elie/debian-cis
1
0
Fork 0
mirror of https://github.com/ovh/debian-cis.git synced 2024-11-22 21:47:02 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #3 in IAAS/cis-hardening from dev/thibault.dewailly/bugfix to master

Browse Source 
first Bugfixes included

* commit '5e4e0176533f709065e6abd0c3f1f34e69f319e9':
  log format correction, loglevel defaults to info
This commit is contained in:
Thibault Dewailly 2016-04-18 14:03:50 +02:00
commit 6971560e06
4 changed files with 11 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
bin/hardening.sh
View File

@ -70,15 +70,15 @@ fi
[ -r $CIS_ROOT_DIR/lib/utils.sh ] && . $CIS_ROOT_DIR/lib/utils.sh [ -r $CIS_ROOT_DIR/lib/utils.sh ] && . $CIS_ROOT_DIR/lib/utils.sh
# Parse every scripts and execute them in the required mode # Parse every scripts and execute them in the required mode
for SCRIPT in $(ls $CIS_ROOT_DIR/bin/hardening | sort -V); do for SCRIPT in $(ls $CIS_ROOT_DIR/bin/hardening/*.sh | sort -V); do
info "Treating $SCRIPT" info "Treating $SCRIPT"
if [ $AUDIT = 1 ]; then if [ $AUDIT = 1 ]; then
debug "$CIS_ROOT_DIR/bin/hardening/$SCRIPT --audit" debug "$CIS_ROOT_DIR/bin/hardening/$SCRIPT --audit"
$CIS_ROOT_DIR/bin/hardening/$SCRIPT --audit $SCRIPT --audit
elif [ $APPLY = 1 ]; then elif [ $APPLY = 1 ]; then
debug "$CIS_ROOT_DIR/bin/hardening/$SCRIPT" debug "$CIS_ROOT_DIR/bin/hardening/$SCRIPT"
$CIS_ROOT_DIR/bin/hardening/$SCRIPT $SCRIPT
fi fi
SCRIPT_EXITCODE=$? SCRIPT_EXITCODE=$?

2
etc/conf.d/7.5.4_disable_tipc.cfg Normal file
View File

@ -0,0 +1,2 @@
# Configuration for script of same name
status=disabled

2
etc/hardening.cfg
View File

@ -2,7 +2,7 @@
# Main Configuration File, put here global variables # Main Configuration File, put here global variables
# Valid values are debug info ok warning error # Valid values are debug info ok warning error
LOGLEVEL=debug LOGLEVEL=info
# Backup directory, every file modified by hardening will be backuped here, with versionning # Backup directory, every file modified by hardening will be backuped here, with versionning
# Means that if a file is modified more than once during the process, you will have hardening step diffs in the folder # Means that if a file is modified more than once during the process, you will have hardening step diffs in the folder

10
lib/common.sh
View File

@ -57,23 +57,23 @@ cecho () {
} }
crit () { crit () {
[ $MACHINE_LOG_LEVEL -ge 1 ] && _logger $BRED "[ KO ] $*" if [ $MACHINE_LOG_LEVEL -ge 1 ]; then _logger $BRED "[ KO ] $*"; fi
# This variable incrementation is used to measure failure or success in tests # This variable incrementation is used to measure failure or success in tests
CRITICAL_ERRORS_NUMBER=$((CRITICAL_ERRORS_NUMBER+1)) CRITICAL_ERRORS_NUMBER=$((CRITICAL_ERRORS_NUMBER+1))
} }
warn () { warn () {
[ $MACHINE_LOG_LEVEL -ge 2 ] && _logger $BYELLOW "[WARN] $*" if [ $MACHINE_LOG_LEVEL -ge 2 ]; then _logger $BYELLOW "[WARN] $*"; fi
} }
ok () { ok () {
[ $MACHINE_LOG_LEVEL -ge 3 ] && _logger $BGREEN "[ OK ] $*" if [ $MACHINE_LOG_LEVEL -ge 3 ]; then _logger $BGREEN "[ OK ] $*"; fi
} }
info () { info () {
[ $MACHINE_LOG_LEVEL -ge 4 ] && _logger $BWHITE "[INFO] $*" if [ $MACHINE_LOG_LEVEL -ge 4 ]; then _logger $BWHITE "[INFO] $*"; fi
} }
debug () { debug () {
[ $MACHINE_LOG_LEVEL -ge 5 ] && _logger $GRAY "[DBG ] $*" if [ $MACHINE_LOG_LEVEL -ge 5 ]; then _logger $GRAY "[DBG ] $*"; fi
} }