Add dealing with debian 11

* ADD: add dockerfile for debian11 * FIX: fix crontab file not found on debian11 blank * Add workflow for debian11 * FIX: fix debian version func to manage debian11 * Add dealing with unsupported version and distro * Add 99.99 check that check if distro version is supported * Use global var for debian major and distro fix #26
2025-06-22 02:33:42 +02:00 · 2021-02-08 13:54:24 +01:00
parent 449c695415
commit 6ae05f3fa2
24 changed files with 266 additions and 39 deletions
--- a/tests/hardening/5.1.2_crontab_perm_ownership.sh
+++ b/tests/hardening/5.1.2_crontab_perm_ownership.sh
@ -10,6 +10,8 @@ test_audit() {
    local test_user="testcrontabduser"
    local test_file="/etc/crontab"

+    touch "$test_file"
+
    describe Tests purposely failing
    chmod 777 "$test_file"
    register_test retvalshouldbe 1
--- a/tests/hardening/5.1.3_cron_hourly_perm_ownership.sh
+++ b/tests/hardening/5.1.3_cron_hourly_perm_ownership.sh
@ -10,6 +10,8 @@ test_audit() {
    local test_user="testcrontabuser"
    local test_file="/etc/cron.hourly"

+    touch "$test_file"
+
    describe Tests purposely failing
    chmod 777 "$test_file"
    register_test retvalshouldbe 1
--- a/tests/hardening/5.1.4_cron_daily_perm_ownership.sh
+++ b/tests/hardening/5.1.4_cron_daily_perm_ownership.sh
@ -10,6 +10,8 @@ test_audit() {
    local test_user="testcrontabuser"
    local test_file="/etc/cron.daily"

+    touch "$test_file"
+
    describe Tests purposely failing
    chmod 777 "$test_file"
    register_test retvalshouldbe 1
--- a/tests/hardening/5.1.5_cron_weekly_perm_ownership.sh
+++ b/tests/hardening/5.1.5_cron_weekly_perm_ownership.sh
@ -10,6 +10,8 @@ test_audit() {
    local test_user="testcrontabuser"
    local test_file="/etc/cron.weekly"

+    touch "$test_file"
+
    describe Tests purposely failing
    chmod 777 "$test_file"
    register_test retvalshouldbe 1
--- a/tests/hardening/5.1.6_cron_monthly_perm_ownership.sh
+++ b/tests/hardening/5.1.6_cron_monthly_perm_ownership.sh
@ -10,6 +10,8 @@ test_audit() {
    local test_user="testcrontabuser"
    local test_file="/etc/cron.monthly"

+    touch "$test_file"
+
    describe Tests purposely failing
    chmod 777 "$test_file"
    register_test retvalshouldbe 1
--- a/tests/hardening/99.99_check_distribution.sh
+++ b/tests/hardening/99.99_check_distribution.sh
@ -0,0 +1,16 @@
+# shellcheck shell=bash
+# run-shellcheck
+test_audit() {
+    describe Running on blank host
+    register_test retvalshouldbe 0
+    dismiss_count_for_test
+    # shellcheck disable=2154
+    run blank /opt/debian-cis/bin/hardening/"${script}".sh --audit-all
+
+    ##################################################################
+    # For this test, we only check that it runs properly on a blank  #
+    # host, and we check root/sudo consistency. But, we don't test   #
+    # the apply function because it can't be automated or it is very #
+    # long to test and not very useful.                              #
+    ##################################################################
+}