mirror of
https://github.com/ovh/debian-cis.git
synced 2025-06-21 18:23:42 +02:00
IMP(4.2.2.x): improve dealing with default conf
The default for journald is Compress=yes and ForwardToSyslog=yes So we check that Compress=no and ForwardToSyslog=no are not in the conf file.
This commit is contained in:

committed by
Thibault Serti

parent
6efefa07ac
commit
6127f2fe67
@ -3,7 +3,6 @@
|
||||
test_audit() {
|
||||
describe Running on blank host
|
||||
register_test retvalshouldbe 0
|
||||
dismiss_count_for_test
|
||||
# shellcheck disable=2154
|
||||
run blank /opt/debian-cis/bin/hardening/"${script}".sh --audit-all
|
||||
|
||||
@ -13,7 +12,7 @@ test_audit() {
|
||||
echo "ForwardToSyslog=no" >>"$FILE"
|
||||
register_test retvalshouldbe 1
|
||||
register_test contain "$FILE exists, checking configuration"
|
||||
register_test contain "is not present in $FILE"
|
||||
register_test contain "is present in $FILE"
|
||||
run noncompliant /opt/debian-cis/bin/hardening/"${script}".sh --audit-all
|
||||
|
||||
describe correcting situation
|
||||
@ -22,6 +21,6 @@ test_audit() {
|
||||
|
||||
describe Checking resolved state
|
||||
register_test retvalshouldbe 0
|
||||
register_test contain "is present in $FILE"
|
||||
register_test contain "is not present in $FILE"
|
||||
run resolved /opt/debian-cis/bin/hardening/"${script}".sh --audit-all
|
||||
}
|
||||
|
@ -13,7 +13,7 @@ test_audit() {
|
||||
echo "Compress=no" >>"$FILE"
|
||||
register_test retvalshouldbe 1
|
||||
register_test contain "$FILE exists, checking configuration"
|
||||
register_test contain "is not present in $FILE"
|
||||
register_test contain "is present in $FILE"
|
||||
run noncompliant /opt/debian-cis/bin/hardening/"${script}".sh --audit-all
|
||||
|
||||
describe correcting situation
|
||||
@ -22,6 +22,6 @@ test_audit() {
|
||||
|
||||
describe Checking resolved state
|
||||
register_test retvalshouldbe 0
|
||||
register_test contain "is present in $FILE"
|
||||
register_test contain "is not present in $FILE"
|
||||
run resolved /opt/debian-cis/bin/hardening/"${script}".sh --audit-all
|
||||
}
|
||||
|
Reference in New Issue
Block a user