search

Cloudneeti / os-harderning-scripts

Operating System Hardening Scripts
MIT License
113 stars 96 forks source link

Hardening Script Causes sudo timeout while script is running #22

Open balq60 opened 1 year ago

balq60 commented 1 year ago

I am running this in Packer:

https://github.com/Cloudneeti/os-harderning-scripts/blob/master/Amazon_Linux2/CIS_Amazon_Linux2_Benchmark_v1_0_0_Remediation.sh

Here is the end of the output.

If I remove this script from running the time out does not happen.

Removing the script the

amazon-ebs.linux-2: Remediation script for Amazon Linux 2 executed successfully!!
amazon-ebs.linux-2:
amazon-ebs.linux-2: Summary:
amazon-ebs.linux-2: Remediation Passed: 106
amazon-ebs.linux-2: Remediation Failed: 0

==> amazon-ebs.linux-2: Uploading scripts/scap-harden.sh => ~/scap-harden.sh amazon-ebs.linux-2: scap-harden.sh 711 B / 711 B [==================================================================================================] 100.00% 0s ==> amazon-ebs.linux-2: Provisioning with shell script: /tmp/packer-shell2229766949 ==> amazon-ebs.linux-2: sudo: Password expired, contact your system administrator ==> amazon-ebs.linux-2: sudo: Password expired, contact your system administrator ==> amazon-ebs.linux-2: Created symlink from /etc/systemd/system/ctrl-alt-del.target to /dev/null. ==> amazon-ebs.linux-2: Uploading scripts/CtrlAltDelBurstAction.sh => ~/CtrlAltDelBurstAction.sh amazon-ebs.linux-2: CtrlAltDelBurstAction.sh 3.54 KiB / 3.54 KiB [==================================================================================] 100.00% 0s ==> amazon-ebs.linux-2: Provisioning with shell script: /tmp/packer-shell766628997 ==> amazon-ebs.linux-2: Uploading scripts/EnableFIPS.sh => ~/EnableFIPS.sh amazon-ebs.linux-2: EnableFIPS.sh 550 B / 550 B [===================================================================================================] 100.00% 0s ==> amazon-ebs.linux-2: Provisioning with shell script: /tmp/packer-shell1654068675 ==> amazon-ebs.linux-2: sudo: Password expired, contact your system administrator ==> amazon-ebs.linux-2: sudo: Password expired, contact your system administrator ==> amazon-ebs.linux-2: usage: sudo -h | -K | -k | -V ==> amazon-ebs.linux-2: usage: sudo -v [-AknS] [-g group] [-h host] [-p prompt] [-u user] ==> amazon-ebs.linux-2: usage: sudo -l [-AknS] [-g group] [-h host] [-p prompt] [-U user] [-u user] ==> amazon-ebs.linux-2: [command] ==> amazon-ebs.linux-2: usage: sudo [-AbEHknPS] [-r role] [-t type] [-C num] [-g group] [-h host] [-p ==> amazon-ebs.linux-2: prompt] [-T timeout] [-u user] [VAR=value] [-i|-s] [] ==> amazon-ebs.linux-2: usage: sudo -e [-AknS] [-r role] [-t type] [-C num] [-g group] [-h host] [-p ==> amazon-ebs.linux-2: prompt] [-T timeout] [-u user] file ... ==> amazon-ebs.linux-2: sudo: Password expired, contact your system administrator ==> amazon-ebs.linux-2: Provisioning step had errors: Running the cleanup provisioner, if present... ==> amazon-ebs.linux-2: Terminating the source AWS instance... ==> amazon-ebs.linux-2: Bad exit status: -1 ==> amazon-ebs.linux-2: Cleaning up any extra volumes... ==> amazon-ebs.linux-2: No volumes to clean up, skipping ==> amazon-ebs.linux-2: Deleting temporary keypair... Build 'amazon-ebs.linux-2' errored after 4 minutes 47 seconds: Script exited with non-zero exit status: 1. Allowed exit codes are: [0]

==> Wait completed after 4 minutes 47 seconds ==> Some builds didn't complete successfully and had errors: --> amazon-ebs.linux-2: Script exited with non-zero exit status: 1. Allowed exit codes are: [0]

==> Builds finished but no artifacts were created.

I even tried to update the SSH Timeout from 300 to 1200 and still times out.

Again, I remove the script from the run, the run works fine.

I use this script and it timesout.