elie/debian-cis
1
0
Fork 0
mirror of https://github.com/ovh/debian-cis.git synced 2024-11-22 05:27:01 +01:00
Code Issues Packages Projects Releases Wiki Activity

add --audit-all option

Browse Source
This commit is contained in:
Stéphane Lesimple 2016-04-19 19:26:04 +02:00 committed by thibault.dewailly
parent ccda7adb93
commit 8d84f38c97
2 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
bin/hardening.sh
View File

@ -18,6 +18,7 @@ TOTAL_CHECKS=0
TOTAL_TREATED_CHECKS=0 TOTAL_TREATED_CHECKS=0
AUDIT=0 AUDIT=0
APPLY=0 APPLY=0
AUDIT_ALL=0
usage() { usage() {
cat << EOF cat << EOF
@ -40,6 +41,9 @@ while [[ $# > 0 ]]; do
--audit) --audit)
AUDIT=1 AUDIT=1
;; ;;
--audit-all)
AUDIT_ALL=1
;;
--apply) --apply)
APPLY=1 APPLY=1
;; ;;
@ -76,6 +80,9 @@ for SCRIPT in $(ls $CIS_ROOT_DIR/bin/hardening/*.sh | sort -V); do
if [ $AUDIT = 1 ]; then if [ $AUDIT = 1 ]; then
debug "$CIS_ROOT_DIR/bin/hardening/$SCRIPT --audit" debug "$CIS_ROOT_DIR/bin/hardening/$SCRIPT --audit"
$SCRIPT --audit $SCRIPT --audit
elif [ $AUDIT_ALL = 1 ]; then
debug "$CIS_ROOT_DIR/bin/hardening/$SCRIPT --audit-all"
$SCRIPT --audit-all
elif [ $APPLY = 1 ]; then elif [ $APPLY = 1 ]; then
debug "$CIS_ROOT_DIR/bin/hardening/$SCRIPT" debug "$CIS_ROOT_DIR/bin/hardening/$SCRIPT"
$SCRIPT $SCRIPT

4
lib/main.sh
View File

@ -26,6 +26,10 @@ fi
while [[ $# > 0 ]]; do while [[ $# > 0 ]]; do
ARG="$1" ARG="$1"
case $ARG in case $ARG in
--audit-all)
debug "Audit all specified, setting status to audit regardless of configuration"
status=audit
;;
--audit) --audit)
if [ $status != 'disabled' -a $status != 'false' ]; then if [ $status != 'disabled' -a $status != 'false' ]; then
debug "Audit argument detected, setting status to audit" debug "Audit argument detected, setting status to audit"