mirror of
https://github.com/ovh/debian-cis.git
synced 2024-11-22 05:27:01 +01:00
IMP(shellcheck): quoting variables
This commit is contained in:
parent
ac66cdacd0
commit
e2f7426664
@ -10,7 +10,7 @@
|
|||||||
# Main script : Execute hardening considering configuration
|
# Main script : Execute hardening considering configuration
|
||||||
#
|
#
|
||||||
|
|
||||||
LONG_SCRIPT_NAME=$(basename $0)
|
LONG_SCRIPT_NAME=$(basename "$0")
|
||||||
SCRIPT_NAME=${LONG_SCRIPT_NAME%.sh}
|
SCRIPT_NAME=${LONG_SCRIPT_NAME%.sh}
|
||||||
DISABLED_CHECKS=0
|
DISABLED_CHECKS=0
|
||||||
PASSED_CHECKS=0
|
PASSED_CHECKS=0
|
||||||
@ -197,7 +197,7 @@ if [ "$ALLOW_SERVICE_LIST" = 1 ]; then
|
|||||||
template=$(grep "^HARDENING_EXCEPTION=" "$SCRIPT" | cut -d= -f2)
|
template=$(grep "^HARDENING_EXCEPTION=" "$SCRIPT" | cut -d= -f2)
|
||||||
[ -n "$template" ] && HARDENING_EXCEPTIONS_LIST[${#HARDENING_EXCEPTIONS_LIST[@]}]="$template"
|
[ -n "$template" ] && HARDENING_EXCEPTIONS_LIST[${#HARDENING_EXCEPTIONS_LIST[@]}]="$template"
|
||||||
done
|
done
|
||||||
echo "Supported services are: "$(echo "${HARDENING_EXCEPTIONS_LIST[@]}" | tr " " "\n" | sort -u | tr "\n" " ")
|
echo "Supported services are:" "$(echo "${HARDENING_EXCEPTIONS_LIST[@]}" | tr " " "\n" | sort -u | tr "\n" " ")"
|
||||||
exit 0
|
exit 0
|
||||||
fi
|
fi
|
||||||
|
|
||||||
@ -209,7 +209,7 @@ if [ -n "$SET_HARDENING_LEVEL" ] && [ "$SET_HARDENING_LEVEL" != 0 ]; then
|
|||||||
fi
|
fi
|
||||||
|
|
||||||
for SCRIPT in $(ls $CIS_ROOT_DIR/bin/hardening/*.sh -v); do
|
for SCRIPT in $(ls $CIS_ROOT_DIR/bin/hardening/*.sh -v); do
|
||||||
SCRIPT_BASENAME=$(basename $SCRIPT .sh)
|
SCRIPT_BASENAME=$(basename "$SCRIPT" .sh)
|
||||||
script_level=$(grep "^HARDENING_LEVEL=" "$SCRIPT" | cut -d= -f2)
|
script_level=$(grep "^HARDENING_LEVEL=" "$SCRIPT" | cut -d= -f2)
|
||||||
if [ -z "$script_level" ]; then
|
if [ -z "$script_level" ]; then
|
||||||
echo "The script $SCRIPT_BASENAME doesn't have a hardening level, configuration untouched for it"
|
echo "The script $SCRIPT_BASENAME doesn't have a hardening level, configuration untouched for it"
|
||||||
@ -217,7 +217,7 @@ if [ -n "$SET_HARDENING_LEVEL" ] && [ "$SET_HARDENING_LEVEL" != 0 ]; then
|
|||||||
fi
|
fi
|
||||||
wantedstatus=disabled
|
wantedstatus=disabled
|
||||||
[ "$script_level" -le "$SET_HARDENING_LEVEL" ] && wantedstatus=enabled
|
[ "$script_level" -le "$SET_HARDENING_LEVEL" ] && wantedstatus=enabled
|
||||||
sed -i -re "s/^status=.+/status=$wantedstatus/" $CIS_ROOT_DIR/etc/conf.d/$SCRIPT_BASENAME.cfg
|
sed -i -re "s/^status=.+/status=$wantedstatus/" "$CIS_ROOT_DIR/etc/conf.d/$SCRIPT_BASENAME.cfg"
|
||||||
done
|
done
|
||||||
echo "Configuration modified to enable scripts for hardening level at or below $SET_HARDENING_LEVEL"
|
echo "Configuration modified to enable scripts for hardening level at or below $SET_HARDENING_LEVEL"
|
||||||
exit 0
|
exit 0
|
||||||
@ -230,9 +230,9 @@ fi
|
|||||||
|
|
||||||
# Parse every scripts and execute them in the required mode
|
# Parse every scripts and execute them in the required mode
|
||||||
for SCRIPT in $(ls $CIS_ROOT_DIR/bin/hardening/*.sh -v); do
|
for SCRIPT in $(ls $CIS_ROOT_DIR/bin/hardening/*.sh -v); do
|
||||||
if [ ${#TEST_LIST[@]} -gt 0 ]; then
|
if [ "${#TEST_LIST[@]}" -gt 0 ]; then
|
||||||
# --only X has been specified at least once, is this script in my list ?
|
# --only X has been specified at least once, is this script in my list ?
|
||||||
SCRIPT_PREFIX=$(grep -Eo '^[0-9.]+' <<<"$(basename $SCRIPT)")
|
SCRIPT_PREFIX=$(grep -Eo '^[0-9.]+' <<<"$(basename "$SCRIPT")")
|
||||||
SCRIPT_PREFIX_RE=$(sed -e 's/\./\\./g' <<<"$SCRIPT_PREFIX")
|
SCRIPT_PREFIX_RE=$(sed -e 's/\./\\./g' <<<"$SCRIPT_PREFIX")
|
||||||
if ! grep -qwE "(^| )$SCRIPT_PREFIX_RE" <<<"${TEST_LIST[@]}"; then
|
if ! grep -qwE "(^| )$SCRIPT_PREFIX_RE" <<<"${TEST_LIST[@]}"; then
|
||||||
# not in the list
|
# not in the list
|
||||||
@ -241,21 +241,21 @@ for SCRIPT in $(ls $CIS_ROOT_DIR/bin/hardening/*.sh -v); do
|
|||||||
fi
|
fi
|
||||||
|
|
||||||
info "Treating $SCRIPT"
|
info "Treating $SCRIPT"
|
||||||
if [ $CREATE_CONFIG = 1 ]; then
|
if [ "$CREATE_CONFIG" = 1 ]; then
|
||||||
debug "$CIS_ROOT_DIR/bin/hardening/$SCRIPT --create-config-files-only"
|
debug "$CIS_ROOT_DIR/bin/hardening/$SCRIPT --create-config-files-only"
|
||||||
$SCRIPT --create-config-files-only $BATCH_MODE
|
"$SCRIPT" --create-config-files-only "$BATCH_MODE"
|
||||||
elif [ $AUDIT = 1 ]; then
|
elif [ "$AUDIT" = 1 ]; then
|
||||||
debug "$CIS_ROOT_DIR/bin/hardening/$SCRIPT --audit $SUDO_MODE $BATCH_MODE"
|
debug "$CIS_ROOT_DIR/bin/hardening/$SCRIPT --audit $SUDO_MODE $BATCH_MODE"
|
||||||
$SCRIPT --audit $SUDO_MODE $BATCH_MODE
|
"$SCRIPT" --audit "$SUDO_MODE" "$BATCH_MODE"
|
||||||
elif [ $AUDIT_ALL = 1 ]; then
|
elif [ "$AUDIT_ALL" = 1 ]; then
|
||||||
debug "$CIS_ROOT_DIR/bin/hardening/$SCRIPT --audit-all $SUDO_MODE $BATCH_MODE"
|
debug "$CIS_ROOT_DIR/bin/hardening/$SCRIPT --audit-all $SUDO_MODE $BATCH_MODE"
|
||||||
$SCRIPT --audit-all $SUDO_MODE $BATCH_MODE
|
"$SCRIPT" --audit-all "$SUDO_MODE" "$BATCH_MODE"
|
||||||
elif [ $AUDIT_ALL_ENABLE_PASSED = 1 ]; then
|
elif [ "$AUDIT_ALL_ENABLE_PASSED" = 1 ]; then
|
||||||
debug "$CIS_ROOT_DIR/bin/hardening/$SCRIPT --audit-all $SUDO_MODE" $BATCH_MODE
|
debug "$CIS_ROOT_DIR/bin/hardening/$SCRIPT --audit-all $SUDO_MODE $BATCH_MODE"
|
||||||
$SCRIPT --audit-all $SUDO_MODE $BATCH_MODE
|
"$SCRIPT" --audit-all "$SUDO_MODE" "$BATCH_MODE"
|
||||||
elif [ $APPLY = 1 ]; then
|
elif [ "$APPLY" = 1 ]; then
|
||||||
debug "$CIS_ROOT_DIR/bin/hardening/$SCRIPT"
|
debug "$CIS_ROOT_DIR/bin/hardening/$SCRIPT"
|
||||||
$SCRIPT
|
"$SCRIPT"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
SCRIPT_EXITCODE=$?
|
SCRIPT_EXITCODE=$?
|
||||||
@ -265,9 +265,9 @@ for SCRIPT in $(ls $CIS_ROOT_DIR/bin/hardening/*.sh -v); do
|
|||||||
0)
|
0)
|
||||||
debug "$SCRIPT passed"
|
debug "$SCRIPT passed"
|
||||||
PASSED_CHECKS=$((PASSED_CHECKS + 1))
|
PASSED_CHECKS=$((PASSED_CHECKS + 1))
|
||||||
if [ $AUDIT_ALL_ENABLE_PASSED = 1 ]; then
|
if [ "$AUDIT_ALL_ENABLE_PASSED" = 1 ]; then
|
||||||
SCRIPT_BASENAME=$(basename $SCRIPT .sh)
|
SCRIPT_BASENAME=$(basename "$SCRIPT" .sh)
|
||||||
sed -i -re 's/^status=.+/status=enabled/' $CIS_ROOT_DIR/etc/conf.d/$SCRIPT_BASENAME.cfg
|
sed -i -re 's/^status=.+/status=enabled/' "$CIS_ROOT_DIR/etc/conf.d/$SCRIPT_BASENAME.cfg"
|
||||||
info "Status set to enabled in $CIS_ROOT_DIR/etc/conf.d/$SCRIPT_BASENAME.cfg"
|
info "Status set to enabled in $CIS_ROOT_DIR/etc/conf.d/$SCRIPT_BASENAME.cfg"
|
||||||
fi
|
fi
|
||||||
;;
|
;;
|
||||||
@ -287,18 +287,18 @@ done
|
|||||||
|
|
||||||
TOTAL_TREATED_CHECKS=$((TOTAL_CHECKS - DISABLED_CHECKS))
|
TOTAL_TREATED_CHECKS=$((TOTAL_CHECKS - DISABLED_CHECKS))
|
||||||
|
|
||||||
if [ $BATCH_MODE ]; then
|
if [ "$BATCH_MODE" ]; then
|
||||||
BATCH_SUMMARY="AUDIT_SUMMARY "
|
BATCH_SUMMARY="AUDIT_SUMMARY "
|
||||||
BATCH_SUMMARY+="PASSED_CHECKS:${PASSED_CHECKS:-0} "
|
BATCH_SUMMARY+="PASSED_CHECKS:${PASSED_CHECKS:-0} "
|
||||||
BATCH_SUMMARY+="RUN_CHECKS:${TOTAL_TREATED_CHECKS:-0} "
|
BATCH_SUMMARY+="RUN_CHECKS:${TOTAL_TREATED_CHECKS:-0} "
|
||||||
BATCH_SUMMARY+="TOTAL_CHECKS_AVAIL:${TOTAL_CHECKS:-0}"
|
BATCH_SUMMARY+="TOTAL_CHECKS_AVAIL:${TOTAL_CHECKS:-0}"
|
||||||
if [ $TOTAL_TREATED_CHECKS != 0 ]; then
|
if [ "$TOTAL_TREATED_CHECKS" != 0 ]; then
|
||||||
CONFORMITY_PERCENTAGE=$(bc -l <<<"scale=2; ($PASSED_CHECKS/$TOTAL_TREATED_CHECKS) * 100")
|
CONFORMITY_PERCENTAGE=$(bc -l <<<"scale=2; ($PASSED_CHECKS/$TOTAL_TREATED_CHECKS) * 100")
|
||||||
BATCH_SUMMARY+=" CONFORMITY_PERCENTAGE:$(printf "%s" "$CONFORMITY_PERCENTAGE")"
|
BATCH_SUMMARY+=" CONFORMITY_PERCENTAGE:$(printf "%s" "$CONFORMITY_PERCENTAGE")"
|
||||||
else
|
else
|
||||||
BATCH_SUMMARY+=" CONFORMITY_PERCENTAGE:N.A" # No check runned, avoid division by 0
|
BATCH_SUMMARY+=" CONFORMITY_PERCENTAGE:N.A" # No check runned, avoid division by 0
|
||||||
fi
|
fi
|
||||||
becho $BATCH_SUMMARY
|
becho "$BATCH_SUMMARY"
|
||||||
else
|
else
|
||||||
printf "%40s\n" "################### SUMMARY ###################"
|
printf "%40s\n" "################### SUMMARY ###################"
|
||||||
printf "%30s %s\n" "Total Available Checks :" "$TOTAL_CHECKS"
|
printf "%30s %s\n" "Total Available Checks :" "$TOTAL_CHECKS"
|
||||||
@ -309,7 +309,7 @@ else
|
|||||||
ENABLED_CHECKS_PERCENTAGE=$(bc -l <<<"scale=2; ($TOTAL_TREATED_CHECKS/$TOTAL_CHECKS) * 100")
|
ENABLED_CHECKS_PERCENTAGE=$(bc -l <<<"scale=2; ($TOTAL_TREATED_CHECKS/$TOTAL_CHECKS) * 100")
|
||||||
CONFORMITY_PERCENTAGE=$(bc -l <<<"scale=2; ($PASSED_CHECKS/$TOTAL_TREATED_CHECKS) * 100")
|
CONFORMITY_PERCENTAGE=$(bc -l <<<"scale=2; ($PASSED_CHECKS/$TOTAL_TREATED_CHECKS) * 100")
|
||||||
printf "%30s %s %%\n" "Enabled Checks Percentage :" "$ENABLED_CHECKS_PERCENTAGE"
|
printf "%30s %s %%\n" "Enabled Checks Percentage :" "$ENABLED_CHECKS_PERCENTAGE"
|
||||||
if [ $TOTAL_TREATED_CHECKS != 0 ]; then
|
if [ "$TOTAL_TREATED_CHECKS" != 0 ]; then
|
||||||
printf "%30s %s %%\n" "Conformity Percentage :" "$CONFORMITY_PERCENTAGE"
|
printf "%30s %s %%\n" "Conformity Percentage :" "$CONFORMITY_PERCENTAGE"
|
||||||
else
|
else
|
||||||
printf "%30s %s %%\n" "Conformity Percentage :" "N.A" # No check runned, avoid division by 0
|
printf "%30s %s %%\n" "Conformity Percentage :" "N.A" # No check runned, avoid division by 0
|
||||||
|
@ -29,7 +29,7 @@ audit() {
|
|||||||
ok "Nothing listens on 25 port, probably unix socket configured"
|
ok "Nothing listens on 25 port, probably unix socket configured"
|
||||||
else
|
else
|
||||||
info "Checking $RESULT"
|
info "Checking $RESULT"
|
||||||
if $(grep -q "127.0.0.1" <<<$RESULT); then
|
if $(grep -q "127.0.0.1" <<<"$RESULT"); then
|
||||||
ok "MTA is configured to localhost only"
|
ok "MTA is configured to localhost only"
|
||||||
else
|
else
|
||||||
crit "MTA listens worldwide"
|
crit "MTA listens worldwide"
|
||||||
@ -47,7 +47,7 @@ apply() {
|
|||||||
ok "Nothing listens on 25 port, probably unix socket configured"
|
ok "Nothing listens on 25 port, probably unix socket configured"
|
||||||
else
|
else
|
||||||
info "Checking $RESULT"
|
info "Checking $RESULT"
|
||||||
if $(grep -q "127.0.0.1" <<<$RESULT); then
|
if $(grep -q "127.0.0.1" <<<"$RESULT"); then
|
||||||
ok "MTA is configured to localhost only"
|
ok "MTA is configured to localhost only"
|
||||||
else
|
else
|
||||||
warn "MTA listens worldwide, correct this considering your MTA"
|
warn "MTA listens worldwide, correct this considering your MTA"
|
||||||
|
@ -34,7 +34,7 @@ audit() {
|
|||||||
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
||||||
debug "$AUDIT_VALUE should be in file $FILE"
|
debug "$AUDIT_VALUE should be in file $FILE"
|
||||||
IFS=$d_IFS
|
IFS=$d_IFS
|
||||||
does_pattern_exist_in_file $FILE $AUDIT_VALUE
|
does_pattern_exist_in_file "$FILE" "$AUDIT_VALUE"
|
||||||
IFS=$c_IFS
|
IFS=$c_IFS
|
||||||
if [ "$FNRET" != 0 ]; then
|
if [ "$FNRET" != 0 ]; then
|
||||||
crit "$AUDIT_VALUE is not in file $FILE"
|
crit "$AUDIT_VALUE is not in file $FILE"
|
||||||
@ -50,11 +50,11 @@ apply() {
|
|||||||
IFS=$'\n'
|
IFS=$'\n'
|
||||||
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
||||||
debug "$AUDIT_VALUE should be in file $FILE"
|
debug "$AUDIT_VALUE should be in file $FILE"
|
||||||
does_pattern_exist_in_file $FILE $AUDIT_VALUE
|
does_pattern_exist_in_file "$FILE" "$AUDIT_VALUE"
|
||||||
if [ "$FNRET" != 0 ]; then
|
if [ "$FNRET" != 0 ]; then
|
||||||
warn "$AUDIT_VALUE is not in file $FILE, adding it"
|
warn "$AUDIT_VALUE is not in file $FILE, adding it"
|
||||||
add_end_of_file $FILE $AUDIT_VALUE
|
add_end_of_file "$FILE" "$AUDIT_VALUE"
|
||||||
eval $(pkill -HUP -P 1 auditd)
|
eval "$(pkill -HUP -P 1 auditd)"
|
||||||
else
|
else
|
||||||
ok "$AUDIT_VALUE is present in $FILE"
|
ok "$AUDIT_VALUE is present in $FILE"
|
||||||
fi
|
fi
|
||||||
|
@ -32,7 +32,7 @@ audit() {
|
|||||||
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
||||||
debug "$AUDIT_VALUE should be in file $FILE"
|
debug "$AUDIT_VALUE should be in file $FILE"
|
||||||
IFS=$d_IFS
|
IFS=$d_IFS
|
||||||
does_pattern_exist_in_file $FILE $AUDIT_VALUE
|
does_pattern_exist_in_file "$FILE" "$AUDIT_VALUE"
|
||||||
IFS=$c_IFS
|
IFS=$c_IFS
|
||||||
if [ "$FNRET" != 0 ]; then
|
if [ "$FNRET" != 0 ]; then
|
||||||
crit "$AUDIT_VALUE is not in file $FILE"
|
crit "$AUDIT_VALUE is not in file $FILE"
|
||||||
@ -48,11 +48,11 @@ apply() {
|
|||||||
IFS=$'\n'
|
IFS=$'\n'
|
||||||
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
||||||
debug "$AUDIT_VALUE should be in file $FILE"
|
debug "$AUDIT_VALUE should be in file $FILE"
|
||||||
does_pattern_exist_in_file $FILE $AUDIT_VALUE
|
does_pattern_exist_in_file "$FILE" "$AUDIT_VALUE"
|
||||||
if [ "$FNRET" != 0 ]; then
|
if [ "$FNRET" != 0 ]; then
|
||||||
warn "$AUDIT_VALUE is not in file $FILE, adding it"
|
warn "$AUDIT_VALUE is not in file $FILE, adding it"
|
||||||
add_end_of_file $FILE $AUDIT_VALUE
|
add_end_of_file "$FILE" "$AUDIT_VALUE"
|
||||||
eval $(pkill -HUP -P 1 auditd)
|
eval "$(pkill -HUP -P 1 auditd)"
|
||||||
else
|
else
|
||||||
ok "$AUDIT_VALUE is present in $FILE"
|
ok "$AUDIT_VALUE is present in $FILE"
|
||||||
fi
|
fi
|
||||||
|
@ -33,7 +33,7 @@ audit() {
|
|||||||
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
||||||
debug "$AUDIT_VALUE should be in file $FILE"
|
debug "$AUDIT_VALUE should be in file $FILE"
|
||||||
IFS=$d_IFS
|
IFS=$d_IFS
|
||||||
does_pattern_exist_in_file $FILE $AUDIT_VALUE
|
does_pattern_exist_in_file "$FILE" "$AUDIT_VALUE"
|
||||||
IFS=$c_IFS
|
IFS=$c_IFS
|
||||||
if [ "$FNRET" != 0 ]; then
|
if [ "$FNRET" != 0 ]; then
|
||||||
crit "$AUDIT_VALUE is not in file $FILE"
|
crit "$AUDIT_VALUE is not in file $FILE"
|
||||||
@ -49,11 +49,11 @@ apply() {
|
|||||||
IFS=$'\n'
|
IFS=$'\n'
|
||||||
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
||||||
debug "$AUDIT_VALUE should be in file $FILE"
|
debug "$AUDIT_VALUE should be in file $FILE"
|
||||||
does_pattern_exist_in_file $FILE $AUDIT_VALUE
|
does_pattern_exist_in_file "$FILE" "$AUDIT_VALUE"
|
||||||
if [ "$FNRET" != 0 ]; then
|
if [ "$FNRET" != 0 ]; then
|
||||||
warn "$AUDIT_VALUE is not in file $FILE, adding it"
|
warn "$AUDIT_VALUE is not in file $FILE, adding it"
|
||||||
add_end_of_file $FILE $AUDIT_VALUE
|
add_end_of_file "$FILE" "$AUDIT_VALUE"
|
||||||
eval $(pkill -HUP -P 1 auditd)
|
eval "$(pkill -HUP -P 1 auditd)"
|
||||||
else
|
else
|
||||||
ok "$AUDIT_VALUE is present in $FILE"
|
ok "$AUDIT_VALUE is present in $FILE"
|
||||||
fi
|
fi
|
||||||
|
@ -30,7 +30,7 @@ audit() {
|
|||||||
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
||||||
debug "$AUDIT_VALUE should be in file $FILE"
|
debug "$AUDIT_VALUE should be in file $FILE"
|
||||||
IFS=$d_IFS
|
IFS=$d_IFS
|
||||||
does_pattern_exist_in_file $FILE $AUDIT_VALUE
|
does_pattern_exist_in_file "$FILE" "$AUDIT_VALUE"
|
||||||
IFS=$c_IFS
|
IFS=$c_IFS
|
||||||
if [ "$FNRET" != 0 ]; then
|
if [ "$FNRET" != 0 ]; then
|
||||||
crit "$AUDIT_VALUE is not in file $FILE"
|
crit "$AUDIT_VALUE is not in file $FILE"
|
||||||
@ -46,11 +46,11 @@ apply() {
|
|||||||
IFS=$'\n'
|
IFS=$'\n'
|
||||||
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
||||||
debug "$AUDIT_VALUE should be in file $FILE"
|
debug "$AUDIT_VALUE should be in file $FILE"
|
||||||
does_pattern_exist_in_file $FILE $AUDIT_VALUE
|
does_pattern_exist_in_file "$FILE" "$AUDIT_VALUE"
|
||||||
if [ "$FNRET" != 0 ]; then
|
if [ "$FNRET" != 0 ]; then
|
||||||
warn "$AUDIT_VALUE is not in file $FILE, adding it"
|
warn "$AUDIT_VALUE is not in file $FILE, adding it"
|
||||||
add_end_of_file $FILE $AUDIT_VALUE
|
add_end_of_file "$FILE" "$AUDIT_VALUE"
|
||||||
eval $(pkill -HUP -P 1 auditd)
|
eval "$(pkill -HUP -P 1 auditd)"
|
||||||
else
|
else
|
||||||
ok "$AUDIT_VALUE is present in $FILE"
|
ok "$AUDIT_VALUE is present in $FILE"
|
||||||
fi
|
fi
|
||||||
|
@ -30,7 +30,7 @@ audit() {
|
|||||||
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
||||||
debug "$AUDIT_VALUE should be in file $FILE"
|
debug "$AUDIT_VALUE should be in file $FILE"
|
||||||
IFS=$d_IFS
|
IFS=$d_IFS
|
||||||
does_pattern_exist_in_file $FILE $AUDIT_VALUE
|
does_pattern_exist_in_file "$FILE" "$AUDIT_VALUE"
|
||||||
IFS=$c_IFS
|
IFS=$c_IFS
|
||||||
if [ "$FNRET" != 0 ]; then
|
if [ "$FNRET" != 0 ]; then
|
||||||
crit "$AUDIT_VALUE is not in file $FILE"
|
crit "$AUDIT_VALUE is not in file $FILE"
|
||||||
@ -46,11 +46,11 @@ apply() {
|
|||||||
IFS=$'\n'
|
IFS=$'\n'
|
||||||
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
||||||
debug "$AUDIT_VALUE should be in file $FILE"
|
debug "$AUDIT_VALUE should be in file $FILE"
|
||||||
does_pattern_exist_in_file $FILE $AUDIT_VALUE
|
does_pattern_exist_in_file "$FILE" "$AUDIT_VALUE"
|
||||||
if [ "$FNRET" != 0 ]; then
|
if [ "$FNRET" != 0 ]; then
|
||||||
warn "$AUDIT_VALUE is not in file $FILE, adding it"
|
warn "$AUDIT_VALUE is not in file $FILE, adding it"
|
||||||
add_end_of_file $FILE $AUDIT_VALUE
|
add_end_of_file "$FILE" "$AUDIT_VALUE"
|
||||||
eval $(pkill -HUP -P 1 auditd)
|
eval "$(pkill -HUP -P 1 auditd)"
|
||||||
else
|
else
|
||||||
ok "$AUDIT_VALUE is present in $FILE"
|
ok "$AUDIT_VALUE is present in $FILE"
|
||||||
fi
|
fi
|
||||||
|
@ -30,7 +30,7 @@ audit() {
|
|||||||
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
||||||
debug "$AUDIT_VALUE should be in file $FILE"
|
debug "$AUDIT_VALUE should be in file $FILE"
|
||||||
IFS=$d_IFS
|
IFS=$d_IFS
|
||||||
does_pattern_exist_in_file $FILE $AUDIT_VALUE
|
does_pattern_exist_in_file "$FILE" "$AUDIT_VALUE"
|
||||||
IFS=$c_IFS
|
IFS=$c_IFS
|
||||||
if [ "$FNRET" != 0 ]; then
|
if [ "$FNRET" != 0 ]; then
|
||||||
crit "$AUDIT_VALUE is not in file $FILE"
|
crit "$AUDIT_VALUE is not in file $FILE"
|
||||||
@ -46,11 +46,11 @@ apply() {
|
|||||||
IFS=$'\n'
|
IFS=$'\n'
|
||||||
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
||||||
debug "$AUDIT_VALUE should be in file $FILE"
|
debug "$AUDIT_VALUE should be in file $FILE"
|
||||||
does_pattern_exist_in_file $FILE $AUDIT_VALUE
|
does_pattern_exist_in_file "$FILE" "$AUDIT_VALUE"
|
||||||
if [ "$FNRET" != 0 ]; then
|
if [ "$FNRET" != 0 ]; then
|
||||||
warn "$AUDIT_VALUE is not in file $FILE, adding it"
|
warn "$AUDIT_VALUE is not in file $FILE, adding it"
|
||||||
add_end_of_file $FILE $AUDIT_VALUE
|
add_end_of_file "$FILE" "$AUDIT_VALUE"
|
||||||
eval $(pkill -HUP -P 1 auditd)
|
eval "$(pkill -HUP -P 1 auditd)"
|
||||||
else
|
else
|
||||||
ok "$AUDIT_VALUE is present in $FILE"
|
ok "$AUDIT_VALUE is present in $FILE"
|
||||||
fi
|
fi
|
||||||
|
@ -29,7 +29,7 @@ audit() {
|
|||||||
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
||||||
debug "$AUDIT_VALUE should be in file $FILE"
|
debug "$AUDIT_VALUE should be in file $FILE"
|
||||||
IFS=$d_IFS
|
IFS=$d_IFS
|
||||||
does_pattern_exist_in_file $FILE $AUDIT_VALUE
|
does_pattern_exist_in_file "$FILE" "$AUDIT_VALUE"
|
||||||
IFS=$c_IFS
|
IFS=$c_IFS
|
||||||
if [ "$FNRET" != 0 ]; then
|
if [ "$FNRET" != 0 ]; then
|
||||||
crit "$AUDIT_VALUE is not in file $FILE"
|
crit "$AUDIT_VALUE is not in file $FILE"
|
||||||
@ -45,11 +45,11 @@ apply() {
|
|||||||
IFS=$'\n'
|
IFS=$'\n'
|
||||||
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
||||||
debug "$AUDIT_VALUE should be in file $FILE"
|
debug "$AUDIT_VALUE should be in file $FILE"
|
||||||
does_pattern_exist_in_file $FILE $AUDIT_VALUE
|
does_pattern_exist_in_file "$FILE" "$AUDIT_VALUE"
|
||||||
if [ "$FNRET" != 0 ]; then
|
if [ "$FNRET" != 0 ]; then
|
||||||
warn "$AUDIT_VALUE is not in file $FILE, adding it"
|
warn "$AUDIT_VALUE is not in file $FILE, adding it"
|
||||||
add_end_of_file $FILE $AUDIT_VALUE
|
add_end_of_file "$FILE" "$AUDIT_VALUE"
|
||||||
eval $(pkill -HUP -P 1 auditd)
|
eval "$(pkill -HUP -P 1 auditd)"
|
||||||
else
|
else
|
||||||
ok "$AUDIT_VALUE is present in $FILE"
|
ok "$AUDIT_VALUE is present in $FILE"
|
||||||
fi
|
fi
|
||||||
|
@ -32,7 +32,7 @@ audit() {
|
|||||||
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
||||||
debug "$AUDIT_VALUE should be in file $FILE"
|
debug "$AUDIT_VALUE should be in file $FILE"
|
||||||
IFS=$d_IFS
|
IFS=$d_IFS
|
||||||
does_pattern_exist_in_file $FILE $AUDIT_VALUE
|
does_pattern_exist_in_file "$FILE" "$AUDIT_VALUE"
|
||||||
IFS=$c_IFS
|
IFS=$c_IFS
|
||||||
if [ "$FNRET" != 0 ]; then
|
if [ "$FNRET" != 0 ]; then
|
||||||
crit "$AUDIT_VALUE is not in file $FILE"
|
crit "$AUDIT_VALUE is not in file $FILE"
|
||||||
@ -48,11 +48,11 @@ apply() {
|
|||||||
IFS=$'\n'
|
IFS=$'\n'
|
||||||
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
||||||
debug "$AUDIT_VALUE should be in file $FILE"
|
debug "$AUDIT_VALUE should be in file $FILE"
|
||||||
does_pattern_exist_in_file $FILE $AUDIT_VALUE
|
does_pattern_exist_in_file "$FILE" "$AUDIT_VALUE"
|
||||||
if [ "$FNRET" != 0 ]; then
|
if [ "$FNRET" != 0 ]; then
|
||||||
warn "$AUDIT_VALUE is not in file $FILE, adding it"
|
warn "$AUDIT_VALUE is not in file $FILE, adding it"
|
||||||
add_end_of_file $FILE $AUDIT_VALUE
|
add_end_of_file "$FILE" "$AUDIT_VALUE"
|
||||||
eval $(pkill -HUP -P 1 auditd)
|
eval "$(pkill -HUP -P 1 auditd)"
|
||||||
else
|
else
|
||||||
ok "$AUDIT_VALUE is present in $FILE"
|
ok "$AUDIT_VALUE is present in $FILE"
|
||||||
fi
|
fi
|
||||||
|
@ -29,7 +29,7 @@ audit() {
|
|||||||
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
||||||
debug "$AUDIT_VALUE should be in file $FILE"
|
debug "$AUDIT_VALUE should be in file $FILE"
|
||||||
IFS=$d_IFS
|
IFS=$d_IFS
|
||||||
does_pattern_exist_in_file $FILE $AUDIT_VALUE
|
does_pattern_exist_in_file "$FILE" "$AUDIT_VALUE"
|
||||||
IFS=$c_IFS
|
IFS=$c_IFS
|
||||||
if [ "$FNRET" != 0 ]; then
|
if [ "$FNRET" != 0 ]; then
|
||||||
crit "$AUDIT_VALUE is not in file $FILE"
|
crit "$AUDIT_VALUE is not in file $FILE"
|
||||||
@ -45,11 +45,11 @@ apply() {
|
|||||||
IFS=$'\n'
|
IFS=$'\n'
|
||||||
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
||||||
debug "$AUDIT_VALUE should be in file $FILE"
|
debug "$AUDIT_VALUE should be in file $FILE"
|
||||||
does_pattern_exist_in_file $FILE $AUDIT_VALUE
|
does_pattern_exist_in_file "$FILE" "$AUDIT_VALUE"
|
||||||
if [ "$FNRET" != 0 ]; then
|
if [ "$FNRET" != 0 ]; then
|
||||||
warn "$AUDIT_VALUE is not in file $FILE, adding it"
|
warn "$AUDIT_VALUE is not in file $FILE, adding it"
|
||||||
add_end_of_file $FILE $AUDIT_VALUE
|
add_end_of_file "$FILE" "$AUDIT_VALUE"
|
||||||
eval $(pkill -HUP -P 1 auditd)
|
eval "$(pkill -HUP -P 1 auditd)"
|
||||||
else
|
else
|
||||||
ok "$AUDIT_VALUE is present in $FILE"
|
ok "$AUDIT_VALUE is present in $FILE"
|
||||||
fi
|
fi
|
||||||
|
@ -33,7 +33,7 @@ audit() {
|
|||||||
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
||||||
debug "$AUDIT_VALUE should be in file $FILE"
|
debug "$AUDIT_VALUE should be in file $FILE"
|
||||||
IFS=$d_IFS
|
IFS=$d_IFS
|
||||||
does_pattern_exist_in_file $FILE $AUDIT_VALUE
|
does_pattern_exist_in_file "$FILE" "$AUDIT_VALUE"
|
||||||
IFS=$c_IFS
|
IFS=$c_IFS
|
||||||
if [ "$FNRET" != 0 ]; then
|
if [ "$FNRET" != 0 ]; then
|
||||||
crit "$AUDIT_VALUE is not in file $FILE"
|
crit "$AUDIT_VALUE is not in file $FILE"
|
||||||
@ -49,11 +49,11 @@ apply() {
|
|||||||
IFS=$'\n'
|
IFS=$'\n'
|
||||||
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
||||||
debug "$AUDIT_VALUE should be in file $FILE"
|
debug "$AUDIT_VALUE should be in file $FILE"
|
||||||
does_pattern_exist_in_file $FILE $AUDIT_VALUE
|
does_pattern_exist_in_file "$FILE" "$AUDIT_VALUE"
|
||||||
if [ "$FNRET" != 0 ]; then
|
if [ "$FNRET" != 0 ]; then
|
||||||
warn "$AUDIT_VALUE is not in file $FILE, adding it"
|
warn "$AUDIT_VALUE is not in file $FILE, adding it"
|
||||||
add_end_of_file $FILE $AUDIT_VALUE
|
add_end_of_file "$FILE" "$AUDIT_VALUE"
|
||||||
eval $(pkill -HUP -P 1 auditd)
|
eval "$(pkill -HUP -P 1 auditd)"
|
||||||
else
|
else
|
||||||
ok "$AUDIT_VALUE is present in $FILE"
|
ok "$AUDIT_VALUE is present in $FILE"
|
||||||
fi
|
fi
|
||||||
|
@ -33,7 +33,7 @@ audit() {
|
|||||||
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
||||||
debug "$AUDIT_VALUE should be in file $FILE"
|
debug "$AUDIT_VALUE should be in file $FILE"
|
||||||
IFS=$d_IFS
|
IFS=$d_IFS
|
||||||
does_pattern_exist_in_file $FILE $AUDIT_VALUE
|
does_pattern_exist_in_file "$FILE" "$AUDIT_VALUE"
|
||||||
IFS=$c_IFS
|
IFS=$c_IFS
|
||||||
if [ "$FNRET" != 0 ]; then
|
if [ "$FNRET" != 0 ]; then
|
||||||
crit "$AUDIT_VALUE is not in file $FILE"
|
crit "$AUDIT_VALUE is not in file $FILE"
|
||||||
@ -49,11 +49,11 @@ apply() {
|
|||||||
IFS=$'\n'
|
IFS=$'\n'
|
||||||
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
||||||
debug "$AUDIT_VALUE should be in file $FILE"
|
debug "$AUDIT_VALUE should be in file $FILE"
|
||||||
does_pattern_exist_in_file $FILE $AUDIT_VALUE
|
does_pattern_exist_in_file "$FILE" "$AUDIT_VALUE"
|
||||||
if [ "$FNRET" != 0 ]; then
|
if [ "$FNRET" != 0 ]; then
|
||||||
warn "$AUDIT_VALUE is not in file $FILE, adding it"
|
warn "$AUDIT_VALUE is not in file $FILE, adding it"
|
||||||
add_end_of_file $FILE $AUDIT_VALUE
|
add_end_of_file "$FILE" "$AUDIT_VALUE"
|
||||||
eval $(pkill -HUP -P 1 auditd)
|
eval "$(pkill -HUP -P 1 auditd)"
|
||||||
else
|
else
|
||||||
ok "$AUDIT_VALUE is present in $FILE"
|
ok "$AUDIT_VALUE is present in $FILE"
|
||||||
fi
|
fi
|
||||||
|
@ -34,7 +34,7 @@ audit() {
|
|||||||
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
||||||
debug "$AUDIT_VALUE should be in file $FILE"
|
debug "$AUDIT_VALUE should be in file $FILE"
|
||||||
IFS=$d_IFS
|
IFS=$d_IFS
|
||||||
does_pattern_exist_in_file $FILE $AUDIT_VALUE
|
does_pattern_exist_in_file "$FILE" "$AUDIT_VALUE"
|
||||||
IFS=$c_IFS
|
IFS=$c_IFS
|
||||||
if [ "$FNRET" != 0 ]; then
|
if [ "$FNRET" != 0 ]; then
|
||||||
crit "$AUDIT_VALUE is not in file $FILE"
|
crit "$AUDIT_VALUE is not in file $FILE"
|
||||||
@ -50,11 +50,11 @@ apply() {
|
|||||||
IFS=$'\n'
|
IFS=$'\n'
|
||||||
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
||||||
debug "$AUDIT_VALUE should be in file $FILE"
|
debug "$AUDIT_VALUE should be in file $FILE"
|
||||||
does_pattern_exist_in_file $FILE $AUDIT_VALUE
|
does_pattern_exist_in_file "$FILE" "$AUDIT_VALUE"
|
||||||
if [ "$FNRET" != 0 ]; then
|
if [ "$FNRET" != 0 ]; then
|
||||||
warn "$AUDIT_VALUE is not in file $FILE, adding it"
|
warn "$AUDIT_VALUE is not in file $FILE, adding it"
|
||||||
add_end_of_file $FILE $AUDIT_VALUE
|
add_end_of_file "$FILE" "$AUDIT_VALUE"
|
||||||
eval $(pkill -HUP -P 1 auditd)
|
eval "$(pkill -HUP -P 1 auditd)"
|
||||||
else
|
else
|
||||||
ok "$AUDIT_VALUE is present in $FILE"
|
ok "$AUDIT_VALUE is present in $FILE"
|
||||||
fi
|
fi
|
||||||
|
@ -29,7 +29,7 @@ audit() {
|
|||||||
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
||||||
debug "$AUDIT_VALUE should be in file $FILE"
|
debug "$AUDIT_VALUE should be in file $FILE"
|
||||||
IFS=$d_IFS
|
IFS=$d_IFS
|
||||||
does_pattern_exist_in_file $FILE $AUDIT_VALUE
|
does_pattern_exist_in_file "$FILE" "$AUDIT_VALUE"
|
||||||
IFS=$c_IFS
|
IFS=$c_IFS
|
||||||
if [ "$FNRET" != 0 ]; then
|
if [ "$FNRET" != 0 ]; then
|
||||||
crit "$AUDIT_VALUE is not in file $FILE"
|
crit "$AUDIT_VALUE is not in file $FILE"
|
||||||
@ -45,11 +45,11 @@ apply() {
|
|||||||
IFS=$'\n'
|
IFS=$'\n'
|
||||||
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
||||||
debug "$AUDIT_VALUE should be in file $FILE"
|
debug "$AUDIT_VALUE should be in file $FILE"
|
||||||
does_pattern_exist_in_file $FILE $AUDIT_VALUE
|
does_pattern_exist_in_file "$FILE" "$AUDIT_VALUE"
|
||||||
if [ "$FNRET" != 0 ]; then
|
if [ "$FNRET" != 0 ]; then
|
||||||
warn "$AUDIT_VALUE is not in file $FILE, adding it"
|
warn "$AUDIT_VALUE is not in file $FILE, adding it"
|
||||||
add_end_of_file $FILE $AUDIT_VALUE
|
add_end_of_file "$FILE" "$AUDIT_VALUE"
|
||||||
eval $(pkill -HUP -P 1 auditd)
|
eval "$(pkill -HUP -P 1 auditd)"
|
||||||
else
|
else
|
||||||
ok "$AUDIT_VALUE is present in $FILE"
|
ok "$AUDIT_VALUE is present in $FILE"
|
||||||
fi
|
fi
|
||||||
|
@ -31,7 +31,7 @@ audit() {
|
|||||||
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
||||||
debug "$AUDIT_VALUE should be in file $FILE"
|
debug "$AUDIT_VALUE should be in file $FILE"
|
||||||
IFS=$d_IFS
|
IFS=$d_IFS
|
||||||
does_pattern_exist_in_file $FILE $AUDIT_VALUE
|
does_pattern_exist_in_file "$FILE" "$AUDIT_VALUE"
|
||||||
IFS=$c_IFS
|
IFS=$c_IFS
|
||||||
if [ "$FNRET" != 0 ]; then
|
if [ "$FNRET" != 0 ]; then
|
||||||
crit "$AUDIT_VALUE is not in file $FILE"
|
crit "$AUDIT_VALUE is not in file $FILE"
|
||||||
@ -47,11 +47,11 @@ apply() {
|
|||||||
IFS=$'\n'
|
IFS=$'\n'
|
||||||
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
||||||
debug "$AUDIT_VALUE should be in file $FILE"
|
debug "$AUDIT_VALUE should be in file $FILE"
|
||||||
does_pattern_exist_in_file $FILE $AUDIT_VALUE
|
does_pattern_exist_in_file "$FILE" "$AUDIT_VALUE"
|
||||||
if [ "$FNRET" != 0 ]; then
|
if [ "$FNRET" != 0 ]; then
|
||||||
warn "$AUDIT_VALUE is not in file $FILE, adding it"
|
warn "$AUDIT_VALUE is not in file $FILE, adding it"
|
||||||
add_end_of_file $FILE $AUDIT_VALUE
|
add_end_of_file "$FILE" "$AUDIT_VALUE"
|
||||||
eval $(pkill -HUP -P 1 auditd)
|
eval "$(pkill -HUP -P 1 auditd)"
|
||||||
else
|
else
|
||||||
ok "$AUDIT_VALUE is present in $FILE"
|
ok "$AUDIT_VALUE is present in $FILE"
|
||||||
fi
|
fi
|
||||||
|
@ -31,7 +31,7 @@ audit() {
|
|||||||
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
||||||
debug "$AUDIT_VALUE should be in file $FILE"
|
debug "$AUDIT_VALUE should be in file $FILE"
|
||||||
IFS=$d_IFS
|
IFS=$d_IFS
|
||||||
does_pattern_exist_in_file $FILE $AUDIT_VALUE
|
does_pattern_exist_in_file "$FILE" "$AUDIT_VALUE"
|
||||||
IFS=$c_IFS
|
IFS=$c_IFS
|
||||||
if [ "$FNRET" != 0 ]; then
|
if [ "$FNRET" != 0 ]; then
|
||||||
crit "$AUDIT_VALUE is not in file $FILE"
|
crit "$AUDIT_VALUE is not in file $FILE"
|
||||||
@ -47,11 +47,11 @@ apply() {
|
|||||||
IFS=$'\n'
|
IFS=$'\n'
|
||||||
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
||||||
debug "$AUDIT_VALUE should be in file $FILE"
|
debug "$AUDIT_VALUE should be in file $FILE"
|
||||||
does_pattern_exist_in_file $FILE $AUDIT_VALUE
|
does_pattern_exist_in_file "$FILE" "$AUDIT_VALUE"
|
||||||
if [ "$FNRET" != 0 ]; then
|
if [ "$FNRET" != 0 ]; then
|
||||||
warn "$AUDIT_VALUE is not in file $FILE, adding it"
|
warn "$AUDIT_VALUE is not in file $FILE, adding it"
|
||||||
add_end_of_file $FILE $AUDIT_VALUE
|
add_end_of_file "$FILE" "$AUDIT_VALUE"
|
||||||
eval $(pkill -HUP -P 1 auditd)
|
eval "$(pkill -HUP -P 1 auditd)"
|
||||||
else
|
else
|
||||||
ok "$AUDIT_VALUE is present in $FILE"
|
ok "$AUDIT_VALUE is present in $FILE"
|
||||||
fi
|
fi
|
||||||
|
@ -27,9 +27,9 @@ audit() {
|
|||||||
SEARCH_RES=0
|
SEARCH_RES=0
|
||||||
for FILE_SEARCHED in $FILES_TO_SEARCH; do
|
for FILE_SEARCHED in $FILES_TO_SEARCH; do
|
||||||
if [ $SEARCH_RES = 1 ]; then break; fi
|
if [ $SEARCH_RES = 1 ]; then break; fi
|
||||||
if test -d $FILE_SEARCHED; then
|
if test -d "$FILE_SEARCHED"; then
|
||||||
debug "$FILE_SEARCHED is a directory"
|
debug "$FILE_SEARCHED is a directory"
|
||||||
for file_in_dir in $(ls $FILE_SEARCHED); do
|
for file_in_dir in $(ls "$FILE_SEARCHED"); do
|
||||||
does_pattern_exist_in_file "$FILE_SEARCHED/$file_in_dir" "^$PATTERN"
|
does_pattern_exist_in_file "$FILE_SEARCHED/$file_in_dir" "^$PATTERN"
|
||||||
if [ "$FNRET" != 0 ]; then
|
if [ "$FNRET" != 0 ]; then
|
||||||
debug "$PATTERN is not present in $FILE_SEARCHED/$file_in_dir"
|
debug "$PATTERN is not present in $FILE_SEARCHED/$file_in_dir"
|
||||||
@ -59,9 +59,9 @@ apply() {
|
|||||||
SEARCH_RES=0
|
SEARCH_RES=0
|
||||||
for FILE_SEARCHED in $FILES_TO_SEARCH; do
|
for FILE_SEARCHED in $FILES_TO_SEARCH; do
|
||||||
if [ "$SEARCH_RES" = 1 ]; then break; fi
|
if [ "$SEARCH_RES" = 1 ]; then break; fi
|
||||||
if test -d $FILE_SEARCHED; then
|
if test -d "$FILE_SEARCHED"; then
|
||||||
debug "$FILE_SEARCHED is a directory"
|
debug "$FILE_SEARCHED is a directory"
|
||||||
for file_in_dir in $(ls $FILE_SEARCHED); do
|
for file_in_dir in $(ls "$FILE_SEARCHED"); do
|
||||||
does_pattern_exist_in_file "$FILE_SEARCHED/$file_in_dir" "^$PATTERN"
|
does_pattern_exist_in_file "$FILE_SEARCHED/$file_in_dir" "^$PATTERN"
|
||||||
if [ "$FNRET" != 0 ]; then
|
if [ "$FNRET" != 0 ]; then
|
||||||
debug "$PATTERN is not present in $FILE_SEARCHED/$file_in_dir"
|
debug "$PATTERN is not present in $FILE_SEARCHED/$file_in_dir"
|
||||||
|
Loading…
Reference in New Issue
Block a user