mirror of
https://github.com/ovh/debian-cis.git
synced 2025-06-21 18:23:42 +02:00
allow multiple users in 5.2.18 (#228)
* allow multiple exception users for 99.5.2.4 * move clean up part of previous commit * split clean up part of previous commit * add tests for multiple allowed and denied ssh users * fix script to correctly set multiple allowed and denied ssh users * add cleanup resolved check to 5.2.18 * apply shellfmt to 5.2.18 --------- Co-authored-by: GoldenKiwi <thibault.dewailly@corp.ovh.com>
This commit is contained in:
@ -22,13 +22,13 @@ FILE='/etc/ssh/sshd_config'
|
||||
|
||||
# This function will be called if the script status is on enabled / audit mode
|
||||
audit() {
|
||||
OPTIONS="AllowUsers='$ALLOWED_USERS' AllowGroups='$ALLOWED_GROUPS' DenyUsers='$DENIED_USERS' DenyGroups='$DENIED_GROUPS'"
|
||||
OPTIONS=("AllowUsers='$ALLOWED_USERS'" "AllowGroups='$ALLOWED_GROUPS'" "DenyUsers='$DENIED_USERS'" "DenyGroups='$DENIED_GROUPS'")
|
||||
is_pkg_installed "$PACKAGE"
|
||||
if [ "$FNRET" != 0 ]; then
|
||||
ok "$PACKAGE is not installed!"
|
||||
else
|
||||
ok "$PACKAGE is installed"
|
||||
for SSH_OPTION in $OPTIONS; do
|
||||
for SSH_OPTION in "${OPTIONS[@]}"; do
|
||||
SSH_PARAM=$(echo "$SSH_OPTION" | cut -d= -f 1)
|
||||
SSH_VALUE=$(echo "$SSH_OPTION" | cut -d= -f 2)
|
||||
# shellcheck disable=SC2001
|
||||
@ -53,7 +53,7 @@ apply() {
|
||||
crit "$PACKAGE is absent, installing it"
|
||||
apt_install "$PACKAGE"
|
||||
fi
|
||||
for SSH_OPTION in $OPTIONS; do
|
||||
for SSH_OPTION in "${OPTIONS[@]}"; do
|
||||
SSH_PARAM=$(echo "$SSH_OPTION" | cut -d= -f 1)
|
||||
SSH_VALUE=$(echo "$SSH_OPTION" | cut -d= -f 2)
|
||||
# shellcheck disable=SC2001
|
||||
|
Reference in New Issue
Block a user