forked from evolix/evocheck
Fixed check_sshpermitrootno to check real configuration
This commit is contained in:
parent
b8496e754d
commit
18c531325d
|
@ -7,6 +7,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
||||||
|
|
||||||
## [Unreleased]
|
## [Unreleased]
|
||||||
|
|
||||||
|
### Fixed
|
||||||
|
|
||||||
|
- Fixed check_sshpermitrootno to check real configuration
|
||||||
|
|
||||||
## [22.06] - 2022-06-16
|
## [22.06] - 2022-06-16
|
||||||
|
|
||||||
### Changed
|
### Changed
|
||||||
|
|
|
@ -248,9 +248,8 @@ check_usrsharescripts(){
|
||||||
test "$expected" = "$actual" || failed "IS_USRSHARESCRIPTS" "/usr/share/scripts must be 700"
|
test "$expected" = "$actual" || failed "IS_USRSHARESCRIPTS" "/usr/share/scripts must be 700"
|
||||||
}
|
}
|
||||||
check_sshpermitrootno() {
|
check_sshpermitrootno() {
|
||||||
if grep -q "^PermitRoot" /etc/ssh/sshd_config; then
|
if ! (sshd -T -C addr=,user=,host=,laddr=,lport=0,rdomain= | grep -q 'permitrootlogin no'); then
|
||||||
grep -E -qi "PermitRoot.*no" /etc/ssh/sshd_config \
|
failed "IS_SSHPERMITROOTNO" "PermitRoot should be set to no"
|
||||||
|| failed "IS_SSHPERMITROOTNO" "PermitRoot should be set at no"
|
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
check_evomaintenanceusers(){
|
check_evomaintenanceusers(){
|
||||||
|
|
Loading…
Reference in a new issue