From de7dfe5956deb79994d12672197788cf94ade7fe Mon Sep 17 00:00:00 2001
From: Charles Herlin <charles.herlin@corp.ovh.com>
Date: Tue, 26 Feb 2019 15:06:51 +0100
Subject: [PATCH] CHORE(2.1x): use "readlink -e" instead of custom func

Removed get_partition_from_symlink()
---
 bin/hardening/2.14_run_shm_nodev.sh    |  2 +-
 bin/hardening/2.15_run_shm_nosuid.sh   |  2 +-
 bin/hardening/2.16_run_shm_noexec.sh   |  2 +-
 lib/utils.sh                           | 14 --------------
 tests/hardening/2.14_run_shm_nodev.sh  |  4 +++-
 tests/hardening/2.15_run_shm_nosuid.sh |  4 +++-
 tests/hardening/2.16_run_shm_noexec.sh |  4 +++-
 7 files changed, 12 insertions(+), 20 deletions(-)

diff --git a/bin/hardening/2.14_run_shm_nodev.sh b/bin/hardening/2.14_run_shm_nodev.sh
index 48a6d70..04fc3b1 100755
--- a/bin/hardening/2.14_run_shm_nodev.sh
+++ b/bin/hardening/2.14_run_shm_nodev.sh
@@ -24,7 +24,7 @@ OPTION="nodev"
 # This function will be called if the script status is on enabled / audit mode
 audit () {
     info "Verifying that $PARTITION is a partition"
-    get_partition_from_symlink "$PARTITION"
+    PARTITION=$(readlink -e "$PARTITION")
     FNRET=0
     is_a_partition "$PARTITION"
     if [ $FNRET -gt 0 ]; then
diff --git a/bin/hardening/2.15_run_shm_nosuid.sh b/bin/hardening/2.15_run_shm_nosuid.sh
index bf57d37..4e57983 100755
--- a/bin/hardening/2.15_run_shm_nosuid.sh
+++ b/bin/hardening/2.15_run_shm_nosuid.sh
@@ -24,7 +24,7 @@ OPTION="nosuid"
 # This function will be called if the script status is on enabled / audit mode
 audit () {
     info "Verifying that $PARTITION is a partition"
-    get_partition_from_symlink "$PARTITION"
+    PARTITION=$(readlink -e "$PARTITION")
     FNRET=0
     is_a_partition "$PARTITION"
     if [ $FNRET -gt 0 ]; then
diff --git a/bin/hardening/2.16_run_shm_noexec.sh b/bin/hardening/2.16_run_shm_noexec.sh
index 056776c..cb252ad 100755
--- a/bin/hardening/2.16_run_shm_noexec.sh
+++ b/bin/hardening/2.16_run_shm_noexec.sh
@@ -24,7 +24,7 @@ OPTION="noexec"
 # This function will be called if the script status is on enabled / audit mode
 audit () {
     info "Verifying that $PARTITION is a partition"
-    get_partition_from_symlink "$PARTITION"
+    PARTITION=$(readlink -e "$PARTITION")
     FNRET=0
     is_a_partition "$PARTITION"
     if [ $FNRET -gt 0 ]; then
diff --git a/lib/utils.sh b/lib/utils.sh
index f488909..d8b520c 100644
--- a/lib/utils.sh
+++ b/lib/utils.sh
@@ -288,20 +288,6 @@ is_kernel_option_enabled() {
 # Mounting point
 #
 
-get_partition_from_symlink() {
-    local local_partition="$1"
-    if [ ! -e "$local_partition" ]; then
-        return
-    fi
-    filetype=$(stat -c %F "$local_partition")
-    if [ "$filetype" == "symbolic link" ]; then
-        actual_partition=$(readlink "$local_partition" )
-        warn "$local_partition actually is $actual_partition"
-        local_partition="$actual_partition"
-    fi
-    PARTITION="$local_partition"
-}
-
 # Verify $1 is a partition declared in fstab
 is_a_partition() {
 
diff --git a/tests/hardening/2.14_run_shm_nodev.sh b/tests/hardening/2.14_run_shm_nodev.sh
index 91714b1..682c3d2 100644
--- a/tests/hardening/2.14_run_shm_nodev.sh
+++ b/tests/hardening/2.14_run_shm_nodev.sh
@@ -10,8 +10,10 @@ test_audit() {
 
     describe Partition symlink
     register_test retvalshouldbe 1
-    register_test contain "[WARN] /run/shm actually is /dev/shm"
     run resolved /opt/debian-cis/bin/hardening/"${script}".sh --audit-all
 
+    # Cleanup
+    rm /run/shm
+
     # TODO fill comprehensive tests
 }
diff --git a/tests/hardening/2.15_run_shm_nosuid.sh b/tests/hardening/2.15_run_shm_nosuid.sh
index 8d71930..c811f03 100644
--- a/tests/hardening/2.15_run_shm_nosuid.sh
+++ b/tests/hardening/2.15_run_shm_nosuid.sh
@@ -10,8 +10,10 @@ test_audit() {
 
     describe Partition symlink
     register_test retvalshouldbe 1
-    register_test contain "[WARN] /run/shm actually is /dev/shm"
     run resolved /opt/debian-cis/bin/hardening/"${script}".sh --audit-all
 
+    # Cleanup
+    rm /run/shm
+
     # TODO fill comprehensive tests
 }
diff --git a/tests/hardening/2.16_run_shm_noexec.sh b/tests/hardening/2.16_run_shm_noexec.sh
index 8d71930..c811f03 100644
--- a/tests/hardening/2.16_run_shm_noexec.sh
+++ b/tests/hardening/2.16_run_shm_noexec.sh
@@ -10,8 +10,10 @@ test_audit() {
 
     describe Partition symlink
     register_test retvalshouldbe 1
-    register_test contain "[WARN] /run/shm actually is /dev/shm"
     run resolved /opt/debian-cis/bin/hardening/"${script}".sh --audit-all
 
+    # Cleanup
+    rm /run/shm
+
     # TODO fill comprehensive tests
 }