Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bash Remediations #2494

Closed
cpellitt opened this issue Dec 15, 2017 · 3 comments
Closed

Bash Remediations #2494

cpellitt opened this issue Dec 15, 2017 · 3 comments
Labels
Bash Bash remediation update.
Milestone
Backlog

Comments

@cpellitt
Copy link

I have a large collection of bash scripts that were created to be used with the SSG Disa STIG profile. Some scripts were modified from what is currently is in the SSG, and others are entirely new. I am uploading all of them, in case any are helpful for further SSG development.

bash_fixes.tar.gz

All the scripts use SSG rule names, and work without modification if copied into the appropriate fix directories.
redhatrises added a commit to redhatrises/scap-security-guide that referenced this issue Jan 12, 2018
@redhatrises
Add some of the missing BASH remediations
b41ef63 
- Scripts initially provided in ComplianceAsCode#2494
@redhatrises redhatrises mentioned this issue Jan 12, 2018
Merged
redhatrises added a commit to redhatrises/scap-security-guide that referenced this issue Jan 16, 2018
@redhatrises
Add some of the missing BASH remediations
8371493 
- Scripts initially provided in ComplianceAsCode#2494
redhatrises added a commit to redhatrises/scap-security-guide that referenced this issue Jan 16, 2018
@redhatrises
Add some of the missing BASH remediations
5f32969 
- Scripts initially provided in ComplianceAsCode#2494
@redhatrises redhatrises added this to the Backlog milestone Oct 1, 2018
@jan-cerny
Copy link
Collaborator

@cpellitt thank you very much. Could you please make a pull request instead?

@jan-cerny jan-cerny added Bash Bash remediation update. and removed backlog labels Apr 18, 2019
@cpellitt
Copy link
Author

I have never done a pull request before, so I am not familiar with process. I submitted one as a test:
#4291

If that works out, I might be able to do some more, but I don't have a lot of time to work on this.

I maintain my own bash scripts, but I do have a few things I do differently, which I am not sure how well would merge.

I create a backup of every file that is modified. None of the existing scripts do that, so I am not sure if it is a welcome change.

I add comments to configuration files with the matching STIG ID. Some of the existing scripts use the CCE ID, which makes sense because it is not specific to a certain profile, but I still prefer the STIG ID for my own purposes. There might be a way to substitute the ID based on the profile used, but this seems like a non-trivial task.

@ggbecker
Copy link
Member

ggbecker commented Oct 1, 2020

I don't see any open discussions here since #4291 has been fully addressed and the original topic has been addressed in #2538. Closing it. Feel free to reopen if needed.

@ggbecker ggbecker closed this as completed Oct 1, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Bash Bash remediation update.
Projects
None yet
Milestone
Backlog
Development

No branches or pull requests
4 participants
@redhatrises @jan-cerny @ggbecker @cpellitt