From 0c4b16aae3fe167550e3fb28e3e63dd378225f55 Mon Sep 17 00:00:00 2001 From: Markus Linnala Date: Wed, 10 May 2023 14:57:40 +0300 Subject: [PATCH 01/14] fix: smartcard_configure_cert_checking/bash: use bash_package_install to install required packages --- .../smartcard_configure_cert_checking/bash/shared.sh | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/bash/shared.sh b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/bash/shared.sh index 2744af588130..d321bc5a4b38 100644 --- a/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/bash/shared.sh +++ b/linux_os/guide/system/accounts/accounts-physical/screen_locking/smart_card_login/smartcard_configure_cert_checking/bash/shared.sh @@ -1,7 +1,6 @@ # platform = Red Hat Enterprise Linux 7,Red Hat Enterprise Linux 8,multi_platform_ol,multi_platform_sle -# Install required packages -if ! rpm --quiet -q pam_pkcs11; then yum -y -d 1 install pam_pkcs11; fi +{{{ bash_package_install("pam_pkcs11") }}} if grep "^\s*cert_policy" /etc/pam_pkcs11/pam_pkcs11.conf | grep -qv "ocsp_on"; then sed -i "/^\s*#/! s/cert_policy.*/cert_policy = ca, ocsp_on, signature;/g" /etc/pam_pkcs11/pam_pkcs11.conf From c830f38607403349cc494bd5271b6e347dbc16a4 Mon Sep 17 00:00:00 2001 From: Markus Linnala Date: Wed, 10 May 2023 14:54:48 +0300 Subject: [PATCH 02/14] fix: snmpd_not_default_password/tests: use packages feature to install packages --- .../snmpd_not_default_password/tests/missing.pass.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/linux_os/guide/services/snmp/snmp_configure_server/snmpd_not_default_password/tests/missing.pass.sh b/linux_os/guide/services/snmp/snmp_configure_server/snmpd_not_default_password/tests/missing.pass.sh index d2a024f006ea..e3006c3ba760 100644 --- a/linux_os/guide/services/snmp/snmp_configure_server/snmpd_not_default_password/tests/missing.pass.sh +++ b/linux_os/guide/services/snmp/snmp_configure_server/snmpd_not_default_password/tests/missing.pass.sh @@ -1,4 +1,4 @@ #!/bin/bash +# packages = net-snmp -yum -y install net-snmp rm -f /etc/snmp/snmpd.conf From 8327f1e75e774c0e44c45af89a42a54bee5d83d8 Mon Sep 17 00:00:00 2001 From: Markus Linnala Date: Wed, 10 May 2023 14:46:59 +0300 Subject: [PATCH 03/14] fix: configure_libreswan_crypto_policy/tests: use bash_package_remove --- .../tests/libreswan_not_installed.pass.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/libreswan_not_installed.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/libreswan_not_installed.pass.sh index a1a66e7477bf..9379b5ff3db7 100644 --- a/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/libreswan_not_installed.pass.sh +++ b/linux_os/guide/system/software/integrity/crypto/configure_libreswan_crypto_policy/tests/libreswan_not_installed.pass.sh @@ -1,4 +1,4 @@ #!/bin/bash # platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9 -yum remove -y libreswan || true +{{{ bash_package_remove("libreswan") }}} From b58fe70ee0e9d61d437eabb834e0634344c291ed Mon Sep 17 00:00:00 2001 From: Markus Linnala Date: Wed, 10 May 2023 14:46:44 +0300 Subject: [PATCH 04/14] fix: configure_bind_crypto_policy/tests: use bash_package_remove --- .../tests/bind_not_installed.pass.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/bind_not_installed.pass.sh b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/bind_not_installed.pass.sh index 06307a5c92ef..b00bbfe2180c 100644 --- a/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/bind_not_installed.pass.sh +++ b/linux_os/guide/system/software/integrity/crypto/configure_bind_crypto_policy/tests/bind_not_installed.pass.sh @@ -1,4 +1,4 @@ #!/bin/bash # platform = multi_platform_fedora,Oracle Linux 8,Oracle Linux 9,Red Hat Enterprise Linux 8,Red Hat Enterprise Linux 9 -yum remove -y bind || true +{{{ bash_package_remove("bind") }}} From a2fe30f701b5554ed5ea0e4196f5ee2fdede3fd8 Mon Sep 17 00:00:00 2001 From: Markus Linnala Date: Wed, 10 May 2023 14:46:27 +0300 Subject: [PATCH 05/14] fix: snmpd_not_default_password/tests: use bash_package_remove --- .../tests/package_missing.notapplicable.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/linux_os/guide/services/snmp/snmp_configure_server/snmpd_not_default_password/tests/package_missing.notapplicable.sh b/linux_os/guide/services/snmp/snmp_configure_server/snmpd_not_default_password/tests/package_missing.notapplicable.sh index c388fe36529d..d8e6bee55fbd 100644 --- a/linux_os/guide/services/snmp/snmp_configure_server/snmpd_not_default_password/tests/package_missing.notapplicable.sh +++ b/linux_os/guide/services/snmp/snmp_configure_server/snmpd_not_default_password/tests/package_missing.notapplicable.sh @@ -1,3 +1,3 @@ #!/bin/bash -yum -y remove net-snmp +{{{ bash_package_remove("net-snmp") }}} From 20a9bfdf62af526b5828d91898abb1d620a4e633 Mon Sep 17 00:00:00 2001 From: Markus Linnala Date: Wed, 10 May 2023 14:44:19 +0300 Subject: [PATCH 06/14] fix: chronyd_or_ntpd_set_maxpoll/tests: use bash_package_remove --- .../ntp/chronyd_or_ntpd_set_maxpoll/tests/chrony.pass.sh | 2 +- .../tests/chrony_no_pool_nor_servers.pass.sh | 2 +- .../tests/chrony_nothing_done.fail.sh | 2 +- .../tests/chrony_one_pool_configured.pass.sh | 2 +- .../tests/chrony_one_pool_misconfigured.fail.sh | 2 +- .../tests/chrony_one_pool_missing_parameter.fail.sh | 2 +- .../tests/chrony_one_server_misconfigured.fail.sh | 2 +- .../services/ntp/chronyd_or_ntpd_set_maxpoll/tests/ntp.pass.sh | 2 +- .../tests/ntp_multiple_misconfigured.fail.sh | 2 +- .../chronyd_or_ntpd_set_maxpoll/tests/ntp_wrong_maxpoll.fail.sh | 2 +- 10 files changed, 10 insertions(+), 10 deletions(-) diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/tests/chrony.pass.sh b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/tests/chrony.pass.sh index ea5868e6e3c2..f4c1be98e5c7 100644 --- a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/tests/chrony.pass.sh +++ b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/tests/chrony.pass.sh @@ -3,7 +3,7 @@ # # profiles = xccdf_org.ssgproject.content_profile_stig -yum remove -y ntp +{{{ bash_package_remove("ntp") }}} # Remove all pool options sed -i "/^pool.*/d" {{{ chrony_conf_path }}} diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/tests/chrony_no_pool_nor_servers.pass.sh b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/tests/chrony_no_pool_nor_servers.pass.sh index 2932370ff231..93ee2b1dbab3 100644 --- a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/tests/chrony_no_pool_nor_servers.pass.sh +++ b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/tests/chrony_no_pool_nor_servers.pass.sh @@ -3,7 +3,7 @@ # # profiles = xccdf_org.ssgproject.content_profile_stig -yum remove -y ntp +{{{ bash_package_remove("ntp") }}} # Remove all pool and server options sed -i "/^pool.*/d" {{{ chrony_conf_path }}} diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/tests/chrony_nothing_done.fail.sh b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/tests/chrony_nothing_done.fail.sh index d17659c4d006..d91c98f36952 100644 --- a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/tests/chrony_nothing_done.fail.sh +++ b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/tests/chrony_nothing_done.fail.sh @@ -4,6 +4,6 @@ # profiles = xccdf_org.ssgproject.content_profile_stig # platform = Oracle Linux 7,Red Hat Enterprise Linux 7 -yum remove -y ntp +{{{ bash_package_remove("ntp") }}} systemctl enable chronyd.service diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/tests/chrony_one_pool_configured.pass.sh b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/tests/chrony_one_pool_configured.pass.sh index 86ee48726618..beb59cfe61f4 100644 --- a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/tests/chrony_one_pool_configured.pass.sh +++ b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/tests/chrony_one_pool_configured.pass.sh @@ -3,7 +3,7 @@ # # profiles = xccdf_org.ssgproject.content_profile_stig -yum remove -y ntp +{{{ bash_package_remove("ntp") }}} # Remove all server or pool options sed -i "/^\(server\|pool\).*/d" {{{ chrony_conf_path }}} diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/tests/chrony_one_pool_misconfigured.fail.sh b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/tests/chrony_one_pool_misconfigured.fail.sh index cb285f1f0745..147a56974f25 100644 --- a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/tests/chrony_one_pool_misconfigured.fail.sh +++ b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/tests/chrony_one_pool_misconfigured.fail.sh @@ -3,7 +3,7 @@ # # profiles = xccdf_org.ssgproject.content_profile_stig -yum remove -y ntp +{{{ bash_package_remove("ntp") }}} # Remove all server or pool options sed -i "/^\(server\|pool\).*/d" {{{ chrony_conf_path }}} diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/tests/chrony_one_pool_missing_parameter.fail.sh b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/tests/chrony_one_pool_missing_parameter.fail.sh index ebe12038e31d..62a5dc849cb4 100644 --- a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/tests/chrony_one_pool_missing_parameter.fail.sh +++ b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/tests/chrony_one_pool_missing_parameter.fail.sh @@ -3,7 +3,7 @@ # # profiles = xccdf_org.ssgproject.content_profile_stig -yum remove -y ntp +{{{ bash_package_remove("ntp") }}} # Remove all server options sed -i "/^\(server\|pool\).*/d" {{{ chrony_conf_path }}} diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/tests/chrony_one_server_misconfigured.fail.sh b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/tests/chrony_one_server_misconfigured.fail.sh index d21cb45821b1..c083cd448650 100644 --- a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/tests/chrony_one_server_misconfigured.fail.sh +++ b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/tests/chrony_one_server_misconfigured.fail.sh @@ -3,7 +3,7 @@ # # profiles = xccdf_org.ssgproject.content_profile_stig -yum remove -y ntp +{{{ bash_package_remove("ntp") }}} # Remove all pool options sed -i "/^pool.*/d" {{{ chrony_conf_path }}} diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/tests/ntp.pass.sh b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/tests/ntp.pass.sh index b81493b9815f..34baa27540ce 100644 --- a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/tests/ntp.pass.sh +++ b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/tests/ntp.pass.sh @@ -4,7 +4,7 @@ # profiles = xccdf_org.ssgproject.content_profile_stig # platform = Oracle Linux 7,Red Hat Enterprise Linux 7 -yum remove -y chrony +{{{ bash_package_remove("chrony") }}} if ! grep "^server.*maxpoll 10" /etc/ntp.conf; then sed -i "s/^server.*/& maxpoll 10/" /etc/ntp.conf diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/tests/ntp_multiple_misconfigured.fail.sh b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/tests/ntp_multiple_misconfigured.fail.sh index 6ed14c85fd9b..6f5310c34175 100644 --- a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/tests/ntp_multiple_misconfigured.fail.sh +++ b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/tests/ntp_multiple_misconfigured.fail.sh @@ -4,7 +4,7 @@ # profiles = xccdf_org.ssgproject.content_profile_stig # platform = Oracle Linux 7,Red Hat Enterprise Linux 7 -yum remove -y chrony +{{{ bash_package_remove("chrony") }}} sed -i "s/^server.*/& maxpoll 17/" /etc/ntp.conf echo "server 0.test.ntp.org maxpoll 17 iburst" >> /etc/ntp.conf diff --git a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/tests/ntp_wrong_maxpoll.fail.sh b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/tests/ntp_wrong_maxpoll.fail.sh index 987f871f76b0..504e69d05612 100644 --- a/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/tests/ntp_wrong_maxpoll.fail.sh +++ b/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/tests/ntp_wrong_maxpoll.fail.sh @@ -4,7 +4,7 @@ # profiles = xccdf_org.ssgproject.content_profile_stig # platform = Oracle Linux 7,Red Hat Enterprise Linux 7 -yum remove -y chrony +{{{ bash_package_remove("chrony") }}} sed -i "s/^server.*/& maxpoll 17/" /etc/ntp.conf From ac8389e3ddab599f6f5bf7465636817fb8dbbf3e Mon Sep 17 00:00:00 2001 From: Markus Linnala Date: Wed, 10 May 2023 14:26:26 +0300 Subject: [PATCH 07/14] fix: aide/remediations: add crontabs If remediation uses crontabs, require relevant package too. --- .../aide/aide_periodic_cron_checking/ansible/shared.yml | 6 +++--- .../aide/aide_periodic_cron_checking/bash/shared.sh | 1 + .../aide/aide_periodic_cron_checking/bash/ubuntu.sh | 1 + .../aide/aide_scan_notification/ansible/shared.yml | 6 +++--- .../aide/aide_scan_notification/bash/shared.sh | 1 + 5 files changed, 9 insertions(+), 6 deletions(-) diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/ansible/shared.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/ansible/shared.yml index d60c2e54644a..7d4063bda297 100644 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/ansible/shared.yml +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/ansible/shared.yml @@ -5,10 +5,10 @@ # disruption = low - name: "Ensure AIDE is installed" package: - name: "{{ item }}" + name: + - aide + - crontabs state: present - with_items: - - aide - name: Set cron package name - RedHat set_fact: diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/bash/shared.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/bash/shared.sh index dfa5c1b6c895..a4dac7810063 100644 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/bash/shared.sh +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/bash/shared.sh @@ -1,6 +1,7 @@ # platform = Red Hat Virtualization 4,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_sle {{{ bash_package_install("aide") }}} +{{{ bash_package_install("crontabs") }}} if ! grep -q "{{{ aide_bin_path }}} --check" /etc/crontab ; then echo "05 4 * * * root {{{ aide_bin_path }}} --check" >> /etc/crontab diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/bash/ubuntu.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/bash/ubuntu.sh index 09a08f8236b3..ad32b7dc9187 100644 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/bash/ubuntu.sh +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/bash/ubuntu.sh @@ -1,6 +1,7 @@ # platform = multi_platform_ubuntu {{{ bash_package_install("aide") }}} +{{{ bash_package_install("crontabs") }}} # AiDE usually adds its own cron jobs to /etc/cron.daily. If script is there, this rule is # compliant. Otherwise, we copy the script to the /etc/cron.weekly diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/ansible/shared.yml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/ansible/shared.yml index 2f734940a6ff..45db52bf238c 100644 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/ansible/shared.yml +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/ansible/shared.yml @@ -7,10 +7,10 @@ - name: "Ensure AIDE is installed" package: - name: "{{ item }}" + name: + - aide + - crontabs state: present - with_items: - - aide - name: "{{{ rule_title }}}" cron: diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/bash/shared.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/bash/shared.sh index f2b7d62a0b3a..b71b1ec9672e 100644 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/bash/shared.sh +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/bash/shared.sh @@ -1,6 +1,7 @@ # platform = multi_platform_all {{{ bash_package_install("aide") }}} +{{{ bash_package_install("crontabs") }}} {{{ bash_instantiate_variables("var_aide_scan_notification_email") }}} CRONTAB=/etc/crontab From d0086f00f56d18f84701a341c02aca3e9f5ac29e Mon Sep 17 00:00:00 2001 From: Markus Linnala Date: Wed, 10 May 2023 14:19:13 +0300 Subject: [PATCH 08/14] bugfix: aide_periodic_cron_checking/tests: ensure packages are installed Is about crontabs / cron too. So add those. --- .../tests/aide_not_installed.fail.sh | 1 + .../aide/aide_periodic_cron_checking/tests/cron_daily.pass.sh | 3 +-- .../tests/cron_daily_complex.pass.sh | 3 +-- .../aide_periodic_cron_checking/tests/crontab_daily.pass.sh | 3 +-- .../tests/crontab_daily_shortcut.pass.sh | 3 +-- .../aide_periodic_cron_checking/tests/crontab_monthly.fail.sh | 3 +-- .../tests/crontab_two_days_week.pass.sh | 3 +-- .../tests/crontab_weekly_on_exact_day.pass.sh | 3 +-- .../tests/crontab_weekly_shortcut.pass.sh | 3 +-- .../tests/crontab_weekly_word.pass.sh | 3 +-- .../aide_periodic_cron_checking/tests/crontab_yearly.fail.sh | 3 +-- .../aide/aide_periodic_cron_checking/tests/not_in_cron.fail.sh | 3 +-- 12 files changed, 12 insertions(+), 22 deletions(-) diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/tests/aide_not_installed.fail.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/tests/aide_not_installed.fail.sh index dd8eb457ac3c..5cff9a959bfc 100644 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/tests/aide_not_installed.fail.sh +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/tests/aide_not_installed.fail.sh @@ -1,4 +1,5 @@ #!/bin/bash +# packages = aide,crontabs if command -v yum; then yum remove -y aide diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/tests/cron_daily.pass.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/tests/cron_daily.pass.sh index ec2646bb5e45..338d1da2dcfd 100644 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/tests/cron_daily.pass.sh +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/tests/cron_daily.pass.sh @@ -1,6 +1,5 @@ #!/bin/bash -# -# packages = aide +# packages = aide,crontabs mkdir -p /etc/cron.daily echo "/usr/sbin/aide --check" > /etc/cron.daily/aide diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/tests/cron_daily_complex.pass.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/tests/cron_daily_complex.pass.sh index d42080c261f0..749c1824e3e3 100644 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/tests/cron_daily_complex.pass.sh +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/tests/cron_daily_complex.pass.sh @@ -1,6 +1,5 @@ #!/bin/bash -# -# packages = aide +# packages = aide,crontabs # This TS is a regression test for https://bugzilla.redhat.com/show_bug.cgi?id=2175684 diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/tests/crontab_daily.pass.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/tests/crontab_daily.pass.sh index 33c2c2a22a30..7becacd612d1 100644 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/tests/crontab_daily.pass.sh +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/tests/crontab_daily.pass.sh @@ -1,5 +1,4 @@ #!/bin/bash -# -# packages = aide +# packages = aide,crontabs echo '21 21 * * * root /usr/sbin/aide --check &>/dev/null' >> /etc/crontab diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/tests/crontab_daily_shortcut.pass.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/tests/crontab_daily_shortcut.pass.sh index 382fc53b6595..1482dc49009b 100644 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/tests/crontab_daily_shortcut.pass.sh +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/tests/crontab_daily_shortcut.pass.sh @@ -1,5 +1,4 @@ #!/bin/bash -# -# packages = aide +# packages = aide,crontabs echo '@daily root /usr/sbin/aide --check &>/dev/null' >> /etc/crontab diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/tests/crontab_monthly.fail.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/tests/crontab_monthly.fail.sh index da5edf10fc43..ac6d6d922998 100644 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/tests/crontab_monthly.fail.sh +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/tests/crontab_monthly.fail.sh @@ -1,6 +1,5 @@ #!/bin/bash -# -# packages = aide +# packages = aide,crontabs # aide installs automatically a file that is periodically run on /etc/cron.daily/aide rm -f /etc/cron.daily/aide diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/tests/crontab_two_days_week.pass.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/tests/crontab_two_days_week.pass.sh index 6958ac521b85..96defc788084 100644 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/tests/crontab_two_days_week.pass.sh +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/tests/crontab_two_days_week.pass.sh @@ -1,5 +1,4 @@ #!/bin/bash -# -# packages = aide +# packages = aide,crontabs echo '21 21 * * 1-2 root /usr/sbin/aide --check &>/dev/null' >> /etc/crontab diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/tests/crontab_weekly_on_exact_day.pass.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/tests/crontab_weekly_on_exact_day.pass.sh index f7d9171afdab..3df4aa5c350f 100644 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/tests/crontab_weekly_on_exact_day.pass.sh +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/tests/crontab_weekly_on_exact_day.pass.sh @@ -1,5 +1,4 @@ #!/bin/bash -# -# packages = aide +# packages = aide,crontabs echo '21 21 * * 3 root /usr/sbin/aide --check &>/dev/null' >> /etc/crontab diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/tests/crontab_weekly_shortcut.pass.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/tests/crontab_weekly_shortcut.pass.sh index 26b139f5ddad..55c749cb36e6 100644 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/tests/crontab_weekly_shortcut.pass.sh +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/tests/crontab_weekly_shortcut.pass.sh @@ -1,5 +1,4 @@ #!/bin/bash -# -# packages = aide +# packages = aide,crontabs echo '@weekly root /usr/sbin/aide --check &>/dev/null' >> /etc/crontab diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/tests/crontab_weekly_word.pass.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/tests/crontab_weekly_word.pass.sh index 5c510f2c11f3..866c76217857 100644 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/tests/crontab_weekly_word.pass.sh +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/tests/crontab_weekly_word.pass.sh @@ -1,5 +1,4 @@ #!/bin/bash -# -# packages = aide +# packages = aide,crontabs echo '21 21 * * mon root /usr/sbin/aide --check &>/dev/null' >> /etc/crontab diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/tests/crontab_yearly.fail.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/tests/crontab_yearly.fail.sh index 3788e44ee4d1..6616f6177f0d 100644 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/tests/crontab_yearly.fail.sh +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/tests/crontab_yearly.fail.sh @@ -1,6 +1,5 @@ #!/bin/bash -# -# packages = aide +# packages = aide,crontabs # aide installs automatically a file that is periodically run on /etc/cron.daily/aide rm -f /etc/cron.daily/aide diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/tests/not_in_cron.fail.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/tests/not_in_cron.fail.sh index 3de2d7efd79b..24dc0b6e727f 100644 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/tests/not_in_cron.fail.sh +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/tests/not_in_cron.fail.sh @@ -1,6 +1,5 @@ #!/bin/bash -# -# packages = aide +# packages = aide,crontabs,cronie # aide installs automatically a file that is periodically run on /etc/cron.daily/aide rm -f /etc/cron.daily/aide From 5764b2c96c91ae00e89918278e344e6821cab6a8 Mon Sep 17 00:00:00 2001 From: Markus Linnala Date: Wed, 10 May 2023 14:19:05 +0300 Subject: [PATCH 09/14] fix: aide_periodic_cron_checking/tests: use bash_package_remove --- .../tests/aide_not_installed.fail.sh | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/tests/aide_not_installed.fail.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/tests/aide_not_installed.fail.sh index 5cff9a959bfc..9213bce55442 100644 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/tests/aide_not_installed.fail.sh +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_periodic_cron_checking/tests/aide_not_installed.fail.sh @@ -1,10 +1,6 @@ #!/bin/bash # packages = aide,crontabs -if command -v yum; then - yum remove -y aide -elif command -v apt-get; then - DEBIAN_FRONTEND=noninteractive apt-get remove -y aide -fi +{{{ bash_package_remove("aide") }}} echo '21 21 * * * root /usr/sbin/aide --check &>/dev/null' >> /etc/crontab From dade3fefbb6b4c1ff73d4af94540a166233e5183 Mon Sep 17 00:00:00 2001 From: Markus Linnala Date: Wed, 10 May 2023 14:13:49 +0300 Subject: [PATCH 10/14] bugfix: file_cron_deny_not_exist/tests: ensure crontabs installed When testing without relevant packages installed you get wrong results. --- .../file_cron_deny_not_exist/tests/dne.pass.sh | 1 + .../file_cron_deny_not_exist/tests/exists.fail.sh | 1 + 2 files changed, 2 insertions(+) diff --git a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_cron_deny_not_exist/tests/dne.pass.sh b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_cron_deny_not_exist/tests/dne.pass.sh index 2ce1e74fecd4..719b06db8946 100644 --- a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_cron_deny_not_exist/tests/dne.pass.sh +++ b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_cron_deny_not_exist/tests/dne.pass.sh @@ -1,4 +1,5 @@ #!/bin/bash +# packages = crontabs FILE=/etc/cron.deny diff --git a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_cron_deny_not_exist/tests/exists.fail.sh b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_cron_deny_not_exist/tests/exists.fail.sh index d137da3efbc0..5fcecb9ca857 100644 --- a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_cron_deny_not_exist/tests/exists.fail.sh +++ b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_cron_deny_not_exist/tests/exists.fail.sh @@ -1,3 +1,4 @@ #!/bin/bash +# packages = crontabs touch /etc/cron.deny From 013bd90ce8047d3fa1cb25a6ec9c41f275177817 Mon Sep 17 00:00:00 2001 From: Markus Linnala Date: Wed, 10 May 2023 14:14:45 +0300 Subject: [PATCH 11/14] bugfix: file_permissions_cron_allow/tests: ensure crontabs installed When testing without relevant packages installed you get wrong results. --- .../file_permissions_cron_allow/tests/missing_file_test.pass.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_permissions_cron_allow/tests/missing_file_test.pass.sh b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_permissions_cron_allow/tests/missing_file_test.pass.sh index 3696f017c578..91d577477c01 100644 --- a/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_permissions_cron_allow/tests/missing_file_test.pass.sh +++ b/linux_os/guide/services/cron_and_at/restrict_at_cron_users/file_permissions_cron_allow/tests/missing_file_test.pass.sh @@ -1,4 +1,4 @@ #!/bin/bash -# +# packages = crontabs rm -f /etc/cron.allow From 707b3f2e99c00e3313ae88c4f5fbceb0ec4fc6ae Mon Sep 17 00:00:00 2001 From: Markus Linnala Date: Wed, 10 May 2023 14:15:27 +0300 Subject: [PATCH 12/14] bugfix: auditd_offload_logs/tests: ensure crontabs installed When testing without relevant packages installed you get wrong results. --- .../auditd_offload_logs/tests/correct.pass.sh | 2 +- .../auditd_offload_logs/tests/nothing.fail.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_offload_logs/tests/correct.pass.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_offload_logs/tests/correct.pass.sh index a5966f63d481..9cd58cb2843c 100644 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_offload_logs/tests/correct.pass.sh +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_offload_logs/tests/correct.pass.sh @@ -1,5 +1,5 @@ #!/bin/bash -# packages = audit +# packages = audit,crontabs # remediation = none mkdir -p /etc/cron.weekly/ diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_offload_logs/tests/nothing.fail.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_offload_logs/tests/nothing.fail.sh index f9a2fe614fd8..19c0bca5e489 100644 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_offload_logs/tests/nothing.fail.sh +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_offload_logs/tests/nothing.fail.sh @@ -1,5 +1,5 @@ #!/bin/bash -# packages = audit +# packages = audit,crontabs # remediation = none mkdir -p /etc/cron.weekly/ From 2d100aef599cd9db0302368110f698316907723c Mon Sep 17 00:00:00 2001 From: Markus Linnala Date: Thu, 11 May 2023 09:49:06 +0300 Subject: [PATCH 13/14] bugfix: aide_check_audit_tools: Ensure no suffix prefix Change state_aide_check_attributes to ensure no prefix/suffix for pattern. Fix correct_with_selinux.pass.sh Also use packages to ensure aide package is installed in tests. --- .../aide/aide_check_audit_tools/oval/shared.xml | 2 +- .../aide/aide_check_audit_tools/tests/correct.pass.sh | 3 +-- .../tests/correct_with_selinux.pass.sh | 5 ++--- .../aide_check_audit_tools/tests/extra_suffix.fail.sh | 11 +++++++++++ .../aide_check_audit_tools/tests/not_config.fail.sh | 3 +-- 5 files changed, 16 insertions(+), 8 deletions(-) create mode 100644 linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/extra_suffix.fail.sh diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/oval/shared.xml b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/oval/shared.xml index 63f3177a27b3..012c31e92d6e 100644 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/oval/shared.xml +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/oval/shared.xml @@ -22,7 +22,7 @@ {{% if 'rhel' not in product and 'ubuntu' not in product and product != 'ol8' %}} p+i+n+u+g+s+b+acl+selinux+xattrs+sha512 {{% else %}} - p\+i\+n\+u\+g\+s\+b\+acl(|\+selinux)\+xattrs\+sha512 + ^p\+i\+n\+u\+g\+s\+b\+acl(|\+selinux)\+xattrs\+sha512$ {{% endif %}} diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct.pass.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct.pass.sh index 1a1ab8aedd1d..5f751bee5420 100644 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct.pass.sh +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct.pass.sh @@ -1,8 +1,7 @@ #!/bin/bash # platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel +# packages = aide - -yum -y install aide aide --init diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct_with_selinux.pass.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct_with_selinux.pass.sh index 769deaa4fbe5..f80f6fd52d3f 100644 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct_with_selinux.pass.sh +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/correct_with_selinux.pass.sh @@ -1,12 +1,11 @@ #!/bin/bash # platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel - -yum -y install aide +# packages = aide declare -a bins bins=('/usr/sbin/auditctl' '/usr/sbin/auditd' '/usr/sbin/augenrules' '/usr/sbin/aureport' '/usr/sbin/ausearch' '/usr/sbin/autrace' '/usr/sbin/rsyslogd') for theFile in "${bins[@]}" do - echo "$theFile p+i+n+u+g+s+b+acl+selinux+xattrs+sha5122" >> /etc/aide.conf + echo "$theFile p+i+n+u+g+s+b+acl+selinux+xattrs+sha512" >> /etc/aide.conf done diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/extra_suffix.fail.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/extra_suffix.fail.sh new file mode 100644 index 000000000000..692a60d0e104 --- /dev/null +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/extra_suffix.fail.sh @@ -0,0 +1,11 @@ +#!/bin/bash +# platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel +# packages = aide + +declare -a bins +bins=('/usr/sbin/auditctl' '/usr/sbin/auditd' '/usr/sbin/augenrules' '/usr/sbin/aureport' '/usr/sbin/ausearch' '/usr/sbin/autrace' '/usr/sbin/rsyslogd') + +for theFile in "${bins[@]}" +do + echo "$theFile p+i+n+u+g+s+b+acl+selinux+xattrs+sha5122" >> /etc/aide.conf +done diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/not_config.fail.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/not_config.fail.sh index 868a3d2b37a6..65bf851237c5 100644 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/not_config.fail.sh +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_check_audit_tools/tests/not_config.fail.sh @@ -1,8 +1,7 @@ #!/bin/bash # platform = multi_platform_fedora,multi_platform_ol,multi_platform_rhel +# packages = aide - -yum -y install aide aide --init declare -a bins From 7f58b563458d673edb6cf3c39fc78c570724516d Mon Sep 17 00:00:00 2001 From: Markus Linnala Date: Wed, 10 May 2023 14:12:27 +0300 Subject: [PATCH 14/14] bugfix: aide_scan_notificatio/tests: ensure crontabs/chronie When testing without relevant packages installed you get wrong results. --- .../aide_scan_notification/tests/cron_weekly_configured.pass.sh | 2 +- .../aide_scan_notification/tests/crontab_configured.pass.sh | 2 +- .../tests/crontab_just_periodic_checking.fail.sh | 2 +- .../aide_scan_notification/tests/var_cron_configured.pass.sh | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/tests/cron_weekly_configured.pass.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/tests/cron_weekly_configured.pass.sh index e92bf9433723..3e4989f3d25e 100644 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/tests/cron_weekly_configured.pass.sh +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/tests/cron_weekly_configured.pass.sh @@ -1,5 +1,5 @@ #!/bin/bash -# packages = aide +# packages = aide,crontabs # configured in crontab echo '0 5 * * * root /usr/sbin/aide --check | /bin/mail -s "SSG Test Suite - AIDE Integrity Check" admin@ssgtestsuite' > /etc/cron.weekly/aidescan diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/tests/crontab_configured.pass.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/tests/crontab_configured.pass.sh index dfbc5214fd17..b1de067cc26d 100644 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/tests/crontab_configured.pass.sh +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/tests/crontab_configured.pass.sh @@ -1,5 +1,5 @@ #!/bin/bash -# packages = aide +# packages = aide,crontabs # configured in crontab echo '0 5 * * * root /usr/sbin/aide --check | /bin/mail -s "SSG Test Suite - AIDE Integrity Check" admin@ssgtestsuite' >> /etc/crontab diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/tests/crontab_just_periodic_checking.fail.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/tests/crontab_just_periodic_checking.fail.sh index cdb421041be8..946a3113ec22 100644 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/tests/crontab_just_periodic_checking.fail.sh +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/tests/crontab_just_periodic_checking.fail.sh @@ -1,5 +1,5 @@ #!/bin/bash -# packages = aide +# packages = aide,crontabs # configured in crontab echo '0 5 * * * root /usr/sbin/aide --check' >> /etc/crontab diff --git a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/tests/var_cron_configured.pass.sh b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/tests/var_cron_configured.pass.sh index 26ac904709fa..681ff88001e2 100644 --- a/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/tests/var_cron_configured.pass.sh +++ b/linux_os/guide/system/software/integrity/software-integrity/aide/aide_scan_notification/tests/var_cron_configured.pass.sh @@ -1,5 +1,5 @@ #!/bin/bash -# packages = aide +# packages = aide,cronie # configured in crontab echo '0 5 * * * root /usr/sbin/aide --check | /bin/mail -s "SSG Test Suite - AIDE Integrity Check" admin@ssgtestsuite' >> /var/spool/cron/root