tyler.durden/harbian-audit
1
0
Fork 0
mirror of https://github.com/hardenedlinux/harbian-audit.git synced 2025-09-26 11:19:06 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fix some bugs for 6.18 and lib

Browse Source
This commit is contained in:
Samson-W 2020-01-17 04:04:54 +08:00
parent 8e0c2dc6e2
commit 24fd4aacc2
2 changed files with 28 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
bin/hardening/6.18_ensure_virusscan_program_update_is_enabled.sh
View File

@ -17,22 +17,28 @@ CLAMAVCONF_DIR='/etc/clamav/clamd.conf'
UPDATE_SERVER='clamav-freshclam' UPDATE_SERVER='clamav-freshclam'
audit_debian () { audit_debian () {
UPDATE_DIR=$(grep -i databasedirectory "$CLAMAVCONF_DIR" | awk '{print $2}') does_file_exist $CLAMAVCONF_DIR
if [ -d $UPDATE_DIR -a -e $CLAMAVCONF_DIR ]; then if [ $FNRET -eq 0 ]; then
NOWTIME=$(date +"%s") UPDATE_DIR=$(grep -i databasedirectory "$CLAMAVCONF_DIR" | awk '{print $2}')
# This file extension name maybe change to .cvd or .cld if [ -d $UPDATE_DIR -a -e $CLAMAVCONF_DIR ]; then
VIRUSTIME=$(stat -c "%Y" "$UPDATE_DIR"/daily.*) NOWTIME=$(date +"%s")
INTERVALTIME=$((${NOWTIME}-${VIRUSTIME})) # This file extension name maybe change to .cvd or .cld
if [ "${INTERVALTIME}" -ge 604800 ];then VIRUSTIME=$(stat -c "%Y" "$UPDATE_DIR"/daily.*)
crit "Clamav database file has a date older than seven days from the current date" INTERVALTIME=$((${NOWTIME}-${VIRUSTIME}))
FNRET=3 if [ "${INTERVALTIME}" -ge 604800 ];then
crit "Clamav database file has a date older than seven days from the current date"
FNRET=3
else
ok "Clamav database file has a date less than seven days from the current date"
FNRET=0
fi
else else
ok "Clamav database file has a date less than seven days from the current date" crit "Clamav update dir is not configuration"
FNRET=0 FNRET=2
fi fi
else else
crit "Clamav config file or update dir is not exist" crit "Clamav config file $CLAMAVCONF_DIR not exist"
FNRET=2 FNRET=1
fi fi
} }
@ -55,12 +61,16 @@ audit () {
apply_debian () { apply_debian () {
if [ $FNRET = 0 ]; then if [ $FNRET = 0 ]; then
ok "Clamav database file has a date less than seven days from the current date" ok "Clamav database file has a date less than seven days from the current date"
elif [ $FNRET = 1 ]; then
warn "Clamav $CLAMAVCONF_DIR is not exist, please check that is exist or check config"
elif [ $FNRET = 2 ]; then elif [ $FNRET = 2 ]; then
warn "Clamav config file or update dir is not exist, please check that is exist or check config" warn "Clamav update dir is not exist, please check that is exist or check config"
elif [ $FNRET = 3 ]; then elif [ $FNRET = 3 ]; then
warn "Clamav database file has a date older than seven days from the current date, start clamav-freshclam.service to update" warn "Clamav database file has a date older than seven days from the current date, start clamav-freshclam.service to update"
apt-get install -y $UPDATE_SERVER apt-get install -y $UPDATE_SERVER
systemctl start $UPDATE_SERVER systemctl start $UPDATE_SERVER
else
:
fi fi
} }

6
lib/utils.sh
View File

@ -1,6 +1,5 @@
# CIS Debian 7 Hardening Utility functions # CIS Debian 7 Hardening Utility functions
# #
# debian version check # debian version check
# #
@ -15,6 +14,9 @@ is_centos_8()
debug "CentOS version is less than 8" debug "CentOS version is less than 8"
FNRET=1 FNRET=1
fi fi
else
debug "Current OS is not redhat/CentOS"
FNRET=2
fi fi
} }
@ -141,7 +143,7 @@ does_pattern_exist_in_dmesg() {
does_file_exist() { does_file_exist() {
local FILE=$1 local FILE=$1
if $SUDO_CMD [ -e $FILE ]; then if $SUDO_CMD [ -r $FILE ]; then
FNRET=0 FNRET=0
else else
FNRET=1 FNRET=1