From 054c452d7117385b94960145a69619e09ebe77ce Mon Sep 17 00:00:00 2001
From: Bob Mottram <bob@freedombone.net>
Date: Sat, 15 Jul 2017 10:30:02 +0100
Subject: [PATCH] Not using aide

Check for tripwire cron entry instead
---
 src/freedombone-tests        | 2 +-
 tests/check-aide-cron.sh     | 5 -----
 tests/check-tripwire-cron.sh | 5 +++++
 3 files changed, 6 insertions(+), 6 deletions(-)
 delete mode 100644 tests/check-aide-cron.sh
 create mode 100644 tests/check-tripwire-cron.sh

diff --git a/src/freedombone-tests b/src/freedombone-tests
index 3ff7785a..045797a3 100755
--- a/src/freedombone-tests
+++ b/src/freedombone-tests
@@ -1031,7 +1031,7 @@ function test_stig {
     ##RHEL-06-000302
     ##A file integrity tool must be used at least weekly to check for unauthorized file changes, particularly the addition of unauthorized system libraries or binaries, or for unauthorized modification to authorized system libraries or binaries.
 
-    bash $STIG_TESTS_DIR/check-aide-cron.sh > /dev/null 2>&1 &
+    bash $STIG_TESTS_DIR/check-tripwire-cron.sh > /dev/null 2>&1 &
 
     stig_spinner $!
     output "V-38695" $? ${SETLANG}
diff --git a/tests/check-aide-cron.sh b/tests/check-aide-cron.sh
deleted file mode 100644
index 73b76148..00000000
--- a/tests/check-aide-cron.sh
+++ /dev/null
@@ -1,5 +0,0 @@
-#1/bin/bash
-
-if [ $(grep aide /etc/crontab /etc/cron.*/* | wc -l) -ne 0 ];then
-        exit 1
-fi
diff --git a/tests/check-tripwire-cron.sh b/tests/check-tripwire-cron.sh
new file mode 100644
index 00000000..eb17e22c
--- /dev/null
+++ b/tests/check-tripwire-cron.sh
@@ -0,0 +1,5 @@
+#1/bin/bash
+
+if [ ! -f /etc/cron.daily/tripwire ];then
+        exit 1
+fi