Modified 3.3 to be compatible with CentOS.

bin/hardening/3.3_bootloader_password.sh

@@ -1,7 +1,8 @@
 #!/bin/bash
 
 #
-# harbian audit 7/8/9  Hardening
+# harbian audit 7/8/9/10 or CentOS Hardening
+# Modify by: Samson-W (samson@hardenedlinux.org)
 #
 
 #
@@ -14,11 +15,17 @@ set -u # One variable unset, it's over
 HARDENING_LEVEL=3
 
 FILE='/boot/grub/grub.cfg'
+PKGNAME='grub-pc'
 USER_PATTERN="^set superusers"
 PWD_PATTERN="^password_pbkdf2"
 
 # This function will be called if the script status is on enabled / audit mode
 audit () {
+	if [ $OS_RELEASE -eq 2 ]; then
+		FILE='/boot/grub2/grub.cfg'
+	else
+		:
+	fi
     does_pattern_exist_in_file $FILE "$USER_PATTERN"
     if [ $FNRET != 0 ]; then
         crit "$USER_PATTERN not present in $FILE"
@@ -35,6 +42,11 @@ audit () {
 
 # This function will be called if the script status is on enabled mode
 apply () {
+	if [ $OS_RELEASE -eq 2 ]; then
+		FILE='/boot/grub2/grub.cfg'
+	else
+		:
+	fi
     does_pattern_exist_in_file $FILE "$USER_PATTERN"
     if [ $FNRET != 0 ]; then
         warn "$USER_PATTERN not present in $FILE, please configure password for grub"
@@ -52,9 +64,15 @@ apply () {
 
 # This function will check config parameters required
 check_config() {
-    is_pkg_installed "grub-pc"
+	if [ $OS_RELEASE -eq 2 ]; then
+		FILE='/boot/grub2/grub.cfg'
+		PKGNAME='grub2-pc'
+	else
+		:
+	fi
+    is_pkg_installed "$PKGNAME"
     if [ $FNRET != 0 ]; then
-        warn "grub-pc is not installed, not handling configuration"
+        warn "$PKGNAME is not installed, not handling configuration"
         exit 128
     fi
     if [ $FNRET != 0 ]; then