diff --git a/src/freedombone-tests b/src/freedombone-tests index 045797a3..5272fbf2 100755 --- a/src/freedombone-tests +++ b/src/freedombone-tests @@ -1037,6 +1037,15 @@ function test_stig { output "V-38695" $? ${SETLANG} ################ + ##RHEL-06-000018 + #For tripwire to be effective, an initial database of "known-good" information about files must be captured and it should be able to be verified against the installed files. + + bash $STIG_TESTS_DIR/check-tripwire-baseline.sh > /dev/null 2>&1 & + + stig_spinner $! + output "V-51391" $? ${SETLANG} + ################ + ##RHEL-06-000308 ##Process core dumps must be disabled unless needed. diff --git a/tests/check-aide-baseline.sh b/tests/check-aide-baseline.sh deleted file mode 100644 index 45c36af4..00000000 --- a/tests/check-aide-baseline.sh +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/bash -#Tested on Aide 0.16a2-19-g16ed855 - -CHECKDATABASE=$(grep "database=" /etc/aide/aide.conf 2>/dev/null ) -if [ $? -eq 0 ];then - : -else - echo "couldn""'""t found aide.conf" - exit 1 -fi - -DATABASE=$(echo $CHECKDATABASE | awk -F ':' '{printf $2}' 2>/dev/null) - -if [ $? -eq 0 ];then - : -else - echo "couldn""'""t found database location at aide.conf" - exit 1 -fi - -if [ -f "$DATABASE" ];then - echo "There is a baseline for aide." - exit 0 -else - echo "Can""'""t find aide baseline" - exit 1 -fi diff --git a/tests/check-tripwire-baseline.sh b/tests/check-tripwire-baseline.sh new file mode 100644 index 00000000..05f09ce0 --- /dev/null +++ b/tests/check-tripwire-baseline.sh @@ -0,0 +1,5 @@ +#!/bin/bash + +if ! ls /var/lib/tripwire/*.twd 1> /dev/null 2>&1; then + exit 1 +fi diff --git a/tests/output.sh b/tests/output.sh index 3f5ebe4d..78debf9b 100644 --- a/tests/output.sh +++ b/tests/output.sh @@ -259,7 +259,7 @@ an administrator.\n\n######################\n\n' >> $LOG log_msg $2 '必须创建文件完整性基线。' fi if [ $2 -ne 0 ];then - printf '\n######################\n\nSTIG-ID:RHEL-06-000018\n\nVulnerability Discussion: For AIDE to be effective, an initial database of "known-good" information about files must be captured and it should be able to be verified against the installed files.\n\nFix text: Run the following command to generate a new database:\n\n#aideinit\n\nBy default, the database will be written to the file "/var/lib/aide/aide.db.new.gz". Storing the database, the configuration file "/etc/aide.conf", and the binary "/usr/sbin/aide" (or hashes of these files), in a secure location (such as on read-only media) provides additional assurance about their integrity.\n\nThe newlygenerated database can be installed as follows:\n\n#cp /var/lib/aide/aide.db.new /var/lib/aide/aide.db\n\nTo initiate a manual check, run the following command:\n\n#/usr/sbin/aide --check\n\nIf this check produces any unexpected output, investigate.\n\n######################\n\n' >> $LOG + printf '\n######################\n\nSTIG-ID:RHEL-06-000018\n\nVulnerability Discussion: For tripwire to be effective, an initial database of "known-good" information about files must be captured and it should be able to be verified against the installed files.\n\nFix text: Run "reset tripwire" from the administrator control panel.\n\n######################\n\n' >> $LOG fi ;; V-38491) if [ "$3" = "en" ]; then