modify 8.1.17~8.1.22 to be compatible with CentOS
This commit is contained in:
Samson-W
parent
99cab257b2
commit
d3cbebb7e6
|
|
@ -1,7 +1,7 @@
|
|||
#!/bin/bash
|
||||
|
||||
#
|
||||
# harbian audit 7/8/9 Hardening
|
||||
# harbian audit 7/8/9/10 or CentOS Hardening
|
||||
#
|
||||
|
||||
#
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
#!/bin/bash
|
||||
|
||||
#
|
||||
# harbian audit 7/8/9 Hardening
|
||||
# harbian audit 7/8/9 or CentOS Hardening
|
||||
#
|
||||
|
||||
#
|
||||
|
|
|
|||
|
|
@ -33,7 +33,6 @@ audit () {
|
|||
crit "path is not exsit! Please check file path is exist!"
|
||||
continue
|
||||
else
|
||||
info "path is exsit!"
|
||||
debug "$AUDIT_VALUE should be in file $FILE"
|
||||
IFS=$d_IFS
|
||||
does_pattern_exist_in_file $FILE "$AUDIT_VALUE"
|
||||
|
|
@ -57,7 +56,6 @@ apply () {
|
|||
crit "path is not exsit! Please check file path is exist!"
|
||||
continue
|
||||
else
|
||||
info "path is exsit!"
|
||||
debug "$AUDIT_VALUE should be in file $FILE"
|
||||
does_pattern_exist_in_file $FILE "$AUDIT_VALUE"
|
||||
if [ $FNRET != 0 ]; then
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
#!/bin/bash
|
||||
|
||||
#
|
||||
# harbian audit 7/8/9 Hardening
|
||||
# harbian audit 7/8/9/10 or CentOS Hardening
|
||||
#
|
||||
|
||||
#
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
#!/bin/bash
|
||||
|
||||
#
|
||||
# harbian audit 7/8/9 Hardening
|
||||
# harbian audit 7/8/9/10 or CentOS Hardening
|
||||
#
|
||||
|
||||
#
|
||||
|
|
@ -9,16 +9,16 @@
|
|||
# Author : Samson wen, Samson <sccxboy@gmail.com>
|
||||
#
|
||||
|
||||
set -e # One error, it's over
|
||||
set -u # One variable unset, it's over
|
||||
|
||||
HARDENING_LEVEL=4
|
||||
|
||||
AUDIT_PARAMS='-a always,exit -F path=/usr/bin/passwd -F perm=x -F auid>=1000 -F auid!=4294967295 -k privileged-passwd
|
||||
-a always,exit -F path=/sbin/unix_chkpwd -F perm=x -F auid>=1000 -F auid!=4294967295 -k privileged-passwd
|
||||
-a always,exit -F path=/usr/bin/gpasswd -F perm=x -F auid>=1000 -F auid!=4294967295 -k privileged-passwd
|
||||
-a always,exit -F path=/usr/bin/chage -F perm=x -F auid>=1000 -F auid!=4294967295 -k privileged-passwd'
|
||||
AUDIT_PARAMS="-a always,exit -F path=$(which passwd 2>/dev/null) -F perm=x -F auid>=1000 -F auid!=4294967295 -k privileged-passwd
|
||||
-a always,exit -F path=$(which unix_chkpwd 2>/dev/null) -F perm=x -F auid>=1000 -F auid!=4294967295 -k privileged-passwd
|
||||
-a always,exit -F path=$(which gpasswd 2>/dev/null) -F perm=x -F auid>=1000 -F auid!=4294967295 -k privileged-passwd
|
||||
-a always,exit -F path=$(which chage 2>/dev/null) -F perm=x -F auid>=1000 -F auid!=4294967295 -k privileged-passwd"
|
||||
|
||||
set -e # One error, it's over
|
||||
FILE='/etc/audit/rules.d/audit.rules'
|
||||
|
||||
# This function will be called if the script status is on enabled / audit mode
|
||||
|
|
@ -28,6 +28,11 @@ audit () {
|
|||
c_IFS=$'\n'
|
||||
IFS=$c_IFS
|
||||
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
||||
check_audit_path $AUDIT_VALUE
|
||||
if [ $FNRET -eq 1 ];then
|
||||
crit "path is not exsit! Please check file path is exist!"
|
||||
continue
|
||||
else
|
||||
debug "$AUDIT_VALUE should be in file $FILE"
|
||||
IFS=$d_IFS
|
||||
does_pattern_exist_in_file $FILE "$AUDIT_VALUE"
|
||||
|
|
@ -37,6 +42,7 @@ audit () {
|
|||
else
|
||||
ok "$AUDIT_VALUE is present in $FILE"
|
||||
fi
|
||||
fi
|
||||
done
|
||||
IFS=$d_IFS
|
||||
}
|
||||
|
|
@ -45,6 +51,11 @@ audit () {
|
|||
apply () {
|
||||
IFS=$'\n'
|
||||
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
||||
check_audit_path $AUDIT_VALUE
|
||||
if [ $FNRET -eq 1 ];then
|
||||
crit "path is not exsit! Please check file path is exist!"
|
||||
continue
|
||||
else
|
||||
debug "$AUDIT_VALUE should be in file $FILE"
|
||||
does_pattern_exist_in_file $FILE "$AUDIT_VALUE"
|
||||
if [ $FNRET != 0 ]; then
|
||||
|
|
@ -54,6 +65,7 @@ apply () {
|
|||
else
|
||||
ok "$AUDIT_VALUE is present in $FILE"
|
||||
fi
|
||||
fi
|
||||
done
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
#!/bin/bash
|
||||
|
||||
#
|
||||
# harbian audit 7/8/9 Hardening
|
||||
# harbian audit 7/8/9/10 or CentOS Hardening
|
||||
#
|
||||
|
||||
#
|
||||
|
|
@ -9,18 +9,18 @@
|
|||
# Author : Samson wen, Samson <sccxboy@gmail.com>
|
||||
#
|
||||
|
||||
set -e # One error, it's over
|
||||
set -u # One variable unset, it's over
|
||||
|
||||
HARDENING_LEVEL=4
|
||||
|
||||
AUDIT_PARAMS='-a always,exit -F path=/bin/su -F perm=x -F auid>=1000 -F auid!=4294967295 -k privileged-priv_change
|
||||
-a always,exit -F path=/usr/bin/sudo -F perm=x -F auid>=1000 -F auid!=4294967295 -k privileged-priv_change
|
||||
-a always,exit -F path=/usr/bin/newgrp -F perm=x -F auid>=1000 -F auid!=4294967295 -k privileged-priv_change
|
||||
-a always,exit -F path=/usr/bin/chsh -F perm=x -F auid>=1000 -F auid!=4294967295 -k privileged-priv_change
|
||||
-a always,exit -F path=/usr/bin/sudoedit -F perm=x -F auid>=1000 -F auid!=4294967295 -k privileged-priv_change
|
||||
-a always,exit -F path=/usr/bin/chfn -F perm=x -F auid>=500 -F auid!=4294967295 -k privileged-priv_change'
|
||||
AUDIT_PARAMS="-a always,exit -F path=$(which su 2>/dev/null) -F perm=x -F auid>=1000 -F auid!=4294967295 -k privileged-priv_change
|
||||
-a always,exit -F path=$(which sudo 2>/dev/null) -F perm=x -F auid>=1000 -F auid!=4294967295 -k privileged-priv_change
|
||||
-a always,exit -F path=$(which newgrp 2>/dev/null) -F perm=x -F auid>=1000 -F auid!=4294967295 -k privileged-priv_change
|
||||
-a always,exit -F path=$(which chsh 2>/dev/null) -F perm=x -F auid>=1000 -F auid!=4294967295 -k privileged-priv_change
|
||||
-a always,exit -F path=$(which sudoedit 2>/dev/null) -F perm=x -F auid>=1000 -F auid!=4294967295 -k privileged-priv_change
|
||||
-a always,exit -F path=$(which chfn 2>/dev/null) -F perm=x -F auid>=500 -F auid!=4294967295 -k privileged-priv_change"
|
||||
|
||||
set -e # One error, it's over
|
||||
FILE='/etc/audit/rules.d/audit.rules'
|
||||
|
||||
# This function will be called if the script status is on enabled / audit mode
|
||||
|
|
@ -30,6 +30,11 @@ audit () {
|
|||
c_IFS=$'\n'
|
||||
IFS=$c_IFS
|
||||
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
||||
check_audit_path $AUDIT_VALUE
|
||||
if [ $FNRET -eq 1 ];then
|
||||
crit "path is not exsit! Please check file path is exist!"
|
||||
continue
|
||||
else
|
||||
debug "$AUDIT_VALUE should be in file $FILE"
|
||||
IFS=$d_IFS
|
||||
does_pattern_exist_in_file $FILE "$AUDIT_VALUE"
|
||||
|
|
@ -39,6 +44,7 @@ audit () {
|
|||
else
|
||||
ok "$AUDIT_VALUE is present in $FILE"
|
||||
fi
|
||||
fi
|
||||
done
|
||||
IFS=$d_IFS
|
||||
}
|
||||
|
|
@ -47,6 +53,11 @@ audit () {
|
|||
apply () {
|
||||
IFS=$'\n'
|
||||
for AUDIT_VALUE in $AUDIT_PARAMS; do
|
||||
check_audit_path $AUDIT_VALUE
|
||||
if [ $FNRET -eq 1 ];then
|
||||
crit "path is not exsit! Please check file path is exist!"
|
||||
continue
|
||||
else
|
||||
debug "$AUDIT_VALUE should be in file $FILE"
|
||||
does_pattern_exist_in_file $FILE "$AUDIT_VALUE"
|
||||
if [ $FNRET != 0 ]; then
|
||||
|
|
@ -56,6 +67,7 @@ apply () {
|
|||
else
|
||||
ok "$AUDIT_VALUE is present in $FILE"
|
||||
fi
|
||||
fi
|
||||
done
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -957,6 +957,7 @@ yum_check_updates()
|
|||
|
||||
# Check path of audit rule is exist, return 0 if path string is not NULL, else return 1
|
||||
# Example:
|
||||
# Process only the following format:
|
||||
# AUDITRULE="-a always,exit -F path=/usr/bin/passwd -F perm=x -F auid>=1000 -F auid!=4294967295 -k privileged-passwd"
|
||||
check_audit_path ()
|
||||
{
|
||||
|
|
|
|||
Loading…
Reference in New Issue