tyler.durden
/
harbian-audit
mirror of https://github.com/hardenedlinux/harbian-audit.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Modify some checklists apply check_audit_path

This commit is contained in:
Samson-W 2021-06-22 21:20:30 +08:00
parent fad9b17d38
commit e45da09761
14 changed files with 322 additions and 171 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
bin/hardening/8.1.10_record_dac_edit.sh
View File

@ -29,11 +29,17 @@ audit () {
fi
for AUDIT_VALUE in $AUDIT_PARAMS; do
debug "$AUDIT_VALUE should be in file $FILE"
does_pattern_exist_in_file $FILE "$AUDIT_VALUE"
if [ $FNRET != 0 ]; then
crit "$AUDIT_VALUE is not in file $FILE"
check_audit_path $AUDIT_VALUE
if [ $FNRET -eq 1 ];then
warn "path is not exsit! Please check file path is exist!"
continue
else
ok "$AUDIT_VALUE is present in $FILE"
does_pattern_exist_in_file $FILE "$AUDIT_VALUE"
if [ $FNRET != 0 ]; then
crit "$AUDIT_VALUE is not in file $FILE"
else
ok "$AUDIT_VALUE is present in $FILE"
fi
fi
done
IFS=$d_IFS
@ -45,13 +51,19 @@ apply () {
IFS=$'\n'
for AUDIT_VALUE in $AUDIT_PARAMS; do
debug "$AUDIT_VALUE should be in file $FILE"
does_pattern_exist_in_file $FILE "$AUDIT_VALUE"
if [ $FNRET != 0 ]; then
warn "$AUDIT_VALUE is not in file $FILE, adding it"
add_end_of_file $FILE $AUDIT_VALUE
check_auditd_is_immutable_mode
else
ok "$AUDIT_VALUE is present in $FILE"
check_audit_path $AUDIT_VALUE
if [ $FNRET -eq 1 ];then
warn "path is not exsit! Please check file path is exist!"
continue
else
does_pattern_exist_in_file $FILE "$AUDIT_VALUE"
if [ $FNRET != 0 ]; then
warn "$AUDIT_VALUE is not in file $FILE, adding it"
add_end_of_file $FILE $AUDIT_VALUE
check_auditd_is_immutable_mode
else
ok "$AUDIT_VALUE is present in $FILE"
fi
fi
done
IFS=$d_IFS

36
bin/hardening/8.1.15_record_sudoers_edit.sh
View File

@ -24,11 +24,17 @@ audit () {
IFS=$'\n'
for AUDIT_VALUE in $AUDIT_PARAMS; do
debug "$AUDIT_VALUE should be in file $FILE"
does_pattern_exist_in_file $FILE "$AUDIT_VALUE"
if [ $FNRET != 0 ]; then
crit "$AUDIT_VALUE is not in file $FILE"
else
ok "$AUDIT_VALUE is present in $FILE"
check_audit_path $AUDIT_VALUE
if [ $FNRET -eq 1 ];then
warn "path is not exsit! Please check file path is exist!"
continue
else
does_pattern_exist_in_file $FILE "$AUDIT_VALUE"
if [ $FNRET != 0 ]; then
crit "$AUDIT_VALUE is not in file $FILE"
else
ok "$AUDIT_VALUE is present in $FILE"
fi
fi
done
IFS=$d_IFS
@ -40,13 +46,19 @@ apply () {
IFS=$'\n'
for AUDIT_VALUE in $AUDIT_PARAMS; do
debug "$AUDIT_VALUE should be in file $FILE"
does_pattern_exist_in_file $FILE "$AUDIT_VALUE"
if [ $FNRET != 0 ]; then
warn "$AUDIT_VALUE is not in file $FILE, adding it"
add_end_of_file $FILE $AUDIT_VALUE
check_auditd_is_immutable_mode
else
ok "$AUDIT_VALUE is present in $FILE"
check_audit_path $AUDIT_VALUE
if [ $FNRET -eq 1 ];then
warn "path is not exsit! Please check file path is exist!"
continue
else
does_pattern_exist_in_file $FILE "$AUDIT_VALUE"
if [ $FNRET != 0 ]; then
warn "$AUDIT_VALUE is not in file $FILE, adding it"
add_end_of_file $FILE $AUDIT_VALUE
check_auditd_is_immutable_mode
else
ok "$AUDIT_VALUE is present in $FILE"
fi
fi
done
IFS=$d_IFS

21
bin/hardening/8.1.16_record_sudo_usage.sh
View File

@ -22,12 +22,17 @@ audit () {
# define custom IFS and save default one
d_IFS=$IFS
IFS=$'\n'
does_pattern_exist_in_file $FILE "$AUDIT_VALUE"
if [ $FNRET != 0 ]; then
crit "$AUDIT_VALUE is not in file $FILE"
FNRET=1
else
ok "$AUDIT_VALUE is present in $FILE"
check_audit_path $AUDIT_VALUE
if [ $FNRET -eq 1 ];then
warn "path is not exsit! Please check file path is exist!"
else
does_pattern_exist_in_file $FILE "$AUDIT_VALUE"
if [ $FNRET != 0 ]; then
crit "$AUDIT_VALUE is not in file $FILE"
FNRET=2
else
ok "$AUDIT_VALUE is present in $FILE"
fi
fi
IFS=$d_IFS
}
@ -37,10 +42,12 @@ apply () {
# define custom IFS and save default one
d_IFS=$IFS
IFS=$'\n'
if [ $FNRET = 1 ]; then
if [ $FNRET = 2 ]; then
warn "$AUDIT_VALUE is not in file $FILE, adding it"
add_end_of_file $FILE $AUDIT_VALUE
check_auditd_is_immutable_mode
elif [ $FNRET -eq 1 ];then
warn "path is not exsit! Please check file path is exist!"
else
ok "$AUDIT_VALUE is present in $FILE"
fi

38
bin/hardening/8.1.17_record_kernel_modules.sh
View File

@ -41,12 +41,18 @@ audit () {
fi
for AUDIT_VALUE in $AUDIT_PARAMS; do
debug "$AUDIT_VALUE should be in file $FILE"
does_pattern_exist_in_file $FILE "$AUDIT_VALUE"
if [ $FNRET != 0 ]; then
crit "$AUDIT_VALUE is not in file $FILE"
else
ok "$AUDIT_VALUE is present in $FILE"
fi
check_audit_path $AUDIT_VALUE
if [ $FNRET -eq 1 ];then
warn "path is not exsit! Please check file path is exist!"
continue
else
does_pattern_exist_in_file $FILE "$AUDIT_VALUE"
if [ $FNRET != 0 ]; then
crit "$AUDIT_VALUE is not in file $FILE"
else
ok "$AUDIT_VALUE is present in $FILE"
fi
fi
done
IFS=$d_IFS
}
@ -57,13 +63,19 @@ apply () {
IFS=$'\n'
for AUDIT_VALUE in $AUDIT_PARAMS; do
debug "$AUDIT_VALUE should be in file $FILE"
does_pattern_exist_in_file $FILE "$AUDIT_VALUE"
if [ $FNRET != 0 ]; then
warn "$AUDIT_VALUE is not in file $FILE, adding it"
add_end_of_file $FILE $AUDIT_VALUE
check_auditd_is_immutable_mode
else
ok "$AUDIT_VALUE is present in $FILE"
check_audit_path $AUDIT_VALUE
if [ $FNRET -eq 1 ];then
warn "path is not exsit! Please check file path is exist!"
continue
else
does_pattern_exist_in_file $FILE "$AUDIT_VALUE"
if [ $FNRET != 0 ]; then
warn "$AUDIT_VALUE is not in file $FILE, adding it"
add_end_of_file $FILE $AUDIT_VALUE
check_auditd_is_immutable_mode
else
ok "$AUDIT_VALUE is present in $FILE"
fi
fi
done
IFS=$d_IFS

8
bin/hardening/8.1.18_record_Events_netfilter.sh
View File

@ -67,13 +67,13 @@ check_config() {
if [ $DONT_AUDITD_BY_UID -eq 1 ]; then
AUDIT_PARAMS='-w /etc/nftables.conf -p wa -k nft_config_file_change
-w /usr/share/netfilter-persistent/plugins.d/ -p wa -k nft_config_file_change
-a always,exit -F path=/usr/sbin/netfilter-persistent -F perm=x -k nft_persistent_use
-a always,exit -F path=/usr/sbin/nft -F perm=x -k nft_cmd_use'
-w /usr/sbin/netfilter-persistent -p x -k nft_persistent_use
-w /usr/sbin/nft -p x -k nft_cmd_use'
else
AUDIT_PARAMS='-w /etc/nftables.conf -p wa -k nft_config_file_change
-w /usr/share/netfilter-persistent/plugins.d/ -p wa -k nft_config_file_change
-a always,exit -F path=/usr/sbin/netfilter-persistent -F perm=x -F auid>=1000 -F auid!=4294967295 -k nft_persistent_use
-a always,exit -F path=/usr/sbin/nft -F perm=x -F auid>=1000 -F auid!=4294967295 -k nft_cmd_use'
-w /usr/sbin/netfilter-persistent -p x -F auid>=1000 -F auid!=4294967295 -k nft_persistent_use
-w /usr/sbin/nft -p x -F auid>=1000 -F auid!=4294967295 -k nft_cmd_use'
fi
}

46
bin/hardening/8.1.31_record_file_transfer_related.sh
View File

@ -25,15 +25,21 @@ audit () {
IFS=$c_IFS
for AUDIT_VALUE in $AUDIT_PARAMS; do
debug "$AUDIT_VALUE should be in file $FILE"
IFS=$d_IFS
RESULT=$(echo $AUDIT_VALUE | awk -F"-F" '{print $2}' | awk -F"=" '{print $2}')
does_valid_pattern_exist_in_file $FILE "$RESULT"
IFS=$c_IFS
if [ $FNRET != 0 ]; then
crit "$RESULT is not in file $FILE"
else
ok "$RESULT is present in $FILE"
fi
check_audit_path $AUDIT_VALUE
if [ $FNRET -eq 1 ];then
warn "path is not exsit! Please check file path is exist!"
continue
else
IFS=$d_IFS
RESULT=$(echo $AUDIT_VALUE | awk -F"-F" '{print $2}' | awk -F"=" '{print $2}')
does_valid_pattern_exist_in_file $FILE "$RESULT"
IFS=$c_IFS
if [ $FNRET != 0 ]; then
crit "$RESULT is not in file $FILE"
else
ok "$RESULT is present in $FILE"
fi
fi
done
IFS=$d_IFS
}
@ -43,14 +49,20 @@ apply () {
IFS=$'\n'
for AUDIT_VALUE in $AUDIT_PARAMS; do
debug "$AUDIT_VALUE should be in file $FILE"
RESULT=$(echo $AUDIT_VALUE | awk -F"-F" '{print $2}' | awk -F"=" '{print $2}')
does_valid_pattern_exist_in_file $FILE "$RESULT"
if [ $FNRET != 0 ]; then
warn "$AUDIT_VALUE is not in file $FILE, adding it"
add_end_of_file $FILE $AUDIT_VALUE
check_auditd_is_immutable_mode
else
ok "$AUDIT_VALUE is present in $FILE"
check_audit_path $AUDIT_VALUE
if [ $FNRET -eq 1 ];then
warn "path is not exsit! Please check file path is exist!"
continue
else
RESULT=$(echo $AUDIT_VALUE | awk -F"-F" '{print $2}' | awk -F"=" '{print $2}')
does_valid_pattern_exist_in_file $FILE "$RESULT"
if [ $FNRET != 0 ]; then
warn "$AUDIT_VALUE is not in file $FILE, adding it"
add_end_of_file $FILE $AUDIT_VALUE
check_auditd_is_immutable_mode
else
ok "$AUDIT_VALUE is present in $FILE"
fi
fi
done
}

44
bin/hardening/8.1.32_record_ufw_of_debian_like.sh
View File

@ -33,14 +33,20 @@ audit () {
IFS=$c_IFS
for AUDIT_VALUE in $AUDIT_PARAMS; do
debug "$AUDIT_VALUE should be in file $FILE"
IFS=$d_IFS
RESULT=$(echo $AUDIT_VALUE | awk -F"-F" '{print $2}' | awk -F"=" '{print $2}')
does_valid_pattern_exist_in_file $FILE "$RESULT"
IFS=$c_IFS
if [ $FNRET != 0 ]; then
crit "$RESULT is not in file $FILE"
else
ok "$RESULT is present in $FILE"
check_audit_path $AUDIT_VALUE
if [ $FNRET -eq 1 ];then
warn "path is not exsit! Please check file path is exist!"
continue
else
IFS=$d_IFS
RESULT=$(echo $AUDIT_VALUE | awk -F"-F" '{print $2}' | awk -F"=" '{print $2}')
does_valid_pattern_exist_in_file $FILE "$RESULT"
IFS=$c_IFS
if [ $FNRET != 0 ]; then
crit "$RESULT is not in file $FILE"
else
ok "$RESULT is present in $FILE"
fi
fi
done
IFS=$d_IFS
@ -55,14 +61,20 @@ apply () {
IFS=$'\n'
for AUDIT_VALUE in $AUDIT_PARAMS; do
debug "$AUDIT_VALUE should be in file $FILE"
RESULT=$(echo $AUDIT_VALUE | awk -F"-F" '{print $2}' | awk -F"=" '{print $2}')
does_valid_pattern_exist_in_file $FILE "$RESULT"
if [ $FNRET != 0 ]; then
warn "$AUDIT_VALUE is not in file $FILE, adding it"
add_end_of_file $FILE $AUDIT_VALUE
check_auditd_is_immutable_mode
else
ok "$AUDIT_VALUE is present in $FILE"
check_audit_path $AUDIT_VALUE
if [ $FNRET -eq 1 ];then
warn "path is not exsit! Please check file path is exist!"
continue
else
RESULT=$(echo $AUDIT_VALUE | awk -F"-F" '{print $2}' | awk -F"=" '{print $2}')
does_valid_pattern_exist_in_file $FILE "$RESULT"
if [ $FNRET != 0 ]; then
warn "$AUDIT_VALUE is not in file $FILE, adding it"
add_end_of_file $FILE $AUDIT_VALUE
check_auditd_is_immutable_mode
else
ok "$AUDIT_VALUE is present in $FILE"
fi
fi
done
fi

44
bin/hardening/8.1.33_record_iptables_restore_exec.sh
View File

@ -27,14 +27,20 @@ audit () {
IFS=$c_IFS
for AUDIT_VALUE in $AUDIT_PARAMS; do
debug "$AUDIT_VALUE should be in file $FILE"
IFS=$d_IFS
RESULT=$(echo $AUDIT_VALUE | awk -F"-F" '{print $2}' | awk -F"=" '{print $2}')
does_valid_pattern_exist_in_file $FILE "$RESULT"
IFS=$c_IFS
if [ $FNRET != 0 ]; then
crit "$RESULT is not in file $FILE"
else
ok "$RESULT is present in $FILE"
check_audit_path $AUDIT_VALUE
if [ $FNRET -eq 1 ];then
warn "path is not exsit! Please check file path is exist!"
continue
else
IFS=$d_IFS
RESULT=$(echo $AUDIT_VALUE | awk -F"-F" '{print $2}' | awk -F"=" '{print $2}')
does_valid_pattern_exist_in_file $FILE "$RESULT"
IFS=$c_IFS
if [ $FNRET != 0 ]; then
crit "$RESULT is not in file $FILE"
else
ok "$RESULT is present in $FILE"
fi
fi
done
IFS=$d_IFS
@ -45,14 +51,20 @@ apply () {
IFS=$'\n'
for AUDIT_VALUE in $AUDIT_PARAMS; do
debug "$AUDIT_VALUE should be in file $FILE"
RESULT=$(echo $AUDIT_VALUE | awk -F"-F" '{print $2}' | awk -F"=" '{print $2}')
does_valid_pattern_exist_in_file $FILE "$RESULT"
if [ $FNRET != 0 ]; then
warn "$AUDIT_VALUE is not in file $FILE, adding it"
add_end_of_file $FILE $AUDIT_VALUE
check_auditd_is_immutable_mode
else
ok "$AUDIT_VALUE is present in $FILE"
check_audit_path $AUDIT_VALUE
if [ $FNRET -eq 1 ];then
warn "path is not exsit! Please check file path is exist!"
continue
else
RESULT=$(echo $AUDIT_VALUE | awk -F"-F" '{print $2}' | awk -F"=" '{print $2}')
does_valid_pattern_exist_in_file $FILE "$RESULT"
if [ $FNRET != 0 ]; then
warn "$AUDIT_VALUE is not in file $FILE, adding it"
add_end_of_file $FILE $AUDIT_VALUE
check_auditd_is_immutable_mode
else
ok "$AUDIT_VALUE is present in $FILE"
fi
fi
done
}

38
bin/hardening/8.1.4_record_date_time_edit.sh
View File

@ -39,11 +39,17 @@ audit () {
fi
for AUDIT_VALUE in $AUDIT_PARAMS; do
debug "$AUDIT_VALUE should be in file $FILE"
does_pattern_exist_in_file $FILE ""$AUDIT_VALUE""
if [ $FNRET != 0 ]; then
crit "$AUDIT_VALUE is not in file $FILE"
else
ok "$AUDIT_VALUE is present in $FILE"
check_audit_path $AUDIT_VALUE
if [ $FNRET -eq 1 ];then
warn "path is not exsit! Please check file path is exist!"
continue
else
does_pattern_exist_in_file $FILE ""$AUDIT_VALUE""
if [ $FNRET != 0 ]; then
crit "$AUDIT_VALUE is not in file $FILE"
else
ok "$AUDIT_VALUE is present in $FILE"
fi
fi
done
IFS=$d_IFS
@ -55,14 +61,20 @@ apply () {
IFS=$'\n'
for AUDIT_VALUE in $AUDIT_PARAMS; do
debug "$AUDIT_VALUE should be in file $FILE"
does_pattern_exist_in_file $FILE ""$AUDIT_VALUE""
if [ $FNRET != 0 ]; then
warn "$AUDIT_VALUE is not in file $FILE, adding it"
add_end_of_file $FILE $AUDIT_VALUE
check_auditd_is_immutable_mode
else
ok "$AUDIT_VALUE is present in $FILE"
fi
check_audit_path $AUDIT_VALUE
if [ $FNRET -eq 1 ];then
warn "path is not exsit! Please check file path is exist!"
continue
else
does_pattern_exist_in_file $FILE ""$AUDIT_VALUE""
if [ $FNRET != 0 ]; then
warn "$AUDIT_VALUE is not in file $FILE, adding it"
add_end_of_file $FILE $AUDIT_VALUE
check_auditd_is_immutable_mode
else
ok "$AUDIT_VALUE is present in $FILE"
fi
fi
done
IFS=$d_IFS
}

38
bin/hardening/8.1.5_record_user_group_edit.sh
View File

@ -27,12 +27,18 @@ audit () {
IFS=$'\n'
for AUDIT_VALUE in $AUDIT_PARAMS; do
debug "$AUDIT_VALUE should be in file $FILE"
does_pattern_exist_in_file $FILE "$AUDIT_VALUE"
if [ $FNRET != 0 ]; then
crit "$AUDIT_VALUE is not in file $FILE"
else
ok "$AUDIT_VALUE is present in $FILE"
fi
check_audit_path $AUDIT_VALUE
if [ $FNRET -eq 1 ];then
warn "path is not exsit! Please check file path is exist!"
continue
else
does_pattern_exist_in_file $FILE "$AUDIT_VALUE"
if [ $FNRET != 0 ]; then
crit "$AUDIT_VALUE is not in file $FILE"
else
ok "$AUDIT_VALUE is present in $FILE"
fi
fi
done
IFS=$d_IFS
}
@ -43,13 +49,19 @@ apply () {
IFS=$'\n'
for AUDIT_VALUE in $AUDIT_PARAMS; do
debug "$AUDIT_VALUE should be in file $FILE"
does_pattern_exist_in_file $FILE "$AUDIT_VALUE"
if [ $FNRET != 0 ]; then
warn "$AUDIT_VALUE is not in file $FILE, adding it"
add_end_of_file $FILE $AUDIT_VALUE
check_auditd_is_immutable_mode
else
ok "$AUDIT_VALUE is present in $FILE"
check_audit_path $AUDIT_VALUE
if [ $FNRET -eq 1 ];then
warn "path is not exsit! Please check file path is exist!"
continue
else
does_pattern_exist_in_file $FILE "$AUDIT_VALUE"
if [ $FNRET != 0 ]; then
warn "$AUDIT_VALUE is not in file $FILE, adding it"
add_end_of_file $FILE $AUDIT_VALUE
check_auditd_is_immutable_mode
else
ok "$AUDIT_VALUE is present in $FILE"
fi
fi
done
IFS=$d_IFS

38
bin/hardening/8.1.6_record_network_edit.sh
View File

@ -40,12 +40,18 @@ audit () {
fi
for AUDIT_VALUE in $AUDIT_PARAMS; do
debug "$AUDIT_VALUE should be in file $FILE"
does_pattern_exist_in_file $FILE "$AUDIT_VALUE"
if [ $FNRET != 0 ]; then
crit "$AUDIT_VALUE is not in file $FILE"
else
ok "$AUDIT_VALUE is present in $FILE"
fi
check_audit_path $AUDIT_VALUE
if [ $FNRET -eq 1 ];then
warn "path is not exsit! Please check file path is exist!"
continue
else
does_pattern_exist_in_file $FILE "$AUDIT_VALUE"
if [ $FNRET != 0 ]; then
crit "$AUDIT_VALUE is not in file $FILE"
else
ok "$AUDIT_VALUE is present in $FILE"
fi
fi
done
IFS=$d_IFS
}
@ -56,13 +62,19 @@ apply () {
IFS=$'\n'
for AUDIT_VALUE in $AUDIT_PARAMS; do
debug "$AUDIT_VALUE should be in file $FILE"
does_pattern_exist_in_file $FILE "$AUDIT_VALUE"
if [ $FNRET != 0 ]; then
warn "$AUDIT_VALUE is not in file $FILE, adding it"
add_end_of_file $FILE $AUDIT_VALUE
check_auditd_is_immutable_mode
else
ok "$AUDIT_VALUE is present in $FILE"
check_audit_path $AUDIT_VALUE
if [ $FNRET -eq 1 ];then
warn "path is not exsit! Please check file path is exist!"
continue
else
does_pattern_exist_in_file $FILE "$AUDIT_VALUE"
if [ $FNRET != 0 ]; then
warn "$AUDIT_VALUE is not in file $FILE, adding it"
add_end_of_file $FILE $AUDIT_VALUE
check_auditd_is_immutable_mode
else
ok "$AUDIT_VALUE is present in $FILE"
fi
fi
done
IFS=$d_IFS

36
bin/hardening/8.1.7_record_mac_edit.sh
View File

@ -46,11 +46,17 @@ audit () {
fi
for AUDIT_VALUE in $AUDIT_PARAMS; do
debug "$AUDIT_VALUE should be in file $FILE"
does_pattern_exist_in_file $FILE "$AUDIT_VALUE"
if [ $FNRET != 0 ]; then
crit "$AUDIT_VALUE is not in file $FILE"
else
ok "$AUDIT_VALUE is present in $FILE"
check_audit_path $AUDIT_VALUE
if [ $FNRET -eq 1 ];then
warn "path is not exsit! Please check file path is exist!"
continue
else
does_pattern_exist_in_file $FILE "$AUDIT_VALUE"
if [ $FNRET != 0 ]; then
crit "$AUDIT_VALUE is not in file $FILE"
else
ok "$AUDIT_VALUE is present in $FILE"
fi
fi
done
IFS=$d_IFS
@ -78,13 +84,19 @@ apply () {
fi
for AUDIT_VALUE in $AUDIT_PARAMS; do
debug "$AUDIT_VALUE should be in file $FILE"
does_pattern_exist_in_file $FILE "$AUDIT_VALUE"
if [ $FNRET != 0 ]; then
warn "$AUDIT_VALUE is not in file $FILE, adding it"
add_end_of_file $FILE $AUDIT_VALUE
check_auditd_is_immutable_mode
else
ok "$AUDIT_VALUE is present in $FILE"
check_audit_path $AUDIT_VALUE
if [ $FNRET -eq 1 ];then
warn "path is not exsit! Please check file path is exist!"
continue
else
does_pattern_exist_in_file $FILE "$AUDIT_VALUE"
if [ $FNRET != 0 ]; then
warn "$AUDIT_VALUE is not in file $FILE, adding it"
add_end_of_file $FILE $AUDIT_VALUE
check_auditd_is_immutable_mode
else
ok "$AUDIT_VALUE is present in $FILE"
fi
fi
done
IFS=$d_IFS

36
bin/hardening/8.1.8_record_login_logout.sh
View File

@ -32,11 +32,17 @@ audit () {
IFS=$'\n'
for AUDIT_VALUE in $AUDIT_PARAMS; do
debug "$AUDIT_VALUE should be in file $FILE"
does_pattern_exist_in_file $FILE "$AUDIT_VALUE"
if [ $FNRET != 0 ]; then
crit "$AUDIT_VALUE is not in file $FILE"
else
ok "$AUDIT_VALUE is present in $FILE"
check_audit_path $AUDIT_VALUE
if [ $FNRET -eq 1 ];then
warn "path is not exsit! Please check file path is exist!"
continue
else
does_pattern_exist_in_file $FILE "$AUDIT_VALUE"
if [ $FNRET != 0 ]; then
crit "$AUDIT_VALUE is not in file $FILE"
else
ok "$AUDIT_VALUE is present in $FILE"
fi
fi
done
IFS=$d_IFS
@ -51,13 +57,19 @@ apply () {
IFS=$'\n'
for AUDIT_VALUE in $AUDIT_PARAMS; do
debug "$AUDIT_VALUE should be in file $FILE"
does_pattern_exist_in_file $FILE "$AUDIT_VALUE"
if [ $FNRET != 0 ]; then
warn "$AUDIT_VALUE is not in file $FILE, adding it"
add_end_of_file $FILE $AUDIT_VALUE
check_auditd_is_immutable_mode
else
ok "$AUDIT_VALUE is present in $FILE"
check_audit_path $AUDIT_VALUE
if [ $FNRET -eq 1 ];then
warn "path is not exsit! Please check file path is exist!"
continue
else
does_pattern_exist_in_file $FILE "$AUDIT_VALUE"
if [ $FNRET != 0 ]; then
warn "$AUDIT_VALUE is not in file $FILE, adding it"
add_end_of_file $FILE $AUDIT_VALUE
check_auditd_is_immutable_mode
else
ok "$AUDIT_VALUE is present in $FILE"
fi
fi
done
IFS=$d_IFS

36
bin/hardening/8.1.9_record_session_init.sh
View File

@ -31,11 +31,17 @@ audit () {
IFS=$'\n'
for AUDIT_VALUE in $AUDIT_PARAMS; do
debug "$AUDIT_VALUE should be in file $FILE"
does_pattern_exist_in_file $FILE "$AUDIT_VALUE"
if [ $FNRET != 0 ]; then
crit "$AUDIT_VALUE is not in file $FILE"
else
ok "$AUDIT_VALUE is present in $FILE"
check_audit_path $AUDIT_VALUE
if [ $FNRET -eq 1 ];then
warn "path is not exsit! Please check file path is exist!"
continue
else
does_pattern_exist_in_file $FILE "$AUDIT_VALUE"
if [ $FNRET != 0 ]; then
crit "$AUDIT_VALUE is not in file $FILE"
else
ok "$AUDIT_VALUE is present in $FILE"
fi
fi
done
IFS=$d_IFS
@ -50,13 +56,19 @@ apply () {
IFS=$'\n'
for AUDIT_VALUE in $AUDIT_PARAMS; do
debug "$AUDIT_VALUE should be in file $FILE"
does_pattern_exist_in_file $FILE "$AUDIT_VALUE"
if [ $FNRET != 0 ]; then
warn "$AUDIT_VALUE is not in file $FILE, adding it"
add_end_of_file $FILE $AUDIT_VALUE
check_auditd_is_immutable_mode
else
ok "$AUDIT_VALUE is present in $FILE"
check_audit_path $AUDIT_VALUE
if [ $FNRET -eq 1 ];then
warn "path is not exsit! Please check file path is exist!"
continue
else
does_pattern_exist_in_file $FILE "$AUDIT_VALUE"
if [ $FNRET != 0 ]; then
warn "$AUDIT_VALUE is not in file $FILE, adding it"
add_end_of_file $FILE $AUDIT_VALUE
check_auditd_is_immutable_mode
else
ok "$AUDIT_VALUE is present in $FILE"
fi
fi
done
IFS=$d_IFS