FIX(4.1.1.4): bad pattern (#67)

fix #61
This commit is contained in:
Thibault Ayanides 2021-03-25 13:50:08 +01:00 committed by GitHub
parent 1c1393c7e3
commit f8ac58700d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 6 additions and 6 deletions

View File

@ -18,7 +18,7 @@ HARDENING_LEVEL=4
DESCRIPTION="Enable auditing for processes that start prior to auditd." DESCRIPTION="Enable auditing for processes that start prior to auditd."
FILE='/etc/default/grub' FILE='/etc/default/grub'
OPTIONS='GRUB_CMDLINE_LINUX="audit=1"' OPTIONS='GRUB_CMDLINE_LINUX=audit=1'
# This function will be called if the script status is on enabled / audit mode # This function will be called if the script status is on enabled / audit mode
audit() { audit() {
@ -30,7 +30,7 @@ audit() {
for GRUB_OPTION in $OPTIONS; do for GRUB_OPTION in $OPTIONS; do
GRUB_PARAM=$(echo "$GRUB_OPTION" | cut -d= -f 1) GRUB_PARAM=$(echo "$GRUB_OPTION" | cut -d= -f 1)
GRUB_VALUE=$(echo "$GRUB_OPTION" | cut -d= -f 2,3) GRUB_VALUE=$(echo "$GRUB_OPTION" | cut -d= -f 2,3)
PATTERN="^$GRUB_PARAM=$GRUB_VALUE" PATTERN="^$GRUB_PARAM=.*$GRUB_VALUE"
debug "$GRUB_PARAM should be set to $GRUB_VALUE" debug "$GRUB_PARAM should be set to $GRUB_VALUE"
does_pattern_exist_in_file "$FILE" "$PATTERN" does_pattern_exist_in_file "$FILE" "$PATTERN"
if [ "$FNRET" != 0 ]; then if [ "$FNRET" != 0 ]; then
@ -55,7 +55,7 @@ apply() {
GRUB_PARAM=$(echo "$GRUB_OPTION" | cut -d= -f 1) GRUB_PARAM=$(echo "$GRUB_OPTION" | cut -d= -f 1)
GRUB_VALUE=$(echo "$GRUB_OPTION" | cut -d= -f 2,3) GRUB_VALUE=$(echo "$GRUB_OPTION" | cut -d= -f 2,3)
debug "$GRUB_PARAM should be set to $GRUB_VALUE" debug "$GRUB_PARAM should be set to $GRUB_VALUE"
PATTERN="^$GRUB_PARAM=$GRUB_VALUE" PATTERN="^$GRUB_PARAM=.*$GRUB_VALUE"
does_pattern_exist_in_file "$FILE" "$PATTERN" does_pattern_exist_in_file "$FILE" "$PATTERN"
if [ "$FNRET" != 0 ]; then if [ "$FNRET" != 0 ]; then
warn "$PATTERN is not present in $FILE, adding it" warn "$PATTERN is not present in $FILE, adding it"

View File

@ -18,7 +18,7 @@ HARDENING_LEVEL=4
DESCRIPTION="Configure audit_backlog_limit to be sufficient." DESCRIPTION="Configure audit_backlog_limit to be sufficient."
FILE='/etc/default/grub' FILE='/etc/default/grub'
OPTIONS='GRUB_CMDLINE_LINUX="audit_backlog_limit=8192"' OPTIONS='GRUB_CMDLINE_LINUX=audit_backlog_limit=8192'
# This function will be called if the script status is on enabled / audit mode # This function will be called if the script status is on enabled / audit mode
audit() { audit() {
@ -30,7 +30,7 @@ audit() {
for GRUB_OPTION in $OPTIONS; do for GRUB_OPTION in $OPTIONS; do
GRUB_PARAM=$(echo "$GRUB_OPTION" | cut -d= -f 1) GRUB_PARAM=$(echo "$GRUB_OPTION" | cut -d= -f 1)
GRUB_VALUE=$(echo "$GRUB_OPTION" | cut -d= -f 2,3) GRUB_VALUE=$(echo "$GRUB_OPTION" | cut -d= -f 2,3)
PATTERN="^$GRUB_PARAM=$GRUB_VALUE" PATTERN="^$GRUB_PARAM=.*$GRUB_VALUE"
debug "$GRUB_PARAM should be set to $GRUB_VALUE" debug "$GRUB_PARAM should be set to $GRUB_VALUE"
does_pattern_exist_in_file "$FILE" "$PATTERN" does_pattern_exist_in_file "$FILE" "$PATTERN"
if [ "$FNRET" != 0 ]; then if [ "$FNRET" != 0 ]; then
@ -55,7 +55,7 @@ apply() {
GRUB_PARAM=$(echo "$GRUB_OPTION" | cut -d= -f 1) GRUB_PARAM=$(echo "$GRUB_OPTION" | cut -d= -f 1)
GRUB_VALUE=$(echo "$GRUB_OPTION" | cut -d= -f 2,3) GRUB_VALUE=$(echo "$GRUB_OPTION" | cut -d= -f 2,3)
debug "$GRUB_PARAM should be set to $GRUB_VALUE" debug "$GRUB_PARAM should be set to $GRUB_VALUE"
PATTERN="^$GRUB_PARAM=$GRUB_VALUE" PATTERN="^$GRUB_PARAM=.*$GRUB_VALUE"
does_pattern_exist_in_file "$FILE" "$PATTERN" does_pattern_exist_in_file "$FILE" "$PATTERN"
if [ "$FNRET" != 0 ]; then if [ "$FNRET" != 0 ]; then
warn "$PATTERN is not present in $FILE, adding it" warn "$PATTERN is not present in $FILE, adding it"