From cccc0881e9409ca57af7185203ee091e6450cf78 Mon Sep 17 00:00:00 2001 From: Thibault Ayanides Date: Mon, 23 Nov 2020 17:10:37 +0100 Subject: [PATCH] IMP(shellcheck): add run-shellcheck prefix --- bin/hardening.sh | 1 + bin/hardening/1.1.1.1_disable_freevxfs.sh | 1 + bin/hardening/1.1.1.2_disable_jffs2.sh | 1 + bin/hardening/1.1.1.3_disable_hfs.sh | 1 + bin/hardening/1.1.1.4_disable_hfsplus.sh | 1 + bin/hardening/1.1.1.5_disable_udf.sh | 1 + bin/hardening/1.1.1.6_disable_cramfs.sh | 1 + bin/hardening/1.1.1.7_disable_squashfs.sh | 1 + bin/hardening/1.1.10_var_tmp_noexec.sh | 1 + bin/hardening/1.1.11_var_log_partition.sh | 1 + bin/hardening/1.1.13_home_partition.sh | 1 + bin/hardening/1.1.14_home_nodev.sh | 1 + bin/hardening/1.1.18_removable_device_nodev.sh | 1 + bin/hardening/1.1.19_removable_device_nosuid.sh | 1 + bin/hardening/1.1.20_removable_device_noexec.sh | 1 + bin/hardening/1.1.21_sticky_bit_world_writable_folder.sh | 1 + bin/hardening/1.1.22_disable_automounting.sh | 1 + bin/hardening/1.1.2_tmp_partition.sh | 1 + bin/hardening/1.1.3_tmp_nodev.sh | 1 + bin/hardening/1.1.4_tmp_nosuid.sh | 1 + bin/hardening/1.1.5_tmp_noexec.sh | 1 + bin/hardening/1.1.6_var_partition.sh | 1 + bin/hardening/1.1.7_var_tmp_partition.sh | 1 + bin/hardening/1.1.8_var_tmp_nodev.sh | 1 + bin/hardening/1.1.9_var_tmp_nosuid.sh | 1 + bin/hardening/1.4.1_bootloader_ownership.sh | 1 + bin/hardening/1.4.2_bootloader_password.sh | 1 + bin/hardening/1.4.3_root_password.sh | 1 + bin/hardening/1.5.1_restrict_core_dumps.sh | 1 + bin/hardening/1.5.2_enable_nx_support.sh | 1 + bin/hardening/1.5.3_enable_randomized_vm_placement.sh | 1 + bin/hardening/1.5.4_disable_prelink.sh | 1 + bin/hardening/1.6.2.1_enable_apparmor.sh | 1 + bin/hardening/1.7.1.1_remove_os_info_motd.sh | 1 + bin/hardening/1.7.1.2_remove_os_info_issue.sh | 1 + bin/hardening/1.7.1.3_remove_os_info_issue_net.sh | 1 + bin/hardening/1.7.1.4_motd_perms.sh | 1 + bin/hardening/1.7.1.5_etc_issue_perms.sh | 1 + bin/hardening/1.7.1.6_etc_issue_net_perms.sh | 1 + bin/hardening/1.7.2_graphical_warning_banners.sh | 1 + bin/hardening/1.8_install_updates.sh | 1 + bin/hardening/2.1.1_disable_xinetd.sh | 1 + bin/hardening/2.1.2_disable_bsd_inetd.sh | 1 + bin/hardening/2.2.1.1_use_time_sync.sh | 1 + bin/hardening/2.2.1.2_configure_ntp.sh | 1 + bin/hardening/2.2.1.3_configure_chrony.sh | 1 + bin/hardening/2.2.10_disable_http_server.sh | 1 + bin/hardening/2.2.11_disable_imap_pop.sh | 1 + bin/hardening/2.2.12_disable_samba.sh | 1 + bin/hardening/2.2.13_disable_http_proxy.sh | 1 + bin/hardening/2.2.14_disable_snmp_server.sh | 1 + bin/hardening/2.2.15_mta_localhost.sh | 1 + bin/hardening/2.2.16_disable_rsync.sh | 1 + bin/hardening/2.2.18_disable_telnet_server.sh | 1 + bin/hardening/2.2.2_disable_xwindow_system.sh | 1 + bin/hardening/2.2.3_disable_avahi_server.sh | 1 + bin/hardening/2.2.4_disable_print_server.sh | 1 + bin/hardening/2.2.5_disable_dhcp.sh | 1 + bin/hardening/2.2.6_disable_ldap.sh | 1 + bin/hardening/2.2.7_disable_nfs_rpc.sh | 1 + bin/hardening/2.2.8_disable_dns_server.sh | 1 + bin/hardening/2.2.9_disable_ftp.sh | 1 + bin/hardening/2.3.1_disable_nis.sh | 1 + bin/hardening/2.3.2_disable_rsh_client.sh | 1 + bin/hardening/2.3.3_disable_talk_client.sh | 1 + bin/hardening/2.3.4_disable_telnet_client.sh | 1 + bin/hardening/2.3.5_disable_ldap_client.sh | 1 + bin/hardening/3.1.1_disable_ip_forwarding.sh | 2 ++ bin/hardening/3.1.2_disable_send_packet_redirects.sh | 1 + bin/hardening/3.2.1_disable_source_routed_packets.sh | 1 + bin/hardening/3.2.2_disable_icmp_redirect.sh | 1 + bin/hardening/3.2.3_disable_secure_icmp_redirect.sh | 1 + bin/hardening/3.2.4_log_martian_packets.sh | 1 + bin/hardening/3.2.5_ignore_broadcast_requests.sh | 1 + bin/hardening/3.2.6_enable_bad_error_message_protection.sh | 1 + bin/hardening/3.2.7_enable_source_route_validation.sh | 1 + bin/hardening/3.2.8_enable_tcp_syn_cookies.sh | 1 + bin/hardening/3.2.9_disable_ipv6_router_advertisement.sh | 1 + bin/hardening/3.3.1_install_tcp_wrapper.sh | 1 + bin/hardening/3.3.2_hosts_allow.sh | 1 + bin/hardening/3.3.3_hosts_deny.sh | 1 + bin/hardening/3.3.4_hosts_allow_permissions.sh | 1 + bin/hardening/3.3.5_hosts_deny_permissions.sh | 1 + bin/hardening/3.4.1_disable_dccp.sh | 1 + bin/hardening/3.4.2_disable_sctp.sh | 1 + bin/hardening/3.4.3_disable_rds.sh | 1 + bin/hardening/3.4.4_disable_tipc.sh | 1 + bin/hardening/3.5.1.1_net_fw_default_policy_drop.sh | 1 + bin/hardening/3.5_enable_firewall.sh | 1 + bin/hardening/3.6_disable_wireless.sh | 1 + bin/hardening/3.7_disable_ipv6.sh | 1 + bin/hardening/4.1.1.1_audit_log_storage.sh | 1 + bin/hardening/4.1.1.2_halt_when_audit_log_full.sh | 1 + bin/hardening/4.1.1.3_keep_all_audit_logs.sh | 1 + bin/hardening/4.1.10_record_dac_edit.sh | 1 + bin/hardening/4.1.11_record_failed_access_file.sh | 1 + bin/hardening/4.1.12_record_privileged_commands.sh | 1 + bin/hardening/4.1.13_record_successful_mount.sh | 1 + bin/hardening/4.1.14_record_file_deletions.sh | 1 + bin/hardening/4.1.15_record_sudoers_edit.sh | 1 + bin/hardening/4.1.16_record_sudo_usage.sh | 1 + bin/hardening/4.1.17_record_kernel_modules.sh | 1 + bin/hardening/4.1.18_freeze_auditd_conf.sh | 1 + bin/hardening/4.1.2_enable_auditd.sh | 1 + bin/hardening/4.1.3_audit_bootloader.sh | 1 + bin/hardening/4.1.4_record_date_time_edit.sh | 1 + bin/hardening/4.1.5_record_user_group_edit.sh | 1 + bin/hardening/4.1.6_record_network_edit.sh | 1 + bin/hardening/4.1.7_record_mac_edit.sh | 1 + bin/hardening/4.1.8_record_login_logout.sh | 1 + bin/hardening/4.1.9_record_session_init.sh | 1 + bin/hardening/4.2.2.1_enable_syslog-ng.sh | 1 + bin/hardening/4.2.2.2_configure_syslog-ng.sh | 1 + bin/hardening/4.2.2.3_syslog_ng_logfiles_perm.sh | 1 + bin/hardening/4.2.2.4_syslog-ng_remote_host.sh | 1 + bin/hardening/4.2.2.5_remote_syslog-ng_acl.sh | 1 + bin/hardening/4.2.3_install_syslog-ng.sh | 1 + bin/hardening/4.2.4_logs_permissions.sh | 1 + bin/hardening/5.1.1_enable_cron.sh | 1 + bin/hardening/5.1.2_crontab_perm_ownership.sh | 1 + bin/hardening/5.1.3_cron_hourly_perm_ownership.sh | 1 + bin/hardening/5.1.4_cron_daily_perm_ownership.sh | 1 + bin/hardening/5.1.5_cron_weekly_perm_ownership.sh | 1 + bin/hardening/5.1.6_cron_monthly_perm_ownership.sh | 1 + bin/hardening/5.1.7_cron_d_perm_ownership.sh | 1 + bin/hardening/5.1.8_cron_users.sh | 1 + bin/hardening/5.2.10_disable_root_login.sh | 1 + bin/hardening/5.2.11_disable_sshd_permitemptypasswords.sh | 1 + bin/hardening/5.2.12_disable_sshd_setenv.sh | 1 + bin/hardening/5.2.13_sshd_ciphers.sh | 1 + bin/hardening/5.2.14_ssh_cry_mac.sh | 2 +- bin/hardening/5.2.15_ssh_cry_kex.sh | 2 +- bin/hardening/5.2.16_sshd_idle_timeout.sh | 1 + bin/hardening/5.2.17_sshd_login_grace_time.sh | 1 + bin/hardening/5.2.18_sshd_limit_access.sh | 1 + bin/hardening/5.2.19_ssh_banner.sh | 1 + bin/hardening/5.2.1_sshd_conf_perm_ownership.sh | 1 + bin/hardening/5.2.2_ssh_host_private_keys_perm_ownership.sh | 1 + bin/hardening/5.2.3_ssh_host_public_keys_perm_ownership.sh | 1 + bin/hardening/5.2.4_sshd_protocol.sh | 1 + bin/hardening/5.2.6_disable_x11_forwarding.sh | 1 + bin/hardening/5.2.7_sshd_maxauthtries.sh | 1 + bin/hardening/5.2.8_enable_sshd_ignorerhosts.sh | 1 + bin/hardening/5.2.9_disable_sshd_hostbasedauthentication.sh | 1 + bin/hardening/5.3.1_enable_pwquality.sh | 1 + bin/hardening/5.3.2_enable_lockout_failed_password.sh | 1 + bin/hardening/5.3.3_limit_password_reuse.sh | 1 + bin/hardening/5.3.4_acc_pam_sha512.sh | 1 + bin/hardening/5.4.1.1_set_password_exp_days.sh | 1 + bin/hardening/5.4.1.2_set_password_min_days_change.sh | 1 + bin/hardening/5.4.1.3_set_password_exp_warning_days.sh | 1 + bin/hardening/5.4.1.4_lock_inactive_user_account.sh | 1 + bin/hardening/5.4.2_disable_system_accounts.sh | 1 + bin/hardening/5.4.3_default_root_group.sh | 1 + bin/hardening/5.4.4_default_umask.sh | 1 + bin/hardening/5.5_secure_tty.sh | 1 + bin/hardening/5.6_restrict_su.sh | 1 + bin/hardening/6.1.10_find_world_writable_file.sh | 1 + bin/hardening/6.1.11_find_unowned_files.sh | 1 + bin/hardening/6.1.12_find_ungrouped_files.sh | 1 + bin/hardening/6.1.13_find_suid_files.sh | 1 + bin/hardening/6.1.14_find_sgid_files.sh | 1 + bin/hardening/6.1.5_etc_passwd_permissions.sh | 1 + bin/hardening/6.1.6_etc_shadow_permissions.sh | 1 + bin/hardening/6.1.7_etc_group_permissions.sh | 1 + bin/hardening/6.2.10_check_user_dot_file_perm.sh | 1 + bin/hardening/6.2.11_find_user_forward_files.sh | 1 + bin/hardening/6.2.12_find_user_netrc_files.sh | 1 + bin/hardening/6.2.13_set_perm_on_user_netrc.sh | 1 + bin/hardening/6.2.14_find_user_rhosts_files.sh | 1 + bin/hardening/6.2.15_find_passwd_group_inconsistencies.sh | 1 + bin/hardening/6.2.16_check_duplicate_uid.sh | 1 + bin/hardening/6.2.17_check_duplicate_gid.sh | 1 + bin/hardening/6.2.18_check_duplicate_username.sh | 1 + bin/hardening/6.2.19_check_duplicate_groupname.sh | 1 + bin/hardening/6.2.1_remove_empty_password_field.sh | 1 + bin/hardening/6.2.20_shadow_group_empty.sh | 1 + bin/hardening/6.2.2_remove_legacy_passwd_entries.sh | 1 + bin/hardening/6.2.3_remove_legacy_shadow_entries.sh | 1 + bin/hardening/6.2.4_remove_legacy_group_entries.sh | 1 + bin/hardening/6.2.5_find_0_uid_non_root_account.sh | 1 + bin/hardening/6.2.6_sanitize_root_path.sh | 1 + bin/hardening/6.2.7_users_valid_homedir.sh | 1 + bin/hardening/6.2.8_check_user_dir_perm.sh | 1 + bin/hardening/6.2.9_users_valid_homedir.sh | 1 + bin/hardening/8.0_enable_auditd_kernel.sh | 1 + bin/hardening/8.3.1_install_tripwire.sh | 1 + bin/hardening/99.1_timeout_tty.sh | 1 + bin/hardening/99.2_disable_usb_devices.sh | 1 + bin/hardening/99.3.1_acc_shadow_sha512.sh | 1 + bin/hardening/99.3.2_acc_sudoers_no_all.sh | 1 + bin/hardening/99.3.4_acc_logindefs_sha512.sh | 1 + bin/hardening/99.5.1_ssh_auth_pubk_only.sh | 2 +- bin/hardening/99.5.2.3_ssh_cry_rekey.sh | 1 + bin/hardening/99.5.3_ssh_disable_features.sh | 2 +- bin/hardening/99.5.4_ssh_keys_from.sh | 2 +- bin/hardening/99.5.5_ssh_strict_modes.sh | 2 +- bin/hardening/99.5.6_ssh_sys_accept_env.sh | 2 +- bin/hardening/99.5.7_ssh_sys_no_legacy.sh | 2 +- bin/hardening/99.5.8_ssh_sys_sandbox.sh | 2 +- bin/hardening/99.5.9_ssh_loglevel.sh | 2 +- lib/common.sh | 1 + lib/constants.sh | 1 + lib/main.sh | 2 ++ lib/utils.sh | 2 ++ src/skel | 1 + 206 files changed, 209 insertions(+), 10 deletions(-) diff --git a/bin/hardening.sh b/bin/hardening.sh index adf0d9f..bd26917 100755 --- a/bin/hardening.sh +++ b/bin/hardening.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # Authors : Thibault Dewailly, OVH diff --git a/bin/hardening/1.1.1.1_disable_freevxfs.sh b/bin/hardening/1.1.1.1_disable_freevxfs.sh index 224d74d..de18e20 100755 --- a/bin/hardening/1.1.1.1_disable_freevxfs.sh +++ b/bin/hardening/1.1.1.1_disable_freevxfs.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/1.1.1.2_disable_jffs2.sh b/bin/hardening/1.1.1.2_disable_jffs2.sh index bf0b7ce..3d90207 100755 --- a/bin/hardening/1.1.1.2_disable_jffs2.sh +++ b/bin/hardening/1.1.1.2_disable_jffs2.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/1.1.1.3_disable_hfs.sh b/bin/hardening/1.1.1.3_disable_hfs.sh index 11a70ab..202f318 100755 --- a/bin/hardening/1.1.1.3_disable_hfs.sh +++ b/bin/hardening/1.1.1.3_disable_hfs.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/1.1.1.4_disable_hfsplus.sh b/bin/hardening/1.1.1.4_disable_hfsplus.sh index e2629b8..e6c3eb1 100755 --- a/bin/hardening/1.1.1.4_disable_hfsplus.sh +++ b/bin/hardening/1.1.1.4_disable_hfsplus.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/1.1.1.5_disable_udf.sh b/bin/hardening/1.1.1.5_disable_udf.sh index 06098f2..4b4d5cb 100755 --- a/bin/hardening/1.1.1.5_disable_udf.sh +++ b/bin/hardening/1.1.1.5_disable_udf.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/1.1.1.6_disable_cramfs.sh b/bin/hardening/1.1.1.6_disable_cramfs.sh index b1bc50a..9152d9e 100755 --- a/bin/hardening/1.1.1.6_disable_cramfs.sh +++ b/bin/hardening/1.1.1.6_disable_cramfs.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/1.1.1.7_disable_squashfs.sh b/bin/hardening/1.1.1.7_disable_squashfs.sh index 7483a7c..1e9438b 100755 --- a/bin/hardening/1.1.1.7_disable_squashfs.sh +++ b/bin/hardening/1.1.1.7_disable_squashfs.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/1.1.10_var_tmp_noexec.sh b/bin/hardening/1.1.10_var_tmp_noexec.sh index 510304b..fe6fbfa 100755 --- a/bin/hardening/1.1.10_var_tmp_noexec.sh +++ b/bin/hardening/1.1.10_var_tmp_noexec.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/1.1.11_var_log_partition.sh b/bin/hardening/1.1.11_var_log_partition.sh index b9d27e0..96967d9 100755 --- a/bin/hardening/1.1.11_var_log_partition.sh +++ b/bin/hardening/1.1.11_var_log_partition.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/1.1.13_home_partition.sh b/bin/hardening/1.1.13_home_partition.sh index 78c038f..5464bd2 100755 --- a/bin/hardening/1.1.13_home_partition.sh +++ b/bin/hardening/1.1.13_home_partition.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/1.1.14_home_nodev.sh b/bin/hardening/1.1.14_home_nodev.sh index da4848c..1b5119b 100755 --- a/bin/hardening/1.1.14_home_nodev.sh +++ b/bin/hardening/1.1.14_home_nodev.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/1.1.18_removable_device_nodev.sh b/bin/hardening/1.1.18_removable_device_nodev.sh index 83692b6..ba17a6c 100755 --- a/bin/hardening/1.1.18_removable_device_nodev.sh +++ b/bin/hardening/1.1.18_removable_device_nodev.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/1.1.19_removable_device_nosuid.sh b/bin/hardening/1.1.19_removable_device_nosuid.sh index fd2bb4e..1136a9a 100755 --- a/bin/hardening/1.1.19_removable_device_nosuid.sh +++ b/bin/hardening/1.1.19_removable_device_nosuid.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/1.1.20_removable_device_noexec.sh b/bin/hardening/1.1.20_removable_device_noexec.sh index 922ec9a..858a5ec 100755 --- a/bin/hardening/1.1.20_removable_device_noexec.sh +++ b/bin/hardening/1.1.20_removable_device_noexec.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/1.1.21_sticky_bit_world_writable_folder.sh b/bin/hardening/1.1.21_sticky_bit_world_writable_folder.sh index 1817ff8..31ef92f 100755 --- a/bin/hardening/1.1.21_sticky_bit_world_writable_folder.sh +++ b/bin/hardening/1.1.21_sticky_bit_world_writable_folder.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/1.1.22_disable_automounting.sh b/bin/hardening/1.1.22_disable_automounting.sh index 5ddca14..b9b77d5 100755 --- a/bin/hardening/1.1.22_disable_automounting.sh +++ b/bin/hardening/1.1.22_disable_automounting.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/1.1.2_tmp_partition.sh b/bin/hardening/1.1.2_tmp_partition.sh index 800e987..9959593 100755 --- a/bin/hardening/1.1.2_tmp_partition.sh +++ b/bin/hardening/1.1.2_tmp_partition.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/1.1.3_tmp_nodev.sh b/bin/hardening/1.1.3_tmp_nodev.sh index ddb43df..d00f638 100755 --- a/bin/hardening/1.1.3_tmp_nodev.sh +++ b/bin/hardening/1.1.3_tmp_nodev.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/1.1.4_tmp_nosuid.sh b/bin/hardening/1.1.4_tmp_nosuid.sh index 5c2703e..feb6130 100755 --- a/bin/hardening/1.1.4_tmp_nosuid.sh +++ b/bin/hardening/1.1.4_tmp_nosuid.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/1.1.5_tmp_noexec.sh b/bin/hardening/1.1.5_tmp_noexec.sh index 5591b11..500bdd9 100755 --- a/bin/hardening/1.1.5_tmp_noexec.sh +++ b/bin/hardening/1.1.5_tmp_noexec.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/1.1.6_var_partition.sh b/bin/hardening/1.1.6_var_partition.sh index e2c20d0..150b32b 100755 --- a/bin/hardening/1.1.6_var_partition.sh +++ b/bin/hardening/1.1.6_var_partition.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/1.1.7_var_tmp_partition.sh b/bin/hardening/1.1.7_var_tmp_partition.sh index c82e867..0940bdf 100755 --- a/bin/hardening/1.1.7_var_tmp_partition.sh +++ b/bin/hardening/1.1.7_var_tmp_partition.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/1.1.8_var_tmp_nodev.sh b/bin/hardening/1.1.8_var_tmp_nodev.sh index 2f465b9..6e91036 100755 --- a/bin/hardening/1.1.8_var_tmp_nodev.sh +++ b/bin/hardening/1.1.8_var_tmp_nodev.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/1.1.9_var_tmp_nosuid.sh b/bin/hardening/1.1.9_var_tmp_nosuid.sh index 050bf8d..07ea3c0 100755 --- a/bin/hardening/1.1.9_var_tmp_nosuid.sh +++ b/bin/hardening/1.1.9_var_tmp_nosuid.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/1.4.1_bootloader_ownership.sh b/bin/hardening/1.4.1_bootloader_ownership.sh index d0135d5..6c411ba 100755 --- a/bin/hardening/1.4.1_bootloader_ownership.sh +++ b/bin/hardening/1.4.1_bootloader_ownership.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/1.4.2_bootloader_password.sh b/bin/hardening/1.4.2_bootloader_password.sh index 60d72ec..e50be9d 100755 --- a/bin/hardening/1.4.2_bootloader_password.sh +++ b/bin/hardening/1.4.2_bootloader_password.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/1.4.3_root_password.sh b/bin/hardening/1.4.3_root_password.sh index 6220703..124a737 100755 --- a/bin/hardening/1.4.3_root_password.sh +++ b/bin/hardening/1.4.3_root_password.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/1.5.1_restrict_core_dumps.sh b/bin/hardening/1.5.1_restrict_core_dumps.sh index 8fa7a07..cb48c60 100755 --- a/bin/hardening/1.5.1_restrict_core_dumps.sh +++ b/bin/hardening/1.5.1_restrict_core_dumps.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/1.5.2_enable_nx_support.sh b/bin/hardening/1.5.2_enable_nx_support.sh index 576f417..bfe7b8d 100755 --- a/bin/hardening/1.5.2_enable_nx_support.sh +++ b/bin/hardening/1.5.2_enable_nx_support.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/1.5.3_enable_randomized_vm_placement.sh b/bin/hardening/1.5.3_enable_randomized_vm_placement.sh index d45358a..1a9e217 100755 --- a/bin/hardening/1.5.3_enable_randomized_vm_placement.sh +++ b/bin/hardening/1.5.3_enable_randomized_vm_placement.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/1.5.4_disable_prelink.sh b/bin/hardening/1.5.4_disable_prelink.sh index 7a4131a..f157e5a 100755 --- a/bin/hardening/1.5.4_disable_prelink.sh +++ b/bin/hardening/1.5.4_disable_prelink.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/1.6.2.1_enable_apparmor.sh b/bin/hardening/1.6.2.1_enable_apparmor.sh index a468130..46a5b59 100755 --- a/bin/hardening/1.6.2.1_enable_apparmor.sh +++ b/bin/hardening/1.6.2.1_enable_apparmor.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/1.7.1.1_remove_os_info_motd.sh b/bin/hardening/1.7.1.1_remove_os_info_motd.sh index 5de063d..c3c793a 100755 --- a/bin/hardening/1.7.1.1_remove_os_info_motd.sh +++ b/bin/hardening/1.7.1.1_remove_os_info_motd.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/1.7.1.2_remove_os_info_issue.sh b/bin/hardening/1.7.1.2_remove_os_info_issue.sh index c39760a..90dc08c 100755 --- a/bin/hardening/1.7.1.2_remove_os_info_issue.sh +++ b/bin/hardening/1.7.1.2_remove_os_info_issue.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/1.7.1.3_remove_os_info_issue_net.sh b/bin/hardening/1.7.1.3_remove_os_info_issue_net.sh index 832573e..bf3e229 100755 --- a/bin/hardening/1.7.1.3_remove_os_info_issue_net.sh +++ b/bin/hardening/1.7.1.3_remove_os_info_issue_net.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/1.7.1.4_motd_perms.sh b/bin/hardening/1.7.1.4_motd_perms.sh index b8957ce..1e95fce 100755 --- a/bin/hardening/1.7.1.4_motd_perms.sh +++ b/bin/hardening/1.7.1.4_motd_perms.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/1.7.1.5_etc_issue_perms.sh b/bin/hardening/1.7.1.5_etc_issue_perms.sh index 2c4d7a5..5b855e9 100755 --- a/bin/hardening/1.7.1.5_etc_issue_perms.sh +++ b/bin/hardening/1.7.1.5_etc_issue_perms.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/1.7.1.6_etc_issue_net_perms.sh b/bin/hardening/1.7.1.6_etc_issue_net_perms.sh index 251a746..c6145dc 100755 --- a/bin/hardening/1.7.1.6_etc_issue_net_perms.sh +++ b/bin/hardening/1.7.1.6_etc_issue_net_perms.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/1.7.2_graphical_warning_banners.sh b/bin/hardening/1.7.2_graphical_warning_banners.sh index 779f3df..01d8519 100755 --- a/bin/hardening/1.7.2_graphical_warning_banners.sh +++ b/bin/hardening/1.7.2_graphical_warning_banners.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/1.8_install_updates.sh b/bin/hardening/1.8_install_updates.sh index 830ec96..c157e4f 100755 --- a/bin/hardening/1.8_install_updates.sh +++ b/bin/hardening/1.8_install_updates.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/2.1.1_disable_xinetd.sh b/bin/hardening/2.1.1_disable_xinetd.sh index 5965f5c..486facf 100755 --- a/bin/hardening/2.1.1_disable_xinetd.sh +++ b/bin/hardening/2.1.1_disable_xinetd.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/2.1.2_disable_bsd_inetd.sh b/bin/hardening/2.1.2_disable_bsd_inetd.sh index bb6b087..fc2273b 100755 --- a/bin/hardening/2.1.2_disable_bsd_inetd.sh +++ b/bin/hardening/2.1.2_disable_bsd_inetd.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/2.2.1.1_use_time_sync.sh b/bin/hardening/2.2.1.1_use_time_sync.sh index 9c29af7..bbc9bad 100755 --- a/bin/hardening/2.2.1.1_use_time_sync.sh +++ b/bin/hardening/2.2.1.1_use_time_sync.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/2.2.1.2_configure_ntp.sh b/bin/hardening/2.2.1.2_configure_ntp.sh index 4932b6d..6a288ab 100755 --- a/bin/hardening/2.2.1.2_configure_ntp.sh +++ b/bin/hardening/2.2.1.2_configure_ntp.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/2.2.1.3_configure_chrony.sh b/bin/hardening/2.2.1.3_configure_chrony.sh index 1ba8114..1159c48 100755 --- a/bin/hardening/2.2.1.3_configure_chrony.sh +++ b/bin/hardening/2.2.1.3_configure_chrony.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/2.2.10_disable_http_server.sh b/bin/hardening/2.2.10_disable_http_server.sh index 43f7e13..106e67c 100755 --- a/bin/hardening/2.2.10_disable_http_server.sh +++ b/bin/hardening/2.2.10_disable_http_server.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/2.2.11_disable_imap_pop.sh b/bin/hardening/2.2.11_disable_imap_pop.sh index 21b1848..af67d6c 100755 --- a/bin/hardening/2.2.11_disable_imap_pop.sh +++ b/bin/hardening/2.2.11_disable_imap_pop.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/2.2.12_disable_samba.sh b/bin/hardening/2.2.12_disable_samba.sh index 13547ed..442c9ec 100755 --- a/bin/hardening/2.2.12_disable_samba.sh +++ b/bin/hardening/2.2.12_disable_samba.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/2.2.13_disable_http_proxy.sh b/bin/hardening/2.2.13_disable_http_proxy.sh index 860be40..25c9da7 100755 --- a/bin/hardening/2.2.13_disable_http_proxy.sh +++ b/bin/hardening/2.2.13_disable_http_proxy.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/2.2.14_disable_snmp_server.sh b/bin/hardening/2.2.14_disable_snmp_server.sh index 08f7285..e28305f 100755 --- a/bin/hardening/2.2.14_disable_snmp_server.sh +++ b/bin/hardening/2.2.14_disable_snmp_server.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/2.2.15_mta_localhost.sh b/bin/hardening/2.2.15_mta_localhost.sh index b03d49b..63f253a 100755 --- a/bin/hardening/2.2.15_mta_localhost.sh +++ b/bin/hardening/2.2.15_mta_localhost.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/2.2.16_disable_rsync.sh b/bin/hardening/2.2.16_disable_rsync.sh index 1df5884..0185f16 100755 --- a/bin/hardening/2.2.16_disable_rsync.sh +++ b/bin/hardening/2.2.16_disable_rsync.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/2.2.18_disable_telnet_server.sh b/bin/hardening/2.2.18_disable_telnet_server.sh index 4754490..d09a116 100755 --- a/bin/hardening/2.2.18_disable_telnet_server.sh +++ b/bin/hardening/2.2.18_disable_telnet_server.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # Legacy CIS Debian Hardening # diff --git a/bin/hardening/2.2.2_disable_xwindow_system.sh b/bin/hardening/2.2.2_disable_xwindow_system.sh index a078b51..f60bb90 100755 --- a/bin/hardening/2.2.2_disable_xwindow_system.sh +++ b/bin/hardening/2.2.2_disable_xwindow_system.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/2.2.3_disable_avahi_server.sh b/bin/hardening/2.2.3_disable_avahi_server.sh index 1ef6560..706c1f0 100755 --- a/bin/hardening/2.2.3_disable_avahi_server.sh +++ b/bin/hardening/2.2.3_disable_avahi_server.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/2.2.4_disable_print_server.sh b/bin/hardening/2.2.4_disable_print_server.sh index 233833b..d08efe1 100755 --- a/bin/hardening/2.2.4_disable_print_server.sh +++ b/bin/hardening/2.2.4_disable_print_server.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/2.2.5_disable_dhcp.sh b/bin/hardening/2.2.5_disable_dhcp.sh index 97530df..7422e04 100755 --- a/bin/hardening/2.2.5_disable_dhcp.sh +++ b/bin/hardening/2.2.5_disable_dhcp.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/2.2.6_disable_ldap.sh b/bin/hardening/2.2.6_disable_ldap.sh index 53d3f80..2359ef4 100755 --- a/bin/hardening/2.2.6_disable_ldap.sh +++ b/bin/hardening/2.2.6_disable_ldap.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/2.2.7_disable_nfs_rpc.sh b/bin/hardening/2.2.7_disable_nfs_rpc.sh index b74da3a..e83ae25 100755 --- a/bin/hardening/2.2.7_disable_nfs_rpc.sh +++ b/bin/hardening/2.2.7_disable_nfs_rpc.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/2.2.8_disable_dns_server.sh b/bin/hardening/2.2.8_disable_dns_server.sh index b8a4247..d767d7f 100755 --- a/bin/hardening/2.2.8_disable_dns_server.sh +++ b/bin/hardening/2.2.8_disable_dns_server.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/2.2.9_disable_ftp.sh b/bin/hardening/2.2.9_disable_ftp.sh index 3863582..5c836ce 100755 --- a/bin/hardening/2.2.9_disable_ftp.sh +++ b/bin/hardening/2.2.9_disable_ftp.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/2.3.1_disable_nis.sh b/bin/hardening/2.3.1_disable_nis.sh index 53ba5fd..2376e36 100755 --- a/bin/hardening/2.3.1_disable_nis.sh +++ b/bin/hardening/2.3.1_disable_nis.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/2.3.2_disable_rsh_client.sh b/bin/hardening/2.3.2_disable_rsh_client.sh index b4bf677..04300a6 100755 --- a/bin/hardening/2.3.2_disable_rsh_client.sh +++ b/bin/hardening/2.3.2_disable_rsh_client.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/2.3.3_disable_talk_client.sh b/bin/hardening/2.3.3_disable_talk_client.sh index 427eccb..8043c05 100755 --- a/bin/hardening/2.3.3_disable_talk_client.sh +++ b/bin/hardening/2.3.3_disable_talk_client.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/2.3.4_disable_telnet_client.sh b/bin/hardening/2.3.4_disable_telnet_client.sh index 3021361..386ee89 100755 --- a/bin/hardening/2.3.4_disable_telnet_client.sh +++ b/bin/hardening/2.3.4_disable_telnet_client.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/2.3.5_disable_ldap_client.sh b/bin/hardening/2.3.5_disable_ldap_client.sh index df2fb9a..0832b29 100755 --- a/bin/hardening/2.3.5_disable_ldap_client.sh +++ b/bin/hardening/2.3.5_disable_ldap_client.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/3.1.1_disable_ip_forwarding.sh b/bin/hardening/3.1.1_disable_ip_forwarding.sh index 2b884a5..8aa9cf0 100755 --- a/bin/hardening/3.1.1_disable_ip_forwarding.sh +++ b/bin/hardening/3.1.1_disable_ip_forwarding.sh @@ -1,5 +1,7 @@ #!/bin/bash + +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/3.1.2_disable_send_packet_redirects.sh b/bin/hardening/3.1.2_disable_send_packet_redirects.sh index 460bcec..7a0caae 100755 --- a/bin/hardening/3.1.2_disable_send_packet_redirects.sh +++ b/bin/hardening/3.1.2_disable_send_packet_redirects.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/3.2.1_disable_source_routed_packets.sh b/bin/hardening/3.2.1_disable_source_routed_packets.sh index 095d327..3ef2143 100755 --- a/bin/hardening/3.2.1_disable_source_routed_packets.sh +++ b/bin/hardening/3.2.1_disable_source_routed_packets.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/3.2.2_disable_icmp_redirect.sh b/bin/hardening/3.2.2_disable_icmp_redirect.sh index b31d41c..35a83ca 100755 --- a/bin/hardening/3.2.2_disable_icmp_redirect.sh +++ b/bin/hardening/3.2.2_disable_icmp_redirect.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/3.2.3_disable_secure_icmp_redirect.sh b/bin/hardening/3.2.3_disable_secure_icmp_redirect.sh index f8981d5..148368f 100755 --- a/bin/hardening/3.2.3_disable_secure_icmp_redirect.sh +++ b/bin/hardening/3.2.3_disable_secure_icmp_redirect.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/3.2.4_log_martian_packets.sh b/bin/hardening/3.2.4_log_martian_packets.sh index 4a14337..66a2983 100755 --- a/bin/hardening/3.2.4_log_martian_packets.sh +++ b/bin/hardening/3.2.4_log_martian_packets.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/3.2.5_ignore_broadcast_requests.sh b/bin/hardening/3.2.5_ignore_broadcast_requests.sh index 8f2cae2..b340851 100755 --- a/bin/hardening/3.2.5_ignore_broadcast_requests.sh +++ b/bin/hardening/3.2.5_ignore_broadcast_requests.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/3.2.6_enable_bad_error_message_protection.sh b/bin/hardening/3.2.6_enable_bad_error_message_protection.sh index 0be1c5f..d13d48b 100755 --- a/bin/hardening/3.2.6_enable_bad_error_message_protection.sh +++ b/bin/hardening/3.2.6_enable_bad_error_message_protection.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/3.2.7_enable_source_route_validation.sh b/bin/hardening/3.2.7_enable_source_route_validation.sh index fbd41e1..1a967f5 100755 --- a/bin/hardening/3.2.7_enable_source_route_validation.sh +++ b/bin/hardening/3.2.7_enable_source_route_validation.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/3.2.8_enable_tcp_syn_cookies.sh b/bin/hardening/3.2.8_enable_tcp_syn_cookies.sh index d4a5820..b544bc7 100755 --- a/bin/hardening/3.2.8_enable_tcp_syn_cookies.sh +++ b/bin/hardening/3.2.8_enable_tcp_syn_cookies.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/3.2.9_disable_ipv6_router_advertisement.sh b/bin/hardening/3.2.9_disable_ipv6_router_advertisement.sh index b93d276..a762180 100755 --- a/bin/hardening/3.2.9_disable_ipv6_router_advertisement.sh +++ b/bin/hardening/3.2.9_disable_ipv6_router_advertisement.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/3.3.1_install_tcp_wrapper.sh b/bin/hardening/3.3.1_install_tcp_wrapper.sh index 83715d9..f6c599b 100755 --- a/bin/hardening/3.3.1_install_tcp_wrapper.sh +++ b/bin/hardening/3.3.1_install_tcp_wrapper.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/3.3.2_hosts_allow.sh b/bin/hardening/3.3.2_hosts_allow.sh index 9291c75..625c36e 100755 --- a/bin/hardening/3.3.2_hosts_allow.sh +++ b/bin/hardening/3.3.2_hosts_allow.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/3.3.3_hosts_deny.sh b/bin/hardening/3.3.3_hosts_deny.sh index 40c64e2..5945335 100755 --- a/bin/hardening/3.3.3_hosts_deny.sh +++ b/bin/hardening/3.3.3_hosts_deny.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/3.3.4_hosts_allow_permissions.sh b/bin/hardening/3.3.4_hosts_allow_permissions.sh index 8924613..1595432 100755 --- a/bin/hardening/3.3.4_hosts_allow_permissions.sh +++ b/bin/hardening/3.3.4_hosts_allow_permissions.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/3.3.5_hosts_deny_permissions.sh b/bin/hardening/3.3.5_hosts_deny_permissions.sh index acedc1e..4c2fd35 100755 --- a/bin/hardening/3.3.5_hosts_deny_permissions.sh +++ b/bin/hardening/3.3.5_hosts_deny_permissions.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/3.4.1_disable_dccp.sh b/bin/hardening/3.4.1_disable_dccp.sh index f50a436..6c2e796 100755 --- a/bin/hardening/3.4.1_disable_dccp.sh +++ b/bin/hardening/3.4.1_disable_dccp.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/3.4.2_disable_sctp.sh b/bin/hardening/3.4.2_disable_sctp.sh index a1cb3c8..d3c99d0 100755 --- a/bin/hardening/3.4.2_disable_sctp.sh +++ b/bin/hardening/3.4.2_disable_sctp.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/3.4.3_disable_rds.sh b/bin/hardening/3.4.3_disable_rds.sh index 76fca6d..6123984 100755 --- a/bin/hardening/3.4.3_disable_rds.sh +++ b/bin/hardening/3.4.3_disable_rds.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/3.4.4_disable_tipc.sh b/bin/hardening/3.4.4_disable_tipc.sh index 471483a..6243da9 100755 --- a/bin/hardening/3.4.4_disable_tipc.sh +++ b/bin/hardening/3.4.4_disable_tipc.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/3.5.1.1_net_fw_default_policy_drop.sh b/bin/hardening/3.5.1.1_net_fw_default_policy_drop.sh index bf68799..b151bf1 100755 --- a/bin/hardening/3.5.1.1_net_fw_default_policy_drop.sh +++ b/bin/hardening/3.5.1.1_net_fw_default_policy_drop.sh @@ -1,4 +1,5 @@ #!/bin/bash + # run-shellcheck # # OVH Security audit diff --git a/bin/hardening/3.5_enable_firewall.sh b/bin/hardening/3.5_enable_firewall.sh index 41d4153..162ca56 100755 --- a/bin/hardening/3.5_enable_firewall.sh +++ b/bin/hardening/3.5_enable_firewall.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/3.6_disable_wireless.sh b/bin/hardening/3.6_disable_wireless.sh index d632133..43dd28e 100755 --- a/bin/hardening/3.6_disable_wireless.sh +++ b/bin/hardening/3.6_disable_wireless.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/3.7_disable_ipv6.sh b/bin/hardening/3.7_disable_ipv6.sh index ab37350..fb74b1e 100755 --- a/bin/hardening/3.7_disable_ipv6.sh +++ b/bin/hardening/3.7_disable_ipv6.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/4.1.1.1_audit_log_storage.sh b/bin/hardening/4.1.1.1_audit_log_storage.sh index 072a833..0a97ab7 100755 --- a/bin/hardening/4.1.1.1_audit_log_storage.sh +++ b/bin/hardening/4.1.1.1_audit_log_storage.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/4.1.1.2_halt_when_audit_log_full.sh b/bin/hardening/4.1.1.2_halt_when_audit_log_full.sh index 428237d..4cac2ec 100755 --- a/bin/hardening/4.1.1.2_halt_when_audit_log_full.sh +++ b/bin/hardening/4.1.1.2_halt_when_audit_log_full.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/4.1.1.3_keep_all_audit_logs.sh b/bin/hardening/4.1.1.3_keep_all_audit_logs.sh index dcb3f59..21fd118 100755 --- a/bin/hardening/4.1.1.3_keep_all_audit_logs.sh +++ b/bin/hardening/4.1.1.3_keep_all_audit_logs.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/4.1.10_record_dac_edit.sh b/bin/hardening/4.1.10_record_dac_edit.sh index 54aaed5..70bc34b 100755 --- a/bin/hardening/4.1.10_record_dac_edit.sh +++ b/bin/hardening/4.1.10_record_dac_edit.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/4.1.11_record_failed_access_file.sh b/bin/hardening/4.1.11_record_failed_access_file.sh index dda66e3..449d8d6 100755 --- a/bin/hardening/4.1.11_record_failed_access_file.sh +++ b/bin/hardening/4.1.11_record_failed_access_file.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/4.1.12_record_privileged_commands.sh b/bin/hardening/4.1.12_record_privileged_commands.sh index 8bad512..9426ef7 100755 --- a/bin/hardening/4.1.12_record_privileged_commands.sh +++ b/bin/hardening/4.1.12_record_privileged_commands.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/4.1.13_record_successful_mount.sh b/bin/hardening/4.1.13_record_successful_mount.sh index 0019606..df69293 100755 --- a/bin/hardening/4.1.13_record_successful_mount.sh +++ b/bin/hardening/4.1.13_record_successful_mount.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/4.1.14_record_file_deletions.sh b/bin/hardening/4.1.14_record_file_deletions.sh index 79b3577..795368e 100755 --- a/bin/hardening/4.1.14_record_file_deletions.sh +++ b/bin/hardening/4.1.14_record_file_deletions.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/4.1.15_record_sudoers_edit.sh b/bin/hardening/4.1.15_record_sudoers_edit.sh index 9a08686..687a828 100755 --- a/bin/hardening/4.1.15_record_sudoers_edit.sh +++ b/bin/hardening/4.1.15_record_sudoers_edit.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/4.1.16_record_sudo_usage.sh b/bin/hardening/4.1.16_record_sudo_usage.sh index 426e971..993efe8 100755 --- a/bin/hardening/4.1.16_record_sudo_usage.sh +++ b/bin/hardening/4.1.16_record_sudo_usage.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/4.1.17_record_kernel_modules.sh b/bin/hardening/4.1.17_record_kernel_modules.sh index 72a3a87..747da54 100755 --- a/bin/hardening/4.1.17_record_kernel_modules.sh +++ b/bin/hardening/4.1.17_record_kernel_modules.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/4.1.18_freeze_auditd_conf.sh b/bin/hardening/4.1.18_freeze_auditd_conf.sh index 63edceb..a884dbd 100755 --- a/bin/hardening/4.1.18_freeze_auditd_conf.sh +++ b/bin/hardening/4.1.18_freeze_auditd_conf.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/4.1.2_enable_auditd.sh b/bin/hardening/4.1.2_enable_auditd.sh index 36262bb..5a1a705 100755 --- a/bin/hardening/4.1.2_enable_auditd.sh +++ b/bin/hardening/4.1.2_enable_auditd.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/4.1.3_audit_bootloader.sh b/bin/hardening/4.1.3_audit_bootloader.sh index bc4a6e5..8105cb7 100755 --- a/bin/hardening/4.1.3_audit_bootloader.sh +++ b/bin/hardening/4.1.3_audit_bootloader.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/4.1.4_record_date_time_edit.sh b/bin/hardening/4.1.4_record_date_time_edit.sh index 2b158f8..893b4f4 100755 --- a/bin/hardening/4.1.4_record_date_time_edit.sh +++ b/bin/hardening/4.1.4_record_date_time_edit.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/4.1.5_record_user_group_edit.sh b/bin/hardening/4.1.5_record_user_group_edit.sh index 5a04a2e..b1439ac 100755 --- a/bin/hardening/4.1.5_record_user_group_edit.sh +++ b/bin/hardening/4.1.5_record_user_group_edit.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/4.1.6_record_network_edit.sh b/bin/hardening/4.1.6_record_network_edit.sh index 68cf16b..ed80c6c 100755 --- a/bin/hardening/4.1.6_record_network_edit.sh +++ b/bin/hardening/4.1.6_record_network_edit.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/4.1.7_record_mac_edit.sh b/bin/hardening/4.1.7_record_mac_edit.sh index f676ee6..8b2dd0f 100755 --- a/bin/hardening/4.1.7_record_mac_edit.sh +++ b/bin/hardening/4.1.7_record_mac_edit.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/4.1.8_record_login_logout.sh b/bin/hardening/4.1.8_record_login_logout.sh index b56f6ce..1beecbc 100755 --- a/bin/hardening/4.1.8_record_login_logout.sh +++ b/bin/hardening/4.1.8_record_login_logout.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/4.1.9_record_session_init.sh b/bin/hardening/4.1.9_record_session_init.sh index 95a87d7..1ccf803 100755 --- a/bin/hardening/4.1.9_record_session_init.sh +++ b/bin/hardening/4.1.9_record_session_init.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/4.2.2.1_enable_syslog-ng.sh b/bin/hardening/4.2.2.1_enable_syslog-ng.sh index 54f1e2e..1c2e191 100755 --- a/bin/hardening/4.2.2.1_enable_syslog-ng.sh +++ b/bin/hardening/4.2.2.1_enable_syslog-ng.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/4.2.2.2_configure_syslog-ng.sh b/bin/hardening/4.2.2.2_configure_syslog-ng.sh index 9b5ba82..7625daf 100755 --- a/bin/hardening/4.2.2.2_configure_syslog-ng.sh +++ b/bin/hardening/4.2.2.2_configure_syslog-ng.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/4.2.2.3_syslog_ng_logfiles_perm.sh b/bin/hardening/4.2.2.3_syslog_ng_logfiles_perm.sh index df50474..3092dac 100755 --- a/bin/hardening/4.2.2.3_syslog_ng_logfiles_perm.sh +++ b/bin/hardening/4.2.2.3_syslog_ng_logfiles_perm.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/4.2.2.4_syslog-ng_remote_host.sh b/bin/hardening/4.2.2.4_syslog-ng_remote_host.sh index 629ba69..d204806 100755 --- a/bin/hardening/4.2.2.4_syslog-ng_remote_host.sh +++ b/bin/hardening/4.2.2.4_syslog-ng_remote_host.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/4.2.2.5_remote_syslog-ng_acl.sh b/bin/hardening/4.2.2.5_remote_syslog-ng_acl.sh index caefde6..74fc3be 100755 --- a/bin/hardening/4.2.2.5_remote_syslog-ng_acl.sh +++ b/bin/hardening/4.2.2.5_remote_syslog-ng_acl.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/4.2.3_install_syslog-ng.sh b/bin/hardening/4.2.3_install_syslog-ng.sh index 70436ea..84103f4 100755 --- a/bin/hardening/4.2.3_install_syslog-ng.sh +++ b/bin/hardening/4.2.3_install_syslog-ng.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/4.2.4_logs_permissions.sh b/bin/hardening/4.2.4_logs_permissions.sh index 6c76b4d..a681223 100755 --- a/bin/hardening/4.2.4_logs_permissions.sh +++ b/bin/hardening/4.2.4_logs_permissions.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/5.1.1_enable_cron.sh b/bin/hardening/5.1.1_enable_cron.sh index 99e43e5..90adb7a 100755 --- a/bin/hardening/5.1.1_enable_cron.sh +++ b/bin/hardening/5.1.1_enable_cron.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/5.1.2_crontab_perm_ownership.sh b/bin/hardening/5.1.2_crontab_perm_ownership.sh index e372022..a51f8fd 100755 --- a/bin/hardening/5.1.2_crontab_perm_ownership.sh +++ b/bin/hardening/5.1.2_crontab_perm_ownership.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/5.1.3_cron_hourly_perm_ownership.sh b/bin/hardening/5.1.3_cron_hourly_perm_ownership.sh index 5acd62a..46aab51 100755 --- a/bin/hardening/5.1.3_cron_hourly_perm_ownership.sh +++ b/bin/hardening/5.1.3_cron_hourly_perm_ownership.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/5.1.4_cron_daily_perm_ownership.sh b/bin/hardening/5.1.4_cron_daily_perm_ownership.sh index affc28a..82f9ec1 100755 --- a/bin/hardening/5.1.4_cron_daily_perm_ownership.sh +++ b/bin/hardening/5.1.4_cron_daily_perm_ownership.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/5.1.5_cron_weekly_perm_ownership.sh b/bin/hardening/5.1.5_cron_weekly_perm_ownership.sh index 765694d..0058325 100755 --- a/bin/hardening/5.1.5_cron_weekly_perm_ownership.sh +++ b/bin/hardening/5.1.5_cron_weekly_perm_ownership.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/5.1.6_cron_monthly_perm_ownership.sh b/bin/hardening/5.1.6_cron_monthly_perm_ownership.sh index 53e5c23..571c969 100755 --- a/bin/hardening/5.1.6_cron_monthly_perm_ownership.sh +++ b/bin/hardening/5.1.6_cron_monthly_perm_ownership.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/5.1.7_cron_d_perm_ownership.sh b/bin/hardening/5.1.7_cron_d_perm_ownership.sh index 5e3acf0..d7c2b12 100755 --- a/bin/hardening/5.1.7_cron_d_perm_ownership.sh +++ b/bin/hardening/5.1.7_cron_d_perm_ownership.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/5.1.8_cron_users.sh b/bin/hardening/5.1.8_cron_users.sh index b5dc5f8..0ff1de8 100755 --- a/bin/hardening/5.1.8_cron_users.sh +++ b/bin/hardening/5.1.8_cron_users.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/5.2.10_disable_root_login.sh b/bin/hardening/5.2.10_disable_root_login.sh index a89f8ef..d2cae33 100755 --- a/bin/hardening/5.2.10_disable_root_login.sh +++ b/bin/hardening/5.2.10_disable_root_login.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/5.2.11_disable_sshd_permitemptypasswords.sh b/bin/hardening/5.2.11_disable_sshd_permitemptypasswords.sh index a76db6c..bda0977 100755 --- a/bin/hardening/5.2.11_disable_sshd_permitemptypasswords.sh +++ b/bin/hardening/5.2.11_disable_sshd_permitemptypasswords.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/5.2.12_disable_sshd_setenv.sh b/bin/hardening/5.2.12_disable_sshd_setenv.sh index 872413e..d443779 100755 --- a/bin/hardening/5.2.12_disable_sshd_setenv.sh +++ b/bin/hardening/5.2.12_disable_sshd_setenv.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/5.2.13_sshd_ciphers.sh b/bin/hardening/5.2.13_sshd_ciphers.sh index e674f35..84790d5 100755 --- a/bin/hardening/5.2.13_sshd_ciphers.sh +++ b/bin/hardening/5.2.13_sshd_ciphers.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/5.2.14_ssh_cry_mac.sh b/bin/hardening/5.2.14_ssh_cry_mac.sh index eb96b9e..59ee93b 100755 --- a/bin/hardening/5.2.14_ssh_cry_mac.sh +++ b/bin/hardening/5.2.14_ssh_cry_mac.sh @@ -1,6 +1,6 @@ #!/bin/bash -# run-shellcheck +# run-shellcheck # # CIS Debian 7/8 Hardening # diff --git a/bin/hardening/5.2.15_ssh_cry_kex.sh b/bin/hardening/5.2.15_ssh_cry_kex.sh index 99e155b..17e8ee9 100755 --- a/bin/hardening/5.2.15_ssh_cry_kex.sh +++ b/bin/hardening/5.2.15_ssh_cry_kex.sh @@ -1,6 +1,6 @@ #!/bin/bash -# run-shellcheck +# run-shellcheck # # CIS Debian 7/8 Hardening # diff --git a/bin/hardening/5.2.16_sshd_idle_timeout.sh b/bin/hardening/5.2.16_sshd_idle_timeout.sh index 0b9bedd..d2fb0d0 100755 --- a/bin/hardening/5.2.16_sshd_idle_timeout.sh +++ b/bin/hardening/5.2.16_sshd_idle_timeout.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/5.2.17_sshd_login_grace_time.sh b/bin/hardening/5.2.17_sshd_login_grace_time.sh index 4d2deac..3e8b005 100755 --- a/bin/hardening/5.2.17_sshd_login_grace_time.sh +++ b/bin/hardening/5.2.17_sshd_login_grace_time.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/5.2.18_sshd_limit_access.sh b/bin/hardening/5.2.18_sshd_limit_access.sh index 58be24a..86bbb3a 100755 --- a/bin/hardening/5.2.18_sshd_limit_access.sh +++ b/bin/hardening/5.2.18_sshd_limit_access.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/5.2.19_ssh_banner.sh b/bin/hardening/5.2.19_ssh_banner.sh index 8158cf0..05f140e 100755 --- a/bin/hardening/5.2.19_ssh_banner.sh +++ b/bin/hardening/5.2.19_ssh_banner.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/5.2.1_sshd_conf_perm_ownership.sh b/bin/hardening/5.2.1_sshd_conf_perm_ownership.sh index cb2e24c..61545fb 100755 --- a/bin/hardening/5.2.1_sshd_conf_perm_ownership.sh +++ b/bin/hardening/5.2.1_sshd_conf_perm_ownership.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/5.2.2_ssh_host_private_keys_perm_ownership.sh b/bin/hardening/5.2.2_ssh_host_private_keys_perm_ownership.sh index f3690ea..581e907 100755 --- a/bin/hardening/5.2.2_ssh_host_private_keys_perm_ownership.sh +++ b/bin/hardening/5.2.2_ssh_host_private_keys_perm_ownership.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/5.2.3_ssh_host_public_keys_perm_ownership.sh b/bin/hardening/5.2.3_ssh_host_public_keys_perm_ownership.sh index c1b2b61..17503a8 100755 --- a/bin/hardening/5.2.3_ssh_host_public_keys_perm_ownership.sh +++ b/bin/hardening/5.2.3_ssh_host_public_keys_perm_ownership.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/5.2.4_sshd_protocol.sh b/bin/hardening/5.2.4_sshd_protocol.sh index 0da5412..af60dbc 100755 --- a/bin/hardening/5.2.4_sshd_protocol.sh +++ b/bin/hardening/5.2.4_sshd_protocol.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/5.2.6_disable_x11_forwarding.sh b/bin/hardening/5.2.6_disable_x11_forwarding.sh index 576f70d..610395d 100755 --- a/bin/hardening/5.2.6_disable_x11_forwarding.sh +++ b/bin/hardening/5.2.6_disable_x11_forwarding.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/5.2.7_sshd_maxauthtries.sh b/bin/hardening/5.2.7_sshd_maxauthtries.sh index f61dbe5..65daaf2 100755 --- a/bin/hardening/5.2.7_sshd_maxauthtries.sh +++ b/bin/hardening/5.2.7_sshd_maxauthtries.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/5.2.8_enable_sshd_ignorerhosts.sh b/bin/hardening/5.2.8_enable_sshd_ignorerhosts.sh index 417d060..ebb35ce 100755 --- a/bin/hardening/5.2.8_enable_sshd_ignorerhosts.sh +++ b/bin/hardening/5.2.8_enable_sshd_ignorerhosts.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/5.2.9_disable_sshd_hostbasedauthentication.sh b/bin/hardening/5.2.9_disable_sshd_hostbasedauthentication.sh index 0ddc208..51b3d3d 100755 --- a/bin/hardening/5.2.9_disable_sshd_hostbasedauthentication.sh +++ b/bin/hardening/5.2.9_disable_sshd_hostbasedauthentication.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/5.3.1_enable_pwquality.sh b/bin/hardening/5.3.1_enable_pwquality.sh index a3a5458..11144d5 100755 --- a/bin/hardening/5.3.1_enable_pwquality.sh +++ b/bin/hardening/5.3.1_enable_pwquality.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/5.3.2_enable_lockout_failed_password.sh b/bin/hardening/5.3.2_enable_lockout_failed_password.sh index 02bd546..e535f7e 100755 --- a/bin/hardening/5.3.2_enable_lockout_failed_password.sh +++ b/bin/hardening/5.3.2_enable_lockout_failed_password.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/5.3.3_limit_password_reuse.sh b/bin/hardening/5.3.3_limit_password_reuse.sh index cb16fb1..e0aa3f4 100755 --- a/bin/hardening/5.3.3_limit_password_reuse.sh +++ b/bin/hardening/5.3.3_limit_password_reuse.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/5.3.4_acc_pam_sha512.sh b/bin/hardening/5.3.4_acc_pam_sha512.sh index 17c0051..868e482 100755 --- a/bin/hardening/5.3.4_acc_pam_sha512.sh +++ b/bin/hardening/5.3.4_acc_pam_sha512.sh @@ -1,4 +1,5 @@ #!/bin/bash + # run-shellcheck # # OVH Security audit diff --git a/bin/hardening/5.4.1.1_set_password_exp_days.sh b/bin/hardening/5.4.1.1_set_password_exp_days.sh index 5f04f78..a67f321 100755 --- a/bin/hardening/5.4.1.1_set_password_exp_days.sh +++ b/bin/hardening/5.4.1.1_set_password_exp_days.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/5.4.1.2_set_password_min_days_change.sh b/bin/hardening/5.4.1.2_set_password_min_days_change.sh index 6bd66e9..86f2951 100755 --- a/bin/hardening/5.4.1.2_set_password_min_days_change.sh +++ b/bin/hardening/5.4.1.2_set_password_min_days_change.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/5.4.1.3_set_password_exp_warning_days.sh b/bin/hardening/5.4.1.3_set_password_exp_warning_days.sh index ea54781..57d319b 100755 --- a/bin/hardening/5.4.1.3_set_password_exp_warning_days.sh +++ b/bin/hardening/5.4.1.3_set_password_exp_warning_days.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/5.4.1.4_lock_inactive_user_account.sh b/bin/hardening/5.4.1.4_lock_inactive_user_account.sh index efd5c82..a10e2c8 100755 --- a/bin/hardening/5.4.1.4_lock_inactive_user_account.sh +++ b/bin/hardening/5.4.1.4_lock_inactive_user_account.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/5.4.2_disable_system_accounts.sh b/bin/hardening/5.4.2_disable_system_accounts.sh index 76fedbf..adbcbc6 100755 --- a/bin/hardening/5.4.2_disable_system_accounts.sh +++ b/bin/hardening/5.4.2_disable_system_accounts.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/5.4.3_default_root_group.sh b/bin/hardening/5.4.3_default_root_group.sh index f6c7bd1..80a5812 100755 --- a/bin/hardening/5.4.3_default_root_group.sh +++ b/bin/hardening/5.4.3_default_root_group.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/5.4.4_default_umask.sh b/bin/hardening/5.4.4_default_umask.sh index 2276f27..8e1901e 100755 --- a/bin/hardening/5.4.4_default_umask.sh +++ b/bin/hardening/5.4.4_default_umask.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/5.5_secure_tty.sh b/bin/hardening/5.5_secure_tty.sh index 98cdbc7..4464881 100755 --- a/bin/hardening/5.5_secure_tty.sh +++ b/bin/hardening/5.5_secure_tty.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/5.6_restrict_su.sh b/bin/hardening/5.6_restrict_su.sh index 1f4e527..958dfd8 100755 --- a/bin/hardening/5.6_restrict_su.sh +++ b/bin/hardening/5.6_restrict_su.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/6.1.10_find_world_writable_file.sh b/bin/hardening/6.1.10_find_world_writable_file.sh index 461672a..ee4838c 100755 --- a/bin/hardening/6.1.10_find_world_writable_file.sh +++ b/bin/hardening/6.1.10_find_world_writable_file.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/6.1.11_find_unowned_files.sh b/bin/hardening/6.1.11_find_unowned_files.sh index b18bf83..002f5c4 100755 --- a/bin/hardening/6.1.11_find_unowned_files.sh +++ b/bin/hardening/6.1.11_find_unowned_files.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/6.1.12_find_ungrouped_files.sh b/bin/hardening/6.1.12_find_ungrouped_files.sh index 788eab4..582bb0a 100755 --- a/bin/hardening/6.1.12_find_ungrouped_files.sh +++ b/bin/hardening/6.1.12_find_ungrouped_files.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/6.1.13_find_suid_files.sh b/bin/hardening/6.1.13_find_suid_files.sh index 300faf5..e3b6507 100755 --- a/bin/hardening/6.1.13_find_suid_files.sh +++ b/bin/hardening/6.1.13_find_suid_files.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/6.1.14_find_sgid_files.sh b/bin/hardening/6.1.14_find_sgid_files.sh index b9a834a..9649910 100755 --- a/bin/hardening/6.1.14_find_sgid_files.sh +++ b/bin/hardening/6.1.14_find_sgid_files.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/6.1.5_etc_passwd_permissions.sh b/bin/hardening/6.1.5_etc_passwd_permissions.sh index 623acbe..3a936e6 100755 --- a/bin/hardening/6.1.5_etc_passwd_permissions.sh +++ b/bin/hardening/6.1.5_etc_passwd_permissions.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/6.1.6_etc_shadow_permissions.sh b/bin/hardening/6.1.6_etc_shadow_permissions.sh index d200224..6303a09 100755 --- a/bin/hardening/6.1.6_etc_shadow_permissions.sh +++ b/bin/hardening/6.1.6_etc_shadow_permissions.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/6.1.7_etc_group_permissions.sh b/bin/hardening/6.1.7_etc_group_permissions.sh index 80b621d..94dddbc 100755 --- a/bin/hardening/6.1.7_etc_group_permissions.sh +++ b/bin/hardening/6.1.7_etc_group_permissions.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/6.2.10_check_user_dot_file_perm.sh b/bin/hardening/6.2.10_check_user_dot_file_perm.sh index bbd4020..9295b94 100755 --- a/bin/hardening/6.2.10_check_user_dot_file_perm.sh +++ b/bin/hardening/6.2.10_check_user_dot_file_perm.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/6.2.11_find_user_forward_files.sh b/bin/hardening/6.2.11_find_user_forward_files.sh index c964cbf..a2c3c69 100755 --- a/bin/hardening/6.2.11_find_user_forward_files.sh +++ b/bin/hardening/6.2.11_find_user_forward_files.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/6.2.12_find_user_netrc_files.sh b/bin/hardening/6.2.12_find_user_netrc_files.sh index 3d6dae0..c117ddc 100755 --- a/bin/hardening/6.2.12_find_user_netrc_files.sh +++ b/bin/hardening/6.2.12_find_user_netrc_files.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/6.2.13_set_perm_on_user_netrc.sh b/bin/hardening/6.2.13_set_perm_on_user_netrc.sh index 4789a70..72f921e 100755 --- a/bin/hardening/6.2.13_set_perm_on_user_netrc.sh +++ b/bin/hardening/6.2.13_set_perm_on_user_netrc.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/6.2.14_find_user_rhosts_files.sh b/bin/hardening/6.2.14_find_user_rhosts_files.sh index a10daa5..23f7d8a 100755 --- a/bin/hardening/6.2.14_find_user_rhosts_files.sh +++ b/bin/hardening/6.2.14_find_user_rhosts_files.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/6.2.15_find_passwd_group_inconsistencies.sh b/bin/hardening/6.2.15_find_passwd_group_inconsistencies.sh index ddbc05d..09df3cf 100755 --- a/bin/hardening/6.2.15_find_passwd_group_inconsistencies.sh +++ b/bin/hardening/6.2.15_find_passwd_group_inconsistencies.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/6.2.16_check_duplicate_uid.sh b/bin/hardening/6.2.16_check_duplicate_uid.sh index 0f0fee8..1f97f5e 100755 --- a/bin/hardening/6.2.16_check_duplicate_uid.sh +++ b/bin/hardening/6.2.16_check_duplicate_uid.sh @@ -1,4 +1,5 @@ #!/bin/bash + # run-shellcheck # # CIS Debian Hardening diff --git a/bin/hardening/6.2.17_check_duplicate_gid.sh b/bin/hardening/6.2.17_check_duplicate_gid.sh index cc8fa73..599f30d 100755 --- a/bin/hardening/6.2.17_check_duplicate_gid.sh +++ b/bin/hardening/6.2.17_check_duplicate_gid.sh @@ -1,4 +1,5 @@ #!/bin/bash + # run-shellcheck # # CIS Debian Hardening diff --git a/bin/hardening/6.2.18_check_duplicate_username.sh b/bin/hardening/6.2.18_check_duplicate_username.sh index 36f0dcf..0ff4bd5 100755 --- a/bin/hardening/6.2.18_check_duplicate_username.sh +++ b/bin/hardening/6.2.18_check_duplicate_username.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/6.2.19_check_duplicate_groupname.sh b/bin/hardening/6.2.19_check_duplicate_groupname.sh index 1d397f3..011eaf0 100755 --- a/bin/hardening/6.2.19_check_duplicate_groupname.sh +++ b/bin/hardening/6.2.19_check_duplicate_groupname.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/6.2.1_remove_empty_password_field.sh b/bin/hardening/6.2.1_remove_empty_password_field.sh index 8ec02d7..36eae08 100755 --- a/bin/hardening/6.2.1_remove_empty_password_field.sh +++ b/bin/hardening/6.2.1_remove_empty_password_field.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/6.2.20_shadow_group_empty.sh b/bin/hardening/6.2.20_shadow_group_empty.sh index 7bf1108..39397c6 100755 --- a/bin/hardening/6.2.20_shadow_group_empty.sh +++ b/bin/hardening/6.2.20_shadow_group_empty.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/6.2.2_remove_legacy_passwd_entries.sh b/bin/hardening/6.2.2_remove_legacy_passwd_entries.sh index 7254e32..82a6476 100755 --- a/bin/hardening/6.2.2_remove_legacy_passwd_entries.sh +++ b/bin/hardening/6.2.2_remove_legacy_passwd_entries.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/6.2.3_remove_legacy_shadow_entries.sh b/bin/hardening/6.2.3_remove_legacy_shadow_entries.sh index caa118f..b610a8a 100755 --- a/bin/hardening/6.2.3_remove_legacy_shadow_entries.sh +++ b/bin/hardening/6.2.3_remove_legacy_shadow_entries.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/6.2.4_remove_legacy_group_entries.sh b/bin/hardening/6.2.4_remove_legacy_group_entries.sh index d01f0a5..9a1819c 100755 --- a/bin/hardening/6.2.4_remove_legacy_group_entries.sh +++ b/bin/hardening/6.2.4_remove_legacy_group_entries.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/6.2.5_find_0_uid_non_root_account.sh b/bin/hardening/6.2.5_find_0_uid_non_root_account.sh index 5b3dca2..97f1c08 100755 --- a/bin/hardening/6.2.5_find_0_uid_non_root_account.sh +++ b/bin/hardening/6.2.5_find_0_uid_non_root_account.sh @@ -1,4 +1,5 @@ #!/bin/bash + # run-shellcheck # # CIS Debian Hardening diff --git a/bin/hardening/6.2.6_sanitize_root_path.sh b/bin/hardening/6.2.6_sanitize_root_path.sh index b00ce8f..40cff74 100755 --- a/bin/hardening/6.2.6_sanitize_root_path.sh +++ b/bin/hardening/6.2.6_sanitize_root_path.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/6.2.7_users_valid_homedir.sh b/bin/hardening/6.2.7_users_valid_homedir.sh index 3b16833..b431a2c 100755 --- a/bin/hardening/6.2.7_users_valid_homedir.sh +++ b/bin/hardening/6.2.7_users_valid_homedir.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/6.2.8_check_user_dir_perm.sh b/bin/hardening/6.2.8_check_user_dir_perm.sh index d57768c..8fdf38b 100755 --- a/bin/hardening/6.2.8_check_user_dir_perm.sh +++ b/bin/hardening/6.2.8_check_user_dir_perm.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/6.2.9_users_valid_homedir.sh b/bin/hardening/6.2.9_users_valid_homedir.sh index bb48843..2101122 100755 --- a/bin/hardening/6.2.9_users_valid_homedir.sh +++ b/bin/hardening/6.2.9_users_valid_homedir.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/8.0_enable_auditd_kernel.sh b/bin/hardening/8.0_enable_auditd_kernel.sh index 50201cd..157441a 100755 --- a/bin/hardening/8.0_enable_auditd_kernel.sh +++ b/bin/hardening/8.0_enable_auditd_kernel.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/8.3.1_install_tripwire.sh b/bin/hardening/8.3.1_install_tripwire.sh index 0ff5d20..b2d3bd9 100755 --- a/bin/hardening/8.3.1_install_tripwire.sh +++ b/bin/hardening/8.3.1_install_tripwire.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening # diff --git a/bin/hardening/99.1_timeout_tty.sh b/bin/hardening/99.1_timeout_tty.sh index 2c5439f..851a079 100755 --- a/bin/hardening/99.1_timeout_tty.sh +++ b/bin/hardening/99.1_timeout_tty.sh @@ -1,4 +1,5 @@ #!/bin/bash + # run-shellcheck # # CIS Debian Hardening /!\ Not in the Guide diff --git a/bin/hardening/99.2_disable_usb_devices.sh b/bin/hardening/99.2_disable_usb_devices.sh index bd9a04d..77d7391 100755 --- a/bin/hardening/99.2_disable_usb_devices.sh +++ b/bin/hardening/99.2_disable_usb_devices.sh @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening /!\ Not in the Guide # diff --git a/bin/hardening/99.3.1_acc_shadow_sha512.sh b/bin/hardening/99.3.1_acc_shadow_sha512.sh index bbad9fa..733d427 100755 --- a/bin/hardening/99.3.1_acc_shadow_sha512.sh +++ b/bin/hardening/99.3.1_acc_shadow_sha512.sh @@ -1,4 +1,5 @@ #!/bin/bash + # run-shellcheck # # OVH Security audit diff --git a/bin/hardening/99.3.2_acc_sudoers_no_all.sh b/bin/hardening/99.3.2_acc_sudoers_no_all.sh index d57f681..f659c66 100755 --- a/bin/hardening/99.3.2_acc_sudoers_no_all.sh +++ b/bin/hardening/99.3.2_acc_sudoers_no_all.sh @@ -1,4 +1,5 @@ #!/bin/bash + # run-shellcheck # # OVH Security audit diff --git a/bin/hardening/99.3.4_acc_logindefs_sha512.sh b/bin/hardening/99.3.4_acc_logindefs_sha512.sh index 0304618..8ef744e 100755 --- a/bin/hardening/99.3.4_acc_logindefs_sha512.sh +++ b/bin/hardening/99.3.4_acc_logindefs_sha512.sh @@ -1,4 +1,5 @@ #!/bin/bash + # run-shellcheck # # OVH Security audit diff --git a/bin/hardening/99.5.1_ssh_auth_pubk_only.sh b/bin/hardening/99.5.1_ssh_auth_pubk_only.sh index c2f0427..935af44 100755 --- a/bin/hardening/99.5.1_ssh_auth_pubk_only.sh +++ b/bin/hardening/99.5.1_ssh_auth_pubk_only.sh @@ -1,6 +1,6 @@ #!/bin/bash -# run-shellcheck +# run-shellcheck # # OVH Security audit # diff --git a/bin/hardening/99.5.2.3_ssh_cry_rekey.sh b/bin/hardening/99.5.2.3_ssh_cry_rekey.sh index adefb01..cd12823 100755 --- a/bin/hardening/99.5.2.3_ssh_cry_rekey.sh +++ b/bin/hardening/99.5.2.3_ssh_cry_rekey.sh @@ -1,4 +1,5 @@ #!/bin/bash + # run-shellcheck # diff --git a/bin/hardening/99.5.3_ssh_disable_features.sh b/bin/hardening/99.5.3_ssh_disable_features.sh index f7367fb..1a94d6c 100755 --- a/bin/hardening/99.5.3_ssh_disable_features.sh +++ b/bin/hardening/99.5.3_ssh_disable_features.sh @@ -1,6 +1,6 @@ #!/bin/bash -# run-shellcheck +# run-shellcheck # # OVH Security audit # diff --git a/bin/hardening/99.5.4_ssh_keys_from.sh b/bin/hardening/99.5.4_ssh_keys_from.sh index d98f5e0..5f1278f 100755 --- a/bin/hardening/99.5.4_ssh_keys_from.sh +++ b/bin/hardening/99.5.4_ssh_keys_from.sh @@ -1,6 +1,6 @@ #!/bin/bash -# run-shellcheck +# run-shellcheck # # OVH Security audit # diff --git a/bin/hardening/99.5.5_ssh_strict_modes.sh b/bin/hardening/99.5.5_ssh_strict_modes.sh index 385a059..007b975 100755 --- a/bin/hardening/99.5.5_ssh_strict_modes.sh +++ b/bin/hardening/99.5.5_ssh_strict_modes.sh @@ -1,6 +1,6 @@ #!/bin/bash -# run-shellcheck +# run-shellcheck # # OVH Security audit # diff --git a/bin/hardening/99.5.6_ssh_sys_accept_env.sh b/bin/hardening/99.5.6_ssh_sys_accept_env.sh index 39f68b9..6e631b5 100755 --- a/bin/hardening/99.5.6_ssh_sys_accept_env.sh +++ b/bin/hardening/99.5.6_ssh_sys_accept_env.sh @@ -1,6 +1,6 @@ #!/bin/bash -# run-shellcheck +# run-shellcheck # # CIS Debian 7/8 Hardening # diff --git a/bin/hardening/99.5.7_ssh_sys_no_legacy.sh b/bin/hardening/99.5.7_ssh_sys_no_legacy.sh index 002f675..aad4562 100755 --- a/bin/hardening/99.5.7_ssh_sys_no_legacy.sh +++ b/bin/hardening/99.5.7_ssh_sys_no_legacy.sh @@ -1,6 +1,6 @@ #!/bin/bash -# run-shellcheck +# run-shellcheck # CIS Debian 7 Hardening # diff --git a/bin/hardening/99.5.8_ssh_sys_sandbox.sh b/bin/hardening/99.5.8_ssh_sys_sandbox.sh index aac06ef..590ff8f 100755 --- a/bin/hardening/99.5.8_ssh_sys_sandbox.sh +++ b/bin/hardening/99.5.8_ssh_sys_sandbox.sh @@ -1,6 +1,6 @@ #!/bin/bash -# run-shellcheck +# run-shellcheck # # CIS Debian 7/8 Hardening # diff --git a/bin/hardening/99.5.9_ssh_loglevel.sh b/bin/hardening/99.5.9_ssh_loglevel.sh index ddc32d6..1cc55dd 100755 --- a/bin/hardening/99.5.9_ssh_loglevel.sh +++ b/bin/hardening/99.5.9_ssh_loglevel.sh @@ -1,6 +1,6 @@ #!/bin/bash -# run-shellcheck +# run-shellcheck # # CIS Debian 7/8 Hardening # diff --git a/lib/common.sh b/lib/common.sh index 9bbf221..ab25bcd 100644 --- a/lib/common.sh +++ b/lib/common.sh @@ -1,5 +1,6 @@ # CIS Debian Hardening common functions +# run-shellcheck # # File Backup functions # diff --git a/lib/constants.sh b/lib/constants.sh index 5286650..a189a85 100644 --- a/lib/constants.sh +++ b/lib/constants.sh @@ -1,5 +1,6 @@ # Defines constants for CIS Debian Hardening +# run-shellcheck # Script and shell commands homogeneity export LANG=C diff --git a/lib/main.sh b/lib/main.sh index eb7fe43..fde802c 100644 --- a/lib/main.sh +++ b/lib/main.sh @@ -1,3 +1,5 @@ +# run-shellcheck + LONG_SCRIPT_NAME=$(basename $0) SCRIPT_NAME=${LONG_SCRIPT_NAME%.sh} # Variable initialization, to avoid crash diff --git a/lib/utils.sh b/lib/utils.sh index dc4ec00..4cbbc93 100644 --- a/lib/utils.sh +++ b/lib/utils.sh @@ -1,5 +1,7 @@ # CIS Debian Hardening Utility functions +# run-shellcheck + # # Sysctl # diff --git a/src/skel b/src/skel index c9d6b3a..616ed34 100644 --- a/src/skel +++ b/src/skel @@ -1,5 +1,6 @@ #!/bin/bash +# run-shellcheck # # CIS Debian Hardening #