Added basic Configuration files and skeleton scripts

2024-11-21 21:17:00 +01:00 · 2016-04-01 09:32:17 +02:00 · 2016-04-01 09:32:17 +02:00 · 9a5e962cd4
commit 9a5e962cd4
parent 754cf6fd1d
7 changed files with 127 additions and 0 deletions
--- a/bin/hardening/1.1_Install_Updates.sh
+++ b/bin/hardening/1.1_Install_Updates.sh
@ -0,0 +1,21 @@
+#!/bin/bash
+
+#
+# CIS Debian 7 Hardening
+#
+
+#
+# 1.1 Install Updates, Patches and Additional Security Software (Not Scored)
+#
+
+# This function will be called if the script status is ont enabled / audit mode
+audit () {
+
+}
+
+# This function will be called if the script status is on enabled mode
+apply () {
+
+}
+
+
--- a/etc/conf.d/README
+++ b/etc/conf.d/README
@ -0,0 +1,2 @@
+# Put Here your Custom configuration files
+# Name convention : $SCRIPT_NAME.cfg
--- a/etc/hardening.cfg
+++ b/etc/hardening.cfg
@ -0,0 +1,2 @@
+# CIS Debian 7 Hardening
+# Main Configuration File 
--- a/lib/common.sh
+++ b/lib/common.sh
@ -0,0 +1,7 @@
+# CIS Debian 7 Hardening common functions
+
+logger() {
+    test -z "$SCRIPT_NAME" && SCRIPT_NAME=$(basename $0)
+    logger -i -t "$SCRIPT_NAME" -p "user.info" "$(date +%Y.%m.%d-%H:%M:%S) $*"
+    test -t 1 && echo "$(date +%Z-%Y.%m.%d-%H:%M:%S) $*"
+}
--- a/lib/constants.sh
+++ b/lib/constants.sh
@ -0,0 +1,33 @@
+# Defines constants for CIS Debian 7 Hardening
+
+# 
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+#### Useful Colot constants settings for loglevels
+
+# Reset Color (for syslog)
+NC='\033[0m'
+
+# Colors
+RED='\033[1;31m'
+GREEN='\033[1;32m'
+YELLOW='\033[1;33m'
+
+# Bold
+BRED='\033[1;31m'         # Red
+BGREEN='\033[1;32m'       # Green
+BYELLOW='\033[1;33m'      # Yellow
--- a/lib/utils.sh
+++ b/lib/utils.sh
@ -0,0 +1,18 @@
+# CIS Debian 7 Hardening Utility functions
+
+
+
+#
+#   Return if a package is installed
+#   @param $1 package name
+#
+is_installed()
+{
+    PKG_NAME=$1
+    if `dpkg -s $PKG_NAME 2> /dev/null | grep -q '^Status: install '` ; then
+        return 0
+    fi
+    return 1
+}
+
+
--- a/src/skel.sh
+++ b/src/skel.sh
@ -0,0 +1,44 @@
+#!/bin/bash
+
+#
+# CIS Debian 7 Hardening
+#
+
+
+#
+# Hardening script skeleton replace this line with proper point treated
+#
+
+# This function will be called if the script status is ont enabled / audit mode
+audit () {
+
+}
+
+# This function will be called if the script status is on enabled mode
+apply () {
+
+}
+
+# Environment Sanitizing
+export PATH='/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin'
+
+# Source Root Dir Parameter
+
+if [ ! -r /etc/default/cis-hardenning ]; then
+    echo "There is no /etc/default/cis-hardenning file, cannot source CIS_ROOT_DIR variable, aborting"
+    exit 128
+else
+    . /etc/default/cis-hardenning
+    if [ -z $CIS_ROOT_DIR ]; then
+        echo "No CIS_ROOT_DIR variable, aborting"
+    fi
+fi 
+
+SCRIPT_NAME=$(basename $0)
+
+# Source general configuration file and Specific configuration file if exist
+
+[ -r $ROOT_DIR/etc/hardening.cfg ] && . $ROOT_DIR/etc/hardening.cfg
+[ -r $ROOT_DIR/etc/hardening/$SCRIPT_NAME ] && . $ROOT_DIR/etc/hardening/$SCRIPT_NAME
+
+