Fix some bugs.

2018-12-02 21:11:10 +08:00 · 2018-12-02 21:11:10 +08:00 · 5f9346486d
parent a3a0c25d1a
commit 5f9346486d
4 changed files with 5 additions and 4 deletions
--- a/bin/hardening/2.2_tmp_nodev.sh
+++ b/bin/hardening/2.2_tmp_nodev.sh
@ -16,7 +16,7 @@ HARDENING_LEVEL=2
 # Quick factoring as many script use the same logic
 PARTITION="/tmp"
 OPTION="nodev"
-SERVICEPATH="/etc/systemd/system/tmp.mount"
+SERVICEPATH="/usr/share/systemd/tmp.mount"
 SERVICENAME="tmp.mount"

 # This function will be called if the script status is on enabled / audit mode
--- a/bin/hardening/4.5_enable_apparmor.sh
+++ b/bin/hardening/4.5_enable_apparmor.sh
@ -61,7 +61,7 @@ apply () {
        done
    elif [ $FNRET = 2 ]; then
        warn "Set ${SETSTRING} to ${GRUBFILE} in ${GRUBFILE}, need to reboot the system and enable AppArmor profiles after setting it."
-        sed -ie "s;\(${KEYWORD}=\)\(\".*\)\(\"\);\1\2 ${SETSTRING}\3;" ${GRUBFILE}
+        sed -i "s;\(${KEYWORD}=\)\(\".*\)\(\"\);\1\2 ${SETSTRING}\3;" ${GRUBFILE}
        /usr/sbin/update-grub2
    elif [ $FNRET = 3 ]; then
        warn "Enable AppArmor profiles in the system "
--- a/bin/hardening/8.1.3_audit_bootloader.sh
+++ b/bin/hardening/8.1.3_audit_bootloader.sh
@ -53,11 +53,11 @@ apply () {
        touch $FILE
    elif [ $FNRET = 2 ]; then
        warn "$OPTION is not present in $FILE, add it to $KEYWORD line, need to reboot the system  after setting it"
-        sed -ie "s;\(${KEYWORD}=\)\(\".*\)\(\"\);\1\2 ${OPTION}=${SETVAL}\3;" $FILE
+        sed -i "s;\(${KEYWORD}=\)\(\".*\)\(\"\);\1\2 ${OPTION}=${SETVAL}\3;" $FILE
        /usr/sbin/update-grub2 
    elif [ $FNRET = 3 ]; then
        warn "Parameter $OPTION is present but with the wrong value -- Fixing, need to reboot the system after setting it"
-        sed -ie "s/${OPTION}=./${OPTION}=${SETVAL}/" $FILE 
+        sed -i "s/${OPTION}=./${OPTION}=${SETVAL}/" $FILE 
        /usr/sbin/update-grub2
    fi
 }
--- a/lib/utils.sh
+++ b/lib/utils.sh
@ -382,6 +382,7 @@ add_option_to_systemd() {
    #debug "Sed command : sed -ie "s;\(^Options.*=mode=[1,2,4,7][1,2,4,7][1,2,4,7][1,2,4,7].*\);\1,$OPTION;\" $SERVICEPATH"
    sed -ie "s;\(^Options.*=mode=[1,2,4,7][1,2,4,7][1,2,4,7][1,2,4,7].*\);\1,$OPTION;" $SERVICEPATH
    systemctl daemon-reload
+    systemctl start $SERVICENAME
 }

 remount_partition_by_systemd() {