debian-cis/tests/hardening/1.1.17_run_shm_noexec.sh
GoldenKiwi 19ce790a27
fix: ensure mountpoints are properly detected (#177)
Fixes #155
When real entries are present in fstab, system startup or runtime mountpoints are now properly detected
Add a supplementary check in case of partition not present in fstab
2023-05-02 18:01:53 +02:00

32 lines
1.1 KiB
Bash

# shellcheck shell=bash
# run-shellcheck
test_audit() {
describe Running on blank host
register_test retvalshouldbe 0
# shellcheck disable=2154
run blank /opt/debian-cis/bin/hardening/"${script}".sh --audit-all
ln -s /dev/shm /run/shm
describe Partition symlink
register_test retvalshouldbe 0
run resolved /opt/debian-cis/bin/hardening/"${script}".sh --audit-all
echo "dummy entry" >>/etc/fstab
describe Fstab with a real entry to match runtime partitions
register_test retvalshouldbe 0
run resolved /opt/debian-cis/bin/hardening/"${script}".sh --audit-all
# Cleanup
rm /run/shm
sed "/dummy entry/d" /etc/fstab
##################################################################
# For this test, we only check that it runs properly on a blank #
# host, and we check root/sudo consistency. But, we don't test #
# the apply function because it can't be automated or it is very #
# long to test and not very useful. #
##################################################################
}