tyler.durden
/
harbian-audit
mirror of https://github.com/hardenedlinux/harbian-audit.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add check ownership method for 12.1

This commit is contained in:
Samson-W 2019-05-14 03:40:20 +08:00
parent a1f02aaabf
commit b629896e82
1 changed files with 19 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
bin/hardening/12.1_etc_passwd_permissions.sh
View File

@ -15,19 +15,34 @@ HARDENING_LEVEL=1
FILE='/etc/passwd' FILE='/etc/passwd'
PERMISSIONS='644' PERMISSIONS='644'
USER='root'
GROUP='root'
# This function will be called if the script status is on enabled / audit mode # This function will be called if the script status is on enabled / audit mode
audit () { audit () {
has_file_correct_permissions $FILE $PERMISSIONS has_file_correct_ownership $FILE $USER $GROUP
if [ $FNRET = 0 ]; then if [ $FNRET = 0 ]; then
ok "$FILE has correct permissions" ok "$FILE has correct ownership"
else else
crit "$FILE ownership was not set to $USER:$GROUP"
fi
has_file_correct_permissions $FILE $PERMISSIONS
if [ $FNRET = 0 ]; then
ok "$FILE has correct permissions"
else
crit "$FILE permissions were not set to $PERMISSIONS" crit "$FILE permissions were not set to $PERMISSIONS"
fi fi
} }
# This function will be called if the script status is on enabled mode # This function will be called if the script status is on enabled mode
apply () { apply () {
has_file_correct_ownership $FILE $USER $GROUP
if [ $FNRET = 0 ]; then
ok "$FILE has correct ownership"
else
warn "fixing $FILE ownership to $USER:$GROUP"
chown $USER:$GROUP $FILE
fi
has_file_correct_permissions $FILE $PERMISSIONS has_file_correct_permissions $FILE $PERMISSIONS
if [ $FNRET = 0 ]; then if [ $FNRET = 0 ]; then
ok "$FILE has correct permissions" ok "$FILE has correct permissions"