tyler.durden
/
harbian-audit
mirror of https://github.com/hardenedlinux/harbian-audit.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Modified utils.sh and 8.7 to be compatible with CentOS.

This commit is contained in:
Samson-W 2019-08-02 15:44:39 +08:00
parent 359a7c3c5e
commit db2f6a5f34
2 changed files with 23 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
bin/hardening/8.7_verify_integrity_packages.sh
View File

@ -1,14 +1,14 @@
#!/bin/bash
#
# harbian audit 7/8/9 Hardening
# harbian audit 7/8/9/10 or CentOS Hardening
#
#
# 8.7 Verifies integrity all packages (Scored)
# Author : Samson wen, Samson <sccxboy@gmail.com>
#
set -e # One error, it's over
set -e # One error, it's over
set -u # One variable unset, it's over
HARDENING_LEVEL=5
@ -25,7 +25,7 @@ audit () {
# This function will be called if the script status is on enabled mode
apply () {
info "This check item need to confirm manually. No automatic fix is available."
warn "This check item need to confirm manually. No automatic fix is available."
}
# This function will check config parameters required

28
lib/utils.sh
View File

@ -521,17 +521,29 @@ is_pkg_installed()
verify_integrity_all_packages()
{
if [ $OS_RELEASE -eq 2 ]; then
:
set +e
rpm -Va > /dev/shm/yum_verify_ret
COUNT=$(cat /dev/shm/yum_verify_ret | wc -l )
if [ $COUNT -gt 0 ]; then
debug "Verify integrity all packages is fail"
cat /dev/shm/yum_verify_ret
rm /dev/shm/yum_verify_ret
FNRET=1
else
debug "Verify integrity all packages is OK"
FNRET=0
fi
set -e
else
dpkg -V > /dev/shm/dpkg_verify_ret
if [ $(cat /dev/shm/dpkg_verify_ret | wc -l) -gt 0 ]; then
debug "Verify integrity all packages is fail"
if [ $(cat /dev/shm/dpkg_verify_ret | wc -l) -gt 0 ]; then
debug "Verify integrity all packages is fail"
cat /dev/shm/dpkg_verify_ret
FNRET=1
else
debug "Verify integrity all packages is OK"
FNRET=0
fi
FNRET=1
else
debug "Verify integrity all packages is OK"
FNRET=0
fi
fi
}