Unable to deploy this script on Ubuntu 22.o LTS
Closed this issue · 5 comments
Hi
I m new here and recently tried to leverage this script to deploy CIS Ubuntu image. The current image version is below. However, while deployed, it indicated that the variable path can t be set which prevents me from moving forward. Even tried on typical Azure Ubuntu 22.0 LTS image, throwed same error.
Does this script support VM image, coz this is VM deployment. i supposed 22 should part of 12 searies. but not sure where could be the problem. any advice will be highly appreciated.
PRETTY_NAME="Ubuntu 22.04.3 LTS"
NAME="Ubuntu"
VERSION_ID="22.04"
VERSION="22.04.3 LTS (Jammy Jellyfish)"
VERSION_CODENAME=jammy
ID=ubuntu
ID_LIKE=debian
HOME_URL=https://www.ubuntu.com/
SUPPORT_URL=https://help.ubuntu.com/
BUG_REPORT_URL=https://bugs.launchpad.net/ubuntu/
PRIVACY_POLICY_URL=https://www.ubuntu.com/legal/terms-and-policies/privacy-policy
UBUNTU_CODENAME=jammy
cat /etc/default/cis-hardening
# Default file for CIS Debian hardening scripts
Define here root directory for CIS debian hardening scripts
CIS_LIB_DIR='/opt/cis-hardening/lib'
CIS_CHECKS_DIR="/opt/cis-hardening/bin/hardening"
CIS_CONF_DIR='/opt/cis-hardening/etc'
CIS_TMP_DIR='/opt/cis-hardening/tmp'
i ve managed to deploy this script but somehow it throwed this, still not completely implemented, could you plz advise if any specific version that you run this sucessfully?
################### SUMMARY ###################
Total Available Checks : 244
Total Runned Checks : 244
Total Passed Checks : [ 102/244 ]
Total Failed Checks : [ 142/244 ]
Enabled Checks Percentage : 100.00 %
Conformity Percentage : 41.80 %
root@iZuf6cglljo3mucb6qbom5Z:~/debian-cis/bin#
cat /etc/os-release
PRETTY_NAME="Ubuntu 22.04.3 LTS"
NAME="Ubuntu"
VERSION_ID="22.04"
VERSION="22.04.3 LTS (Jammy Jellyfish)"
VERSION_CODENAME=jammy
ID=ubuntu
ID_LIKE=debian
HOME_URL=https://www.ubuntu.com/
SUPPORT_URL=https://help.ubuntu.com/
BUG_REPORT_URL=https://bugs.launchpad.net/ubuntu/
PRIVACY_POLICY_URL=https://www.ubuntu.com/legal/terms-and-policies/privacy-policy
UBUNTU_CODENAME=jammy
Hello and welcome !
"i ve managed to deploy this script but somehow it throwed this, still not completely implemented, could you plz advise if any specific version that you run this sucessfully?"
What do you mean by that ?
################### SUMMARY ###################
Total Available Checks : 244
Total Runned Checks : 244
Total Passed Checks : [ 102/244 ]
Total Failed Checks : [ 142/244 ]
Enabled Checks Percentage : 100.00 %
Conformity Percentage : 41.80 %
What command have you run on your machine to obtain such a result ?
Debian CIS is first and foremost and audit tool, remediation is proposed whenever it's safe/doable to do so. In some cases (such as kernel options) we do not propose a remediation since it's too dangerous for your system.
I'm not sure to answer your questions fully, so do not hesitate to ask if something is not clear
Cheers,
Thibault
Hello and welcome !
"i ve managed to deploy this script but somehow it throwed this, still not completely implemented, could you plz advise if any specific version that you run this sucessfully?"
What do you mean by that ?
################### SUMMARY ################### Total Available Checks : 244 Total Runned Checks : 244 Total Passed Checks : [ 102/244 ] Total Failed Checks : [ 142/244 ] Enabled Checks Percentage : 100.00 % Conformity Percentage : 41.80 %
What command have you run on your machine to obtain such a result ?
Debian CIS is first and foremost and audit tool, remediation is proposed whenever it's safe/doable to do so. In some cases (such as kernel options) we do not propose a remediation since it's too dangerous for your system.
I'm not sure to answer your questions fully, so do not hesitate to ask if something is not clear
Cheers,
Thibault
thank you for the prompt response, we love this script but we are gonna deploy this into Ubuntu. it somehow partially supported and do you have any guidance for us to implement this script over Ubuntu 22 or 20 system?
Ubuntu is a Debian based OS, most of the checks will be relevant.
What do you mean by partially supported ? do you have specific examples ?
no news, closing