IF/ELSE in "files/linuxcontrols/scripts/f0000.sh" script referenced by "cis::linuxcontrols::c0010" seem to be reversed.

arildjensen / cis-puppet

Center for Internet Security Linux Benchmark implementation for PuppetLabs

Other

117 stars 62 forks source link

IF/ELSE in "files/linuxcontrols/scripts/f0000.sh" script referenced by "cis::linuxcontrols::c0010" seem to be reversed. #35

Open roanosullivan opened 9 years ago

roanosullivan commented 9 years ago

From EL6 Benchmark 1.4.6:

Perform the following to determine if unconfined daemons are running on the system. # ps -eZ | egrep "initrc" | egrep -vw "tr|ps|egrep|bash|awk" | tr ':' ' ' | awk '{ print $NF }' [no output produced]

The current code returns "fail" if the audit succeeds (because no output is produced by the $COMMAND in the conditional expression).