Added basic Configuration files and skeleton scripts
This commit is contained in:
parent
754cf6fd1d
commit
9a5e962cd4
21
bin/hardening/1.1_Install_Updates.sh
Normal file
21
bin/hardening/1.1_Install_Updates.sh
Normal file
@ -0,0 +1,21 @@
|
||||
#!/bin/bash
|
||||
|
||||
#
|
||||
# CIS Debian 7 Hardening
|
||||
#
|
||||
|
||||
#
|
||||
# 1.1 Install Updates, Patches and Additional Security Software (Not Scored)
|
||||
#
|
||||
|
||||
# This function will be called if the script status is ont enabled / audit mode
|
||||
audit () {
|
||||
|
||||
}
|
||||
|
||||
# This function will be called if the script status is on enabled mode
|
||||
apply () {
|
||||
|
||||
}
|
||||
|
||||
|
2
etc/conf.d/README
Normal file
2
etc/conf.d/README
Normal file
@ -0,0 +1,2 @@
|
||||
# Put Here your Custom configuration files
|
||||
# Name convention : $SCRIPT_NAME.cfg
|
2
etc/hardening.cfg
Normal file
2
etc/hardening.cfg
Normal file
@ -0,0 +1,2 @@
|
||||
# CIS Debian 7 Hardening
|
||||
# Main Configuration File
|
7
lib/common.sh
Normal file
7
lib/common.sh
Normal file
@ -0,0 +1,7 @@
|
||||
# CIS Debian 7 Hardening common functions
|
||||
|
||||
logger() {
|
||||
test -z "$SCRIPT_NAME" && SCRIPT_NAME=$(basename $0)
|
||||
logger -i -t "$SCRIPT_NAME" -p "user.info" "$(date +%Y.%m.%d-%H:%M:%S) $*"
|
||||
test -t 1 && echo "$(date +%Z-%Y.%m.%d-%H:%M:%S) $*"
|
||||
}
|
33
lib/constants.sh
Normal file
33
lib/constants.sh
Normal file
@ -0,0 +1,33 @@
|
||||
# Defines constants for CIS Debian 7 Hardening
|
||||
|
||||
#
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
#### Useful Colot constants settings for loglevels
|
||||
|
||||
# Reset Color (for syslog)
|
||||
NC='\033[0m'
|
||||
|
||||
# Colors
|
||||
RED='\033[1;31m'
|
||||
GREEN='\033[1;32m'
|
||||
YELLOW='\033[1;33m'
|
||||
|
||||
# Bold
|
||||
BRED='\033[1;31m' # Red
|
||||
BGREEN='\033[1;32m' # Green
|
||||
BYELLOW='\033[1;33m' # Yellow
|
18
lib/utils.sh
Normal file
18
lib/utils.sh
Normal file
@ -0,0 +1,18 @@
|
||||
# CIS Debian 7 Hardening Utility functions
|
||||
|
||||
|
||||
|
||||
#
|
||||
# Return if a package is installed
|
||||
# @param $1 package name
|
||||
#
|
||||
is_installed()
|
||||
{
|
||||
PKG_NAME=$1
|
||||
if `dpkg -s $PKG_NAME 2> /dev/null | grep -q '^Status: install '` ; then
|
||||
return 0
|
||||
fi
|
||||
return 1
|
||||
}
|
||||
|
||||
|
44
src/skel.sh
Normal file
44
src/skel.sh
Normal file
@ -0,0 +1,44 @@
|
||||
#!/bin/bash
|
||||
|
||||
#
|
||||
# CIS Debian 7 Hardening
|
||||
#
|
||||
|
||||
|
||||
#
|
||||
# Hardening script skeleton replace this line with proper point treated
|
||||
#
|
||||
|
||||
# This function will be called if the script status is ont enabled / audit mode
|
||||
audit () {
|
||||
|
||||
}
|
||||
|
||||
# This function will be called if the script status is on enabled mode
|
||||
apply () {
|
||||
|
||||
}
|
||||
|
||||
# Environment Sanitizing
|
||||
export PATH='/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin'
|
||||
|
||||
# Source Root Dir Parameter
|
||||
|
||||
if [ ! -r /etc/default/cis-hardenning ]; then
|
||||
echo "There is no /etc/default/cis-hardenning file, cannot source CIS_ROOT_DIR variable, aborting"
|
||||
exit 128
|
||||
else
|
||||
. /etc/default/cis-hardenning
|
||||
if [ -z $CIS_ROOT_DIR ]; then
|
||||
echo "No CIS_ROOT_DIR variable, aborting"
|
||||
fi
|
||||
fi
|
||||
|
||||
SCRIPT_NAME=$(basename $0)
|
||||
|
||||
# Source general configuration file and Specific configuration file if exist
|
||||
|
||||
[ -r $ROOT_DIR/etc/hardening.cfg ] && . $ROOT_DIR/etc/hardening.cfg
|
||||
[ -r $ROOT_DIR/etc/hardening/$SCRIPT_NAME ] && . $ROOT_DIR/etc/hardening/$SCRIPT_NAME
|
||||
|
||||
|
Loading…
x
Reference in New Issue
Block a user