Add dealing with debian 11

* ADD: add dockerfile for debian11
* FIX: fix crontab file not found on debian11 blank
* Add workflow for debian11
* FIX: fix debian version func to manage debian11
* Add dealing with unsupported version and distro
* Add 99.99 check that check if distro version is supported
* Use global var for debian major and distro

fix #26

lib/common.sh

@@ -113,31 +113,6 @@ sudo_wrapper() {
     fi
 }
 
-#
-# detect if container based on cgroup detection
-#
-is_running_in_container() {
-    awk -F/ '$2 == "'"$1"'"' /proc/self/cgroup
-}
-
-CONTAINER_TYPE=""
-IS_CONTAINER=0
-
-if [ "$(is_running_in_container "docker")" != "" ]; then
-    CONTAINER_TYPE="docker"
-    IS_CONTAINER=1
-fi
-if [ "$(is_running_in_container "lxc")" != "" ]; then
-    CONTAINER_TYPE="lxc"
-    IS_CONTAINER=1
-fi
-if [ "$(is_running_in_container "kubepods")" != "" ]; then
-    # shellcheck disable=SC2034
-    CONTAINER_TYPE="kubepods"
-    # shellcheck disable=SC2034
-    IS_CONTAINER=1
-fi
-
 #
 # Math functions
 #

lib/constants.sh

@@ -31,3 +31,32 @@ BGREEN='\033[1;32m' # Green
 BYELLOW='\033[1;33m' # Yellow
 # shellcheck disable=2034
 BWHITE='\033[1;37m' # White
+
+# Debian version variables
+
+CONTAINER_TYPE=""
+IS_CONTAINER=0
+
+if [ "$(is_running_in_container "docker")" != "" ]; then
+    CONTAINER_TYPE="docker"
+    IS_CONTAINER=1
+fi
+if [ "$(is_running_in_container "lxc")" != "" ]; then
+    CONTAINER_TYPE="lxc"
+    IS_CONTAINER=1
+fi
+if [ "$(is_running_in_container "kubepods")" != "" ]; then
+    # shellcheck disable=SC2034
+    CONTAINER_TYPE="kubepods"
+    # shellcheck disable=SC2034
+    IS_CONTAINER=1
+fi
+
+get_distribution
+
+get_debian_major_version
+
+# shellcheck disable=SC2034
+SMALLEST_SUPPORTED_DEBIAN_VERSION=9
+# shellcheck disable=SC2034
+HIGHEST_SUPPORTED_DEBIAN_VERSION=10

lib/main.sh

@@ -10,14 +10,15 @@ BATCH_OUTPUT=""
 status=""
 forcedstatus=""
 SUDO_CMD=""
-# shellcheck source=constants.sh
-[ -r "$CIS_ROOT_DIR"/lib/constants.sh ] && . "$CIS_ROOT_DIR"/lib/constants.sh
+
 # shellcheck source=../etc/hardening.cfg
 [ -r "$CIS_ROOT_DIR"/etc/hardening.cfg ] && . "$CIS_ROOT_DIR"/etc/hardening.cfg
 # shellcheck source=../lib/common.sh
 [ -r "$CIS_ROOT_DIR"/lib/common.sh ] && . "$CIS_ROOT_DIR"/lib/common.sh
 # shellcheck source=../lib/utils.sh
 [ -r "$CIS_ROOT_DIR"/lib/utils.sh ] && . "$CIS_ROOT_DIR"/lib/utils.sh
+# shellcheck source=constants.sh
+[ -r "$CIS_ROOT_DIR"/lib/constants.sh ] && . "$CIS_ROOT_DIR"/lib/constants.sh
 
 # Environment Sanitizing
 export PATH='/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin'

lib/utils.sh

@@ -538,9 +538,33 @@ get_debian_major_version() {
     DEB_MAJ_VER=""
     does_file_exist /etc/debian_version
     if [ "$FNRET" = 0 ]; then
-        DEB_MAJ_VER=$(cut -d '.' -f1 /etc/debian_version)
+        if grep -q "sid" /etc/debian_version; then
+            DEB_MAJ_VER="sid"
+        else
+            DEB_MAJ_VER=$(cut -d '.' -f1 /etc/debian_version)
+        fi
     else
         # shellcheck disable=2034
         DEB_MAJ_VER=$(lsb_release -r | cut -f2 | cut -d '.' -f 1)
     fi
 }
+
+# Returns the distribution
+
+get_distribution() {
+    DISTRIBUTION=""
+    if [ -f /etc/os-release ]; then
+        # shellcheck disable=2034
+        DISTRIBUTION=$(grep "^ID=" /etc/os-release | sed 's/ID=//' | tr '[:upper:]' '[:lower:]')
+        FNRET=0
+    else
+        debug "Distribution not found !"
+        FNRET=127
+    fi
+}
+
+# Detect if container based on cgroup detection
+
+is_running_in_container() {
+    awk -F/ '$2 == "'"$1"'"' /proc/self/cgroup
+}