free
/
freedombone
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge branch 'stretch' of https://github.com/bashrc/freedombone

This commit is contained in:
Bob Mottram 2017-07-15 11:15:49 +01:00
parent 2f1ad05c6a 9741890691
commit 33fe2af78c
6 changed files with 21 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
src/freedombone-tests
View File

@ -1031,12 +1031,21 @@ function test_stig {
##RHEL-06-000302
##A file integrity tool must be used at least weekly to check for unauthorized file changes, particularly the addition of unauthorized system libraries or binaries, or for unauthorized modification to authorized system libraries or binaries.
bash $STIG_TESTS_DIR/check-aide-cron.sh > /dev/null 2>&1 &
bash $STIG_TESTS_DIR/check-tripwire-cron.sh > /dev/null 2>&1 &
stig_spinner $!
output "V-38695" $? ${SETLANG}
################
##RHEL-06-000018
#For tripwire to be effective, an initial database of "known-good" information about files must be captured and it should be able to be verified against the installed files.
bash $STIG_TESTS_DIR/check-tripwire-baseline.sh > /dev/null 2>&1 &
stig_spinner $!
output "V-51391" $? ${SETLANG}
################
##RHEL-06-000308
##Process core dumps must be disabled unless needed.

27
tests/check-aide-baseline.sh
View File

@ -1,27 +0,0 @@
#!/bin/bash
#Tested on Aide 0.16a2-19-g16ed855
CHECKDATABASE=$(grep "database=" /etc/aide/aide.conf 2>/dev/null )
if [ $? -eq 0 ];then
:
else
echo "couldn""'""t found aide.conf"
exit 1
fi
DATABASE=$(echo $CHECKDATABASE | awk -F ':' '{printf $2}' 2>/dev/null)
if [ $? -eq 0 ];then
:
else
echo "couldn""'""t found database location at aide.conf"
exit 1
fi
if [ -f "$DATABASE" ];then
echo "There is a baseline for aide."
exit 0
else
echo "Can""'""t find aide baseline"
exit 1
fi

5
tests/check-aide-cron.sh
View File

@ -1,5 +0,0 @@
#1/bin/bash
if [ $(grep aide /etc/crontab /etc/cron.*/* | wc -l) -ne 0 ];then
exit 1
fi

5
tests/check-tripwire-baseline.sh Normal file
View File

@ -0,0 +1,5 @@
#!/bin/bash
if ! ls /var/lib/tripwire/*.twd 1> /dev/null 2>&1; then
exit 1
fi

5
tests/check-tripwire-cron.sh Normal file
View File

@ -0,0 +1,5 @@
#1/bin/bash
if [ ! -f /etc/cron.daily/tripwire ];then
exit 1
fi

2
tests/output.sh
View File

@ -259,7 +259,7 @@ an administrator.\n\n######################\n\n' >> $LOG
log_msg $2 '必须创建文件完整性基线。'
fi
if [ $2 -ne 0 ];then
printf '\n######################\n\nSTIG-ID:RHEL-06-000018\n\nVulnerability Discussion: For AIDE to be effective, an initial database of "known-good" information about files must be captured and it should be able to be verified against the installed files.\n\nFix text: Run the following command to generate a new database:\n\n#aideinit\n\nBy default, the database will be written to the file "/var/lib/aide/aide.db.new.gz". Storing the database, the configuration file "/etc/aide.conf", and the binary "/usr/sbin/aide" (or hashes of these files), in a secure location (such as on read-only media) provides additional assurance about their integrity.\n\nThe newlygenerated database can be installed as follows:\n\n#cp /var/lib/aide/aide.db.new /var/lib/aide/aide.db\n\nTo initiate a manual check, run the following command:\n\n#/usr/sbin/aide --check\n\nIf this check produces any unexpected output, investigate.\n\n######################\n\n' >> $LOG
printf '\n######################\n\nSTIG-ID:RHEL-06-000018\n\nVulnerability Discussion: For tripwire to be effective, an initial database of "known-good" information about files must be captured and it should be able to be verified against the installed files.\n\nFix text: Run "reset tripwire" from the administrator control panel.\n\n######################\n\n' >> $LOG
fi
;;
V-38491) if [ "$3" = "en" ]; then