Thibault Ayanides
f82712203d
CLEAN: rename 7.7
2020-10-26 11:00:55 +01:00
Thibault Ayanides
e2616b024d
CLEAN: Remove 13.13 (duplicate with 6.2.9)
2020-10-26 10:55:12 +01:00
Thibault Ayanides
36d55a6f79
CLEAN: Remove old checks (3.2, 8.2.4)
2020-10-26 10:48:08 +01:00
Thibault Ayanides
e1846ebd4c
CLEAN: Rename 1.7.1.4, 8.2.1
2020-10-26 10:40:48 +01:00
Thibault Ayanides
bb9f60a939
IMP(12.7): test is automatically skipped on docker
2020-10-26 08:51:50 +01:00
Charles Herlin
c0e9b96ffc
FIX: change name to fit check content (cracklib -> pwquality)
...
renamed: bin/hardening/5.3.1_enable_cracklib.sh -> bin/hardening/5.3.1_enable_pwquality.sh
renamed: tests/hardening/5.3.1_enable_cracklib.sh -> tests/hardening/5.3.1_enable_pwquality.sh
2019-10-30 15:40:15 +01:00
Charles Herlin
d91fdbf84b
Add missing tests CUPS, telnet and LDAP
...
new file: bin/hardening/2.2.4_disable_print_server.sh
new file: bin/hardening/2.3.4_telnet_client_not_installed.sh
new file: bin/hardening/2.3.5_ldap_client_not_installed.sh
new file: tests/hardening/2.2.4_disable_print_server.sh
new file: tests/hardening/2.3.4_telnet_client_not_installed.sh
new file: tests/hardening/2.3.5_ldap_client_not_installed.sh
2019-10-21 14:45:25 +02:00
Charles Herlin
2b60594a06
Renum 2.6.x to 1.1.x for /var/tmp
...
renamed: bin/hardening/2.6.4_var_tmp_noexec.sh -> bin/hardening/1.1.10_var_tmp_noexec.sh
renamed: bin/hardening/2.6.1_var_tmp_partition.sh -> bin/hardening/1.1.7_var_tmp_partition.sh
renamed: bin/hardening/2.6.2_var_tmp_nodev.sh -> bin/hardening/1.1.8_var_tmp_nodev.sh
renamed: bin/hardening/2.6.3_var_tmp_nosuid.sh -> bin/hardening/1.1.9_var_tmp_nosuid.sh
renamed: tests/hardening/2.6.4_var_tmp_noexec.sh -> tests/hardening/1.1.10_var_tmp_noexec.sh
renamed: tests/hardening/2.6.3_var_tmp_nosuid.sh -> tests/hardening/1.1.7_var_tmp_partition.sh
renamed: tests/hardening/2.6.2_var_tmp_nodev.sh -> tests/hardening/1.1.8_var_tmp_nodev.sh
renamed: tests/hardening/2.6.1_var_tmp_partition.sh -> tests/hardening/1.1.9_var_tmp_nosuid.sh
2019-10-21 12:21:22 +02:00
Charles Herlin
d6dae89966
Renum logrotate config 8.4 to 4.3
...
renamed: 8.4_configure_logrotate.sh -> 4.3_configure_logrotate.sh
renamed: ../../tests/hardening/8.4_configure_logrotate.sh -> ../../tests/hardening/4.3_configure_logrotate.sh
2019-10-18 17:32:41 +02:00
Charles Herlin
80b97940fa
Renumbering custom 99.* scripts as newcomers to CIS benchmark
...
renamed: bin/hardening/99.4_net_fw_default_policy_drop.sh -> bin/hardening/3.5.1.1_net_fw_default_policy_drop.sh
renamed: bin/hardening/99.3.3_acc_pam_sha512.sh -> bin/hardening/5.3.4_acc_pam_sha512.sh
renamed: tests/hardening/99.4_net_fw_default_policy_drop.sh -> tests/hardening/3.5.1.1_net_fw_default_policy_drop.sh
renamed: tests/hardening/99.3.3_acc_pam_sha512.sh -> tests/hardening/5.3.4_acc_pam_sha512.sh
2019-10-18 17:26:31 +02:00
Charles Herlin
609444a47f
Renum User and Groups settings 13.x to 6.2.x
...
renamed: bin/hardening/13.8_check_user_dot_file_perm.sh -> bin/hardening/6.2.10_check_user_dot_file_perm.sh
renamed: bin/hardening/13.19_find_user_forward_files.sh -> bin/hardening/6.2.11_find_user_forward_files.sh
renamed: bin/hardening/13.18_find_user_netrc_files.sh -> bin/hardening/6.2.12_find_user_netrc_files.sh
renamed: bin/hardening/13.9_set_perm_on_user_netrc.sh -> bin/hardening/6.2.13_set_perm_on_user_netrc.sh
renamed: bin/hardening/13.10_find_user_rhosts_files.sh -> bin/hardening/6.2.14_find_user_rhosts_files.sh
renamed: bin/hardening/13.11_find_passwd_group_inconsistencies.sh -> bin/hardening/6.2.15_find_passwd_group_inconsistencies.sh
renamed: bin/hardening/13.14_check_duplicate_uid.sh -> bin/hardening/6.2.16_check_duplicate_uid.sh
renamed: bin/hardening/13.15_check_duplicate_gid.sh -> bin/hardening/6.2.17_check_duplicate_gid.sh
renamed: bin/hardening/13.16_check_duplicate_username.sh -> bin/hardening/6.2.18_check_duplicate_username.sh
renamed: bin/hardening/13.17_check_duplicate_groupname.sh -> bin/hardening/6.2.19_check_duplicate_groupname.sh
renamed: bin/hardening/13.1_remove_empty_password_field.sh -> bin/hardening/6.2.1_remove_empty_password_field.sh
renamed: bin/hardening/13.20_shadow_group_empty.sh -> bin/hardening/6.2.20_shadow_group_empty.sh
renamed: bin/hardening/13.2_remove_legacy_passwd_entries.sh -> bin/hardening/6.2.2_remove_legacy_passwd_entries.sh
renamed: bin/hardening/13.3_remove_legacy_shadow_entries.sh -> bin/hardening/6.2.3_remove_legacy_shadow_entries.sh
renamed: bin/hardening/13.4_remove_legacy_group_entries.sh -> bin/hardening/6.2.4_remove_legacy_group_entries.sh
renamed: bin/hardening/13.5_find_0_uid_non_root_account.sh -> bin/hardening/6.2.5_find_0_uid_non_root_account.sh
renamed: bin/hardening/13.6_sanitize_root_path.sh -> bin/hardening/6.2.6_sanitize_root_path.sh
renamed: bin/hardening/13.7_check_user_dir_perm.sh -> bin/hardening/6.2.8_check_user_dir_perm.sh
renamed: bin/hardening/13.12_users_valid_homedir.sh -> bin/hardening/6.2.9_users_valid_homedir.sh
renamed: tests/hardening/13.9_set_perm_on_user_netrc.sh -> tests/hardening/6.2.10_check_user_dot_file_perm.sh
renamed: tests/hardening/13.8_check_user_dot_file_perm.sh -> tests/hardening/6.2.11_find_user_forward_files.sh
renamed: tests/hardening/13.7_check_user_dir_perm.sh -> tests/hardening/6.2.12_find_user_netrc_files.sh
renamed: tests/hardening/13.6_sanitize_root_path.sh -> tests/hardening/6.2.13_set_perm_on_user_netrc.sh
renamed: tests/hardening/13.4_remove_legacy_group_entries.sh -> tests/hardening/6.2.15_find_passwd_group_inconsistencies.sh
renamed: tests/hardening/13.14_check_duplicate_uid.sh -> tests/hardening/6.2.16_check_duplicate_uid.sh
renamed: tests/hardening/13.15_check_duplicate_gid.sh -> tests/hardening/6.2.17_check_duplicate_gid.sh
renamed: tests/hardening/13.3_remove_legacy_shadow_entries.sh -> tests/hardening/6.2.18_check_duplicate_username.sh
renamed: tests/hardening/13.2_remove_legacy_passwd_entries.sh -> tests/hardening/6.2.19_check_duplicate_groupname.sh
renamed: tests/hardening/13.20_shadow_group_empty.sh -> tests/hardening/6.2.1_remove_empty_password_field.sh
renamed: tests/hardening/13.1_remove_empty_password_field.sh -> tests/hardening/6.2.20_shadow_group_empty.sh
renamed: tests/hardening/13.19_find_user_forward_files.sh -> tests/hardening/6.2.2_remove_legacy_passwd_entries.sh
renamed: tests/hardening/13.18_find_user_netrc_files.sh -> tests/hardening/6.2.3_remove_legacy_shadow_entries.sh
renamed: tests/hardening/13.17_check_duplicate_groupname.sh -> tests/hardening/6.2.4_remove_legacy_group_entries.sh
renamed: tests/hardening/13.5_find_0_uid_non_root_account.sh -> tests/hardening/6.2.5_find_0_uid_non_root_account.sh
renamed: tests/hardening/13.16_check_duplicate_username.sh -> tests/hardening/6.2.6_sanitize_root_path.sh
renamed: tests/hardening/13.12_users_valid_homedir.sh -> tests/hardening/6.2.8_check_user_dir_perm.sh
renamed: tests/hardening/13.11_find_passwd_group_inconsistencies.sh -> tests/hardening/6.2.9_users_valid_homedir.sh
2019-09-12 17:43:12 +02:00
Charles Herlin
440aeaf45f
Renum 12.x checks to 6.1.x Verify_System_File_Permissions
...
modified: bin/hardening/12.4_etc_passwd_ownership.sh
modified: bin/hardening/12.5_etc_shadow_ownership.sh
modified: bin/hardening/12.6_etc_group_ownership.sh
renamed: bin/hardening/12.7_find_world_writable_file.sh -> bin/hardening/6.1.10_find_world_writable_file.sh
renamed: bin/hardening/12.8_find_unowned_files.sh -> bin/hardening/6.1.11_find_unowned_files.sh
renamed: bin/hardening/12.9_find_ungrouped_files.sh -> bin/hardening/6.1.12_find_ungrouped_files.sh
renamed: bin/hardening/12.10_find_suid_files.sh -> bin/hardening/6.1.13_find_suid_files.sh
renamed: bin/hardening/12.11_find_sgid_files.sh -> bin/hardening/6.1.14_find_sgid_files.sh
renamed: bin/hardening/12.1_etc_passwd_permissions.sh -> bin/hardening/6.1.2_etc_passwd_permissions.sh
renamed: bin/hardening/12.2_etc_shadow_permissions.sh -> bin/hardening/6.1.3_etc_shadow_permissions.sh
renamed: bin/hardening/12.3_etc_group_permissions.sh -> bin/hardening/6.1.4_etc_group_permissions.sh
deleted: tests/hardening/12.1_etc_passwd_permissions.sh
deleted: tests/hardening/12.2_etc_shadow_permissions.sh
deleted: tests/hardening/12.3_etc_group_permissions.sh
renamed: tests/hardening/12.7_find_world_writable_file.sh -> tests/hardening/6.1.10_find_world_writable_file.sh
renamed: tests/hardening/12.8_find_unowned_files.sh -> tests/hardening/6.1.11_find_unowned_files.sh
renamed: tests/hardening/12.9_find_ungrouped_files.sh -> tests/hardening/6.1.12_find_ungrouped_files.sh
renamed: tests/hardening/12.10_find_suid_files.sh -> tests/hardening/6.1.13_find_suid_files.sh
renamed: tests/hardening/12.11_find_sgid_files.sh -> tests/hardening/6.1.14_find_sgid_files.sh
renamed: tests/hardening/12.6_etc_group_ownership.sh -> tests/hardening/6.1.2_etc_passwd_permissions.sh
renamed: tests/hardening/12.5_etc_shadow_ownership.sh -> tests/hardening/6.1.3_etc_shadow_permissions.sh
renamed: tests/hardening/12.4_etc_passwd_ownership.sh -> tests/hardening/6.1.4_etc_group_permissions.sh
2019-09-12 16:44:45 +02:00
Charles Herlin
a085785321
Renum warning banners checks 11.x to 1.7.x
...
new file: bin/hardening/1.7.1.1_remove_os_info_motd.sh
renamed: bin/hardening/11.2_remove_os_info_warning_banners.sh -> bin/hardening/1.7.1.2_remove_os_info_issue.sh
new file: bin/hardening/1.7.1.3_remove_os_info_issue_net.sh
new file: bin/hardening/1.7.1.4_motd_perms.sh
new file: bin/hardening/1.7.1.5_etc_issue_perms.sh
new file: bin/hardening/1.7.1.6_etc_issue_net_perms.sh
renamed: bin/hardening/11.3_graphical_warning_banners.sh -> bin/hardening/1.7.2_graphical_warning_banners.sh
deleted: bin/hardening/11.1_warning_banners.sh
renamed: tests/hardening/11.3_graphical_warning_banners.sh -> tests/hardening/1.7.1.1_remove_os_info_motd.sh
renamed: tests/hardening/11.2_remove_os_info_warning_banners.sh -> tests/hardening/1.7.1.2_remove_os_info_issue.sh
renamed: tests/hardening/11.1_warning_banners.sh -> tests/hardening/1.7.1.3_remove_os_info_issue_net.sh
new file: tests/hardening/1.7.1.4_warning_banners.sh
new file: tests/hardening/1.7.2_graphical_warning_banners.sh
2019-09-12 15:42:22 +02:00
Charles Herlin
fbb73d1953
Renum 10.x to 5.4.x
...
renamed: bin/hardening/10.5_lock_inactive_user_account.sh -> bin/hardening/5.4.1.4_lock_inactive_user_account.sh
renamed: bin/hardening/10.2_disable_system_accounts.sh -> bin/hardening/5.4.2_disable_system_accounts.sh
renamed: bin/hardening/10.3_default_root_group.sh -> bin/hardening/5.4.3_default_root_group.sh
renamed: bin/hardening/10.4_default_umask.sh -> bin/hardening/5.4.4_default_umask.sh
renamed: tests/hardening/10.5_lock_inactive_user_account.sh -> tests/hardening/5.4.1.4_lock_inactive_user_account.sh
renamed: tests/hardening/10.2_disable_system_accounts.sh -> tests/hardening/5.4.2_disable_system_accounts.sh
renamed: tests/hardening/10.4_default_umask.sh -> tests/hardening/5.4.3_default_root_group.sh
renamed: tests/hardening/10.3_default_root_group.sh -> tests/hardening/5.4.4_default_umask.sh
2019-09-12 10:55:43 +02:00
Charles Herlin
47a9ffdc9c
Renum login.defs 10.1.x to 5.4.1.x
...
renamed: bin/hardening/10.1.1_set_password_exp_days.sh -> bin/hardening/5.4.1.1_set_password_exp_days.sh
renamed: bin/hardening/10.1.2_set_password_min_days_change.sh -> bin/hardening/5.4.1.2_set_password_min_days_change.sh
renamed: bin/hardening/10.1.3_set_password_exp_warning_days.sh -> bin/hardening/5.4.1.3_set_password_exp_warning_days.sh
renamed: tests/hardening/10.1.3_set_password_exp_warning_days.sh -> tests/hardening/5.4.1.1_set_password_exp_days.sh
renamed: tests/hardening/10.1.2_set_password_min_days_change.sh -> tests/hardening/5.4.1.2_set_password_min_days_change.sh
renamed: tests/hardening/10.1.1_set_password_exp_days.sh -> tests/hardening/5.4.1.3_set_password_exp_warning_days.sh
2019-09-12 10:43:48 +02:00
Charles Herlin
8a4a28a35b
Renum 9.x tty and su checks
...
renamed: bin/hardening/9.4_secure_tty.sh -> bin/hardening/5.5_secure_tty.sh
renamed: bin/hardening/9.5_restrict_su.sh -> bin/hardening/5.6_restrict_su.sh
renamed: tests/hardening/9.5_restrict_su.sh -> tests/hardening/5.5_secure_tty.sh
renamed: tests/hardening/9.4_secure_tty.sh -> tests/hardening/5.6_restrict_su.sh
2019-09-11 17:16:54 +02:00
Charles Herlin
9e61ca8367
Renum ssh config check 9.3.x to 5.2.x
...
Also renum 99.x checks that were included in CIS recommendations
renamed: bin/hardening/9.3.8_disable_root_login.sh -> bin/hardening/5.2.10_disable_root_login.sh
renamed: bin/hardening/9.3.9_disable_sshd_permitemptypasswords.sh -> bin/hardening/5.2.11_disable_sshd_permitemptypasswords.sh
renamed: bin/hardening/9.3.10_disable_sshd_setenv.sh -> bin/hardening/5.2.12_disable_sshd_setenv.sh
renamed: bin/hardening/9.3.11_sshd_ciphers.sh -> bin/hardening/5.2.13_sshd_ciphers.sh
renamed: bin/hardening/99.5.2.2_ssh_cry_mac.sh -> bin/hardening/5.2.14_ssh_cry_mac.sh
renamed: bin/hardening/99.5.2.1_ssh_cry_kex.sh -> bin/hardening/5.2.15_ssh_cry_kex.sh
renamed: bin/hardening/9.3.12_sshd_idle_timeout.sh -> bin/hardening/5.2.16_sshd_idle_timeout.sh
renamed: bin/hardening/9.3.13_sshd_limit_access.sh -> bin/hardening/5.2.18_sshd_limit_access.sh
renamed: bin/hardening/9.3.14_ssh_banner.sh -> bin/hardening/5.2.19_ssh_banner.sh
renamed: bin/hardening/9.3.3_sshd_conf_perm_ownership.sh -> bin/hardening/5.2.1_sshd_conf_perm_ownership.sh
renamed: bin/hardening/9.3.1_sshd_protocol.sh -> bin/hardening/5.2.4_sshd_protocol.sh
renamed: bin/hardening/9.3.2_sshd_loglevel.sh -> bin/hardening/5.2.5_sshd_loglevel.sh
renamed: bin/hardening/9.3.4_disable_x11_forwarding.sh -> bin/hardening/5.2.6_disable_x11_forwarding.sh
renamed: bin/hardening/9.3.5_sshd_maxauthtries.sh -> bin/hardening/5.2.7_sshd_maxauthtries.sh
renamed: bin/hardening/9.3.6_enable_sshd_ignorerhosts.sh -> bin/hardening/5.2.8_enable_sshd_ignorerhosts.sh
renamed: bin/hardening/9.3.7_disable_sshd_hostbasedauthentication.sh -> bin/hardening/5.2.9_disable_sshd_hostbasedauthentication.sh
renamed: tests/hardening/9.3.9_disable_sshd_permitemptypasswords.sh -> tests/hardening/5.2.10_disable_root_login.sh
renamed: tests/hardening/9.3.8_disable_root_login.sh -> tests/hardening/5.2.11_disable_sshd_permitemptypasswords.sh
renamed: tests/hardening/9.3.7_disable_sshd_hostbasedauthentication.sh -> tests/hardening/5.2.12_disable_sshd_setenv.sh
renamed: tests/hardening/9.3.6_enable_sshd_ignorerhosts.sh -> tests/hardening/5.2.13_sshd_ciphers.sh
renamed: tests/hardening/99.5.2.2_ssh_cry_mac.sh -> tests/hardening/5.2.14_ssh_cry_mac.sh
renamed: tests/hardening/99.5.2.1_ssh_cry_kex.sh -> tests/hardening/5.2.15_ssh_cry_kex.sh
renamed: tests/hardening/9.3.5_sshd_maxauthtries.sh -> tests/hardening/5.2.16_sshd_idle_timeout.sh
renamed: tests/hardening/9.3.4_disable_x11_forwarding.sh -> tests/hardening/5.2.18_sshd_limit_access.sh
renamed: tests/hardening/9.3.3_sshd_conf_perm_ownership.sh -> tests/hardening/5.2.19_ssh_banner.sh
renamed: tests/hardening/9.3.1_sshd_protocol.sh -> tests/hardening/5.2.1_sshd_conf_perm_ownership.sh
renamed: tests/hardening/9.3.14_ssh_banner.sh -> tests/hardening/5.2.4_sshd_protocol.sh
renamed: tests/hardening/9.3.2_sshd_loglevel.sh -> tests/hardening/5.2.5_sshd_loglevel.sh
renamed: tests/hardening/9.3.13_sshd_limit_access.sh -> tests/hardening/5.2.6_disable_x11_forwarding.sh
renamed: tests/hardening/9.3.12_sshd_idle_timeout.sh -> tests/hardening/5.2.7_sshd_maxauthtries.sh
renamed: tests/hardening/9.3.11_sshd_ciphers.sh -> tests/hardening/5.2.8_enable_sshd_ignorerhosts.sh
renamed: tests/hardening/9.3.10_disable_sshd_setenv.sh -> tests/hardening/5.2.9_disable_sshd_hostbasedauthentication.sh
2019-09-11 17:12:54 +02:00
Charles Herlin
c863a01305
Renum 9.2.x to 5.3.x Pam password settings
...
renamed: bin/hardening/9.2.1_enable_cracklib.sh -> bin/hardening/5.3.1_enable_cracklib.sh
renamed: bin/hardening/9.2.2_enable_lockout_failed_password.sh -> bin/hardening/5.3.2_enable_lockout_failed_password.sh
renamed: bin/hardening/9.2.3_limit_password_reuse.sh -> bin/hardening/5.3.3_limit_password_reuse.sh
renamed: tests/hardening/9.2.1_enable_cracklib.sh -> tests/hardening/5.3.1_enable_cracklib.sh
renamed: tests/hardening/9.2.3_limit_password_reuse.sh -> tests/hardening/5.3.2_enable_lockout_failed_password.sh
renamed: tests/hardening/9.2.2_enable_lockout_failed_password.sh -> tests/hardening/5.3.3_limit_password_reuse.sh
2019-09-11 15:40:00 +02:00
Charles Herlin
124dde8254
Renum 9.1.x to 5.1.x cron checks
...
renamed: bin/hardening/9.1.1_enable_cron.sh -> bin/hardening/5.1.1_enable_cron.sh
renamed: bin/hardening/9.1.2_crontab_perm_ownership.sh -> bin/hardening/5.1.2_crontab_perm_ownership.sh
renamed: bin/hardening/9.1.3_cron_hourly_perm_ownership.sh -> bin/hardening/5.1.3_cron_hourly_perm_ownership.sh
renamed: bin/hardening/9.1.4_cron_daily_perm_ownership.sh -> bin/hardening/5.1.4_cron_daily_perm_ownership.sh
renamed: bin/hardening/9.1.5_cron_weekly_perm_ownership.sh -> bin/hardening/5.1.5_cron_weekly_perm_ownership.sh
renamed: bin/hardening/9.1.6_cron_monthly_perm_ownership.sh -> bin/hardening/5.1.6_cron_monthly_perm_ownership.sh
renamed: bin/hardening/9.1.7_cron_d_perm_ownership.sh -> bin/hardening/5.1.7_cron_d_perm_ownership.sh
renamed: bin/hardening/9.1.8_cron_users.sh -> bin/hardening/5.1.8_cron_users.sh
renamed: tests/hardening/9.1.8_cron_users.sh -> tests/hardening/5.1.1_enable_cron.sh
renamed: tests/hardening/9.1.7_cron_d_perm_ownership.sh -> tests/hardening/5.1.2_crontab_perm_ownership.sh
renamed: tests/hardening/9.1.6_cron_monthly_perm_ownership.sh -> tests/hardening/5.1.3_cron_hourly_perm_ownership.sh
renamed: tests/hardening/9.1.5_cron_weekly_perm_ownership.sh -> tests/hardening/5.1.4_cron_daily_perm_ownership.sh
renamed: tests/hardening/9.1.4_cron_daily_perm_ownership.sh -> tests/hardening/5.1.5_cron_weekly_perm_ownership.sh
renamed: tests/hardening/9.1.3_cron_hourly_perm_ownership.sh -> tests/hardening/5.1.6_cron_monthly_perm_ownership.sh
renamed: tests/hardening/9.1.2_crontab_perm_ownership.sh -> tests/hardening/5.1.7_cron_d_perm_ownership.sh
renamed: tests/hardening/9.1.1_enable_cron.sh -> tests/hardening/5.1.8_cron_users.sh
2019-09-11 12:16:50 +02:00
Charles Herlin
65f92a7556
Renum 8.2.x to 4.2.2.x for syslog-ng
...
renamed: bin/hardening/8.2.2_enable_syslog-ng.sh -> bin/hardening/4.2.2.1_enable_syslog-ng.sh
renamed: bin/hardening/8.2.3_configure_syslog-ng.sh -> bin/hardening/4.2.2.2_configure_syslog-ng.sh
new file: bin/hardening/4.2.2.3_syslog_ng_logfiles_perm.sh
renamed: bin/hardening/8.2.5_syslog-ng_remote_host.sh -> bin/hardening/4.2.2.4_syslog-ng_remote_host.sh
renamed: bin/hardening/8.2.6_remote_syslog-ng_acl.sh -> bin/hardening/4.2.2.5_remote_syslog-ng_acl.sh
renamed: tests/hardening/8.2.6_remote_syslog-ng_acl.sh -> tests/hardening/4.2.2.1_enable_syslog-ng.sh
renamed: tests/hardening/8.2.3_configure_syslog-ng.sh -> tests/hardening/4.2.2.2_configure_syslog-ng.sh
renamed: tests/hardening/8.2.2_enable_syslog-ng.sh -> tests/hardening/4.2.2.3_syslog_ng_logfiles_perm.sh
renamed: tests/hardening/8.2.5_syslog-ng_remote_host.sh -> tests/hardening/4.2.2.4_syslog-ng_remote_host.sh
new file: tests/hardening/4.2.2.5_remote_syslog-ng_acl.sh
2019-09-11 11:52:24 +02:00
Charles Herlin
00dd3ef591
Renum 8.1.x auditing configuration
...
renamed: bin/hardening/8.1.1.1_audit_log_storage.sh -> bin/hardening/4.1.1.1_audit_log_storage.sh
renamed: bin/hardening/8.1.1.2_halt_when_audit_log_full.sh -> bin/hardening/4.1.1.2_halt_when_audit_log_full.sh
renamed: bin/hardening/8.1.1.3_keep_all_audit_logs.sh -> bin/hardening/4.1.1.3_keep_all_audit_logs.sh
renamed: bin/hardening/8.1.10_record_dac_edit.sh -> bin/hardening/4.1.10_record_dac_edit.sh
renamed: bin/hardening/8.1.11_record_failed_access_file.sh -> bin/hardening/4.1.11_record_failed_access_file.sh
renamed: bin/hardening/8.1.12_record_privileged_commands.sh -> bin/hardening/4.1.12_record_privileged_commands.sh
renamed: bin/hardening/8.1.13_record_successful_mount.sh -> bin/hardening/4.1.13_record_successful_mount.sh
renamed: bin/hardening/8.1.14_record_file_deletions.sh -> bin/hardening/4.1.14_record_file_deletions.sh
renamed: bin/hardening/8.1.15_record_sudoers_edit.sh -> bin/hardening/4.1.15_record_sudoers_edit.sh
renamed: bin/hardening/8.1.16_record_sudo_usage.sh -> bin/hardening/4.1.16_record_sudo_usage.sh
renamed: bin/hardening/8.1.17_record_kernel_modules.sh -> bin/hardening/4.1.17_record_kernel_modules.sh
renamed: bin/hardening/8.1.18_freeze_auditd_conf.sh -> bin/hardening/4.1.18_freeze_auditd_conf.sh
renamed: bin/hardening/8.1.2_enable_auditd.sh -> bin/hardening/4.1.2_enable_auditd.sh
renamed: bin/hardening/8.1.3_audit_bootloader.sh -> bin/hardening/4.1.3_audit_bootloader.sh
renamed: bin/hardening/8.1.4_record_date_time_edit.sh -> bin/hardening/4.1.4_record_date_time_edit.sh
renamed: bin/hardening/8.1.5_record_user_group_edit.sh -> bin/hardening/4.1.5_record_user_group_edit.sh
renamed: bin/hardening/8.1.6_record_network_edit.sh -> bin/hardening/4.1.6_record_network_edit.sh
renamed: bin/hardening/8.1.7_record_mac_edit.sh -> bin/hardening/4.1.7_record_mac_edit.sh
renamed: bin/hardening/8.1.8_record_login_logout.sh -> bin/hardening/4.1.8_record_login_logout.sh
renamed: bin/hardening/8.1.9_record_session_init.sh -> bin/hardening/4.1.9_record_session_init.sh
renamed: tests/hardening/8.1.9_record_session_init.sh -> tests/hardening/4.1.1.1_audit_log_storage.sh
renamed: tests/hardening/8.1.8_record_login_logout.sh -> tests/hardening/4.1.1.2_halt_when_audit_log_full.sh
renamed: tests/hardening/8.1.7_record_mac_edit.sh -> tests/hardening/4.1.1.3_keep_all_audit_logs.sh
renamed: tests/hardening/8.1.6_record_network_edit.sh -> tests/hardening/4.1.10_record_dac_edit.sh
renamed: tests/hardening/8.1.5_record_user_group_edit.sh -> tests/hardening/4.1.11_record_failed_access_file.sh
renamed: tests/hardening/8.1.4_record_date_time_edit.sh -> tests/hardening/4.1.12_record_privileged_commands.sh
renamed: tests/hardening/8.1.3_audit_bootloader.sh -> tests/hardening/4.1.13_record_successful_mount.sh
renamed: tests/hardening/8.1.2_enable_auditd.sh -> tests/hardening/4.1.14_record_file_deletions.sh
renamed: tests/hardening/8.1.18_freeze_auditd_conf.sh -> tests/hardening/4.1.15_record_sudoers_edit.sh
renamed: tests/hardening/8.1.17_record_kernel_modules.sh -> tests/hardening/4.1.16_record_sudo_usage.sh
renamed: tests/hardening/8.1.16_record_sudo_usage.sh -> tests/hardening/4.1.17_record_kernel_modules.sh
renamed: tests/hardening/8.1.15_record_sudoers_edit.sh -> tests/hardening/4.1.18_freeze_auditd_conf.sh
renamed: tests/hardening/8.1.14_record_file_deletions.sh -> tests/hardening/4.1.2_enable_auditd.sh
renamed: tests/hardening/8.1.13_record_successful_mount.sh -> tests/hardening/4.1.3_audit_bootloader.sh
renamed: tests/hardening/8.1.12_record_privileged_commands.sh -> tests/hardening/4.1.4_record_date_time_edit.sh
renamed: tests/hardening/8.1.11_record_failed_access_file.sh -> tests/hardening/4.1.5_record_user_group_edit.sh
renamed: tests/hardening/8.1.10_record_dac_edit.sh -> tests/hardening/4.1.6_record_network_edit.sh
renamed: tests/hardening/8.1.1.3_keep_all_audit_logs.sh -> tests/hardening/4.1.7_record_mac_edit.sh
renamed: tests/hardening/8.1.1.2_halt_when_audit_log_full.sh -> tests/hardening/4.1.8_record_login_logout.sh
renamed: tests/hardening/8.1.1.1_audit_log_storage.sh -> tests/hardening/4.1.9_record_session_init.sh
2019-09-09 16:45:54 +02:00
Charles Herlin
032aaa7c79
Renumber 7.5.x and 7.6
...
renamed: bin/hardening/7.5.1_disable_dccp.sh -> bin/hardening/3.4.1_disable_dccp.sh
renamed: bin/hardening/7.5.2_disable_sctp.sh -> bin/hardening/3.4.2_disable_sctp.sh
renamed: bin/hardening/7.5.3_disable_rds.sh -> bin/hardening/3.4.3_disable_rds.sh
renamed: bin/hardening/7.5.4_disable_tipc.sh -> bin/hardening/3.4.4_disable_tipc.sh
renamed: bin/hardening/7.6_disable_wireless.sh -> bin/hardening/3.6_disable_wireless.sh
renamed: tests/hardening/7.6_disable_wireless.sh -> tests/hardening/3.4.1_disable_dccp.sh
renamed: tests/hardening/7.5.4_disable_tipc.sh -> tests/hardening/3.4.2_disable_sctp.sh
renamed: tests/hardening/7.5.3_disable_rds.sh -> tests/hardening/3.4.3_disable_rds.sh
renamed: tests/hardening/7.5.2_disable_sctp.sh -> tests/hardening/3.4.4_disable_tipc.sh
renamed: tests/hardening/7.5.1_disable_dccp.sh -> tests/hardening/3.6_disable_wireless.sh
2019-08-30 17:18:26 +02:00
Charles Herlin
68f9f56192
Renumber 7.4.x tcp wrappers
...
renamed: bin/hardening/7.4.1_install_tcp_wrapper.sh -> bin/hardening/3.3.1_install_tcp_wrapper.sh
renamed: bin/hardening/7.4.2_hosts_allow.sh -> bin/hardening/3.3.2_hosts_allow.sh
renamed: bin/hardening/7.4.4_hosts_deny.sh -> bin/hardening/3.3.3_hosts_deny.sh
renamed: bin/hardening/7.4.3_hosts_allow_permissions.sh -> bin/hardening/3.3.4_hosts_allow_permissions.sh
renamed: bin/hardening/7.4.5_hosts_deny_permissions.sh -> bin/hardening/3.3.5_hosts_deny_permissions.sh
renamed: tests/hardening/7.4.5_hosts_deny_permissions.sh -> tests/hardening/3.3.1_install_tcp_wrapper.sh
renamed: tests/hardening/7.4.4_hosts_deny.sh -> tests/hardening/3.3.2_hosts_allow.sh
renamed: tests/hardening/7.4.3_hosts_allow_permissions.sh -> tests/hardening/3.3.3_hosts_deny.sh
renamed: tests/hardening/7.4.2_hosts_allow.sh -> tests/hardening/3.3.4_hosts_allow_permissions.sh
renamed: tests/hardening/7.4.1_install_tcp_wrapper.sh -> tests/hardening/3.3.5_hosts_deny_permissions.sh
2019-08-30 17:11:03 +02:00
Charles Herlin
c5674c3627
Renumber network params 7.1.x, 7.2.x and 7.3
...
renamed: bin/hardening/7.1.1_disable_ip_forwarding.sh -> bin/hardening/3.1.1_disable_ip_forwarding.sh
renamed: bin/hardening/7.1.2_disable_send_packet_redirects.sh -> bin/hardening/3.1.2_disable_send_packet_redirects.sh
renamed: bin/hardening/7.2.1_disable_source_routed_packets.sh -> bin/hardening/3.2.1_disable_source_routed_packets.sh
renamed: bin/hardening/7.2.2_disable_icmp_redirect.sh -> bin/hardening/3.2.2_disable_icmp_redirect.sh
renamed: bin/hardening/7.2.3_disable_secure_icmp_redirect.sh -> bin/hardening/3.2.3_disable_secure_icmp_redirect.sh
renamed: bin/hardening/7.2.4_log_martian_packets.sh -> bin/hardening/3.2.4_log_martian_packets.sh
renamed: bin/hardening/7.2.5_ignore_broadcast_requests.sh -> bin/hardening/3.2.5_ignore_broadcast_requests.sh
renamed: bin/hardening/7.2.8_enable_tcp_syn_cookies.sh -> bin/hardening/3.2.8_enable_tcp_syn_cookies.sh
renamed: bin/hardening/7.3.1_disable_ipv6_router_advertisement.sh -> bin/hardening/3.2.9_disable_ipv6_router_advertisement.sh
renamed: bin/hardening/7.3.3_disable_ipv6.sh -> bin/hardening/3.7_disable_ipv6.sh
deleted: bin/hardening/7.2.6_enable_bad_error_message_protection.sh
deleted: bin/hardening/7.2.7_enable_source_route_validation.sh
deleted: bin/hardening/7.3.2_disable_ipv6_redirect.sh
renamed: tests/hardening/7.3.3_disable_ipv6.sh -> tests/hardening/3.1.1_disable_ip_forwarding.sh
renamed: tests/hardening/7.3.2_disable_ipv6_redirect.sh -> tests/hardening/3.1.2_disable_send_packet_redirects.sh
renamed: tests/hardening/7.3.1_disable_ipv6_router_advertisement.sh -> tests/hardening/3.2.1_disable_source_routed_packets.sh
renamed: tests/hardening/7.2.8_enable_tcp_syn_cookies.sh -> tests/hardening/3.2.2_disable_icmp_redirect.sh
renamed: tests/hardening/7.2.7_enable_source_route_validation.sh -> tests/hardening/3.2.3_disable_secure_icmp_redirect.sh
renamed: tests/hardening/7.2.6_enable_bad_error_message_protection.sh -> tests/hardening/3.2.4_log_martian_packets.sh
renamed: tests/hardening/7.2.5_ignore_broadcast_requests.sh -> tests/hardening/3.2.5_ignore_broadcast_requests.sh
renamed: tests/hardening/7.2.4_log_martian_packets.sh -> tests/hardening/3.2.8_enable_tcp_syn_cookies.sh
renamed: tests/hardening/7.2.3_disable_secure_icmp_redirect.sh -> tests/hardening/3.2.9_disable_ipv6_router_advertisement.sh
renamed: tests/hardening/7.2.2_disable_icmp_redirect.sh -> tests/hardening/3.7_disable_ipv6.sh
deleted: tests/hardening/7.1.1_disable_ip_forwarding.sh
deleted: tests/hardening/7.1.2_disable_send_packet_redirects.sh
deleted: tests/hardening/7.2.1_disable_source_routed_packets.sh
2019-08-30 14:14:29 +02:00
Charles Herlin
e205dc7481
Renumber special purpose services 6.x
...
new file: bin/hardening/2.2.1.1_use_time_sync.sh
renamed: bin/hardening/6.5_configure_ntp.sh -> bin/hardening/2.2.1.2_configure_ntp.sh
new file: bin/hardening/2.2.1.3_configure_chrony.sh
renamed: bin/hardening/6.10_disable_http_server.sh -> bin/hardening/2.2.10_disable_http_server.sh
renamed: bin/hardening/6.11_disable_imap_pop.sh -> bin/hardening/2.2.11_disable_imap_pop.sh
renamed: bin/hardening/6.12_disable_samba.sh -> bin/hardening/2.2.12_disable_samba.sh
renamed: bin/hardening/6.13_disable_http_proxy.sh -> bin/hardening/2.2.13_disable_http_proxy.sh
renamed: bin/hardening/6.14_disable_snmp_server.sh -> bin/hardening/2.2.14_disable_snmp_server.sh
renamed: bin/hardening/6.15_mta_localhost.sh -> bin/hardening/2.2.15_mta_localhost.sh
renamed: bin/hardening/6.16_disable_rsync.sh -> bin/hardening/2.2.16_disable_rsync.sh
renamed: bin/hardening/6.1_disable_xwindow_system.sh -> bin/hardening/2.2.2_disable_xwindow_system.sh
renamed: bin/hardening/6.2_disable_avahi_server.sh -> bin/hardening/2.2.3_disable_avahi_server.sh
renamed: bin/hardening/6.4_disable_dhcp.sh -> bin/hardening/2.2.5_disable_dhcp.sh
renamed: bin/hardening/6.6_disable_ldap.sh -> bin/hardening/2.2.6_disable_ldap.sh
renamed: bin/hardening/6.7_disable_nfs_rpc.sh -> bin/hardening/2.2.7_disable_nfs_rpc.sh
renamed: bin/hardening/6.8_disable_dns_server.sh -> bin/hardening/2.2.8_disable_dns_server.sh
renamed: bin/hardening/6.9_disable_ftp.sh -> bin/hardening/2.2.9_disable_ftp.sh
deleted: bin/hardening/6.3_disable_print_server.sh
new file: tests/hardening/2.2.1.1_use_time_sync.sh
renamed: tests/hardening/6.9_disable_ftp.sh -> tests/hardening/2.2.1.2_configure_ntp.sh
renamed: tests/hardening/6.8_disable_dns_server.sh -> tests/hardening/2.2.1.3_configure_chrony.sh
renamed: tests/hardening/6.7_disable_nfs_rpc.sh -> tests/hardening/2.2.10_disable_http_server.sh
renamed: tests/hardening/6.6_disable_ldap.sh -> tests/hardening/2.2.11_disable_imap_pop.sh
renamed: tests/hardening/6.5_configure_ntp.sh -> tests/hardening/2.2.12_disable_samba.sh
renamed: tests/hardening/6.4_disable_dhcp.sh -> tests/hardening/2.2.13_disable_http_proxy.sh
renamed: tests/hardening/6.3_disable_print_server.sh -> tests/hardening/2.2.14_disable_snmp_server.sh
renamed: tests/hardening/6.2_disable_avahi_server.sh -> tests/hardening/2.2.15_mta_localhost.sh
renamed: tests/hardening/6.1_disable_xwindow_system.sh -> tests/hardening/2.2.16_disable_rsync.sh
renamed: tests/hardening/6.16_disable_rsync.sh -> tests/hardening/2.2.2_disable_xwindow_system.sh
renamed: tests/hardening/6.15_mta_localhost.sh -> tests/hardening/2.2.3_disable_avahi_server.sh
renamed: tests/hardening/6.14_disable_snmp_server.sh -> tests/hardening/2.2.5_disable_dhcp.sh
renamed: tests/hardening/6.13_disable_http_proxy.sh -> tests/hardening/2.2.6_disable_ldap.sh
renamed: tests/hardening/6.12_disable_samba.sh -> tests/hardening/2.2.7_disable_nfs_rpc.sh
renamed: tests/hardening/6.11_disable_imap_pop.sh -> tests/hardening/2.2.8_disable_dns_server.sh
renamed: tests/hardening/6.10_disable_http_server.sh -> tests/hardening/2.2.9_disable_ftp.sh
2019-08-29 16:02:39 +02:00
Charles Herlin
fbdf3b72ed
Renumbering OS services checks and removing obsolete ones
...
new file: bin/hardening/2.1.1_disable_xinetd.sh
renamed: bin/hardening/5.1.8_disable_inetd.sh -> bin/hardening/2.1.2_disable_bsd_inetd.sh
renamed: bin/hardening/5.1.1_disable_nis.sh -> bin/hardening/2.3.1_disable_nis.sh
renamed: bin/hardening/5.1.3_disable_rsh_client.sh -> bin/hardening/2.3.2_disable_rsh_client.sh
renamed: bin/hardening/5.1.5_disable_talk_client.sh -> bin/hardening/2.3.3_disable_talk_client.sh
deleted: bin/hardening/5.1.2_disable_rsh.sh
deleted: bin/hardening/5.1.4_disable_talk.sh
deleted: bin/hardening/5.1.6_disable_telnet_server.sh
deleted: bin/hardening/5.1.7_disable_tftp_server.sh
deleted: bin/hardening/5.2_disable_chargen.sh
deleted: bin/hardening/5.3_disable_daytime.sh
deleted: bin/hardening/5.4_disable_echo.sh
deleted: bin/hardening/5.5_disable_discard.sh
deleted: bin/hardening/5.6_disable_time.sh
renamed: tests/hardening/5.6_disable_time.sh -> tests/hardening/2.1.1_disable_xinetd.sh
renamed: tests/hardening/5.5_disable_discard.sh -> tests/hardening/2.3.1_disable_nis.sh
renamed: tests/hardening/5.4_disable_echo.sh -> tests/hardening/2.3.2_disable_rsh_client.sh
renamed: tests/hardening/5.3_disable_daytime.sh -> tests/hardening/2.3.3_disable_talk_client.sh
deleted: tests/hardening/5.1.1_disable_nis.sh
deleted: tests/hardening/5.1.2_disable_rsh.sh
deleted: tests/hardening/5.1.3_disable_rsh_client.sh
deleted: tests/hardening/5.1.4_disable_talk.sh
deleted: tests/hardening/5.1.5_disable_talk_client.sh
deleted: tests/hardening/5.1.6_disable_telnet_server.sh
deleted: tests/hardening/5.1.7_disable_tftp_server.sh
deleted: tests/hardening/5.1.8_disable_inetd.sh
deleted: tests/hardening/5.2_disable_chargen.sh
2019-08-29 10:33:23 +02:00
Charles Herlin
6365f58b4c
Renumbering 4.x checks
...
renamed: 4.1_restrict_core_dumps.sh -> 1.5.1_restrict_core_dumps.sh
renamed: 4.2_enable_nx_support.sh -> 1.5.2_enable_nx_support.sh
renamed: 4.3_enable_randomized_vm_placement.sh -> 1.5.3_enable_randomized_vm_placement.sh
renamed: 4.4_disable_prelink.sh -> 1.5.4_disable_prelink.sh
renamed: ../../tests/hardening/4.4_disable_prelink.sh -> ../../tests/hardening/1.5.1_restrict_core_dumps.sh
renamed: ../../tests/hardening/4.3_enable_randomized_vm_placement.sh -> ../../tests/hardening/1.5.2_enable_nx_support.sh
renamed: ../../tests/hardening/4.2_enable_nx_support.sh -> ../../tests/hardening/1.5.3_enable_randomized_vm_placement.sh
renamed: ../../tests/hardening/4.1_restrict_core_dumps.sh -> ../../tests/hardening/1.5.4_disable_prelink.sh
2019-08-28 17:26:27 +02:00
Charles Herlin
fe25b1ba38
Renumbering of bootloader checks
...
renamed: 3.1_bootloader_ownership.sh -> 1.4.1_bootloader_ownership.sh
renamed: 3.3_bootloader_password.sh -> 1.4.2_bootloader_password.sh
renamed: 3.4_root_password.sh -> 1.4.3_root_password.sh
deleted: 3.2_bootloader_permissions.sh
renamed: ../../tests/hardening/3.4_root_password.sh -> ../../tests/hardening/1.4.1_bootloader_ownership.sh
renamed: ../../tests/hardening/3.3_bootloader_password.sh -> ../../tests/hardening/1.4.2_bootloader_password.sh
renamed: ../../tests/hardening/3.1_bootloader_ownership.sh -> ../../tests/hardening/1.4.3_root_password.sh
2019-08-28 17:19:59 +02:00
Charles Herlin
0b85d16c16
First batch of renaming to comply to comply to 8v2 and 9 pdf
...
renamed: 2.19_disable_freevxfs.sh -> 1.1.1.1_disable_freevxfs.sh
renamed: 2.20_disable_jffs2.sh -> 1.1.1.2_disable_jffs2.sh
renamed: 2.21_disable_hfs.sh -> 1.1.1.3_disable_hfs.sh
renamed: 2.22_disable_hfsplus.sh -> 1.1.1.4_disable_hfsplus.sh
renamed: 2.24_disable_udf.sh -> 1.1.1.5_disable_udf.sh
renamed: 2.7_var_log_partition.sh -> 1.1.11_var_log_partition.sh
renamed: 2.8_var_log_audit_partition.sh -> 1.1.12_var_log_audit_partition.sh
renamed: 2.9_home_partition.sh -> 1.1.13_home_partition.sh
renamed: 2.10_home_nodev.sh -> 1.1.14_home_nodev.sh
renamed: 2.14_run_shm_nodev.sh -> 1.1.15_run_shm_nodev.sh
renamed: 2.15_run_shm_nosuid.sh -> 1.1.16_run_shm_nosuid.sh
renamed: 2.16_run_shm_noexec.sh -> 1.1.17_run_shm_noexec.sh
renamed: 2.11_removable_device_nodev.sh -> 1.1.18_removable_device_nodev.sh
renamed: 2.13_removable_device_nosuid.sh -> 1.1.19_removable_device_nosuid.sh
renamed: 2.12_removable_device_noexec.sh -> 1.1.20_removable_device_noexec.sh
renamed: 2.17_sticky_bit_world_writable_folder.sh -> 1.1.21_sticky_bit_world_writable_folder.sh
renamed: 2.25_disable_automounting.sh -> 1.1.22_disable_automounting.sh
renamed: 2.1_tmp_partition.sh -> 1.1.2_tmp_partition.sh
renamed: 2.2_tmp_nodev.sh -> 1.1.3_tmp_nodev.sh
renamed: 2.3_tmp_nosuid.sh -> 1.1.4_tmp_nosuid.sh
renamed: 2.4_tmp_noexec.sh -> 1.1.5_tmp_noexec.sh
renamed: 2.5_var_partition.sh -> 1.1.6_var_partition.sh
renamed: 1.1_install_updates.sh -> 1.8_install_updates.sh
2019-08-27 15:30:47 +02:00
Thibault Ayanides
88e3a515ef
5.2.17_sshd_login_grace_time
2020-10-05 17:26:13 +02:00
Thibault Ayanides
55c1cdbdde
5.2.3_ssh_host_public_keys_perm_ownership
2020-10-05 17:05:47 +02:00
Thibault Ayanides
6f5d714b55
5.2.2_ssh_host_private_keys_perm_ownership
2020-10-05 17:05:26 +02:00
Thibault Ayanides
d6e5803252
4.2.4_logs_permissions
2020-10-05 13:17:44 +02:00
Thibault Ayanides
922f28c200
4.2.3_install_syslog-ng
2020-09-30 17:03:10 +02:00
Charles Herlin
5a1a70bbd3
FIX(test/10.2): backup and restore /etc/passwd after test
2019-08-28 12:30:13 +02:00
Charles Herlin
a4969e6ba6
IMP(99.3.1): improve check with disabled passwords
2019-08-28 11:49:01 +02:00
Charles Herlin
96f3b74334
FIX(10.2): improve test to check multiple login shells
...
fix IFS bug
add test
2019-08-28 11:47:49 +02:00
Charles Herlin
1ec77dbb56
FIX(13.15): fix code that did not show duplicated group
...
Add tests
Apply shellcheck recommendations
2019-03-28 17:51:02 +01:00
Charles Herlin
8f87d75293
FIX(99.5.4): fix regex to allow other authkey options than "from"
2019-03-15 18:17:48 +01:00
Charles Herlin
02673826a0
FIX(8.2.x): fix grep and find in audit scripts
2019-03-18 16:19:05 +01:00
Charles Herlin
be1ad3e581
IMP(99.5.4): add conf to check only listed users
2019-03-05 10:49:45 +01:00
Charles Herlin
9ada868f43
IMP(8.2.4): add exceptions in check and apply
...
Apply shellcheck recommendations
2019-03-01 12:12:42 +01:00
Charles Herlin
41ccd5655a
CHORE(test 8.2.5): removed useless cleanup line
2019-02-26 15:19:05 +01:00
Charles Herlin
e46a85dc6c
FIX(9.3.2): dismiss test for initial after e7d9977
...
LogLevel not consistent at install time between debian versions
Easier to dismiss this check's result at the first step
2019-02-26 15:16:06 +01:00
Charles Herlin
1caf0f489a
FIX(12.1x): fix tests exception for mail after da6acb0b
...
Installing syslog-ng in Dockerfile added some suid/sgid binaries that
needed to be treated as exception in test scenarii
2019-02-26 15:08:21 +01:00
Charles Herlin
de7dfe5956
CHORE(2.1x): use "readlink -e" instead of custom func
...
Removed get_partition_from_symlink()
2019-02-26 15:06:51 +01:00
Charles Herlin
8031c388c6
IMP(9.3.2): Comply with Debian9 guide: verbose ssh loglevel
2019-02-25 15:16:02 +01:00
Charles Herlin
f7f2f614aa
IMP(9.3.2): Add custom configuration management
...
Add create_config to allow user to customize their conf
Improve tests
Apply shellcheck recommendations
2019-02-22 15:40:01 +01:00
Charles Herlin
605a768fe1
IMP(13.13): Add exceptions for home directories not owned by owner
...
Fill tests
Apply shellcheck recommendations
2019-02-22 15:22:58 +01:00
Charles Herlin
80a1146af7
IMP(8.2.5): find multiline pattern in files (syslog)
...
Add func to find pattern in file that spreads over multiple lines
The func will remove commented lines (that begin with '#')
and consider the file as one long line.
Thus, this is not possible to look for pattern at beginning of line
with this func ('^' and '$')
Improved pattern in 8.2.5
Add syslog-ng to installed dependencies in Dockerfiles
Fixed multifile arguments when looking for pattern that got broken
in d2bbf754
due to "nocase" and _does_pattern_exist_in_file wrapper
Please note that you can only look for pattern in ONE FILE at once
Fixed 8.2.5 and 8.3.2 with for loop on files and 'FOUND' flag
You now need to specify each and every file to look for or embed a
'find' command as follow :
`FILES="$SYSLOG_BASEDIR/syslog-ng.conf $(find $SYSLOG_BASEDIR/conf.d/)"`
Improved test files
Applied shellcheck recommendations
2019-02-22 12:39:41 +01:00