mirror of
https://github.com/ovh/debian-cis.git
synced 2025-01-14 08:35:49 +01:00
80a1146af7
Add func to find pattern in file that spreads over multiple lines The func will remove commented lines (that begin with '#') and consider the file as one long line. Thus, this is not possible to look for pattern at beginning of line with this func ('^' and '$') Improved pattern in 8.2.5 Add syslog-ng to installed dependencies in Dockerfiles Fixed multifile arguments when looking for pattern that got broken in d2bbf754 due to "nocase" and _does_pattern_exist_in_file wrapper Please note that you can only look for pattern in ONE FILE at once Fixed 8.2.5 and 8.3.2 with for loop on files and 'FOUND' flag You now need to specify each and every file to look for or embed a 'find' command as follow : `FILES="$SYSLOG_BASEDIR/syslog-ng.conf $(find $SYSLOG_BASEDIR/conf.d/)"` Improved test files Applied shellcheck recommendations
18 lines
596 B
Docker
18 lines
596 B
Docker
FROM debian:jessie
|
|
|
|
RUN groupadd -g 500 secaudit && useradd -u 500 -g 500 -s /bin/bash secaudit && mkdir -m 700 /home/secaudit && chown secaudit:secaudit /home/secaudit
|
|
|
|
RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y bc openssh-server sudo syslog-ng
|
|
|
|
COPY --chown=500:500 . /opt/debian-cis/
|
|
|
|
COPY debian/default /etc/default/cis-hardening
|
|
RUN sed -i 's#cis-hardening#debian-cis#' /etc/default/cis-hardening
|
|
|
|
COPY cisharden.sudoers /etc/sudoers.d/secaudit
|
|
RUN sed -i 's#cisharden#secaudit#' /etc/sudoers.d/secaudit
|
|
|
|
|
|
ENTRYPOINT ["/opt/debian-cis/tests/launch_tests.sh"]
|
|
|