cron_daily_perm_ownership.sh b/bin/hardening/9.1.4_cron_daily_perm_ownership.sh index bb1281f..f2b515e 100755 --- a/bin/hardening/9.1.4_cron_daily_perm_ownership.sh +++ b/bin/hardening/9.1.4_cron_daily_perm_ownership.sh @@ -72,16 +72,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/9.1.5_cron_weekly_perm_ownership.sh b/bin/hardening/9.1.5_cron_weekly_perm_ownership.sh index c04e033..00d5a59 100755 --- a/bin/hardening/9.1.5_cron_weekly_perm_ownership.sh +++ b/bin/hardening/9.1.5_cron_weekly_perm_ownership.sh @@ -72,16 +72,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/9.1.6_cron_monthly_perm_ownership.sh b/bin/hardening/9.1.6_cron_monthly_perm_ownership.sh index 27c8828..10dbea1 100755 --- a/bin/hardening/9.1.6_cron_monthly_perm_ownership.sh +++ b/bin/hardening/9.1.6_cron_monthly_perm_ownership.sh @@ -72,16 +72,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/9.1.7_cron_d_perm_ownership.sh b/bin/hardening/9.1.7_cron_d_perm_ownership.sh index e00609b..2ebb3e9 100755 --- a/bin/hardening/9.1.7_cron_d_perm_ownership.sh +++ b/bin/hardening/9.1.7_cron_d_perm_ownership.sh @@ -72,16 +72,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/9.1.8_cron_users.sh b/bin/hardening/9.1.8_cron_users.sh index fd9dec2..2b184f2 100755 --- a/bin/hardening/9.1.8_cron_users.sh +++ b/bin/hardening/9.1.8_cron_users.sh @@ -99,16 +99,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/9.2.1_enable_cracklib.sh b/bin/hardening/9.2.1_enable_cracklib.sh index c527321..9f3dbf1 100755 --- a/bin/hardening/9.2.1_enable_cracklib.sh +++ b/bin/hardening/9.2.1_enable_cracklib.sh @@ -57,16 +57,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/9.2.2_enable_lockout_failed_password.sh b/bin/hardening/9.2.2_enable_lockout_failed_password.sh index f9050e8..deaa6bf 100755 --- a/bin/hardening/9.2.2_enable_lockout_failed_password.sh +++ b/bin/hardening/9.2.2_enable_lockout_failed_password.sh @@ -57,16 +57,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/9.2.3_limit_password_reuse.sh b/bin/hardening/9.2.3_limit_password_reuse.sh index f1fb1f0..35eebc5 100755 --- a/bin/hardening/9.2.3_limit_password_reuse.sh +++ b/bin/hardening/9.2.3_limit_password_reuse.sh @@ -57,16 +57,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/9.3.10_disable_sshd_setenv.sh b/bin/hardening/9.3.10_disable_sshd_setenv.sh index 920752d..f27ca28 100755 --- a/bin/hardening/9.3.10_disable_sshd_setenv.sh +++ b/bin/hardening/9.3.10_disable_sshd_setenv.sh @@ -74,16 +74,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/9.3.11_sshd_ciphers.sh b/bin/hardening/9.3.11_sshd_ciphers.sh index c521cc0..fd88d74 100755 --- a/bin/hardening/9.3.11_sshd_ciphers.sh +++ b/bin/hardening/9.3.11_sshd_ciphers.sh @@ -74,16 +74,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/9.3.12_sshd_idle_timeout.sh b/bin/hardening/9.3.12_sshd_idle_timeout.sh index 0faa949..de66b0f 100755 --- a/bin/hardening/9.3.12_sshd_idle_timeout.sh +++ b/bin/hardening/9.3.12_sshd_idle_timeout.sh @@ -88,16 +88,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/9.3.13_sshd_limit_access.sh b/bin/hardening/9.3.13_sshd_limit_access.sh index 6610449..80ce40b 100755 --- a/bin/hardening/9.3.13_sshd_limit_access.sh +++ b/bin/hardening/9.3.13_sshd_limit_access.sh @@ -104,16 +104,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/9.3.14_ssh_banner.sh b/bin/hardening/9.3.14_ssh_banner.sh index cda4516..314c78b 100755 --- a/bin/hardening/9.3.14_ssh_banner.sh +++ b/bin/hardening/9.3.14_ssh_banner.sh @@ -84,16 +84,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/9.3.1_sshd_protocol.sh b/bin/hardening/9.3.1_sshd_protocol.sh index 7b63d02..e867fd4 100755 --- a/bin/hardening/9.3.1_sshd_protocol.sh +++ b/bin/hardening/9.3.1_sshd_protocol.sh @@ -74,16 +74,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/9.3.2_sshd_loglevel.sh b/bin/hardening/9.3.2_sshd_loglevel.sh index ad70578..0d9bed0 100755 --- a/bin/hardening/9.3.2_sshd_loglevel.sh +++ b/bin/hardening/9.3.2_sshd_loglevel.sh @@ -74,16 +74,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/9.3.3_sshd_conf_perm_ownership.sh b/bin/hardening/9.3.3_sshd_conf_perm_ownership.sh index 13b3933..77a8af0 100755 --- a/bin/hardening/9.3.3_sshd_conf_perm_ownership.sh +++ b/bin/hardening/9.3.3_sshd_conf_perm_ownership.sh @@ -72,16 +72,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/9.3.4_disable_x11_forwarding.sh b/bin/hardening/9.3.4_disable_x11_forwarding.sh index b82c8b4..ac89168 100755 --- a/bin/hardening/9.3.4_disable_x11_forwarding.sh +++ b/bin/hardening/9.3.4_disable_x11_forwarding.sh @@ -74,16 +74,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/9.3.5_sshd_maxauthtries.sh b/bin/hardening/9.3.5_sshd_maxauthtries.sh index 3cd5a52..740a543 100755 --- a/bin/hardening/9.3.5_sshd_maxauthtries.sh +++ b/bin/hardening/9.3.5_sshd_maxauthtries.sh @@ -74,16 +74,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/9.3.6_enable_sshd_ignorerhosts.sh b/bin/hardening/9.3.6_enable_sshd_ignorerhosts.sh index 7ae0e55..e03d4a0 100755 --- a/bin/hardening/9.3.6_enable_sshd_ignorerhosts.sh +++ b/bin/hardening/9.3.6_enable_sshd_ignorerhosts.sh @@ -74,16 +74,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/9.3.7_disable_sshd_hostbasedauthentication.sh b/bin/hardening/9.3.7_disable_sshd_hostbasedauthentication.sh index b9b8021..5a12c11 100755 --- a/bin/hardening/9.3.7_disable_sshd_hostbasedauthentication.sh +++ b/bin/hardening/9.3.7_disable_sshd_hostbasedauthentication.sh @@ -74,16 +74,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/9.3.8_disable_root_login.sh b/bin/hardening/9.3.8_disable_root_login.sh index 1ddcfb1..d61ebf0 100755 --- a/bin/hardening/9.3.8_disable_root_login.sh +++ b/bin/hardening/9.3.8_disable_root_login.sh @@ -74,16 +74,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/9.3.9_disable_sshd_permitemptypasswords.sh b/bin/hardening/9.3.9_disable_sshd_permitemptypasswords.sh index 772bc41..bf9823f 100755 --- a/bin/hardening/9.3.9_disable_sshd_permitemptypasswords.sh +++ b/bin/hardening/9.3.9_disable_sshd_permitemptypasswords.sh @@ -74,16 +74,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/9.4_secure_tty.sh b/bin/hardening/9.4_secure_tty.sh index 71db30e..8651e0b 100755 --- a/bin/hardening/9.4_secure_tty.sh +++ b/bin/hardening/9.4_secure_tty.sh @@ -33,16 +33,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/9.5_restrict_su.sh b/bin/hardening/9.5_restrict_su.sh index 6eba2c1..19a94ec 100755 --- a/bin/hardening/9.5_restrict_su.sh +++ b/bin/hardening/9.5_restrict_su.sh @@ -57,16 +57,14 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi -fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 +fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then diff --git a/bin/hardening/99.1_timeout_tty.sh b/bin/hardening/99.1_timeout_tty.sh index 6d8c745..7f4e4b2 100755 --- a/bin/hardening/99.1_timeout_tty.sh +++ b/bin/hardening/99.1_timeout_tty.sh @@ -94,15 +94,13 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled) diff --git a/bin/hardening/99.2_disable_usb_devices.sh b/bin/hardening/99.2_disable_usb_devices.sh index 5b2244e..2f76bdf 100755 --- a/bin/hardening/99.2_disable_usb_devices.sh +++ b/bin/hardening/99.2_disable_usb_devices.sh @@ -101,15 +101,13 @@ check_config() { } # Source Root Dir Parameter -if [ ! -r /etc/default/cis-hardening ]; then - echo "There is no /etc/default/cis-hardening file, cannot source CIS_ROOT_DIR variable, aborting" - exit 128 -else +if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening - if [ -z ${CIS_ROOT_DIR:-} ]; then - echo "No CIS_ROOT_DIR variable, aborting" - exit 128 - fi +fi +if [ -z "$CIS_ROOT_DIR" ]; then + echo "There is no /etc/default/cis-hardening file nor cis-hardening directory in current environment." + echo "Cannot source CIS_ROOT_DIR variable, aborting." + exit 128 fi # Main function, will call the proper functions given the configuration (audit, enabled, disabled)