Added check_root_user: make sure that root user does not have a password
This commit is contained in:
parent
3fcab1eeb3
commit
1281891363
|
@ -7,6 +7,12 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
||||||
|
|
||||||
## [Unreleased]
|
## [Unreleased]
|
||||||
|
|
||||||
|
## [22.04] - 2022-04-13
|
||||||
|
|
||||||
|
### Added
|
||||||
|
|
||||||
|
- Added check_root_user: make sure that root user does not have a password
|
||||||
|
|
||||||
## [22.03] - 2022-03-10
|
## [22.03] - 2022-03-10
|
||||||
|
|
||||||
### Added
|
### Added
|
||||||
|
|
|
@ -3,7 +3,7 @@
|
||||||
# EvoCheck
|
# EvoCheck
|
||||||
# Script to verify compliance of an OpenBSD server powered by Evolix
|
# Script to verify compliance of an OpenBSD server powered by Evolix
|
||||||
|
|
||||||
readonly VERSION="22.03"
|
readonly VERSION="22.04"
|
||||||
|
|
||||||
# base functions
|
# base functions
|
||||||
|
|
||||||
|
@ -484,6 +484,11 @@ check_versions() {
|
||||||
|
|
||||||
rm -f "${versions_file}"
|
rm -f "${versions_file}"
|
||||||
}
|
}
|
||||||
|
check_root_user() {
|
||||||
|
if [ "$(grep "^root:" /etc/master.passwd | awk -F":" '{print $2}')" != "*************" ]; then
|
||||||
|
failed "IS_ROOT_USER" "root user should not have a password ; replace the password field with 'vipw' for the root user with '*************' (exactly 13 asterisks) "
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
main() {
|
main() {
|
||||||
# Default return code : 0 = no error
|
# Default return code : 0 = no error
|
||||||
|
@ -533,6 +538,7 @@ main() {
|
||||||
test "${IS_BIND9MUNIN:=1}" = 1 && check_bind9munin
|
test "${IS_BIND9MUNIN:=1}" = 1 && check_bind9munin
|
||||||
test "${IS_EVOLIX_USER:=1}" = 1 && check_evolix_user
|
test "${IS_EVOLIX_USER:=1}" = 1 && check_evolix_user
|
||||||
test "${IS_VERSIONS_CHECK:=1}" = 1 && check_versions
|
test "${IS_VERSIONS_CHECK:=1}" = 1 && check_versions
|
||||||
|
test "${IS_ROOT_USER:=1}" = 1 && check_root_user
|
||||||
|
|
||||||
exit ${RC}
|
exit ${RC}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue