Merge pull request fbprogmbh#545 from fbprogmbh/ticket_524

Ticket 524

ATAPAuditor/Helpers/ShellScripts/SLE_15/CIS-SEL15-1.8.1.3.sh

@@ -0,0 +1,2 @@
+#!/bin/bash
+grep -E -i "(\\\v|\\\r|\\\m|\\\s|$(grep '^ID=' /etc/os-release | cut -d= -f2 | sed -e 's/"//g'))" /etc/issue.net

ATAPAuditor/Helpers/ShellScripts/SLE_15/CIS-SEL15-5.4.2_1.sh

@@ -0,0 +1,2 @@
+#!/bin/bash
+awk -F: '($1!="root" && $1!="sync" && $1!="shutdown" && $1!="halt" && $1!~/^\+/ && $3<'"$(awk '/^\s*UID_MIN/{print $2}' /etc/login.defs)"' && $7!="'"$(which nologin)"'" && $7!="/bin/false") {print}' /etc/passwd

ATAPAuditor/Helpers/ShellScripts/SLE_15/CIS-SEL15-5.4.2_2.sh

@@ -0,0 +1,2 @@
+#!/bin/bash
+awk -F: '($1!="root" && $1!~/^\+/ && $3<'"$(awk '/^\s*UID_MIN/{print $2}' /etc/login.defs)"') {print $1}' /etc/passwd | xargs -I '{}' passwd -S '{}' | awk '($2!="L" && $2!="LK") {print $1}'

ATAPAuditor/Helpers/ShellScripts/SLE_15/CIS-SEL15-5.4.4.sh

@@ -0,0 +1,4 @@
+#!/bin/bash
+for f in /etc/profile.d/*.sh ; do
+    grep -Eq '(^|^[^#]*;)\s*(readonly|export(\s+[^$#;]+\s*)*)?\s*TMOUT=(900|[1-8][0-9][0-9]|[1-9][0-9]|[1-9])\b' $f && grep -Eq '(^|^[^#]*;)\s*readonly\s+TMOUT\b' $f && grep -Eq '(^|^[^#]*;)\s*export\s+([^$#;]+\s+)*TMOUT\b' $f && echo "TMOUT correctly configured in file: $f";
+done

ATAPAuditor/Helpers/ShellScripts/SLE_15/CIS-SEL15-6.2.1.sh

@@ -0,0 +1,2 @@
+#!/bin/bash
+awk -F: '($2 != "x" ) { print $1 " is not set to shadowed passwords "}' /etc/passwd

ATAPAuditor/Helpers/ShellScripts/SLE_15/CIS-SEL15-6.2.10.sh

@@ -0,0 +1,10 @@
+#!/bin/bash
+awk -F: '($1 !~ /^(root|halt|sync|shutdown)$/ && $7 != "'"$(which nologin)"'" && $7 != "/bin/false" && $7 != "/usr/bin/false") { print $1 " " $6 }' /etc/passwd | while read user dir; do
+    if [ ! -d "$dir" ]; then
+        echo "The home directory ($dir) of user $user does not exist."
+    else
+        if [ ! -h "$dir/.netrc" -a -f "$dir/.netrc" ]; then
+            echo ".netrc file $dir/.netrc exists"
+        fi
+    fi
+done

ATAPAuditor/Helpers/ShellScripts/SLE_15/CIS-SEL15-6.2.11.sh

@@ -0,0 +1,30 @@
+#!/bin/bash
+awk -F: '($1 !~ /^(root|halt|sync|shutdown)$/ && $7 != "'"$(which nologin)"'" && $7 != "/bin/false" && $7 != "/usr/bin/false") { print $1 " " $6 }' /etc/passwd | while read user dir; do
+    if [ ! -d "$dir" ]; then
+        echo "The home directory ($dir) of user $user does not exist."
+    else
+        for file in $dir/.netrc; do
+            if [ ! -h "$file" -a -f "$file" ]; then
+                fileperm=$(ls -ld $file | cut -f1 -d" ")
+                if [ $(echo $fileperm | cut -c5) != "-" ]; then
+                    echo "Group Read set on $file"
+                fi
+                if [ $(echo $fileperm | cut -c6) != "-" ]; then
+                    echo "Group Write set on $file"
+                fi
+                if [ $(echo $fileperm | cut -c7) != "-" ]; then
+                    echo "Group Execute set on $file"
+                fi
+                if [ $(echo $fileperm | cut -c8) != "-" ]; then
+                    echo "Other Read set on $file"
+                fi
+                if [ $(echo $fileperm | cut -c9) != "-" ]; then
+                    echo "Other Write set on $file"
+                fi
+                if [ $(echo $fileperm | cut -c10) != "-" ]; then
+                    echo "Other Execute set on $file"
+                fi
+            fi
+        done
+    fi
+done

ATAPAuditor/Helpers/ShellScripts/SLE_15/CIS-SEL15-6.2.12.sh

@@ -0,0 +1,12 @@
+#!/bin/bash
+awk -F: '($1 !~ /^(root|halt|sync|shutdown)$/ && $7 != "'"$(which nologin)"'" && $7 != "/bin/false" && $7 != "/usr/bin/false") { print $1 " " $6 }' /etc/passwd | while read user dir; do
+    if [ ! -d "$dir" ]; then
+        echo "The home directory ($dir) of user $user does not exist."
+    else
+        for file in $dir/.rhosts; do
+            if [ ! -h "$file" -a -e "$file" ]; then
+                echo ".rhosts file in $dir"
+            fi
+        done
+    fi
+done

ATAPAuditor/Helpers/ShellScripts/SLE_15/CIS-SEL15-6.2.18_1.sh

@@ -0,0 +1,2 @@
+#!/bin/bash
+grep ^shadow:[^:]*:[^:]*:[^:]+ /etc/group

ATAPAuditor/Helpers/ShellScripts/SLE_15/CIS-SEL15-6.2.18_2.sh

@@ -0,0 +1,2 @@
+#!/bin/bash
+awk -F: '($4 == "<shadow-gid>") { print }' /etc/passwd

ATAPAuditor/Helpers/ShellScripts/SLE_15/CIS-SEL15-6.2.2.sh

@@ -0,0 +1,2 @@
+#!/bin/bash
+awk -F: '($2 == "" ) { print $1 " does not have a password "}' /etc/shadow

ATAPAuditor/Helpers/ShellScripts/SLE_15/CIS-SEL15-6.2.5.sh

@@ -0,0 +1,6 @@
+#!/bin/bash
+grep -E -v '^(halt|sync|shutdown)' /etc/passwd | awk -F: '($7 != "'"$(which nologin)"'" && $7 != "/bin/false") { print $1 " " $6 }' | while read -r user dir; do
+    if [ ! -d "$dir" ]; then
+        echo "The home directory ($dir) of user $user does not exist."
+    fi
+done

ATAPAuditor/Helpers/ShellScripts/SLE_15/CIS-SEL15-6.2.6.sh

@@ -0,0 +1,20 @@
+#!/bin/bash
+grep -E -v '^(halt|sync|shutdown)' /etc/passwd | awk -F: '($7 != "'"$(which nologin)"'" && $7 != "/bin/false") { print $1 " " $6 }' | while read user dir; do
+    if [ ! -d "$dir" ]; then
+        echo "The home directory ($dir) of user $user does not exist."
+    else
+        dirperm=$(ls -ld $dir | cut -f1 -d" ")
+        if [ $(echo $dirperm | cut -c6) != "-" ]; then
+            echo "Group Write permission set on the home directory ($dir) of user $user"
+        fi
+        if [ $(echo $dirperm | cut -c8) != "-" ]; then
+            echo "Other Read permission set on the home directory ($dir) of user $user"
+        fi
+        if [ $(echo $dirperm | cut -c9) != "-" ]; then
+            echo "Other Write permission set on the home directory ($dir) of user $user"
+        fi
+        if [ $(echo $dirperm | cut -c10) != "-" ]; then
+            echo "Other Execute permission set on the home directory ($dir) of user $user"
+        fi
+    fi
+done

ATAPAuditor/Helpers/ShellScripts/SLE_15/CIS-SEL15-6.2.7.sh

@@ -0,0 +1,11 @@
+#!/bin/bash
+grep -E -v '^(halt|sync|shutdown)' /etc/passwd | awk -F: '($7 != "'"$(which nologin)"'" && $7 != "/bin/false") { print $1 " " $6 }' | while read user dir; do
+    if [ ! -d "$dir" ]; then
+        echo "The home directory ($dir) of user $user does not exist."
+    else
+        owner=$(stat -L -c "%U" "$dir")
+        if [ "$owner" != "$user" ]; then
+            echo "The home directory ($dir) of user $user is owned by $owner."
+        fi
+    fi
+done

ATAPAuditor/Helpers/ShellScripts/SLE_15/CIS-SEL15-6.2.8.sh

@@ -0,0 +1,18 @@
+#!/bin/bash
+grep -E -v '^(halt|sync|shutdown)' /etc/passwd | awk -F: '($7 != "'"$(which nologin)"'" && $7 != "/bin/false") { print $1 " " $6 }' | while read user dir; do
+    if [ ! -d "$dir" ]; then
+        echo "The home directory ($dir) of user $user does not exist."
+    else
+        for file in $dir/.[A-Za-z0-9]*; do
+            if [ ! -h "$file" -a -f "$file" ]; then
+                fileperm=$(ls -ld $file | cut -f1 -d" ")
+                if [ $(echo $fileperm | cut -c6) != "-" ]; then
+                    echo "Group Write permission set on file $file"
+                fi
+                if [ $(echo $fileperm | cut -c9) != "-" ]; then
+                    echo "Other Write permission set on file $file"
+                fi
+            fi
+        done
+    fi
+done

ATAPAuditor/Helpers/ShellScripts/SLE_15/CIS-SEL15-6.2.9.sh

@@ -0,0 +1,10 @@
+#!/bin/bash
+awk -F: '($1 !~ /^(root|halt|sync|shutdown)$/ && $7 != "'"$(which nologin)"'" && $7 != "/bin/false" && $7 != "/usr/bin/false") { print $1 " " $6 }' /etc/passwd | while read user dir; do
+    if [ ! -d "$dir" ] ; then
+        echo "The home directory ($dir) of user $user does not exist."
+    else
+        if [ ! -h "$dir/.forward" -a -f "$dir/.forward" ]; then
+            echo ".forward file $dir/.forward exists"
+        fi
+    fi
+done