modify 8.1.10~8.1.16 to be compatible with CentOS, and add new feature to 5.8.

This commit is contained in:
Samson-W 2019-08-12 18:56:21 +08:00
parent eb230b20ff
commit d0bbbb9cc7
7 changed files with 32 additions and 11 deletions

View File

@ -6,6 +6,8 @@
#
# 5.8 Ensure sudo is installed (Scored)
# Add feature:
# Ensure sudo log file is set to /var/log/sudo.log
# Add new by:
# Author : Samson wen, Samson <sccxboy@gmail.com>
#
@ -16,27 +18,46 @@ set -u # One variable unset, it's over
HARDENING_LEVEL=2
PACKAGE='sudo'
CONFIGFILE='/etc/sudoers'
LOGFILENAME='/var/log/sudo.log'
LOGFILENAME_REP='\/var\/log\/sudo.log'
# This function will be called if the script status is on enabled / audit mode
audit () {
is_pkg_installed $PACKAGE
if [ $FNRET != 0 ]; then
crit "$PACKAGE is not installed!"
FNRET=1
FNRET=1
else
ok "$PACKAGE is installed"
FNRET=0
fi
if [ $(grep -c "^Defaults.*logfile=" $CONFIGFILE) -eq 1 ]; then
if [ $(grep "^Defaults.*logfile=" $CONFIGFILE | grep -c "$LOGFILENAME") -eq 1 ]; then
ok "Log file is set to $LOGFILENAME in $CONFIGFILE"
FNRET=0
else
crit "Log file path was set, but is not set to $LOGFILENAME"
FNRET=3
fi
else
crit "sudo Log file is not set in $CONFIGFILE"
FNRET=2
fi
fi
}
# This function will be called if the script status is on enabled mode
apply () {
if [ $FNRET = 0 ]; then
ok "$PACKAGE is installed"
else
elif [ $FNRET = 1 ]; then
warn "$PACKAGE is absent, installing it"
apt_install $PACKAGE
elif [ $FNRET = 2 ]; then
warn "sudo Log file is not set in $CONFIGFILE, add set to"
add_end_of_file $CONFIGFILE "Defaults logfile="$LOGFILENAME""
else
warn "Log file path was set, but is not set to $LOGFILENAME, modify"
replace_in_file $CONFIGFILE "logfile=.*" "logfile=$LOGFILENAME_REP"
fi
}

View File

@ -1,7 +1,7 @@
#!/bin/bash
#
# harbian audit 7/8/9 Hardening
# harbian audit 7/8/9/10 or CentOS Hardening
#
#

View File

@ -1,7 +1,7 @@
#!/bin/bash
#
# harbian audit 7/8/9 Hardening
# harbian audit 7/8/9/10 or CentOS Hardening
#
#

View File

@ -1,7 +1,7 @@
#!/bin/bash
#
# harbian audit 7/8/9 Hardening
# harbian audit 7/8/9/10 or CentOS Hardening
#
#

View File

@ -1,7 +1,7 @@
#!/bin/bash
#
# harbian audit 7/8/9 Hardening
# harbian audit 7/8/9/10 or CentOS Hardening
#
#

View File

@ -1,7 +1,7 @@
#!/bin/bash
#
# harbian audit 7/8/9 Hardening
# harbian audit 7/8/9/10 or CentOS Hardening
#
#

View File

@ -1,7 +1,7 @@
#!/bin/bash
#
# harbian audit 7/8/9 Hardening
# harbian audit 7/8/9/10 or CentOS Hardening
#
#