From ccef85ebe3e15ec660b1a4c216963e20cd040625 Mon Sep 17 00:00:00 2001 From: Thibault Ayanides Date: Fri, 30 Oct 2020 14:49:16 +0100 Subject: [PATCH] IMP(4.2.4): use functions in utils --- bin/hardening/4.2.4_logs_permissions.sh | 21 +++++++++++---------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/bin/hardening/4.2.4_logs_permissions.sh b/bin/hardening/4.2.4_logs_permissions.sh index ce4f1ef..6c76b4d 100755 --- a/bin/hardening/4.2.4_logs_permissions.sh +++ b/bin/hardening/4.2.4_logs_permissions.sh @@ -22,12 +22,13 @@ audit () { ERRORS=0 for FILE in $($SUDO_CMD find $DIR -type f); do - perm=$(stat -L -c '%a' $FILE) - echo "$perm ttt $PERMISSIONS" - if [ "$perm" != "$PERMISSIONS" ]; then + has_file_correct_permissions $FILE $PERMISSIONS + if [ $FNRET = 0 ]; then + ok "$FILE permissions were set to $PERMISSIONS" + else ERRORS=$((ERRORS+1)) - crit "Some logs in $DIR permissions were not set to $PERMISSIONS" - fi + crit "$FILE permissions were not set to $PERMISSIONS" + fi done if [ $ERRORS = 0 ]; then @@ -40,12 +41,12 @@ apply () { ERRORS=0 for FILE in $($SUDO_CMD find $DIR -type f); do - perm=$(stat -L -c '%a' $FILE) - echo "$perm ttt $PERMISSIONS" - if [ "$perm" != "$PERMISSIONS" ]; then - info "fixing $DIR logs permissions to $PERMISSIONS" + has_file_correct_permissions $FILE $PERMISSIONS + if [ $FNRET = 0 ]; then + ok "$FILE permissions were set to $PERMISSIONS" + else + warn "fixing $DIRlogs ownership to $PERMISSIONS" chmod 0$PERMISSIONS $FILE - fi done