From 97e53b3e958d60f8b754081764da7a407d651a3a Mon Sep 17 00:00:00 2001 From: Samson-W Date: Sat, 20 Oct 2018 04:25:53 +0800 Subject: [PATCH] Fix a bug when use does_pattern_exist_in_file function. --- bin/hardening/8.1.10_record_dac_edit.sh | 4 ++-- bin/hardening/8.1.11_record_failed_access_file.sh | 4 ++-- bin/hardening/8.1.12_record_privileged_commands.sh | 4 ++-- bin/hardening/8.1.13_record_successful_mount.sh | 4 ++-- bin/hardening/8.1.14_record_file_deletions.sh | 4 ++-- bin/hardening/8.1.15_record_sudoers_edit.sh | 4 ++-- bin/hardening/8.1.16_record_sudo_usage.sh | 4 ++-- bin/hardening/8.1.17_record_kernel_modules.sh | 4 ++-- bin/hardening/8.1.18_freeze_auditd_conf.sh | 4 ++-- bin/hardening/8.1.4_record_date_time_edit.sh | 4 ++-- bin/hardening/8.1.5_record_user_group_edit.sh | 4 ++-- bin/hardening/8.1.6_record_network_edit.sh | 4 ++-- bin/hardening/8.1.8_record_login_logout.sh | 4 ++-- bin/hardening/8.1.9_record_session_init.sh | 4 ++-- 14 files changed, 28 insertions(+), 28 deletions(-) diff --git a/bin/hardening/8.1.10_record_dac_edit.sh b/bin/hardening/8.1.10_record_dac_edit.sh index d2fec14..0cc91e6 100755 --- a/bin/hardening/8.1.10_record_dac_edit.sh +++ b/bin/hardening/8.1.10_record_dac_edit.sh @@ -30,7 +30,7 @@ audit () { for AUDIT_VALUE in $AUDIT_PARAMS; do debug "$AUDIT_VALUE should be in file $FILE" IFS=$d_IFS - does_pattern_exist_in_file $FILE $AUDIT_VALUE + does_pattern_exist_in_file $FILE "$AUDIT_VALUE" IFS=$c_IFS if [ $FNRET != 0 ]; then crit "$AUDIT_VALUE is not in file $FILE" @@ -46,7 +46,7 @@ apply () { IFS=$'\n' for AUDIT_VALUE in $AUDIT_PARAMS; do debug "$AUDIT_VALUE should be in file $FILE" - does_pattern_exist_in_file $FILE $AUDIT_VALUE + does_pattern_exist_in_file $FILE "$AUDIT_VALUE" if [ $FNRET != 0 ]; then warn "$AUDIT_VALUE is not in file $FILE, adding it" add_end_of_file $FILE $AUDIT_VALUE diff --git a/bin/hardening/8.1.11_record_failed_access_file.sh b/bin/hardening/8.1.11_record_failed_access_file.sh index 35b1f15..ef08c8b 100755 --- a/bin/hardening/8.1.11_record_failed_access_file.sh +++ b/bin/hardening/8.1.11_record_failed_access_file.sh @@ -28,7 +28,7 @@ audit () { for AUDIT_VALUE in $AUDIT_PARAMS; do debug "$AUDIT_VALUE should be in file $FILE" IFS=$d_IFS - does_pattern_exist_in_file $FILE $AUDIT_VALUE + does_pattern_exist_in_file $FILE "$AUDIT_VALUE" IFS=$c_IFS if [ $FNRET != 0 ]; then crit "$AUDIT_VALUE is not in file $FILE" @@ -44,7 +44,7 @@ apply () { IFS=$'\n' for AUDIT_VALUE in $AUDIT_PARAMS; do debug "$AUDIT_VALUE should be in file $FILE" - does_pattern_exist_in_file $FILE $AUDIT_VALUE + does_pattern_exist_in_file $FILE "$AUDIT_VALUE" if [ $FNRET != 0 ]; then warn "$AUDIT_VALUE is not in file $FILE, adding it" add_end_of_file $FILE $AUDIT_VALUE diff --git a/bin/hardening/8.1.12_record_privileged_commands.sh b/bin/hardening/8.1.12_record_privileged_commands.sh index 080f25a..9081f00 100755 --- a/bin/hardening/8.1.12_record_privileged_commands.sh +++ b/bin/hardening/8.1.12_record_privileged_commands.sh @@ -29,7 +29,7 @@ audit () { for AUDIT_VALUE in $AUDIT_PARAMS; do debug "$AUDIT_VALUE should be in file $FILE" IFS=$d_IFS - does_pattern_exist_in_file $FILE $AUDIT_VALUE + does_pattern_exist_in_file $FILE "$AUDIT_VALUE" IFS=$c_IFS if [ $FNRET != 0 ]; then crit "$AUDIT_VALUE is not in file $FILE" @@ -45,7 +45,7 @@ apply () { IFS=$'\n' for AUDIT_VALUE in $AUDIT_PARAMS; do debug "$AUDIT_VALUE should be in file $FILE" - does_pattern_exist_in_file $FILE $AUDIT_VALUE + does_pattern_exist_in_file $FILE "$AUDIT_VALUE" if [ $FNRET != 0 ]; then warn "$AUDIT_VALUE is not in file $FILE, adding it" add_end_of_file $FILE $AUDIT_VALUE diff --git a/bin/hardening/8.1.13_record_successful_mount.sh b/bin/hardening/8.1.13_record_successful_mount.sh index 3e4be0c..1ddf5e5 100755 --- a/bin/hardening/8.1.13_record_successful_mount.sh +++ b/bin/hardening/8.1.13_record_successful_mount.sh @@ -26,7 +26,7 @@ audit () { for AUDIT_VALUE in $AUDIT_PARAMS; do debug "$AUDIT_VALUE should be in file $FILE" IFS=$d_IFS - does_pattern_exist_in_file $FILE $AUDIT_VALUE + does_pattern_exist_in_file $FILE "$AUDIT_VALUE" IFS=$c_IFS if [ $FNRET != 0 ]; then crit "$AUDIT_VALUE is not in file $FILE" @@ -42,7 +42,7 @@ apply () { IFS=$'\n' for AUDIT_VALUE in $AUDIT_PARAMS; do debug "$AUDIT_VALUE should be in file $FILE" - does_pattern_exist_in_file $FILE $AUDIT_VALUE + does_pattern_exist_in_file $FILE "$AUDIT_VALUE" if [ $FNRET != 0 ]; then warn "$AUDIT_VALUE is not in file $FILE, adding it" add_end_of_file $FILE $AUDIT_VALUE diff --git a/bin/hardening/8.1.14_record_file_deletions.sh b/bin/hardening/8.1.14_record_file_deletions.sh index 1f4b639..c0ea3f4 100755 --- a/bin/hardening/8.1.14_record_file_deletions.sh +++ b/bin/hardening/8.1.14_record_file_deletions.sh @@ -26,7 +26,7 @@ audit () { for AUDIT_VALUE in $AUDIT_PARAMS; do debug "$AUDIT_VALUE should be in file $FILE" IFS=$d_IFS - does_pattern_exist_in_file $FILE $AUDIT_VALUE + does_pattern_exist_in_file $FILE "$AUDIT_VALUE" IFS=$c_IFS if [ $FNRET != 0 ]; then crit "$AUDIT_VALUE is not in file $FILE" @@ -42,7 +42,7 @@ apply () { IFS=$'\n' for AUDIT_VALUE in $AUDIT_PARAMS; do debug "$AUDIT_VALUE should be in file $FILE" - does_pattern_exist_in_file $FILE $AUDIT_VALUE + does_pattern_exist_in_file $FILE "$AUDIT_VALUE" if [ $FNRET != 0 ]; then warn "$AUDIT_VALUE is not in file $FILE, adding it" add_end_of_file $FILE $AUDIT_VALUE diff --git a/bin/hardening/8.1.15_record_sudoers_edit.sh b/bin/hardening/8.1.15_record_sudoers_edit.sh index bb158b1..e3004ab 100755 --- a/bin/hardening/8.1.15_record_sudoers_edit.sh +++ b/bin/hardening/8.1.15_record_sudoers_edit.sh @@ -26,7 +26,7 @@ audit () { for AUDIT_VALUE in $AUDIT_PARAMS; do debug "$AUDIT_VALUE should be in file $FILE" IFS=$d_IFS - does_pattern_exist_in_file $FILE $AUDIT_VALUE + does_pattern_exist_in_file $FILE "$AUDIT_VALUE" IFS=$c_IFS if [ $FNRET != 0 ]; then crit "$AUDIT_VALUE is not in file $FILE" @@ -42,7 +42,7 @@ apply () { IFS=$'\n' for AUDIT_VALUE in $AUDIT_PARAMS; do debug "$AUDIT_VALUE should be in file $FILE" - does_pattern_exist_in_file $FILE $AUDIT_VALUE + does_pattern_exist_in_file $FILE "$AUDIT_VALUE" if [ $FNRET != 0 ]; then warn "$AUDIT_VALUE is not in file $FILE, adding it" add_end_of_file $FILE $AUDIT_VALUE diff --git a/bin/hardening/8.1.16_record_sudo_usage.sh b/bin/hardening/8.1.16_record_sudo_usage.sh index 25cb3d6..e01c7fe 100755 --- a/bin/hardening/8.1.16_record_sudo_usage.sh +++ b/bin/hardening/8.1.16_record_sudo_usage.sh @@ -25,7 +25,7 @@ audit () { for AUDIT_VALUE in $AUDIT_PARAMS; do debug "$AUDIT_VALUE should be in file $FILE" IFS=$d_IFS - does_pattern_exist_in_file $FILE $AUDIT_VALUE + does_pattern_exist_in_file $FILE "$AUDIT_VALUE" IFS=$c_IFS if [ $FNRET != 0 ]; then crit "$AUDIT_VALUE is not in file $FILE" @@ -41,7 +41,7 @@ apply () { IFS=$'\n' for AUDIT_VALUE in $AUDIT_PARAMS; do debug "$AUDIT_VALUE should be in file $FILE" - does_pattern_exist_in_file $FILE $AUDIT_VALUE + does_pattern_exist_in_file $FILE "$AUDIT_VALUE" if [ $FNRET != 0 ]; then warn "$AUDIT_VALUE is not in file $FILE, adding it" add_end_of_file $FILE $AUDIT_VALUE diff --git a/bin/hardening/8.1.17_record_kernel_modules.sh b/bin/hardening/8.1.17_record_kernel_modules.sh index d0249eb..c5ab71c 100755 --- a/bin/hardening/8.1.17_record_kernel_modules.sh +++ b/bin/hardening/8.1.17_record_kernel_modules.sh @@ -28,7 +28,7 @@ audit () { for AUDIT_VALUE in $AUDIT_PARAMS; do debug "$AUDIT_VALUE should be in file $FILE" IFS=$d_IFS - does_pattern_exist_in_file $FILE $AUDIT_VALUE + does_pattern_exist_in_file $FILE "$AUDIT_VALUE" IFS=$c_IFS if [ $FNRET != 0 ]; then crit "$AUDIT_VALUE is not in file $FILE" @@ -44,7 +44,7 @@ apply () { IFS=$'\n' for AUDIT_VALUE in $AUDIT_PARAMS; do debug "$AUDIT_VALUE should be in file $FILE" - does_pattern_exist_in_file $FILE $AUDIT_VALUE + does_pattern_exist_in_file $FILE "$AUDIT_VALUE" if [ $FNRET != 0 ]; then warn "$AUDIT_VALUE is not in file $FILE, adding it" add_end_of_file $FILE $AUDIT_VALUE diff --git a/bin/hardening/8.1.18_freeze_auditd_conf.sh b/bin/hardening/8.1.18_freeze_auditd_conf.sh index e5b897b..ab22084 100755 --- a/bin/hardening/8.1.18_freeze_auditd_conf.sh +++ b/bin/hardening/8.1.18_freeze_auditd_conf.sh @@ -25,7 +25,7 @@ audit () { for AUDIT_VALUE in $AUDIT_PARAMS; do debug "$AUDIT_VALUE should be in file $FILE" IFS=$d_IFS - does_pattern_exist_in_file $FILE $AUDIT_VALUE + does_pattern_exist_in_file $FILE "$AUDIT_VALUE" IFS=$c_IFS if [ $FNRET != 0 ]; then crit "$AUDIT_VALUE is not in file $FILE" @@ -41,7 +41,7 @@ apply () { IFS=$'\n' for AUDIT_VALUE in $AUDIT_PARAMS; do debug "$AUDIT_VALUE should be in file $FILE" - does_pattern_exist_in_file $FILE $AUDIT_VALUE + does_pattern_exist_in_file $FILE "$AUDIT_VALUE" if [ $FNRET != 0 ]; then warn "$AUDIT_VALUE is not in file $FILE, adding it" add_end_of_file $FILE $AUDIT_VALUE diff --git a/bin/hardening/8.1.4_record_date_time_edit.sh b/bin/hardening/8.1.4_record_date_time_edit.sh index 8c470fe..c9436a5 100755 --- a/bin/hardening/8.1.4_record_date_time_edit.sh +++ b/bin/hardening/8.1.4_record_date_time_edit.sh @@ -29,7 +29,7 @@ audit () { for AUDIT_VALUE in $AUDIT_PARAMS; do debug "$AUDIT_VALUE should be in file $FILE" IFS=$d_IFS - does_pattern_exist_in_file $FILE $AUDIT_VALUE + does_pattern_exist_in_file $FILE ""$AUDIT_VALUE"" IFS=$c_IFS if [ $FNRET != 0 ]; then crit "$AUDIT_VALUE is not in file $FILE" @@ -45,7 +45,7 @@ apply () { IFS=$'\n' for AUDIT_VALUE in $AUDIT_PARAMS; do debug "$AUDIT_VALUE should be in file $FILE" - does_pattern_exist_in_file $FILE $AUDIT_VALUE + does_pattern_exist_in_file $FILE ""$AUDIT_VALUE"" if [ $FNRET != 0 ]; then warn "$AUDIT_VALUE is not in file $FILE, adding it" add_end_of_file $FILE $AUDIT_VALUE diff --git a/bin/hardening/8.1.5_record_user_group_edit.sh b/bin/hardening/8.1.5_record_user_group_edit.sh index c15cf0f..4bccc66 100755 --- a/bin/hardening/8.1.5_record_user_group_edit.sh +++ b/bin/hardening/8.1.5_record_user_group_edit.sh @@ -29,7 +29,7 @@ audit () { for AUDIT_VALUE in $AUDIT_PARAMS; do debug "$AUDIT_VALUE should be in file $FILE" IFS=$d_IFS - does_pattern_exist_in_file $FILE $AUDIT_VALUE + does_pattern_exist_in_file $FILE "$AUDIT_VALUE" IFS=$c_IFS if [ $FNRET != 0 ]; then crit "$AUDIT_VALUE is not in file $FILE" @@ -45,7 +45,7 @@ apply () { IFS=$'\n' for AUDIT_VALUE in $AUDIT_PARAMS; do debug "$AUDIT_VALUE should be in file $FILE" - does_pattern_exist_in_file $FILE $AUDIT_VALUE + does_pattern_exist_in_file $FILE "$AUDIT_VALUE" if [ $FNRET != 0 ]; then warn "$AUDIT_VALUE is not in file $FILE, adding it" add_end_of_file $FILE $AUDIT_VALUE diff --git a/bin/hardening/8.1.6_record_network_edit.sh b/bin/hardening/8.1.6_record_network_edit.sh index e895606..580d242 100755 --- a/bin/hardening/8.1.6_record_network_edit.sh +++ b/bin/hardening/8.1.6_record_network_edit.sh @@ -30,7 +30,7 @@ audit () { for AUDIT_VALUE in $AUDIT_PARAMS; do debug "$AUDIT_VALUE should be in file $FILE" IFS=$d_IFS - does_pattern_exist_in_file $FILE $AUDIT_VALUE + does_pattern_exist_in_file $FILE "$AUDIT_VALUE" IFS=$c_IFS if [ $FNRET != 0 ]; then crit "$AUDIT_VALUE is not in file $FILE" @@ -46,7 +46,7 @@ apply () { IFS=$'\n' for AUDIT_VALUE in $AUDIT_PARAMS; do debug "$AUDIT_VALUE should be in file $FILE" - does_pattern_exist_in_file $FILE $AUDIT_VALUE + does_pattern_exist_in_file $FILE "$AUDIT_VALUE" if [ $FNRET != 0 ]; then warn "$AUDIT_VALUE is not in file $FILE, adding it" add_end_of_file $FILE $AUDIT_VALUE diff --git a/bin/hardening/8.1.8_record_login_logout.sh b/bin/hardening/8.1.8_record_login_logout.sh index 3d726fa..5a3bc0d 100755 --- a/bin/hardening/8.1.8_record_login_logout.sh +++ b/bin/hardening/8.1.8_record_login_logout.sh @@ -27,7 +27,7 @@ audit () { for AUDIT_VALUE in $AUDIT_PARAMS; do debug "$AUDIT_VALUE should be in file $FILE" IFS=$d_IFS - does_pattern_exist_in_file $FILE $AUDIT_VALUE + does_pattern_exist_in_file $FILE "$AUDIT_VALUE" IFS=$c_IFS if [ $FNRET != 0 ]; then crit "$AUDIT_VALUE is not in file $FILE" @@ -43,7 +43,7 @@ apply () { IFS=$'\n' for AUDIT_VALUE in $AUDIT_PARAMS; do debug "$AUDIT_VALUE should be in file $FILE" - does_pattern_exist_in_file $FILE $AUDIT_VALUE + does_pattern_exist_in_file $FILE "$AUDIT_VALUE" if [ $FNRET != 0 ]; then warn "$AUDIT_VALUE is not in file $FILE, adding it" add_end_of_file $FILE $AUDIT_VALUE diff --git a/bin/hardening/8.1.9_record_session_init.sh b/bin/hardening/8.1.9_record_session_init.sh index 43e63f3..4e0e0b2 100755 --- a/bin/hardening/8.1.9_record_session_init.sh +++ b/bin/hardening/8.1.9_record_session_init.sh @@ -27,7 +27,7 @@ audit () { for AUDIT_VALUE in $AUDIT_PARAMS; do debug "$AUDIT_VALUE should be in file $FILE" IFS=$d_IFS - does_pattern_exist_in_file $FILE $AUDIT_VALUE + does_pattern_exist_in_file $FILE "$AUDIT_VALUE" IFS=$c_IFS if [ $FNRET != 0 ]; then crit "$AUDIT_VALUE is not in file $FILE" @@ -43,7 +43,7 @@ apply () { IFS=$'\n' for AUDIT_VALUE in $AUDIT_PARAMS; do debug "$AUDIT_VALUE should be in file $FILE" - does_pattern_exist_in_file $FILE $AUDIT_VALUE + does_pattern_exist_in_file $FILE "$AUDIT_VALUE" if [ $FNRET != 0 ]; then warn "$AUDIT_VALUE is not in file $FILE, adding it" add_end_of_file $FILE $AUDIT_VALUE