FIX: fix issue, we had to run audit twice

First one as root to create conf files with good owner and permissions, and then with secaudit.
Now first run with --create-config-files-only and the normally with --audit.
This commit is contained in:
Thibault Ayanides
2020-11-20 10:05:14 +01:00
parent 467e5f178c
commit d40a85085d
3 changed files with 35 additions and 3 deletions

View File

@ -32,6 +32,10 @@ while [[ $# > 0 ]]; do
info "Audit argument passed but script is disabled"
fi
;;
--create-config-files-only)
debug "Create config files"
forcedstatus=createconfig
;;
--sudo)
SUDO_CMD="sudo_wrapper"
;;
@ -62,7 +66,14 @@ if ! [ -r $CIS_ROOT_DIR/etc/conf.d/$SCRIPT_NAME.cfg ] ; then
else
echo "status=audit" >> $CIS_ROOT_DIR/etc/conf.d/$SCRIPT_NAME.cfg
fi
fi
if [ $forcedstatus = "createconfig" ]; then
debug "$CIS_ROOT_DIR/etc/conf.d/$SCRIPT_NAME.cfg has been created"
exit 0
fi
[ -r $CIS_ROOT_DIR/etc/conf.d/$SCRIPT_NAME.cfg ] && . $CIS_ROOT_DIR/etc/conf.d/$SCRIPT_NAME.cfg
# Now check configured value for status, and potential cmdline parameter