From b846594836d8b288ac35c5e48c9b2a5c74eaba37 Mon Sep 17 00:00:00 2001 From: wqian Date: Fri, 14 Jun 2024 11:48:17 +0100 Subject: [PATCH] Ensure code consistency by using aide_conf_path var --- .../aide/aide_check_audit_tools/policy/stig/shared.yml | 4 ++-- .../software-integrity/aide/aide_check_audit_tools/rule.yml | 2 +- .../aide/aide_check_audit_tools/tests/correct.pass.sh | 6 +++--- .../tests/correct_with_selinux.pass.sh | 6 +++--- .../aide/aide_check_audit_tools/tests/extra_suffix.fail.sh | 6 +++--- .../aide/aide_check_audit_tools/tests/not_config.fail.sh | 6 +++--- 6 files changed, 15 insertions(+), 15 deletions(-) diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/policy/stig/shared.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/policy/stig/shared.yml index a5666c5f841..1375e79f4dd 100644 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/policy/stig/shared.yml +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/policy/stig/shared.yml @@ -25,7 +25,7 @@ vuldiscussion: |- checktext: |- Check that AIDE is properly configured to protect the integrity of the audit tools with the following command: - $ sudo cat /etc/aide.conf | grep /usr/sbin/au + $ sudo cat {{{ aide_conf_path }}} | grep /usr/sbin/au /usr/sbin/auditctl p+i+n+u+g+s+b+acl+xattrs+sha512 /usr/sbin/auditd p+i+n+u+g+s+b+acl+xattrs+sha512 @@ -39,7 +39,7 @@ checktext: |- If any of the audit tools listed above do not have a corresponding line, ask the SA to indicate what cryptographic mechanisms are being used to protect the integrity of the audit tools. If there is no evidence of integrity protection, this is a finding. fixtext: |- - Add or update the following lines to "/etc/aide.conf", to protect the integrity of the audit tools. + Add or update the following lines to {{{ aide_conf_path }}}, to protect the integrity of the audit tools. /usr/sbin/auditctl p+i+n+u+g+s+b+acl+xattrs+sha512 /usr/sbin/auditd p+i+n+u+g+s+b+acl+xattrs+sha512 diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/rule.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/rule.yml index c0f614ec176..e491ea3e87d 100644 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/rule.yml +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/rule.yml @@ -63,7 +63,7 @@ ocil: |- If one or more lines are missing, this is a finding. fixtext: |- - Add or update the following lines to "/etc/aide.conf", to protect the integrity of the audit tools. + Add or update the following lines to {{{ aide_conf_path }}}, to protect the integrity of the audit tools. 
     {{{ aide_files() }}}
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct.pass.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct.pass.sh
index 5f751bee542..1b0c304be14 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct.pass.sh
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct.pass.sh
@@ -1,14 +1,14 @@
 #!/bin/bash
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_ubuntu
 # packages = aide
 
 aide --init
 
 
 declare -a bins
-bins=('/usr/sbin/auditctl' '/usr/sbin/auditd' '/usr/sbin/augenrules' '/usr/sbin/aureport' '/usr/sbin/ausearch' '/usr/sbin/autrace' '/usr/sbin/rsyslogd')
+bins=('/usr/sbin/auditctl' '/usr/sbin/auditd' '/usr/sbin/augenrules' '/usr/sbin/aureport' '/usr/sbin/ausearch' '/usr/sbin/autrace' '/usr/sbin/rsyslogd' '/usr/sbin/audispd')
 
 for theFile in "${bins[@]}"
 do
-    echo "$theFile p+i+n+u+g+s+b+acl+xattrs+sha512"  >> /etc/aide.conf
+    echo "$theFile p+i+n+u+g+s+b+acl+xattrs+sha512"  >> {{{ aide_conf_path }}}
 done
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct_with_selinux.pass.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct_with_selinux.pass.sh
index f80f6fd52d3..236c0cebffc 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct_with_selinux.pass.sh
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct_with_selinux.pass.sh
@@ -1,11 +1,11 @@
 #!/bin/bash
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_ubuntu
 # packages = aide
 
 declare -a bins
-bins=('/usr/sbin/auditctl' '/usr/sbin/auditd' '/usr/sbin/augenrules' '/usr/sbin/aureport' '/usr/sbin/ausearch' '/usr/sbin/autrace' '/usr/sbin/rsyslogd')
+bins=('/usr/sbin/auditctl' '/usr/sbin/auditd' '/usr/sbin/augenrules' '/usr/sbin/aureport' '/usr/sbin/ausearch' '/usr/sbin/autrace' '/usr/sbin/rsyslogd' '/usr/sbin/audispd')
 
 for theFile in "${bins[@]}"
 do
-    echo "$theFile p+i+n+u+g+s+b+acl+selinux+xattrs+sha512" >> /etc/aide.conf
+    echo "$theFile p+i+n+u+g+s+b+acl+selinux+xattrs+sha512" >> {{{ aide_conf_path }}}
 done
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/extra_suffix.fail.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/extra_suffix.fail.sh
index 692a60d0e10..7f422b6b221 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/extra_suffix.fail.sh
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/extra_suffix.fail.sh
@@ -1,11 +1,11 @@
 #!/bin/bash
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_ubuntu
 # packages = aide
 
 declare -a bins
-bins=('/usr/sbin/auditctl' '/usr/sbin/auditd' '/usr/sbin/augenrules' '/usr/sbin/aureport' '/usr/sbin/ausearch' '/usr/sbin/autrace' '/usr/sbin/rsyslogd')
+bins=('/usr/sbin/auditctl' '/usr/sbin/auditd' '/usr/sbin/augenrules' '/usr/sbin/aureport' '/usr/sbin/ausearch' '/usr/sbin/autrace' '/usr/sbin/rsyslogd' '/usr/sbin/audispd')
 
 for theFile in "${bins[@]}"
 do
-    echo "$theFile p+i+n+u+g+s+b+acl+selinux+xattrs+sha5122" >> /etc/aide.conf
+    echo "$theFile p+i+n+u+g+s+b+acl+selinux+xattrs+sha5122" >> {{{ aide_conf_path }}}
 done
diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/not_config.fail.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/not_config.fail.sh
index 65bf851237c..d76b9365769 100644
--- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/not_config.fail.sh
+++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/not_config.fail.sh
@@ -1,13 +1,13 @@
 #!/bin/bash
-# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel
+# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_ubuntu
 # packages = aide
 
 aide --init
 
 declare -a bins
-bins=('/usr/sbin/auditctl' '/usr/sbin/auditd' '/usr/sbin/augenrules' '/usr/sbin/aureport' '/usr/sbin/ausearch' '/usr/sbin/autrace' '/usr/sbin/rsyslogd')
+bins=('/usr/sbin/auditctl' '/usr/sbin/auditd' '/usr/sbin/augenrules' '/usr/sbin/aureport' '/usr/sbin/ausearch' '/usr/sbin/autrace' '/usr/sbin/rsyslogd' '/usr/sbin/audispd')
 
 for theFile in "${bins[@]}"
 do
-    echo sed -i "s#^.*${theFile}.*##g" /etc/aide.conf
+    echo sed -i "s#^.*${theFile}.*##g" {{{ aide_conf_path }}}
 done