Added a shebang to generated bash remediations.

matejak · matejak · commit 561509c40c01 · 2019-09-03T15:15:53.000+02:00
diff --git a/src/XCCDF_POLICY/xccdf_policy_remediate.c b/src/XCCDF_POLICY/xccdf_policy_remediate.c
@@ -808,6 +808,7 @@ static int _write_script_header_to_fd(struct xccdf_policy *policy, struct xccdf_
 	const char *format = sys != NULL ? sys : "";
 	const char *template = sys != NULL ? " --template " : "";
 	const char *remediation_type = ansible_script ? "Ansible Playbook" : "Bash Remediation Script";
+	const char *shebang_with_newline = ansible_script ? "" : "#!/bin/bash\n";
 
 	char *fix_header;
 
@@ -857,6 +858,7 @@ static int _write_script_header_to_fd(struct xccdf_policy *policy, struct xccdf_
 		}
 
 		fix_header = oscap_sprintf(
+			"%s"
 			"###############################################################################\n"
 			"#\n"
 			"# %s for %s\n"
@@ -879,7 +881,7 @@ static int _write_script_header_to_fd(struct xccdf_policy *policy, struct xccdf_
 			"%s\n"
 			"#\n"
 			"###############################################################################\n\n",
-			remediation_type, profile_title,
+			shebang_with_newline, remediation_type, profile_title,
 			profile_description != NULL ? profile_description : "Not available",
 			profile_id, benchmark_id, benchmark_version_info, xccdf_version_name,
 			oscap_version, profile_id, template, format, remediation_type,
@@ -897,6 +899,7 @@ static int _write_script_header_to_fd(struct xccdf_policy *policy, struct xccdf_
 		const char *xccdf_version_name = xccdf_version_info_get_version(xccdf_version);
 
 		fix_header = oscap_sprintf(
+			"%s"
 			"###############################################################################\n"
 			"#\n"
 			"# %s generated from evaluation of %s\n"
@@ -915,7 +918,7 @@ static int _write_script_header_to_fd(struct xccdf_policy *policy, struct xccdf_
 			"%s\n"
 			"#\n"
 			"###############################################################################\n\n",
-			remediation_type, profile_title, profile_id, xccdf_version_name,
+			shebang_with_newline, remediation_type, profile_title, profile_id, xccdf_version_name,
 			start_time != NULL ? start_time : "Unknown", end_time, oscap_version,
 			result_id, template, format, remediation_type, remediation_type, how_to_apply
 		);
diff --git a/tests/API/XCCDF/fix/all.sh b/tests/API/XCCDF/fix/all.sh
@@ -14,18 +14,20 @@ function test_generate_fix {
 
     # grep to strip out whitespace and comments
     # `tail -n +2` to skip the first line with progress reporting
-    local GENERATED_FIX=$($OSCAP xccdf generate fix --result-id "$TESTRESULT_ID" "$INPUT" | grep -v -E "^([\t ]*|[\t ]*#.*)$" | tail -n +2)
+    local GENERATED_FIX RELEVANT_FIX_CONTENTS
+    GENERATED_FIX=$($OSCAP xccdf generate fix --result-id "$TESTRESULT_ID" "$INPUT")
+    RELEVANT_FIX_CONTENTS=$(grep -v -E "^([\t ]*|[\t ]*#.*)$" <<< "$GENERATED_FIX" | tail -n +2)
     if [ "$?" != "0" ]; then
         return 1
     fi
     echo "$GENERATED_FIX"
 
-    if [ "$GENERATED_FIX" == "$EXPECTED_FIX" ]; then
+    if [ "$RELEVANT_FIX_CONTENTS" == "$EXPECTED_FIX" ]; then
         return 0
     fi
 
     echo "Generated fix doesn't match expected fix!"
-    echo "'$GENERATED_FIX' != '$EXPECTED_FIX'"
+    echo "'$RELEVANT_FIX_CONTENTS' != '$EXPECTED_FIX'"
 
     return 1
 }
