evolix/evocheck
evolix/evocheck
21
2
Fork 2
Code Issues 48 Pull requests 5 Releases 37 Wiki Activity

fix grep in IS_TMPNOEXEC

Browse source
This commit is contained in:
Jérémy Lecour 2019-11-06 07:43:43 +01:00
parent 92dd7d4f26
commit 905ef88c49
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
evocheck.sh
View file

@ -255,9 +255,9 @@ check_tmpnoexec() {
FINDMNT_BIN=$(command -v findmnt)
if [ -x ${FINDMNT_BIN} ]; then
options=$(${FINDMNT_BIN} --noheadings --first-only --output OPTIONS /tmp)
grep -qE "\bnoexec\b" ${options} || failed "IS_TMPNOEXEC" "/tmp is not mounted with 'noexec'"
echo "${options}" | grep -qE "\bnoexec\b" || failed "IS_TMPNOEXEC" "/tmp is not mounted with 'noexec'"
else
mount | grep "on /tmp" | grep -q noexec || failed "IS_TMPNOEXEC" "/tmp is not mounted with 'noexec' (WARNING: findmnt(8) is not found)"
mount | grep "on /tmp" | grep -qE "\bnoexec\b" || failed "IS_TMPNOEXEC" "/tmp is not mounted with 'noexec' (WARNING: findmnt(8) is not found)"
fi
}
check_mountfstab() {