IMP(4.2.2.x): improve dealing with default conf

The default for journald is Compress=yes and ForwardToSyslog=yes
So we check that Compress=no and ForwardToSyslog=no are not in the conf file.
This commit is contained in:
Thibault Ayanides
2021-01-20 09:21:08 +01:00
committed by Thibault Serti
parent 6efefa07ac
commit 6127f2fe67
5 changed files with 20 additions and 21 deletions

View File

@ -3,7 +3,6 @@
test_audit() {
describe Running on blank host
register_test retvalshouldbe 0
dismiss_count_for_test
# shellcheck disable=2154
run blank /opt/debian-cis/bin/hardening/"${script}".sh --audit-all
@ -13,7 +12,7 @@ test_audit() {
echo "ForwardToSyslog=no" >>"$FILE"
register_test retvalshouldbe 1
register_test contain "$FILE exists, checking configuration"
register_test contain "is not present in $FILE"
register_test contain "is present in $FILE"
run noncompliant /opt/debian-cis/bin/hardening/"${script}".sh --audit-all
describe correcting situation
@ -22,6 +21,6 @@ test_audit() {
describe Checking resolved state
register_test retvalshouldbe 0
register_test contain "is present in $FILE"
register_test contain "is not present in $FILE"
run resolved /opt/debian-cis/bin/hardening/"${script}".sh --audit-all
}

View File

@ -13,7 +13,7 @@ test_audit() {
echo "Compress=no" >>"$FILE"
register_test retvalshouldbe 1
register_test contain "$FILE exists, checking configuration"
register_test contain "is not present in $FILE"
register_test contain "is present in $FILE"
run noncompliant /opt/debian-cis/bin/hardening/"${script}".sh --audit-all
describe correcting situation
@ -22,6 +22,6 @@ test_audit() {
describe Checking resolved state
register_test retvalshouldbe 0
register_test contain "is present in $FILE"
register_test contain "is not present in $FILE"
run resolved /opt/debian-cis/bin/hardening/"${script}".sh --audit-all
}