diff --git a/bin/hardening/10.1.11_ensure_no_shosts_cfg_on_system.sh b/bin/hardening/10.1.11_ensure_no_shosts_cfg_on_system.sh index c81d2ec..7050a0c 100755 --- a/bin/hardening/10.1.11_ensure_no_shosts_cfg_on_system.sh +++ b/bin/hardening/10.1.11_ensure_no_shosts_cfg_on_system.sh @@ -19,8 +19,8 @@ FILENAME1='shosts.equiv' # This function will be called if the script status is on enabled / audit mode audit () { - COUNT=$(find / -name "${FILENAME}" | wc -l) - COUNT1=$(find / -name "${FILENAME1}" | wc -l) + COUNT=$(find / -xdev -name "${FILENAME}" | wc -l) + COUNT1=$(find / -xdev -name "${FILENAME1}" | wc -l) if [ "$COUNT" -ne 0 -o "$COUNT1" -ne 0 ]; then crit "$FILENAME or $FILENAME1 file is exist on system." FNRET=1 diff --git a/bin/hardening/12.10_find_suid_files.sh b/bin/hardening/12.10_find_suid_files.sh index c28bd78..9acc183 100755 --- a/bin/hardening/12.10_find_suid_files.sh +++ b/bin/hardening/12.10_find_suid_files.sh @@ -7,9 +7,10 @@ # # 12.10 Find SUID System Executables (Not Scored) # +# set -e # One error, it's over, for some user to audit desktop evn -set -e # One error, it's over -set -u # One variable unset, it's over +# One variable unset, it's over +set -u HARDENING_LEVEL=2 diff --git a/bin/hardening/12.11_find_sgid_files.sh b/bin/hardening/12.11_find_sgid_files.sh index 99a0346..132e3db 100755 --- a/bin/hardening/12.11_find_sgid_files.sh +++ b/bin/hardening/12.11_find_sgid_files.sh @@ -8,8 +8,10 @@ # 12.11 Find SGID System Executables (Not Scored) # -set -e # One error, it's over -set -u # One variable unset, it's over +#set -e # One error, it's over, for some user to audit desktop evn + +# One variable unset, it's over +set -u HARDENING_LEVEL=2 diff --git a/bin/hardening/8.1.19_record_sshkeysign_usage.sh b/bin/hardening/8.1.19_record_sshkeysign_usage.sh index 598cec8..f89d331 100755 --- a/bin/hardening/8.1.19_record_sshkeysign_usage.sh +++ b/bin/hardening/8.1.19_record_sshkeysign_usage.sh @@ -14,7 +14,7 @@ set -u # One variable unset, it's over HARDENING_LEVEL=4 -AUDIT_PARAMS="-a always,exit -F path=$(find / -name "ssh-keysign") -F perm=x -F auid>=1000 -F auid!=4294967295 -k privileged-ssh +AUDIT_PARAMS="-a always,exit -F path=$(find /usr/ -name "ssh-keysign") -F perm=x -F auid>=1000 -F auid!=4294967295 -k privileged-ssh -a always,exit -F path=$(which ssh-agent 2>/dev/null) -F perm=x -F auid>=1000 -F auid!=4294967295 -k privileged-ssh" set -e # One error, it's over diff --git a/bin/hardening/8.1.27_record_Events_that_modify_conf_files.sh b/bin/hardening/8.1.27_record_Events_that_modify_conf_files.sh index de23ec9..71c594d 100755 --- a/bin/hardening/8.1.27_record_Events_that_modify_conf_files.sh +++ b/bin/hardening/8.1.27_record_Events_that_modify_conf_files.sh @@ -13,13 +13,13 @@ set -u # One variable unset, it's over HARDENING_LEVEL=4 -AUDIT_PARAMS='-a always,exit -F path=$(find / -name audisp-remote.conf) -F perm=wa -k config_file_change --a always,exit -F path=$(find / -name auditd.conf) -F perm=wa -k config_file_change +AUDIT_PARAMS='-a always,exit -F path=$(find /etc/ -name audisp-remote.conf) -F perm=wa -k config_file_change +-a always,exit -F path=$(find /etc/ -name auditd.conf) -F perm=wa -k config_file_change -a always,exit -F dir=$(find /etc/audit/ -name rules.d) -F perm=wa -k config_file_change --a always,exit -F path=$(find / -name grub) -F perm=wa -k config_file_change --a always,exit -F path=$(find / -name fstab) -F perm=wa -k config_file_change --a always,exit -F path=$(find / -name hosts.deny) -F perm=wa -k config_file_change --a always,exit -F path=$(find / -name login.defs) -F perm=wa -k config_file_change +-a always,exit -F path=$(find /etc/ -name grub) -F perm=wa -k config_file_change +-a always,exit -F path=$(find /etc/ -name fstab) -F perm=wa -k config_file_change +-a always,exit -F path=$(find /etc/ -name hosts.deny) -F perm=wa -k config_file_change +-a always,exit -F path=$(find /etc/ -name login.defs) -F perm=wa -k config_file_change -a always,exit -F dir=/etc/pam.d/ -F perm=wa -k config_file_change -a always,exit -F path=/etc/profile -F perm=wa -k config_file_change -a always,exit -F dir=/etc/profile.d/ -F perm=wa -k config_file_change