rpms/scap-security-guide
7
0
Fork 0
Code Issues Pull Requests Releases Activity
c10135e851
scap-security-guide/scap-security-guide-0.1.65-stig_rhel8_sshd_disable_compression-PR_9798.patch

53 lines
2.3 KiB
Diff
Raw Blame History

From 93b9ab4f532710a8c063d7a71cbbeee26be2470b Mon Sep 17 00:00:00 2001
From: Watson Sato <wsato@redhat.com>
Date: Tue, 8 Nov 2022 18:01:17 +0100
Subject: [PATCH] Add test for param conflicts for SSH compression
---
.../tests/param_conflict.fail.sh | 13 +++++++++++++
.../tests/param_conflict_directory.fail.sh | 15 +++++++++++++++
2 files changed, 28 insertions(+)
create mode 100644 linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/tests/param_conflict.fail.sh
create mode 100644 linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/tests/param_conflict_directory.fail.sh
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/tests/param_conflict.fail.sh b/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/tests/param_conflict.fail.sh
new file mode 100644
index 00000000000..a631b3207bd
--- /dev/null
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/tests/param_conflict.fail.sh
@@ -0,0 +1,13 @@
+#!/bin/bash
+
+SSHD_PARAM="Compression"
+
+mkdir -p /etc/ssh/sshd_config.d
+touch /etc/ssh/sshd_config.d/nothing
+
+if grep -q "^\s*${SSHD_PARAM}" /etc/ssh/sshd_config /etc/ssh/sshd_config.d/* ; then
+ sed -i "/^\s*${SSHD_PARAM}.*/Id" /etc/ssh/sshd_config /etc/ssh/sshd_config.d/*
+fi
+
+echo "${SSHD_PARAM} no" >> /etc/ssh/sshd_config
+echo "${SSHD_PARAM} yes" >> /etc/ssh/sshd_config
diff --git a/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/tests/param_conflict_directory.fail.sh b/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/tests/param_conflict_directory.fail.sh
new file mode 100644
index 00000000000..f1c15c139c7
--- /dev/null
+++ b/linux_os/guide/services/ssh/ssh_server/sshd_disable_compression/tests/param_conflict_directory.fail.sh
@@ -0,0 +1,15 @@
+#!/bin/bash
+
+# platform = multi_platform_fedora,Red Hat Enterprise Linux 9
+
+SSHD_PARAM="Compression"
+
+mkdir -p /etc/ssh/sshd_config.d
+touch /etc/ssh/sshd_config.d/nothing
+
+if grep -q "^\s*${SSHD_PARAM}" /etc/ssh/sshd_config /etc/ssh/sshd_config.d/* ; then
+ sed -i "/^\s*${SSHD_PARAM}.*/Id" /etc/ssh/sshd_config /etc/ssh/sshd_config.d/*
+fi
+
+echo "${SSHD_PARAM} no" > /etc/ssh/sshd_config.d/good_config.conf
+echo "${SSHD_PARAM} yes" > /etc/ssh/sshd_config.d/bad_config.conf
Reference in New Issue View Git Blame Copy Permalink