baco/born2beroot
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

2021-11-08 23:21:10

Browse Source
This commit is contained in:
gbaconni
2021-11-08 23:21:10 +01:00
parent 54f0a51ae2
commit 74278a199b
1 changed files with 9 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
test.sh
View File

@@ -50,26 +50,6 @@ main ()
ssh_clean ssh_clean
if ssh_exec ${port} ${login} ${pass} chage -l root | grep -q -i -E '^Maximum number of days between password change.*\: 30' \
&& ssh_exec ${port} ${login} ${pass} chage -l root | grep -q -i -E '^Minimum number of days between password change.*\: 2' \
&& ssh_exec ${port} ${login} ${pass} chage -l root | grep -q -i -E '^Number of days of warning before password expires.*\: 7'
then
echo "OK: Password expiration for root is correct"
else
echo "KO: Password expiration for root is wrong"
fi
return 0
if ssh_exec ${port} ${login} ${pass} cat /etc/security/pwquality.conf | grep -q -i -E '^PASS_MAX_DAYS.*\t30' \
&& ssh_exec ${port} ${login} ${pass} cat /etc/security/pwquality.conf | grep -q -i -E '^PASS_MIN_DAYS.*\t2' \
&& ssh_exec ${port} ${login} ${pass} cat /etc/security/pwquality.conf | grep -q -i -E '^PASS_WARN_AGE.*\t7'
then
echo "OK: Expiration policy via pwquality is correct"
else
echo "KO: Expiration policy via pwquality is wrong"
fi
if ssh_exec ${port} ${login} ${pass} hostname -s | grep -q "^${login}42" if ssh_exec ${port} ${login} ${pass} hostname -s | grep -q "^${login}42"
then then
echo "OK: Hostname is ${login}42" echo "OK: Hostname is ${login}42"
@@ -152,6 +132,15 @@ main ()
echo "KO: Password expiration for ${login} is wrong" echo "KO: Password expiration for ${login} is wrong"
fi fi
if ssh_sudo ${port} ${login} ${pass} chage -l root | grep -q -i -E '^Maximum number of days between password change.*\: 31' \
&& ssh_sudo ${port} ${login} ${pass} chage -l root | grep -q -i -E '^Minimum number of days between password change.*\: 2' \
&& ssh_sudo ${port} ${login} ${pass} chage -l root | grep -q -i -E '^Number of days of warning before password expires.*\: 7'
then
echo "OK: Password expiration for root is correct"
else
echo "KO: Password expiration for root is wrong"
fi
if ssh_exec ${port} ${login} ${pass} cat /etc/login.defs | grep -q -i -E '^PASS_MAX_DAYS.*\t30' \ if ssh_exec ${port} ${login} ${pass} cat /etc/login.defs | grep -q -i -E '^PASS_MAX_DAYS.*\t30' \
&& ssh_exec ${port} ${login} ${pass} cat /etc/login.defs | grep -q -i -E '^PASS_MIN_DAYS.*\t2' \ && ssh_exec ${port} ${login} ${pass} cat /etc/login.defs | grep -q -i -E '^PASS_MIN_DAYS.*\t2' \
&& ssh_exec ${port} ${login} ${pass} cat /etc/login.defs | grep -q -i -E '^PASS_WARN_AGE.*\t7' && ssh_exec ${port} ${login} ${pass} cat /etc/login.defs | grep -q -i -E '^PASS_WARN_AGE.*\t7'