[10.2] Fixed result parsing in case of spaces in passwd list

This commit is contained in:
thibault.dewailly 2017-03-10 17:26:55 +01:00
parent d630c87541
commit 717a794e45

View File

@ -18,7 +18,8 @@ RESULT=''
# This function will be called if the script status is on enabled / audit mode # This function will be called if the script status is on enabled / audit mode
audit () { audit () {
info "Checking if admin accounts have a login shell different than $SHELL" info "Checking if admin accounts have a login shell different than $SHELL"
RESULT=$(egrep -v "^\+" $FILE | awk -F: '($1!="root" && $1!="sync" && $1!="shutdown" && $1!="halt" && $3<1000 && $7!="/usr/sbin/nologin" && $7!="/bin/false") {print}') RESULT=$(egrep -v "^\+" $FILE | awk -F: '($1!="root" && $1!="sync" && $1!="shutdown" && $1!="halt" && $3<1000 && $7!="/usr/sbin/nologin" && $7!="/bin/false") {print}')
IFS=$'\n'
for LINE in $RESULT; do for LINE in $RESULT; do
debug "line : $LINE" debug "line : $LINE"
ACCOUNT=$( echo $LINE | cut -d: -f 1 ) ACCOUNT=$( echo $LINE | cut -d: -f 1 )
@ -43,6 +44,7 @@ audit () {
# This function will be called if the script status is on enabled mode # This function will be called if the script status is on enabled mode
apply () { apply () {
RESULT=$(egrep -v "^\+" $FILE | awk -F: '($1!="root" && $1!="sync" && $1!="shutdown" && $1!="halt" && $3<1000 && $7!="/usr/sbin/nologin" && $7!="/bin/false") {print}') RESULT=$(egrep -v "^\+" $FILE | awk -F: '($1!="root" && $1!="sync" && $1!="shutdown" && $1!="halt" && $3<1000 && $7!="/usr/sbin/nologin" && $7!="/bin/false") {print}')
IFS=$'\n'
for LINE in $RESULT; do for LINE in $RESULT; do
debug "line : $LINE" debug "line : $LINE"
ACCOUNT=$( echo $LINE | cut -d: -f 1 ) ACCOUNT=$( echo $LINE | cut -d: -f 1 )
@ -85,7 +87,7 @@ else
echo "No CIS_ROOT_DIR variable, aborting" echo "No CIS_ROOT_DIR variable, aborting"
exit 128 exit 128
fi fi
fi fi
# Main function, will call the proper functions given the configuration (audit, enabled, disabled) # Main function, will call the proper functions given the configuration (audit, enabled, disabled)
if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then if [ -r $CIS_ROOT_DIR/lib/main.sh ]; then