From 7e3ee2eb9371186aefce88715d0227d9e21e503c Mon Sep 17 00:00:00 2001 From: Charles Herlin Date: Wed, 13 Feb 2019 17:11:28 +0100 Subject: [PATCH] FIX: usage if no RUN_MODE, fix only that used to run too many checks If no RUN_MODE passed as arguments, display usage and exits Fix --only option to run only specific check Found bug that used to run 2.2 and 2.24 when launching --only 2.24 --- bin/hardening.sh | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/bin/hardening.sh b/bin/hardening.sh index 7212f5d..b7be110 100755 --- a/bin/hardening.sh +++ b/bin/hardening.sh @@ -155,6 +155,11 @@ while [[ $# > 0 ]]; do shift done +# if no RUN_MODE was passed, usage and quit +if [ "$AUDIT" -eq 0 -a "$AUDIT_ALL" -eq 0 -a "$AUDIT_ALL_ENABLE_PASSED" -eq 0 -a "$APPLY" -eq 0 ]; then + usage +fi + # Source Root Dir Parameter if [ -r /etc/default/cis-hardening ]; then . /etc/default/cis-hardening @@ -211,7 +216,7 @@ for SCRIPT in $(ls $CIS_ROOT_DIR/bin/hardening/*.sh -v); do # --only X has been specified at least once, is this script in my list ? SCRIPT_PREFIX=$(grep -Eo '^[0-9.]+' <<< "$(basename $SCRIPT)") SCRIPT_PREFIX_RE=$(sed -e 's/\./\\./g' <<< "$SCRIPT_PREFIX") - if ! grep -qE "(^| )$SCRIPT_PREFIX_RE" <<< "${TEST_LIST[@]}"; then + if ! grep -qwE "(^| )$SCRIPT_PREFIX_RE" <<< "${TEST_LIST[@]}"; then # not in the list continue fi