From 079c5acc7829dbc22f4faebd33bb084c927cee10 Mon Sep 17 00:00:00 2001
From: Bob Mottram <bob@freedombone.net>
Date: Mon, 7 Aug 2017 10:48:38 +0100
Subject: [PATCH] Show non-root files in stig result

---
 tests/check-cmd-owner.sh | 6 ------
 tests/output.sh          | 8 +++++++-
 2 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/tests/check-cmd-owner.sh b/tests/check-cmd-owner.sh
index 0f86c681..d862c591 100644
--- a/tests/check-cmd-owner.sh
+++ b/tests/check-cmd-owner.sh
@@ -7,7 +7,6 @@ if [ -d "/bin" ];then
     if [ $COUNT -eq 0 ];then
         :
     else
-        find -L /bin  \! -user root  -exec ls -l {} \;
         exit 1
     fi
 fi
@@ -18,7 +17,6 @@ if [ -d "/usr/bin" ];then
     if [ $COUNT -eq 0 ];then
         :
     else
-        find -L /usr/bin  \! -user root  -exec ls -l {} \;
         exit 1
     fi
 fi
@@ -29,7 +27,6 @@ if [ -d "/usr/local/bin" ];then
     if [ $COUNT -eq 0 ];then
         :
     else
-        find -L /usr/local/bin  \! -user root  -exec ls -l {} \;
         exit 1
     fi
 fi
@@ -40,7 +37,6 @@ if [ -d "/sbin" ];then
     if [ $COUNT -eq 0 ];then
         :
     else
-        find -L /sbin  \! -user root  -exec ls -l {} \;
         exit 1
     fi
 fi
@@ -51,7 +47,6 @@ if [ -d "/usr/sbin" ];then
     if [ $COUNT -eq 0 ];then
         :
     else
-        find -L /usr/sbin  \! -user root  -exec ls -l {} \;
         exit 1
     fi
 fi
@@ -62,7 +57,6 @@ if [ -d "/usr/local/sbin" ];then
     if [ $COUNT -eq 0 ];then
         :
     else
-        find -L /usr/local/sbin  \! -user root  -exec ls -l {} \;
         exit 1
     fi
 fi
diff --git a/tests/output.sh b/tests/output.sh
index 78debf9b..2174039b 100644
--- a/tests/output.sh
+++ b/tests/output.sh
@@ -495,7 +495,13 @@ time, are stored in the following directories by default:\n\n/lib\n/lib64\n/usr/
                   printf '\n######################\n\nSTIG-ID:RHEL-06-000047\n\nVulnerability Discussion: System binaries are executed by privileged users, as well as system services, and restrictive permissions are necessary to ensure execution of these programs cannot be co-opted.\n\nFix text: System executables are stored in the following directories by default:\n\n/bin\n/usr/bin\n/usr/local/bin\n/sbin\n/usr/sbin\n/usr/local/sbin\n\nIf any file in these directories is found to be group-writable or world-writable, correct its permission with the following command:\n\n#chmod go-w [FILE]\n\n######################\n\n' >> $LOG
               fi
               ;;
-    V-38472)  if [ "$3" = "en" ]; then
+    V-38472)  find -L /bin  \! -user root  -exec ls -l {} \;
+              find -L /usr/bin  \! -user root  -exec ls -l {} \;
+              find -L /usr/local/bin  \! -user root  -exec ls -l {} \;
+              find -L /sbin  \! -user root  -exec ls -l {} \;
+              find -L /usr/sbin  \! -user root  -exec ls -l {} \;
+              find -L /usr/local/sbin  \! -user root  -exec ls -l {} \;
+              if [ "$3" = "en" ]; then
                   log_msg $2 'All system command files must be owned by root.'
               else
                   log_msg $2 '所有系统命令文件的属主必须为root用户。'