elie/debian-cis
1
0
Fork 0
mirror of https://github.com/ovh/debian-cis.git synced 2024-11-22 13:37:02 +01:00
Code Issues Packages Projects Releases Wiki Activity
511 Commits 4 Branches 39 Tags 2.2 MiB
05521d5961
Commit Graph

511 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Thibault Ayanides
aa90093f24 Add dependabot action 2021-01-18 11:45:13 +01:00
Thibault Ayanides
0ab210183b Beautify README.md 2021-01-18 11:45:13 +01:00
Thibault Ayanides
8f5e3c2ef8 Bump shellcheck action version 2021-01-18 11:45:13 +01:00
Thibault Ayanides
f454b18991 Change artefact name when releasing 2021-01-18 11:45:13 +01:00
Thibault Ayanides
33b0dae4c3 Check if changelog was modfified before release 2021-01-18 11:45:13 +01:00
Thibault Ayanides
44e7ea7c63 Improve workflows 2021-01-18 11:45:13 +01:00
Thibault Ayanides
3f20f99e50 Add github actions 
Add shellcheck, shellfmt, release, prerelease, functionnal tests
 2021-01-14 19:31:14 +01:00
Thibault Ayanides
45ccd337b4 Update README, AUTHORS, LICENSE 2021-01-13 11:14:26 +01:00
Thibault Ayanides
624aba950d ADD(4.2.1.6): add new syslog-ng check 2021-01-04 14:24:35 +01:00
Thibault Ayanides
0ca73899d3 ADD(4.2.2.x): add journald checks 2021-01-04 10:10:47 +01:00
Thibault Ayanides
a5e1cb90cd ADD(4.1.1.4): add new check 2021-01-04 09:03:44 +01:00
Thibault Ayanides
b6fff5b8b6 ADD(2.2.1.2): add systemd-timesyncd 2020-12-24 16:20:12 +01:00
Thibault Ayanides
e0c6692ff2 ADD(4.1.1.1): add auditd install 2020-12-24 16:20:02 +01:00
Thibault Ayanides
7c69305b44 Update changelog 2021-01-04 08:20:59 +01:00
Thibault Ayanides
e2ad0a5dcc ADD(4.4): add logrotate permissions checking 2020-12-24 10:31:47 +01:00
Thibault Ayanides
d0ab72dd26 ADD(5.2.20-23): add new sshd checks 2020-12-23 11:41:53 +01:00
Thibault Ayanides
520ab63b29 ADD(1.1.1.7): restrict FAT partitions 2020-12-23 11:05:37 +01:00
Thibault Ayanides
f626201fdd ADD(1.1.23): disable usb storage 2020-12-23 10:57:02 +01:00
Thibault Ayanides
8da1107532 ADD(1.7.x): add apparmor checks 2020-12-23 10:46:51 +01:00
Thibault Ayanides
936b84c0f2 Update documentation 2020-12-22 17:01:41 +01:00
Thibault Ayanides
9cbc3f85a9 Renum 99.x files to comply with debian10 CIS 2020-12-22 16:36:35 +01:00
Thibault Ayanides
87e242a42d Add commentaries, renum scripts 2020-12-22 15:58:10 +01:00
Thibault Ayanides
7f990b5e53 Add new checks (blank for now) 2020-12-22 14:42:45 +01:00
Thibault Ayanides
38ca43c125 Update skel 2020-12-22 11:49:26 +01:00
Thibault Ayanides
7d87619744 Renum 6.x files to comply with debian10 CIS 
renamed:    bin/hardening/6.2.7_users_valid_homedir.sh -> bin/hardening/6.2.3_users_valid_homedir.sh
	renamed:    bin/hardening/6.2.3_remove_legacy_shadow_entries.sh -> bin/hardening/6.2.4_remove_legacy_shadow_entries.sh
	renamed:    bin/hardening/6.2.4_remove_legacy_group_entries.sh -> bin/hardening/6.2.5_remove_legacy_group_entries.sh
	renamed:    bin/hardening/6.2.5_find_0_uid_non_root_account.sh -> bin/hardening/6.2.6_find_0_uid_non_root_account.sh
	renamed:    bin/hardening/6.2.6_sanitize_root_path.sh -> bin/hardening/6.2.7_sanitize_root_path.sh
	renamed:    tests/hardening/6.2.7_users_valid_homedir.sh -> tests/hardening/6.2.3_users_valid_homedir.sh
	renamed:    tests/hardening/6.2.3_remove_legacy_shadow_entries.sh -> tests/hardening/6.2.4_remove_legacy_shadow_entries.sh
	renamed:    tests/hardening/6.2.4_remove_legacy_group_entries.sh -> tests/hardening/6.2.5_remove_legacy_group_entries.sh
	renamed:    tests/hardening/6.2.5_find_0_uid_non_root_account.sh -> tests/hardening/6.2.6_find_0_uid_non_root_account.sh
	renamed:    tests/hardening/6.2.6_sanitize_root_path.sh -> tests/hardening/6.2.7_sanitize_root_path.sh
 2020-12-22 11:43:53 +01:00
Thibault Ayanides
c9e19b51e6 Renum 4.x files to comply with debian10 CIS 
renamed:    bin/hardening/4.1.2_enable_auditd.sh -> bin/hardening/4.1.1.2_enable_auditd.sh
	renamed:    bin/hardening/4.1.3_audit_bootloader.sh -> bin/hardening/4.1.1.3_audit_bootloader.sh
	renamed:    bin/hardening/4.1.11_record_failed_access_file.sh -> bin/hardening/4.1.10_record_failed_access_file.sh
	renamed:    bin/hardening/4.1.12_record_privileged_commands.sh -> bin/hardening/4.1.11_record_privileged_commands.sh
	renamed:    bin/hardening/4.1.13_record_successful_mount.sh -> bin/hardening/4.1.12_record_successful_mount.sh
	renamed:    bin/hardening/4.1.14_record_file_deletions.sh -> bin/hardening/4.1.13_record_file_deletions.sh
	renamed:    bin/hardening/4.1.15_record_sudoers_edit.sh -> bin/hardening/4.1.14_record_sudoers_edit.sh
	renamed:    bin/hardening/4.1.16_record_sudo_usage.sh -> bin/hardening/4.1.15_record_sudo_usage.sh
	renamed:    bin/hardening/4.1.17_record_kernel_modules.sh -> bin/hardening/4.1.16_record_kernel_modules.sh
	renamed:    bin/hardening/4.1.18_freeze_auditd_conf.sh -> bin/hardening/4.1.17_freeze_auditd_conf.sh
	renamed:    bin/hardening/4.1.1.1_audit_log_storage.sh -> bin/hardening/4.1.2.1_audit_log_storage.sh
	renamed:    bin/hardening/4.1.1.2_halt_when_audit_log_full.sh -> bin/hardening/4.1.2.2_halt_when_audit_log_full.sh
	renamed:    bin/hardening/4.1.1.3_keep_all_audit_logs.sh -> bin/hardening/4.1.2.3_keep_all_audit_logs.sh
	renamed:    bin/hardening/4.1.4_record_date_time_edit.sh -> bin/hardening/4.1.3_record_date_time_edit.sh
	renamed:    bin/hardening/4.1.5_record_user_group_edit.sh -> bin/hardening/4.1.4_record_user_group_edit.sh
	renamed:    bin/hardening/4.1.6_record_network_edit.sh -> bin/hardening/4.1.5_record_network_edit.sh
	renamed:    bin/hardening/4.1.7_record_mac_edit.sh -> bin/hardening/4.1.6_record_mac_edit.sh
	renamed:    bin/hardening/4.1.8_record_login_logout.sh -> bin/hardening/4.1.7_record_login_logout.sh
	renamed:    bin/hardening/4.1.9_record_session_init.sh -> bin/hardening/4.1.8_record_session_init.sh
	renamed:    bin/hardening/4.1.10_record_dac_edit.sh -> bin/hardening/4.1.9_record_dac_edit.sh
	renamed:    bin/hardening/4.2.3_install_syslog-ng.sh -> bin/hardening/4.2.2.1_install_syslog-ng.sh
	renamed:    bin/hardening/4.2.2.1_enable_syslog-ng.sh -> bin/hardening/4.2.2.2_enable_syslog-ng.sh
	renamed:    bin/hardening/4.2.2.2_configure_syslog-ng.sh -> bin/hardening/4.2.2.3_configure_syslog-ng.sh
	renamed:    bin/hardening/4.2.2.3_syslog_ng_logfiles_perm.sh -> bin/hardening/4.2.2.4_syslog_ng_logfiles_perm.sh
	renamed:    bin/hardening/4.2.2.4_syslog-ng_remote_host.sh -> bin/hardening/4.2.2.5_syslog-ng_remote_host.sh
	renamed:    bin/hardening/4.2.2.5_remote_syslog-ng_acl.sh -> bin/hardening/4.2.2.6_remote_syslog-ng_acl.sh
	renamed:    bin/hardening/4.2.4_logs_permissions.sh -> bin/hardening/4.2.3_logs_permissions.sh
	renamed:    tests/hardening/4.1.2_enable_auditd.sh -> tests/hardening/4.1.1.2_enable_auditd.sh
	renamed:    tests/hardening/4.1.3_audit_bootloader.sh -> tests/hardening/4.1.1.3_audit_bootloader.sh
	renamed:    tests/hardening/4.1.11_record_failed_access_file.sh -> tests/hardening/4.1.10_record_failed_access_file.sh
	renamed:    tests/hardening/4.1.12_record_privileged_commands.sh -> tests/hardening/4.1.11_record_privileged_commands.sh
	renamed:    tests/hardening/4.1.13_record_successful_mount.sh -> tests/hardening/4.1.12_record_successful_mount.sh
	renamed:    tests/hardening/4.1.14_record_file_deletions.sh -> tests/hardening/4.1.13_record_file_deletions.sh
	renamed:    tests/hardening/4.1.15_record_sudoers_edit.sh -> tests/hardening/4.1.14_record_sudoers_edit.sh
	renamed:    tests/hardening/4.1.16_record_sudo_usage.sh -> tests/hardening/4.1.15_record_sudo_usage.sh
	renamed:    tests/hardening/4.1.17_record_kernel_modules.sh -> tests/hardening/4.1.16_record_kernel_modules.sh
	renamed:    tests/hardening/4.1.18_freeze_auditd_conf.sh -> tests/hardening/4.1.17_freeze_auditd_conf.sh
	renamed:    tests/hardening/4.1.1.1_audit_log_storage.sh -> tests/hardening/4.1.2.1_audit_log_storage.sh
	renamed:    tests/hardening/4.1.1.2_halt_when_audit_log_full.sh -> tests/hardening/4.1.2.2_halt_when_audit_log_full.sh
	renamed:    tests/hardening/4.1.1.3_keep_all_audit_logs.sh -> tests/hardening/4.1.2.3_keep_all_audit_logs.sh
	renamed:    tests/hardening/4.1.4_record_date_time_edit.sh -> tests/hardening/4.1.3_record_date_time_edit.sh
	renamed:    tests/hardening/4.1.5_record_user_group_edit.sh -> tests/hardening/4.1.4_record_user_group_edit.sh
	renamed:    tests/hardening/4.1.6_record_network_edit.sh -> tests/hardening/4.1.5_record_network_edit.sh
	renamed:    tests/hardening/4.1.7_record_mac_edit.sh -> tests/hardening/4.1.6_record_mac_edit.sh
	renamed:    tests/hardening/4.1.8_record_login_logout.sh -> tests/hardening/4.1.7_record_login_logout.sh
	renamed:    tests/hardening/4.1.9_record_session_init.sh -> tests/hardening/4.1.8_record_session_init.sh
	renamed:    tests/hardening/4.1.10_record_dac_edit.sh -> tests/hardening/4.1.9_record_dac_edit.sh
	renamed:    tests/hardening/4.2.2.1_enable_syslog-ng.sh -> tests/hardening/4.2.2.1_install_syslog-ng.sh
	renamed:    tests/hardening/4.2.2.2_configure_syslog-ng.sh -> tests/hardening/4.2.2.2_enable_syslog-ng.sh
	renamed:    tests/hardening/4.2.2.3_syslog_ng_logfiles_perm.sh -> tests/hardening/4.2.2.3_configure_syslog-ng.sh
	renamed:    tests/hardening/4.2.2.5_remote_syslog-ng_acl.sh -> tests/hardening/4.2.2.4_syslog_ng_logfiles_perm.sh
	renamed:    tests/hardening/4.2.2.4_syslog-ng_remote_host.sh -> tests/hardening/4.2.2.5_syslog-ng_remote_host.sh
	renamed:    tests/hardening/4.2.3_install_syslog-ng.sh -> tests/hardening/4.2.2.6_remote_syslog-ng_acl.sh
	renamed:    tests/hardening/4.2.4_logs_permissions.sh -> tests/hardening/4.2.3_logs_permissions.sh
 2020-12-22 10:51:39 +01:00
Thibault Ayanides
7ce8ec8b89 Renum 2.x and 3.x files to comply with debian10 CIS 
renamed:    bin/hardening/3.7_disable_ipv6.sh -> bin/hardening/3.1.1_disable_ipv6.sh
	renamed:    bin/hardening/3.6_disable_wireless.sh -> bin/hardening/3.1.2_disable_wireless.sh
	renamed:    bin/hardening/3.1.2_disable_send_packet_redirects.sh -> bin/hardening/3.2.1_disable_send_packet_redirects.sh
	renamed:    bin/hardening/3.1.1_disable_ip_forwarding.sh -> bin/hardening/3.2.2_disable_ip_forwarding.sh
	renamed:    bin/hardening/3.2.1_disable_source_routed_packets.sh -> bin/hardening/3.3.1_disable_source_routed_packets.sh
	renamed:    bin/hardening/3.2.2_disable_icmp_redirect.sh -> bin/hardening/3.3.2_disable_icmp_redirect.sh
	renamed:    bin/hardening/3.2.3_disable_secure_icmp_redirect.sh -> bin/hardening/3.3.3_disable_secure_icmp_redirect.sh
	renamed:    bin/hardening/3.2.4_log_martian_packets.sh -> bin/hardening/3.3.4_log_martian_packets.sh
	renamed:    bin/hardening/3.2.5_ignore_broadcast_requests.sh -> bin/hardening/3.3.5_ignore_broadcast_requests.sh
	renamed:    bin/hardening/3.2.6_enable_bad_error_message_protection.sh -> bin/hardening/3.3.6_enable_bad_error_message_protection.sh
	renamed:    bin/hardening/3.2.7_enable_source_route_validation.sh -> bin/hardening/3.3.7_enable_source_route_validation.sh
	renamed:    bin/hardening/3.2.8_enable_tcp_syn_cookies.sh -> bin/hardening/3.3.8_enable_tcp_syn_cookies.sh
	renamed:    bin/hardening/3.2.9_disable_ipv6_router_advertisement.sh -> bin/hardening/3.3.9_disable_ipv6_router_advertisement.sh
	renamed:    bin/hardening/3.5_enable_firewall.sh -> bin/hardening/3.5.1.1_enable_firewall.sh
	renamed:    bin/hardening/3.5.1.1_net_fw_default_policy_drop.sh -> bin/hardening/3.5.4.1.1_net_fw_default_policy_drop.sh
	renamed:    bin/hardening/3.3.1_install_tcp_wrapper.sh -> bin/hardening/99.3.3.1_install_tcp_wrapper.sh
	renamed:    bin/hardening/3.3.2_hosts_allow.sh -> bin/hardening/99.3.3.2_hosts_allow.sh
	renamed:    bin/hardening/3.3.3_hosts_deny.sh -> bin/hardening/99.3.3.3_hosts_deny.sh
	renamed:    bin/hardening/3.3.4_hosts_allow_permissions.sh -> bin/hardening/99.3.3.4_hosts_allow_permissions.sh
	renamed:    bin/hardening/3.3.5_hosts_deny_permissions.sh -> bin/hardening/99.3.3.5_hosts_deny_permissions.sh
	renamed:    tests/hardening/3.1.2_disable_send_packet_redirects.sh -> tests/hardening/3.1.1_disable_ipv6.sh
	renamed:    tests/hardening/3.2.1_disable_source_routed_packets.sh -> tests/hardening/3.1.2_disable_wireless.sh
	renamed:    tests/hardening/3.2.2_disable_icmp_redirect.sh -> tests/hardening/3.2.1_disable_send_packet_redirects.sh
	renamed:    tests/hardening/3.1.1_disable_ip_forwarding.sh -> tests/hardening/3.2.2_disable_ip_forwarding.sh
	renamed:    tests/hardening/3.2.3_disable_secure_icmp_redirect.sh -> tests/hardening/3.3.1_disable_source_routed_packets.sh
	renamed:    tests/hardening/3.2.4_log_martian_packets.sh -> tests/hardening/3.3.2_disable_icmp_redirect.sh
	renamed:    tests/hardening/3.2.5_ignore_broadcast_requests.sh -> tests/hardening/3.3.3_disable_secure_icmp_redirect.sh
	renamed:    tests/hardening/3.2.6_enable_bad_error_message_protection.sh -> tests/hardening/3.3.4_log_martian_packets.sh
	renamed:    tests/hardening/3.2.7_enable_source_route_validation.sh -> tests/hardening/3.3.5_ignore_broadcast_requests.sh
	renamed:    tests/hardening/3.2.8_enable_tcp_syn_cookies.sh -> tests/hardening/3.3.6_enable_bad_error_message_protection.sh
	renamed:    tests/hardening/3.2.9_disable_ipv6_router_advertisement.sh -> tests/hardening/3.3.7_enable_source_route_validation.sh
	renamed:    tests/hardening/3.3.1_install_tcp_wrapper.sh -> tests/hardening/3.3.8_enable_tcp_syn_cookies.sh
	renamed:    tests/hardening/3.3.2_hosts_allow.sh -> tests/hardening/3.3.9_disable_ipv6_router_advertisement.sh
	renamed:    tests/hardening/3.3.3_hosts_deny.sh -> tests/hardening/3.5.1.1_enable_firewall.sh
	renamed:    tests/hardening/3.3.4_hosts_allow_permissions.sh -> tests/hardening/3.5.4.1.1_net_fw_default_policy_drop.sh
	renamed:    tests/hardening/3.3.5_hosts_deny_permissions.sh -> tests/hardening/99.3.3.1_install_tcp_wrapper.sh
	renamed:    tests/hardening/3.5.1.1_net_fw_default_policy_drop.sh -> tests/hardening/99.3.3.2_hosts_allow.sh
	renamed:    tests/hardening/3.5_enable_firewall.sh -> tests/hardening/99.3.3.3_hosts_deny.sh
	renamed:    tests/hardening/3.6_disable_wireless.sh -> tests/hardening/99.3.3.4_hosts_allow_permissions.sh
	renamed:    tests/hardening/3.7_disable_ipv6.sh -> tests/hardening/99.3.3.5_hosts_deny_permissions.sh

	renamed:    bin/hardening/2.2.1.2_configure_ntp.sh -> bin/hardening/2.2.1.4_configure_ntp.sh
	renamed:    tests/hardening/2.2.1.2_configure_ntp.sh -> tests/hardening/2.2.1.4_configure_ntp.sh
 2020-12-22 08:52:43 +01:00
Thibault Ayanides
2034aa7b8a Renum 1.x files to comply with debian10 CIS 
renamed:    bin/hardening/1.4.1_bootloader_ownership.sh -> bin/hardening/1.5.1_bootloader_ownership.sh
	renamed:    bin/hardening/1.4.2_bootloader_password.sh -> bin/hardening/1.5.2_bootloader_password.sh
	renamed:    bin/hardening/1.4.3_root_password.sh -> bin/hardening/1.5.3_root_password.sh
	renamed:    bin/hardening/1.5.2_enable_nx_support.sh -> bin/hardening/1.6.1_enable_nx_support.sh
	renamed:    bin/hardening/1.5.3_enable_randomized_vm_placement.sh -> bin/hardening/1.6.2_enable_randomized_vm_placement.sh
	renamed:    bin/hardening/1.5.4_disable_prelink.sh -> bin/hardening/1.6.3_disable_prelink.sh
	renamed:    bin/hardening/1.5.1_restrict_core_dumps.sh -> bin/hardening/1.6.4_restrict_core_dumps.sh
	renamed:    bin/hardening/1.6.2.1_enable_apparmor.sh -> bin/hardening/1.7.2.2_enable_apparmor.sh
	renamed:    bin/hardening/1.7.1.1_remove_os_info_motd.sh -> bin/hardening/1.8.1.1_remove_os_info_motd.sh
	renamed:    bin/hardening/1.7.1.2_remove_os_info_issue.sh -> bin/hardening/1.8.1.2_remove_os_info_issue.sh
	renamed:    bin/hardening/1.7.1.3_remove_os_info_issue_net.sh -> bin/hardening/1.8.1.3_remove_os_info_issue_net.sh
	renamed:    bin/hardening/1.7.1.4_motd_perms.sh -> bin/hardening/1.8.1.4_motd_perms.sh
	renamed:    bin/hardening/1.7.1.5_etc_issue_perms.sh -> bin/hardening/1.8.1.5_etc_issue_perms.sh
	renamed:    bin/hardening/1.7.1.6_etc_issue_net_perms.sh -> bin/hardening/1.8.1.6_etc_issue_net_perms.sh
	renamed:    bin/hardening/1.7.2_graphical_warning_banners.sh -> bin/hardening/1.8.2_graphical_warning_banners.sh
	renamed:    bin/hardening/1.8_install_updates.sh -> bin/hardening/1.9_install_updates.sh
	renamed:    tests/hardening/1.4.1_bootloader_ownership.sh -> tests/hardening/1.5.1_bootloader_ownership.sh
	renamed:    tests/hardening/1.4.2_bootloader_password.sh -> tests/hardening/1.5.2_bootloader_password.sh
	renamed:    tests/hardening/1.4.3_root_password.sh -> tests/hardening/1.5.3_root_password.sh
	renamed:    tests/hardening/1.5.2_enable_nx_support.sh -> tests/hardening/1.6.1_enable_nx_support.sh
	renamed:    tests/hardening/1.5.3_enable_randomized_vm_placement.sh -> tests/hardening/1.6.2_enable_randomized_vm_placement.sh
	renamed:    tests/hardening/1.5.4_disable_prelink.sh -> tests/hardening/1.6.3_disable_prelink.sh
	renamed:    tests/hardening/1.5.1_restrict_core_dumps.sh -> tests/hardening/1.6.4_restrict_core_dumps.sh
	renamed:    tests/hardening/1.6.2.1_enable_apparmor.sh -> tests/hardening/1.7.2.2_enable_apparmor.sh
	renamed:    tests/hardening/1.7.1.1_remove_os_info_motd.sh -> tests/hardening/1.8.1.1_remove_os_info_motd.sh
	renamed:    tests/hardening/1.7.1.2_remove_os_info_issue.sh -> tests/hardening/1.8.1.2_remove_os_info_issue.sh
	renamed:    tests/hardening/1.7.1.3_remove_os_info_issue_net.sh -> tests/hardening/1.8.1.3_remove_os_info_issue_net.sh
	renamed:    tests/hardening/1.7.1.4_motd_perms.sh -> tests/hardening/1.8.1.4_motd_perms.sh
	new file:   tests/hardening/1.8.1.5_etc_issue_perms.sh
	new file:   tests/hardening/1.8.1.6_etc_issue_net_perms.sh
	renamed:    tests/hardening/1.7.2_graphical_warning_banners.sh -> tests/hardening/1.8.2_graphical_warning_banners.sh
	renamed:    tests/hardening/1.8_install_updates.sh -> tests/hardening/1.9_install_updates.sh
 2020-12-21 16:09:27 +01:00
Thibault Ayanides
87bf29b5fe ADD(1.3.x): add new scripts for debian10 2020-12-21 15:52:47 +01:00
Thibault Ayanides
0204bb0942 IMP(shellcheck): fix docker shellcheck with new options 2020-12-21 11:43:02 +01:00
Thibault Ayanides
6e0b47ab8f Rename files, fix permissions of tests 2020-12-21 11:21:32 +01:00
Thibault Ayanides
5c40d48f85 IMP: add utils to check perm in authorized perm 2020-12-21 10:39:44 +01:00
Thibault Ayanides
a2adf0f15c ADD(6.1.3, 6.1.6-9): add new checks 
Renamed some checks, add new checks that check permissions and ownership on /etc/passwd, /etc/shadow, ...
Add new function in utils that checks that check that the file ownership is one of the authrized ownership.

	renamed:    bin/hardening/6.1.5_etc_passwd_permissions.sh -> bin/hardening/6.1.2_etc_passwd_permissions.sh
	new file:   bin/hardening/6.1.3_etc_gshadow-_permissions.sh
	renamed:    bin/hardening/6.1.6_etc_shadow_permissions.sh -> bin/hardening/6.1.4_etc_shadow_permissions.sh
	renamed:    bin/hardening/6.1.7_etc_group_permissions.sh -> bin/hardening/6.1.5_etc_group_permissions.sh
	new file:   bin/hardening/6.1.6_etc_passwd-_permissions.sh
	new file:   bin/hardening/6.1.7_etc_shadow-_permissions.sh
	new file:   bin/hardening/6.1.8_etc_group-_permissions.sh
	new file:   bin/hardening/6.1.9_etc_gshadow_permissions.sh
	modified:   lib/utils.sh
	renamed:    tests/hardening/6.1.5_etc_passwd_permissions.sh -> tests/hardening/6.1.2_etc_passwd_permissions.sh
	new file:   tests/hardening/6.1.3_etc_gshadow-_permissions.sh
	renamed:    tests/hardening/6.1.6_etc_shadow_permissions.sh -> tests/hardening/6.1.4_etc_shadow_permissions.sh
	renamed:    tests/hardening/6.1.7_etc_group_permissions.sh -> tests/hardening/6.1.5_etc_group_permissions.sh
	new file:   tests/hardening/6.1.6_etc_passwd-_permissions.sh
	new file:   tests/hardening/6.1.7_etc_shadow-_permissions.sh
	new file:   tests/hardening/6.1.8_etc_group-_permissions.sh
	new file:   tests/hardening/6.1.9_etc_gshadow_permissions.sh
 2020-12-21 10:02:52 +01:00
Thibault Ayanides
233f75023a FIX(4.1.17): fix typo leading to false positive 2021-01-04 08:15:39 +01:00
Thibault Ayanides
3560f67e3f Update changelog 2020-12-14 16:56:09 +01:00
Thibault Ayanides
f4ba90352b IMP(shellcheck): replace ls parsing by stat 2020-12-14 16:14:37 +01:00
Thibault Ayanides
cdaee7786a IMP(shellcheck) refactor new line (SC1004) 2020-12-14 16:09:14 +01:00
Thibault Ayanides
13a070319b IMP(6.2.13): fix race condition 2020-12-14 15:11:33 +01:00
Thibault Ayanides
65bdb42eb3 IMP(shellcheck): replace ls by find (SC2045) 2020-12-14 15:08:18 +01:00
Thibault Ayanides
0c16e500f5 IMP(shellcheck): replace ls in loop by glob (SC2045) 2020-12-14 14:45:38 +01:00
Thibault Ayanides
fad8e8c1f1 IMP(shellcheck): disable quoting warning for find 2020-12-14 14:28:27 +01:00
Thibault Ayanides
2ab1bd50dc IMP(shellcheck): use $@ insetad of $* (SC2048) 2020-12-14 13:58:50 +01:00
Thibault Ayanides
db27cfc39c FIX: move shfmt to project root 2020-12-10 10:00:07 +01:00
Thibault Ayanides
dee0ebc821 IMP(shellcheck): quote variables 2020-12-10 09:50:33 +01:00
Thibault Ayanides
16cc2bef71 IMP(shellcheck): fix harmless warnings (SC2155) 2020-12-10 08:40:36 +01:00
Thibault Ayanides
b9e129d8fe IMP(shellcheck): disable sed replacement (SC2001) 
Shellcheck recommands to replace sed by shell expansions in 'simple' cases.
However, the replacement here is likely to lead to erros, so we disable this rule.
Moreover, it does'nt really add readability.
 2020-12-10 08:34:57 +01:00
Thibault Ayanides
36528b55e0 IMP(shellcheck): replace deprecated egrep (SC2196) 2020-12-10 08:20:26 +01:00
Thibault Ayanides
1c56bd9930 IMP(shellcheck): remove $() in if condition (SC2091) 2020-12-10 08:16:23 +01:00
Thibault Ayanides
99ac9339f4 IMP: change apt in apt-get 2020-12-07 17:16:19 +01:00
Thibault Ayanides
b09b75a51e IMP(shellcheck): quote variables (SC2086) 2020-12-07 17:11:32 +01:00