From 5d5e575f8fa713f13da601d750de7a4324d3a51b Mon Sep 17 00:00:00 2001
From: samson <sccxboy@gmail.com>
Date: Wed, 5 Dec 2018 18:03:49 +0800
Subject: [PATCH] Fix some bugs for 4.5

---
 bin/hardening/4.5_enable_apparmor.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/bin/hardening/4.5_enable_apparmor.sh b/bin/hardening/4.5_enable_apparmor.sh
index 02ed6db..f27c4f2 100755
--- a/bin/hardening/4.5_enable_apparmor.sh
+++ b/bin/hardening/4.5_enable_apparmor.sh
@@ -35,10 +35,10 @@ audit () {
         if [ $( grep -w "^${KEYWORD}" ${GRUBFILE} | grep -c ${PATTERN}) -eq 1 ]; then
             ok "There are ${SETSTRING} to ${KEYWORD} in ${GRUBFILE}"
             is_mounted  "/sys/kernel/security"
-            if [ ${FNRET} -eq 0 -a $(/usr/sbin/apparmor_status | grep 'profiles are loaded' | awk '{print $1}') -eq 0 ]; then
+            if [ ${FNRET} -eq 0 -a $(/usr/sbin/apparmor_status | grep -c "apparmor filesystem is not mounted.") -eq 1 ]; then
                 crit "AppArmor profiles not enable in the system "
                 FNRET=3
-            else
+            elif [ ${FNRET} -eq 0 -a $(/usr/sbin/apparmor_status | grep 'profiles are loaded' | awk '{print $1}') -gt 0 ]; then 
                 ok "AppArmor profiles is enable in the system "
                 FNRET=0
             fi