Fixed disabled features, headers and preparing main script

2024-11-24 14:31:24 +01:00 · 2016-04-17 23:19:41 +02:00 · 2016-04-17 23:19:41 +02:00 · 628fe96666
commit 628fe96666
parent fa98efc32b
5 changed files with 14 additions and 6 deletions
--- a/bin/hardening.sh
+++ b/bin/hardening.sh
@ -14,3 +14,9 @@
 # Audit mode

 # ls | sort -V
+
+cd /opt/cis-hardening/bin/hardening
+for i in $(ls | sort -V); do 
+echo "$i"
+./$i --audit
+done
--- a/bin/hardening/13.19_find_user_forward_files.sh
+++ b/bin/hardening/13.19_find_user_forward_files.sh
@ -6,7 +6,7 @@
 #

 #
-# 13.18 Check for Presence of User .netrc Files (Scored)
+# 13.19 Check for Presence of User .forward Files (Scored)
 #

 set -e # One error, it's over
--- a/bin/hardening/13.20_shadow_group_empty.sh
+++ b/bin/hardening/13.20_shadow_group_empty.sh
@ -6,7 +6,7 @@
 #

 #
-# 13.18 Check for Presence of User .netrc Files (Scored)
+# 13.20 Ensure shadow group is empty (Scored)
 #

 set -e # One error, it's over
--- a/etc/conf.d/7.5.3_disable_rds.cfg
+++ b/etc/conf.d/7.5.3_disable_rds.cfg
@ -0,0 +1,2 @@
+# Configuration for script of same name
+status=enabled
--- a/lib/main.sh
+++ b/lib/main.sh
@ -27,7 +27,7 @@ while [[ $# > 0 ]]; do
    ARG="$1"
    case $ARG in
        --audit)
-        if [ $status != 'disabled' -o $status != 'false' ]; then
+        if [ $status != 'disabled' -a $status != 'false' ]; then
            debug "Audit argument detected, setting status to audit"
            status=audit
        else
@ -58,17 +58,17 @@ case $status in
        ;;
    disabled | false )
        info "$SCRIPT_NAME is disabled, ignoring"
+        exit 2 # Means unknown status
        ;;
    *)
        warn "Wrong value for status : $status. Must be [ enabled | true | audit | disabled | false ]"
        ;;
 esac

-info "Results : "
 if [ $CRITICAL_ERRORS_NUMBER = 0 ]; then
    ok "Check Passed"
-    exit 0
+    exit 0 # Means ok status
 else
    crit "Check Failed"
-    exit 1
+    exit 1 # Means critical status
 fi