diff options
-rwxr-xr-x | init-sh/upgrade.sh | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/init-sh/upgrade.sh b/init-sh/upgrade.sh index 065174d..ceacb24 100755 --- a/init-sh/upgrade.sh +++ b/init-sh/upgrade.sh @@ -87,10 +87,18 @@ if [ -f /etc/security/msec/security.conf ]; then /etc/security/msec/security.conf # CHECK_RPM split into CHECK_RPM_PACKAGES and CHECK_RPM_INTEGRITY sed -i -e 's/CHECK_RPM=\(.*\)/CHECK_RPM_PACKAGES=\1\nCHECK_RPM_INTEGRITY=\1/g' /etc/security/msec/security.conf - # starting with 2010.1, each check can have a different periodicity + # starting with 2010.1, each periodic check can have a different periodicity # therefore, for the enabled tests we define their periodicity to 'daily' # to have the same behavior as on previous versions - sed -i -e 's/\(CHECK_.*\)=yes/\1=daily/g' /etc/security/msec/security.conf + CHECK_STRING="" + for z in PERMS USER_FILES SUID_ROOT SUID_MD5 SGID WRITABLE UNOWNED PROMISC OPEN_PORT FIREWALL PASSWD SHADOW CHKROOTKIT RPM_PACKAGES RPM_INTEGRITY SHOSTS USERS GROUPS; do + if [ -z "$CHECK_STRING" ]; then + CHECK_STRING=$z + else + CHECK_STRING="$CHECK_STRING\|$z" + fi + done + sed -i -e "s/\(CHECK_\($CHECK_STRING\)\)=yes/\1=daily/g" /etc/security/msec/security.conf # removing duplicated entries TEMPFILE=`mktemp /etc/security/msec/upgrade.XXXXXX` cat /etc/security/msec/security.conf | sort | uniq > $TEMPFILE 2>/dev/null && mv -f $TEMPFILE /etc/security/msec/security.conf |