From 77f5ac60f009fafd2c3136e9f5f98d92d2f029f2 Mon Sep 17 00:00:00 2001 From: Markus Linnala Date: Wed, 10 May 2023 15:19:52 +0300 Subject: [PATCH 01/31] fix: mount_option_nodev_nonroot_local_partitions/tests: use mkdir -p --- .../tests/local_mounted_during_runtime.fail.sh | 2 +- .../tests/remote_without_nodev.pass.sh | 3 +-- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/linux_os/guide/system/permissions/partitions/mount_option_nodev_nonroot_local_partitions/tests/local_mounted_during_runtime.fail.sh b/linux_os/guide/system/permissions/partitions/mount_option_nodev_nonroot_local_partitions/tests/local_mounted_during_runtime.fail.sh index 84cadd6f73a..6f351bf309e 100644 --- a/linux_os/guide/system/permissions/partitions/mount_option_nodev_nonroot_local_partitions/tests/local_mounted_during_runtime.fail.sh +++ b/linux_os/guide/system/permissions/partitions/mount_option_nodev_nonroot_local_partitions/tests/local_mounted_during_runtime.fail.sh @@ -15,5 +15,5 @@ for partition in ${partitions[@]}; do done PARTITION="/dev/new_partition1"; create_partition -mkdir /tmp/test_dir +mkdir -p /tmp/test_dir mount $PARTITION /tmp/test_dir diff --git a/linux_os/guide/system/permissions/partitions/mount_option_nodev_nonroot_local_partitions/tests/remote_without_nodev.pass.sh b/linux_os/guide/system/permissions/partitions/mount_option_nodev_nonroot_local_partitions/tests/remote_without_nodev.pass.sh index a95410526ff..f31482cccb6 100644 --- a/linux_os/guide/system/permissions/partitions/mount_option_nodev_nonroot_local_partitions/tests/remote_without_nodev.pass.sh +++ b/linux_os/guide/system/permissions/partitions/mount_option_nodev_nonroot_local_partitions/tests/remote_without_nodev.pass.sh @@ -15,8 +15,7 @@ for partition in ${partitions[@]}; do mount -o remount "$partition" done -mkdir /tmp/testdir -mkdir /tmp/testmount +mkdir -p /tmp/testdir /tmp/testmount chown 2 /tmp/testdir chmod 777 /tmp/testdir From d1b9f19039214b24c094d670e943b42e54de8e6d Mon Sep 17 00:00:00 2001 From: Markus Linnala Date: Wed, 10 May 2023 15:21:13 +0300 Subject: [PATCH 02/31] fix: file_permissions_library_dirs/tests: use mkdir -p --- .../tests/dir_symlink_incorrect_dir_perm.pass.sh | 2 +- .../tests/dir_symlink_incorrect_file_perm.pass.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_library_dirs/tests/dir_symlink_incorrect_dir_perm.pass.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_library_dirs/tests/dir_symlink_incorrect_dir_perm.pass.sh index 1c40409bdb9..b3235bc25ca 100644 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_library_dirs/tests/dir_symlink_incorrect_dir_perm.pass.sh +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_library_dirs/tests/dir_symlink_incorrect_dir_perm.pass.sh @@ -9,7 +9,7 @@ chmod -R u-s,g-ws,o-wt /lib /lib64 /usr/lib /usr/lib64 # Let's setup a symlink to a directory,whose permissions are incompliant # Directory with incorrect perms -mkdir /home/user_test/directory +mkdir -p /home/user_test/directory chmod 0766 /home/user_test/directory # File with correct perms diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_library_dirs/tests/dir_symlink_incorrect_file_perm.pass.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_library_dirs/tests/dir_symlink_incorrect_file_perm.pass.sh index 64c0256e90e..26e0fbb6cbd 100644 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_library_dirs/tests/dir_symlink_incorrect_file_perm.pass.sh +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_permissions_library_dirs/tests/dir_symlink_incorrect_file_perm.pass.sh @@ -9,7 +9,7 @@ chmod -R u-s,g-ws,o-wt /lib /lib64 /usr/lib /usr/lib64 # Let's setup a symlink to a directory that contains an incomplient file # Directory with correct perms -mkdir /home/user_test/directory +mkdir -p /home/user_test/directory chmod 0755 /home/user_test/directory # File with incorrect perms From 3f8af084c96b93bf8c90387841620e732dc214a5 Mon Sep 17 00:00:00 2001 From: Markus Linnala Date: Wed, 10 May 2023 15:22:21 +0300 Subject: [PATCH 03/31] fix: usbguard_allow_hid_and_hub/tests: use mkdir -p --- .../tests/file_contains_only_whitespaces.fail.sh | 2 +- .../usbguard_allow_hid_and_hub/tests/file_empty.fail.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/linux_os/guide/services/usbguard/usbguard_allow_hid_and_hub/tests/file_contains_only_whitespaces.fail.sh b/linux_os/guide/services/usbguard/usbguard_allow_hid_and_hub/tests/file_contains_only_whitespaces.fail.sh index b7ac29dd9c0..14e9084e172 100644 --- a/linux_os/guide/services/usbguard/usbguard_allow_hid_and_hub/tests/file_contains_only_whitespaces.fail.sh +++ b/linux_os/guide/services/usbguard/usbguard_allow_hid_and_hub/tests/file_contains_only_whitespaces.fail.sh @@ -1,6 +1,6 @@ #!/bin/bash # +mkdir -p /etc/usbguard rm -f /etc/usbguard/rules.conf -mkdir /etc/usbguard echo -e " \t \n\t \n" > /etc/usbguard/rules.conf diff --git a/linux_os/guide/services/usbguard/usbguard_allow_hid_and_hub/tests/file_empty.fail.sh b/linux_os/guide/services/usbguard/usbguard_allow_hid_and_hub/tests/file_empty.fail.sh index b610ad99a38..4e0e11f8377 100644 --- a/linux_os/guide/services/usbguard/usbguard_allow_hid_and_hub/tests/file_empty.fail.sh +++ b/linux_os/guide/services/usbguard/usbguard_allow_hid_and_hub/tests/file_empty.fail.sh @@ -1,6 +1,6 @@ #!/bin/bash # +mkdir -p /etc/usbguard rm -f /etc/usbguard/rules.conf -mkdir /etc/usbguard touch /etc/usbguard/rules.conf From 65a3914dc1c8b90730f6e7b60a29ae69dc8aab8e Mon Sep 17 00:00:00 2001 From: Markus Linnala Date: Wed, 10 May 2023 15:22:53 +0300 Subject: [PATCH 04/31] fix: account_password_selinux_faillock_dir/tests: use mkdir -p --- .../tests/correct_value.pass.sh | 2 +- .../tests/correct_value_multiple_dirs.pass.sh | 2 +- .../tests/wrong_value.fail.sh | 2 +- .../tests/wrong_value_multiple_dirs.fail.sh | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_selinux_faillock_dir/tests/correct_value.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_selinux_faillock_dir/tests/correct_value.pass.sh index 152670b0e9f..80e51347df1 100644 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_selinux_faillock_dir/tests/correct_value.pass.sh +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_selinux_faillock_dir/tests/correct_value.pass.sh @@ -5,6 +5,6 @@ truncate -s 0 /etc/security/faillock.conf echo "dir=/var/log/faillock" > /etc/security/faillock.conf -mkdir /var/log/faillock +mkdir -p /var/log/faillock semanage fcontext -a -t faillog_t "/var/log/faillock(/.*)?" restorecon -R -v "/var/log/faillock" diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_selinux_faillock_dir/tests/correct_value_multiple_dirs.pass.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_selinux_faillock_dir/tests/correct_value_multiple_dirs.pass.sh index 1c2e4ae38ea..a619bfb92d9 100644 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_selinux_faillock_dir/tests/correct_value_multiple_dirs.pass.sh +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_selinux_faillock_dir/tests/correct_value_multiple_dirs.pass.sh @@ -6,7 +6,7 @@ truncate -s 0 /etc/security/faillock.conf echo "dir=/var/log/faillock" > /etc/security/faillock.conf echo "auth required pam_faillock.so dir=/var/log/faillock_admins" >> /etc/pam.d/system-auth -mkdir /var/log/faillock /var/log/faillock_admins +mkdir -p /var/log/faillock /var/log/faillock_admins semanage fcontext -a -t faillog_t "/var/log/faillock(/.*)?" semanage fcontext -a -t faillog_t "/var/log/faillock_admins(/.*)?" restorecon -R -v "/var/log/faillock" diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_selinux_faillock_dir/tests/wrong_value.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_selinux_faillock_dir/tests/wrong_value.fail.sh index e55dbed93eb..9addafe49bc 100644 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_selinux_faillock_dir/tests/wrong_value.fail.sh +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_selinux_faillock_dir/tests/wrong_value.fail.sh @@ -5,6 +5,6 @@ truncate -s 0 /etc/security/faillock.conf echo "dir=/var/log/faillock" > /etc/security/faillock.conf -mkdir /var/log/faillock +mkdir -p /var/log/faillock semanage fcontext -a -t tmp_t "/var/log/faillock(/.*)?" restorecon -R -v "/var/log/faillock" diff --git a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_selinux_faillock_dir/tests/wrong_value_multiple_dirs.fail.sh b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_selinux_faillock_dir/tests/wrong_value_multiple_dirs.fail.sh index 55b81ef2bae..06424b48693 100644 --- a/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_selinux_faillock_dir/tests/wrong_value_multiple_dirs.fail.sh +++ b/linux_os/guide/system/accounts/accounts-pam/locking_out_password_attempts/account_password_selinux_faillock_dir/tests/wrong_value_multiple_dirs.fail.sh @@ -6,7 +6,7 @@ truncate -s 0 /etc/security/faillock.conf echo "dir=/var/log/faillock" > /etc/security/faillock.conf echo "auth required pam_faillock.so dir=/var/log/faillock_admins" >> /etc/pam.d/system-auth -mkdir /var/log/faillock /var/log/faillock_admins +mkdir -p /var/log/faillock /var/log/faillock_admins semanage fcontext -a -t tmp_t "/var/log/faillock(/.*)?" semanage fcontext -a -t faillog_t "/var/log/faillock_admins(/.*)?" restorecon -R -v "/var/log/faillock" From 87b9f548a1991a976e5d4a01726f69044c6b64a7 Mon Sep 17 00:00:00 2001 From: Markus Linnala Date: Wed, 10 May 2023 15:24:59 +0300 Subject: [PATCH 05/31] fix: directory_group_ownership_var_log_audit/tests: use mkdir -p --- .../tests/correct_value_log_file.pass.sh | 3 +-- .../tests/wrong_value_log_file.fail.sh | 2 +- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/tests/correct_value_log_file.pass.sh b/linux_os/guide/system/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/tests/correct_value_log_file.pass.sh index b90e4df055d..3acf2098166 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/tests/correct_value_log_file.pass.sh +++ b/linux_os/guide/system/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/tests/correct_value_log_file.pass.sh @@ -1,13 +1,12 @@ #!/bin/bash # packages = audit - sed -i "/\s*log_group.*/d" /etc/audit/auditd.conf sed -i "/\s*log_file.*/d" /etc/audit/auditd.conf echo "log_group = root" >> /etc/audit/auditd.conf echo "log_file = /var/log/audit2/audit.log" >> /etc/audit/auditd.conf -mkdir /var/log/audit2 +mkdir -p /var/log/audit2 groupadd group_test chgrp root /var/log/audit2 diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/tests/wrong_value_log_file.fail.sh b/linux_os/guide/system/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/tests/wrong_value_log_file.fail.sh index 0c9720de92e..6f12a3da849 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/tests/wrong_value_log_file.fail.sh +++ b/linux_os/guide/system/auditing/auditd_configure_rules/directory_group_ownership_var_log_audit/tests/wrong_value_log_file.fail.sh @@ -6,7 +6,7 @@ sed -i "/\s*log_file.*/d" /etc/audit/auditd.conf echo "log_group = root" >> /etc/audit/auditd.conf echo "log_file = /var/log/audit2/audit.log" >> /etc/audit/auditd.conf -mkdir /var/log/audit2 +mkdir -p /var/log/audit2 groupadd group_test chgrp root /var/log/audit From fbeca62acac0babd58628f3824b6f3ea1af659d2 Mon Sep 17 00:00:00 2001 From: Markus Linnala Date: Wed, 10 May 2023 15:25:03 +0300 Subject: [PATCH 06/31] fix: rsyslog_remote_tls/tests: use mkdir -p --- .../tests/correct_singleline_include_file.pass.sh | 4 +--- .../tests/missing_option_include_file.fail.sh | 4 +--- 2 files changed, 2 insertions(+), 6 deletions(-) diff --git a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/tests/correct_singleline_include_file.pass.sh b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/tests/correct_singleline_include_file.pass.sh index 0a61610b448..10ce9ebfa22 100644 --- a/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/tests/correct_singleline_include_file.pass.sh +++ b/linux_os/guide/system/logging/rsyslog_sending_messages/rsyslog_remote_tls/tests/correct_singleline_include_file.pass.sh @@ -1,8 +1,6 @@ #!/bin/bash -if [ ! -d /etc/rsyslog.d/ ]; then - mkdir /etc/rsyslog.d -fi +mkdir -p /etc/rsyslog.d cat >> /etc/rsyslog.d/test.conf <> /etc/rsyslog.d/test.conf < Date: Wed, 10 May 2023 15:25:04 +0300 Subject: [PATCH 07/31] fix: dir_perms_world_writable_root_owned/tests: use mkdir -p --- .../tests/world_writable_dir_on_nonlocal_fs.fail.sh | 3 +-- .../tests/world_writable_dir_owned_by_uid_2.fail.sh | 3 +-- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/linux_os/guide/system/permissions/files/dir_perms_world_writable_root_owned/tests/world_writable_dir_on_nonlocal_fs.fail.sh b/linux_os/guide/system/permissions/files/dir_perms_world_writable_root_owned/tests/world_writable_dir_on_nonlocal_fs.fail.sh index 5fb77b9004d..d1c15ecef2a 100644 --- a/linux_os/guide/system/permissions/files/dir_perms_world_writable_root_owned/tests/world_writable_dir_on_nonlocal_fs.fail.sh +++ b/linux_os/guide/system/permissions/files/dir_perms_world_writable_root_owned/tests/world_writable_dir_on_nonlocal_fs.fail.sh @@ -1,8 +1,7 @@ #!/bin/bash # packages = nfs-utils -mkdir -p /tmp/testdir/testdir2 -mkdir /tmp/testmount +mkdir -p /tmp/testdir/testdir2 /tmp/testmount chown 2 /tmp/testdir/testdir2 chmod 777 /tmp/testdir/testdir2 diff --git a/linux_os/guide/system/permissions/files/dir_perms_world_writable_root_owned/tests/world_writable_dir_owned_by_uid_2.fail.sh b/linux_os/guide/system/permissions/files/dir_perms_world_writable_root_owned/tests/world_writable_dir_owned_by_uid_2.fail.sh index b9972c8bcd5..1edf1cd9cd7 100644 --- a/linux_os/guide/system/permissions/files/dir_perms_world_writable_root_owned/tests/world_writable_dir_owned_by_uid_2.fail.sh +++ b/linux_os/guide/system/permissions/files/dir_perms_world_writable_root_owned/tests/world_writable_dir_owned_by_uid_2.fail.sh @@ -1,6 +1,5 @@ #!/bin/bash - -mkdir /test +mkdir -p /test chown 2 /test chmod 777 /test From 0ef932a5032a133da48841175feef1d37b270e1e Mon Sep 17 00:00:00 2001 From: Markus Linnala Date: Wed, 10 May 2023 15:25:05 +0300 Subject: [PATCH 08/31] fix: dir_perms_world_writable_sticky_bits/tests: use mkdir -p --- .../tests/correct.pass.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/tests/correct.pass.sh b/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/tests/correct.pass.sh index 986be0d14fb..ca2c7cb821c 100644 --- a/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/tests/correct.pass.sh +++ b/linux_os/guide/system/permissions/files/dir_perms_world_writable_sticky_bits/tests/correct.pass.sh @@ -7,9 +7,9 @@ df --local -P | awk '{if (NR!=1) print $6}' \ -exec chmod a+t {} + # Create a new dir that has sticky bit but is not word-writable -mkdir /test_dir_1 +mkdir -p /test_dir_1 chmod 1770 /test_dir_1 # Create a new dir that is word-writable but doesn't have sticky bit -mkdir /test_dir_2 +mkdir -p /test_dir_2 chmod 0774 /test_dir_2 From d2357715d228be4ca0fcd0f7e9eaec3bf8d99f35 Mon Sep 17 00:00:00 2001 From: Markus Linnala Date: Wed, 10 May 2023 15:25:06 +0300 Subject: [PATCH 09/31] fix: dir_perms_world_writable_system_owned/tests: use mkdir -p --- .../tests/wrong_setting.fail.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/linux_os/guide/system/permissions/files/dir_perms_world_writable_system_owned/tests/wrong_setting.fail.sh b/linux_os/guide/system/permissions/files/dir_perms_world_writable_system_owned/tests/wrong_setting.fail.sh index 73560afae5b..4cfd49143bf 100644 --- a/linux_os/guide/system/permissions/files/dir_perms_world_writable_system_owned/tests/wrong_setting.fail.sh +++ b/linux_os/guide/system/permissions/files/dir_perms_world_writable_system_owned/tests/wrong_setting.fail.sh @@ -3,7 +3,7 @@ useradd testUser -mkdir testDir +mkdir -p testDir chown testUser testDir/ From e8a89d4678b591a613e94c4fdaf6ec75f881ffcd Mon Sep 17 00:00:00 2001 From: Markus Linnala Date: Wed, 10 May 2023 15:25:06 +0300 Subject: [PATCH 10/31] fix: dir_perms_world_writable_system_owned_group/tests: use mkdir -p --- .../tests/wrong_setting.fail.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/linux_os/guide/system/permissions/files/dir_perms_world_writable_system_owned_group/tests/wrong_setting.fail.sh b/linux_os/guide/system/permissions/files/dir_perms_world_writable_system_owned_group/tests/wrong_setting.fail.sh index a0cdc01a28a..decc91c054a 100644 --- a/linux_os/guide/system/permissions/files/dir_perms_world_writable_system_owned_group/tests/wrong_setting.fail.sh +++ b/linux_os/guide/system/permissions/files/dir_perms_world_writable_system_owned_group/tests/wrong_setting.fail.sh @@ -3,7 +3,7 @@ groupadd testGrp -mkdir testDir +mkdir -p testDir chgrp testGrp testDir/ From ce213157252b28f8f18db3cd954078efc238dd41 Mon Sep 17 00:00:00 2001 From: Markus Linnala Date: Wed, 10 May 2023 15:27:26 +0300 Subject: [PATCH 11/31] fix: sssd_enable_pam_services/bash: use mkdir -p --- .../guide/services/sssd/sssd_enable_pam_services/bash/shared.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/linux_os/guide/services/sssd/sssd_enable_pam_services/bash/shared.sh b/linux_os/guide/services/sssd/sssd_enable_pam_services/bash/shared.sh index d233bc61dc9..b5e66f019b2 100644 --- a/linux_os/guide/services/sssd/sssd_enable_pam_services/bash/shared.sh +++ b/linux_os/guide/services/sssd/sssd_enable_pam_services/bash/shared.sh @@ -4,7 +4,7 @@ SSSD_CONF="/etc/sssd/sssd.conf" SSSD_CONF_DIR="/etc/sssd/conf.d/*.conf" if [ ! -f "$SSSD_CONF" ] && [ ! -f "$SSSD_CONF_DIR" ]; then - mkdir /etc/sssd + mkdir -p /etc/sssd touch "$SSSD_CONF" fi From 8e60a801270e41546263439686b9efb449383f7b Mon Sep 17 00:00:00 2001 From: Markus Linnala Date: Wed, 10 May 2023 15:25:06 +0300 Subject: [PATCH 12/31] fix: dir_system_commands_group_root_owned/tests: use mkdir -p --- .../tests/incorrect_group_owner.fail.sh | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/linux_os/guide/system/permissions/files/dir_system_commands_group_root_owned/tests/incorrect_group_owner.fail.sh b/linux_os/guide/system/permissions/files/dir_system_commands_group_root_owned/tests/incorrect_group_owner.fail.sh index 62e3ad360f8..c1ce0dc5148 100644 --- a/linux_os/guide/system/permissions/files/dir_system_commands_group_root_owned/tests/incorrect_group_owner.fail.sh +++ b/linux_os/guide/system/permissions/files/dir_system_commands_group_root_owned/tests/incorrect_group_owner.fail.sh @@ -2,9 +2,6 @@ for TESTDIR in /bin/test_me /sbin/test_me /usr/bin/test_me /usr/sbin/test_me /usr/local/bin/test_me /usr/local/sbin/test_me do - if [[ ! -d $TESTDIR ]] - then - mkdir $TESTDIR - fi - chown nobody.nobody $TESTDIR + mkdir -p "${TESTDIR}" + chown nobody.nobody "${TESTDIR}" done From d88e53fa4d280068c59df939327daadf3c9e19c3 Mon Sep 17 00:00:00 2001 From: Markus Linnala Date: Wed, 10 May 2023 15:25:02 +0300 Subject: [PATCH 13/31] fix: rsyslog_encrypt_offload_actionsendstreamdriverauthmode/tests: use mkdir -p --- .../tests/setup.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/tests/setup.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/tests/setup.sh index 9686f16bcc9..6faecccfac4 100644 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/tests/setup.sh +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdriverauthmode/tests/setup.sh @@ -1,4 +1,5 @@ #!/bin/bash + # Use this script to ensure the rsyslog directory structure and rsyslog conf file # exist in the test env. config_file=/etc/rsyslog.conf @@ -6,4 +7,4 @@ config_file=/etc/rsyslog.conf # Ensure directory structure exists (useful for container based testing) test -f $config_file || touch $config_file -test -d /etc/rsyslog.d/ || mkdir /etc/rsyslog.d/ +mkdir -p /etc/rsyslog.d From d68db58010bfda5ee83a9a2ebf621f7ad07c1a7e Mon Sep 17 00:00:00 2001 From: Markus Linnala Date: Wed, 10 May 2023 15:25:02 +0300 Subject: [PATCH 14/31] fix: rsyslog_encrypt_offload_actionsendstreamdrivermode/tests: use mkdir -p --- .../tests/setup.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdrivermode/tests/setup.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdrivermode/tests/setup.sh index 9686f16bcc9..6faecccfac4 100644 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdrivermode/tests/setup.sh +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_actionsendstreamdrivermode/tests/setup.sh @@ -1,4 +1,5 @@ #!/bin/bash + # Use this script to ensure the rsyslog directory structure and rsyslog conf file # exist in the test env. config_file=/etc/rsyslog.conf @@ -6,4 +7,4 @@ config_file=/etc/rsyslog.conf # Ensure directory structure exists (useful for container based testing) test -f $config_file || touch $config_file -test -d /etc/rsyslog.d/ || mkdir /etc/rsyslog.d/ +mkdir -p /etc/rsyslog.d From 696628ca4515b72ddc9c39cbc1cd16abe8fe6bae Mon Sep 17 00:00:00 2001 From: Markus Linnala Date: Wed, 10 May 2023 15:25:02 +0300 Subject: [PATCH 15/31] fix: rsyslog_encrypt_offload_defaultnetstreamdriver/tests: use mkdir -p --- .../tests/setup.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_defaultnetstreamdriver/tests/setup.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_defaultnetstreamdriver/tests/setup.sh index 9686f16bcc9..6faecccfac4 100644 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_defaultnetstreamdriver/tests/setup.sh +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_encrypt_offload_defaultnetstreamdriver/tests/setup.sh @@ -1,4 +1,5 @@ #!/bin/bash + # Use this script to ensure the rsyslog directory structure and rsyslog conf file # exist in the test env. config_file=/etc/rsyslog.conf @@ -6,4 +7,4 @@ config_file=/etc/rsyslog.conf # Ensure directory structure exists (useful for container based testing) test -f $config_file || touch $config_file -test -d /etc/rsyslog.d/ || mkdir /etc/rsyslog.d/ +mkdir -p /etc/rsyslog.d From 3859bb23b342c6cfa8f7078ace567b5788240c5a Mon Sep 17 00:00:00 2001 From: Markus Linnala Date: Wed, 10 May 2023 15:25:01 +0300 Subject: [PATCH 16/31] fix: auditd_data_disk_error_action/tests: use mkdir -p --- .../auditd_data_disk_error_action/tests/common.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/tests/common.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/tests/common.sh index 7c8f80eac21..660d5343bd0 100644 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/tests/common.sh +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_error_action/tests/common.sh @@ -1,5 +1,5 @@ #!/bin/bash +mkdir -p /etc/audit truncate -s 0 /etc/audit/auditd.conf -mkdir /etc/audit/ touch /etc/audit/auditd.conf From 1083d5e528a4d2fecca35bcfacc1905bad5a69ea Mon Sep 17 00:00:00 2001 From: Markus Linnala Date: Wed, 10 May 2023 15:25:01 +0300 Subject: [PATCH 17/31] fix: auditd_data_disk_full_action/tests: use mkdir -p --- .../auditd_data_disk_full_action/tests/common.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/tests/common.sh b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/tests/common.sh index 7c8f80eac21..660d5343bd0 100644 --- a/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/tests/common.sh +++ b/linux_os/guide/system/auditing/configure_auditd_data_retention/auditd_data_disk_full_action/tests/common.sh @@ -1,5 +1,5 @@ #!/bin/bash +mkdir -p /etc/audit truncate -s 0 /etc/audit/auditd.conf -mkdir /etc/audit/ touch /etc/audit/auditd.conf From 8b294ef7717e87a971ae0707318d816e1607f623 Mon Sep 17 00:00:00 2001 From: Markus Linnala Date: Wed, 10 May 2023 15:25:00 +0300 Subject: [PATCH 18/31] fix: directory_permissions_var_log_audit/tests: use mkdir -p --- .../directory_permissions_var_log_audit/tests/common_0700.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/common_0700.sh b/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/common_0700.sh index a9d5e0acbd6..0b23eca31cb 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/common_0700.sh +++ b/linux_os/guide/system/auditing/auditd_configure_rules/directory_permissions_var_log_audit/tests/common_0700.sh @@ -5,4 +5,4 @@ sed -i "/^\s*log_file.*/d" /etc/audit/auditd.conf DIR1=/var/log/audit/ DIR2=/var/log/audit2/ -mkdir ${DIR2} +mkdir -p "${DIR2}" From 2ef7d18ad36995dd2e54344f9dc7d4d33c175a0b Mon Sep 17 00:00:00 2001 From: Markus Linnala Date: Wed, 10 May 2023 15:25:01 +0300 Subject: [PATCH 19/31] fix: file_group_ownership_var_log_audit/tests: use mkdir -p --- .../file_group_ownership_var_log_audit/tests/common.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/linux_os/guide/system/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/tests/common.sh b/linux_os/guide/system/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/tests/common.sh index dd6994e34fe..7b4e54aa251 100644 --- a/linux_os/guide/system/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/tests/common.sh +++ b/linux_os/guide/system/auditing/auditd_configure_rules/file_group_ownership_var_log_audit/tests/common.sh @@ -5,7 +5,7 @@ sed -i "/^\s*log_group.*/d" /etc/audit/auditd.conf groupadd group_test rm -f /var/log/audit/* -mkdir /var/log/audit2/ +mkdir -p /var/log/audit2 FILE1=/var/log/audit/audit.log FILE2=/var/log/audit2/audit.log From d0b8da8d156602de57bb11175546f4202551d07c Mon Sep 17 00:00:00 2001 From: Markus Linnala Date: Wed, 10 May 2023 15:24:58 +0300 Subject: [PATCH 20/31] fix: accounts_umask_interactive_users/tests: use mkdir -p --- .../tests/hidden_folder_ignored.pass.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/tests/hidden_folder_ignored.pass.sh b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/tests/hidden_folder_ignored.pass.sh index b9e1b7519ef..ccb7727a873 100644 --- a/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/tests/hidden_folder_ignored.pass.sh +++ b/linux_os/guide/system/accounts/accounts-session/user_umask/accounts_umask_interactive_users/tests/hidden_folder_ignored.pass.sh @@ -2,4 +2,4 @@ USER="cac_user" useradd -m $USER -mkdir /home/$USER/.hiddenfolder +mkdir -p /home/"${USER}"/.hiddenfolder From 89d5ab66413fd03d98a9f60880b17a4fca027ff0 Mon Sep 17 00:00:00 2001 From: Markus Linnala Date: Wed, 10 May 2023 15:25:36 +0300 Subject: [PATCH 21/31] fix: sudo_remove_no_authenticate/tests: use mkdir -p --- .../sudo/sudo_remove_no_authenticate/tests/wrong_value.fail.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/linux_os/guide/system/software/sudo/sudo_remove_no_authenticate/tests/wrong_value.fail.sh b/linux_os/guide/system/software/sudo/sudo_remove_no_authenticate/tests/wrong_value.fail.sh index 72baa9e9b12..ddfef81b919 100644 --- a/linux_os/guide/system/software/sudo/sudo_remove_no_authenticate/tests/wrong_value.fail.sh +++ b/linux_os/guide/system/software/sudo/sudo_remove_no_authenticate/tests/wrong_value.fail.sh @@ -3,6 +3,6 @@ echo "Defaults !authenticate" >> /etc/sudoers chmod 440 /etc/sudoers -mkdir /etc/sudoers.d/ +mkdir -p /etc/sudoers.d echo "Defaults !authenticate" >> /etc/sudoers.d/sudoers chmod 440 /etc/sudoers.d/sudoers From f58112c9d9590fdf9ebff471963d3abaef7d4c94 Mon Sep 17 00:00:00 2001 From: Markus Linnala Date: Wed, 10 May 2023 15:25:36 +0300 Subject: [PATCH 22/31] fix: sudo_remove_nopasswd/tests: use mkdir -p --- .../sudo/sudo_remove_nopasswd/tests/wrong_value.fail.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/linux_os/guide/system/software/sudo/sudo_remove_nopasswd/tests/wrong_value.fail.sh b/linux_os/guide/system/software/sudo/sudo_remove_nopasswd/tests/wrong_value.fail.sh index 19537f9c1d3..fa821e9dc3c 100644 --- a/linux_os/guide/system/software/sudo/sudo_remove_nopasswd/tests/wrong_value.fail.sh +++ b/linux_os/guide/system/software/sudo/sudo_remove_nopasswd/tests/wrong_value.fail.sh @@ -3,6 +3,6 @@ echo "%wheel ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers chmod 440 /etc/sudoers -mkdir /etc/sudoers.d/ +mkdir -p /etc/sudoers.d echo "%wheel ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers.d/sudoers chmod 440 /etc/sudoers.d/sudoers From 70e9b84b02a7c37d0a3284d04084c315639886fe Mon Sep 17 00:00:00 2001 From: Markus Linnala Date: Wed, 10 May 2023 15:25:37 +0300 Subject: [PATCH 23/31] fix: sudo_require_authentication/tests: use mkdir -p --- .../sudo/sudo_require_authentication/tests/wrong_value.fail.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/linux_os/guide/system/software/sudo/sudo_require_authentication/tests/wrong_value.fail.sh b/linux_os/guide/system/software/sudo/sudo_require_authentication/tests/wrong_value.fail.sh index 50d651667ab..1c2d98e824a 100644 --- a/linux_os/guide/system/software/sudo/sudo_require_authentication/tests/wrong_value.fail.sh +++ b/linux_os/guide/system/software/sudo/sudo_require_authentication/tests/wrong_value.fail.sh @@ -4,7 +4,7 @@ echo "%wheel ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers echo "Defaults !authenticate" >> /etc/sudoers chmod 440 /etc/sudoers -mkdir /etc/sudoers.d/ +mkdir -p /etc/sudoers.d echo "%wheel ALL=(ALL) !authenticate ALL" >> /etc/sudoers.d/sudoers echo "Defaults !authenticate" >> /etc/sudoers.d/sudoers chmod 440 /etc/sudoers.d/sudoers From bb6742801666f7d13d8feefbc1bcbfa10699567a Mon Sep 17 00:00:00 2001 From: Markus Linnala Date: Wed, 10 May 2023 15:20:45 +0300 Subject: [PATCH 24/31] fix: file_ownership_library_dirs/tests: use mkdir -p --- .../tests/incorrect_owner_within_dir.fail.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_owner_within_dir.fail.sh b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_owner_within_dir.fail.sh index 0e380cb21ae..81d8a339ef0 100644 --- a/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_owner_within_dir.fail.sh +++ b/linux_os/guide/system/permissions/files/permissions_within_important_dirs/file_ownership_library_dirs/tests/incorrect_owner_within_dir.fail.sh @@ -4,6 +4,6 @@ useradd user_test TESTDIR="/usr/lib/dir/" -mkdir $TESTDIR -touch $TESTDIR/test_me -chown user_test $TESTDIR/test_me +mkdir -p "${TESTDIR}" +touch "${TESTDIR}"/test_me +chown user_test "${TESTDIR}"/test_me From c9163f9a3e1d2fe4161f17cd721eb7a700bfb0f3 Mon Sep 17 00:00:00 2001 From: Markus Linnala Date: Wed, 10 May 2023 15:24:58 +0300 Subject: [PATCH 25/31] fix: accounts_users_home_files_permissions/tests: use mkdir -p --- .../tests/lenient_permissions_directory.fail.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_permissions/tests/lenient_permissions_directory.fail.sh b/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_permissions/tests/lenient_permissions_directory.fail.sh index 0e6e494b08c..d62aae1a375 100644 --- a/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_permissions/tests/lenient_permissions_directory.fail.sh +++ b/linux_os/guide/system/accounts/accounts-session/accounts_users_home_files_permissions/tests/lenient_permissions_directory.fail.sh @@ -1,7 +1,7 @@ #!/bin/bash USER="cac_user" -useradd -m $USER -mkdir /home/$USER/folder -chmod -Rf 700 /home/$USER/.* -chmod -f o+r /home/$USER/folder +useradd -m "${USER}" +mkdir -p /home/"${USER}"/folder +chmod -Rf 700 /home/"${USER}"/.* +chmod -f o+r /home/"${USER}"/folder From 9ccc8f57779c9721615a4dd30f3c817345ebe501 Mon Sep 17 00:00:00 2001 From: Markus Linnala Date: Wed, 10 May 2023 15:21:56 +0300 Subject: [PATCH 26/31] fix: dir_system_commands_root_owned/tests: use mkdir -p --- .../tests/incorrect_owner.fail.sh | 20 ++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/linux_os/guide/system/permissions/files/dir_system_commands_root_owned/tests/incorrect_owner.fail.sh b/linux_os/guide/system/permissions/files/dir_system_commands_root_owned/tests/incorrect_owner.fail.sh index 3fd5055e887..8669c1915c7 100644 --- a/linux_os/guide/system/permissions/files/dir_system_commands_root_owned/tests/incorrect_owner.fail.sh +++ b/linux_os/guide/system/permissions/files/dir_system_commands_root_owned/tests/incorrect_owner.fail.sh @@ -1,10 +1,12 @@ #!/bin/bash - -for TESTDIR in /bin/test_1 /sbin/test_1 /usr/bin/test_1 /usr/sbin/test_1 /usr/local/bin/test_1 /usr/local/sbin/test_1 -do - if [[ ! -d $TESTDIR ]] - then - mkdir $TESTDIR - fi - chown nobody.nobody $TESTDIR -done + +TESTDIRS=( + /bin/test_1 + /sbin/test_1 + /usr/bin/test_1 + /usr/sbin/test_1 + /usr/local/bin/test_1 + /usr/local/sbin/test_1 +) +mkdir -p "${TESTDIRS[@]}" +chown nobody.nobody "${TESTDIRS[@]}" From 41290f03d355eaeb58c74e14c1ea9f292bb09710 Mon Sep 17 00:00:00 2001 From: Markus Linnala Date: Wed, 10 May 2023 15:25:01 +0300 Subject: [PATCH 27/31] fix: rsyslog_cron_logging/tests: use mkdir -p --- .../tests/all_facilities_set_rsyslog_conf.pass.sh | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/tests/all_facilities_set_rsyslog_conf.pass.sh b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/tests/all_facilities_set_rsyslog_conf.pass.sh index 8e3187030b6..69383499749 100644 --- a/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/tests/all_facilities_set_rsyslog_conf.pass.sh +++ b/linux_os/guide/system/logging/ensure_rsyslog_log_file_configuration/rsyslog_cron_logging/tests/all_facilities_set_rsyslog_conf.pass.sh @@ -1,13 +1,14 @@ #!/bin/bash # platform = Oracle Linux 7,Oracle Linux 8 + . set_cron_logging.sh RSYSLOG_CONF='/etc/rsyslog.conf' RSYSLOG_D_FOLDER='/etc/rsyslog.d' -RSYSLOG_D_FILES='/etc/rsyslog.d/*' +RSYSLOG_D_FILES=("${RSYSLOG_D_FOLDER}"/*) -mkdir $RSYSLOG_D_FOLDER -rm $RSYSLOG_D_FILES -truncate -s 0 $RSYSLOG_CONF +mkdir -p "${RSYSLOG_D_FOLDER}" +rm -rf "${RSYSLOG_D_FILES[@]}" +truncate -s 0 "${RSYSLOG_CONF}" -echo '*.* /var/log/messages' >> $RSYSLOG_CONF +echo '*.* /var/log/messages' >> "${RSYSLOG_CONF}" From b003ebb6a4734390275bce1ff6780e7e8df61f69 Mon Sep 17 00:00:00 2001 From: Markus Linnala Date: Sat, 13 May 2023 21:20:05 +0300 Subject: [PATCH 28/31] fix: sysctl: use mkdir -p --- .../templates/sysctl/tests/correct_value_usr_local_lib.pass.sh | 2 +- shared/templates/sysctl/tests/wrong_value_usr_local_lib.fail.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/shared/templates/sysctl/tests/correct_value_usr_local_lib.pass.sh b/shared/templates/sysctl/tests/correct_value_usr_local_lib.pass.sh index 19769ebae7e..e8810e1682d 100644 --- a/shared/templates/sysctl/tests/correct_value_usr_local_lib.pass.sh +++ b/shared/templates/sysctl/tests/correct_value_usr_local_lib.pass.sh @@ -8,7 +8,7 @@ rm -rf /usr/lib/sysctl.d/* /usr/local/lib/sysctl.d/* /run/sysctl.d/* /etc/sysctl.d/* sed -i "/{{{ SYSCTLVAR }}}/d" /etc/sysctl.conf -mkdir /usr/local/lib/sysctl.d/ +mkdir -p /usr/local/lib/sysctl.d echo "{{{ SYSCTLVAR }}} = {{{ SYSCTL_CORRECT_VALUE }}}" >> /usr/local/lib/sysctl.d/correct.conf # set correct runtime value to check if the filesystem configuration is evaluated properly diff --git a/shared/templates/sysctl/tests/wrong_value_usr_local_lib.fail.sh b/shared/templates/sysctl/tests/wrong_value_usr_local_lib.fail.sh index 5b03e6c3969..2f5c5a35645 100644 --- a/shared/templates/sysctl/tests/wrong_value_usr_local_lib.fail.sh +++ b/shared/templates/sysctl/tests/wrong_value_usr_local_lib.fail.sh @@ -8,7 +8,7 @@ rm -rf /usr/lib/sysctl.d/* /run/sysctl.d/* /etc/sysctl.d/* sed -i "/{{{ SYSCTLVAR }}}/d" /etc/sysctl.conf -mkdir /usr/local/lib/sysctl.d/ +mkdir -p /usr/local/lib/sysctl.d echo "{{{ SYSCTLVAR }}} = {{{ SYSCTL_WRONG_VALUE }}}" >> /usr/local/lib/sysctl.d/wrong.conf # Setting correct runtime value From 42f498c4f9480f64f6fac7f5b63496c44b6c2f27 Mon Sep 17 00:00:00 2001 From: Markus Linnala Date: Sat, 13 May 2023 21:20:16 +0300 Subject: [PATCH 29/31] fix: build_profiler: use mkdir -p --- utils/build_profiler.sh | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/utils/build_profiler.sh b/utils/build_profiler.sh index 9a567cf16ec..b3aae2f631b 100755 --- a/utils/build_profiler.sh +++ b/utils/build_profiler.sh @@ -13,14 +13,12 @@ fi product_string="$1" # Create and change to .build_profiling dir -[ ! -d ".build_profiling" ] && (mkdir .build_profiling || die \ -"Creating the .build_profiling directory failed") +mkdir -p .build_profiling || die "Creating the .build_profiling directory failed" cd .build_profiling || die "Changing to the .build_profiling directory failed" # Create and change to product_string dir -[ ! -d "$product_string" ] && (mkdir "$product_string" || die \ -"Creating the $product_string directory failed") +mkdir -p "$product_string" || die "Creating the $product_string directory failed" cd "$product_string" || die "Changing to the $product_string directory failed" From 446d322f91f367f41c20e91e94bc81b57e6e56fd Mon Sep 17 00:00:00 2001 From: Markus Linnala Date: Sat, 13 May 2023 21:19:37 +0300 Subject: [PATCH 30/31] fix: accounts_polyinstantiated_tmp: use mkdir -p --- .../accounts_polyinstantiated_tmp/bash/shared.sh | 7 ++++--- .../accounts_polyinstantiated_tmp/tests/correct.pass.sh | 4 +++- .../tests/directory_doesnt_exist.fail.sh | 1 + .../tests/line_not_there.fail.sh | 4 +++- .../accounts_polyinstantiated_tmp/tests/wrong_mode.fail.sh | 4 +++- 5 files changed, 14 insertions(+), 6 deletions(-) diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_tmp/bash/shared.sh b/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_tmp/bash/shared.sh index 062dda3b8a7..a2875535c6b 100644 --- a/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_tmp/bash/shared.sh +++ b/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_tmp/bash/shared.sh @@ -1,7 +1,8 @@ +#!/bin/bash # platform = multi_platform_all -if ! [ -d /tmp/tmp-inst ] ; then - mkdir --mode 000 /tmp/tmp-inst -fi + +# shellcheck disable=SC2174 +mkdir -p --mode 000 /tmp/tmp-inst chmod 000 /tmp/tmp-inst chcon --reference=/tmp /tmp/tmp-inst diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_tmp/tests/correct.pass.sh b/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_tmp/tests/correct.pass.sh index 68fbfb986ce..10e8f89cf4d 100644 --- a/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_tmp/tests/correct.pass.sh +++ b/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_tmp/tests/correct.pass.sh @@ -1,4 +1,6 @@ #!/bin/bash + rm -rf /tmp/tmp-inst -mkdir --mode 000 /tmp/tmp-inst +mkdir -p --mode 000 /tmp/tmp-inst +chmod 000 /tmp/tmp-inst echo "/tmp /tmp/tmp-inst/ level root,adm" >> /etc/security/namespace.conf diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_tmp/tests/directory_doesnt_exist.fail.sh b/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_tmp/tests/directory_doesnt_exist.fail.sh index c71728801fc..2cc1738ed61 100644 --- a/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_tmp/tests/directory_doesnt_exist.fail.sh +++ b/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_tmp/tests/directory_doesnt_exist.fail.sh @@ -1,3 +1,4 @@ #!/bin/bash + rm -rf /tmp/tmp-inst echo "/tmp /tmp/tmp-inst/ level root,adm" >> /etc/security/namespace.conf diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_tmp/tests/line_not_there.fail.sh b/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_tmp/tests/line_not_there.fail.sh index a79b8279aea..9f4291ce758 100644 --- a/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_tmp/tests/line_not_there.fail.sh +++ b/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_tmp/tests/line_not_there.fail.sh @@ -1,4 +1,6 @@ #!/bin/bash + rm -rf /tmp/tmp-inst -mkdir --mode 000 /tmp/tmp-inst +mkdir -p --mode 000 /tmp/tmp-inst +chmod 000 /tmp/tmp-inst sed -i "/^\s*\/tmp\s*/d" /etc/security/namespace.conf diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_tmp/tests/wrong_mode.fail.sh b/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_tmp/tests/wrong_mode.fail.sh index f825a701590..29afd460b4f 100644 --- a/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_tmp/tests/wrong_mode.fail.sh +++ b/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_tmp/tests/wrong_mode.fail.sh @@ -1,4 +1,6 @@ #!/bin/bash + rm -rf /tmp/tmp-inst -mkdir --mode 600 /tmp/tmp-inst +mkdir -p --mode 600 /tmp/tmp-inst +chmod 600 /tmp/tmp-inst echo "/tmp /tmp/tmp-inst/ level root,adm" >> /etc/security/namespace.conf From 75552299b6a1dfe1a1c270c4544636ac1423f7c2 Mon Sep 17 00:00:00 2001 From: Markus Linnala Date: Sat, 13 May 2023 21:19:53 +0300 Subject: [PATCH 31/31] fix: accounts_polyinstantiated_var_tmp: use mkdir -p --- .../accounts_polyinstantiated_var_tmp/bash/shared.sh | 9 +++++---- .../tests/correct.pass.sh | 4 +++- .../tests/directory_doesnt_exist.fail.sh | 1 + .../tests/line_not_there.fail.sh | 4 +++- .../tests/wrong_mode.fail.sh | 4 +++- 5 files changed, 15 insertions(+), 7 deletions(-) diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_var_tmp/bash/shared.sh b/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_var_tmp/bash/shared.sh index 9313059baf7..28f69bec5e5 100644 --- a/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_var_tmp/bash/shared.sh +++ b/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_var_tmp/bash/shared.sh @@ -1,9 +1,10 @@ +#!/bin/bash # platform = multi_platform_all -if ! [ -d /tmp-inst ] ; then - mkdir --mode 000 /var/tmp/tmp-inst -fi + +# shellcheck disable=SC2174 +mkdir -p --mode 000 /var/tmp/tmp-inst chmod 000 /var/tmp/tmp-inst -chcon --reference=/var/tmp/ /var/tmp/tmp-inst +chcon --reference=/var/tmp /var/tmp/tmp-inst if ! grep -Eq '^\s*/var/tmp\s+/var/tmp/tmp-inst/\s+level\s+root,adm$' /etc/security/namespace.conf ; then if grep -Eq '^\s*/var/tmp\s+' /etc/security/namespace.conf ; then diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_var_tmp/tests/correct.pass.sh b/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_var_tmp/tests/correct.pass.sh index 84ece4be09e..95bc197d95d 100644 --- a/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_var_tmp/tests/correct.pass.sh +++ b/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_var_tmp/tests/correct.pass.sh @@ -1,4 +1,6 @@ #!/bin/bash + rm -rf /var/tmp/tmp-inst -mkdir --mode 000 /var/tmp/tmp-inst +mkdir -p --mode 000 /var/tmp/tmp-inst +chmod 000 /var/tmp/tmp-inst echo "/var/tmp /var/tmp/tmp-inst/ level root,adm" >> /etc/security/namespace.conf diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_var_tmp/tests/directory_doesnt_exist.fail.sh b/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_var_tmp/tests/directory_doesnt_exist.fail.sh index bd4dc539b30..c7ae9215af5 100644 --- a/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_var_tmp/tests/directory_doesnt_exist.fail.sh +++ b/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_var_tmp/tests/directory_doesnt_exist.fail.sh @@ -1,3 +1,4 @@ #!/bin/bash + rm -rf /var/tmp/tmp-inst echo "/var/tmp /var/tmp/tmp-inst/ level root,adm" >> /etc/security/namespace.conf diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_var_tmp/tests/line_not_there.fail.sh b/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_var_tmp/tests/line_not_there.fail.sh index 02cca90b16b..32c3747c2ca 100644 --- a/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_var_tmp/tests/line_not_there.fail.sh +++ b/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_var_tmp/tests/line_not_there.fail.sh @@ -1,4 +1,6 @@ #!/bin/bash + rm -rf /var/tmp/tmp-inst -mkdir --mode 000 /var/tmp/tmp-inst +mkdir -p --mode 000 /var/tmp/tmp-inst +chmod 000 /var/tmp/tmp-inst sed -i "/^\s*\/var\/tmp\s*/d" /etc/security/namespace.conf diff --git a/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_var_tmp/tests/wrong_mode.fail.sh b/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_var_tmp/tests/wrong_mode.fail.sh index 4a77322eb45..8c2cf389e60 100644 --- a/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_var_tmp/tests/wrong_mode.fail.sh +++ b/linux_os/guide/system/accounts/accounts-session/accounts_polyinstantiated_var_tmp/tests/wrong_mode.fail.sh @@ -1,4 +1,6 @@ #!/bin/bash + rm -rf /var/tmp/tmp-inst -mkdir --mode 600 /var/tmp/tmp-inst +mkdir -p --mode 600 /var/tmp/tmp-inst +chmod 600 /var/tmp/tmp-inst echo "/var/tmp /var/tmp/tmp-inst/ level root,adm" >> /etc/security/namespace.conf