aboutsummaryrefslogtreecommitdiffstats
path: root/init-sh
diff options
context:
space:
mode:
Diffstat (limited to 'init-sh')
-rwxr-xr-xinit-sh/custom.sh2
-rwxr-xr-xinit-sh/level1.sh6
-rwxr-xr-xinit-sh/level2.sh4
-rwxr-xr-xinit-sh/level3.sh4
-rwxr-xr-xinit-sh/level4.sh4
-rwxr-xr-xinit-sh/level5.sh4
-rw-r--r--init-sh/lib.sh1
7 files changed, 23 insertions, 2 deletions
diff --git a/init-sh/custom.sh b/init-sh/custom.sh
index eac0cc8..feb5fdc 100755
--- a/init-sh/custom.sh
+++ b/init-sh/custom.sh
@@ -65,7 +65,7 @@ fi
echo "Do you want your system to daily check Writable file change ?"
WaitAnswer; clear
if [ ${answer} == "yes" ]; then
- AddRules "CHECK_WRITABLE=yes" /etc/security/msec/security.conf
+ AddRules "CHECK_WRITEABLE=yes" /etc/security/msec/security.conf
AddRules "0 0-23 * * * root nice --adjustment=+19 /etc/security/msec/cron-sh/file_check.sh" /etc/crontab
fi
###
diff --git a/init-sh/level1.sh b/init-sh/level1.sh
index dba9f55..b652fc6 100755
--- a/init-sh/level1.sh
+++ b/init-sh/level1.sh
@@ -22,6 +22,10 @@ AddRules "tty6" /etc/securetty
# Security check
echo "Updating file check variable : "
+echo -e "\t- Check security : yes."
+ AddRules "CHECK_SECURITY=yes" /etc/security/msec/security.conf quiet
+echo -e "\t- Check important permissions : no."
+ AddRules "CHECK_PERMS=no" /etc/security/msec/security.conf quiet
echo -e "\t- Check suid root file : no."
AddRules "CHECK_SUID_ROOT=no" /etc/security/msec/security.conf quiet
echo -e "\t- Check suid root file integrity (backdoor check) : no."
@@ -29,7 +33,7 @@ echo -e "\t- Check suid root file integrity (backdoor check) : no."
echo -e "\t- Check suid group file : no."
AddRules "CHECK_SUID_GROUP=no" /etc/security/msec/security.conf quiet
echo -e "\t- Check world writable file : no."
- AddRules "CHECK_WRITABLE=no" /etc/security/msec/security.conf quiet
+ AddRules "CHECK_WRITEABLE=no" /etc/security/msec/security.conf quiet
echo -e "\t- Check unowned file : no."
AddRules "CHECK_UNOWNED=no" /etc/security/msec/security.conf quiet
echo -e "\t- Check promiscuous mode : no."
diff --git a/init-sh/level2.sh b/init-sh/level2.sh
index 37bfa93..b5e9706 100755
--- a/init-sh/level2.sh
+++ b/init-sh/level2.sh
@@ -22,6 +22,10 @@ AddRules "tty6" /etc/securetty
# Security check
echo "Updating file check variable : "
+echo -e "\t- Check security : yes."
+ AddRules "CHECK_SECURITY=yes" /etc/security/msec/security.conf quiet
+echo -e "\t- Check important permissions : no."
+ AddRules "CHECK_PERMS=no" /etc/security/msec/security.conf quiet
echo -e "\t- Check suid root file : yes."
AddRules "CHECK_SUID_ROOT=yes" /etc/security/msec/security.conf quiet
echo -e "\t- Check suid root file integrity (backdoor check) : yes."
diff --git a/init-sh/level3.sh b/init-sh/level3.sh
index 5a84b40..39213a4 100755
--- a/init-sh/level3.sh
+++ b/init-sh/level3.sh
@@ -26,6 +26,10 @@ AddRules "tty6" /etc/securetty quiet
# Security check
echo "Updating file check variable : "
+echo -e "\t- Check security : yes."
+ AddRules "CHECK_SECURITY=yes" /etc/security/msec/security.conf quiet
+echo -e "\t- Check important permissions : yes."
+ AddRules "CHECK_PERMS=yes" /etc/security/msec/security.conf quiet
echo -e "\t- Check suid root file : yes."
AddRules "CHECK_SUID_ROOT=yes" /etc/security/msec/security.conf quiet
echo -e "\t- Check suid root file integrity (backdoor check) : yes."
diff --git a/init-sh/level4.sh b/init-sh/level4.sh
index c85b8bb..fac55b6 100755
--- a/init-sh/level4.sh
+++ b/init-sh/level4.sh
@@ -36,6 +36,10 @@ AddRules "tty6" /etc/securetty
# Security check
echo "Updating file check variable : "
+echo -e "\t- Check security : yes."
+ AddRules "CHECK_SECURITY=yes" /etc/security/msec/security.conf quiet
+echo -e "\t- Check important permissions : yes."
+ AddRules "CHECK_PERMS=yes" /etc/security/msec/security.conf quiet
echo -e "\t- Check suid root file : yes."
AddRules "CHECK_SUID_ROOT=yes" /etc/security/msec/security.conf quiet
echo -e "\t- Check suid root file integrity (backdoor check) : yes."
diff --git a/init-sh/level5.sh b/init-sh/level5.sh
index 3a81faa..5804654 100755
--- a/init-sh/level5.sh
+++ b/init-sh/level5.sh
@@ -27,6 +27,10 @@ echo -e "done.\n\n"
# Security check
echo "Updating file check variable : "
+echo -e "\t- Check security : yes."
+ AddRules "CHECK_SECURITY=yes" /etc/security/msec/security.conf quiet
+echo -e "\t- Check important permissions : yes."
+ AddRules "CHECK_PERMS=yes" /etc/security/msec/security.conf quiet
echo -e "\t- Check suid root file : yes."
AddRules "CHECK_SUID_ROOT=yes" /etc/security/msec/security.conf quiet
echo -e "\t- Check suid root file integrity (backdoor check) : yes."
diff --git a/init-sh/lib.sh b/init-sh/lib.sh
index 47bbcec..971a228 100644
--- a/init-sh/lib.sh
+++ b/init-sh/lib.sh
@@ -174,6 +174,7 @@ echo "Setting spoofing protection : "
AddRules "echo 1 > /proc/sys/net/ipv4/conf/all/rp_filter" /etc/rc.d/rc.firewall
# default group which must exist on the system
+groupadd nogroup >& /dev/null
groupadd audio >& /dev/null
groupadd xgrp >& /dev/null
usermod -G xgrp xfs