elie/debian-cis
1
0
Fork 0
mirror of https://github.com/ovh/debian-cis.git synced 2025-06-24 03:24:34 +02:00
Code Issues Packages Projects Releases Wiki Activity

fix: change auditd file rule remediation (#179)

Browse Source 
Fixes #165
This commit is contained in:
GoldenKiwi
2023-05-05 12:32:22 +02:00
committed by GitHub
parent f28ffc244c
commit bd27cd0dae
29 changed files with 584 additions and 269 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
tests/hardening/4.1.13_record_file_deletions.sh
View File

@ -13,7 +13,7 @@ test_audit() {
describe Checking resolved state
register_test retvalshouldbe 0
register_test contain "[ OK ] -a always,exit -F arch=b64 -S unlink -S unlinkat -S rename -S renameat -F auid>=1000 -F auid!=4294967295 -k delete is present in /etc/audit/audit.rules"
register_test contain "[ OK ] -a always,exit -F arch=b32 -S unlink -S unlinkat -S rename -S renameat -F auid>=1000 -F auid!=4294967295 -k delete is present in /etc/audit/audit.rules"
register_test contain "[ OK ] -a always,exit -F arch=b64 -S unlink -S unlinkat -S rename -S renameat -F auid>=1000 -F auid!=4294967295 -k delete is present in /etc/audit/rules.d/audit.rules"
register_test contain "[ OK ] -a always,exit -F arch=b32 -S unlink -S unlinkat -S rename -S renameat -F auid>=1000 -F auid!=4294967295 -k delete is present in /etc/audit/rules.d/audit.rules"
run resolved /opt/debian-cis/bin/hardening/"${script}".sh --audit-all
}