aboutsummaryrefslogtreecommitdiffstats
path: root/init-sh
diff options
context:
space:
mode:
Diffstat (limited to 'init-sh')
-rwxr-xr-xinit-sh/upgrade.sh12
1 files changed, 10 insertions, 2 deletions
diff --git a/init-sh/upgrade.sh b/init-sh/upgrade.sh
index 065174d..ceacb24 100755
--- a/init-sh/upgrade.sh
+++ b/init-sh/upgrade.sh
@@ -87,10 +87,18 @@ if [ -f /etc/security/msec/security.conf ]; then
/etc/security/msec/security.conf
# CHECK_RPM split into CHECK_RPM_PACKAGES and CHECK_RPM_INTEGRITY
sed -i -e 's/CHECK_RPM=\(.*\)/CHECK_RPM_PACKAGES=\1\nCHECK_RPM_INTEGRITY=\1/g' /etc/security/msec/security.conf
- # starting with 2010.1, each check can have a different periodicity
+ # starting with 2010.1, each periodic check can have a different periodicity
# therefore, for the enabled tests we define their periodicity to 'daily'
# to have the same behavior as on previous versions
- sed -i -e 's/\(CHECK_.*\)=yes/\1=daily/g' /etc/security/msec/security.conf
+ CHECK_STRING=""
+ for z in PERMS USER_FILES SUID_ROOT SUID_MD5 SGID WRITABLE UNOWNED PROMISC OPEN_PORT FIREWALL PASSWD SHADOW CHKROOTKIT RPM_PACKAGES RPM_INTEGRITY SHOSTS USERS GROUPS; do
+ if [ -z "$CHECK_STRING" ]; then
+ CHECK_STRING=$z
+ else
+ CHECK_STRING="$CHECK_STRING\|$z"
+ fi
+ done
+ sed -i -e "s/\(CHECK_\($CHECK_STRING\)\)=yes/\1=daily/g" /etc/security/msec/security.conf
# removing duplicated entries
TEMPFILE=`mktemp /etc/security/msec/upgrade.XXXXXX`
cat /etc/security/msec/security.conf | sort | uniq > $TEMPFILE 2>/dev/null && mv -f $TEMPFILE /etc/security/msec/security.conf