diff --git a/bin/hardening/8.1.10_record_dac_edit.sh b/bin/hardening/8.1.10_record_dac_edit.sh index c7509e8..4639b3a 100755 --- a/bin/hardening/8.1.10_record_dac_edit.sh +++ b/bin/hardening/8.1.10_record_dac_edit.sh @@ -29,11 +29,17 @@ audit () { fi for AUDIT_VALUE in $AUDIT_PARAMS; do debug "$AUDIT_VALUE should be in file $FILE" - does_pattern_exist_in_file $FILE "$AUDIT_VALUE" - if [ $FNRET != 0 ]; then - crit "$AUDIT_VALUE is not in file $FILE" + check_audit_path $AUDIT_VALUE + if [ $FNRET -eq 1 ];then + warn "path is not exsit! Please check file path is exist!" + continue else - ok "$AUDIT_VALUE is present in $FILE" + does_pattern_exist_in_file $FILE "$AUDIT_VALUE" + if [ $FNRET != 0 ]; then + crit "$AUDIT_VALUE is not in file $FILE" + else + ok "$AUDIT_VALUE is present in $FILE" + fi fi done IFS=$d_IFS @@ -45,13 +51,19 @@ apply () { IFS=$'\n' for AUDIT_VALUE in $AUDIT_PARAMS; do debug "$AUDIT_VALUE should be in file $FILE" - does_pattern_exist_in_file $FILE "$AUDIT_VALUE" - if [ $FNRET != 0 ]; then - warn "$AUDIT_VALUE is not in file $FILE, adding it" - add_end_of_file $FILE $AUDIT_VALUE - check_auditd_is_immutable_mode - else - ok "$AUDIT_VALUE is present in $FILE" + check_audit_path $AUDIT_VALUE + if [ $FNRET -eq 1 ];then + warn "path is not exsit! Please check file path is exist!" + continue + else + does_pattern_exist_in_file $FILE "$AUDIT_VALUE" + if [ $FNRET != 0 ]; then + warn "$AUDIT_VALUE is not in file $FILE, adding it" + add_end_of_file $FILE $AUDIT_VALUE + check_auditd_is_immutable_mode + else + ok "$AUDIT_VALUE is present in $FILE" + fi fi done IFS=$d_IFS diff --git a/bin/hardening/8.1.15_record_sudoers_edit.sh b/bin/hardening/8.1.15_record_sudoers_edit.sh index 5d30bc7..abfbd74 100755 --- a/bin/hardening/8.1.15_record_sudoers_edit.sh +++ b/bin/hardening/8.1.15_record_sudoers_edit.sh @@ -24,11 +24,17 @@ audit () { IFS=$'\n' for AUDIT_VALUE in $AUDIT_PARAMS; do debug "$AUDIT_VALUE should be in file $FILE" - does_pattern_exist_in_file $FILE "$AUDIT_VALUE" - if [ $FNRET != 0 ]; then - crit "$AUDIT_VALUE is not in file $FILE" - else - ok "$AUDIT_VALUE is present in $FILE" + check_audit_path $AUDIT_VALUE + if [ $FNRET -eq 1 ];then + warn "path is not exsit! Please check file path is exist!" + continue + else + does_pattern_exist_in_file $FILE "$AUDIT_VALUE" + if [ $FNRET != 0 ]; then + crit "$AUDIT_VALUE is not in file $FILE" + else + ok "$AUDIT_VALUE is present in $FILE" + fi fi done IFS=$d_IFS @@ -40,13 +46,19 @@ apply () { IFS=$'\n' for AUDIT_VALUE in $AUDIT_PARAMS; do debug "$AUDIT_VALUE should be in file $FILE" - does_pattern_exist_in_file $FILE "$AUDIT_VALUE" - if [ $FNRET != 0 ]; then - warn "$AUDIT_VALUE is not in file $FILE, adding it" - add_end_of_file $FILE $AUDIT_VALUE - check_auditd_is_immutable_mode - else - ok "$AUDIT_VALUE is present in $FILE" + check_audit_path $AUDIT_VALUE + if [ $FNRET -eq 1 ];then + warn "path is not exsit! Please check file path is exist!" + continue + else + does_pattern_exist_in_file $FILE "$AUDIT_VALUE" + if [ $FNRET != 0 ]; then + warn "$AUDIT_VALUE is not in file $FILE, adding it" + add_end_of_file $FILE $AUDIT_VALUE + check_auditd_is_immutable_mode + else + ok "$AUDIT_VALUE is present in $FILE" + fi fi done IFS=$d_IFS diff --git a/bin/hardening/8.1.16_record_sudo_usage.sh b/bin/hardening/8.1.16_record_sudo_usage.sh index 8a8c515..15ac4ee 100755 --- a/bin/hardening/8.1.16_record_sudo_usage.sh +++ b/bin/hardening/8.1.16_record_sudo_usage.sh @@ -22,12 +22,17 @@ audit () { # define custom IFS and save default one d_IFS=$IFS IFS=$'\n' - does_pattern_exist_in_file $FILE "$AUDIT_VALUE" - if [ $FNRET != 0 ]; then - crit "$AUDIT_VALUE is not in file $FILE" - FNRET=1 - else - ok "$AUDIT_VALUE is present in $FILE" + check_audit_path $AUDIT_VALUE + if [ $FNRET -eq 1 ];then + warn "path is not exsit! Please check file path is exist!" + else + does_pattern_exist_in_file $FILE "$AUDIT_VALUE" + if [ $FNRET != 0 ]; then + crit "$AUDIT_VALUE is not in file $FILE" + FNRET=2 + else + ok "$AUDIT_VALUE is present in $FILE" + fi fi IFS=$d_IFS } @@ -37,10 +42,12 @@ apply () { # define custom IFS and save default one d_IFS=$IFS IFS=$'\n' - if [ $FNRET = 1 ]; then + if [ $FNRET = 2 ]; then warn "$AUDIT_VALUE is not in file $FILE, adding it" add_end_of_file $FILE $AUDIT_VALUE check_auditd_is_immutable_mode + elif [ $FNRET -eq 1 ];then + warn "path is not exsit! Please check file path is exist!" else ok "$AUDIT_VALUE is present in $FILE" fi diff --git a/bin/hardening/8.1.17_record_kernel_modules.sh b/bin/hardening/8.1.17_record_kernel_modules.sh index 9e9d33d..b620571 100755 --- a/bin/hardening/8.1.17_record_kernel_modules.sh +++ b/bin/hardening/8.1.17_record_kernel_modules.sh @@ -41,12 +41,18 @@ audit () { fi for AUDIT_VALUE in $AUDIT_PARAMS; do debug "$AUDIT_VALUE should be in file $FILE" - does_pattern_exist_in_file $FILE "$AUDIT_VALUE" - if [ $FNRET != 0 ]; then - crit "$AUDIT_VALUE is not in file $FILE" - else - ok "$AUDIT_VALUE is present in $FILE" - fi + check_audit_path $AUDIT_VALUE + if [ $FNRET -eq 1 ];then + warn "path is not exsit! Please check file path is exist!" + continue + else + does_pattern_exist_in_file $FILE "$AUDIT_VALUE" + if [ $FNRET != 0 ]; then + crit "$AUDIT_VALUE is not in file $FILE" + else + ok "$AUDIT_VALUE is present in $FILE" + fi + fi done IFS=$d_IFS } @@ -57,13 +63,19 @@ apply () { IFS=$'\n' for AUDIT_VALUE in $AUDIT_PARAMS; do debug "$AUDIT_VALUE should be in file $FILE" - does_pattern_exist_in_file $FILE "$AUDIT_VALUE" - if [ $FNRET != 0 ]; then - warn "$AUDIT_VALUE is not in file $FILE, adding it" - add_end_of_file $FILE $AUDIT_VALUE - check_auditd_is_immutable_mode - else - ok "$AUDIT_VALUE is present in $FILE" + check_audit_path $AUDIT_VALUE + if [ $FNRET -eq 1 ];then + warn "path is not exsit! Please check file path is exist!" + continue + else + does_pattern_exist_in_file $FILE "$AUDIT_VALUE" + if [ $FNRET != 0 ]; then + warn "$AUDIT_VALUE is not in file $FILE, adding it" + add_end_of_file $FILE $AUDIT_VALUE + check_auditd_is_immutable_mode + else + ok "$AUDIT_VALUE is present in $FILE" + fi fi done IFS=$d_IFS diff --git a/bin/hardening/8.1.18_record_Events_netfilter.sh b/bin/hardening/8.1.18_record_Events_netfilter.sh index eb7425d..87baae6 100755 --- a/bin/hardening/8.1.18_record_Events_netfilter.sh +++ b/bin/hardening/8.1.18_record_Events_netfilter.sh @@ -67,13 +67,13 @@ check_config() { if [ $DONT_AUDITD_BY_UID -eq 1 ]; then AUDIT_PARAMS='-w /etc/nftables.conf -p wa -k nft_config_file_change -w /usr/share/netfilter-persistent/plugins.d/ -p wa -k nft_config_file_change --a always,exit -F path=/usr/sbin/netfilter-persistent -F perm=x -k nft_persistent_use --a always,exit -F path=/usr/sbin/nft -F perm=x -k nft_cmd_use' +-w /usr/sbin/netfilter-persistent -p x -k nft_persistent_use +-w /usr/sbin/nft -p x -k nft_cmd_use' else AUDIT_PARAMS='-w /etc/nftables.conf -p wa -k nft_config_file_change -w /usr/share/netfilter-persistent/plugins.d/ -p wa -k nft_config_file_change --a always,exit -F path=/usr/sbin/netfilter-persistent -F perm=x -F auid>=1000 -F auid!=4294967295 -k nft_persistent_use --a always,exit -F path=/usr/sbin/nft -F perm=x -F auid>=1000 -F auid!=4294967295 -k nft_cmd_use' +-w /usr/sbin/netfilter-persistent -p x -F auid>=1000 -F auid!=4294967295 -k nft_persistent_use +-w /usr/sbin/nft -p x -F auid>=1000 -F auid!=4294967295 -k nft_cmd_use' fi } diff --git a/bin/hardening/8.1.31_record_file_transfer_related.sh b/bin/hardening/8.1.31_record_file_transfer_related.sh index ddf7355..0b5ce6f 100755 --- a/bin/hardening/8.1.31_record_file_transfer_related.sh +++ b/bin/hardening/8.1.31_record_file_transfer_related.sh @@ -25,15 +25,21 @@ audit () { IFS=$c_IFS for AUDIT_VALUE in $AUDIT_PARAMS; do debug "$AUDIT_VALUE should be in file $FILE" - IFS=$d_IFS - RESULT=$(echo $AUDIT_VALUE | awk -F"-F" '{print $2}' | awk -F"=" '{print $2}') - does_valid_pattern_exist_in_file $FILE "$RESULT" - IFS=$c_IFS - if [ $FNRET != 0 ]; then - crit "$RESULT is not in file $FILE" - else - ok "$RESULT is present in $FILE" - fi + check_audit_path $AUDIT_VALUE + if [ $FNRET -eq 1 ];then + warn "path is not exsit! Please check file path is exist!" + continue + else + IFS=$d_IFS + RESULT=$(echo $AUDIT_VALUE | awk -F"-F" '{print $2}' | awk -F"=" '{print $2}') + does_valid_pattern_exist_in_file $FILE "$RESULT" + IFS=$c_IFS + if [ $FNRET != 0 ]; then + crit "$RESULT is not in file $FILE" + else + ok "$RESULT is present in $FILE" + fi + fi done IFS=$d_IFS } @@ -43,14 +49,20 @@ apply () { IFS=$'\n' for AUDIT_VALUE in $AUDIT_PARAMS; do debug "$AUDIT_VALUE should be in file $FILE" - RESULT=$(echo $AUDIT_VALUE | awk -F"-F" '{print $2}' | awk -F"=" '{print $2}') - does_valid_pattern_exist_in_file $FILE "$RESULT" - if [ $FNRET != 0 ]; then - warn "$AUDIT_VALUE is not in file $FILE, adding it" - add_end_of_file $FILE $AUDIT_VALUE - check_auditd_is_immutable_mode - else - ok "$AUDIT_VALUE is present in $FILE" + check_audit_path $AUDIT_VALUE + if [ $FNRET -eq 1 ];then + warn "path is not exsit! Please check file path is exist!" + continue + else + RESULT=$(echo $AUDIT_VALUE | awk -F"-F" '{print $2}' | awk -F"=" '{print $2}') + does_valid_pattern_exist_in_file $FILE "$RESULT" + if [ $FNRET != 0 ]; then + warn "$AUDIT_VALUE is not in file $FILE, adding it" + add_end_of_file $FILE $AUDIT_VALUE + check_auditd_is_immutable_mode + else + ok "$AUDIT_VALUE is present in $FILE" + fi fi done } diff --git a/bin/hardening/8.1.32_record_ufw_of_debian_like.sh b/bin/hardening/8.1.32_record_ufw_of_debian_like.sh index 2317fb2..4fa87cf 100755 --- a/bin/hardening/8.1.32_record_ufw_of_debian_like.sh +++ b/bin/hardening/8.1.32_record_ufw_of_debian_like.sh @@ -33,14 +33,20 @@ audit () { IFS=$c_IFS for AUDIT_VALUE in $AUDIT_PARAMS; do debug "$AUDIT_VALUE should be in file $FILE" - IFS=$d_IFS - RESULT=$(echo $AUDIT_VALUE | awk -F"-F" '{print $2}' | awk -F"=" '{print $2}') - does_valid_pattern_exist_in_file $FILE "$RESULT" - IFS=$c_IFS - if [ $FNRET != 0 ]; then - crit "$RESULT is not in file $FILE" - else - ok "$RESULT is present in $FILE" + check_audit_path $AUDIT_VALUE + if [ $FNRET -eq 1 ];then + warn "path is not exsit! Please check file path is exist!" + continue + else + IFS=$d_IFS + RESULT=$(echo $AUDIT_VALUE | awk -F"-F" '{print $2}' | awk -F"=" '{print $2}') + does_valid_pattern_exist_in_file $FILE "$RESULT" + IFS=$c_IFS + if [ $FNRET != 0 ]; then + crit "$RESULT is not in file $FILE" + else + ok "$RESULT is present in $FILE" + fi fi done IFS=$d_IFS @@ -55,14 +61,20 @@ apply () { IFS=$'\n' for AUDIT_VALUE in $AUDIT_PARAMS; do debug "$AUDIT_VALUE should be in file $FILE" - RESULT=$(echo $AUDIT_VALUE | awk -F"-F" '{print $2}' | awk -F"=" '{print $2}') - does_valid_pattern_exist_in_file $FILE "$RESULT" - if [ $FNRET != 0 ]; then - warn "$AUDIT_VALUE is not in file $FILE, adding it" - add_end_of_file $FILE $AUDIT_VALUE - check_auditd_is_immutable_mode - else - ok "$AUDIT_VALUE is present in $FILE" + check_audit_path $AUDIT_VALUE + if [ $FNRET -eq 1 ];then + warn "path is not exsit! Please check file path is exist!" + continue + else + RESULT=$(echo $AUDIT_VALUE | awk -F"-F" '{print $2}' | awk -F"=" '{print $2}') + does_valid_pattern_exist_in_file $FILE "$RESULT" + if [ $FNRET != 0 ]; then + warn "$AUDIT_VALUE is not in file $FILE, adding it" + add_end_of_file $FILE $AUDIT_VALUE + check_auditd_is_immutable_mode + else + ok "$AUDIT_VALUE is present in $FILE" + fi fi done fi diff --git a/bin/hardening/8.1.33_record_iptables_restore_exec.sh b/bin/hardening/8.1.33_record_iptables_restore_exec.sh index 1c8193b..f48dd2f 100755 --- a/bin/hardening/8.1.33_record_iptables_restore_exec.sh +++ b/bin/hardening/8.1.33_record_iptables_restore_exec.sh @@ -27,14 +27,20 @@ audit () { IFS=$c_IFS for AUDIT_VALUE in $AUDIT_PARAMS; do debug "$AUDIT_VALUE should be in file $FILE" - IFS=$d_IFS - RESULT=$(echo $AUDIT_VALUE | awk -F"-F" '{print $2}' | awk -F"=" '{print $2}') - does_valid_pattern_exist_in_file $FILE "$RESULT" - IFS=$c_IFS - if [ $FNRET != 0 ]; then - crit "$RESULT is not in file $FILE" - else - ok "$RESULT is present in $FILE" + check_audit_path $AUDIT_VALUE + if [ $FNRET -eq 1 ];then + warn "path is not exsit! Please check file path is exist!" + continue + else + IFS=$d_IFS + RESULT=$(echo $AUDIT_VALUE | awk -F"-F" '{print $2}' | awk -F"=" '{print $2}') + does_valid_pattern_exist_in_file $FILE "$RESULT" + IFS=$c_IFS + if [ $FNRET != 0 ]; then + crit "$RESULT is not in file $FILE" + else + ok "$RESULT is present in $FILE" + fi fi done IFS=$d_IFS @@ -45,14 +51,20 @@ apply () { IFS=$'\n' for AUDIT_VALUE in $AUDIT_PARAMS; do debug "$AUDIT_VALUE should be in file $FILE" - RESULT=$(echo $AUDIT_VALUE | awk -F"-F" '{print $2}' | awk -F"=" '{print $2}') - does_valid_pattern_exist_in_file $FILE "$RESULT" - if [ $FNRET != 0 ]; then - warn "$AUDIT_VALUE is not in file $FILE, adding it" - add_end_of_file $FILE $AUDIT_VALUE - check_auditd_is_immutable_mode - else - ok "$AUDIT_VALUE is present in $FILE" + check_audit_path $AUDIT_VALUE + if [ $FNRET -eq 1 ];then + warn "path is not exsit! Please check file path is exist!" + continue + else + RESULT=$(echo $AUDIT_VALUE | awk -F"-F" '{print $2}' | awk -F"=" '{print $2}') + does_valid_pattern_exist_in_file $FILE "$RESULT" + if [ $FNRET != 0 ]; then + warn "$AUDIT_VALUE is not in file $FILE, adding it" + add_end_of_file $FILE $AUDIT_VALUE + check_auditd_is_immutable_mode + else + ok "$AUDIT_VALUE is present in $FILE" + fi fi done } diff --git a/bin/hardening/8.1.4_record_date_time_edit.sh b/bin/hardening/8.1.4_record_date_time_edit.sh index c15f805..6e5f1e0 100755 --- a/bin/hardening/8.1.4_record_date_time_edit.sh +++ b/bin/hardening/8.1.4_record_date_time_edit.sh @@ -39,11 +39,17 @@ audit () { fi for AUDIT_VALUE in $AUDIT_PARAMS; do debug "$AUDIT_VALUE should be in file $FILE" - does_pattern_exist_in_file $FILE ""$AUDIT_VALUE"" - if [ $FNRET != 0 ]; then - crit "$AUDIT_VALUE is not in file $FILE" - else - ok "$AUDIT_VALUE is present in $FILE" + check_audit_path $AUDIT_VALUE + if [ $FNRET -eq 1 ];then + warn "path is not exsit! Please check file path is exist!" + continue + else + does_pattern_exist_in_file $FILE ""$AUDIT_VALUE"" + if [ $FNRET != 0 ]; then + crit "$AUDIT_VALUE is not in file $FILE" + else + ok "$AUDIT_VALUE is present in $FILE" + fi fi done IFS=$d_IFS @@ -55,14 +61,20 @@ apply () { IFS=$'\n' for AUDIT_VALUE in $AUDIT_PARAMS; do debug "$AUDIT_VALUE should be in file $FILE" - does_pattern_exist_in_file $FILE ""$AUDIT_VALUE"" - if [ $FNRET != 0 ]; then - warn "$AUDIT_VALUE is not in file $FILE, adding it" - add_end_of_file $FILE $AUDIT_VALUE - check_auditd_is_immutable_mode - else - ok "$AUDIT_VALUE is present in $FILE" - fi + check_audit_path $AUDIT_VALUE + if [ $FNRET -eq 1 ];then + warn "path is not exsit! Please check file path is exist!" + continue + else + does_pattern_exist_in_file $FILE ""$AUDIT_VALUE"" + if [ $FNRET != 0 ]; then + warn "$AUDIT_VALUE is not in file $FILE, adding it" + add_end_of_file $FILE $AUDIT_VALUE + check_auditd_is_immutable_mode + else + ok "$AUDIT_VALUE is present in $FILE" + fi + fi done IFS=$d_IFS } diff --git a/bin/hardening/8.1.5_record_user_group_edit.sh b/bin/hardening/8.1.5_record_user_group_edit.sh index 6d848c1..362dfb6 100755 --- a/bin/hardening/8.1.5_record_user_group_edit.sh +++ b/bin/hardening/8.1.5_record_user_group_edit.sh @@ -27,12 +27,18 @@ audit () { IFS=$'\n' for AUDIT_VALUE in $AUDIT_PARAMS; do debug "$AUDIT_VALUE should be in file $FILE" - does_pattern_exist_in_file $FILE "$AUDIT_VALUE" - if [ $FNRET != 0 ]; then - crit "$AUDIT_VALUE is not in file $FILE" - else - ok "$AUDIT_VALUE is present in $FILE" - fi + check_audit_path $AUDIT_VALUE + if [ $FNRET -eq 1 ];then + warn "path is not exsit! Please check file path is exist!" + continue + else + does_pattern_exist_in_file $FILE "$AUDIT_VALUE" + if [ $FNRET != 0 ]; then + crit "$AUDIT_VALUE is not in file $FILE" + else + ok "$AUDIT_VALUE is present in $FILE" + fi + fi done IFS=$d_IFS } @@ -43,13 +49,19 @@ apply () { IFS=$'\n' for AUDIT_VALUE in $AUDIT_PARAMS; do debug "$AUDIT_VALUE should be in file $FILE" - does_pattern_exist_in_file $FILE "$AUDIT_VALUE" - if [ $FNRET != 0 ]; then - warn "$AUDIT_VALUE is not in file $FILE, adding it" - add_end_of_file $FILE $AUDIT_VALUE - check_auditd_is_immutable_mode - else - ok "$AUDIT_VALUE is present in $FILE" + check_audit_path $AUDIT_VALUE + if [ $FNRET -eq 1 ];then + warn "path is not exsit! Please check file path is exist!" + continue + else + does_pattern_exist_in_file $FILE "$AUDIT_VALUE" + if [ $FNRET != 0 ]; then + warn "$AUDIT_VALUE is not in file $FILE, adding it" + add_end_of_file $FILE $AUDIT_VALUE + check_auditd_is_immutable_mode + else + ok "$AUDIT_VALUE is present in $FILE" + fi fi done IFS=$d_IFS diff --git a/bin/hardening/8.1.6_record_network_edit.sh b/bin/hardening/8.1.6_record_network_edit.sh index 38c9af5..9138c43 100755 --- a/bin/hardening/8.1.6_record_network_edit.sh +++ b/bin/hardening/8.1.6_record_network_edit.sh @@ -40,12 +40,18 @@ audit () { fi for AUDIT_VALUE in $AUDIT_PARAMS; do debug "$AUDIT_VALUE should be in file $FILE" - does_pattern_exist_in_file $FILE "$AUDIT_VALUE" - if [ $FNRET != 0 ]; then - crit "$AUDIT_VALUE is not in file $FILE" - else - ok "$AUDIT_VALUE is present in $FILE" - fi + check_audit_path $AUDIT_VALUE + if [ $FNRET -eq 1 ];then + warn "path is not exsit! Please check file path is exist!" + continue + else + does_pattern_exist_in_file $FILE "$AUDIT_VALUE" + if [ $FNRET != 0 ]; then + crit "$AUDIT_VALUE is not in file $FILE" + else + ok "$AUDIT_VALUE is present in $FILE" + fi + fi done IFS=$d_IFS } @@ -56,13 +62,19 @@ apply () { IFS=$'\n' for AUDIT_VALUE in $AUDIT_PARAMS; do debug "$AUDIT_VALUE should be in file $FILE" - does_pattern_exist_in_file $FILE "$AUDIT_VALUE" - if [ $FNRET != 0 ]; then - warn "$AUDIT_VALUE is not in file $FILE, adding it" - add_end_of_file $FILE $AUDIT_VALUE - check_auditd_is_immutable_mode - else - ok "$AUDIT_VALUE is present in $FILE" + check_audit_path $AUDIT_VALUE + if [ $FNRET -eq 1 ];then + warn "path is not exsit! Please check file path is exist!" + continue + else + does_pattern_exist_in_file $FILE "$AUDIT_VALUE" + if [ $FNRET != 0 ]; then + warn "$AUDIT_VALUE is not in file $FILE, adding it" + add_end_of_file $FILE $AUDIT_VALUE + check_auditd_is_immutable_mode + else + ok "$AUDIT_VALUE is present in $FILE" + fi fi done IFS=$d_IFS diff --git a/bin/hardening/8.1.7_record_mac_edit.sh b/bin/hardening/8.1.7_record_mac_edit.sh index 086ba34..7139b80 100755 --- a/bin/hardening/8.1.7_record_mac_edit.sh +++ b/bin/hardening/8.1.7_record_mac_edit.sh @@ -46,11 +46,17 @@ audit () { fi for AUDIT_VALUE in $AUDIT_PARAMS; do debug "$AUDIT_VALUE should be in file $FILE" - does_pattern_exist_in_file $FILE "$AUDIT_VALUE" - if [ $FNRET != 0 ]; then - crit "$AUDIT_VALUE is not in file $FILE" - else - ok "$AUDIT_VALUE is present in $FILE" + check_audit_path $AUDIT_VALUE + if [ $FNRET -eq 1 ];then + warn "path is not exsit! Please check file path is exist!" + continue + else + does_pattern_exist_in_file $FILE "$AUDIT_VALUE" + if [ $FNRET != 0 ]; then + crit "$AUDIT_VALUE is not in file $FILE" + else + ok "$AUDIT_VALUE is present in $FILE" + fi fi done IFS=$d_IFS @@ -78,13 +84,19 @@ apply () { fi for AUDIT_VALUE in $AUDIT_PARAMS; do debug "$AUDIT_VALUE should be in file $FILE" - does_pattern_exist_in_file $FILE "$AUDIT_VALUE" - if [ $FNRET != 0 ]; then - warn "$AUDIT_VALUE is not in file $FILE, adding it" - add_end_of_file $FILE $AUDIT_VALUE - check_auditd_is_immutable_mode - else - ok "$AUDIT_VALUE is present in $FILE" + check_audit_path $AUDIT_VALUE + if [ $FNRET -eq 1 ];then + warn "path is not exsit! Please check file path is exist!" + continue + else + does_pattern_exist_in_file $FILE "$AUDIT_VALUE" + if [ $FNRET != 0 ]; then + warn "$AUDIT_VALUE is not in file $FILE, adding it" + add_end_of_file $FILE $AUDIT_VALUE + check_auditd_is_immutable_mode + else + ok "$AUDIT_VALUE is present in $FILE" + fi fi done IFS=$d_IFS diff --git a/bin/hardening/8.1.8_record_login_logout.sh b/bin/hardening/8.1.8_record_login_logout.sh index dbbb410..f650021 100755 --- a/bin/hardening/8.1.8_record_login_logout.sh +++ b/bin/hardening/8.1.8_record_login_logout.sh @@ -32,11 +32,17 @@ audit () { IFS=$'\n' for AUDIT_VALUE in $AUDIT_PARAMS; do debug "$AUDIT_VALUE should be in file $FILE" - does_pattern_exist_in_file $FILE "$AUDIT_VALUE" - if [ $FNRET != 0 ]; then - crit "$AUDIT_VALUE is not in file $FILE" - else - ok "$AUDIT_VALUE is present in $FILE" + check_audit_path $AUDIT_VALUE + if [ $FNRET -eq 1 ];then + warn "path is not exsit! Please check file path is exist!" + continue + else + does_pattern_exist_in_file $FILE "$AUDIT_VALUE" + if [ $FNRET != 0 ]; then + crit "$AUDIT_VALUE is not in file $FILE" + else + ok "$AUDIT_VALUE is present in $FILE" + fi fi done IFS=$d_IFS @@ -51,13 +57,19 @@ apply () { IFS=$'\n' for AUDIT_VALUE in $AUDIT_PARAMS; do debug "$AUDIT_VALUE should be in file $FILE" - does_pattern_exist_in_file $FILE "$AUDIT_VALUE" - if [ $FNRET != 0 ]; then - warn "$AUDIT_VALUE is not in file $FILE, adding it" - add_end_of_file $FILE $AUDIT_VALUE - check_auditd_is_immutable_mode - else - ok "$AUDIT_VALUE is present in $FILE" + check_audit_path $AUDIT_VALUE + if [ $FNRET -eq 1 ];then + warn "path is not exsit! Please check file path is exist!" + continue + else + does_pattern_exist_in_file $FILE "$AUDIT_VALUE" + if [ $FNRET != 0 ]; then + warn "$AUDIT_VALUE is not in file $FILE, adding it" + add_end_of_file $FILE $AUDIT_VALUE + check_auditd_is_immutable_mode + else + ok "$AUDIT_VALUE is present in $FILE" + fi fi done IFS=$d_IFS diff --git a/bin/hardening/8.1.9_record_session_init.sh b/bin/hardening/8.1.9_record_session_init.sh index ac91ac2..32474f1 100755 --- a/bin/hardening/8.1.9_record_session_init.sh +++ b/bin/hardening/8.1.9_record_session_init.sh @@ -31,11 +31,17 @@ audit () { IFS=$'\n' for AUDIT_VALUE in $AUDIT_PARAMS; do debug "$AUDIT_VALUE should be in file $FILE" - does_pattern_exist_in_file $FILE "$AUDIT_VALUE" - if [ $FNRET != 0 ]; then - crit "$AUDIT_VALUE is not in file $FILE" - else - ok "$AUDIT_VALUE is present in $FILE" + check_audit_path $AUDIT_VALUE + if [ $FNRET -eq 1 ];then + warn "path is not exsit! Please check file path is exist!" + continue + else + does_pattern_exist_in_file $FILE "$AUDIT_VALUE" + if [ $FNRET != 0 ]; then + crit "$AUDIT_VALUE is not in file $FILE" + else + ok "$AUDIT_VALUE is present in $FILE" + fi fi done IFS=$d_IFS @@ -50,13 +56,19 @@ apply () { IFS=$'\n' for AUDIT_VALUE in $AUDIT_PARAMS; do debug "$AUDIT_VALUE should be in file $FILE" - does_pattern_exist_in_file $FILE "$AUDIT_VALUE" - if [ $FNRET != 0 ]; then - warn "$AUDIT_VALUE is not in file $FILE, adding it" - add_end_of_file $FILE $AUDIT_VALUE - check_auditd_is_immutable_mode - else - ok "$AUDIT_VALUE is present in $FILE" + check_audit_path $AUDIT_VALUE + if [ $FNRET -eq 1 ];then + warn "path is not exsit! Please check file path is exist!" + continue + else + does_pattern_exist_in_file $FILE "$AUDIT_VALUE" + if [ $FNRET != 0 ]; then + warn "$AUDIT_VALUE is not in file $FILE, adding it" + add_end_of_file $FILE $AUDIT_VALUE + check_auditd_is_immutable_mode + else + ok "$AUDIT_VALUE is present in $FILE" + fi fi done IFS=$d_IFS