mirror of
https://github.com/ovh/debian-cis.git
synced 2025-06-22 02:33:42 +02:00
IMP(8.2.4): add exceptions in check and apply
Apply shellcheck recommendations
This commit is contained in:
@ -6,5 +6,22 @@ test_audit() {
|
||||
# shellcheck disable=2154
|
||||
run blank /opt/debian-cis/bin/hardening/"${script}".sh --audit-all
|
||||
|
||||
# TODO fill comprehensive tests
|
||||
|
||||
describe Creating failed state
|
||||
touch /var/log/auth.log
|
||||
touch /var/log/kern.log
|
||||
register_test retvalshouldbe 1
|
||||
run failing /opt/debian-cis/bin/hardening/"${script}".sh --audit-all
|
||||
|
||||
describe Setting exceptions
|
||||
echo 'EXCEPTIONS=/var/log/auth.log:root:root:600' >> /opt/debian-cis/etc/conf.d/"${script}".cfg
|
||||
register_test retvalshouldbe 1
|
||||
run excepandfail /opt/debian-cis/bin/hardening/"${script}".sh --audit-all
|
||||
|
||||
describe Correcting situation
|
||||
sed -i 's/audit/enabled/' /opt/debian-cis/etc/conf.d/"${script}".cfg
|
||||
/opt/debian-cis/bin/hardening/"${script}".sh || true
|
||||
|
||||
register_test retvalshouldbe 0
|
||||
run resolved /opt/debian-cis/bin/hardening/"${script}".sh --audit-all
|
||||
}
|
||||
|
Reference in New Issue
Block a user