IMP(1.1.21): skip on docker

2024-11-22 13:37:02 +01:00 · 2020-10-27 15:34:32 +01:00 · 2020-10-27 15:34:32 +01:00 · 5d16ee5c98
commit 5d16ee5c98
parent 4680465095
1 changed files with 23 additions and 20 deletions
--- a/tests/hardening/1.1.21_sticky_bit_world_writable_folder.sh
+++ b/tests/hardening/1.1.21_sticky_bit_world_writable_folder.sh
@ -1,25 +1,28 @@
 # run-shellcheck
 test_audit() {
-    describe Running on blank host
+        describe Running on blank host
-    register_test retvalshouldbe 0
+        register_test retvalshouldbe 0
-    register_test contain "All world writable directories have a sticky bit"
+        register_test contain "All world writable directories have a sticky bit"
-    # shellcheck disable=2154
+        # shellcheck disable=2154
-    run blank /opt/debian-cis/bin/hardening/"${script}".sh --audit-all
+        run blank /opt/debian-cis/bin/hardening/"${script}".sh --audit-all
    if [ -f "/.dockerenv" ]; then
        skip "SKIPPED on docker"
    else
        describe Tests purposely failing
        local targetdir="/home/secaudit/world_writable_folder"
        mkdir $targetdir || true
        chmod 777 $targetdir
        register_test retvalshouldbe 1
        register_test contain "Some world writable directories are not on sticky bit mode"
        run noncompliant /opt/debian-cis/bin/hardening/"${script}".sh --audit-all
-    describe Tests purposely failing
+        describe correcting situation
-    local targetdir="/home/secaudit/world_writable_folder"
+        sed  -i 's/audit/enabled/' /opt/debian-cis/etc/conf.d/"${script}".cfg
-    mkdir $targetdir || true
+        /opt/debian-cis/bin/hardening/"${script}".sh --apply || true
    chmod 777 $targetdir
    register_test retvalshouldbe 1
    register_test contain "Some world writable directories are not on sticky bit mode"
    run noncompliant /opt/debian-cis/bin/hardening/"${script}".sh --audit-all
-    describe correcting situation
+        describe Checking resolved state
-    sed  -i 's/audit/enabled/' /opt/debian-cis/etc/conf.d/"${script}".cfg
+        register_test retvalshouldbe 0
-    /opt/debian-cis/bin/hardening/"${script}".sh --apply || true
+        register_test contain "All world writable directories have a sticky bit"
-
+        run resolved /opt/debian-cis/bin/hardening/"${script}".sh --audit-all
-    describe Checking resolved state
+    fi
    register_test retvalshouldbe 0
    register_test contain "All world writable directories have a sticky bit"
    run resolved /opt/debian-cis/bin/hardening/"${script}".sh --audit-all
 }