IMP(99.3.1): improve check with disabled passwords

This commit is contained in:
Charles Herlin
2019-08-28 11:49:01 +02:00
parent 96f3b74334
commit a4969e6ba6
2 changed files with 9 additions and 0 deletions

View File

@ -13,6 +13,12 @@ test_audit() {
register_test contain "User secaudit has a password that is not SHA512 hashed"
run unsecpasswd /opt/debian-cis/bin/hardening/"${script}".sh --audit-all
sed -i 's/secaudit:mypassword/secaudit:!!/' /etc/shadow
describe Fail: Found disabled password
register_test retvalshouldbe 0
register_test contain "User secaudit has a disabled password"
run lockedpasswd /opt/debian-cis/bin/hardening/"${script}".sh --audit-all
mv /tmp/shadow.bak /etc/shadow
chpasswd << EOF
secaudit:mypassword