elie/debian-cis
1
0
Fork 0
mirror of https://github.com/ovh/debian-cis.git synced 2024-11-22 13:37:02 +01:00
Code Issues Packages Projects Releases Wiki Activity
344 Commits 4 Branches 39 Tags 2.2 MiB
9c3aa51982
Commit Graph

344 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Julien Delayen
a3937b3183 changelog: Update to 1.1-1 
- Add hardening templating and several enhancements
- CIS_ROOT_DIR management
- Update ciphers list in 9.3.11 with latest chacha20 and gcm ciphers
- Debian packaging clean up

Signed-off-by: Julien Delayen <julien.delayen@corp.ovh.com>
 2018-02-02 09:40:58 +01:00
Julien Delayen
423e454b62 debian: Remove useless {shlibs:Depends} 
This fixes the following issue:

Depends field of package cis-hardening:
unknown substitution variable ${shlibs:Depends}

Signed-off-by: Julien Delayen <julien.delayen@corp.ovh.com>
 2017-12-14 14:24:21 +01:00
Julien Delayen
b5939dffbe debian: Fix lintian warning 
The following error is highlighted by lintian:
depends-on-essential-package-without-using-version: bash

bash is always present and does not need to be specified
in debian/control.

See: https://lintian.debian.org/tags/depends-on-essential-package-without-using-version.html

Signed-off-by: Julien Delayen <julien.delayen@corp.ovh.com>
 2017-12-14 14:17:27 +01:00
Julien Delayen
1a9c92b345 debian: Remove auto-generated files from conffiles 
The policy for configuration files having changed,
the files are not present in the package anymore.
Remove them from debian/conffiles.

Signed-off-by: Julien Delayen <julien.delayen@corp.ovh.com>
 2017-12-14 14:10:45 +01:00
Thibault Dewailly
6977eb5064 Merge pull request #31 in IAAS/cis-hardening from dev/cherlin/update-cis-scripts to master 
* commit 'f97fbb47f701fd81a6dcdabb1d2e961943386eb5':
  Update ciphers list in 9.3.11 with latest chacha20 and gcm ciphers
 2017-12-05 11:38:15 +01:00
Thibault Dewailly
12fe049eba Merge pull request #28 in IAAS/cis-hardening from dev/cherlin/cis-root-dir-in-env to master 
* commit '5b11b1628a690e0bbd9d34cd5b83dbe74ac6fba7':
  Expand tabs to 4 spaces and trim trailing spaces
  Remove unnecessary CIS_ROOT_DIR empty assignation
  Applying batch edit to all hardening/*.sh scripts for new CIS_ROOT_DIR management
  Changing CIS_ROOT_DIR management in env in bin/hardening.sh
  Change src/skel to allow setting CIS_ROOT_DIR in env and not just sourcing /etc/default/cis-hardening. Making the whole lib more versatile.
 2017-12-05 11:32:45 +01:00
Charles Herlin
02f0e30df1 Expand tabs to 4 spaces and trim trailing spaces 2017-11-17 15:13:27 +01:00
Charles Herlin
ae6fbf2d86 Update ciphers list in 9.3.11 with latest chacha20 and gcm ciphers 2017-11-10 14:48:51 +01:00
Charles Herlin
d2a8b2cb28 Remove unnecessary CIS_ROOT_DIR empty assignation 2017-10-25 17:44:56 +02:00
Charles Herlin
5b2404dab8 Applying batch edit to all hardening/*.sh scripts for new CIS_ROOT_DIR management 2017-10-25 14:50:39 +02:00
Charles Herlin
119d532a7f Changing CIS_ROOT_DIR management in env in bin/hardening.sh 2017-10-25 14:48:54 +02:00
Charles Herlin
161ffa56a7 Change src/skel to allow setting CIS_ROOT_DIR in env and not just sourcing /etc/default/cis-hardening. Making the whole lib more versatile. 2017-10-23 14:50:11 +02:00
Thibault Dewailly
3b7a2b8216 Merge pull request #12 from speed47/dev/enhancements 
Hardening Classification
subs enhancements as well as bug fixes
 2017-09-28 13:22:59 +02:00
Kevin Tanguy
40e57a5cb2 Merge pull request #27 in IAAS/cis-hardening from dev/thibault.dewailly/fixwildcards to master 
* commit 'a4dc5bdaf5ec7f4d1c49533608b279d7101e23cd':
  No more wildcards in file list to be more resilient
 2017-06-15 10:43:31 +02:00
thibault.dewailly
481485a0d7 No more wildcards in file list to be more resilient 2017-06-13 15:36:06 +02:00
Thibault Dewailly
fae0c5a64b Merge pull request #26 in IAAS/cis-hardening from dev/kevin.tanguy/packagebump to master 
* commit '11ab51679bcb5cac893a190d1db22aebdc56ece0':
  Debian package revision bump 1.0-11
 2017-06-08 09:41:43 +02:00
kevin.tanguy
72999b8b5d Debian package revision bump 1.0-11 2017-06-05 16:36:25 +02:00
Thibault Dewailly
2ef500298b Merge pull request #11 from speed47/dev/fix_does_pattern_exist_in_file 
handle ENOENT properly in does_pattern_exist_in_file()
 2017-05-19 18:30:21 +02:00
Thibault Dewailly
a1f970e737 Merge pull request #10 from speed47/dev/beautifyprint 
set a fixed-size prefix for logger
 2017-05-19 17:20:47 +02:00
Stéphane Lesimple
676b17c54f add hardening templating and several enhancements 2017-05-18 18:40:09 +02:00
Stéphane Lesimple
3e0187094a handle ENOENT properly in does_pattern_exist_in_file\(\) 2017-05-18 18:31:24 +02:00
Stéphane Lesimple
cca0310d64 set a fixed-size prefix for logger 2017-05-18 18:27:02 +02:00
Thibault Dewailly
233d1245fc Merge pull request #9 from Joorem/10.1.3-fix-option-name 
[10.1.3] set the good value for $OPTIONS
 2017-05-04 09:28:42 +02:00
Jérôme Le Gal
46dbe8a6bc [10.1.3] set the good value for $OPTIONS 2017-05-03 23:08:48 +02:00
Kevin Tanguy
a46490b2d8 Merge pull request #25 in IAAS/cis-hardening from dev/thibault.dewailly/fixShadowParsing to master 
* commit '0f11b08ffb593285f745e3e249f3aaf83a6f5362':
  [Debian 8] Fixed comments for debian 8 compliance
  [10.2] Fixed result parsing in case of spaces in passwd list
 2017-03-14 16:19:33 +01:00
thibault.dewailly
3e1df0cdf9 [Debian 8] Fixed comments for debian 8 compliance 2017-03-10 17:46:39 +01:00
thibault.dewailly
0c053eef56 [10.2] Fixed result parsing in case of spaces in passwd list 2017-03-10 17:26:55 +01:00
thibault.dewailly
eb7bf7fece Merge branch 'master' of github.com:ovh/debian-cis 2016-07-04 11:45:41 +02:00
Thibault Dewailly
e93b9f89f4 Merge pull request #7 from MatthieuDestrez/fixPermitEmptyPassword 
fixed option name in 9.3.9_disable_sshd_permitemptypasswords.sh, was …
 2016-07-04 11:44:40 +02:00
Matthieu Destrez
f5cb5ddf97 fixed option name in 9.3.9_disable_sshd_permitemptypasswords.sh, was PermitRootLogin instead of PermitEmptyPassword 2016-06-29 15:12:21 +02:00
Thibault Dewailly
45f529a392 Merge pull request #24 in IAAS/cis-hardening from dev/kevin.tanguy/wheezy to master 
* commit '39950ab163b5e45d6271194a2e81a8dedb31aa3d':
  Debian package revision bump 1.0-10
 2016-05-18 09:44:02 +02:00
Kevin Tanguy
4705846c60 Debian package revision bump 1.0-10 2016-05-18 09:06:14 +02:00
Thibault Dewailly
3209a4c302 Merge pull request #5 from jeremydenoun/fix-echo 
Script output should be usefull with pipe or redirection
 2016-05-17 13:28:37 +02:00
jeremydenoun
53626bd926 Remove test on _logger() function 
the original line contain test that can hide echo if we launch script with pipe or IO redirection
 2016-05-14 20:39:32 +02:00
Thibault Dewailly
7578c2bbfb Merge pull request #23 in IAAS/cis-hardening from dev/kevin.tanguy/wheezy to master 
* commit '84a5d0e0d8270b68e2c534c38b0ef34f62754a31':
  Debian package revision bump 1.0-9
 2016-05-03 13:24:15 +02:00
Kevin Tanguy
74711a2d37 Debian package revision bump 1.0-9 2016-05-03 12:34:12 +02:00
Kevin Tanguy
544c2a4aea Merge pull request #22 in IAAS/cis-hardening from dev/thibault.dewailly/fix to master 
* commit '1bb8c5b387673e2c069a41ca4fc793b1d4c0869b':
  Fixed replace in file function with proper substitution
  tripwire : fixed typo on postinstall helper
  fix 99.1 Apply TMOUT Variable
 2016-05-03 11:27:39 +02:00
thibault.dewailly
e902c9b4c8 Fixed replace in file function with proper substitution 2016-05-03 11:25:37 +02:00
thibault.dewailly
612e28b16f tripwire : fixed typo on postinstall helper 2016-05-02 11:11:07 +02:00
thibault.dewailly
4867538c22 fix 99.1 Apply TMOUT Variable 2016-05-02 10:45:32 +02:00
Thibault Dewailly
a986f3b340 Merge pull request #20 in IAAS/cis-hardening from dev/kevin.tanguy/rephrasingAllOver to master 
* commit '8bbac84f7b0023cbcf9150cc18023ba5a219501c':
  debian dependencies fix, rephrasing, revision bump 1.0-8.
 2016-04-26 14:57:54 +02:00
kevin.tanguy
1479332870 debian dependencies fix, rephrasing, revision bump 1.0-8. 2016-04-25 15:15:49 +02:00
Thibault Dewailly
2ebfee70ed Merge pull request #19 in IAAS/cis-hardening from dev/kevin.tanguy/wheezy to master 
* commit '0927c1db92534eddcc4612829e61dbb1c8b82e17':
  Debian package revision bump 1.0-7
 2016-04-25 09:21:10 +02:00
Kevin Tanguy
19543c2e68 Debian package revision bump 1.0-7 2016-04-25 09:19:46 +02:00
Thibault Dewailly
faedc43b73 Merge pull request #18 in IAAS/cis-hardening from dev/thibault.dewailly/fix6.15 to master 
* commit 'c1a45d1df172e0f3c715759b3dd71873fd58559d':
  Fixed 6.15 netstat analysis
 2016-04-25 08:41:43 +02:00
thibault.dewailly
6e366172f8 Fixed 6.15 netstat analysis 2016-04-22 16:59:52 +02:00
Thibault Dewailly
22fcd6ca74 Merge pull request #17 in IAAS/cis-hardening from dev/kevin.tanguy/wheezy to master 
* commit 'f3e582c957c8b54a7f4d7b3dc192ab984feaa125':
  Debian package revision bump 1.0-6
 2016-04-22 14:47:46 +02:00
kevin.tanguy
3136adeed5 Debian package revision bump 1.0-6 2016-04-22 14:29:33 +02:00
Thibault Dewailly
b4aeada621 Merge pull request #15 in IAAS/cis-hardening from dev/kevin.tanguy/wheezy to master 
* commit 'bf0ba2595d3150f54621de60fc6d4df91c1e318d':
  Debian package revision bump 1.0-5
 2016-04-22 10:25:21 +02:00
kevin.tanguy
d229a57bac Debian package revision bump 1.0-5 2016-04-22 10:18:31 +02:00