FIX: fix issue, we had to run audit twice

First one as root to create conf files with good owner and permissions, and then with secaudit. Now first run with --create-config-files-only and the normally with --audit.
2025-06-21 18:23:42 +02:00 · 2020-11-20 10:05:14 +01:00
parent 467e5f178c
commit d40a85085d
3 changed files with 35 additions and 3 deletions
--- a/lib/main.sh
+++ b/lib/main.sh
@ -32,6 +32,10 @@ while [[ $# > 0 ]]; do
            info "Audit argument passed but script is disabled"
        fi
        ;;
+        --create-config-files-only)
+            debug "Create config files"
+            forcedstatus=createconfig
+        ;;
        --sudo)
        SUDO_CMD="sudo_wrapper"
        ;;
@ -62,7 +66,14 @@ if ! [ -r $CIS_ROOT_DIR/etc/conf.d/$SCRIPT_NAME.cfg ] ; then
    else
        echo "status=audit" >> $CIS_ROOT_DIR/etc/conf.d/$SCRIPT_NAME.cfg
    fi
+
 fi
+
+if [ $forcedstatus = "createconfig" ]; then
+    debug "$CIS_ROOT_DIR/etc/conf.d/$SCRIPT_NAME.cfg has been created"
+    exit 0
+fi
+
 [ -r $CIS_ROOT_DIR/etc/conf.d/$SCRIPT_NAME.cfg ] && . $CIS_ROOT_DIR/etc/conf.d/$SCRIPT_NAME.cfg

 # Now check configured value for status, and potential cmdline parameter