Closed sblaisot closed 2 years ago
3.4.2 CIS detection example is modprobe -n -v sctp | grep -E '(sctp|install)'
modprobe -n -v sctp | grep -E '(sctp|install)'
MODPROBE_FILTER is necessary here because sctp module depends on libcrc32c module so even if it is disabled, modprobe -n -v sctp returns
MODPROBE_FILTER
sctp
libcrc32c
modprobe -n -v sctp
insmod /lib/modules/4.19.0-18-cloud-amd64/kernel/lib/libcrc32c.ko install /bin/true
and detection fails
This PR fixes that behaviour by adding missing MODPROBE_FILTER to is_kernel_option_enabled call.
is_kernel_option_enabled
3.4.2 CIS detection example is
modprobe -n -v sctp | grep -E '(sctp|install)'MODPROBE_FILTERis necessary here becausesctpmodule depends onlibcrc32cmodule so even if it is disabled,modprobe -n -v sctpreturnsand detection fails
This PR fixes that behaviour by adding missing
MODPROBE_FILTERtois_kernel_option_enabledcall.