debian-cis

elie/debian-cis

Fork 0

mirror of https://github.com/ovh/debian-cis.git synced 2024-11-24 14:31:24 +01:00

Commit Graph

Select branches

Hide Pull Requests

dependabot/github_actions/luizm/action-sh-checker-0.9.0

dev/thibault.dewailly/set_hardening_level

dev/thibault.dewailly/syslogng_remotecheck

master

#1

#10

#100

#101

#102

#103

#104

#108

#11

#111

#112

#115

#118

#119

#12

#120

#121

#122

#123

#125

#127

#128

#129

#130

#131

#132

#133

#134

#135

#137

#139

#140

#141

#142

#143

#144

#145

#146

#147

#148

#149

#150

#151

#152

#153

#154

#156

#157

#159

#16

#160

#161

#164

#166

#168

#169

#170

#171

#172

#173

#174

#176

#177

#178

#179

#18

#180

#181

#184

#185

#186

#187

#188

#19

#190

#193

#194

#197

#198

#199

#2

#20

#202

#203

#204

#205

#206

#207

#208

#21

#210

#213

#214

#215

#216

#22

#221

#222

#223

#225

#226

#228

#229

#23

#232

#234

#236

#237

#238

#24

#242

#242

#243

#243

#28

#29

#30

#31

#32

#35

#36

#37

#39

#4

#40

#41

#44

#45

#47

#49

#5

#54

#56

#57

#58

#59

#6

#6

#60

#66

#67

#69

#7

#72

#73

#75

#79

#80

#81

#82

#86

#88

#9

#90

#91

#94

#95

#96

#98

#99

latest

v1.1-1

v1.2-1

v1.3

v1.3-2

v1.3-3

v1.3-4

v2.0-4

v2.0-5

v2.0-6

v2.1-1

v2.1-2

v2.1-3

v2.1-4

v2.1-5

v2.1-6

v3.0

v3.0-1

v3.1-0

v3.1-1

v3.1-2

v3.1-3

v3.1-4

v3.1-5

v3.1-6

v3.2-0

v3.2-1

v3.2-2

v3.3-1

v3.4-1

v3.5-1

v3.6-1

v3.7-1

v3.8-1

v4.0-1

v4.1-1

v4.1-2

v4.1-3

v4.1-4

b8bd75d2ad Rename dismiss_test to skip_tests since test won't even run in this case Charles Herlin 2019-02-14 17:52:45 +0100
ddfee23c80 dismiss_count will still report failed root/sudo consistency failure Charles Herlin 2019-02-14 17:44:13 +0100
5139cf0f8b properly purge remaining config files on purge kevin.tanguy 2019-02-14 14:22:55 +0100
6afed4eedb Add test stub for all audit checks, to tests root/sudo consistency Charles Herlin 2019-02-14 18:10:46 +0100
bad32f8078 Rename dismiss_test to skip_tests since test won't even run in this case Charles Herlin 2019-02-14 17:52:45 +0100
47a818b832 dismiss_count will still report failed root/sudo consistency failure Charles Herlin 2019-02-14 17:44:13 +0100
5f2803693e Change default status to audit for file with custom create_config Charles Herlin 2019-02-14 14:33:21 +0100
d6172ad89e Change default status disabled -> audit when no conf file Charles Herlin 2019-02-06 15:26:41 +0100
fc88194eca properly purge remaining config files on purge kevin.tanguy 2019-02-14 14:22:55 +0100
2b2a91a564 Change default status to audit for file with custom create_config Charles Herlin 2019-02-14 14:33:21 +0100
1a6ef92c99 FIX package name in example-cron.d-entry Charles Herlin 2019-02-14 12:21:17 +0100
edcaaeab4c Improve user management in test cases Charles Herlin 2019-02-14 11:15:51 +0100
7ad0df963c IMP: enhance scripts that check duplicate UID Charles Herlin 2019-02-13 16:07:06 +0100
7e3ee2eb93 FIX: usage if no RUN_MODE, fix only that used to run too many checks Charles Herlin 2019-02-13 17:11:28 +0100
2421d96ae2 changelog: Update to 1.2-1 (go cds go) kevin.tanguy 2019-02-12 11:41:05 +0100
d2bbf754ac Migrate generic checks from secaudit to cis-hardening Charles Herlin 2017-12-20 15:14:30 +0100
9290f0cc91 Add crontab Charles Herlin 2019-02-08 10:35:35 +0100
7690b57ea9 FIX: add becho to send batch output to syslog too Charles Herlin 2019-02-06 17:25:16 +0100
5c313c8f31 Change default status disabled -> audit when no conf file Charles Herlin 2019-02-06 15:26:41 +0100
11305a0980 FIX package name in example-cron.d-entry Charles Herlin 2019-02-14 12:21:17 +0100
1586dae0c5 Improve user management in test cases Charles Herlin 2019-02-14 11:15:51 +0100
1281860401 IMP: enhance scripts that check duplicate UID Charles Herlin 2019-02-13 16:07:06 +0100
09ae131de9 FIX: usage if no RUN_MODE, fix only that used to run too many checks Charles Herlin 2019-02-13 17:11:28 +0100
1dd630e65b changelog: Update to 1.2-1 (go cds go) kevin.tanguy 2019-02-12 11:41:05 +0100
25eb91c411 Update debian 7/8/9 in help files and remove in generic scripts Charles Herlin 2019-02-06 15:19:14 +0100
a6a09c5a5d IMP: sort find result by name and version to ease reading Charles Herlin 2019-02-01 09:42:12 +0100
35e7c32426 FIX: remove "exernal-sources" option when running shellcheck Charles Herlin 2019-01-30 16:00:45 +0100
fb918b1b98 Add shellcheck recommendation Charles Herlin 2019-01-30 12:38:39 +0100
497e1d2095 FIX: add way of completely skipping test that bugged with jessie Charles Herlin 2019-01-30 11:06:49 +0100
1a75cbfe76 Fix typo in test skeleton and add shellcheck comment Charles Herlin 2019-01-25 14:16:47 +0100
d2b20640a6 FIX: bug crashing for undeclared variable when consitency checks failed Charles Herlin 2019-01-25 10:33:38 +0100
5f7cb58dd4 IMP: tests readability and runtime error handling Charles Herlin 2019-01-24 15:53:09 +0100
d2e456b7d8 IMP: new tag in file to tell that the script should pass shellcheck Charles Herlin 2019-01-24 11:11:08 +0100
e4c5a57fbf FIX: tests return value that was always 255 Charles Herlin 2019-01-23 12:54:33 +0100
bfbd410b19 FIX: quotes in find command, misinterpreted shellcheck advice Charles Herlin 2019-01-23 16:55:48 +0100
ec6b79e3c7 FEAT: Add sudo_wrapper to catch unauthorized sudo commands Charles Herlin 2018-03-16 12:06:56 +0100
70cb310c54 FEAT: automate shellcheck test with docker Charles Herlin 2019-01-17 12:39:15 +0100
001323f448 FIX: sed that was too greedy Charles Herlin 2019-01-02 13:02:02 +0100
ed0c07d319 Add missing /usr/bin/su Charles Herlin 2019-01-03 11:21:51 +0100
03b6f1857a FIX: add /usr/bin/* path for suid/guid allowed binaries Charles Herlin 2019-01-02 17:03:29 +0100
106412149d Adding batch mode to output just one line of text (no colors) in order to be parsed by computer tools Charles Herlin 2017-10-31 17:44:15 +0100
91642474f7 Change from CIS reco and only warn (no crit) if logfile does not exist Charles Herlin 2018-03-22 18:17:17 +0100
18693200dc IMP(test): Add feature to run functional tests in docker instance Charles Herlin 2018-12-24 14:12:59 +0100
157463752d Merge branch 'master' of https://github.com/Samson-W/debian-cis Samson-W 2018-09-06 12:05:07 +0800
1c16aadab6 Fix a bug: Match is not unique when using the option --only <testnumber>. Samson-W 2018-09-06 05:51:24 +0800
a938de5e2e Fix a bug: use --only 9.2.1 is match 2.1 and 9.2.1. Samson-W 2018-09-06 05:51:24 +0800
843ce3efc3 Improve --only option to perform only specified test and no other lookalike test number Charles Herlin 2018-03-15 12:03:10 +0100
d60922ab9d Redirect stderr to avoid printing "no such file" error Charles Herlin 2018-03-19 18:06:47 +0100
39246bc175 resolve #SOC-30 Also check /etc/security/limits.d/ for core dump limit Charles Herlin 2018-02-12 15:37:12 +0100
47857774b4 Fix SOC-28, add test if file exist, if not issue error Charles Herlin 2018-02-09 13:49:38 +0100
b41df080cf Add sudo management in main and utils Charles Herlin 2017-11-09 15:45:42 +0100
b5a952e0f0 changelog: Update to 1.1-1 Julien Delayen 2018-02-02 09:40:58 +0100
810fee4c8f Migrate generic checks from secaudit to cis-hardening Charles Herlin 2017-12-20 15:14:30 +0100
ba93159a00 Add crontab Charles Herlin 2019-02-08 10:35:35 +0100
d014405e1f FIX: add becho to send batch output to syslog too Charles Herlin 2019-02-06 17:25:16 +0100
6cea326921 Update debian 7/8/9 in help files and remove in generic scripts Charles Herlin 2019-02-06 15:19:14 +0100
58cb064919 IMP: sort find result by name and version to ease reading Charles Herlin 2019-02-01 09:42:12 +0100
3ff3bb209f FIX: remove "exernal-sources" option when running shellcheck Charles Herlin 2019-01-30 16:00:45 +0100
507eadc3cb Add shellcheck recommendation Charles Herlin 2019-01-30 12:38:39 +0100
aa3983c6d0 FIX: add way of completely skipping test that bugged with jessie Charles Herlin 2019-01-30 11:06:49 +0100
2dd753e5e7 Fix typo in test skeleton and add shellcheck comment Charles Herlin 2019-01-25 14:16:47 +0100
bf3bfc2a91 FIX: bug crashing for undeclared variable when consitency checks failed Charles Herlin 2019-01-25 10:33:38 +0100
a1a4295dcf IMP: tests readability and runtime error handling Charles Herlin 2019-01-24 15:53:09 +0100
e8ae07c2e8 IMP: new tag in file to tell that the script should pass shellcheck Charles Herlin 2019-01-24 11:11:08 +0100
13c88c7da2 FIX: tests return value that was always 255 Charles Herlin 2019-01-23 12:54:33 +0100
9ba0361be0 FIX: quotes in find command, misinterpreted shellcheck advice Charles Herlin 2019-01-23 16:55:48 +0100
71b70a2b8c FEAT: Add sudo_wrapper to catch unauthorized sudo commands Charles Herlin 2018-03-16 12:06:56 +0100
176fb96fa4 FEAT: automate shellcheck test with docker Charles Herlin 2019-01-17 12:39:15 +0100
c51a8ee9b8 FIX: sed that was too greedy Charles Herlin 2019-01-02 13:02:02 +0100
e72c7aae15 Add missing /usr/bin/su Charles Herlin 2019-01-03 11:21:51 +0100
8e6618eedf FIX: add /usr/bin/* path for suid/guid allowed binaries Charles Herlin 2019-01-02 17:03:29 +0100
b0141494a9 debian: Remove useless {shlibs:Depends} Julien Delayen 2017-12-14 14:24:21 +0100
f21259c79d debian: Fix lintian warning Julien Delayen 2017-12-14 14:17:27 +0100
fe167d29c7 debian: Remove auto-generated files from conffiles Julien Delayen 2017-12-14 14:10:45 +0100
321063fe7c Merge pull request #31 in IAAS/cis-hardening from dev/cherlin/update-cis-scripts to master Thibault Dewailly 2017-12-05 11:38:15 +0100
73c640f4d1 Merge pull request #28 in IAAS/cis-hardening from dev/cherlin/cis-root-dir-in-env to master Thibault Dewailly 2017-12-05 11:32:45 +0100
5b11b1628a Expand tabs to 4 spaces and trim trailing spaces Charles Herlin 2017-11-17 15:13:27 +0100
f97fbb47f7 Update ciphers list in 9.3.11 with latest chacha20 and gcm ciphers Charles Herlin 2017-11-10 14:48:51 +0100
67df4da781 Adding batch mode to output just one line of text (no colors) in order to be parsed by computer tools Charles Herlin 2017-10-31 17:44:15 +0100
8a7f9ddad5 Change from CIS reco and only warn (no crit) if logfile does not exist Charles Herlin 2018-03-22 18:17:17 +0100
863adc9c84 IMP(test): Add feature to run functional tests in docker instance Charles Herlin 2018-12-24 14:12:59 +0100
4fc79c133f Improve --only option to perform only specified test and no other lookalike test number Charles Herlin 2018-03-15 12:03:10 +0100
7077554bca Redirect stderr to avoid printing "no such file" error Charles Herlin 2018-03-19 18:06:47 +0100
76abf8da36 resolve #SOC-30 Also check /etc/security/limits.d/ for core dump limit Charles Herlin 2018-02-12 15:37:12 +0100
51f589923d Fix SOC-28, add test if file exist, if not issue error Charles Herlin 2018-02-09 13:49:38 +0100
b1f85d3f99 Add sudo management in main and utils Charles Herlin 2017-11-09 15:45:42 +0100
a3937b3183 changelog: Update to 1.1-1 v1.1-1 Julien Delayen 2018-02-02 09:40:58 +0100
423e454b62 debian: Remove useless {shlibs:Depends} Julien Delayen 2017-12-14 14:24:21 +0100
b5939dffbe debian: Fix lintian warning Julien Delayen 2017-12-14 14:17:27 +0100
1a9c92b345 debian: Remove auto-generated files from conffiles Julien Delayen 2017-12-14 14:10:45 +0100
6977eb5064 Merge pull request #31 in IAAS/cis-hardening from dev/cherlin/update-cis-scripts to master Thibault Dewailly 2017-12-05 11:38:15 +0100
12fe049eba Merge pull request #28 in IAAS/cis-hardening from dev/cherlin/cis-root-dir-in-env to master Thibault Dewailly 2017-12-05 11:32:45 +0100
02f0e30df1 Expand tabs to 4 spaces and trim trailing spaces Charles Herlin 2017-11-17 15:13:27 +0100
ae6fbf2d86 Update ciphers list in 9.3.11 with latest chacha20 and gcm ciphers Charles Herlin 2017-11-10 14:48:51 +0100
725aaa39e5 Remove unnecessary CIS_ROOT_DIR empty assignation Charles Herlin 2017-10-25 17:44:56 +0200
d2a8b2cb28 Remove unnecessary CIS_ROOT_DIR empty assignation Charles Herlin 2017-10-25 17:44:56 +0200
cbfd04272b Applying batch edit to all hardening/*.sh scripts for new CIS_ROOT_DIR management Charles Herlin 2017-10-25 14:50:39 +0200
5b2404dab8 Applying batch edit to all hardening/*.sh scripts for new CIS_ROOT_DIR management Charles Herlin 2017-10-25 14:50:39 +0200
c70d6120f8 Changing CIS_ROOT_DIR management in env in bin/hardening.sh Charles Herlin 2017-10-25 14:48:54 +0200
119d532a7f Changing CIS_ROOT_DIR management in env in bin/hardening.sh Charles Herlin 2017-10-25 14:48:54 +0200