IMP(4.1.x): add tests for each checks

2025-06-22 02:33:42 +02:00 · 2020-11-02 15:47:27 +01:00
parent 5568065c35
commit ee4b2417c2
23 changed files with 199 additions and 20 deletions
--- a/bin/hardening/4.1.1.1_audit_log_storage.sh
+++ b/bin/hardening/4.1.1.1_audit_log_storage.sh
@ -39,6 +39,7 @@ apply () {
    does_file_exist $FILE
    if [ $FNRET != 0 ]; then
        warn "$FILE does not exist, creating it"
+        mkdir -p /etc/audit
        touch $FILE
    else
        ok "$FILE exists"
--- a/bin/hardening/4.1.1.2_halt_when_audit_log_full.sh
+++ b/bin/hardening/4.1.1.2_halt_when_audit_log_full.sh
@ -44,6 +44,7 @@ apply () {
    does_file_exist $FILE
    if [ $FNRET != 0 ]; then
        warn "$FILE does not exist, creating it"
+        mkdir -p /etc/audit/auditd.conf
        touch $FILE
    else
        ok "$FILE exists"
--- a/bin/hardening/4.1.1.3_keep_all_audit_logs.sh
+++ b/bin/hardening/4.1.1.3_keep_all_audit_logs.sh
@ -44,6 +44,7 @@ apply () {
    does_file_exist $FILE
    if [ $FNRET != 0 ]; then
        warn "$FILE does not exist, creating it"
+        mkdir -p /etc/audit
        touch $FILE
    else
        ok "$FILE exists"
--- a/bin/hardening/4.1.4_record_date_time_edit.sh
+++ b/bin/hardening/4.1.4_record_date_time_edit.sh
@ -12,7 +12,7 @@ set -e # One error, it's over
 set -u # One variable unset, it's over

 HARDENING_LEVEL=4
-DESCRIPTION="Record events taht modify date and time information."
+DESCRIPTION="Record events that modify date and time information."

 AUDIT_PARAMS='-a always,exit -F arch=b64 -S adjtimex -S settimeofday -k time-change
 -a always,exit -F arch=b32 -S adjtimex -S settimeofday -S stime -k time-change