Grub check issue

Question

Grub check issue

Lejooohn opened this issue 4 years ago · 1 comments

Hi !

Today i have some trouble with two scripts :

4.1.1.3_audit_bootloader.sh
4.1.1.4_audit_backlog_limit.sh

I have made the require changes and the scripts still doesn't see it :

 ~/debian-cis/etc/conf.d # cat /etc/default/grub |grep "GRUB_CMDLINE_LINUX="
GRUB_CMDLINE_LINUX="net.iframes=0 biosdevname=0 audit=1 audit_backlog_limit=8192 apparmor=1 security=apparmor"

~/debian-cis/etc/conf.d # /root/debian-cis/bin/hardening/4.1.1.3_audit_bootloader.sh --audit
4.1.1.3_audit_bootloader  [INFO] Working on 4.1.1.3_audit_bootloader
4.1.1.3_audit_bootloader  [INFO] [DESCRIPTION] Enable auditing for processes that start prior to auditd.
4.1.1.3_audit_bootloader  [INFO] Checking Configuration
4.1.1.3_audit_bootloader  [INFO] Performing audit
4.1.1.3_audit_bootloader  [ OK ] /etc/default/grub exists, checking configuration
4.1.1.3_audit_bootloader  [ KO ] ^GRUB_CMDLINE_LINUX="audit=1" is not present in /etc/default/grub
4.1.1.3_audit_bootloader  [ KO ] Check Failed

~/debian-cis/etc/conf.d # /root/debian-cis/bin/hardening/4.1.1.4_audit_backlog_limit.sh --audit
4.1.1.4_audit_backlog_lim [INFO] Working on 4.1.1.4_audit_backlog_limit
4.1.1.4_audit_backlog_lim [INFO] [DESCRIPTION] Configure audit_backlog_limit to be sufficient.
4.1.1.4_audit_backlog_lim [INFO] Checking Configuration
4.1.1.4_audit_backlog_lim [INFO] Performing audit
4.1.1.4_audit_backlog_lim [ OK ] /etc/default/grub exists, checking configuration
4.1.1.4_audit_backlog_lim [ KO ] ^GRUB_CMDLINE_LINUX="audit

Thanks for you help !

Answer 1 · 2021-02-16T14:48:29.000Z

It seems like a bug... Thanks for reporting, I'll check the sooner I can.