From c5b4aa220d8a95d4dce2e8e722307e8c7cfd581a Mon Sep 17 00:00:00 2001 From: "thibault.dewailly" Date: Wed, 20 Apr 2016 11:29:44 +0200 Subject: [PATCH] Added exit code to CIS_ROOT_DIR test def, optimized sed and sort --- bin/hardening.sh | 4 +++- bin/hardening/1.1_install_updates.sh | 1 + bin/hardening/10.1.1_set_password_exp_days.sh | 1 + .../10.1.2_set_password_min_days_change.sh | 1 + .../10.1.3_set_password_exp_warning_days.sh | 1 + bin/hardening/10.2_disable_system_accounts.sh | 1 + bin/hardening/10.3_default_root_group.sh | 1 + bin/hardening/10.4_default_umask.sh | 1 + .../10.5_lock_inactive_user_account.sh | 1 + bin/hardening/11.1_warning_banners.sh | 1 + .../11.2_remove_os_info_warning_banners.sh | 1 + bin/hardening/11.3_graphical_warning_banners.sh | 1 + bin/hardening/12.10_find_suid_files.sh | 1 + bin/hardening/12.11_find_sgid_files.sh | 1 + bin/hardening/12.1_etc_passwd_permissions.sh | 1 + bin/hardening/12.2_etc_shadow_permissions.sh | 1 + bin/hardening/12.3_etc_group_permissions.sh | 1 + bin/hardening/12.4_etc_passwd_ownership.sh | 1 + bin/hardening/12.5_etc_shadow_ownership.sh | 1 + bin/hardening/12.6_etc_group_ownership.sh | 1 + bin/hardening/12.7_find_world_writable_file.sh | 1 + bin/hardening/12.8_find_unowned_files.sh | 1 + bin/hardening/12.9_find_ungrouped_files.sh | 1 + bin/hardening/13.10_find_user_rhosts_files.sh | 1 + .../13.11_find_passwd_group_inconsistencies.sh | 1 + bin/hardening/13.12_users_valid_homedir.sh | 1 + .../13.13_check_user_homedir_ownership.sh | 1 + bin/hardening/13.14_check_duplicate_uid.sh | 1 + bin/hardening/13.15_check_duplicate_gid.sh | 1 + bin/hardening/13.16_check_duplicate_username.sh | 1 + .../13.17_check_duplicate_groupname.sh | 1 + bin/hardening/13.18_find_user_netrc_files.sh | 1 + bin/hardening/13.19_find_user_forward_files.sh | 1 + .../13.1_remove_empty_password_field.sh | 1 + bin/hardening/13.20_shadow_group_empty.sh | 1 + .../13.2_remove_legacy_passwd_entries.sh | 1 + .../13.3_remove_legacy_shadow_entries.sh | 1 + .../13.4_remove_legacy_group_entries.sh | 1 + .../13.5_find_0_uid_non_root_account.sh | 1 + bin/hardening/13.6_sanitize_root_path.sh | 1 + bin/hardening/13.7_check_user_dir_perm.sh | 1 + bin/hardening/13.8_check_user_dot_file_perm.sh | 1 + bin/hardening/13.9_set_perm_on_user_netrc.sh | 1 + bin/hardening/2.10_home_nodev.sh | 1 + bin/hardening/2.11_removable_device_nodev.sh | 1 + bin/hardening/2.12_removable_device_noexec.sh | 1 + bin/hardening/2.13_removable_device_nosuid.sh | 1 + bin/hardening/2.14_run_shm_nodev.sh | 1 + bin/hardening/2.15_run_shm_nosuid.sh | 1 + bin/hardening/2.16_run_shm_noexec.sh | 1 + .../2.17_sticky_bit_world_writable_folder.sh | 1 + bin/hardening/2.18_disable_cramfs.sh | 1 + bin/hardening/2.19_disable_freevxfs.sh | 1 + bin/hardening/2.1_tmp_partition.sh | 1 + bin/hardening/2.20_disable_jffs2.sh | 1 + bin/hardening/2.21_disable_hfs.sh | 1 + bin/hardening/2.22_disable_hfsplus.sh | 1 + bin/hardening/2.23_disable_squashfs.sh | 1 + bin/hardening/2.24_disable_udf.sh | 1 + bin/hardening/2.25_disable_automounting.sh | 1 + bin/hardening/2.2_tmp_nodev.sh | 1 + bin/hardening/2.3_tmp_nosuid.sh | 1 + bin/hardening/2.4_tmp_noexec.sh | 1 + bin/hardening/2.5_var_partition.sh | 1 + bin/hardening/2.6.1_var_tmp_partition.sh | 1 + bin/hardening/2.6.2_var_tmp_nodev.sh | 1 + bin/hardening/2.6.3_var_tmp_nosuid.sh | 1 + bin/hardening/2.6.4_var_tmp_noexec.sh | 1 + bin/hardening/2.7_var_log_partition.sh | 1 + bin/hardening/2.8_var_log_audit_partition.sh | 1 + bin/hardening/2.9_home_partition.sh | 1 + bin/hardening/3.1_bootloader_ownership.sh | 1 + bin/hardening/3.2_bootloader_permissions.sh | 1 + bin/hardening/3.3_bootloader_password.sh | 1 + bin/hardening/3.4_root_password.sh | 1 + bin/hardening/4.1_restrict_core_dumps.sh | 1 + bin/hardening/4.2_enable_nx_support.sh | 1 + .../4.3_enable_randomized_vm_placement.sh | 1 + bin/hardening/4.4_disable_prelink.sh | 1 + bin/hardening/4.5_enable_apparmor.sh | 1 + bin/hardening/5.1.1_disable_nis.sh | 1 + bin/hardening/5.1.2_disable_rsh.sh | 1 + bin/hardening/5.1.3_disable_rsh_client.sh | 1 + bin/hardening/5.1.4_disable_talk.sh | 1 + bin/hardening/5.1.5_disable_talk_client.sh | 1 + bin/hardening/5.1.6_disable_telnet_server.sh | 1 + bin/hardening/5.1.7_disable_tftp_server.sh | 1 + bin/hardening/5.1.8_disable_inetd.sh | 1 + bin/hardening/5.2_disable_chargen.sh | 1 + bin/hardening/5.3_disable_daytime.sh | 1 + bin/hardening/5.4_disable_echo.sh | 1 + bin/hardening/5.5_disable_discard.sh | 1 + bin/hardening/5.6_disable_time.sh | 1 + bin/hardening/6.10_disable_http_server.sh | 1 + bin/hardening/6.11_disable_imap_pop.sh | 1 + bin/hardening/6.12_disable_samba.sh | 1 + bin/hardening/6.13_disable_http_proxy.sh | 1 + bin/hardening/6.14_disable_snmp_server.sh | 1 + bin/hardening/6.15_mta_localhost.sh | 1 + bin/hardening/6.16_disable_rsync.sh | 1 + bin/hardening/6.1_disable_xwindow_system.sh | 1 + bin/hardening/6.2_disable_avahi_server.sh | 1 + bin/hardening/6.3_disable_print_server.sh | 1 + bin/hardening/6.4_disable_dhcp.sh | 1 + bin/hardening/6.5_configure_ntp.sh | 1 + bin/hardening/6.6_disable_ldap.sh | 1 + bin/hardening/6.7_disable_nfs_rpc.sh | 1 + bin/hardening/6.8_disable_dns_server.sh | 1 + bin/hardening/6.9_disable_ftp.sh | 1 + bin/hardening/7.1.1_disable_ip_forwarding.sh | 1 + .../7.1.2_disable_send_packet_redirects.sh | 1 + .../7.2.1_disable_source_routed_packets.sh | 1 + bin/hardening/7.2.2_disable_icmp_redirect.sh | 1 + .../7.2.3_disable_secure_icmp_redirect.sh | 1 + bin/hardening/7.2.4_log_martian_packets.sh | 1 + .../7.2.5_ignore_broadcast_requests.sh | 1 + ...7.2.6_enable_bad_error_message_protection.sh | 1 + .../7.2.7_enable_source_route_validation.sh | 1 + bin/hardening/7.2.8_enable_tcp_syn_cookies.sh | 1 + .../7.3.1_disable_ipv6_router_advertisement.sh | 1 + bin/hardening/7.3.2_disable_ipv6_redirect.sh | 1 + bin/hardening/7.3.3_disable_ipv6.sh | 1 + bin/hardening/7.4.1_install_tcp_wrapper.sh | 1 + bin/hardening/7.4.2_hosts_allow.sh | 1 + bin/hardening/7.4.3_hosts_allow_permissions.sh | 1 + bin/hardening/7.4.4_hosts_deny.sh | 1 + bin/hardening/7.4.5_hosts_deny_permissions.sh | 1 + bin/hardening/7.5.1_disable_dccp.sh | 1 + bin/hardening/7.5.2_disable_sctp.sh | 1 + bin/hardening/7.5.3_disable_rds.sh | 1 + bin/hardening/7.5.4_disable_tipc.sh | 1 + bin/hardening/7.6_disable_wireless.sh | 1 + bin/hardening/7.7_enable_firewall.sh | 1 + bin/hardening/8.0_enable_auditd_kernel.sh | 1 + bin/hardening/8.1.1.1_audit_log_storage.sh | 1 + .../8.1.1.2_halt_when_audit_log_full.sh | 1 + bin/hardening/8.1.1.3_keep_all_audit_logs.sh | 1 + bin/hardening/8.1.10_record_dac_edit.sh | 1 + .../8.1.11_record_failed_access_file.sh | 1 + .../8.1.12_record_privileged_commands.sh | 1 + bin/hardening/8.1.13_record_successful_mount.sh | 1 + bin/hardening/8.1.14_record_file_deletions.sh | 1 + bin/hardening/8.1.15_record_sudoers_edit.sh | 1 + bin/hardening/8.1.16_record_sudo_usage.sh | 1 + bin/hardening/8.1.17_record_kernel_modules.sh | 1 + bin/hardening/8.1.18_freeze_auditd_conf.sh | 1 + bin/hardening/8.1.2_enable_auditd.sh | 1 + bin/hardening/8.1.3_audit_bootloader.sh | 1 + bin/hardening/8.1.4_record_date_time_edit.sh | 1 + bin/hardening/8.1.5_record_user_group_edit.sh | 1 + bin/hardening/8.1.6_record_network_edit.sh | 1 + bin/hardening/8.1.7_record_mac_edit.sh | 1 + bin/hardening/8.1.8_record_login_logout.sh | 1 + bin/hardening/8.1.9_record_session_init.sh | 1 + bin/hardening/8.2.1_install_syslog-ng.sh | 1 + bin/hardening/8.2.2_enable_syslog-ng.sh | 1 + bin/hardening/8.2.3_configure_syslog-ng.sh | 1 + bin/hardening/8.2.4_set_logfile_perm.sh | 1 + bin/hardening/8.2.5_syslog-ng_remote_host.sh | 1 + bin/hardening/8.2.6_remote_syslog-ng_acl.sh | 1 + bin/hardening/8.3.1_install_tripwire.sh | 1 + bin/hardening/8.3.2_tripwire_cron.sh | 1 + bin/hardening/8.4_configure_logrotate.sh | 1 + bin/hardening/9.1.1_enable_cron.sh | 1 + bin/hardening/9.1.2_crontab_perm_ownership.sh | 1 + .../9.1.3_cron_hourly_perm_ownership.sh | 1 + .../9.1.4_cron_daily_perm_ownership.sh | 1 + .../9.1.5_cron_weekly_perm_ownership.sh | 1 + .../9.1.6_cron_monthly_perm_ownership.sh | 1 + bin/hardening/9.1.7_cron_d_perm_ownership.sh | 1 + bin/hardening/9.1.8_cron_users.sh | 1 + bin/hardening/9.2.1_enable_cracklib.sh | 1 + .../9.2.2_enable_lockout_failed_password.sh | 1 + bin/hardening/9.2.3_limit_password_reuse.sh | 1 + bin/hardening/9.3.10_disable_sshd_setenv.sh | 1 + bin/hardening/9.3.11_sshd_ciphers.sh | 1 + bin/hardening/9.3.12_sshd_idle_timeout.sh | 1 + bin/hardening/9.3.13_sshd_limit_access.sh | 1 + bin/hardening/9.3.14_ssh_banner.sh | 1 + bin/hardening/9.3.1_sshd_protocol.sh | 1 + bin/hardening/9.3.2_sshd_loglevel.sh | 1 + bin/hardening/9.3.3_sshd_conf_perm_ownership.sh | 1 + bin/hardening/9.3.4_disable_x11_forwarding.sh | 1 + bin/hardening/9.3.5_sshd_maxauthtries.sh | 1 + bin/hardening/9.3.6_enable_sshd_ignorerhosts.sh | 1 + ....3.7_disable_sshd_hostbasedauthentication.sh | 1 + bin/hardening/9.3.8_disable_root_login.sh | 1 + .../9.3.9_disable_sshd_permitemptypasswords.sh | 1 + bin/hardening/9.4_secure_tty.sh | 1 + bin/hardening/9.5_restrict_su.sh | 1 + bin/hardening/99.1_timeout_tty.sh | 1 + bin/hardening/99.2_disable_usb_devices.sh | 1 + etc/conf.d/3.3_bootloader_password.cfg | 17 ----------------- lib/common.sh | 2 +- 194 files changed, 195 insertions(+), 19 deletions(-) diff --git a/bin/hardening.sh b/bin/hardening.sh index 2190d1c..3bd43ee 100755 --- a/bin/hardening.sh +++ b/bin/hardening.sh @@ -20,6 +20,7 @@ AUDIT=0 APPLY=0 AUDIT_ALL=0 AUDIT_ALL_ENABLE_PASSED=0 +CIS_ROOT_DIR='' usage() { cat << EOF @@ -94,6 +95,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi @@ -103,7 +105,7 @@ fi [ -r $CIS_ROOT_DIR/lib/utils.sh ] && . $CIS_ROOT_DIR/lib/utils.sh # Parse every scripts and execute them in the required mode -for SCRIPT in $(ls $CIS_ROOT_DIR/bin/hardening/*.sh | sort -V); do +for SCRIPT in $(ls $CIS_ROOT_DIR/bin/hardening/*.sh -v); do info "Treating $SCRIPT" if [ $AUDIT = 1 ]; then diff --git a/bin/hardening/1.1_install_updates.sh b/bin/hardening/1.1_install_updates.sh index def8b33..9405078 100755 --- a/bin/hardening/1.1_install_updates.sh +++ b/bin/hardening/1.1_install_updates.sh @@ -50,6 +50,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/10.1.1_set_password_exp_days.sh b/bin/hardening/10.1.1_set_password_exp_days.sh index 4286036..107637b 100755 --- a/bin/hardening/10.1.1_set_password_exp_days.sh +++ b/bin/hardening/10.1.1_set_password_exp_days.sh @@ -78,6 +78,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/10.1.2_set_password_min_days_change.sh b/bin/hardening/10.1.2_set_password_min_days_change.sh index 1b47dff..3465301 100755 --- a/bin/hardening/10.1.2_set_password_min_days_change.sh +++ b/bin/hardening/10.1.2_set_password_min_days_change.sh @@ -78,6 +78,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/10.1.3_set_password_exp_warning_days.sh b/bin/hardening/10.1.3_set_password_exp_warning_days.sh index d2d7499..b81a2c9 100755 --- a/bin/hardening/10.1.3_set_password_exp_warning_days.sh +++ b/bin/hardening/10.1.3_set_password_exp_warning_days.sh @@ -78,6 +78,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/10.2_disable_system_accounts.sh b/bin/hardening/10.2_disable_system_accounts.sh index 5395b98..472ef58 100755 --- a/bin/hardening/10.2_disable_system_accounts.sh +++ b/bin/hardening/10.2_disable_system_accounts.sh @@ -83,6 +83,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/10.3_default_root_group.sh b/bin/hardening/10.3_default_root_group.sh index 023472d..e6aa07f 100755 --- a/bin/hardening/10.3_default_root_group.sh +++ b/bin/hardening/10.3_default_root_group.sh @@ -46,6 +46,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/10.4_default_umask.sh b/bin/hardening/10.4_default_umask.sh index 8b7fd84..20e4078 100755 --- a/bin/hardening/10.4_default_umask.sh +++ b/bin/hardening/10.4_default_umask.sh @@ -52,6 +52,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/10.5_lock_inactive_user_account.sh b/bin/hardening/10.5_lock_inactive_user_account.sh index db95a83..cd2b7d5 100755 --- a/bin/hardening/10.5_lock_inactive_user_account.sh +++ b/bin/hardening/10.5_lock_inactive_user_account.sh @@ -38,6 +38,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/11.1_warning_banners.sh b/bin/hardening/11.1_warning_banners.sh index 6c9f6e5..eae7e8b 100755 --- a/bin/hardening/11.1_warning_banners.sh +++ b/bin/hardening/11.1_warning_banners.sh @@ -72,6 +72,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/11.2_remove_os_info_warning_banners.sh b/bin/hardening/11.2_remove_os_info_warning_banners.sh index eba4bfc..19cfb3b 100755 --- a/bin/hardening/11.2_remove_os_info_warning_banners.sh +++ b/bin/hardening/11.2_remove_os_info_warning_banners.sh @@ -52,6 +52,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/11.3_graphical_warning_banners.sh b/bin/hardening/11.3_graphical_warning_banners.sh index e5298a9..b1be64e 100755 --- a/bin/hardening/11.3_graphical_warning_banners.sh +++ b/bin/hardening/11.3_graphical_warning_banners.sh @@ -34,6 +34,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/12.10_find_suid_files.sh b/bin/hardening/12.10_find_suid_files.sh index 414427b..0d73f83 100755 --- a/bin/hardening/12.10_find_suid_files.sh +++ b/bin/hardening/12.10_find_suid_files.sh @@ -49,6 +49,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/12.11_find_sgid_files.sh b/bin/hardening/12.11_find_sgid_files.sh index 06d2076..15a63d1 100755 --- a/bin/hardening/12.11_find_sgid_files.sh +++ b/bin/hardening/12.11_find_sgid_files.sh @@ -50,6 +50,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/12.1_etc_passwd_permissions.sh b/bin/hardening/12.1_etc_passwd_permissions.sh index a73cae2..6de6c9a 100755 --- a/bin/hardening/12.1_etc_passwd_permissions.sh +++ b/bin/hardening/12.1_etc_passwd_permissions.sh @@ -48,6 +48,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/12.2_etc_shadow_permissions.sh b/bin/hardening/12.2_etc_shadow_permissions.sh index 7945371..a290691 100755 --- a/bin/hardening/12.2_etc_shadow_permissions.sh +++ b/bin/hardening/12.2_etc_shadow_permissions.sh @@ -48,6 +48,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/12.3_etc_group_permissions.sh b/bin/hardening/12.3_etc_group_permissions.sh index a43b3a9..baafaa4 100755 --- a/bin/hardening/12.3_etc_group_permissions.sh +++ b/bin/hardening/12.3_etc_group_permissions.sh @@ -48,6 +48,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/12.4_etc_passwd_ownership.sh b/bin/hardening/12.4_etc_passwd_ownership.sh index 5462b91..b33b7d0 100755 --- a/bin/hardening/12.4_etc_passwd_ownership.sh +++ b/bin/hardening/12.4_etc_passwd_ownership.sh @@ -63,6 +63,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/12.5_etc_shadow_ownership.sh b/bin/hardening/12.5_etc_shadow_ownership.sh index 3ae0a4b..40c5d75 100755 --- a/bin/hardening/12.5_etc_shadow_ownership.sh +++ b/bin/hardening/12.5_etc_shadow_ownership.sh @@ -63,6 +63,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/12.6_etc_group_ownership.sh b/bin/hardening/12.6_etc_group_ownership.sh index 8c2975a..bc7a883 100755 --- a/bin/hardening/12.6_etc_group_ownership.sh +++ b/bin/hardening/12.6_etc_group_ownership.sh @@ -63,6 +63,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/12.7_find_world_writable_file.sh b/bin/hardening/12.7_find_world_writable_file.sh index 5ddc9d2..c63f0c3 100755 --- a/bin/hardening/12.7_find_world_writable_file.sh +++ b/bin/hardening/12.7_find_world_writable_file.sh @@ -49,6 +49,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/12.8_find_unowned_files.sh b/bin/hardening/12.8_find_unowned_files.sh index eb8f2ef..616ec77 100755 --- a/bin/hardening/12.8_find_unowned_files.sh +++ b/bin/hardening/12.8_find_unowned_files.sh @@ -51,6 +51,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/12.9_find_ungrouped_files.sh b/bin/hardening/12.9_find_ungrouped_files.sh index 7be3f7f..1e79e33 100755 --- a/bin/hardening/12.9_find_ungrouped_files.sh +++ b/bin/hardening/12.9_find_ungrouped_files.sh @@ -51,6 +51,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/13.10_find_user_rhosts_files.sh b/bin/hardening/13.10_find_user_rhosts_files.sh index c2f6a89..6e16d71 100755 --- a/bin/hardening/13.10_find_user_rhosts_files.sh +++ b/bin/hardening/13.10_find_user_rhosts_files.sh @@ -49,6 +49,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/13.11_find_passwd_group_inconsistencies.sh b/bin/hardening/13.11_find_passwd_group_inconsistencies.sh index 2e1dfee..6acdffb 100755 --- a/bin/hardening/13.11_find_passwd_group_inconsistencies.sh +++ b/bin/hardening/13.11_find_passwd_group_inconsistencies.sh @@ -47,6 +47,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/13.12_users_valid_homedir.sh b/bin/hardening/13.12_users_valid_homedir.sh index 90c26cf..7ecf4dd 100755 --- a/bin/hardening/13.12_users_valid_homedir.sh +++ b/bin/hardening/13.12_users_valid_homedir.sh @@ -50,6 +50,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/13.13_check_user_homedir_ownership.sh b/bin/hardening/13.13_check_user_homedir_ownership.sh index feb0027..e87f605 100755 --- a/bin/hardening/13.13_check_user_homedir_ownership.sh +++ b/bin/hardening/13.13_check_user_homedir_ownership.sh @@ -61,6 +61,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/13.14_check_duplicate_uid.sh b/bin/hardening/13.14_check_duplicate_uid.sh index b30bc84..2fdeaad 100755 --- a/bin/hardening/13.14_check_duplicate_uid.sh +++ b/bin/hardening/13.14_check_duplicate_uid.sh @@ -50,6 +50,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/13.15_check_duplicate_gid.sh b/bin/hardening/13.15_check_duplicate_gid.sh index 24b7bf9..0c1b3fa 100755 --- a/bin/hardening/13.15_check_duplicate_gid.sh +++ b/bin/hardening/13.15_check_duplicate_gid.sh @@ -50,6 +50,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/13.16_check_duplicate_username.sh b/bin/hardening/13.16_check_duplicate_username.sh index de642af..e29d516 100755 --- a/bin/hardening/13.16_check_duplicate_username.sh +++ b/bin/hardening/13.16_check_duplicate_username.sh @@ -50,6 +50,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/13.17_check_duplicate_groupname.sh b/bin/hardening/13.17_check_duplicate_groupname.sh index 10b1ec6..fecb922 100755 --- a/bin/hardening/13.17_check_duplicate_groupname.sh +++ b/bin/hardening/13.17_check_duplicate_groupname.sh @@ -50,6 +50,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/13.18_find_user_netrc_files.sh b/bin/hardening/13.18_find_user_netrc_files.sh index 3d70606..cf9c63a 100755 --- a/bin/hardening/13.18_find_user_netrc_files.sh +++ b/bin/hardening/13.18_find_user_netrc_files.sh @@ -49,6 +49,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/13.19_find_user_forward_files.sh b/bin/hardening/13.19_find_user_forward_files.sh index da81331..c3f262d 100755 --- a/bin/hardening/13.19_find_user_forward_files.sh +++ b/bin/hardening/13.19_find_user_forward_files.sh @@ -49,6 +49,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/13.1_remove_empty_password_field.sh b/bin/hardening/13.1_remove_empty_password_field.sh index 28a09e5..bcf614b 100755 --- a/bin/hardening/13.1_remove_empty_password_field.sh +++ b/bin/hardening/13.1_remove_empty_password_field.sh @@ -52,6 +52,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/13.20_shadow_group_empty.sh b/bin/hardening/13.20_shadow_group_empty.sh index c92c924..19573b5 100755 --- a/bin/hardening/13.20_shadow_group_empty.sh +++ b/bin/hardening/13.20_shadow_group_empty.sh @@ -59,6 +59,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/13.2_remove_legacy_passwd_entries.sh b/bin/hardening/13.2_remove_legacy_passwd_entries.sh index 6c7d751..4924934 100755 --- a/bin/hardening/13.2_remove_legacy_passwd_entries.sh +++ b/bin/hardening/13.2_remove_legacy_passwd_entries.sh @@ -53,6 +53,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/13.3_remove_legacy_shadow_entries.sh b/bin/hardening/13.3_remove_legacy_shadow_entries.sh index 96d5e3d..2e88888 100755 --- a/bin/hardening/13.3_remove_legacy_shadow_entries.sh +++ b/bin/hardening/13.3_remove_legacy_shadow_entries.sh @@ -53,6 +53,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/13.4_remove_legacy_group_entries.sh b/bin/hardening/13.4_remove_legacy_group_entries.sh index a59b111..13323ce 100755 --- a/bin/hardening/13.4_remove_legacy_group_entries.sh +++ b/bin/hardening/13.4_remove_legacy_group_entries.sh @@ -53,6 +53,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/13.5_find_0_uid_non_root_account.sh b/bin/hardening/13.5_find_0_uid_non_root_account.sh index 36530f3..2e3aee6 100755 --- a/bin/hardening/13.5_find_0_uid_non_root_account.sh +++ b/bin/hardening/13.5_find_0_uid_non_root_account.sh @@ -57,6 +57,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/13.6_sanitize_root_path.sh b/bin/hardening/13.6_sanitize_root_path.sh index 5ce868e..d2da9fa 100755 --- a/bin/hardening/13.6_sanitize_root_path.sh +++ b/bin/hardening/13.6_sanitize_root_path.sh @@ -76,6 +76,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/13.7_check_user_dir_perm.sh b/bin/hardening/13.7_check_user_dir_perm.sh index d3b8d57..1132a65 100755 --- a/bin/hardening/13.7_check_user_dir_perm.sh +++ b/bin/hardening/13.7_check_user_dir_perm.sh @@ -101,6 +101,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/13.8_check_user_dot_file_perm.sh b/bin/hardening/13.8_check_user_dot_file_perm.sh index 4bdda40..92eadc9 100755 --- a/bin/hardening/13.8_check_user_dot_file_perm.sh +++ b/bin/hardening/13.8_check_user_dot_file_perm.sh @@ -69,6 +69,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/13.9_set_perm_on_user_netrc.sh b/bin/hardening/13.9_set_perm_on_user_netrc.sh index 043f3d0..8c05416 100755 --- a/bin/hardening/13.9_set_perm_on_user_netrc.sh +++ b/bin/hardening/13.9_set_perm_on_user_netrc.sh @@ -68,6 +68,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/2.10_home_nodev.sh b/bin/hardening/2.10_home_nodev.sh index aedf2cd..5459d3f 100755 --- a/bin/hardening/2.10_home_nodev.sh +++ b/bin/hardening/2.10_home_nodev.sh @@ -73,6 +73,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/2.11_removable_device_nodev.sh b/bin/hardening/2.11_removable_device_nodev.sh index 62f34d8..0057d89 100755 --- a/bin/hardening/2.11_removable_device_nodev.sh +++ b/bin/hardening/2.11_removable_device_nodev.sh @@ -61,6 +61,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/2.12_removable_device_noexec.sh b/bin/hardening/2.12_removable_device_noexec.sh index 23ea761..91a69d5 100755 --- a/bin/hardening/2.12_removable_device_noexec.sh +++ b/bin/hardening/2.12_removable_device_noexec.sh @@ -61,6 +61,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/2.13_removable_device_nosuid.sh b/bin/hardening/2.13_removable_device_nosuid.sh index e14a307..541904b 100755 --- a/bin/hardening/2.13_removable_device_nosuid.sh +++ b/bin/hardening/2.13_removable_device_nosuid.sh @@ -61,6 +61,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/2.14_run_shm_nodev.sh b/bin/hardening/2.14_run_shm_nodev.sh index ead5eb5..7d1ad62 100755 --- a/bin/hardening/2.14_run_shm_nodev.sh +++ b/bin/hardening/2.14_run_shm_nodev.sh @@ -73,6 +73,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/2.15_run_shm_nosuid.sh b/bin/hardening/2.15_run_shm_nosuid.sh index a2906d9..5d91ae7 100755 --- a/bin/hardening/2.15_run_shm_nosuid.sh +++ b/bin/hardening/2.15_run_shm_nosuid.sh @@ -73,6 +73,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/2.16_run_shm_noexec.sh b/bin/hardening/2.16_run_shm_noexec.sh index 8390ac1..2e2b3cb 100755 --- a/bin/hardening/2.16_run_shm_noexec.sh +++ b/bin/hardening/2.16_run_shm_noexec.sh @@ -73,6 +73,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/2.17_sticky_bit_world_writable_folder.sh b/bin/hardening/2.17_sticky_bit_world_writable_folder.sh index 1e5e807..2785ae5 100755 --- a/bin/hardening/2.17_sticky_bit_world_writable_folder.sh +++ b/bin/hardening/2.17_sticky_bit_world_writable_folder.sh @@ -48,6 +48,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/2.18_disable_cramfs.sh b/bin/hardening/2.18_disable_cramfs.sh index 182f7c2..a18f109 100755 --- a/bin/hardening/2.18_disable_cramfs.sh +++ b/bin/hardening/2.18_disable_cramfs.sh @@ -50,6 +50,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/2.19_disable_freevxfs.sh b/bin/hardening/2.19_disable_freevxfs.sh index b9d3fac..a3d222a 100755 --- a/bin/hardening/2.19_disable_freevxfs.sh +++ b/bin/hardening/2.19_disable_freevxfs.sh @@ -50,6 +50,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/2.1_tmp_partition.sh b/bin/hardening/2.1_tmp_partition.sh index 5a6413f..cc7e475 100755 --- a/bin/hardening/2.1_tmp_partition.sh +++ b/bin/hardening/2.1_tmp_partition.sh @@ -62,6 +62,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/2.20_disable_jffs2.sh b/bin/hardening/2.20_disable_jffs2.sh index 62af84b..98fb2d5 100755 --- a/bin/hardening/2.20_disable_jffs2.sh +++ b/bin/hardening/2.20_disable_jffs2.sh @@ -50,6 +50,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/2.21_disable_hfs.sh b/bin/hardening/2.21_disable_hfs.sh index 9279411..abedc00 100755 --- a/bin/hardening/2.21_disable_hfs.sh +++ b/bin/hardening/2.21_disable_hfs.sh @@ -50,6 +50,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/2.22_disable_hfsplus.sh b/bin/hardening/2.22_disable_hfsplus.sh index c1c8b62..9d04eb5 100755 --- a/bin/hardening/2.22_disable_hfsplus.sh +++ b/bin/hardening/2.22_disable_hfsplus.sh @@ -50,6 +50,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/2.23_disable_squashfs.sh b/bin/hardening/2.23_disable_squashfs.sh index 8642e20..f6444f4 100755 --- a/bin/hardening/2.23_disable_squashfs.sh +++ b/bin/hardening/2.23_disable_squashfs.sh @@ -50,6 +50,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/2.24_disable_udf.sh b/bin/hardening/2.24_disable_udf.sh index 2cd1942..605430b 100755 --- a/bin/hardening/2.24_disable_udf.sh +++ b/bin/hardening/2.24_disable_udf.sh @@ -50,6 +50,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/2.25_disable_automounting.sh b/bin/hardening/2.25_disable_automounting.sh index 001ceec..2b2f42b 100755 --- a/bin/hardening/2.25_disable_automounting.sh +++ b/bin/hardening/2.25_disable_automounting.sh @@ -49,6 +49,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/2.2_tmp_nodev.sh b/bin/hardening/2.2_tmp_nodev.sh index 269232e..7a7fc90 100755 --- a/bin/hardening/2.2_tmp_nodev.sh +++ b/bin/hardening/2.2_tmp_nodev.sh @@ -73,6 +73,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/2.3_tmp_nosuid.sh b/bin/hardening/2.3_tmp_nosuid.sh index 0b871c7..4e5bc4e 100755 --- a/bin/hardening/2.3_tmp_nosuid.sh +++ b/bin/hardening/2.3_tmp_nosuid.sh @@ -73,6 +73,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/2.4_tmp_noexec.sh b/bin/hardening/2.4_tmp_noexec.sh index 8e7f0c0..7b2cc65 100755 --- a/bin/hardening/2.4_tmp_noexec.sh +++ b/bin/hardening/2.4_tmp_noexec.sh @@ -73,6 +73,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/2.5_var_partition.sh b/bin/hardening/2.5_var_partition.sh index 14b9173..7f565f4 100755 --- a/bin/hardening/2.5_var_partition.sh +++ b/bin/hardening/2.5_var_partition.sh @@ -62,6 +62,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/2.6.1_var_tmp_partition.sh b/bin/hardening/2.6.1_var_tmp_partition.sh index 3569657..422b35a 100755 --- a/bin/hardening/2.6.1_var_tmp_partition.sh +++ b/bin/hardening/2.6.1_var_tmp_partition.sh @@ -62,6 +62,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/2.6.2_var_tmp_nodev.sh b/bin/hardening/2.6.2_var_tmp_nodev.sh index f156c3f..41d0aca 100755 --- a/bin/hardening/2.6.2_var_tmp_nodev.sh +++ b/bin/hardening/2.6.2_var_tmp_nodev.sh @@ -73,6 +73,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/2.6.3_var_tmp_nosuid.sh b/bin/hardening/2.6.3_var_tmp_nosuid.sh index 425d8f3..e9a8132 100755 --- a/bin/hardening/2.6.3_var_tmp_nosuid.sh +++ b/bin/hardening/2.6.3_var_tmp_nosuid.sh @@ -73,6 +73,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/2.6.4_var_tmp_noexec.sh b/bin/hardening/2.6.4_var_tmp_noexec.sh index 05c43da..6cde5aa 100755 --- a/bin/hardening/2.6.4_var_tmp_noexec.sh +++ b/bin/hardening/2.6.4_var_tmp_noexec.sh @@ -73,6 +73,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/2.7_var_log_partition.sh b/bin/hardening/2.7_var_log_partition.sh index dd8e750..2951000 100755 --- a/bin/hardening/2.7_var_log_partition.sh +++ b/bin/hardening/2.7_var_log_partition.sh @@ -62,6 +62,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/2.8_var_log_audit_partition.sh b/bin/hardening/2.8_var_log_audit_partition.sh index 710f9d8..7a79c5b 100755 --- a/bin/hardening/2.8_var_log_audit_partition.sh +++ b/bin/hardening/2.8_var_log_audit_partition.sh @@ -62,6 +62,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/2.9_home_partition.sh b/bin/hardening/2.9_home_partition.sh index e2fe440..a3b5930 100755 --- a/bin/hardening/2.9_home_partition.sh +++ b/bin/hardening/2.9_home_partition.sh @@ -62,6 +62,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/3.1_bootloader_ownership.sh b/bin/hardening/3.1_bootloader_ownership.sh index 65e4cfc..8ad6485 100755 --- a/bin/hardening/3.1_bootloader_ownership.sh +++ b/bin/hardening/3.1_bootloader_ownership.sh @@ -71,6 +71,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/3.2_bootloader_permissions.sh b/bin/hardening/3.2_bootloader_permissions.sh index c2b18df..6504242 100755 --- a/bin/hardening/3.2_bootloader_permissions.sh +++ b/bin/hardening/3.2_bootloader_permissions.sh @@ -58,6 +58,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/3.3_bootloader_password.sh b/bin/hardening/3.3_bootloader_password.sh index 36f03ed..63c4983 100755 --- a/bin/hardening/3.3_bootloader_password.sh +++ b/bin/hardening/3.3_bootloader_password.sh @@ -69,6 +69,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/3.4_root_password.sh b/bin/hardening/3.4_root_password.sh index 1297622..498818b 100755 --- a/bin/hardening/3.4_root_password.sh +++ b/bin/hardening/3.4_root_password.sh @@ -48,6 +48,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/4.1_restrict_core_dumps.sh b/bin/hardening/4.1_restrict_core_dumps.sh index 885a060..5975f54 100755 --- a/bin/hardening/4.1_restrict_core_dumps.sh +++ b/bin/hardening/4.1_restrict_core_dumps.sh @@ -68,6 +68,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/4.2_enable_nx_support.sh b/bin/hardening/4.2_enable_nx_support.sh index 4d0b0e9..30b484a 100755 --- a/bin/hardening/4.2_enable_nx_support.sh +++ b/bin/hardening/4.2_enable_nx_support.sh @@ -46,6 +46,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/4.3_enable_randomized_vm_placement.sh b/bin/hardening/4.3_enable_randomized_vm_placement.sh index 2220529..4a373c9 100755 --- a/bin/hardening/4.3_enable_randomized_vm_placement.sh +++ b/bin/hardening/4.3_enable_randomized_vm_placement.sh @@ -52,6 +52,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/4.4_disable_prelink.sh b/bin/hardening/4.4_disable_prelink.sh index 239b944..c8eb21a 100755 --- a/bin/hardening/4.4_disable_prelink.sh +++ b/bin/hardening/4.4_disable_prelink.sh @@ -51,6 +51,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/4.5_enable_apparmor.sh b/bin/hardening/4.5_enable_apparmor.sh index ca734f9..f735392 100755 --- a/bin/hardening/4.5_enable_apparmor.sh +++ b/bin/hardening/4.5_enable_apparmor.sh @@ -48,6 +48,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/5.1.1_disable_nis.sh b/bin/hardening/5.1.1_disable_nis.sh index bee94fd..bddf22d 100755 --- a/bin/hardening/5.1.1_disable_nis.sh +++ b/bin/hardening/5.1.1_disable_nis.sh @@ -49,6 +49,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/5.1.2_disable_rsh.sh b/bin/hardening/5.1.2_disable_rsh.sh index 70f42b3..bd7a380 100755 --- a/bin/hardening/5.1.2_disable_rsh.sh +++ b/bin/hardening/5.1.2_disable_rsh.sh @@ -81,6 +81,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/5.1.3_disable_rsh_client.sh b/bin/hardening/5.1.3_disable_rsh_client.sh index 7669d19..3a83a31 100755 --- a/bin/hardening/5.1.3_disable_rsh_client.sh +++ b/bin/hardening/5.1.3_disable_rsh_client.sh @@ -53,6 +53,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/5.1.4_disable_talk.sh b/bin/hardening/5.1.4_disable_talk.sh index c8b70a9..3a91b67 100755 --- a/bin/hardening/5.1.4_disable_talk.sh +++ b/bin/hardening/5.1.4_disable_talk.sh @@ -80,6 +80,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/5.1.5_disable_talk_client.sh b/bin/hardening/5.1.5_disable_talk_client.sh index 0b4b738..db637b8 100755 --- a/bin/hardening/5.1.5_disable_talk_client.sh +++ b/bin/hardening/5.1.5_disable_talk_client.sh @@ -52,6 +52,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/5.1.6_disable_telnet_server.sh b/bin/hardening/5.1.6_disable_telnet_server.sh index 916da33..9289a98 100755 --- a/bin/hardening/5.1.6_disable_telnet_server.sh +++ b/bin/hardening/5.1.6_disable_telnet_server.sh @@ -81,6 +81,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/5.1.7_disable_tftp_server.sh b/bin/hardening/5.1.7_disable_tftp_server.sh index 2e2c80b..26932eb 100755 --- a/bin/hardening/5.1.7_disable_tftp_server.sh +++ b/bin/hardening/5.1.7_disable_tftp_server.sh @@ -81,6 +81,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/5.1.8_disable_inetd.sh b/bin/hardening/5.1.8_disable_inetd.sh index 107be46..95b2f96 100755 --- a/bin/hardening/5.1.8_disable_inetd.sh +++ b/bin/hardening/5.1.8_disable_inetd.sh @@ -52,6 +52,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/5.2_disable_chargen.sh b/bin/hardening/5.2_disable_chargen.sh index 27b2d98..7408d6c 100755 --- a/bin/hardening/5.2_disable_chargen.sh +++ b/bin/hardening/5.2_disable_chargen.sh @@ -61,6 +61,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/5.3_disable_daytime.sh b/bin/hardening/5.3_disable_daytime.sh index 3e6dd54..77821ee 100755 --- a/bin/hardening/5.3_disable_daytime.sh +++ b/bin/hardening/5.3_disable_daytime.sh @@ -61,6 +61,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/5.4_disable_echo.sh b/bin/hardening/5.4_disable_echo.sh index 42a183c..e38b4cf 100755 --- a/bin/hardening/5.4_disable_echo.sh +++ b/bin/hardening/5.4_disable_echo.sh @@ -61,6 +61,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/5.5_disable_discard.sh b/bin/hardening/5.5_disable_discard.sh index 9bbb130..8807aba 100755 --- a/bin/hardening/5.5_disable_discard.sh +++ b/bin/hardening/5.5_disable_discard.sh @@ -61,6 +61,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/5.6_disable_time.sh b/bin/hardening/5.6_disable_time.sh index b67f088..aa7be28 100755 --- a/bin/hardening/5.6_disable_time.sh +++ b/bin/hardening/5.6_disable_time.sh @@ -61,6 +61,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/6.10_disable_http_server.sh b/bin/hardening/6.10_disable_http_server.sh index adde773..c9f1cc9 100755 --- a/bin/hardening/6.10_disable_http_server.sh +++ b/bin/hardening/6.10_disable_http_server.sh @@ -53,6 +53,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/6.11_disable_imap_pop.sh b/bin/hardening/6.11_disable_imap_pop.sh index 68ad1c9..414283a 100755 --- a/bin/hardening/6.11_disable_imap_pop.sh +++ b/bin/hardening/6.11_disable_imap_pop.sh @@ -53,6 +53,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/6.12_disable_samba.sh b/bin/hardening/6.12_disable_samba.sh index 374ba03..c89793b 100755 --- a/bin/hardening/6.12_disable_samba.sh +++ b/bin/hardening/6.12_disable_samba.sh @@ -52,6 +52,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/6.13_disable_http_proxy.sh b/bin/hardening/6.13_disable_http_proxy.sh index 310bdd0..b7c00cc 100755 --- a/bin/hardening/6.13_disable_http_proxy.sh +++ b/bin/hardening/6.13_disable_http_proxy.sh @@ -52,6 +52,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/6.14_disable_snmp_server.sh b/bin/hardening/6.14_disable_snmp_server.sh index e058e05..fa6a144 100755 --- a/bin/hardening/6.14_disable_snmp_server.sh +++ b/bin/hardening/6.14_disable_snmp_server.sh @@ -52,6 +52,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/6.15_mta_localhost.sh b/bin/hardening/6.15_mta_localhost.sh index 82b8c2d..9404650 100755 --- a/bin/hardening/6.15_mta_localhost.sh +++ b/bin/hardening/6.15_mta_localhost.sh @@ -59,6 +59,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/6.16_disable_rsync.sh b/bin/hardening/6.16_disable_rsync.sh index ac4e9c6..95ad6d5 100755 --- a/bin/hardening/6.16_disable_rsync.sh +++ b/bin/hardening/6.16_disable_rsync.sh @@ -63,6 +63,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/6.1_disable_xwindow_system.sh b/bin/hardening/6.1_disable_xwindow_system.sh index c13241c..3bec993 100755 --- a/bin/hardening/6.1_disable_xwindow_system.sh +++ b/bin/hardening/6.1_disable_xwindow_system.sh @@ -53,6 +53,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/6.2_disable_avahi_server.sh b/bin/hardening/6.2_disable_avahi_server.sh index 0663849..232a0f1 100755 --- a/bin/hardening/6.2_disable_avahi_server.sh +++ b/bin/hardening/6.2_disable_avahi_server.sh @@ -52,6 +52,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/6.3_disable_print_server.sh b/bin/hardening/6.3_disable_print_server.sh index 678db7d..0d55e7f 100755 --- a/bin/hardening/6.3_disable_print_server.sh +++ b/bin/hardening/6.3_disable_print_server.sh @@ -52,6 +52,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/6.4_disable_dhcp.sh b/bin/hardening/6.4_disable_dhcp.sh index 28b9957..848df33 100755 --- a/bin/hardening/6.4_disable_dhcp.sh +++ b/bin/hardening/6.4_disable_dhcp.sh @@ -52,6 +52,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/6.5_configure_ntp.sh b/bin/hardening/6.5_configure_ntp.sh index 5d6a3ae..67bed3d 100755 --- a/bin/hardening/6.5_configure_ntp.sh +++ b/bin/hardening/6.5_configure_ntp.sh @@ -80,6 +80,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/6.6_disable_ldap.sh b/bin/hardening/6.6_disable_ldap.sh index c003a65..c2a337d 100755 --- a/bin/hardening/6.6_disable_ldap.sh +++ b/bin/hardening/6.6_disable_ldap.sh @@ -52,6 +52,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/6.7_disable_nfs_rpc.sh b/bin/hardening/6.7_disable_nfs_rpc.sh index f86cf38..a318aa8 100755 --- a/bin/hardening/6.7_disable_nfs_rpc.sh +++ b/bin/hardening/6.7_disable_nfs_rpc.sh @@ -52,6 +52,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/6.8_disable_dns_server.sh b/bin/hardening/6.8_disable_dns_server.sh index d3475da..2acdbd9 100755 --- a/bin/hardening/6.8_disable_dns_server.sh +++ b/bin/hardening/6.8_disable_dns_server.sh @@ -52,6 +52,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/6.9_disable_ftp.sh b/bin/hardening/6.9_disable_ftp.sh index 353ebb0..c9ea292 100755 --- a/bin/hardening/6.9_disable_ftp.sh +++ b/bin/hardening/6.9_disable_ftp.sh @@ -53,6 +53,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/7.1.1_disable_ip_forwarding.sh b/bin/hardening/7.1.1_disable_ip_forwarding.sh index 364f7f9..48611f9 100755 --- a/bin/hardening/7.1.1_disable_ip_forwarding.sh +++ b/bin/hardening/7.1.1_disable_ip_forwarding.sh @@ -53,6 +53,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/7.1.2_disable_send_packet_redirects.sh b/bin/hardening/7.1.2_disable_send_packet_redirects.sh index c87a093..54364a1 100755 --- a/bin/hardening/7.1.2_disable_send_packet_redirects.sh +++ b/bin/hardening/7.1.2_disable_send_packet_redirects.sh @@ -63,6 +63,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/7.2.1_disable_source_routed_packets.sh b/bin/hardening/7.2.1_disable_source_routed_packets.sh index 62ce83c..b057a2c 100755 --- a/bin/hardening/7.2.1_disable_source_routed_packets.sh +++ b/bin/hardening/7.2.1_disable_source_routed_packets.sh @@ -62,6 +62,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/7.2.2_disable_icmp_redirect.sh b/bin/hardening/7.2.2_disable_icmp_redirect.sh index 271fa5d..1a8a193 100755 --- a/bin/hardening/7.2.2_disable_icmp_redirect.sh +++ b/bin/hardening/7.2.2_disable_icmp_redirect.sh @@ -62,6 +62,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/7.2.3_disable_secure_icmp_redirect.sh b/bin/hardening/7.2.3_disable_secure_icmp_redirect.sh index bcffd36..5ce550f 100755 --- a/bin/hardening/7.2.3_disable_secure_icmp_redirect.sh +++ b/bin/hardening/7.2.3_disable_secure_icmp_redirect.sh @@ -62,6 +62,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/7.2.4_log_martian_packets.sh b/bin/hardening/7.2.4_log_martian_packets.sh index be52137..4f56bb8 100755 --- a/bin/hardening/7.2.4_log_martian_packets.sh +++ b/bin/hardening/7.2.4_log_martian_packets.sh @@ -62,6 +62,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/7.2.5_ignore_broadcast_requests.sh b/bin/hardening/7.2.5_ignore_broadcast_requests.sh index 5b1ab9d..2dbf1dd 100755 --- a/bin/hardening/7.2.5_ignore_broadcast_requests.sh +++ b/bin/hardening/7.2.5_ignore_broadcast_requests.sh @@ -62,6 +62,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/7.2.6_enable_bad_error_message_protection.sh b/bin/hardening/7.2.6_enable_bad_error_message_protection.sh index 5af67cd..f03bec1 100755 --- a/bin/hardening/7.2.6_enable_bad_error_message_protection.sh +++ b/bin/hardening/7.2.6_enable_bad_error_message_protection.sh @@ -62,6 +62,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/7.2.7_enable_source_route_validation.sh b/bin/hardening/7.2.7_enable_source_route_validation.sh index 07ad4dc..5c80650 100755 --- a/bin/hardening/7.2.7_enable_source_route_validation.sh +++ b/bin/hardening/7.2.7_enable_source_route_validation.sh @@ -62,6 +62,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/7.2.8_enable_tcp_syn_cookies.sh b/bin/hardening/7.2.8_enable_tcp_syn_cookies.sh index 6e9c502..1e3c13b 100755 --- a/bin/hardening/7.2.8_enable_tcp_syn_cookies.sh +++ b/bin/hardening/7.2.8_enable_tcp_syn_cookies.sh @@ -62,6 +62,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/7.3.1_disable_ipv6_router_advertisement.sh b/bin/hardening/7.3.1_disable_ipv6_router_advertisement.sh index 4d7b833..63e5a04 100755 --- a/bin/hardening/7.3.1_disable_ipv6_router_advertisement.sh +++ b/bin/hardening/7.3.1_disable_ipv6_router_advertisement.sh @@ -72,6 +72,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/7.3.2_disable_ipv6_redirect.sh b/bin/hardening/7.3.2_disable_ipv6_redirect.sh index db98522..16cc84b 100755 --- a/bin/hardening/7.3.2_disable_ipv6_redirect.sh +++ b/bin/hardening/7.3.2_disable_ipv6_redirect.sh @@ -72,6 +72,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/7.3.3_disable_ipv6.sh b/bin/hardening/7.3.3_disable_ipv6.sh index bef82eb..86c823b 100755 --- a/bin/hardening/7.3.3_disable_ipv6.sh +++ b/bin/hardening/7.3.3_disable_ipv6.sh @@ -72,6 +72,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/7.4.1_install_tcp_wrapper.sh b/bin/hardening/7.4.1_install_tcp_wrapper.sh index 6080292..adabcf6 100755 --- a/bin/hardening/7.4.1_install_tcp_wrapper.sh +++ b/bin/hardening/7.4.1_install_tcp_wrapper.sh @@ -47,6 +47,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/7.4.2_hosts_allow.sh b/bin/hardening/7.4.2_hosts_allow.sh index a60c947..c6a13ae 100755 --- a/bin/hardening/7.4.2_hosts_allow.sh +++ b/bin/hardening/7.4.2_hosts_allow.sh @@ -48,6 +48,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/7.4.3_hosts_allow_permissions.sh b/bin/hardening/7.4.3_hosts_allow_permissions.sh index d40fe39..381f5a7 100755 --- a/bin/hardening/7.4.3_hosts_allow_permissions.sh +++ b/bin/hardening/7.4.3_hosts_allow_permissions.sh @@ -48,6 +48,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/7.4.4_hosts_deny.sh b/bin/hardening/7.4.4_hosts_deny.sh index cf70382..f2649bb 100755 --- a/bin/hardening/7.4.4_hosts_deny.sh +++ b/bin/hardening/7.4.4_hosts_deny.sh @@ -62,6 +62,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/7.4.5_hosts_deny_permissions.sh b/bin/hardening/7.4.5_hosts_deny_permissions.sh index 6960f2d..9930f56 100755 --- a/bin/hardening/7.4.5_hosts_deny_permissions.sh +++ b/bin/hardening/7.4.5_hosts_deny_permissions.sh @@ -48,6 +48,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/7.5.1_disable_dccp.sh b/bin/hardening/7.5.1_disable_dccp.sh index 21fff17..e997418 100755 --- a/bin/hardening/7.5.1_disable_dccp.sh +++ b/bin/hardening/7.5.1_disable_dccp.sh @@ -34,6 +34,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/7.5.2_disable_sctp.sh b/bin/hardening/7.5.2_disable_sctp.sh index 2350d25..490d430 100755 --- a/bin/hardening/7.5.2_disable_sctp.sh +++ b/bin/hardening/7.5.2_disable_sctp.sh @@ -34,6 +34,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/7.5.3_disable_rds.sh b/bin/hardening/7.5.3_disable_rds.sh index 9302c7d..a8901ee 100755 --- a/bin/hardening/7.5.3_disable_rds.sh +++ b/bin/hardening/7.5.3_disable_rds.sh @@ -34,6 +34,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/7.5.4_disable_tipc.sh b/bin/hardening/7.5.4_disable_tipc.sh index 0c7fa01..f55b540 100755 --- a/bin/hardening/7.5.4_disable_tipc.sh +++ b/bin/hardening/7.5.4_disable_tipc.sh @@ -34,6 +34,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/7.6_disable_wireless.sh b/bin/hardening/7.6_disable_wireless.sh index 0cc7c87..a88dc83 100755 --- a/bin/hardening/7.6_disable_wireless.sh +++ b/bin/hardening/7.6_disable_wireless.sh @@ -34,6 +34,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/7.7_enable_firewall.sh b/bin/hardening/7.7_enable_firewall.sh index d1c9c46..28c0033 100755 --- a/bin/hardening/7.7_enable_firewall.sh +++ b/bin/hardening/7.7_enable_firewall.sh @@ -50,6 +50,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/8.0_enable_auditd_kernel.sh b/bin/hardening/8.0_enable_auditd_kernel.sh index 7bfa3b5..8f9c443 100755 --- a/bin/hardening/8.0_enable_auditd_kernel.sh +++ b/bin/hardening/8.0_enable_auditd_kernel.sh @@ -51,6 +51,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/8.1.1.1_audit_log_storage.sh b/bin/hardening/8.1.1.1_audit_log_storage.sh index 19c19fc..0211d8e 100755 --- a/bin/hardening/8.1.1.1_audit_log_storage.sh +++ b/bin/hardening/8.1.1.1_audit_log_storage.sh @@ -62,6 +62,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/8.1.1.2_halt_when_audit_log_full.sh b/bin/hardening/8.1.1.2_halt_when_audit_log_full.sh index 39cbb95..915dec0 100755 --- a/bin/hardening/8.1.1.2_halt_when_audit_log_full.sh +++ b/bin/hardening/8.1.1.2_halt_when_audit_log_full.sh @@ -80,6 +80,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/8.1.1.3_keep_all_audit_logs.sh b/bin/hardening/8.1.1.3_keep_all_audit_logs.sh index f531273..18d7d3d 100755 --- a/bin/hardening/8.1.1.3_keep_all_audit_logs.sh +++ b/bin/hardening/8.1.1.3_keep_all_audit_logs.sh @@ -80,6 +80,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/8.1.10_record_dac_edit.sh b/bin/hardening/8.1.10_record_dac_edit.sh index 58691d7..f28b9b4 100755 --- a/bin/hardening/8.1.10_record_dac_edit.sh +++ b/bin/hardening/8.1.10_record_dac_edit.sh @@ -62,6 +62,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/8.1.11_record_failed_access_file.sh b/bin/hardening/8.1.11_record_failed_access_file.sh index b65166f..1bd9d8b 100755 --- a/bin/hardening/8.1.11_record_failed_access_file.sh +++ b/bin/hardening/8.1.11_record_failed_access_file.sh @@ -60,6 +60,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/8.1.12_record_privileged_commands.sh b/bin/hardening/8.1.12_record_privileged_commands.sh index e2be563..6788870 100755 --- a/bin/hardening/8.1.12_record_privileged_commands.sh +++ b/bin/hardening/8.1.12_record_privileged_commands.sh @@ -60,6 +60,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/8.1.13_record_successful_mount.sh b/bin/hardening/8.1.13_record_successful_mount.sh index d76acf1..37a19fa 100755 --- a/bin/hardening/8.1.13_record_successful_mount.sh +++ b/bin/hardening/8.1.13_record_successful_mount.sh @@ -58,6 +58,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/8.1.14_record_file_deletions.sh b/bin/hardening/8.1.14_record_file_deletions.sh index 679669d..c6c00ee 100755 --- a/bin/hardening/8.1.14_record_file_deletions.sh +++ b/bin/hardening/8.1.14_record_file_deletions.sh @@ -58,6 +58,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/8.1.15_record_sudoers_edit.sh b/bin/hardening/8.1.15_record_sudoers_edit.sh index 62818dd..24a42fb 100755 --- a/bin/hardening/8.1.15_record_sudoers_edit.sh +++ b/bin/hardening/8.1.15_record_sudoers_edit.sh @@ -58,6 +58,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/8.1.16_record_sudo_usage.sh b/bin/hardening/8.1.16_record_sudo_usage.sh index a279d8b..7a71f2f 100755 --- a/bin/hardening/8.1.16_record_sudo_usage.sh +++ b/bin/hardening/8.1.16_record_sudo_usage.sh @@ -57,6 +57,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/8.1.17_record_kernel_modules.sh b/bin/hardening/8.1.17_record_kernel_modules.sh index 67c135c..5ebf25e 100755 --- a/bin/hardening/8.1.17_record_kernel_modules.sh +++ b/bin/hardening/8.1.17_record_kernel_modules.sh @@ -60,6 +60,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/8.1.18_freeze_auditd_conf.sh b/bin/hardening/8.1.18_freeze_auditd_conf.sh index 3283973..956885f 100755 --- a/bin/hardening/8.1.18_freeze_auditd_conf.sh +++ b/bin/hardening/8.1.18_freeze_auditd_conf.sh @@ -57,6 +57,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/8.1.2_enable_auditd.sh b/bin/hardening/8.1.2_enable_auditd.sh index 1a646d7..66ed321 100755 --- a/bin/hardening/8.1.2_enable_auditd.sh +++ b/bin/hardening/8.1.2_enable_auditd.sh @@ -62,6 +62,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/8.1.3_audit_bootloader.sh b/bin/hardening/8.1.3_audit_bootloader.sh index cd53f95..a47fec4 100755 --- a/bin/hardening/8.1.3_audit_bootloader.sh +++ b/bin/hardening/8.1.3_audit_bootloader.sh @@ -80,6 +80,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/8.1.4_record_date_time_edit.sh b/bin/hardening/8.1.4_record_date_time_edit.sh index 43f4f03..4483911 100755 --- a/bin/hardening/8.1.4_record_date_time_edit.sh +++ b/bin/hardening/8.1.4_record_date_time_edit.sh @@ -61,6 +61,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/8.1.5_record_user_group_edit.sh b/bin/hardening/8.1.5_record_user_group_edit.sh index b075d9a..57c2d02 100755 --- a/bin/hardening/8.1.5_record_user_group_edit.sh +++ b/bin/hardening/8.1.5_record_user_group_edit.sh @@ -61,6 +61,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/8.1.6_record_network_edit.sh b/bin/hardening/8.1.6_record_network_edit.sh index 033e0ea..fefed01 100755 --- a/bin/hardening/8.1.6_record_network_edit.sh +++ b/bin/hardening/8.1.6_record_network_edit.sh @@ -62,6 +62,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/8.1.7_record_mac_edit.sh b/bin/hardening/8.1.7_record_mac_edit.sh index b63a823..7a271fa 100755 --- a/bin/hardening/8.1.7_record_mac_edit.sh +++ b/bin/hardening/8.1.7_record_mac_edit.sh @@ -57,6 +57,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/8.1.8_record_login_logout.sh b/bin/hardening/8.1.8_record_login_logout.sh index e8553f5..75fe87a 100755 --- a/bin/hardening/8.1.8_record_login_logout.sh +++ b/bin/hardening/8.1.8_record_login_logout.sh @@ -59,6 +59,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/8.1.9_record_session_init.sh b/bin/hardening/8.1.9_record_session_init.sh index ae1aa03..45016c2 100755 --- a/bin/hardening/8.1.9_record_session_init.sh +++ b/bin/hardening/8.1.9_record_session_init.sh @@ -59,6 +59,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/8.2.1_install_syslog-ng.sh b/bin/hardening/8.2.1_install_syslog-ng.sh index 464f918..61c9c0a 100755 --- a/bin/hardening/8.2.1_install_syslog-ng.sh +++ b/bin/hardening/8.2.1_install_syslog-ng.sh @@ -48,6 +48,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/8.2.2_enable_syslog-ng.sh b/bin/hardening/8.2.2_enable_syslog-ng.sh index f808146..499a4c4 100755 --- a/bin/hardening/8.2.2_enable_syslog-ng.sh +++ b/bin/hardening/8.2.2_enable_syslog-ng.sh @@ -50,6 +50,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/8.2.3_configure_syslog-ng.sh b/bin/hardening/8.2.3_configure_syslog-ng.sh index 1e8ae0f..fa36f53 100755 --- a/bin/hardening/8.2.3_configure_syslog-ng.sh +++ b/bin/hardening/8.2.3_configure_syslog-ng.sh @@ -38,6 +38,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/8.2.4_set_logfile_perm.sh b/bin/hardening/8.2.4_set_logfile_perm.sh index 93ae3ec..9e3e84e 100755 --- a/bin/hardening/8.2.4_set_logfile_perm.sh +++ b/bin/hardening/8.2.4_set_logfile_perm.sh @@ -81,6 +81,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/8.2.5_syslog-ng_remote_host.sh b/bin/hardening/8.2.5_syslog-ng_remote_host.sh index c0f8f71..cb5916f 100755 --- a/bin/hardening/8.2.5_syslog-ng_remote_host.sh +++ b/bin/hardening/8.2.5_syslog-ng_remote_host.sh @@ -48,6 +48,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/8.2.6_remote_syslog-ng_acl.sh b/bin/hardening/8.2.6_remote_syslog-ng_acl.sh index dbaa0f6..4ccd8d8 100755 --- a/bin/hardening/8.2.6_remote_syslog-ng_acl.sh +++ b/bin/hardening/8.2.6_remote_syslog-ng_acl.sh @@ -34,6 +34,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/8.3.1_install_tripwire.sh b/bin/hardening/8.3.1_install_tripwire.sh index e9cb512..591ab2a 100755 --- a/bin/hardening/8.3.1_install_tripwire.sh +++ b/bin/hardening/8.3.1_install_tripwire.sh @@ -49,6 +49,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/8.3.2_tripwire_cron.sh b/bin/hardening/8.3.2_tripwire_cron.sh index 8a2b043..873ab51 100755 --- a/bin/hardening/8.3.2_tripwire_cron.sh +++ b/bin/hardening/8.3.2_tripwire_cron.sh @@ -48,6 +48,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/8.4_configure_logrotate.sh b/bin/hardening/8.4_configure_logrotate.sh index 100a9b8..3a7415c 100755 --- a/bin/hardening/8.4_configure_logrotate.sh +++ b/bin/hardening/8.4_configure_logrotate.sh @@ -38,6 +38,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/9.1.1_enable_cron.sh b/bin/hardening/9.1.1_enable_cron.sh index 85a1327..49fb1ae 100755 --- a/bin/hardening/9.1.1_enable_cron.sh +++ b/bin/hardening/9.1.1_enable_cron.sh @@ -62,6 +62,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/9.1.2_crontab_perm_ownership.sh b/bin/hardening/9.1.2_crontab_perm_ownership.sh index 0ec2dd1..1e8f140 100755 --- a/bin/hardening/9.1.2_crontab_perm_ownership.sh +++ b/bin/hardening/9.1.2_crontab_perm_ownership.sh @@ -77,6 +77,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/9.1.3_cron_hourly_perm_ownership.sh b/bin/hardening/9.1.3_cron_hourly_perm_ownership.sh index 880b997..e2ef13e 100755 --- a/bin/hardening/9.1.3_cron_hourly_perm_ownership.sh +++ b/bin/hardening/9.1.3_cron_hourly_perm_ownership.sh @@ -77,6 +77,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/9.1.4_cron_daily_perm_ownership.sh b/bin/hardening/9.1.4_cron_daily_perm_ownership.sh index ec4a53a..ffcde0b 100755 --- a/bin/hardening/9.1.4_cron_daily_perm_ownership.sh +++ b/bin/hardening/9.1.4_cron_daily_perm_ownership.sh @@ -77,6 +77,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/9.1.5_cron_weekly_perm_ownership.sh b/bin/hardening/9.1.5_cron_weekly_perm_ownership.sh index 6929156..fbb81e4 100755 --- a/bin/hardening/9.1.5_cron_weekly_perm_ownership.sh +++ b/bin/hardening/9.1.5_cron_weekly_perm_ownership.sh @@ -77,6 +77,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/9.1.6_cron_monthly_perm_ownership.sh b/bin/hardening/9.1.6_cron_monthly_perm_ownership.sh index 5cceed2..40b9aee 100755 --- a/bin/hardening/9.1.6_cron_monthly_perm_ownership.sh +++ b/bin/hardening/9.1.6_cron_monthly_perm_ownership.sh @@ -77,6 +77,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/9.1.7_cron_d_perm_ownership.sh b/bin/hardening/9.1.7_cron_d_perm_ownership.sh index 0ffb245..046e9ac 100755 --- a/bin/hardening/9.1.7_cron_d_perm_ownership.sh +++ b/bin/hardening/9.1.7_cron_d_perm_ownership.sh @@ -77,6 +77,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/9.1.8_cron_users.sh b/bin/hardening/9.1.8_cron_users.sh index 14e75d3..b89ad3d 100755 --- a/bin/hardening/9.1.8_cron_users.sh +++ b/bin/hardening/9.1.8_cron_users.sh @@ -104,6 +104,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/9.2.1_enable_cracklib.sh b/bin/hardening/9.2.1_enable_cracklib.sh index 478bae7..ce7ef3e 100755 --- a/bin/hardening/9.2.1_enable_cracklib.sh +++ b/bin/hardening/9.2.1_enable_cracklib.sh @@ -62,6 +62,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/9.2.2_enable_lockout_failed_password.sh b/bin/hardening/9.2.2_enable_lockout_failed_password.sh index 294f658..d72e4c8 100755 --- a/bin/hardening/9.2.2_enable_lockout_failed_password.sh +++ b/bin/hardening/9.2.2_enable_lockout_failed_password.sh @@ -62,6 +62,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/9.2.3_limit_password_reuse.sh b/bin/hardening/9.2.3_limit_password_reuse.sh index e813f39..4146a18 100755 --- a/bin/hardening/9.2.3_limit_password_reuse.sh +++ b/bin/hardening/9.2.3_limit_password_reuse.sh @@ -62,6 +62,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/9.3.10_disable_sshd_setenv.sh b/bin/hardening/9.3.10_disable_sshd_setenv.sh index 4f1cc3b..fad68cf 100755 --- a/bin/hardening/9.3.10_disable_sshd_setenv.sh +++ b/bin/hardening/9.3.10_disable_sshd_setenv.sh @@ -79,6 +79,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/9.3.11_sshd_ciphers.sh b/bin/hardening/9.3.11_sshd_ciphers.sh index 082e216..7d6540e 100755 --- a/bin/hardening/9.3.11_sshd_ciphers.sh +++ b/bin/hardening/9.3.11_sshd_ciphers.sh @@ -79,6 +79,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/9.3.12_sshd_idle_timeout.sh b/bin/hardening/9.3.12_sshd_idle_timeout.sh index c8476ce..b7b891d 100755 --- a/bin/hardening/9.3.12_sshd_idle_timeout.sh +++ b/bin/hardening/9.3.12_sshd_idle_timeout.sh @@ -82,6 +82,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/9.3.13_sshd_limit_access.sh b/bin/hardening/9.3.13_sshd_limit_access.sh index a38861c..28531be 100755 --- a/bin/hardening/9.3.13_sshd_limit_access.sh +++ b/bin/hardening/9.3.13_sshd_limit_access.sh @@ -96,6 +96,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/9.3.14_ssh_banner.sh b/bin/hardening/9.3.14_ssh_banner.sh index 5635c96..0ac086a 100755 --- a/bin/hardening/9.3.14_ssh_banner.sh +++ b/bin/hardening/9.3.14_ssh_banner.sh @@ -80,6 +80,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/9.3.1_sshd_protocol.sh b/bin/hardening/9.3.1_sshd_protocol.sh index fe37750..df6de4f 100755 --- a/bin/hardening/9.3.1_sshd_protocol.sh +++ b/bin/hardening/9.3.1_sshd_protocol.sh @@ -79,6 +79,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/9.3.2_sshd_loglevel.sh b/bin/hardening/9.3.2_sshd_loglevel.sh index c789c0f..b60ccd2 100755 --- a/bin/hardening/9.3.2_sshd_loglevel.sh +++ b/bin/hardening/9.3.2_sshd_loglevel.sh @@ -79,6 +79,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/9.3.3_sshd_conf_perm_ownership.sh b/bin/hardening/9.3.3_sshd_conf_perm_ownership.sh index 4022479..e715afc 100755 --- a/bin/hardening/9.3.3_sshd_conf_perm_ownership.sh +++ b/bin/hardening/9.3.3_sshd_conf_perm_ownership.sh @@ -77,6 +77,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/9.3.4_disable_x11_forwarding.sh b/bin/hardening/9.3.4_disable_x11_forwarding.sh index ad36ef7..cee73a2 100755 --- a/bin/hardening/9.3.4_disable_x11_forwarding.sh +++ b/bin/hardening/9.3.4_disable_x11_forwarding.sh @@ -79,6 +79,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/9.3.5_sshd_maxauthtries.sh b/bin/hardening/9.3.5_sshd_maxauthtries.sh index 7f61f2f..cb4b309 100755 --- a/bin/hardening/9.3.5_sshd_maxauthtries.sh +++ b/bin/hardening/9.3.5_sshd_maxauthtries.sh @@ -79,6 +79,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/9.3.6_enable_sshd_ignorerhosts.sh b/bin/hardening/9.3.6_enable_sshd_ignorerhosts.sh index fefd8fb..cc0f659 100755 --- a/bin/hardening/9.3.6_enable_sshd_ignorerhosts.sh +++ b/bin/hardening/9.3.6_enable_sshd_ignorerhosts.sh @@ -79,6 +79,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/9.3.7_disable_sshd_hostbasedauthentication.sh b/bin/hardening/9.3.7_disable_sshd_hostbasedauthentication.sh index d4df8d7..0f8f17c 100755 --- a/bin/hardening/9.3.7_disable_sshd_hostbasedauthentication.sh +++ b/bin/hardening/9.3.7_disable_sshd_hostbasedauthentication.sh @@ -79,6 +79,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/9.3.8_disable_root_login.sh b/bin/hardening/9.3.8_disable_root_login.sh index 79c0433..d524981 100755 --- a/bin/hardening/9.3.8_disable_root_login.sh +++ b/bin/hardening/9.3.8_disable_root_login.sh @@ -79,6 +79,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/9.3.9_disable_sshd_permitemptypasswords.sh b/bin/hardening/9.3.9_disable_sshd_permitemptypasswords.sh index 8674b60..5f3fbf1 100755 --- a/bin/hardening/9.3.9_disable_sshd_permitemptypasswords.sh +++ b/bin/hardening/9.3.9_disable_sshd_permitemptypasswords.sh @@ -79,6 +79,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/9.4_secure_tty.sh b/bin/hardening/9.4_secure_tty.sh index 1db29bd..6eafe24 100755 --- a/bin/hardening/9.4_secure_tty.sh +++ b/bin/hardening/9.4_secure_tty.sh @@ -38,6 +38,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/9.5_restrict_su.sh b/bin/hardening/9.5_restrict_su.sh index 7c192c7..ddeb580 100755 --- a/bin/hardening/9.5_restrict_su.sh +++ b/bin/hardening/9.5_restrict_su.sh @@ -62,6 +62,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/99.1_timeout_tty.sh b/bin/hardening/99.1_timeout_tty.sh index a1a35cd..2c1361d 100755 --- a/bin/hardening/99.1_timeout_tty.sh +++ b/bin/hardening/99.1_timeout_tty.sh @@ -55,6 +55,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/bin/hardening/99.2_disable_usb_devices.sh b/bin/hardening/99.2_disable_usb_devices.sh index 20f56a6..4a27a3d 100755 --- a/bin/hardening/99.2_disable_usb_devices.sh +++ b/bin/hardening/99.2_disable_usb_devices.sh @@ -64,6 +64,7 @@ else . /etc/default/cis-hardening if [ -z $CIS_ROOT_DIR ]; then echo "No CIS_ROOT_DIR variable, aborting" + exit 128 fi fi diff --git a/etc/conf.d/3.3_bootloader_password.cfg b/etc/conf.d/3.3_bootloader_password.cfg index 307f40e..acee522 100644 --- a/etc/conf.d/3.3_bootloader_password.cfg +++ b/etc/conf.d/3.3_bootloader_password.cfg @@ -1,19 +1,2 @@ # Configuration for script of same name status=disabled - -###### Grub configuration example : -#~ # id -#uid=0(root) gid=0(root) groups=0(root) -#~ # ls /etc/grub.d/01_users -l -#-rwxr-xr-x 1 root root 390 Apr 11 11:04 /etc/grub.d/01_users -# -# ~ # cat /etc/grub.d/01_users -##!/bin/sh -# -## Grub password file -# -#cat << EOF -#set superusers="osp" -#password FOR_GRUB # this is a drity hack for chmod 400 by grub-mkconfig -#password_pbkdf2 osp grub.pbkdf2.sha512.10000.28AC55867740A5F1820853347EEFE3CCC67D19540BE8ACCE5E354A18DDD8D4A48AACC5F9FCAE08593B05D0E131568456F02A44F1D01C7E194635CE664410F885.07A8B0B957098D4A13B6CE77A62431945A98DCF20313AFAC86346957E6F67827B252F3BF395D82E8C25036AA89AE6BA13F946523FB02F6C3A605B3B312658D6E -#EOF diff --git a/lib/common.sh b/lib/common.sh index 48e5d2a..7b1a4b2 100644 --- a/lib/common.sh +++ b/lib/common.sh @@ -9,7 +9,7 @@ backup_file() { crit "Cannot backup $FILE, it's not a file" FNRET=1 else - TARGET=$(echo $FILE | sed -s 's/\//./g' | sed -s 's/^.//' | sed -s "s/$/.$(date +%F-%T)/" ) + TARGET=$(echo $FILE | sed -s -e 's/\//./g' -e 's/^.//' -e "s/$/.$(date +%F-%H_%M_%S)/" ) TARGET="$BACKUPDIR/$TARGET" debug "Backuping $FILE to $TARGET" cp -a $FILE $TARGET