예제 #1
0
def run_os_checks():
    log("Starting OS hardening checks.", level=DEBUG)
    checks = apt.get_audits()
    checks.extend(limits.get_audits())
    checks.extend(login.get_audits())
    checks.extend(minimize_access.get_audits())
    checks.extend(pam.get_audits())
    checks.extend(profile.get_audits())
    checks.extend(securetty.get_audits())
    checks.extend(suid_sgid.get_audits())
    checks.extend(sysctl.get_audits())

    for check in checks:
        log("Running '%s' check" % (check.__class__.__name__), level=DEBUG)
        check.ensure_compliance()

    log("OS hardening checks complete.", level=DEBUG)
예제 #2
0
def run_os_checks():
    log("Starting OS hardening checks.", level=DEBUG)
    checks = apt.get_audits()
    checks.extend(limits.get_audits())
    checks.extend(login.get_audits())
    checks.extend(minimize_access.get_audits())
    checks.extend(pam.get_audits())
    checks.extend(profile.get_audits())
    checks.extend(securetty.get_audits())
    checks.extend(suid_sgid.get_audits())
    checks.extend(sysctl.get_audits())

    for check in checks:
        log("Running '%s' check" % (check.__class__.__name__), level=DEBUG)
        check.ensure_compliance()

    log("OS hardening checks complete.", level=DEBUG)
예제 #3
0
 def test_ssh_tmout_enabled(self):
     audits = profile.get_audits()
     self.assertEqual(1, len(audits))
     self.assertTrue(isinstance(audits[0], profile.TemplatedFile))
예제 #4
0
 def test_ssh_tmout_disabled(self):
     audits = profile.get_audits()
     self.assertEqual(0, len(audits))
예제 #5
0
 def test_core_dump_enabled(self):
     audits = profile.get_audits()
     self.assertEqual(0, len(audits))
예제 #6
0
 def test_core_dump_disabled(self):
     audits = profile.get_audits()
     self.assertEqual(1, len(audits))
     self.assertTrue(isinstance(audits[0], profile.TemplatedFile))