Fix 6.8 and 7.4.1, and add is_centos_8 method.

bin/hardening/6.8_disable_dns_server.sh

@@ -16,7 +16,7 @@ HARDENING_LEVEL=3
 HARDENING_EXCEPTION=dns
 
 PACKAGES='bind9 unbound'
-PACKAGES_REDHAT='bind unbound'
+PACKAGES_REDHAT='bind unbound bind-utils'
 
 # This function will be called if the script status is on enabled / audit mode
 audit () {

bin/hardening/7.4.1_install_tcp_wrapper.sh

@@ -20,8 +20,15 @@ PACKAGE_REDHAT='tcp_wrappers'
 # This function will be called if the script status is on enabled / audit mode
 audit () {
 	if [ $OS_RELEASE -eq 2 ]; then
+		is_centos_8
+		if [ $FNRET == 0 ]; then
+			warn "The package(tcp_wrappers) has been deprecated in RHEL 7 and therefore it will not be avaliable in RHEL 8 or later RHEL release."
+			ok "So PASS."
+			return 0
+		else
 			PACKAGE=$PACKAGE_REDHAT
 		fi
+	fi
 	is_pkg_installed $PACKAGE
     if [ $FNRET != 0 ]; then
         crit "$PACKAGE is not installed!"
@@ -33,8 +40,15 @@ audit () {
 # This function will be called if the script status is on enabled mode
 apply () {
 	if [ $OS_RELEASE -eq 2 ]; then
+		is_centos_8
+		if [ $FNRET == 0 ]; then
+			warn "The package(tcp_wrappers) has been deprecated in RHEL 7 and therefore it will not be avaliable in RHEL 8 or later RHEL release."
+			ok "So PASS."
+			return 0
+		else
 			PACKAGE=$PACKAGE_REDHAT
 		fi
+	fi
 	is_pkg_installed $PACKAGE
 	if [ $FNRET = 0 ]; then
 		ok "$PACKAGE is installed"

lib/utils.sh

@@ -5,6 +5,19 @@
 # debian version check 
 #
 
+is_centos_8()
+{
+	if [ -r /etc/redhat-release ]; then
+		if [ $(grep -c "^CentOS.*8.[0-9].*" /etc/redhat-release) -eq 1 ]; then
+        		debug "CentOS version is equal to 8"
+        		FNRET=0
+    		else
+        		debug "CentOS version is less than 8"
+        		FNRET=1
+		fi
+	fi
+}
+
 is_debian_ge_9()
 {
 	if [ -r /etc/debian_version ]; then