elie/debian-cis
1
0
Fork 0
mirror of https://github.com/ovh/debian-cis.git synced 2025-04-18 16:17:31 +02:00
Code Issues Packages Projects Releases Wiki Activity

Commit Graph

  • aa3983c6d0 FIX: add way of completely skipping test that bugged with jessie Charles Herlin 2019-01-30 11:06:49 +01:00
  • 2dd753e5e7 Fix typo in test skeleton and add shellcheck comment Charles Herlin 2019-01-25 14:16:47 +01:00
  • bf3bfc2a91 FIX: bug crashing for undeclared variable when consitency checks failed Charles Herlin 2019-01-25 10:33:38 +01:00
  • a1a4295dcf IMP: tests readability and runtime error handling Charles Herlin 2019-01-24 15:53:09 +01:00
  • e8ae07c2e8 IMP: new tag in file to tell that the script should pass shellcheck Charles Herlin 2019-01-24 11:11:08 +01:00
  • 13c88c7da2 FIX: tests return value that was always 255 Charles Herlin 2019-01-23 12:54:33 +01:00
  • 9ba0361be0 FIX: quotes in find command, misinterpreted shellcheck advice Charles Herlin 2019-01-23 16:55:48 +01:00
  • 71b70a2b8c FEAT: Add sudo_wrapper to catch unauthorized sudo commands Charles Herlin 2018-03-16 12:06:56 +01:00
  • 176fb96fa4 FEAT: automate shellcheck test with docker Charles Herlin 2019-01-17 12:39:15 +01:00
  • c51a8ee9b8 FIX: sed that was too greedy Charles Herlin 2019-01-02 13:02:02 +01:00
  • e72c7aae15 Add missing /usr/bin/su Charles Herlin 2019-01-03 11:21:51 +01:00
  • 8e6618eedf FIX: add /usr/bin/* path for suid/guid allowed binaries Charles Herlin 2019-01-02 17:03:29 +01:00
  • 67df4da781 Adding batch mode to output just one line of text (no colors) in order to be parsed by computer tools Charles Herlin 2017-10-31 17:44:15 +01:00
  • 8a7f9ddad5 Change from CIS reco and only warn (no crit) if logfile does not exist Charles Herlin 2018-03-22 18:17:17 +01:00
  • 863adc9c84 IMP(test): Add feature to run functional tests in docker instance Charles Herlin 2018-12-24 14:12:59 +01:00
  • 4fc79c133f Improve --only option to perform only specified test and no other lookalike test number Charles Herlin 2018-03-15 12:03:10 +01:00
  • 7077554bca Redirect stderr to avoid printing "no such file" error Charles Herlin 2018-03-19 18:06:47 +01:00
  • 76abf8da36 resolve #SOC-30 Also check /etc/security/limits.d/ for core dump limit Charles Herlin 2018-02-12 15:37:12 +01:00
  • 51f589923d Fix SOC-28, add test if file exist, if not issue error Charles Herlin 2018-02-09 13:49:38 +01:00
  • b1f85d3f99 Add sudo management in main and utils Charles Herlin 2017-11-09 15:45:42 +01:00
  • a3937b3183 changelog: Update to 1.1-1 v1.1-1 Julien Delayen 2018-02-02 09:40:58 +01:00
  • 423e454b62 debian: Remove useless {shlibs:Depends} Julien Delayen 2017-12-14 14:24:21 +01:00
  • b5939dffbe debian: Fix lintian warning Julien Delayen 2017-12-14 14:17:27 +01:00
  • 1a9c92b345 debian: Remove auto-generated files from conffiles Julien Delayen 2017-12-14 14:10:45 +01:00
  • 6977eb5064 Merge pull request #31 in IAAS/cis-hardening from dev/cherlin/update-cis-scripts to master Thibault Dewailly 2017-12-05 11:38:15 +01:00
  • 12fe049eba Merge pull request #28 in IAAS/cis-hardening from dev/cherlin/cis-root-dir-in-env to master Thibault Dewailly 2017-12-05 11:32:45 +01:00
  • 02f0e30df1 Expand tabs to 4 spaces and trim trailing spaces Charles Herlin 2017-11-17 15:13:27 +01:00
  • ae6fbf2d86 Update ciphers list in 9.3.11 with latest chacha20 and gcm ciphers Charles Herlin 2017-11-10 14:48:51 +01:00
  • d2a8b2cb28 Remove unnecessary CIS_ROOT_DIR empty assignation Charles Herlin 2017-10-25 17:44:56 +02:00
  • 5b2404dab8 Applying batch edit to all hardening/*.sh scripts for new CIS_ROOT_DIR management Charles Herlin 2017-10-25 14:50:39 +02:00
  • 119d532a7f Changing CIS_ROOT_DIR management in env in bin/hardening.sh Charles Herlin 2017-10-25 14:48:54 +02:00
  • 161ffa56a7 Change src/skel to allow setting CIS_ROOT_DIR in env and not just sourcing /etc/default/cis-hardening. Making the whole lib more versatile. Charles Herlin 2017-10-23 14:50:11 +02:00
  • 3b7a2b8216 Merge pull request #12 from speed47/dev/enhancements Thibault Dewailly 2017-09-28 13:22:59 +02:00
  • 40e57a5cb2 Merge pull request #27 in IAAS/cis-hardening from dev/thibault.dewailly/fixwildcards to master Kevin Tanguy 2017-06-15 10:43:31 +02:00
  • 481485a0d7 No more wildcards in file list to be more resilient thibault.dewailly 2017-06-13 15:36:06 +02:00
  • fae0c5a64b Merge pull request #26 in IAAS/cis-hardening from dev/kevin.tanguy/packagebump to master Thibault Dewailly 2017-06-08 09:41:43 +02:00
  • 72999b8b5d Debian package revision bump 1.0-11 kevin.tanguy 2017-06-05 16:36:25 +02:00
  • 676b17c54f add hardening templating and several enhancements Stéphane Lesimple 2017-05-18 18:40:09 +02:00
  • 2ef500298b Merge pull request #11 from speed47/dev/fix_does_pattern_exist_in_file Thibault Dewailly 2017-05-19 18:30:21 +02:00
  • a1f970e737 Merge pull request #10 from speed47/dev/beautifyprint Thibault Dewailly 2017-05-19 17:20:47 +02:00
  • 3e0187094a handle ENOENT properly in does_pattern_exist_in_file\(\) Stéphane Lesimple 2017-05-18 18:31:24 +02:00
  • cca0310d64 set a fixed-size prefix for logger Stéphane Lesimple 2017-05-18 18:27:02 +02:00
  • 233d1245fc Merge pull request #9 from Joorem/10.1.3-fix-option-name Thibault Dewailly 2017-05-04 09:28:42 +02:00
  • 46dbe8a6bc [10.1.3] set the good value for $OPTIONS Jérôme Le Gal 2017-05-03 23:08:48 +02:00
  • a46490b2d8 Merge pull request #25 in IAAS/cis-hardening from dev/thibault.dewailly/fixShadowParsing to master Kevin Tanguy 2017-03-14 16:19:33 +01:00
  • 3e1df0cdf9 [Debian 8] Fixed comments for debian 8 compliance thibault.dewailly 2017-03-10 17:46:39 +01:00
  • 0c053eef56 [10.2] Fixed result parsing in case of spaces in passwd list thibault.dewailly 2017-03-10 17:26:55 +01:00
  • eb7bf7fece Merge branch 'master' of github.com:ovh/debian-cis thibault.dewailly 2016-07-04 11:45:41 +02:00
  • e93b9f89f4 Merge pull request #7 from MatthieuDestrez/fixPermitEmptyPassword Thibault Dewailly 2016-07-04 11:44:40 +02:00
  • f5cb5ddf97 fixed option name in 9.3.9_disable_sshd_permitemptypasswords.sh, was PermitRootLogin instead of PermitEmptyPassword Matthieu Destrez 2016-06-29 15:12:21 +02:00
  • 45f529a392 Merge pull request #24 in IAAS/cis-hardening from dev/kevin.tanguy/wheezy to master Thibault Dewailly 2016-05-18 09:44:02 +02:00
  • 4705846c60 Debian package revision bump 1.0-10 Kevin Tanguy 2016-05-18 09:06:14 +02:00
  • 3209a4c302 Merge pull request #5 from jeremydenoun/fix-echo Thibault Dewailly 2016-05-17 13:28:37 +02:00
  • 53626bd926 Remove test on _logger() function jeremydenoun 2016-05-14 20:39:32 +02:00
  • 7578c2bbfb Merge pull request #23 in IAAS/cis-hardening from dev/kevin.tanguy/wheezy to master Thibault Dewailly 2016-05-03 13:24:15 +02:00
  • 74711a2d37 Debian package revision bump 1.0-9 Kevin Tanguy 2016-05-03 12:34:12 +02:00
  • 544c2a4aea Merge pull request #22 in IAAS/cis-hardening from dev/thibault.dewailly/fix to master Kevin Tanguy 2016-05-03 11:27:39 +02:00
  • e902c9b4c8 Fixed replace in file function with proper substitution thibault.dewailly 2016-05-03 11:25:37 +02:00
  • 612e28b16f tripwire : fixed typo on postinstall helper thibault.dewailly 2016-05-02 11:11:07 +02:00
  • 4867538c22 fix 99.1 Apply TMOUT Variable thibault.dewailly 2016-05-02 10:45:32 +02:00
  • a986f3b340 Merge pull request #20 in IAAS/cis-hardening from dev/kevin.tanguy/rephrasingAllOver to master Thibault Dewailly 2016-04-26 14:57:54 +02:00
  • 1479332870 debian dependencies fix, rephrasing, revision bump 1.0-8. kevin.tanguy 2016-04-25 15:15:49 +02:00
  • 2ebfee70ed Merge pull request #19 in IAAS/cis-hardening from dev/kevin.tanguy/wheezy to master Thibault Dewailly 2016-04-25 09:21:10 +02:00
  • 19543c2e68 Debian package revision bump 1.0-7 Kevin Tanguy 2016-04-25 09:19:46 +02:00
  • faedc43b73 Merge pull request #18 in IAAS/cis-hardening from dev/thibault.dewailly/fix6.15 to master Thibault Dewailly 2016-04-25 08:41:43 +02:00
  • 6e366172f8 Fixed 6.15 netstat analysis thibault.dewailly 2016-04-22 16:59:52 +02:00
  • 22fcd6ca74 Merge pull request #17 in IAAS/cis-hardening from dev/kevin.tanguy/wheezy to master Thibault Dewailly 2016-04-22 14:47:46 +02:00
  • 3136adeed5 Debian package revision bump 1.0-6 kevin.tanguy 2016-04-22 14:29:33 +02:00
  • b4aeada621 Merge pull request #15 in IAAS/cis-hardening from dev/kevin.tanguy/wheezy to master Thibault Dewailly 2016-04-22 10:25:21 +02:00
  • d229a57bac Debian package revision bump 1.0-5 kevin.tanguy 2016-04-22 10:18:31 +02:00
  • 98eff3174b Merge pull request #4 from jedisct1/valuemsg Thibault Dewailly 2016-04-22 08:40:14 +02:00
  • a286a3ffea Merge pull request #14 in IAAS/cis-hardening from dev/thibault.dewailly/fixCron to master Thibault Dewailly 2016-04-22 08:35:32 +02:00
  • cb3077e268 Fixed default file error handling and quickstart thibault.dewailly 2016-04-21 23:19:50 +02:00
  • ed410747df Rephrase confusing messages Frank Denis 2016-04-21 18:32:36 +02:00
  • 08fd72786c Fixed point 9.1.8 cron rights as a chmod 600 disabled the cron.allow features (file must be world readable) thibault.dewailly 2016-04-21 18:15:22 +02:00
  • 85bae89dc3 Merge pull request #2 from PunKeel/master Thibault Dewailly 2016-04-21 15:41:30 +02:00
  • 447718b145 Fix typo PunKeel 2016-04-21 15:18:36 +02:00
  • 56e75d78bd Merge pull request #13 in IAAS/cis-hardening from dev/kevin.tanguy/readme to master Thibault Dewailly 2016-04-21 14:52:23 +02:00
  • 861236c292 Debian package revision bump 1.0-4 kevin.tanguy 2016-04-21 12:00:20 +02:00
  • f5fc840b04 Added valid suid sgid binaries thibault.dewailly 2016-04-21 11:51:10 +02:00
  • 38d144aae2 Merge pull request #1 from ovh/jt-readme Thibault Dewailly 2016-04-20 19:15:28 +02:00
  • c63eeaa209 add Readme.md Jean-Tiare Le Bigot 2016-04-20 18:56:28 +02:00
  • 8b846d77bb Debian package revision bump 1.0-3 Kevin Tanguy 2016-04-20 12:39:58 +02:00
  • 5048099df8 Fixed 8.2.4 check file exists before testing rights thibault.dewailly 2016-04-20 14:36:55 +02:00
  • 3ece442743 Added exit code to CIS_ROOT_DIR test def, optimized sed and sort thibault.dewailly 2016-04-20 11:29:44 +02:00
  • 1d7865dd68 add --audit-all-enable-passed, add info in README and help Stéphane Lesimple 2016-04-19 20:16:47 +02:00
  • 8d84f38c97 add --audit-all option Stéphane Lesimple 2016-04-19 19:26:04 +02:00
  • ccda7adb93 Debianization time Kevin Tanguy 2016-04-18 17:14:56 +02:00
  • 5cd2b48fa8 Merge pull request #5 in IAAS/cis-hardening from dev/thibault.dewailly/fixedLicense to master Thibault Dewailly 2016-04-19 13:53:08 +02:00
  • b2d3ed937e Corrected script names, added License, Completed README and corrected bug with too long logger messages thibault.dewailly 2016-04-19 09:31:01 +02:00
  • 11ed345a60 Merge pull request #4 in IAAS/cis-hardening from dev/thibault.dewailly/fixPath to master Thibault Dewailly 2016-04-18 17:40:22 +02:00
  • 6019dd9078 Corrected default file path thibault.dewailly 2016-04-18 17:39:14 +02:00
  • 6971560e06 Merge pull request #3 in IAAS/cis-hardening from dev/thibault.dewailly/bugfix to master Thibault Dewailly 2016-04-18 14:03:50 +02:00
  • b1b96cf4e3 log format correction, loglevel defaults to info thibault.dewailly 2016-04-18 14:01:03 +02:00
  • 80236c9e27 Merge pull request #2 in IAAS/cis-hardening from dev/thibault.dewailly/base_harden to master Thibault Dewailly 2016-04-18 13:25:54 +02:00
  • e79a03095c All configuration defaults to disabled README updated thibault.dewailly 2016-04-18 13:19:46 +02:00
  • 7eaf124fc0 99.1_timeout_tty.sh 99.2_disable_usb_devices.sh thibault.dewailly 2016-04-18 11:16:05 +02:00
  • 628fe96666 Fixed disabled features, headers and preparing main script thibault.dewailly 2016-04-17 23:19:41 +02:00
  • fa98efc32b Added argument parsing and test checks thibault.dewailly 2016-04-17 23:10:47 +02:00
  • f829cdacf2 13.16_check_duplicate_username.sh 13.17_check_duplicate_groupname.sh 13.18_find_user_netrc_files.sh 13.19_find_user_forward_files.sh 13.20_shadow_group_empty.sh thibault.dewailly 2016-04-17 22:30:20 +02:00