6ae05f3fa2
Add dealing with debian 11
...
* ADD: add dockerfile for debian11
* FIX: fix crontab file not found on debian11 blank
* Add workflow for debian11
* FIX: fix debian version func to manage debian11
* Add dealing with unsupported version and distro
* Add 99.99 check that check if distro version is supported
* Use global var for debian major and distro
fix #26
2021-02-08 13:54:24 +01:00
0b6ea0d97e
IMP: add multiple Improvements
...
* add new kernel module detection (enable & listing) with detection of monolithic kernel
* change way to detect if file system type is disabled
* add global IS_CONTAINER variable
* disable test for 3.4.x to be consistent with others
* add cli options to override configuration loglevel
2021-02-04 16:21:49 +01:00
ed1baa724e
IMP: mark some checks as useless
2021-01-25 13:02:52 +01:00
bd4ddfc398
ADD(3.4.x): add checks and tests
2021-01-25 13:02:52 +01:00
6127f2fe67
IMP(4.2.2.x): improve dealing with default conf
...
The default for journald is Compress=yes and ForwardToSyslog=yes
So we check that Compress=no and ForwardToSyslog=no are not in the conf file.
2021-01-25 13:02:52 +01:00
6efefa07ac
Update shellcheck workflow
...
fix #34
2021-01-22 14:45:01 +01:00
0edb837f80
Remove bc dependency
...
Co-authored-by: Jeremy Denoun <jeremy.denoun@iguanesolutions.com >
2021-01-22 09:31:53 +01:00
1c2e171655
Fix ovh/debian-cis:#25 ( #28 )
...
Co-authored-by: Jeremy Denoun <jeremy.denoun@iguanesolutions.com >
2021-01-21 16:01:34 +01:00
624aba950d
ADD(4.2.1.6): add new syslog-ng check
2021-01-04 14:24:35 +01:00
0ca73899d3
ADD(4.2.2.x): add journald checks
2021-01-04 10:10:47 +01:00
a5e1cb90cd
ADD(4.1.1.4): add new check
2021-01-04 09:03:44 +01:00
b6fff5b8b6
ADD(2.2.1.2): add systemd-timesyncd
2020-12-24 16:20:12 +01:00
e0c6692ff2
ADD(4.1.1.1): add auditd install
2020-12-24 16:20:02 +01:00
e2ad0a5dcc
ADD(4.4): add logrotate permissions checking
2020-12-24 10:31:47 +01:00
d0ab72dd26
ADD(5.2.20-23): add new sshd checks
2020-12-23 11:41:53 +01:00
520ab63b29
ADD(1.1.1.7): restrict FAT partitions
2020-12-23 11:05:37 +01:00
f626201fdd
ADD(1.1.23): disable usb storage
2020-12-23 10:57:02 +01:00
8da1107532
ADD(1.7.x): add apparmor checks
2020-12-23 10:46:51 +01:00
936b84c0f2
Update documentation
2020-12-22 17:01:41 +01:00
9cbc3f85a9
Renum 99.x files to comply with debian10 CIS
2020-12-22 16:36:35 +01:00
87e242a42d
Add commentaries, renum scripts
2020-12-22 15:58:10 +01:00
7f990b5e53
Add new checks (blank for now)
2020-12-22 14:42:45 +01:00
7d87619744
Renum 6.x files to comply with debian10 CIS
...
renamed: bin/hardening/6.2.7_users_valid_homedir.sh -> bin/hardening/6.2.3_users_valid_homedir.sh
renamed: bin/hardening/6.2.3_remove_legacy_shadow_entries.sh -> bin/hardening/6.2.4_remove_legacy_shadow_entries.sh
renamed: bin/hardening/6.2.4_remove_legacy_group_entries.sh -> bin/hardening/6.2.5_remove_legacy_group_entries.sh
renamed: bin/hardening/6.2.5_find_0_uid_non_root_account.sh -> bin/hardening/6.2.6_find_0_uid_non_root_account.sh
renamed: bin/hardening/6.2.6_sanitize_root_path.sh -> bin/hardening/6.2.7_sanitize_root_path.sh
renamed: tests/hardening/6.2.7_users_valid_homedir.sh -> tests/hardening/6.2.3_users_valid_homedir.sh
renamed: tests/hardening/6.2.3_remove_legacy_shadow_entries.sh -> tests/hardening/6.2.4_remove_legacy_shadow_entries.sh
renamed: tests/hardening/6.2.4_remove_legacy_group_entries.sh -> tests/hardening/6.2.5_remove_legacy_group_entries.sh
renamed: tests/hardening/6.2.5_find_0_uid_non_root_account.sh -> tests/hardening/6.2.6_find_0_uid_non_root_account.sh
renamed: tests/hardening/6.2.6_sanitize_root_path.sh -> tests/hardening/6.2.7_sanitize_root_path.sh
2020-12-22 11:43:53 +01:00
c9e19b51e6
Renum 4.x files to comply with debian10 CIS
...
renamed: bin/hardening/4.1.2_enable_auditd.sh -> bin/hardening/4.1.1.2_enable_auditd.sh
renamed: bin/hardening/4.1.3_audit_bootloader.sh -> bin/hardening/4.1.1.3_audit_bootloader.sh
renamed: bin/hardening/4.1.11_record_failed_access_file.sh -> bin/hardening/4.1.10_record_failed_access_file.sh
renamed: bin/hardening/4.1.12_record_privileged_commands.sh -> bin/hardening/4.1.11_record_privileged_commands.sh
renamed: bin/hardening/4.1.13_record_successful_mount.sh -> bin/hardening/4.1.12_record_successful_mount.sh
renamed: bin/hardening/4.1.14_record_file_deletions.sh -> bin/hardening/4.1.13_record_file_deletions.sh
renamed: bin/hardening/4.1.15_record_sudoers_edit.sh -> bin/hardening/4.1.14_record_sudoers_edit.sh
renamed: bin/hardening/4.1.16_record_sudo_usage.sh -> bin/hardening/4.1.15_record_sudo_usage.sh
renamed: bin/hardening/4.1.17_record_kernel_modules.sh -> bin/hardening/4.1.16_record_kernel_modules.sh
renamed: bin/hardening/4.1.18_freeze_auditd_conf.sh -> bin/hardening/4.1.17_freeze_auditd_conf.sh
renamed: bin/hardening/4.1.1.1_audit_log_storage.sh -> bin/hardening/4.1.2.1_audit_log_storage.sh
renamed: bin/hardening/4.1.1.2_halt_when_audit_log_full.sh -> bin/hardening/4.1.2.2_halt_when_audit_log_full.sh
renamed: bin/hardening/4.1.1.3_keep_all_audit_logs.sh -> bin/hardening/4.1.2.3_keep_all_audit_logs.sh
renamed: bin/hardening/4.1.4_record_date_time_edit.sh -> bin/hardening/4.1.3_record_date_time_edit.sh
renamed: bin/hardening/4.1.5_record_user_group_edit.sh -> bin/hardening/4.1.4_record_user_group_edit.sh
renamed: bin/hardening/4.1.6_record_network_edit.sh -> bin/hardening/4.1.5_record_network_edit.sh
renamed: bin/hardening/4.1.7_record_mac_edit.sh -> bin/hardening/4.1.6_record_mac_edit.sh
renamed: bin/hardening/4.1.8_record_login_logout.sh -> bin/hardening/4.1.7_record_login_logout.sh
renamed: bin/hardening/4.1.9_record_session_init.sh -> bin/hardening/4.1.8_record_session_init.sh
renamed: bin/hardening/4.1.10_record_dac_edit.sh -> bin/hardening/4.1.9_record_dac_edit.sh
renamed: bin/hardening/4.2.3_install_syslog-ng.sh -> bin/hardening/4.2.2.1_install_syslog-ng.sh
renamed: bin/hardening/4.2.2.1_enable_syslog-ng.sh -> bin/hardening/4.2.2.2_enable_syslog-ng.sh
renamed: bin/hardening/4.2.2.2_configure_syslog-ng.sh -> bin/hardening/4.2.2.3_configure_syslog-ng.sh
renamed: bin/hardening/4.2.2.3_syslog_ng_logfiles_perm.sh -> bin/hardening/4.2.2.4_syslog_ng_logfiles_perm.sh
renamed: bin/hardening/4.2.2.4_syslog-ng_remote_host.sh -> bin/hardening/4.2.2.5_syslog-ng_remote_host.sh
renamed: bin/hardening/4.2.2.5_remote_syslog-ng_acl.sh -> bin/hardening/4.2.2.6_remote_syslog-ng_acl.sh
renamed: bin/hardening/4.2.4_logs_permissions.sh -> bin/hardening/4.2.3_logs_permissions.sh
renamed: tests/hardening/4.1.2_enable_auditd.sh -> tests/hardening/4.1.1.2_enable_auditd.sh
renamed: tests/hardening/4.1.3_audit_bootloader.sh -> tests/hardening/4.1.1.3_audit_bootloader.sh
renamed: tests/hardening/4.1.11_record_failed_access_file.sh -> tests/hardening/4.1.10_record_failed_access_file.sh
renamed: tests/hardening/4.1.12_record_privileged_commands.sh -> tests/hardening/4.1.11_record_privileged_commands.sh
renamed: tests/hardening/4.1.13_record_successful_mount.sh -> tests/hardening/4.1.12_record_successful_mount.sh
renamed: tests/hardening/4.1.14_record_file_deletions.sh -> tests/hardening/4.1.13_record_file_deletions.sh
renamed: tests/hardening/4.1.15_record_sudoers_edit.sh -> tests/hardening/4.1.14_record_sudoers_edit.sh
renamed: tests/hardening/4.1.16_record_sudo_usage.sh -> tests/hardening/4.1.15_record_sudo_usage.sh
renamed: tests/hardening/4.1.17_record_kernel_modules.sh -> tests/hardening/4.1.16_record_kernel_modules.sh
renamed: tests/hardening/4.1.18_freeze_auditd_conf.sh -> tests/hardening/4.1.17_freeze_auditd_conf.sh
renamed: tests/hardening/4.1.1.1_audit_log_storage.sh -> tests/hardening/4.1.2.1_audit_log_storage.sh
renamed: tests/hardening/4.1.1.2_halt_when_audit_log_full.sh -> tests/hardening/4.1.2.2_halt_when_audit_log_full.sh
renamed: tests/hardening/4.1.1.3_keep_all_audit_logs.sh -> tests/hardening/4.1.2.3_keep_all_audit_logs.sh
renamed: tests/hardening/4.1.4_record_date_time_edit.sh -> tests/hardening/4.1.3_record_date_time_edit.sh
renamed: tests/hardening/4.1.5_record_user_group_edit.sh -> tests/hardening/4.1.4_record_user_group_edit.sh
renamed: tests/hardening/4.1.6_record_network_edit.sh -> tests/hardening/4.1.5_record_network_edit.sh
renamed: tests/hardening/4.1.7_record_mac_edit.sh -> tests/hardening/4.1.6_record_mac_edit.sh
renamed: tests/hardening/4.1.8_record_login_logout.sh -> tests/hardening/4.1.7_record_login_logout.sh
renamed: tests/hardening/4.1.9_record_session_init.sh -> tests/hardening/4.1.8_record_session_init.sh
renamed: tests/hardening/4.1.10_record_dac_edit.sh -> tests/hardening/4.1.9_record_dac_edit.sh
renamed: tests/hardening/4.2.2.1_enable_syslog-ng.sh -> tests/hardening/4.2.2.1_install_syslog-ng.sh
renamed: tests/hardening/4.2.2.2_configure_syslog-ng.sh -> tests/hardening/4.2.2.2_enable_syslog-ng.sh
renamed: tests/hardening/4.2.2.3_syslog_ng_logfiles_perm.sh -> tests/hardening/4.2.2.3_configure_syslog-ng.sh
renamed: tests/hardening/4.2.2.5_remote_syslog-ng_acl.sh -> tests/hardening/4.2.2.4_syslog_ng_logfiles_perm.sh
renamed: tests/hardening/4.2.2.4_syslog-ng_remote_host.sh -> tests/hardening/4.2.2.5_syslog-ng_remote_host.sh
renamed: tests/hardening/4.2.3_install_syslog-ng.sh -> tests/hardening/4.2.2.6_remote_syslog-ng_acl.sh
renamed: tests/hardening/4.2.4_logs_permissions.sh -> tests/hardening/4.2.3_logs_permissions.sh
2020-12-22 10:51:39 +01:00
7ce8ec8b89
Renum 2.x and 3.x files to comply with debian10 CIS
...
renamed: bin/hardening/3.7_disable_ipv6.sh -> bin/hardening/3.1.1_disable_ipv6.sh
renamed: bin/hardening/3.6_disable_wireless.sh -> bin/hardening/3.1.2_disable_wireless.sh
renamed: bin/hardening/3.1.2_disable_send_packet_redirects.sh -> bin/hardening/3.2.1_disable_send_packet_redirects.sh
renamed: bin/hardening/3.1.1_disable_ip_forwarding.sh -> bin/hardening/3.2.2_disable_ip_forwarding.sh
renamed: bin/hardening/3.2.1_disable_source_routed_packets.sh -> bin/hardening/3.3.1_disable_source_routed_packets.sh
renamed: bin/hardening/3.2.2_disable_icmp_redirect.sh -> bin/hardening/3.3.2_disable_icmp_redirect.sh
renamed: bin/hardening/3.2.3_disable_secure_icmp_redirect.sh -> bin/hardening/3.3.3_disable_secure_icmp_redirect.sh
renamed: bin/hardening/3.2.4_log_martian_packets.sh -> bin/hardening/3.3.4_log_martian_packets.sh
renamed: bin/hardening/3.2.5_ignore_broadcast_requests.sh -> bin/hardening/3.3.5_ignore_broadcast_requests.sh
renamed: bin/hardening/3.2.6_enable_bad_error_message_protection.sh -> bin/hardening/3.3.6_enable_bad_error_message_protection.sh
renamed: bin/hardening/3.2.7_enable_source_route_validation.sh -> bin/hardening/3.3.7_enable_source_route_validation.sh
renamed: bin/hardening/3.2.8_enable_tcp_syn_cookies.sh -> bin/hardening/3.3.8_enable_tcp_syn_cookies.sh
renamed: bin/hardening/3.2.9_disable_ipv6_router_advertisement.sh -> bin/hardening/3.3.9_disable_ipv6_router_advertisement.sh
renamed: bin/hardening/3.5_enable_firewall.sh -> bin/hardening/3.5.1.1_enable_firewall.sh
renamed: bin/hardening/3.5.1.1_net_fw_default_policy_drop.sh -> bin/hardening/3.5.4.1.1_net_fw_default_policy_drop.sh
renamed: bin/hardening/3.3.1_install_tcp_wrapper.sh -> bin/hardening/99.3.3.1_install_tcp_wrapper.sh
renamed: bin/hardening/3.3.2_hosts_allow.sh -> bin/hardening/99.3.3.2_hosts_allow.sh
renamed: bin/hardening/3.3.3_hosts_deny.sh -> bin/hardening/99.3.3.3_hosts_deny.sh
renamed: bin/hardening/3.3.4_hosts_allow_permissions.sh -> bin/hardening/99.3.3.4_hosts_allow_permissions.sh
renamed: bin/hardening/3.3.5_hosts_deny_permissions.sh -> bin/hardening/99.3.3.5_hosts_deny_permissions.sh
renamed: tests/hardening/3.1.2_disable_send_packet_redirects.sh -> tests/hardening/3.1.1_disable_ipv6.sh
renamed: tests/hardening/3.2.1_disable_source_routed_packets.sh -> tests/hardening/3.1.2_disable_wireless.sh
renamed: tests/hardening/3.2.2_disable_icmp_redirect.sh -> tests/hardening/3.2.1_disable_send_packet_redirects.sh
renamed: tests/hardening/3.1.1_disable_ip_forwarding.sh -> tests/hardening/3.2.2_disable_ip_forwarding.sh
renamed: tests/hardening/3.2.3_disable_secure_icmp_redirect.sh -> tests/hardening/3.3.1_disable_source_routed_packets.sh
renamed: tests/hardening/3.2.4_log_martian_packets.sh -> tests/hardening/3.3.2_disable_icmp_redirect.sh
renamed: tests/hardening/3.2.5_ignore_broadcast_requests.sh -> tests/hardening/3.3.3_disable_secure_icmp_redirect.sh
renamed: tests/hardening/3.2.6_enable_bad_error_message_protection.sh -> tests/hardening/3.3.4_log_martian_packets.sh
renamed: tests/hardening/3.2.7_enable_source_route_validation.sh -> tests/hardening/3.3.5_ignore_broadcast_requests.sh
renamed: tests/hardening/3.2.8_enable_tcp_syn_cookies.sh -> tests/hardening/3.3.6_enable_bad_error_message_protection.sh
renamed: tests/hardening/3.2.9_disable_ipv6_router_advertisement.sh -> tests/hardening/3.3.7_enable_source_route_validation.sh
renamed: tests/hardening/3.3.1_install_tcp_wrapper.sh -> tests/hardening/3.3.8_enable_tcp_syn_cookies.sh
renamed: tests/hardening/3.3.2_hosts_allow.sh -> tests/hardening/3.3.9_disable_ipv6_router_advertisement.sh
renamed: tests/hardening/3.3.3_hosts_deny.sh -> tests/hardening/3.5.1.1_enable_firewall.sh
renamed: tests/hardening/3.3.4_hosts_allow_permissions.sh -> tests/hardening/3.5.4.1.1_net_fw_default_policy_drop.sh
renamed: tests/hardening/3.3.5_hosts_deny_permissions.sh -> tests/hardening/99.3.3.1_install_tcp_wrapper.sh
renamed: tests/hardening/3.5.1.1_net_fw_default_policy_drop.sh -> tests/hardening/99.3.3.2_hosts_allow.sh
renamed: tests/hardening/3.5_enable_firewall.sh -> tests/hardening/99.3.3.3_hosts_deny.sh
renamed: tests/hardening/3.6_disable_wireless.sh -> tests/hardening/99.3.3.4_hosts_allow_permissions.sh
renamed: tests/hardening/3.7_disable_ipv6.sh -> tests/hardening/99.3.3.5_hosts_deny_permissions.sh
renamed: bin/hardening/2.2.1.2_configure_ntp.sh -> bin/hardening/2.2.1.4_configure_ntp.sh
renamed: tests/hardening/2.2.1.2_configure_ntp.sh -> tests/hardening/2.2.1.4_configure_ntp.sh
2020-12-22 08:52:43 +01:00
2034aa7b8a
Renum 1.x files to comply with debian10 CIS
...
renamed: bin/hardening/1.4.1_bootloader_ownership.sh -> bin/hardening/1.5.1_bootloader_ownership.sh
renamed: bin/hardening/1.4.2_bootloader_password.sh -> bin/hardening/1.5.2_bootloader_password.sh
renamed: bin/hardening/1.4.3_root_password.sh -> bin/hardening/1.5.3_root_password.sh
renamed: bin/hardening/1.5.2_enable_nx_support.sh -> bin/hardening/1.6.1_enable_nx_support.sh
renamed: bin/hardening/1.5.3_enable_randomized_vm_placement.sh -> bin/hardening/1.6.2_enable_randomized_vm_placement.sh
renamed: bin/hardening/1.5.4_disable_prelink.sh -> bin/hardening/1.6.3_disable_prelink.sh
renamed: bin/hardening/1.5.1_restrict_core_dumps.sh -> bin/hardening/1.6.4_restrict_core_dumps.sh
renamed: bin/hardening/1.6.2.1_enable_apparmor.sh -> bin/hardening/1.7.2.2_enable_apparmor.sh
renamed: bin/hardening/1.7.1.1_remove_os_info_motd.sh -> bin/hardening/1.8.1.1_remove_os_info_motd.sh
renamed: bin/hardening/1.7.1.2_remove_os_info_issue.sh -> bin/hardening/1.8.1.2_remove_os_info_issue.sh
renamed: bin/hardening/1.7.1.3_remove_os_info_issue_net.sh -> bin/hardening/1.8.1.3_remove_os_info_issue_net.sh
renamed: bin/hardening/1.7.1.4_motd_perms.sh -> bin/hardening/1.8.1.4_motd_perms.sh
renamed: bin/hardening/1.7.1.5_etc_issue_perms.sh -> bin/hardening/1.8.1.5_etc_issue_perms.sh
renamed: bin/hardening/1.7.1.6_etc_issue_net_perms.sh -> bin/hardening/1.8.1.6_etc_issue_net_perms.sh
renamed: bin/hardening/1.7.2_graphical_warning_banners.sh -> bin/hardening/1.8.2_graphical_warning_banners.sh
renamed: bin/hardening/1.8_install_updates.sh -> bin/hardening/1.9_install_updates.sh
renamed: tests/hardening/1.4.1_bootloader_ownership.sh -> tests/hardening/1.5.1_bootloader_ownership.sh
renamed: tests/hardening/1.4.2_bootloader_password.sh -> tests/hardening/1.5.2_bootloader_password.sh
renamed: tests/hardening/1.4.3_root_password.sh -> tests/hardening/1.5.3_root_password.sh
renamed: tests/hardening/1.5.2_enable_nx_support.sh -> tests/hardening/1.6.1_enable_nx_support.sh
renamed: tests/hardening/1.5.3_enable_randomized_vm_placement.sh -> tests/hardening/1.6.2_enable_randomized_vm_placement.sh
renamed: tests/hardening/1.5.4_disable_prelink.sh -> tests/hardening/1.6.3_disable_prelink.sh
renamed: tests/hardening/1.5.1_restrict_core_dumps.sh -> tests/hardening/1.6.4_restrict_core_dumps.sh
renamed: tests/hardening/1.6.2.1_enable_apparmor.sh -> tests/hardening/1.7.2.2_enable_apparmor.sh
renamed: tests/hardening/1.7.1.1_remove_os_info_motd.sh -> tests/hardening/1.8.1.1_remove_os_info_motd.sh
renamed: tests/hardening/1.7.1.2_remove_os_info_issue.sh -> tests/hardening/1.8.1.2_remove_os_info_issue.sh
renamed: tests/hardening/1.7.1.3_remove_os_info_issue_net.sh -> tests/hardening/1.8.1.3_remove_os_info_issue_net.sh
renamed: tests/hardening/1.7.1.4_motd_perms.sh -> tests/hardening/1.8.1.4_motd_perms.sh
new file: tests/hardening/1.8.1.5_etc_issue_perms.sh
new file: tests/hardening/1.8.1.6_etc_issue_net_perms.sh
renamed: tests/hardening/1.7.2_graphical_warning_banners.sh -> tests/hardening/1.8.2_graphical_warning_banners.sh
renamed: tests/hardening/1.8_install_updates.sh -> tests/hardening/1.9_install_updates.sh
2020-12-21 16:09:27 +01:00
87bf29b5fe
ADD(1.3.x): add new scripts for debian10
2020-12-21 15:52:47 +01:00
6e0b47ab8f
Rename files, fix permissions of tests
2020-12-21 11:21:32 +01:00
5c40d48f85
IMP: add utils to check perm in authorized perm
2020-12-21 10:39:44 +01:00
a2adf0f15c
ADD(6.1.3, 6.1.6-9): add new checks
...
Renamed some checks, add new checks that check permissions and ownership on /etc/passwd, /etc/shadow, ...
Add new function in utils that checks that check that the file ownership is one of the authrized ownership.
renamed: bin/hardening/6.1.5_etc_passwd_permissions.sh -> bin/hardening/6.1.2_etc_passwd_permissions.sh
new file: bin/hardening/6.1.3_etc_gshadow-_permissions.sh
renamed: bin/hardening/6.1.6_etc_shadow_permissions.sh -> bin/hardening/6.1.4_etc_shadow_permissions.sh
renamed: bin/hardening/6.1.7_etc_group_permissions.sh -> bin/hardening/6.1.5_etc_group_permissions.sh
new file: bin/hardening/6.1.6_etc_passwd-_permissions.sh
new file: bin/hardening/6.1.7_etc_shadow-_permissions.sh
new file: bin/hardening/6.1.8_etc_group-_permissions.sh
new file: bin/hardening/6.1.9_etc_gshadow_permissions.sh
modified: lib/utils.sh
renamed: tests/hardening/6.1.5_etc_passwd_permissions.sh -> tests/hardening/6.1.2_etc_passwd_permissions.sh
new file: tests/hardening/6.1.3_etc_gshadow-_permissions.sh
renamed: tests/hardening/6.1.6_etc_shadow_permissions.sh -> tests/hardening/6.1.4_etc_shadow_permissions.sh
renamed: tests/hardening/6.1.7_etc_group_permissions.sh -> tests/hardening/6.1.5_etc_group_permissions.sh
new file: tests/hardening/6.1.6_etc_passwd-_permissions.sh
new file: tests/hardening/6.1.7_etc_shadow-_permissions.sh
new file: tests/hardening/6.1.8_etc_group-_permissions.sh
new file: tests/hardening/6.1.9_etc_gshadow_permissions.sh
2020-12-21 10:02:52 +01:00
233f75023a
FIX(4.1.17): fix typo leading to false positive
2021-01-04 08:15:39 +01:00
3560f67e3f
Update changelog
2020-12-14 16:56:09 +01:00
f4ba90352b
IMP(shellcheck): replace ls parsing by stat
2020-12-14 16:14:37 +01:00
cdaee7786a
IMP(shellcheck) refactor new line (SC1004)
2020-12-14 16:09:14 +01:00
13a070319b
IMP(6.2.13): fix race condition
2020-12-14 15:11:33 +01:00
65bdb42eb3
IMP(shellcheck): replace ls by find (SC2045)
2020-12-14 15:08:18 +01:00
0c16e500f5
IMP(shellcheck): replace ls in loop by glob (SC2045)
2020-12-14 14:45:38 +01:00
fad8e8c1f1
IMP(shellcheck): disable quoting warning for find
2020-12-14 14:28:27 +01:00
dee0ebc821
IMP(shellcheck): quote variables
2020-12-10 09:50:33 +01:00
b9e129d8fe
IMP(shellcheck): disable sed replacement (SC2001)
...
Shellcheck recommands to replace sed by shell expansions in 'simple' cases.
However, the replacement here is likely to lead to erros, so we disable this rule.
Moreover, it does'nt really add readability.
2020-12-10 08:34:57 +01:00
36528b55e0
IMP(shellcheck): replace deprecated egrep (SC2196)
2020-12-10 08:20:26 +01:00
1c56bd9930
IMP(shellcheck): remove $() in if condition (SC2091)
2020-12-10 08:16:23 +01:00
b09b75a51e
IMP(shellcheck): quote variables (SC2086)
2020-12-07 17:11:32 +01:00
6826f377e6
IMP(shellcheck): quote variables (SC2086)
2020-12-07 16:49:11 +01:00
e2f7426664
IMP(shellcheck): quoting variables
2020-12-07 15:53:14 +01:00
ac66cdacd0
IMP(shellcheck): fix quote placement in awk (SC1083)
2020-12-07 15:01:22 +01:00
8012234096
IMP(shellcheck): fix harmless warnings
2020-12-07 14:53:10 +01:00
63835dd10c
IMP(shellcheck): add curly bracket to var (SC1087)
2020-12-07 13:54:57 +01:00
ef800954f4
IMP(shellcheck): refactor continue (SC2104)
2020-12-07 13:32:14 +01:00
addd48c4dd
IMP(shellcheck): add prefix to follow scripts (SC1090)
2020-12-07 13:26:51 +01:00
