mirror of
https://github.com/hardenedlinux/harbian-audit.git
synced 2025-07-29 08:35:25 +02:00
Update 9.2.11 9.2.12 9.2.13 for Debian12
This commit is contained in:
Samson-W
parent
03f583ad94
commit
2b6949548f
@ -1,7 +1,7 @@
|
||||
#!/bin/bash
|
||||
|
||||
#
|
||||
# harbian-audit for Debian GNU/Linux 7/8/9 or CentOS 8 Hardening
|
||||
# harbian-audit for Debian GNU/Linux 7/8/9/10/11/12 or CentOS 8 Hardening
|
||||
#
|
||||
|
||||
#
|
||||
@ -166,21 +166,12 @@ check_config() {
|
||||
AUTHRULE='auth required pam_faillock.so deny=3 even_deny_root unlock_time=900'
|
||||
ADDPATTERNLINE='auth[[:space:]]*required'
|
||||
elif [ $OS_RELEASE -eq 1 ]; then
|
||||
is_debian_11
|
||||
# faillock for Debian 11
|
||||
if [ $FNRET = 0 ]; then
|
||||
ISDEBIAN11=1
|
||||
SECCONFFILE='/etc/security/faillock.conf'
|
||||
AUTHPATTERN='^auth[[:space:]]*required[[:space:]]*pam_faillock.so'
|
||||
AUTHRULE='auth required pam_faillock.so'
|
||||
else
|
||||
ISDEBIAN11=0
|
||||
PAMLIBNAME='pam_tally2.so'
|
||||
AUTHPATTERN='^auth[[:space:]]*required[[:space:]]*pam_tally2.so'
|
||||
AUTHRULE='auth required pam_tally2.so deny=3 even_deny_root unlock_time=900'
|
||||
fi
|
||||
# same to debian11
|
||||
elif [ $OS_RELEASE -eq 3 ]; then
|
||||
# ubuntu/debian11/debian12
|
||||
elif [ $OS_RELEASE -eq 3 -o $OS_RELEASE -eq 11 -o $OS_RELEASE -eq 12 ]; then
|
||||
ISDEBIAN11=1
|
||||
SECCONFFILE='/etc/security/faillock.conf'
|
||||
AUTHPATTERN='^auth[[:space:]]*required[[:space:]]*pam_faillock.so'
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
#!/bin/bash
|
||||
|
||||
#
|
||||
# harbian-audit for Debian GNU/Linux 7/8/9 or CentOS 8 Hardening
|
||||
# harbian-audit for Debian GNU/Linux 7/8/9/10/11/12 or CentOS 8 Hardening
|
||||
#
|
||||
|
||||
#
|
||||
@ -164,25 +164,16 @@ check_config() {
|
||||
AUTHRULE='auth required pam_faillock.so deny=3 even_deny_root unlock_time=900'
|
||||
ADDPATTERNLINE='auth[[:space:]]*required'
|
||||
elif [ $OS_RELEASE -eq 1 ]; then
|
||||
is_debian_11
|
||||
# faillock for Debian 11
|
||||
if [ $FNRET = 0 ]; then
|
||||
ISDEBIAN11=1
|
||||
SECCONFFILE='/etc/security/faillock.conf'
|
||||
AUTHPATTERN='^auth[[:space:]]*required[[:space:]]*pam_faillock.so'
|
||||
AUTHRULE='auth required pam_faillock.so'
|
||||
else
|
||||
ISDEBIAN11=0
|
||||
PAMLIBNAME='pam_tally2.so'
|
||||
AUTHPATTERN='^auth[[:space:]]*required[[:space:]]*pam_tally2.so'
|
||||
AUTHRULE='auth required pam_tally2.so deny=3 even_deny_root unlock_time=900'
|
||||
fi
|
||||
# same to debian11
|
||||
elif [ $OS_RELEASE -eq 3 ]; then
|
||||
ISDEBIAN11=1
|
||||
SECCONFFILE='/etc/security/faillock.conf'
|
||||
AUTHPATTERN='^auth[[:space:]]*required[[:space:]]*pam_faillock.so'
|
||||
AUTHRULE='auth required pam_faillock.so'
|
||||
ISDEBIAN11=0
|
||||
PAMLIBNAME='pam_tally2.so'
|
||||
AUTHPATTERN='^auth[[:space:]]*required[[:space:]]*pam_tally2.so'
|
||||
AUTHRULE='auth required pam_tally2.so deny=3 even_deny_root unlock_time=900'
|
||||
# ubuntu/debian11/debian12
|
||||
elif [ $OS_RELEASE -eq 3 -o $OS_RELEASE -eq 11 -o $OS_RELEASE -eq 12 ]; then
|
||||
ISDEBIAN11=1
|
||||
SECCONFFILE='/etc/security/faillock.conf'
|
||||
AUTHPATTERN='^auth[[:space:]]*required[[:space:]]*pam_faillock.so'
|
||||
AUTHRULE='auth required pam_faillock.so'
|
||||
fi
|
||||
}
|
||||
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
#!/bin/bash
|
||||
|
||||
#
|
||||
# harbian-audit for Debian GNU/Linux 9 or CentOS 8 Hardening
|
||||
# harbian-audit for Debian GNU/Linux 9/10/11/12 or CentOS 8 Hardening
|
||||
#
|
||||
|
||||
#
|
||||
@ -157,25 +157,16 @@ check_config() {
|
||||
ADDPATTERNLINE='auth[[:space:]]*required'
|
||||
DENYROOT='even_deny_root'
|
||||
elif [ $OS_RELEASE -eq 1 ]; then
|
||||
is_debian_11
|
||||
# faillock for Debian 11
|
||||
if [ $FNRET = 0 ]; then
|
||||
ISDEBIAN11=1
|
||||
SECCONFFILE='/etc/security/faillock.conf'
|
||||
AUTHPATTERN='^auth[[:space:]]*required[[:space:]]*pam_faillock.so'
|
||||
AUTHRULE='auth required pam_faillock.so'
|
||||
else
|
||||
ISDEBIAN11=0
|
||||
PAMLIBNAME='pam_tally2.so'
|
||||
AUTHPATTERN='^auth[[:space:]]*required[[:space:]]*pam_tally2.so'
|
||||
AUTHRULE='auth required pam_tally2.so deny=3 even_deny_root unlock_time=900'
|
||||
fi
|
||||
# same to debian11
|
||||
elif [ $OS_RELEASE -eq 3 ]; then
|
||||
ISDEBIAN11=1
|
||||
SECCONFFILE='/etc/security/faillock.conf'
|
||||
AUTHPATTERN='^auth[[:space:]]*required[[:space:]]*pam_faillock.so'
|
||||
AUTHRULE='auth required pam_faillock.so'
|
||||
ISDEBIAN11=0
|
||||
PAMLIBNAME='pam_tally2.so'
|
||||
AUTHPATTERN='^auth[[:space:]]*required[[:space:]]*pam_tally2.so'
|
||||
AUTHRULE='auth required pam_tally2.so deny=3 even_deny_root unlock_time=900'
|
||||
# ubuntu/debian11/debian12
|
||||
elif [ $OS_RELEASE -eq 3 -o $OS_RELEASE -eq 11 -o $OS_RELEASE -eq 12 ]; then
|
||||
ISDEBIAN11=1
|
||||
SECCONFFILE='/etc/security/faillock.conf'
|
||||
AUTHPATTERN='^auth[[:space:]]*required[[:space:]]*pam_faillock.so'
|
||||
AUTHRULE='auth required pam_faillock.so'
|
||||
fi
|
||||
}
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user