grep all files in modprobe.d directory?

Question

grep all files in modprobe.d directory?

Closed this issue 8 years ago · 3 comments

CIS-1.1.1.x are to disable a filesystem modules from getting loaded. These could be put in any file... my employer's baseline is to put them in a file called /etc/modprobe.d/crisp.conf, the CIS says to put them in a file called /etc/modprobe.d/CIS.conf.

Instead of trying to guess that they are all in CIS.conf, when there really isn't a Linux standard, can we grep all the files in the directory?

Answer 1 · 2016-05-11T22:47:12.000Z

Does this work if you just use the existing grep module, but with -r in the grep_args?

Answer 2 · 2016-05-12T16:15:26.000Z

Thanks, yes that did it!

whitelist:
   disble_mount_cramfs:
      data:
        Red Hat Enterprise Linux Server-7:
        - /etc/modprobe.d:
            match_output: /bin/true
            pattern: cramfs
            grep_args:
              - '-r'
            tag: CIS-1.1.1.1
      description: Disable mounting cramfs filesystems (Scored).

Thanks!

Answer 3 · 2016-05-12T21:32:08.000Z

Perfect! Glad I could help.