Open
Description
4.4_logrotate_permissions [INFO] Working on 4.4_logrotate_permissions
4.4_logrotate_permissions [INFO] [DESCRIPTION] Configure logrotate to assign appropriate permissions.
4.4_logrotate_permissions [INFO] Checking Configuration
4.4_logrotate_permissions [INFO] Performing audit
4.4_logrotate_permissions [ OK ] Logrotate permissions are well configured
4.4_logrotate_permissions [INFO] Applying Hardening
4.4_logrotate_permissions [ KO ] Check failed with unexpected exit code: 1the return code of grep is 1 if there is no match but "set -e" take exit 1 as an error
Code fix :
--- 4.4_logrotate_permissions.sh.bak 2025-02-27 16:06:03.344288888 +0100
+++ 4.4_logrotate_permissions.sh 2025-02-27 16:06:58.336291461 +0100
@@ -18,7 +18,7 @@
DESCRIPTION="Configure logrotate to assign appropriate permissions."
FILE="/etc/logrotate.conf"
-PATTERN="^\s*create\s+\S+"
+PATTERN="^[[:space:]]*create[[:space:]]+[^[:space:]]+"
PERMISSIONS=0640
# This function will be called if the script status is on enabled / audit mode
@@ -42,7 +42,7 @@
warn "Logrotate permissions are not configured, fixing it"
add_end_of_file "$FILE" "create $PERMISSIONS root utmp"
else
- RESULT=$(grep -E "$PATTERN" "$FILE" | grep -E -v "\s(0)?[0-6][04]0\s")
+ RESULT=$(awk -v pattern="$PATTERN" '$0 ~ pattern && !/\s(0)?[0-6][04]0\s/' "$FILE")
if [[ -n "$RESULT" ]]; then
warn "Logrotate permissions are not set to $PERMISSIONS, fixing it"
d_IFS=$IFS
Server : Debian 12
Metadata
Metadata
Assignees
Labels
No labels