Charles Herlin
609444a47f
Renum User and Groups settings 13.x to 6.2.x
...
renamed: bin/hardening/13.8_check_user_dot_file_perm.sh -> bin/hardening/6.2.10_check_user_dot_file_perm.sh
renamed: bin/hardening/13.19_find_user_forward_files.sh -> bin/hardening/6.2.11_find_user_forward_files.sh
renamed: bin/hardening/13.18_find_user_netrc_files.sh -> bin/hardening/6.2.12_find_user_netrc_files.sh
renamed: bin/hardening/13.9_set_perm_on_user_netrc.sh -> bin/hardening/6.2.13_set_perm_on_user_netrc.sh
renamed: bin/hardening/13.10_find_user_rhosts_files.sh -> bin/hardening/6.2.14_find_user_rhosts_files.sh
renamed: bin/hardening/13.11_find_passwd_group_inconsistencies.sh -> bin/hardening/6.2.15_find_passwd_group_inconsistencies.sh
renamed: bin/hardening/13.14_check_duplicate_uid.sh -> bin/hardening/6.2.16_check_duplicate_uid.sh
renamed: bin/hardening/13.15_check_duplicate_gid.sh -> bin/hardening/6.2.17_check_duplicate_gid.sh
renamed: bin/hardening/13.16_check_duplicate_username.sh -> bin/hardening/6.2.18_check_duplicate_username.sh
renamed: bin/hardening/13.17_check_duplicate_groupname.sh -> bin/hardening/6.2.19_check_duplicate_groupname.sh
renamed: bin/hardening/13.1_remove_empty_password_field.sh -> bin/hardening/6.2.1_remove_empty_password_field.sh
renamed: bin/hardening/13.20_shadow_group_empty.sh -> bin/hardening/6.2.20_shadow_group_empty.sh
renamed: bin/hardening/13.2_remove_legacy_passwd_entries.sh -> bin/hardening/6.2.2_remove_legacy_passwd_entries.sh
renamed: bin/hardening/13.3_remove_legacy_shadow_entries.sh -> bin/hardening/6.2.3_remove_legacy_shadow_entries.sh
renamed: bin/hardening/13.4_remove_legacy_group_entries.sh -> bin/hardening/6.2.4_remove_legacy_group_entries.sh
renamed: bin/hardening/13.5_find_0_uid_non_root_account.sh -> bin/hardening/6.2.5_find_0_uid_non_root_account.sh
renamed: bin/hardening/13.6_sanitize_root_path.sh -> bin/hardening/6.2.6_sanitize_root_path.sh
renamed: bin/hardening/13.7_check_user_dir_perm.sh -> bin/hardening/6.2.8_check_user_dir_perm.sh
renamed: bin/hardening/13.12_users_valid_homedir.sh -> bin/hardening/6.2.9_users_valid_homedir.sh
renamed: tests/hardening/13.9_set_perm_on_user_netrc.sh -> tests/hardening/6.2.10_check_user_dot_file_perm.sh
renamed: tests/hardening/13.8_check_user_dot_file_perm.sh -> tests/hardening/6.2.11_find_user_forward_files.sh
renamed: tests/hardening/13.7_check_user_dir_perm.sh -> tests/hardening/6.2.12_find_user_netrc_files.sh
renamed: tests/hardening/13.6_sanitize_root_path.sh -> tests/hardening/6.2.13_set_perm_on_user_netrc.sh
renamed: tests/hardening/13.4_remove_legacy_group_entries.sh -> tests/hardening/6.2.15_find_passwd_group_inconsistencies.sh
renamed: tests/hardening/13.14_check_duplicate_uid.sh -> tests/hardening/6.2.16_check_duplicate_uid.sh
renamed: tests/hardening/13.15_check_duplicate_gid.sh -> tests/hardening/6.2.17_check_duplicate_gid.sh
renamed: tests/hardening/13.3_remove_legacy_shadow_entries.sh -> tests/hardening/6.2.18_check_duplicate_username.sh
renamed: tests/hardening/13.2_remove_legacy_passwd_entries.sh -> tests/hardening/6.2.19_check_duplicate_groupname.sh
renamed: tests/hardening/13.20_shadow_group_empty.sh -> tests/hardening/6.2.1_remove_empty_password_field.sh
renamed: tests/hardening/13.1_remove_empty_password_field.sh -> tests/hardening/6.2.20_shadow_group_empty.sh
renamed: tests/hardening/13.19_find_user_forward_files.sh -> tests/hardening/6.2.2_remove_legacy_passwd_entries.sh
renamed: tests/hardening/13.18_find_user_netrc_files.sh -> tests/hardening/6.2.3_remove_legacy_shadow_entries.sh
renamed: tests/hardening/13.17_check_duplicate_groupname.sh -> tests/hardening/6.2.4_remove_legacy_group_entries.sh
renamed: tests/hardening/13.5_find_0_uid_non_root_account.sh -> tests/hardening/6.2.5_find_0_uid_non_root_account.sh
renamed: tests/hardening/13.16_check_duplicate_username.sh -> tests/hardening/6.2.6_sanitize_root_path.sh
renamed: tests/hardening/13.12_users_valid_homedir.sh -> tests/hardening/6.2.8_check_user_dir_perm.sh
renamed: tests/hardening/13.11_find_passwd_group_inconsistencies.sh -> tests/hardening/6.2.9_users_valid_homedir.sh
2019-09-12 17:43:12 +02:00
Charles Herlin
440aeaf45f
Renum 12.x checks to 6.1.x Verify_System_File_Permissions
...
modified: bin/hardening/12.4_etc_passwd_ownership.sh
modified: bin/hardening/12.5_etc_shadow_ownership.sh
modified: bin/hardening/12.6_etc_group_ownership.sh
renamed: bin/hardening/12.7_find_world_writable_file.sh -> bin/hardening/6.1.10_find_world_writable_file.sh
renamed: bin/hardening/12.8_find_unowned_files.sh -> bin/hardening/6.1.11_find_unowned_files.sh
renamed: bin/hardening/12.9_find_ungrouped_files.sh -> bin/hardening/6.1.12_find_ungrouped_files.sh
renamed: bin/hardening/12.10_find_suid_files.sh -> bin/hardening/6.1.13_find_suid_files.sh
renamed: bin/hardening/12.11_find_sgid_files.sh -> bin/hardening/6.1.14_find_sgid_files.sh
renamed: bin/hardening/12.1_etc_passwd_permissions.sh -> bin/hardening/6.1.2_etc_passwd_permissions.sh
renamed: bin/hardening/12.2_etc_shadow_permissions.sh -> bin/hardening/6.1.3_etc_shadow_permissions.sh
renamed: bin/hardening/12.3_etc_group_permissions.sh -> bin/hardening/6.1.4_etc_group_permissions.sh
deleted: tests/hardening/12.1_etc_passwd_permissions.sh
deleted: tests/hardening/12.2_etc_shadow_permissions.sh
deleted: tests/hardening/12.3_etc_group_permissions.sh
renamed: tests/hardening/12.7_find_world_writable_file.sh -> tests/hardening/6.1.10_find_world_writable_file.sh
renamed: tests/hardening/12.8_find_unowned_files.sh -> tests/hardening/6.1.11_find_unowned_files.sh
renamed: tests/hardening/12.9_find_ungrouped_files.sh -> tests/hardening/6.1.12_find_ungrouped_files.sh
renamed: tests/hardening/12.10_find_suid_files.sh -> tests/hardening/6.1.13_find_suid_files.sh
renamed: tests/hardening/12.11_find_sgid_files.sh -> tests/hardening/6.1.14_find_sgid_files.sh
renamed: tests/hardening/12.6_etc_group_ownership.sh -> tests/hardening/6.1.2_etc_passwd_permissions.sh
renamed: tests/hardening/12.5_etc_shadow_ownership.sh -> tests/hardening/6.1.3_etc_shadow_permissions.sh
renamed: tests/hardening/12.4_etc_passwd_ownership.sh -> tests/hardening/6.1.4_etc_group_permissions.sh
2019-09-12 16:44:45 +02:00
Charles Herlin
a085785321
Renum warning banners checks 11.x to 1.7.x
...
new file: bin/hardening/1.7.1.1_remove_os_info_motd.sh
renamed: bin/hardening/11.2_remove_os_info_warning_banners.sh -> bin/hardening/1.7.1.2_remove_os_info_issue.sh
new file: bin/hardening/1.7.1.3_remove_os_info_issue_net.sh
new file: bin/hardening/1.7.1.4_motd_perms.sh
new file: bin/hardening/1.7.1.5_etc_issue_perms.sh
new file: bin/hardening/1.7.1.6_etc_issue_net_perms.sh
renamed: bin/hardening/11.3_graphical_warning_banners.sh -> bin/hardening/1.7.2_graphical_warning_banners.sh
deleted: bin/hardening/11.1_warning_banners.sh
renamed: tests/hardening/11.3_graphical_warning_banners.sh -> tests/hardening/1.7.1.1_remove_os_info_motd.sh
renamed: tests/hardening/11.2_remove_os_info_warning_banners.sh -> tests/hardening/1.7.1.2_remove_os_info_issue.sh
renamed: tests/hardening/11.1_warning_banners.sh -> tests/hardening/1.7.1.3_remove_os_info_issue_net.sh
new file: tests/hardening/1.7.1.4_warning_banners.sh
new file: tests/hardening/1.7.2_graphical_warning_banners.sh
2019-09-12 15:42:22 +02:00
Charles Herlin
fbb73d1953
Renum 10.x to 5.4.x
...
renamed: bin/hardening/10.5_lock_inactive_user_account.sh -> bin/hardening/5.4.1.4_lock_inactive_user_account.sh
renamed: bin/hardening/10.2_disable_system_accounts.sh -> bin/hardening/5.4.2_disable_system_accounts.sh
renamed: bin/hardening/10.3_default_root_group.sh -> bin/hardening/5.4.3_default_root_group.sh
renamed: bin/hardening/10.4_default_umask.sh -> bin/hardening/5.4.4_default_umask.sh
renamed: tests/hardening/10.5_lock_inactive_user_account.sh -> tests/hardening/5.4.1.4_lock_inactive_user_account.sh
renamed: tests/hardening/10.2_disable_system_accounts.sh -> tests/hardening/5.4.2_disable_system_accounts.sh
renamed: tests/hardening/10.4_default_umask.sh -> tests/hardening/5.4.3_default_root_group.sh
renamed: tests/hardening/10.3_default_root_group.sh -> tests/hardening/5.4.4_default_umask.sh
2019-09-12 10:55:43 +02:00
Charles Herlin
47a9ffdc9c
Renum login.defs 10.1.x to 5.4.1.x
...
renamed: bin/hardening/10.1.1_set_password_exp_days.sh -> bin/hardening/5.4.1.1_set_password_exp_days.sh
renamed: bin/hardening/10.1.2_set_password_min_days_change.sh -> bin/hardening/5.4.1.2_set_password_min_days_change.sh
renamed: bin/hardening/10.1.3_set_password_exp_warning_days.sh -> bin/hardening/5.4.1.3_set_password_exp_warning_days.sh
renamed: tests/hardening/10.1.3_set_password_exp_warning_days.sh -> tests/hardening/5.4.1.1_set_password_exp_days.sh
renamed: tests/hardening/10.1.2_set_password_min_days_change.sh -> tests/hardening/5.4.1.2_set_password_min_days_change.sh
renamed: tests/hardening/10.1.1_set_password_exp_days.sh -> tests/hardening/5.4.1.3_set_password_exp_warning_days.sh
2019-09-12 10:43:48 +02:00
Charles Herlin
8a4a28a35b
Renum 9.x tty and su checks
...
renamed: bin/hardening/9.4_secure_tty.sh -> bin/hardening/5.5_secure_tty.sh
renamed: bin/hardening/9.5_restrict_su.sh -> bin/hardening/5.6_restrict_su.sh
renamed: tests/hardening/9.5_restrict_su.sh -> tests/hardening/5.5_secure_tty.sh
renamed: tests/hardening/9.4_secure_tty.sh -> tests/hardening/5.6_restrict_su.sh
2019-09-11 17:16:54 +02:00
Charles Herlin
9e61ca8367
Renum ssh config check 9.3.x to 5.2.x
...
Also renum 99.x checks that were included in CIS recommendations
renamed: bin/hardening/9.3.8_disable_root_login.sh -> bin/hardening/5.2.10_disable_root_login.sh
renamed: bin/hardening/9.3.9_disable_sshd_permitemptypasswords.sh -> bin/hardening/5.2.11_disable_sshd_permitemptypasswords.sh
renamed: bin/hardening/9.3.10_disable_sshd_setenv.sh -> bin/hardening/5.2.12_disable_sshd_setenv.sh
renamed: bin/hardening/9.3.11_sshd_ciphers.sh -> bin/hardening/5.2.13_sshd_ciphers.sh
renamed: bin/hardening/99.5.2.2_ssh_cry_mac.sh -> bin/hardening/5.2.14_ssh_cry_mac.sh
renamed: bin/hardening/99.5.2.1_ssh_cry_kex.sh -> bin/hardening/5.2.15_ssh_cry_kex.sh
renamed: bin/hardening/9.3.12_sshd_idle_timeout.sh -> bin/hardening/5.2.16_sshd_idle_timeout.sh
renamed: bin/hardening/9.3.13_sshd_limit_access.sh -> bin/hardening/5.2.18_sshd_limit_access.sh
renamed: bin/hardening/9.3.14_ssh_banner.sh -> bin/hardening/5.2.19_ssh_banner.sh
renamed: bin/hardening/9.3.3_sshd_conf_perm_ownership.sh -> bin/hardening/5.2.1_sshd_conf_perm_ownership.sh
renamed: bin/hardening/9.3.1_sshd_protocol.sh -> bin/hardening/5.2.4_sshd_protocol.sh
renamed: bin/hardening/9.3.2_sshd_loglevel.sh -> bin/hardening/5.2.5_sshd_loglevel.sh
renamed: bin/hardening/9.3.4_disable_x11_forwarding.sh -> bin/hardening/5.2.6_disable_x11_forwarding.sh
renamed: bin/hardening/9.3.5_sshd_maxauthtries.sh -> bin/hardening/5.2.7_sshd_maxauthtries.sh
renamed: bin/hardening/9.3.6_enable_sshd_ignorerhosts.sh -> bin/hardening/5.2.8_enable_sshd_ignorerhosts.sh
renamed: bin/hardening/9.3.7_disable_sshd_hostbasedauthentication.sh -> bin/hardening/5.2.9_disable_sshd_hostbasedauthentication.sh
renamed: tests/hardening/9.3.9_disable_sshd_permitemptypasswords.sh -> tests/hardening/5.2.10_disable_root_login.sh
renamed: tests/hardening/9.3.8_disable_root_login.sh -> tests/hardening/5.2.11_disable_sshd_permitemptypasswords.sh
renamed: tests/hardening/9.3.7_disable_sshd_hostbasedauthentication.sh -> tests/hardening/5.2.12_disable_sshd_setenv.sh
renamed: tests/hardening/9.3.6_enable_sshd_ignorerhosts.sh -> tests/hardening/5.2.13_sshd_ciphers.sh
renamed: tests/hardening/99.5.2.2_ssh_cry_mac.sh -> tests/hardening/5.2.14_ssh_cry_mac.sh
renamed: tests/hardening/99.5.2.1_ssh_cry_kex.sh -> tests/hardening/5.2.15_ssh_cry_kex.sh
renamed: tests/hardening/9.3.5_sshd_maxauthtries.sh -> tests/hardening/5.2.16_sshd_idle_timeout.sh
renamed: tests/hardening/9.3.4_disable_x11_forwarding.sh -> tests/hardening/5.2.18_sshd_limit_access.sh
renamed: tests/hardening/9.3.3_sshd_conf_perm_ownership.sh -> tests/hardening/5.2.19_ssh_banner.sh
renamed: tests/hardening/9.3.1_sshd_protocol.sh -> tests/hardening/5.2.1_sshd_conf_perm_ownership.sh
renamed: tests/hardening/9.3.14_ssh_banner.sh -> tests/hardening/5.2.4_sshd_protocol.sh
renamed: tests/hardening/9.3.2_sshd_loglevel.sh -> tests/hardening/5.2.5_sshd_loglevel.sh
renamed: tests/hardening/9.3.13_sshd_limit_access.sh -> tests/hardening/5.2.6_disable_x11_forwarding.sh
renamed: tests/hardening/9.3.12_sshd_idle_timeout.sh -> tests/hardening/5.2.7_sshd_maxauthtries.sh
renamed: tests/hardening/9.3.11_sshd_ciphers.sh -> tests/hardening/5.2.8_enable_sshd_ignorerhosts.sh
renamed: tests/hardening/9.3.10_disable_sshd_setenv.sh -> tests/hardening/5.2.9_disable_sshd_hostbasedauthentication.sh
2019-09-11 17:12:54 +02:00
Charles Herlin
c863a01305
Renum 9.2.x to 5.3.x Pam password settings
...
renamed: bin/hardening/9.2.1_enable_cracklib.sh -> bin/hardening/5.3.1_enable_cracklib.sh
renamed: bin/hardening/9.2.2_enable_lockout_failed_password.sh -> bin/hardening/5.3.2_enable_lockout_failed_password.sh
renamed: bin/hardening/9.2.3_limit_password_reuse.sh -> bin/hardening/5.3.3_limit_password_reuse.sh
renamed: tests/hardening/9.2.1_enable_cracklib.sh -> tests/hardening/5.3.1_enable_cracklib.sh
renamed: tests/hardening/9.2.3_limit_password_reuse.sh -> tests/hardening/5.3.2_enable_lockout_failed_password.sh
renamed: tests/hardening/9.2.2_enable_lockout_failed_password.sh -> tests/hardening/5.3.3_limit_password_reuse.sh
2019-09-11 15:40:00 +02:00
Charles Herlin
124dde8254
Renum 9.1.x to 5.1.x cron checks
...
renamed: bin/hardening/9.1.1_enable_cron.sh -> bin/hardening/5.1.1_enable_cron.sh
renamed: bin/hardening/9.1.2_crontab_perm_ownership.sh -> bin/hardening/5.1.2_crontab_perm_ownership.sh
renamed: bin/hardening/9.1.3_cron_hourly_perm_ownership.sh -> bin/hardening/5.1.3_cron_hourly_perm_ownership.sh
renamed: bin/hardening/9.1.4_cron_daily_perm_ownership.sh -> bin/hardening/5.1.4_cron_daily_perm_ownership.sh
renamed: bin/hardening/9.1.5_cron_weekly_perm_ownership.sh -> bin/hardening/5.1.5_cron_weekly_perm_ownership.sh
renamed: bin/hardening/9.1.6_cron_monthly_perm_ownership.sh -> bin/hardening/5.1.6_cron_monthly_perm_ownership.sh
renamed: bin/hardening/9.1.7_cron_d_perm_ownership.sh -> bin/hardening/5.1.7_cron_d_perm_ownership.sh
renamed: bin/hardening/9.1.8_cron_users.sh -> bin/hardening/5.1.8_cron_users.sh
renamed: tests/hardening/9.1.8_cron_users.sh -> tests/hardening/5.1.1_enable_cron.sh
renamed: tests/hardening/9.1.7_cron_d_perm_ownership.sh -> tests/hardening/5.1.2_crontab_perm_ownership.sh
renamed: tests/hardening/9.1.6_cron_monthly_perm_ownership.sh -> tests/hardening/5.1.3_cron_hourly_perm_ownership.sh
renamed: tests/hardening/9.1.5_cron_weekly_perm_ownership.sh -> tests/hardening/5.1.4_cron_daily_perm_ownership.sh
renamed: tests/hardening/9.1.4_cron_daily_perm_ownership.sh -> tests/hardening/5.1.5_cron_weekly_perm_ownership.sh
renamed: tests/hardening/9.1.3_cron_hourly_perm_ownership.sh -> tests/hardening/5.1.6_cron_monthly_perm_ownership.sh
renamed: tests/hardening/9.1.2_crontab_perm_ownership.sh -> tests/hardening/5.1.7_cron_d_perm_ownership.sh
renamed: tests/hardening/9.1.1_enable_cron.sh -> tests/hardening/5.1.8_cron_users.sh
2019-09-11 12:16:50 +02:00
Charles Herlin
65f92a7556
Renum 8.2.x to 4.2.2.x for syslog-ng
...
renamed: bin/hardening/8.2.2_enable_syslog-ng.sh -> bin/hardening/4.2.2.1_enable_syslog-ng.sh
renamed: bin/hardening/8.2.3_configure_syslog-ng.sh -> bin/hardening/4.2.2.2_configure_syslog-ng.sh
new file: bin/hardening/4.2.2.3_syslog_ng_logfiles_perm.sh
renamed: bin/hardening/8.2.5_syslog-ng_remote_host.sh -> bin/hardening/4.2.2.4_syslog-ng_remote_host.sh
renamed: bin/hardening/8.2.6_remote_syslog-ng_acl.sh -> bin/hardening/4.2.2.5_remote_syslog-ng_acl.sh
renamed: tests/hardening/8.2.6_remote_syslog-ng_acl.sh -> tests/hardening/4.2.2.1_enable_syslog-ng.sh
renamed: tests/hardening/8.2.3_configure_syslog-ng.sh -> tests/hardening/4.2.2.2_configure_syslog-ng.sh
renamed: tests/hardening/8.2.2_enable_syslog-ng.sh -> tests/hardening/4.2.2.3_syslog_ng_logfiles_perm.sh
renamed: tests/hardening/8.2.5_syslog-ng_remote_host.sh -> tests/hardening/4.2.2.4_syslog-ng_remote_host.sh
new file: tests/hardening/4.2.2.5_remote_syslog-ng_acl.sh
2019-09-11 11:52:24 +02:00
Charles Herlin
00dd3ef591
Renum 8.1.x auditing configuration
...
renamed: bin/hardening/8.1.1.1_audit_log_storage.sh -> bin/hardening/4.1.1.1_audit_log_storage.sh
renamed: bin/hardening/8.1.1.2_halt_when_audit_log_full.sh -> bin/hardening/4.1.1.2_halt_when_audit_log_full.sh
renamed: bin/hardening/8.1.1.3_keep_all_audit_logs.sh -> bin/hardening/4.1.1.3_keep_all_audit_logs.sh
renamed: bin/hardening/8.1.10_record_dac_edit.sh -> bin/hardening/4.1.10_record_dac_edit.sh
renamed: bin/hardening/8.1.11_record_failed_access_file.sh -> bin/hardening/4.1.11_record_failed_access_file.sh
renamed: bin/hardening/8.1.12_record_privileged_commands.sh -> bin/hardening/4.1.12_record_privileged_commands.sh
renamed: bin/hardening/8.1.13_record_successful_mount.sh -> bin/hardening/4.1.13_record_successful_mount.sh
renamed: bin/hardening/8.1.14_record_file_deletions.sh -> bin/hardening/4.1.14_record_file_deletions.sh
renamed: bin/hardening/8.1.15_record_sudoers_edit.sh -> bin/hardening/4.1.15_record_sudoers_edit.sh
renamed: bin/hardening/8.1.16_record_sudo_usage.sh -> bin/hardening/4.1.16_record_sudo_usage.sh
renamed: bin/hardening/8.1.17_record_kernel_modules.sh -> bin/hardening/4.1.17_record_kernel_modules.sh
renamed: bin/hardening/8.1.18_freeze_auditd_conf.sh -> bin/hardening/4.1.18_freeze_auditd_conf.sh
renamed: bin/hardening/8.1.2_enable_auditd.sh -> bin/hardening/4.1.2_enable_auditd.sh
renamed: bin/hardening/8.1.3_audit_bootloader.sh -> bin/hardening/4.1.3_audit_bootloader.sh
renamed: bin/hardening/8.1.4_record_date_time_edit.sh -> bin/hardening/4.1.4_record_date_time_edit.sh
renamed: bin/hardening/8.1.5_record_user_group_edit.sh -> bin/hardening/4.1.5_record_user_group_edit.sh
renamed: bin/hardening/8.1.6_record_network_edit.sh -> bin/hardening/4.1.6_record_network_edit.sh
renamed: bin/hardening/8.1.7_record_mac_edit.sh -> bin/hardening/4.1.7_record_mac_edit.sh
renamed: bin/hardening/8.1.8_record_login_logout.sh -> bin/hardening/4.1.8_record_login_logout.sh
renamed: bin/hardening/8.1.9_record_session_init.sh -> bin/hardening/4.1.9_record_session_init.sh
renamed: tests/hardening/8.1.9_record_session_init.sh -> tests/hardening/4.1.1.1_audit_log_storage.sh
renamed: tests/hardening/8.1.8_record_login_logout.sh -> tests/hardening/4.1.1.2_halt_when_audit_log_full.sh
renamed: tests/hardening/8.1.7_record_mac_edit.sh -> tests/hardening/4.1.1.3_keep_all_audit_logs.sh
renamed: tests/hardening/8.1.6_record_network_edit.sh -> tests/hardening/4.1.10_record_dac_edit.sh
renamed: tests/hardening/8.1.5_record_user_group_edit.sh -> tests/hardening/4.1.11_record_failed_access_file.sh
renamed: tests/hardening/8.1.4_record_date_time_edit.sh -> tests/hardening/4.1.12_record_privileged_commands.sh
renamed: tests/hardening/8.1.3_audit_bootloader.sh -> tests/hardening/4.1.13_record_successful_mount.sh
renamed: tests/hardening/8.1.2_enable_auditd.sh -> tests/hardening/4.1.14_record_file_deletions.sh
renamed: tests/hardening/8.1.18_freeze_auditd_conf.sh -> tests/hardening/4.1.15_record_sudoers_edit.sh
renamed: tests/hardening/8.1.17_record_kernel_modules.sh -> tests/hardening/4.1.16_record_sudo_usage.sh
renamed: tests/hardening/8.1.16_record_sudo_usage.sh -> tests/hardening/4.1.17_record_kernel_modules.sh
renamed: tests/hardening/8.1.15_record_sudoers_edit.sh -> tests/hardening/4.1.18_freeze_auditd_conf.sh
renamed: tests/hardening/8.1.14_record_file_deletions.sh -> tests/hardening/4.1.2_enable_auditd.sh
renamed: tests/hardening/8.1.13_record_successful_mount.sh -> tests/hardening/4.1.3_audit_bootloader.sh
renamed: tests/hardening/8.1.12_record_privileged_commands.sh -> tests/hardening/4.1.4_record_date_time_edit.sh
renamed: tests/hardening/8.1.11_record_failed_access_file.sh -> tests/hardening/4.1.5_record_user_group_edit.sh
renamed: tests/hardening/8.1.10_record_dac_edit.sh -> tests/hardening/4.1.6_record_network_edit.sh
renamed: tests/hardening/8.1.1.3_keep_all_audit_logs.sh -> tests/hardening/4.1.7_record_mac_edit.sh
renamed: tests/hardening/8.1.1.2_halt_when_audit_log_full.sh -> tests/hardening/4.1.8_record_login_logout.sh
renamed: tests/hardening/8.1.1.1_audit_log_storage.sh -> tests/hardening/4.1.9_record_session_init.sh
2019-09-09 16:45:54 +02:00
Charles Herlin
032aaa7c79
Renumber 7.5.x and 7.6
...
renamed: bin/hardening/7.5.1_disable_dccp.sh -> bin/hardening/3.4.1_disable_dccp.sh
renamed: bin/hardening/7.5.2_disable_sctp.sh -> bin/hardening/3.4.2_disable_sctp.sh
renamed: bin/hardening/7.5.3_disable_rds.sh -> bin/hardening/3.4.3_disable_rds.sh
renamed: bin/hardening/7.5.4_disable_tipc.sh -> bin/hardening/3.4.4_disable_tipc.sh
renamed: bin/hardening/7.6_disable_wireless.sh -> bin/hardening/3.6_disable_wireless.sh
renamed: tests/hardening/7.6_disable_wireless.sh -> tests/hardening/3.4.1_disable_dccp.sh
renamed: tests/hardening/7.5.4_disable_tipc.sh -> tests/hardening/3.4.2_disable_sctp.sh
renamed: tests/hardening/7.5.3_disable_rds.sh -> tests/hardening/3.4.3_disable_rds.sh
renamed: tests/hardening/7.5.2_disable_sctp.sh -> tests/hardening/3.4.4_disable_tipc.sh
renamed: tests/hardening/7.5.1_disable_dccp.sh -> tests/hardening/3.6_disable_wireless.sh
2019-08-30 17:18:26 +02:00
Charles Herlin
68f9f56192
Renumber 7.4.x tcp wrappers
...
renamed: bin/hardening/7.4.1_install_tcp_wrapper.sh -> bin/hardening/3.3.1_install_tcp_wrapper.sh
renamed: bin/hardening/7.4.2_hosts_allow.sh -> bin/hardening/3.3.2_hosts_allow.sh
renamed: bin/hardening/7.4.4_hosts_deny.sh -> bin/hardening/3.3.3_hosts_deny.sh
renamed: bin/hardening/7.4.3_hosts_allow_permissions.sh -> bin/hardening/3.3.4_hosts_allow_permissions.sh
renamed: bin/hardening/7.4.5_hosts_deny_permissions.sh -> bin/hardening/3.3.5_hosts_deny_permissions.sh
renamed: tests/hardening/7.4.5_hosts_deny_permissions.sh -> tests/hardening/3.3.1_install_tcp_wrapper.sh
renamed: tests/hardening/7.4.4_hosts_deny.sh -> tests/hardening/3.3.2_hosts_allow.sh
renamed: tests/hardening/7.4.3_hosts_allow_permissions.sh -> tests/hardening/3.3.3_hosts_deny.sh
renamed: tests/hardening/7.4.2_hosts_allow.sh -> tests/hardening/3.3.4_hosts_allow_permissions.sh
renamed: tests/hardening/7.4.1_install_tcp_wrapper.sh -> tests/hardening/3.3.5_hosts_deny_permissions.sh
2019-08-30 17:11:03 +02:00
Charles Herlin
c5674c3627
Renumber network params 7.1.x, 7.2.x and 7.3
...
renamed: bin/hardening/7.1.1_disable_ip_forwarding.sh -> bin/hardening/3.1.1_disable_ip_forwarding.sh
renamed: bin/hardening/7.1.2_disable_send_packet_redirects.sh -> bin/hardening/3.1.2_disable_send_packet_redirects.sh
renamed: bin/hardening/7.2.1_disable_source_routed_packets.sh -> bin/hardening/3.2.1_disable_source_routed_packets.sh
renamed: bin/hardening/7.2.2_disable_icmp_redirect.sh -> bin/hardening/3.2.2_disable_icmp_redirect.sh
renamed: bin/hardening/7.2.3_disable_secure_icmp_redirect.sh -> bin/hardening/3.2.3_disable_secure_icmp_redirect.sh
renamed: bin/hardening/7.2.4_log_martian_packets.sh -> bin/hardening/3.2.4_log_martian_packets.sh
renamed: bin/hardening/7.2.5_ignore_broadcast_requests.sh -> bin/hardening/3.2.5_ignore_broadcast_requests.sh
renamed: bin/hardening/7.2.8_enable_tcp_syn_cookies.sh -> bin/hardening/3.2.8_enable_tcp_syn_cookies.sh
renamed: bin/hardening/7.3.1_disable_ipv6_router_advertisement.sh -> bin/hardening/3.2.9_disable_ipv6_router_advertisement.sh
renamed: bin/hardening/7.3.3_disable_ipv6.sh -> bin/hardening/3.7_disable_ipv6.sh
deleted: bin/hardening/7.2.6_enable_bad_error_message_protection.sh
deleted: bin/hardening/7.2.7_enable_source_route_validation.sh
deleted: bin/hardening/7.3.2_disable_ipv6_redirect.sh
renamed: tests/hardening/7.3.3_disable_ipv6.sh -> tests/hardening/3.1.1_disable_ip_forwarding.sh
renamed: tests/hardening/7.3.2_disable_ipv6_redirect.sh -> tests/hardening/3.1.2_disable_send_packet_redirects.sh
renamed: tests/hardening/7.3.1_disable_ipv6_router_advertisement.sh -> tests/hardening/3.2.1_disable_source_routed_packets.sh
renamed: tests/hardening/7.2.8_enable_tcp_syn_cookies.sh -> tests/hardening/3.2.2_disable_icmp_redirect.sh
renamed: tests/hardening/7.2.7_enable_source_route_validation.sh -> tests/hardening/3.2.3_disable_secure_icmp_redirect.sh
renamed: tests/hardening/7.2.6_enable_bad_error_message_protection.sh -> tests/hardening/3.2.4_log_martian_packets.sh
renamed: tests/hardening/7.2.5_ignore_broadcast_requests.sh -> tests/hardening/3.2.5_ignore_broadcast_requests.sh
renamed: tests/hardening/7.2.4_log_martian_packets.sh -> tests/hardening/3.2.8_enable_tcp_syn_cookies.sh
renamed: tests/hardening/7.2.3_disable_secure_icmp_redirect.sh -> tests/hardening/3.2.9_disable_ipv6_router_advertisement.sh
renamed: tests/hardening/7.2.2_disable_icmp_redirect.sh -> tests/hardening/3.7_disable_ipv6.sh
deleted: tests/hardening/7.1.1_disable_ip_forwarding.sh
deleted: tests/hardening/7.1.2_disable_send_packet_redirects.sh
deleted: tests/hardening/7.2.1_disable_source_routed_packets.sh
2019-08-30 14:14:29 +02:00
Charles Herlin
e205dc7481
Renumber special purpose services 6.x
...
new file: bin/hardening/2.2.1.1_use_time_sync.sh
renamed: bin/hardening/6.5_configure_ntp.sh -> bin/hardening/2.2.1.2_configure_ntp.sh
new file: bin/hardening/2.2.1.3_configure_chrony.sh
renamed: bin/hardening/6.10_disable_http_server.sh -> bin/hardening/2.2.10_disable_http_server.sh
renamed: bin/hardening/6.11_disable_imap_pop.sh -> bin/hardening/2.2.11_disable_imap_pop.sh
renamed: bin/hardening/6.12_disable_samba.sh -> bin/hardening/2.2.12_disable_samba.sh
renamed: bin/hardening/6.13_disable_http_proxy.sh -> bin/hardening/2.2.13_disable_http_proxy.sh
renamed: bin/hardening/6.14_disable_snmp_server.sh -> bin/hardening/2.2.14_disable_snmp_server.sh
renamed: bin/hardening/6.15_mta_localhost.sh -> bin/hardening/2.2.15_mta_localhost.sh
renamed: bin/hardening/6.16_disable_rsync.sh -> bin/hardening/2.2.16_disable_rsync.sh
renamed: bin/hardening/6.1_disable_xwindow_system.sh -> bin/hardening/2.2.2_disable_xwindow_system.sh
renamed: bin/hardening/6.2_disable_avahi_server.sh -> bin/hardening/2.2.3_disable_avahi_server.sh
renamed: bin/hardening/6.4_disable_dhcp.sh -> bin/hardening/2.2.5_disable_dhcp.sh
renamed: bin/hardening/6.6_disable_ldap.sh -> bin/hardening/2.2.6_disable_ldap.sh
renamed: bin/hardening/6.7_disable_nfs_rpc.sh -> bin/hardening/2.2.7_disable_nfs_rpc.sh
renamed: bin/hardening/6.8_disable_dns_server.sh -> bin/hardening/2.2.8_disable_dns_server.sh
renamed: bin/hardening/6.9_disable_ftp.sh -> bin/hardening/2.2.9_disable_ftp.sh
deleted: bin/hardening/6.3_disable_print_server.sh
new file: tests/hardening/2.2.1.1_use_time_sync.sh
renamed: tests/hardening/6.9_disable_ftp.sh -> tests/hardening/2.2.1.2_configure_ntp.sh
renamed: tests/hardening/6.8_disable_dns_server.sh -> tests/hardening/2.2.1.3_configure_chrony.sh
renamed: tests/hardening/6.7_disable_nfs_rpc.sh -> tests/hardening/2.2.10_disable_http_server.sh
renamed: tests/hardening/6.6_disable_ldap.sh -> tests/hardening/2.2.11_disable_imap_pop.sh
renamed: tests/hardening/6.5_configure_ntp.sh -> tests/hardening/2.2.12_disable_samba.sh
renamed: tests/hardening/6.4_disable_dhcp.sh -> tests/hardening/2.2.13_disable_http_proxy.sh
renamed: tests/hardening/6.3_disable_print_server.sh -> tests/hardening/2.2.14_disable_snmp_server.sh
renamed: tests/hardening/6.2_disable_avahi_server.sh -> tests/hardening/2.2.15_mta_localhost.sh
renamed: tests/hardening/6.1_disable_xwindow_system.sh -> tests/hardening/2.2.16_disable_rsync.sh
renamed: tests/hardening/6.16_disable_rsync.sh -> tests/hardening/2.2.2_disable_xwindow_system.sh
renamed: tests/hardening/6.15_mta_localhost.sh -> tests/hardening/2.2.3_disable_avahi_server.sh
renamed: tests/hardening/6.14_disable_snmp_server.sh -> tests/hardening/2.2.5_disable_dhcp.sh
renamed: tests/hardening/6.13_disable_http_proxy.sh -> tests/hardening/2.2.6_disable_ldap.sh
renamed: tests/hardening/6.12_disable_samba.sh -> tests/hardening/2.2.7_disable_nfs_rpc.sh
renamed: tests/hardening/6.11_disable_imap_pop.sh -> tests/hardening/2.2.8_disable_dns_server.sh
renamed: tests/hardening/6.10_disable_http_server.sh -> tests/hardening/2.2.9_disable_ftp.sh
2019-08-29 16:02:39 +02:00
Charles Herlin
fbdf3b72ed
Renumbering OS services checks and removing obsolete ones
...
new file: bin/hardening/2.1.1_disable_xinetd.sh
renamed: bin/hardening/5.1.8_disable_inetd.sh -> bin/hardening/2.1.2_disable_bsd_inetd.sh
renamed: bin/hardening/5.1.1_disable_nis.sh -> bin/hardening/2.3.1_disable_nis.sh
renamed: bin/hardening/5.1.3_disable_rsh_client.sh -> bin/hardening/2.3.2_disable_rsh_client.sh
renamed: bin/hardening/5.1.5_disable_talk_client.sh -> bin/hardening/2.3.3_disable_talk_client.sh
deleted: bin/hardening/5.1.2_disable_rsh.sh
deleted: bin/hardening/5.1.4_disable_talk.sh
deleted: bin/hardening/5.1.6_disable_telnet_server.sh
deleted: bin/hardening/5.1.7_disable_tftp_server.sh
deleted: bin/hardening/5.2_disable_chargen.sh
deleted: bin/hardening/5.3_disable_daytime.sh
deleted: bin/hardening/5.4_disable_echo.sh
deleted: bin/hardening/5.5_disable_discard.sh
deleted: bin/hardening/5.6_disable_time.sh
renamed: tests/hardening/5.6_disable_time.sh -> tests/hardening/2.1.1_disable_xinetd.sh
renamed: tests/hardening/5.5_disable_discard.sh -> tests/hardening/2.3.1_disable_nis.sh
renamed: tests/hardening/5.4_disable_echo.sh -> tests/hardening/2.3.2_disable_rsh_client.sh
renamed: tests/hardening/5.3_disable_daytime.sh -> tests/hardening/2.3.3_disable_talk_client.sh
deleted: tests/hardening/5.1.1_disable_nis.sh
deleted: tests/hardening/5.1.2_disable_rsh.sh
deleted: tests/hardening/5.1.3_disable_rsh_client.sh
deleted: tests/hardening/5.1.4_disable_talk.sh
deleted: tests/hardening/5.1.5_disable_talk_client.sh
deleted: tests/hardening/5.1.6_disable_telnet_server.sh
deleted: tests/hardening/5.1.7_disable_tftp_server.sh
deleted: tests/hardening/5.1.8_disable_inetd.sh
deleted: tests/hardening/5.2_disable_chargen.sh
2019-08-29 10:33:23 +02:00
Charles Herlin
6365f58b4c
Renumbering 4.x checks
...
renamed: 4.1_restrict_core_dumps.sh -> 1.5.1_restrict_core_dumps.sh
renamed: 4.2_enable_nx_support.sh -> 1.5.2_enable_nx_support.sh
renamed: 4.3_enable_randomized_vm_placement.sh -> 1.5.3_enable_randomized_vm_placement.sh
renamed: 4.4_disable_prelink.sh -> 1.5.4_disable_prelink.sh
renamed: ../../tests/hardening/4.4_disable_prelink.sh -> ../../tests/hardening/1.5.1_restrict_core_dumps.sh
renamed: ../../tests/hardening/4.3_enable_randomized_vm_placement.sh -> ../../tests/hardening/1.5.2_enable_nx_support.sh
renamed: ../../tests/hardening/4.2_enable_nx_support.sh -> ../../tests/hardening/1.5.3_enable_randomized_vm_placement.sh
renamed: ../../tests/hardening/4.1_restrict_core_dumps.sh -> ../../tests/hardening/1.5.4_disable_prelink.sh
2019-08-28 17:26:27 +02:00
Charles Herlin
fe25b1ba38
Renumbering of bootloader checks
...
renamed: 3.1_bootloader_ownership.sh -> 1.4.1_bootloader_ownership.sh
renamed: 3.3_bootloader_password.sh -> 1.4.2_bootloader_password.sh
renamed: 3.4_root_password.sh -> 1.4.3_root_password.sh
deleted: 3.2_bootloader_permissions.sh
renamed: ../../tests/hardening/3.4_root_password.sh -> ../../tests/hardening/1.4.1_bootloader_ownership.sh
renamed: ../../tests/hardening/3.3_bootloader_password.sh -> ../../tests/hardening/1.4.2_bootloader_password.sh
renamed: ../../tests/hardening/3.1_bootloader_ownership.sh -> ../../tests/hardening/1.4.3_root_password.sh
2019-08-28 17:19:59 +02:00
Charles Herlin
0b85d16c16
First batch of renaming to comply to comply to 8v2 and 9 pdf
...
renamed: 2.19_disable_freevxfs.sh -> 1.1.1.1_disable_freevxfs.sh
renamed: 2.20_disable_jffs2.sh -> 1.1.1.2_disable_jffs2.sh
renamed: 2.21_disable_hfs.sh -> 1.1.1.3_disable_hfs.sh
renamed: 2.22_disable_hfsplus.sh -> 1.1.1.4_disable_hfsplus.sh
renamed: 2.24_disable_udf.sh -> 1.1.1.5_disable_udf.sh
renamed: 2.7_var_log_partition.sh -> 1.1.11_var_log_partition.sh
renamed: 2.8_var_log_audit_partition.sh -> 1.1.12_var_log_audit_partition.sh
renamed: 2.9_home_partition.sh -> 1.1.13_home_partition.sh
renamed: 2.10_home_nodev.sh -> 1.1.14_home_nodev.sh
renamed: 2.14_run_shm_nodev.sh -> 1.1.15_run_shm_nodev.sh
renamed: 2.15_run_shm_nosuid.sh -> 1.1.16_run_shm_nosuid.sh
renamed: 2.16_run_shm_noexec.sh -> 1.1.17_run_shm_noexec.sh
renamed: 2.11_removable_device_nodev.sh -> 1.1.18_removable_device_nodev.sh
renamed: 2.13_removable_device_nosuid.sh -> 1.1.19_removable_device_nosuid.sh
renamed: 2.12_removable_device_noexec.sh -> 1.1.20_removable_device_noexec.sh
renamed: 2.17_sticky_bit_world_writable_folder.sh -> 1.1.21_sticky_bit_world_writable_folder.sh
renamed: 2.25_disable_automounting.sh -> 1.1.22_disable_automounting.sh
renamed: 2.1_tmp_partition.sh -> 1.1.2_tmp_partition.sh
renamed: 2.2_tmp_nodev.sh -> 1.1.3_tmp_nodev.sh
renamed: 2.3_tmp_nosuid.sh -> 1.1.4_tmp_nosuid.sh
renamed: 2.4_tmp_noexec.sh -> 1.1.5_tmp_noexec.sh
renamed: 2.5_var_partition.sh -> 1.1.6_var_partition.sh
renamed: 1.1_install_updates.sh -> 1.8_install_updates.sh
2019-08-27 15:30:47 +02:00
Thibault Ayanides
88e3a515ef
5.2.17_sshd_login_grace_time
2020-10-05 17:26:13 +02:00
Thibault Ayanides
55c1cdbdde
5.2.3_ssh_host_public_keys_perm_ownership
2020-10-05 17:05:47 +02:00
Thibault Ayanides
6f5d714b55
5.2.2_ssh_host_private_keys_perm_ownership
2020-10-05 17:05:26 +02:00
Thibault Ayanides
d6e5803252
4.2.4_logs_permissions
2020-10-05 13:17:44 +02:00
Thibault Ayanides
922f28c200
4.2.3_install_syslog-ng
2020-09-30 17:03:10 +02:00
Charles Herlin
5a1a70bbd3
FIX(test/10.2): backup and restore /etc/passwd after test
2019-08-28 12:30:13 +02:00
Charles Herlin
a4969e6ba6
IMP(99.3.1): improve check with disabled passwords
2019-08-28 11:49:01 +02:00
Charles Herlin
96f3b74334
FIX(10.2): improve test to check multiple login shells
...
fix IFS bug
add test
2019-08-28 11:47:49 +02:00
Charles Herlin
1ec77dbb56
FIX(13.15): fix code that did not show duplicated group
...
Add tests
Apply shellcheck recommendations
2019-03-28 17:51:02 +01:00
Charles Herlin
8f87d75293
FIX(99.5.4): fix regex to allow other authkey options than "from"
2019-03-15 18:17:48 +01:00
Charles Herlin
02673826a0
FIX(8.2.x): fix grep and find in audit scripts
2019-03-18 16:19:05 +01:00
Charles Herlin
be1ad3e581
IMP(99.5.4): add conf to check only listed users
2019-03-05 10:49:45 +01:00
Charles Herlin
9ada868f43
IMP(8.2.4): add exceptions in check and apply
...
Apply shellcheck recommendations
2019-03-01 12:12:42 +01:00
Charles Herlin
41ccd5655a
CHORE(test 8.2.5): removed useless cleanup line
2019-02-26 15:19:05 +01:00
Charles Herlin
e46a85dc6c
FIX(9.3.2): dismiss test for initial after e7d9977
...
LogLevel not consistent at install time between debian versions
Easier to dismiss this check's result at the first step
2019-02-26 15:16:06 +01:00
Charles Herlin
1caf0f489a
FIX(12.1x): fix tests exception for mail after da6acb0b
...
Installing syslog-ng in Dockerfile added some suid/sgid binaries that
needed to be treated as exception in test scenarii
2019-02-26 15:08:21 +01:00
Charles Herlin
de7dfe5956
CHORE(2.1x): use "readlink -e" instead of custom func
...
Removed get_partition_from_symlink()
2019-02-26 15:06:51 +01:00
Charles Herlin
8031c388c6
IMP(9.3.2): Comply with Debian9 guide: verbose ssh loglevel
2019-02-25 15:16:02 +01:00
Charles Herlin
f7f2f614aa
IMP(9.3.2): Add custom configuration management
...
Add create_config to allow user to customize their conf
Improve tests
Apply shellcheck recommendations
2019-02-22 15:40:01 +01:00
Charles Herlin
605a768fe1
IMP(13.13): Add exceptions for home directories not owned by owner
...
Fill tests
Apply shellcheck recommendations
2019-02-22 15:22:58 +01:00
Charles Herlin
80a1146af7
IMP(8.2.5): find multiline pattern in files (syslog)
...
Add func to find pattern in file that spreads over multiple lines
The func will remove commented lines (that begin with '#')
and consider the file as one long line.
Thus, this is not possible to look for pattern at beginning of line
with this func ('^' and '$')
Improved pattern in 8.2.5
Add syslog-ng to installed dependencies in Dockerfiles
Fixed multifile arguments when looking for pattern that got broken
in d2bbf754
due to "nocase" and _does_pattern_exist_in_file wrapper
Please note that you can only look for pattern in ONE FILE at once
Fixed 8.2.5 and 8.3.2 with for loop on files and 'FOUND' flag
You now need to specify each and every file to look for or embed a
'find' command as follow :
`FILES="$SYSLOG_BASEDIR/syslog-ng.conf $(find $SYSLOG_BASEDIR/conf.d/)"`
Improved test files
Applied shellcheck recommendations
2019-02-22 12:39:41 +01:00
Charles Herlin
7408216957
IMP(2.1x): Retrieve actual partition when symlink
...
Add function to retrieve actual partition from symlink in lib/utils.sh
Using this func in all 3 audit scripts
Improved tests to test this func
Apply shellcheck recommendations
Trim trailing spaces
2019-02-22 12:22:14 +01:00
Charles Herlin
ac76942ca7
CHORE(tests): cleanup test files
2019-02-18 18:08:19 +01:00
Charles Herlin
cf42666833
FIX(tests): change sed in conf file disabled->audit following d6172ad
...
In test cases, changed in sed command "disabled" to "audit" to enable
apply part, following this commit
d6172ad
Change default status disabled -> audit when no conf file
5f28036
- Change default status to audit for file with custom
`create_config` (Charles Herlin Thu Feb 14 14:33:21 2019 +0100)
2019-02-15 17:42:17 +01:00
Charles Herlin
6cbe8f572f
CHORE(tests): Cleanup test files
2019-02-18 18:10:22 +01:00
Charles Herlin
982301d395
FIX(tests): improve test cases and cleanup
2019-02-18 17:25:04 +01:00
Charles Herlin
d18f5edfba
FIX(99.2): add missing $SUDO_CMD
2019-02-15 16:56:54 +01:00
Charles Herlin
6afed4eedb
Add test stub for all audit checks, to tests root/sudo consistency
2019-02-14 18:10:46 +01:00
Charles Herlin
bad32f8078
Rename dismiss_test to skip_tests since test won't even run in this case
2019-02-14 17:52:45 +01:00
Charles Herlin
1586dae0c5
Improve user management in test cases
2019-02-14 11:15:51 +01:00
Charles Herlin
1281860401
IMP: enhance scripts that check duplicate UID
...
Add exception handling in 13.14_check_duplicate_uid
Clarifies output message and explicitly displays found exceptions
Add tests
Apply shellcheck recommendation
modified: bin/hardening/13.14_check_duplicate_uid.sh
modified: bin/hardening/13.5_find_0_uid_non_root_account.sh
new file: tests/hardening/13.14_check_duplicate_uid.sh
new file: tests/hardening/13.5_find_0_uid_non_root_account.sh
2019-02-13 16:07:06 +01:00