From 35b75f07791368f314aed732328b30ce167f9e6c Mon Sep 17 00:00:00 2001
From: Samson-W <sccxboy@gmail.com>
Date: Tue, 20 Nov 2018 03:02:44 -0500
Subject: [PATCH] Modify aide audit methods for debian 9

---
 bin/hardening/8.3.1_install_aide.sh | 16 ++++++++--------
 bin/hardening/8.3.2_aide_cron.sh    | 21 +++++++++------------
 2 files changed, 17 insertions(+), 20 deletions(-)

diff --git a/bin/hardening/8.3.1_install_aide.sh b/bin/hardening/8.3.1_install_aide.sh
index bc99c65..f57733e 100755
--- a/bin/hardening/8.3.1_install_aide.sh
+++ b/bin/hardening/8.3.1_install_aide.sh
@@ -29,15 +29,15 @@ audit () {
 
 # This function will be called if the script status is on enabled mode
 apply () {
-        is_pkg_installed $PACKAGE
-        if [ $FNRET = 0 ]; then
-            ok "$PACKAGE is installed"
-        else
-            crit "$PACKAGE is absent, installing it"
-            apt_install $PACKAGE
+    is_pkg_installed $PACKAGE
+    if [ $FNRET = 0 ]; then
+        ok "$PACKAGE is installed"
+    else
+        crit "$PACKAGE is absent, installing it"
+        apt_install $PACKAGE
 	    aideinit
-            info "${PACKAGE} is now installed but not fully functionnal, please see readme to go further"
-        fi
+        info "${PACKAGE} is now installed but not fully functionnal, please see readme to go further"
+    fi
 }
 
 # This function will check config parameters required
diff --git a/bin/hardening/8.3.2_aide_cron.sh b/bin/hardening/8.3.2_aide_cron.sh
index 6d7c17d..cd167b0 100755
--- a/bin/hardening/8.3.2_aide_cron.sh
+++ b/bin/hardening/8.3.2_aide_cron.sh
@@ -1,7 +1,7 @@
 #!/bin/bash
 
 #
-# harbian audit 9  Hardening
+# harbian audit 9 Hardening
 #
 
 #
@@ -15,28 +15,25 @@ set -u # One variable unset, it's over
 
 HARDENING_LEVEL=4
 
-FILES='/etc/crontab /etc/cron.d/*'
-PATTERN='/usr/bin/aide.wrapper --check'
+FILES='/etc/cron.daily/aide'
 
 # This function will be called if the script status is on enabled / audit mode
 audit () {
-    does_pattern_exist_in_file "$FILES" "$PATTERN"
-    if [ $FNRET != 0 ]; then
-        crit "$PATTERN is not present in $FILES"
-	FNRET=1
+    if [ -x ${FILES} ]; then 
+        ok "$FILES is exist."
+	    FNRET=0
     else
-        ok "$PATTERN is present in $FILES"
-	FNRET=0
+        crit "$FILES is not exist."
+	    FNRET=1
     fi
 }
 
 # This function will be called if the script status is on enabled mode
 apply () {
     if [ $FNRET != 0 ]; then
-        warn "$PATTERN is not present in $FILES, setting aide cron"
-        echo "0 10 * * * ${PATTERN} > /dev/null 2>&1 " > /etc/cron.d/CIS_8.3.2_aide
+        warn "$FILES is not exist, so need to manual check"
     else
-        ok "$PATTERN is present in $FILES"
+        ok "$FILES is exist "
     fi
 }