Fix some bug

2018-11-21 02:45:33 -05:00 · 2018-11-21 02:45:33 -05:00 · b5cff8047a
parent 35b75f0779
commit b5cff8047a
4 changed files with 15 additions and 8 deletions
--- a/bin/hardening/2.10_home_nodev.sh
+++ b/bin/hardening/2.10_home_nodev.sh
@ -46,6 +46,7 @@ audit () {

 # This function will be called if the script status is on enabled mode
 apply () {
+    set -x
    if [ $FNRET = 0 ]; then
        ok "$PARTITION is correctly set"
    elif [ $FNRET = 2 ]; then
--- a/bin/hardening/2.7_var_log_partition.sh
+++ b/bin/hardening/2.7_var_log_partition.sh
@ -19,7 +19,6 @@ PARTITION="/var/log"
 # This function will be called if the script status is on enabled / audit mode
 audit () {
    info "Verifying that $PARTITION is a partition"
-    FNRET=0
    is_a_partition "$PARTITION"
    if [ $FNRET -gt 0 ]; then
        crit "$PARTITION is not a partition"
@ -32,10 +31,9 @@ audit () {
            FNRET=1
        else
            ok "$PARTITION is mounted"
+            FNRET=0
        fi
    fi
-     
-    :
 }

 # This function will be called if the script status is on enabled mode
--- a/bin/hardening/8.5_verify_integrity_packages.sh
+++ b/bin/hardening/8.5_verify_integrity_packages.sh
@ -4,7 +4,7 @@
 # harbian audit 7/8/9  Hardening
 #
 #
-# 8.5 8.5_Verifies integrity all packages (Scored)
+# 8.5 Verifies integrity all packages (Scored)
 # Authors : Samson wen, Samson <sccxboy@gmail.com>
 #

--- a/lib/utils.sh
+++ b/lib/utils.sh
@ -268,7 +268,7 @@ is_a_partition() {

    local PARTITION=$1
    FNRET=128
-    if $(grep "[[:space:]]$1[[:space:]]" /etc/fstab | grep -vqE "^#"); then
+    if $(grep "[[:space:]]*${PARTITION}[[:space:]]*" /etc/fstab | grep -vqE "^#"); then
        debug "$PARTITION found in fstab"
        FNRET=0
    else
@ -341,9 +341,17 @@ add_option_to_fstab() {
    # UUID=40327bc9-f9d1-5816-a312-df307cc8732e /home               ext4  errors=remount-ro 0       2
    # UUID=40327bc9-f9d1-5816-a312-df307cc8732e /home               ext4  errors=remount-ro,nosuid 0       2
 #    debug "Sed command :  sed -ie \"s;\(.*\)\(\s*\)\s\($PARTITION\)\s\(\s*\)\(\w*\)\(\s*\)\(\w*\)*;\1\2 \3 \4\5\6\7,$OPTION;\" /etc/fstab"
-#    sed -ie "s;\(.*\)\(\s*\)\s\($PARTITION\)\s\(\s*\)\(\w*\)\(\s*\)\(\w*\)*;\1\2 \3 \4\5\6\7,$OPTION;" /etc/fstab
-    debug "Sed -ie "s;\(^[^#].*${PARTITION}\)\(\s.*\)\(\s\w.*\)\(\s[0-2]\s*[0-2]\);\1\2\3,${OPTION}\4;" /etc/fstab"
-    sed -ie "s;\(^[^#].*${PARTITION}\)\(\s.*\)\(\s\w.*\)\(\s[0-2]\s*[0-2]\);\1\2\3,${OPTION}\4;" /etc/fstab
+#    sed -ie "s;\(^[^#].*${PARTITION}\)\(\s.*\)\(\s\w.*\)\(\s[0-2]\s*[0-2]\);\1\2\3,${OPTION}\4;" /etc/fstab
+    MOUNT_OPTION=$(grep -v "^#" /etc/fstab | awk '$2=="${PARTITION}" {print $4}')
+    CURLINE=$(grep -v "^#" /etc/fstab -n | grep "/home" | awk -F: '{print $1}')
+
+    if [ "${MOUNT_OPTION}" == "defaults" ]; then
+       NEWOP='rw,nosuid,nodev,noexec,auto,async'
+       sed -i "s${CURLINE}/$MOUNT_OPTION/$NEWOP/"
+   elif [ $(echo $MOUNT_OPTION | grep -w $(echo $OPTION | cut -c 3-) | wc -l) -gt 0 ]; then
+        
+
+    fi    
 }

 remount_partition() {