|
1 | 1 | # shellcheck shell=bash |
2 | 2 | # run-shellcheck |
3 | 3 |
|
| 4 | +SCRIPT_FULL_PATH=$(realpath -s "$0") |
4 | 5 | LONG_SCRIPT_NAME=$(basename "$0") |
5 | 6 | SCRIPT_NAME=${LONG_SCRIPT_NAME%.sh} |
6 | 7 | # Variable initialization, to avoid crash |
|
71 | 72 | info "Working on $SCRIPT_NAME" |
72 | 73 | info "[DESCRIPTION] $DESCRIPTION" |
73 | 74 |
|
| 75 | +# check if the script is a link |
| 76 | +# if a file, script is executed from "bin/hardening", create a cfg file (if not already exists) |
| 77 | +# if a link, script is executed from "version"/X", create a link, or update it if already exits |
| 78 | +if [ -L "${SCRIPT_FULL_PATH}" ] ; then |
| 79 | + # script is a link |
| 80 | + script_real_path=$(readlink -f "${SCRIPT_FULL_PATH}") |
| 81 | + script_real_name=$(basename "$script_real_path") |
| 82 | + cfg_file=$(basename -s .sh "$script_real_path").cfg |
| 83 | + cfg_link="$SCRIPT_NAME".cfg |
| 84 | +else |
| 85 | + # script is a file |
| 86 | + script_real_name=$LONG_SCRIPT_NAME |
| 87 | + cfg_file="$SCRIPT_NAME".cfg |
| 88 | + cfg_link="" |
| 89 | +fi |
| 90 | + |
74 | 91 | # Source specific configuration file |
75 | | -if ! [ -r "${CIS_CONF_DIR}"/conf.d/"$SCRIPT_NAME".cfg ]; then |
| 92 | +if ! [ -r "${CIS_CONF_DIR}"/conf.d/"$cfg_file" ]; then |
76 | 93 | # If it doesn't exist, create it with default values |
77 | | - echo "# Configuration for $SCRIPT_NAME, created from default values on $(date)" >"${CIS_CONF_DIR}"/conf.d/"$SCRIPT_NAME".cfg |
| 94 | + echo "# Configuration for $script_real_name, created from default values on $(date)" >"${CIS_CONF_DIR}"/conf.d/"$cfg_file" |
78 | 95 | # If create_config is a defined function, execute it. |
79 | 96 | # Otherwise, just disable the test by default. |
80 | 97 | if type -t create_config | grep -qw function; then |
81 | | - create_config >>"${CIS_CONF_DIR}"/conf.d/"$SCRIPT_NAME".cfg |
| 98 | + create_config >>"${CIS_CONF_DIR}"/conf.d/"$cfg_file" |
82 | 99 | else |
83 | | - echo "status=audit" >>"${CIS_CONF_DIR}"/conf.d/"$SCRIPT_NAME".cfg |
| 100 | + echo "status=audit" >>"${CIS_CONF_DIR}"/conf.d/"$cfg_file" |
84 | 101 | fi |
| 102 | +fi |
85 | 103 |
|
| 104 | +if [ -n "$cfg_link" ] ; then |
| 105 | + if [ -f "${CIS_CONF_DIR}"/conf.d/"$cfg_link" ] ; then |
| 106 | + rm -f "${CIS_CONF_DIR}"/conf.d/"$cfg_link" |
| 107 | + fi |
| 108 | + ln -fs "${CIS_CONF_DIR}"/conf.d/"$cfg_file" "${CIS_CONF_DIR}"/conf.d/"$cfg_link" |
86 | 109 | fi |
87 | 110 |
|
88 | 111 | if [ "$forcedstatus" = "createconfig" ]; then |
|
0 commit comments