emily/atap
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
atap/ATAPAuditor/Helpers/ShellScripts/common/6.3.3.3.sh
T
emily 404ee3fec4 a
2026-05-11 09:15:08 +02:00

19 lines
581 B
Bash
Raw Permalink Blame History

#!/usr/bin/env bash
SUDO_LOG_FILE=$(grep -r logfile /etc/sudoers* | grep -v "/etc/sudoers.bak" | sed -e 's/.*logfile=//;s/,? .*//' -e 's/"//g')
if [ -n "$SUDO_LOG_FILE" ]; then
on_disk=$(grep -E "^\s*-w\s+$SUDO_LOG_FILE\s+-p\s+wa" /etc/audit/rules.d/*.rules)
loaded=$(auditctl -l | grep -E "^\s*-w\s+$SUDO_LOG_FILE\s+-p\s+wa")
if [[ -n "$on_disk" && -n "$loaded" ]]; then
echo "Audit rules are correctly set."
exit 0
else
echo "ERROR: Audit rules are NOT correctly set or loaded."
exit 1
fi
else
echo "ERROR: Variable 'SUDO_LOG_FILE' is unset or empty."
exit 1
fi
Reference in New Issue View Git Blame Copy Permalink