IMP(shellcheck): fix harmless warnings

This commit is contained in:
Thibault Ayanides
2020-12-07 14:53:10 +01:00
parent 63835dd10c
commit 8012234096
14 changed files with 43 additions and 24 deletions

View File

@ -114,7 +114,7 @@ fi
declare -a TEST_LIST ALLOWED_SERVICES_LIST
# Arguments parsing
while [[ $# > 0 ]]; do
while [[ $# -gt 0 ]]; do
ARG="$1"
case $ARG in
--audit)

View File

@ -14,6 +14,7 @@ set -u # One variable unset, it's over
# shellcheck disable=2034
HARDENING_LEVEL=3
# shellcheck disable=2034
HARDENING_EXCEPTION=gw
# shellcheck disable=2034
DESCRIPTION="Disable IP forwarding."

View File

@ -17,6 +17,7 @@ HARDENING_LEVEL=3
# shellcheck disable=2034
DESCRIPTION="Configure /etc/syslog-ng/syslog-ng.conf ."
# shellcheck disable=2034
SERVICE_NAME="syslog-ng"
# This function will be called if the script status is on enabled / audit mode

View File

@ -46,7 +46,7 @@ apply() {
if [ "$FNRET" = 0 ]; then
ok "$FILE permissions were set to $PERMISSIONS"
else
warn "fixing $DIRlogs ownership to $PERMISSIONS"
warn "fixing $DIR logs ownership to $PERMISSIONS"
chmod 0"$PERMISSIONS" "$FILE"
fi
done

View File

@ -16,6 +16,7 @@ HARDENING_LEVEL=3
# shellcheck disable=2034
DESCRIPTION="Configure logrotate to prevent logfile from growing unmanageable."
# shellcheck disable=2034
SERVICE_NAME="syslog-ng"
# This function will be called if the script status is on enabled / audit mode

View File

@ -59,27 +59,26 @@ audit() {
# This function will be called if the script status is on enabled mode
apply() {
for FILE in $($SUDO_CMD find $DIR -xdev -type f -name 'ssh_host_*_key'); do
has_file_correct_ownership "$FILE" "$USER" "$GROUP"
if [ "$FNRET" = 0 ]; then
ok "$FILE ownership was set to $USER:$GROUP"
else
warn "fixing $DIR SSH private keys permissions to $USER:$GROUP"
chown "$USER":"$GROUP" "$FILE"
fi
done
for FILE in $($SUDO_CMD find $DIR -xdev -type f -name 'ssh_host_*_key'); do
has_file_correct_permissions "$FILE" "$PERMISSIONS"
if [ "$FNRET" = 0 ]; then
ok "$FILE permissions were set to $PERMISSIONS"
else
warn "fixing $DIR SSH private keys ownership to $PERMISSIONS"
warn "fixing $DIR SSH private keys permissions to $PERMISSIONS"
chmod 0"$PERMISSIONS" "$FILE"
fi
done
for FILE in $($SUDO_CMD find $DIR -xdev -type f -name 'ssh_host_*_key'); do
has_file_correct_ownership "$FILE" "$USER" "$GROUP"
if [ "$FNRET" = 0 ]; then
ok "$FILE ownership was set to $USER:$GROUP"
else
warn "fixing $DIR SSH private keys ownership to $USER:$GROUP"
chown "$USER":"$GROUP" "$FILE"
fi
done
}
# This function will check config parameters required

View File

@ -82,7 +82,7 @@ apply() {
if [ "$FNRET" = 0 ]; then
ok "$FILE permissions were set to $PERMISSIONS"
else
warn "fixing $DIR SSH public keys permissions to $USER:$GROUP"
warn "fixing $DIR SSH public keys permissions to $PERMISSIONS"
chmod 0"$PERMISSIONS" "$FILE"
fi
fi
@ -94,7 +94,7 @@ apply() {
if [ "$FNRET" = 0 ]; then
ok "$FILE ownership was set to $USER:$GROUP"
else
warn "fixing $DIR SSH public keys ownership to $PERMISSIONS"
warn "fixing $DIR SSH public keys ownership to $USER:$GROUP"
chown "$USER":"$GROUP" "$FILE"
fi
done

View File

@ -27,6 +27,7 @@ audit() {
OCC_NUMBER=$(awk -F: {'print $1'} <<<$LINE)
USERNAME=$(awk -F: {'print $2'} <<<$LINE)
if [ $OCC_NUMBER -gt 1 ]; then
# shellcheck disable=2034
USERS=$(awk -F: '($3 == n) { print $1 }' n=$USERNAME /etc/passwd | xargs)
ERRORS=$((ERRORS + 1))
crit "Duplicate username $USERNAME"

View File

@ -27,6 +27,7 @@ audit() {
OCC_NUMBER=$(awk -F: {'print $1'} <<<$LINE)
GROUPNAME=$(awk -F: {'print $2'} <<<$LINE)
if [ $OCC_NUMBER -gt 1 ]; then
# shellcheck disable=2034
USERS=$(awk -F: '($3 == n) { print $1 }' n=$GROUPNAME /etc/passwd | xargs)
ERRORS=$((ERRORS + 1))
crit "Duplicate groupname $GROUPNAME"