elie/debian-cis
1
0
Fork 0
mirror of https://github.com/ovh/debian-cis.git synced 2024-11-22 13:37:02 +01:00
Code Issues Packages Projects Releases Wiki Activity
473 Commits 4 Branches 39 Tags 2.2 MiB
3d2d97a727
Commit Graph

473 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
jeremydenoun
0edb837f80
Remove bc dependency 
Co-authored-by: Jeremy Denoun <jeremy.denoun@iguanesolutions.com>
 2021-01-22 09:31:53 +01:00
jeremydenoun
1c2e171655
Fix ovh/debian-cis:#25 (#28) 
Co-authored-by: Jeremy Denoun <jeremy.denoun@iguanesolutions.com>
 2021-01-21 16:01:34 +01:00
dependabot[bot]
4a652a94c6 Bump EndBug/add-and-commit from v6 to v7 
Bumps [EndBug/add-and-commit](https://github.com/EndBug/add-and-commit) from v6 to v7.
- [Release notes](https://github.com/EndBug/add-and-commit/releases)
- [Changelog](https://github.com/EndBug/add-and-commit/blob/master/CHANGELOG.md)
- [Commits](https://github.com/EndBug/add-and-commit/compare/v6...b3c7c1e078a023d75fb0bd326e02962575ce0519)

Signed-off-by: dependabot[bot] <support@github.com>
 2021-01-18 15:52:46 +01:00
Thibault Ayanides
89780550e6 Fix badges on README 2021-01-18 15:47:41 +01:00
Thibault Ayanides
047421f2d8 Regenerate man pages (Github action) 2021-01-18 15:47:41 +01:00
Thibault Ayanides
124aeea5cc Fix debian package build via github actions 2021-01-18 15:47:41 +01:00
Thibault Ayanides
8de9817035 Update LICENSE 2021-01-18 15:47:41 +01:00
Thibault Ayanides
3217429679 Regenerate man pages (Github action) 2021-01-18 11:45:13 +01:00
Thibault Ayanides
af38e4f404 Update changelog 2021-01-18 11:45:13 +01:00
Thibault Ayanides
efb14ea0a9 Add compile manual github action 2021-01-18 11:45:13 +01:00
Thibault Ayanides
8029da6157 Add manual 2021-01-18 11:45:13 +01:00
Thibault Ayanides
4281ed330a Update compat in debian package 2021-01-18 11:45:13 +01:00
Thibault Ayanides
aa90093f24 Add dependabot action 2021-01-18 11:45:13 +01:00
Thibault Ayanides
0ab210183b Beautify README.md 2021-01-18 11:45:13 +01:00
Thibault Ayanides
8f5e3c2ef8 Bump shellcheck action version 2021-01-18 11:45:13 +01:00
Thibault Ayanides
f454b18991 Change artefact name when releasing 2021-01-18 11:45:13 +01:00
Thibault Ayanides
33b0dae4c3 Check if changelog was modfified before release 2021-01-18 11:45:13 +01:00
Thibault Ayanides
44e7ea7c63 Improve workflows 2021-01-18 11:45:13 +01:00
Thibault Ayanides
3f20f99e50 Add github actions 
Add shellcheck, shellfmt, release, prerelease, functionnal tests
 2021-01-14 19:31:14 +01:00
Thibault Ayanides
45ccd337b4 Update README, AUTHORS, LICENSE 2021-01-13 11:14:26 +01:00
Thibault Ayanides
624aba950d ADD(4.2.1.6): add new syslog-ng check 2021-01-04 14:24:35 +01:00
Thibault Ayanides
0ca73899d3 ADD(4.2.2.x): add journald checks 2021-01-04 10:10:47 +01:00
Thibault Ayanides
a5e1cb90cd ADD(4.1.1.4): add new check 2021-01-04 09:03:44 +01:00
Thibault Ayanides
b6fff5b8b6 ADD(2.2.1.2): add systemd-timesyncd 2020-12-24 16:20:12 +01:00
Thibault Ayanides
e0c6692ff2 ADD(4.1.1.1): add auditd install 2020-12-24 16:20:02 +01:00
Thibault Ayanides
7c69305b44 Update changelog 2021-01-04 08:20:59 +01:00
Thibault Ayanides
e2ad0a5dcc ADD(4.4): add logrotate permissions checking 2020-12-24 10:31:47 +01:00
Thibault Ayanides
d0ab72dd26 ADD(5.2.20-23): add new sshd checks 2020-12-23 11:41:53 +01:00
Thibault Ayanides
520ab63b29 ADD(1.1.1.7): restrict FAT partitions 2020-12-23 11:05:37 +01:00
Thibault Ayanides
f626201fdd ADD(1.1.23): disable usb storage 2020-12-23 10:57:02 +01:00
Thibault Ayanides
8da1107532 ADD(1.7.x): add apparmor checks 2020-12-23 10:46:51 +01:00
Thibault Ayanides
936b84c0f2 Update documentation 2020-12-22 17:01:41 +01:00
Thibault Ayanides
9cbc3f85a9 Renum 99.x files to comply with debian10 CIS 2020-12-22 16:36:35 +01:00
Thibault Ayanides
87e242a42d Add commentaries, renum scripts 2020-12-22 15:58:10 +01:00
Thibault Ayanides
7f990b5e53 Add new checks (blank for now) 2020-12-22 14:42:45 +01:00
Thibault Ayanides
38ca43c125 Update skel 2020-12-22 11:49:26 +01:00
Thibault Ayanides
7d87619744 Renum 6.x files to comply with debian10 CIS 
renamed:    bin/hardening/6.2.7_users_valid_homedir.sh -> bin/hardening/6.2.3_users_valid_homedir.sh
	renamed:    bin/hardening/6.2.3_remove_legacy_shadow_entries.sh -> bin/hardening/6.2.4_remove_legacy_shadow_entries.sh
	renamed:    bin/hardening/6.2.4_remove_legacy_group_entries.sh -> bin/hardening/6.2.5_remove_legacy_group_entries.sh
	renamed:    bin/hardening/6.2.5_find_0_uid_non_root_account.sh -> bin/hardening/6.2.6_find_0_uid_non_root_account.sh
	renamed:    bin/hardening/6.2.6_sanitize_root_path.sh -> bin/hardening/6.2.7_sanitize_root_path.sh
	renamed:    tests/hardening/6.2.7_users_valid_homedir.sh -> tests/hardening/6.2.3_users_valid_homedir.sh
	renamed:    tests/hardening/6.2.3_remove_legacy_shadow_entries.sh -> tests/hardening/6.2.4_remove_legacy_shadow_entries.sh
	renamed:    tests/hardening/6.2.4_remove_legacy_group_entries.sh -> tests/hardening/6.2.5_remove_legacy_group_entries.sh
	renamed:    tests/hardening/6.2.5_find_0_uid_non_root_account.sh -> tests/hardening/6.2.6_find_0_uid_non_root_account.sh
	renamed:    tests/hardening/6.2.6_sanitize_root_path.sh -> tests/hardening/6.2.7_sanitize_root_path.sh
 2020-12-22 11:43:53 +01:00
Thibault Ayanides
c9e19b51e6 Renum 4.x files to comply with debian10 CIS 
renamed:    bin/hardening/4.1.2_enable_auditd.sh -> bin/hardening/4.1.1.2_enable_auditd.sh
	renamed:    bin/hardening/4.1.3_audit_bootloader.sh -> bin/hardening/4.1.1.3_audit_bootloader.sh
	renamed:    bin/hardening/4.1.11_record_failed_access_file.sh -> bin/hardening/4.1.10_record_failed_access_file.sh
	renamed:    bin/hardening/4.1.12_record_privileged_commands.sh -> bin/hardening/4.1.11_record_privileged_commands.sh
	renamed:    bin/hardening/4.1.13_record_successful_mount.sh -> bin/hardening/4.1.12_record_successful_mount.sh
	renamed:    bin/hardening/4.1.14_record_file_deletions.sh -> bin/hardening/4.1.13_record_file_deletions.sh
	renamed:    bin/hardening/4.1.15_record_sudoers_edit.sh -> bin/hardening/4.1.14_record_sudoers_edit.sh
	renamed:    bin/hardening/4.1.16_record_sudo_usage.sh -> bin/hardening/4.1.15_record_sudo_usage.sh
	renamed:    bin/hardening/4.1.17_record_kernel_modules.sh -> bin/hardening/4.1.16_record_kernel_modules.sh
	renamed:    bin/hardening/4.1.18_freeze_auditd_conf.sh -> bin/hardening/4.1.17_freeze_auditd_conf.sh
	renamed:    bin/hardening/4.1.1.1_audit_log_storage.sh -> bin/hardening/4.1.2.1_audit_log_storage.sh
	renamed:    bin/hardening/4.1.1.2_halt_when_audit_log_full.sh -> bin/hardening/4.1.2.2_halt_when_audit_log_full.sh
	renamed:    bin/hardening/4.1.1.3_keep_all_audit_logs.sh -> bin/hardening/4.1.2.3_keep_all_audit_logs.sh
	renamed:    bin/hardening/4.1.4_record_date_time_edit.sh -> bin/hardening/4.1.3_record_date_time_edit.sh
	renamed:    bin/hardening/4.1.5_record_user_group_edit.sh -> bin/hardening/4.1.4_record_user_group_edit.sh
	renamed:    bin/hardening/4.1.6_record_network_edit.sh -> bin/hardening/4.1.5_record_network_edit.sh
	renamed:    bin/hardening/4.1.7_record_mac_edit.sh -> bin/hardening/4.1.6_record_mac_edit.sh
	renamed:    bin/hardening/4.1.8_record_login_logout.sh -> bin/hardening/4.1.7_record_login_logout.sh
	renamed:    bin/hardening/4.1.9_record_session_init.sh -> bin/hardening/4.1.8_record_session_init.sh
	renamed:    bin/hardening/4.1.10_record_dac_edit.sh -> bin/hardening/4.1.9_record_dac_edit.sh
	renamed:    bin/hardening/4.2.3_install_syslog-ng.sh -> bin/hardening/4.2.2.1_install_syslog-ng.sh
	renamed:    bin/hardening/4.2.2.1_enable_syslog-ng.sh -> bin/hardening/4.2.2.2_enable_syslog-ng.sh
	renamed:    bin/hardening/4.2.2.2_configure_syslog-ng.sh -> bin/hardening/4.2.2.3_configure_syslog-ng.sh
	renamed:    bin/hardening/4.2.2.3_syslog_ng_logfiles_perm.sh -> bin/hardening/4.2.2.4_syslog_ng_logfiles_perm.sh
	renamed:    bin/hardening/4.2.2.4_syslog-ng_remote_host.sh -> bin/hardening/4.2.2.5_syslog-ng_remote_host.sh
	renamed:    bin/hardening/4.2.2.5_remote_syslog-ng_acl.sh -> bin/hardening/4.2.2.6_remote_syslog-ng_acl.sh
	renamed:    bin/hardening/4.2.4_logs_permissions.sh -> bin/hardening/4.2.3_logs_permissions.sh
	renamed:    tests/hardening/4.1.2_enable_auditd.sh -> tests/hardening/4.1.1.2_enable_auditd.sh
	renamed:    tests/hardening/4.1.3_audit_bootloader.sh -> tests/hardening/4.1.1.3_audit_bootloader.sh
	renamed:    tests/hardening/4.1.11_record_failed_access_file.sh -> tests/hardening/4.1.10_record_failed_access_file.sh
	renamed:    tests/hardening/4.1.12_record_privileged_commands.sh -> tests/hardening/4.1.11_record_privileged_commands.sh
	renamed:    tests/hardening/4.1.13_record_successful_mount.sh -> tests/hardening/4.1.12_record_successful_mount.sh
	renamed:    tests/hardening/4.1.14_record_file_deletions.sh -> tests/hardening/4.1.13_record_file_deletions.sh
	renamed:    tests/hardening/4.1.15_record_sudoers_edit.sh -> tests/hardening/4.1.14_record_sudoers_edit.sh
	renamed:    tests/hardening/4.1.16_record_sudo_usage.sh -> tests/hardening/4.1.15_record_sudo_usage.sh
	renamed:    tests/hardening/4.1.17_record_kernel_modules.sh -> tests/hardening/4.1.16_record_kernel_modules.sh
	renamed:    tests/hardening/4.1.18_freeze_auditd_conf.sh -> tests/hardening/4.1.17_freeze_auditd_conf.sh
	renamed:    tests/hardening/4.1.1.1_audit_log_storage.sh -> tests/hardening/4.1.2.1_audit_log_storage.sh
	renamed:    tests/hardening/4.1.1.2_halt_when_audit_log_full.sh -> tests/hardening/4.1.2.2_halt_when_audit_log_full.sh
	renamed:    tests/hardening/4.1.1.3_keep_all_audit_logs.sh -> tests/hardening/4.1.2.3_keep_all_audit_logs.sh
	renamed:    tests/hardening/4.1.4_record_date_time_edit.sh -> tests/hardening/4.1.3_record_date_time_edit.sh
	renamed:    tests/hardening/4.1.5_record_user_group_edit.sh -> tests/hardening/4.1.4_record_user_group_edit.sh
	renamed:    tests/hardening/4.1.6_record_network_edit.sh -> tests/hardening/4.1.5_record_network_edit.sh
	renamed:    tests/hardening/4.1.7_record_mac_edit.sh -> tests/hardening/4.1.6_record_mac_edit.sh
	renamed:    tests/hardening/4.1.8_record_login_logout.sh -> tests/hardening/4.1.7_record_login_logout.sh
	renamed:    tests/hardening/4.1.9_record_session_init.sh -> tests/hardening/4.1.8_record_session_init.sh
	renamed:    tests/hardening/4.1.10_record_dac_edit.sh -> tests/hardening/4.1.9_record_dac_edit.sh
	renamed:    tests/hardening/4.2.2.1_enable_syslog-ng.sh -> tests/hardening/4.2.2.1_install_syslog-ng.sh
	renamed:    tests/hardening/4.2.2.2_configure_syslog-ng.sh -> tests/hardening/4.2.2.2_enable_syslog-ng.sh
	renamed:    tests/hardening/4.2.2.3_syslog_ng_logfiles_perm.sh -> tests/hardening/4.2.2.3_configure_syslog-ng.sh
	renamed:    tests/hardening/4.2.2.5_remote_syslog-ng_acl.sh -> tests/hardening/4.2.2.4_syslog_ng_logfiles_perm.sh
	renamed:    tests/hardening/4.2.2.4_syslog-ng_remote_host.sh -> tests/hardening/4.2.2.5_syslog-ng_remote_host.sh
	renamed:    tests/hardening/4.2.3_install_syslog-ng.sh -> tests/hardening/4.2.2.6_remote_syslog-ng_acl.sh
	renamed:    tests/hardening/4.2.4_logs_permissions.sh -> tests/hardening/4.2.3_logs_permissions.sh
 2020-12-22 10:51:39 +01:00
Thibault Ayanides
7ce8ec8b89 Renum 2.x and 3.x files to comply with debian10 CIS 
renamed:    bin/hardening/3.7_disable_ipv6.sh -> bin/hardening/3.1.1_disable_ipv6.sh
	renamed:    bin/hardening/3.6_disable_wireless.sh -> bin/hardening/3.1.2_disable_wireless.sh
	renamed:    bin/hardening/3.1.2_disable_send_packet_redirects.sh -> bin/hardening/3.2.1_disable_send_packet_redirects.sh
	renamed:    bin/hardening/3.1.1_disable_ip_forwarding.sh -> bin/hardening/3.2.2_disable_ip_forwarding.sh
	renamed:    bin/hardening/3.2.1_disable_source_routed_packets.sh -> bin/hardening/3.3.1_disable_source_routed_packets.sh
	renamed:    bin/hardening/3.2.2_disable_icmp_redirect.sh -> bin/hardening/3.3.2_disable_icmp_redirect.sh
	renamed:    bin/hardening/3.2.3_disable_secure_icmp_redirect.sh -> bin/hardening/3.3.3_disable_secure_icmp_redirect.sh
	renamed:    bin/hardening/3.2.4_log_martian_packets.sh -> bin/hardening/3.3.4_log_martian_packets.sh
	renamed:    bin/hardening/3.2.5_ignore_broadcast_requests.sh -> bin/hardening/3.3.5_ignore_broadcast_requests.sh
	renamed:    bin/hardening/3.2.6_enable_bad_error_message_protection.sh -> bin/hardening/3.3.6_enable_bad_error_message_protection.sh
	renamed:    bin/hardening/3.2.7_enable_source_route_validation.sh -> bin/hardening/3.3.7_enable_source_route_validation.sh
	renamed:    bin/hardening/3.2.8_enable_tcp_syn_cookies.sh -> bin/hardening/3.3.8_enable_tcp_syn_cookies.sh
	renamed:    bin/hardening/3.2.9_disable_ipv6_router_advertisement.sh -> bin/hardening/3.3.9_disable_ipv6_router_advertisement.sh
	renamed:    bin/hardening/3.5_enable_firewall.sh -> bin/hardening/3.5.1.1_enable_firewall.sh
	renamed:    bin/hardening/3.5.1.1_net_fw_default_policy_drop.sh -> bin/hardening/3.5.4.1.1_net_fw_default_policy_drop.sh
	renamed:    bin/hardening/3.3.1_install_tcp_wrapper.sh -> bin/hardening/99.3.3.1_install_tcp_wrapper.sh
	renamed:    bin/hardening/3.3.2_hosts_allow.sh -> bin/hardening/99.3.3.2_hosts_allow.sh
	renamed:    bin/hardening/3.3.3_hosts_deny.sh -> bin/hardening/99.3.3.3_hosts_deny.sh
	renamed:    bin/hardening/3.3.4_hosts_allow_permissions.sh -> bin/hardening/99.3.3.4_hosts_allow_permissions.sh
	renamed:    bin/hardening/3.3.5_hosts_deny_permissions.sh -> bin/hardening/99.3.3.5_hosts_deny_permissions.sh
	renamed:    tests/hardening/3.1.2_disable_send_packet_redirects.sh -> tests/hardening/3.1.1_disable_ipv6.sh
	renamed:    tests/hardening/3.2.1_disable_source_routed_packets.sh -> tests/hardening/3.1.2_disable_wireless.sh
	renamed:    tests/hardening/3.2.2_disable_icmp_redirect.sh -> tests/hardening/3.2.1_disable_send_packet_redirects.sh
	renamed:    tests/hardening/3.1.1_disable_ip_forwarding.sh -> tests/hardening/3.2.2_disable_ip_forwarding.sh
	renamed:    tests/hardening/3.2.3_disable_secure_icmp_redirect.sh -> tests/hardening/3.3.1_disable_source_routed_packets.sh
	renamed:    tests/hardening/3.2.4_log_martian_packets.sh -> tests/hardening/3.3.2_disable_icmp_redirect.sh
	renamed:    tests/hardening/3.2.5_ignore_broadcast_requests.sh -> tests/hardening/3.3.3_disable_secure_icmp_redirect.sh
	renamed:    tests/hardening/3.2.6_enable_bad_error_message_protection.sh -> tests/hardening/3.3.4_log_martian_packets.sh
	renamed:    tests/hardening/3.2.7_enable_source_route_validation.sh -> tests/hardening/3.3.5_ignore_broadcast_requests.sh
	renamed:    tests/hardening/3.2.8_enable_tcp_syn_cookies.sh -> tests/hardening/3.3.6_enable_bad_error_message_protection.sh
	renamed:    tests/hardening/3.2.9_disable_ipv6_router_advertisement.sh -> tests/hardening/3.3.7_enable_source_route_validation.sh
	renamed:    tests/hardening/3.3.1_install_tcp_wrapper.sh -> tests/hardening/3.3.8_enable_tcp_syn_cookies.sh
	renamed:    tests/hardening/3.3.2_hosts_allow.sh -> tests/hardening/3.3.9_disable_ipv6_router_advertisement.sh
	renamed:    tests/hardening/3.3.3_hosts_deny.sh -> tests/hardening/3.5.1.1_enable_firewall.sh
	renamed:    tests/hardening/3.3.4_hosts_allow_permissions.sh -> tests/hardening/3.5.4.1.1_net_fw_default_policy_drop.sh
	renamed:    tests/hardening/3.3.5_hosts_deny_permissions.sh -> tests/hardening/99.3.3.1_install_tcp_wrapper.sh
	renamed:    tests/hardening/3.5.1.1_net_fw_default_policy_drop.sh -> tests/hardening/99.3.3.2_hosts_allow.sh
	renamed:    tests/hardening/3.5_enable_firewall.sh -> tests/hardening/99.3.3.3_hosts_deny.sh
	renamed:    tests/hardening/3.6_disable_wireless.sh -> tests/hardening/99.3.3.4_hosts_allow_permissions.sh
	renamed:    tests/hardening/3.7_disable_ipv6.sh -> tests/hardening/99.3.3.5_hosts_deny_permissions.sh

	renamed:    bin/hardening/2.2.1.2_configure_ntp.sh -> bin/hardening/2.2.1.4_configure_ntp.sh
	renamed:    tests/hardening/2.2.1.2_configure_ntp.sh -> tests/hardening/2.2.1.4_configure_ntp.sh
 2020-12-22 08:52:43 +01:00
Thibault Ayanides
2034aa7b8a Renum 1.x files to comply with debian10 CIS 
renamed:    bin/hardening/1.4.1_bootloader_ownership.sh -> bin/hardening/1.5.1_bootloader_ownership.sh
	renamed:    bin/hardening/1.4.2_bootloader_password.sh -> bin/hardening/1.5.2_bootloader_password.sh
	renamed:    bin/hardening/1.4.3_root_password.sh -> bin/hardening/1.5.3_root_password.sh
	renamed:    bin/hardening/1.5.2_enable_nx_support.sh -> bin/hardening/1.6.1_enable_nx_support.sh
	renamed:    bin/hardening/1.5.3_enable_randomized_vm_placement.sh -> bin/hardening/1.6.2_enable_randomized_vm_placement.sh
	renamed:    bin/hardening/1.5.4_disable_prelink.sh -> bin/hardening/1.6.3_disable_prelink.sh
	renamed:    bin/hardening/1.5.1_restrict_core_dumps.sh -> bin/hardening/1.6.4_restrict_core_dumps.sh
	renamed:    bin/hardening/1.6.2.1_enable_apparmor.sh -> bin/hardening/1.7.2.2_enable_apparmor.sh
	renamed:    bin/hardening/1.7.1.1_remove_os_info_motd.sh -> bin/hardening/1.8.1.1_remove_os_info_motd.sh
	renamed:    bin/hardening/1.7.1.2_remove_os_info_issue.sh -> bin/hardening/1.8.1.2_remove_os_info_issue.sh
	renamed:    bin/hardening/1.7.1.3_remove_os_info_issue_net.sh -> bin/hardening/1.8.1.3_remove_os_info_issue_net.sh
	renamed:    bin/hardening/1.7.1.4_motd_perms.sh -> bin/hardening/1.8.1.4_motd_perms.sh
	renamed:    bin/hardening/1.7.1.5_etc_issue_perms.sh -> bin/hardening/1.8.1.5_etc_issue_perms.sh
	renamed:    bin/hardening/1.7.1.6_etc_issue_net_perms.sh -> bin/hardening/1.8.1.6_etc_issue_net_perms.sh
	renamed:    bin/hardening/1.7.2_graphical_warning_banners.sh -> bin/hardening/1.8.2_graphical_warning_banners.sh
	renamed:    bin/hardening/1.8_install_updates.sh -> bin/hardening/1.9_install_updates.sh
	renamed:    tests/hardening/1.4.1_bootloader_ownership.sh -> tests/hardening/1.5.1_bootloader_ownership.sh
	renamed:    tests/hardening/1.4.2_bootloader_password.sh -> tests/hardening/1.5.2_bootloader_password.sh
	renamed:    tests/hardening/1.4.3_root_password.sh -> tests/hardening/1.5.3_root_password.sh
	renamed:    tests/hardening/1.5.2_enable_nx_support.sh -> tests/hardening/1.6.1_enable_nx_support.sh
	renamed:    tests/hardening/1.5.3_enable_randomized_vm_placement.sh -> tests/hardening/1.6.2_enable_randomized_vm_placement.sh
	renamed:    tests/hardening/1.5.4_disable_prelink.sh -> tests/hardening/1.6.3_disable_prelink.sh
	renamed:    tests/hardening/1.5.1_restrict_core_dumps.sh -> tests/hardening/1.6.4_restrict_core_dumps.sh
	renamed:    tests/hardening/1.6.2.1_enable_apparmor.sh -> tests/hardening/1.7.2.2_enable_apparmor.sh
	renamed:    tests/hardening/1.7.1.1_remove_os_info_motd.sh -> tests/hardening/1.8.1.1_remove_os_info_motd.sh
	renamed:    tests/hardening/1.7.1.2_remove_os_info_issue.sh -> tests/hardening/1.8.1.2_remove_os_info_issue.sh
	renamed:    tests/hardening/1.7.1.3_remove_os_info_issue_net.sh -> tests/hardening/1.8.1.3_remove_os_info_issue_net.sh
	renamed:    tests/hardening/1.7.1.4_motd_perms.sh -> tests/hardening/1.8.1.4_motd_perms.sh
	new file:   tests/hardening/1.8.1.5_etc_issue_perms.sh
	new file:   tests/hardening/1.8.1.6_etc_issue_net_perms.sh
	renamed:    tests/hardening/1.7.2_graphical_warning_banners.sh -> tests/hardening/1.8.2_graphical_warning_banners.sh
	renamed:    tests/hardening/1.8_install_updates.sh -> tests/hardening/1.9_install_updates.sh
 2020-12-21 16:09:27 +01:00
Thibault Ayanides
87bf29b5fe ADD(1.3.x): add new scripts for debian10 2020-12-21 15:52:47 +01:00
Thibault Ayanides
0204bb0942 IMP(shellcheck): fix docker shellcheck with new options 2020-12-21 11:43:02 +01:00
Thibault Ayanides
6e0b47ab8f Rename files, fix permissions of tests 2020-12-21 11:21:32 +01:00
Thibault Ayanides
5c40d48f85 IMP: add utils to check perm in authorized perm 2020-12-21 10:39:44 +01:00
Thibault Ayanides
a2adf0f15c ADD(6.1.3, 6.1.6-9): add new checks 
Renamed some checks, add new checks that check permissions and ownership on /etc/passwd, /etc/shadow, ...
Add new function in utils that checks that check that the file ownership is one of the authrized ownership.

	renamed:    bin/hardening/6.1.5_etc_passwd_permissions.sh -> bin/hardening/6.1.2_etc_passwd_permissions.sh
	new file:   bin/hardening/6.1.3_etc_gshadow-_permissions.sh
	renamed:    bin/hardening/6.1.6_etc_shadow_permissions.sh -> bin/hardening/6.1.4_etc_shadow_permissions.sh
	renamed:    bin/hardening/6.1.7_etc_group_permissions.sh -> bin/hardening/6.1.5_etc_group_permissions.sh
	new file:   bin/hardening/6.1.6_etc_passwd-_permissions.sh
	new file:   bin/hardening/6.1.7_etc_shadow-_permissions.sh
	new file:   bin/hardening/6.1.8_etc_group-_permissions.sh
	new file:   bin/hardening/6.1.9_etc_gshadow_permissions.sh
	modified:   lib/utils.sh
	renamed:    tests/hardening/6.1.5_etc_passwd_permissions.sh -> tests/hardening/6.1.2_etc_passwd_permissions.sh
	new file:   tests/hardening/6.1.3_etc_gshadow-_permissions.sh
	renamed:    tests/hardening/6.1.6_etc_shadow_permissions.sh -> tests/hardening/6.1.4_etc_shadow_permissions.sh
	renamed:    tests/hardening/6.1.7_etc_group_permissions.sh -> tests/hardening/6.1.5_etc_group_permissions.sh
	new file:   tests/hardening/6.1.6_etc_passwd-_permissions.sh
	new file:   tests/hardening/6.1.7_etc_shadow-_permissions.sh
	new file:   tests/hardening/6.1.8_etc_group-_permissions.sh
	new file:   tests/hardening/6.1.9_etc_gshadow_permissions.sh
 2020-12-21 10:02:52 +01:00
Thibault Ayanides
233f75023a FIX(4.1.17): fix typo leading to false positive 2021-01-04 08:15:39 +01:00
Thibault Ayanides
3560f67e3f Update changelog 2020-12-14 16:56:09 +01:00
Thibault Ayanides
f4ba90352b IMP(shellcheck): replace ls parsing by stat 2020-12-14 16:14:37 +01:00
Thibault Ayanides
cdaee7786a IMP(shellcheck) refactor new line (SC1004) 2020-12-14 16:09:14 +01:00
Thibault Ayanides
13a070319b IMP(6.2.13): fix race condition 2020-12-14 15:11:33 +01:00