Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

oscap-ssh: simplify to allow limited sudo rule #1881

Open
wants to merge 8 commits into
base: maint-1.3
Choose a base branch
from

Commits on May 4, 2023

  1. fix: oscap-ssh: instead of expr/let, use (( )) form

    Handle options conversions up to 2nd last arg as last is input and is
    handled next.
    
    (( ..., 1 )) ensures return value is ok.
    arr[-1] is last element
    
    From shellcheck:
    
    In utils/oscap-ssh line 217:
    for i in $(seq 0 `expr $# - 1`); do
                     ^-----------^ SC2046: Quote this to prevent word splitting.
                     ^-----------^ SC2006: Use $(...) notation instead of legacy backticked `...`.
                      ^--^ SC2003: expr is antiquated. Consider rewriting this using $((..)), ${} or [[ ]].
    
    Did you mean:
    for i in $(seq 0 $(expr $# - 1)); do
    
    In utils/oscap-ssh line 218:
        let j=i+1
        ^-------^ SC2219: Instead of 'let expr', prefer (( expr )) .
    
    In utils/oscap-ssh line 267:
        LOCAL_CONTENT_PATH="${oscap_args[`expr $# - 1`]}"
                                         ^-----------^ SC2006: Use $(...) notation instead of legacy backticked `...`.
                                          ^--^ SC2003: expr is antiquated. Consider rewriting this using $((..)), ${} or [[ ]].
    
    Did you mean:
        LOCAL_CONTENT_PATH="${oscap_args[$(expr $# - 1)]}"
    
    In utils/oscap-ssh line 268:
        oscap_args[`expr $# - 1`]="$REMOTE_TEMP_DIR/input.xml"
                   ^-----------^ SC2006: Use $(...) notation instead of legacy backticked `...`.
                    ^--^ SC2003: expr is antiquated. Consider rewriting this using $((..)), ${} or [[ ]].
    
    Did you mean:
        oscap_args[$(expr $# - 1)]="$REMOTE_TEMP_DIR/input.xml"
    maage committed May 4, 2023
    Configuration menu
    Copy the full SHA
    6233bb4 View commit details
    Browse the repository at this point in the history
  2. change: oscap-ssh: simplify command_array_to_string

    - use printf %q instead of home made implementation
    - use $@
      - there is no point using fancy array arrayref and eval in this simple
        use case
      - printf just iterates parameters and "$@" works just fine
    - changes usage:
      from: command_array_to_string arref
      to: command_array_to_string "${array[@]}"
    maage committed May 4, 2023
    Configuration menu
    Copy the full SHA
    5db382c View commit details
    Browse the repository at this point in the history
  3. Configuration menu
    Copy the full SHA
    9ebf7ea View commit details
    Browse the repository at this point in the history
  4. change: oscap-ssh: Simplify sudo test

    Change OSCAP_SUDO as array and after this there is no need to test it.
    maage committed May 4, 2023
    Configuration menu
    Copy the full SHA
    0550108 View commit details
    Browse the repository at this point in the history
  5. fix: oscap-ssh: ensure cd is done

    Fail if can not cd into a directory. Shellcheck would warn about this.
    maage committed May 4, 2023
    Configuration menu
    Copy the full SHA
    a9026f3 View commit details
    Browse the repository at this point in the history
  6. fix: oscap-ssh: extend command_array_to_string coverage to sudo

    This ensures whole command is quoted.
    maage committed May 4, 2023
    Configuration menu
    Copy the full SHA
    5274233 View commit details
    Browse the repository at this point in the history
  7. change: oscap-ssh: allow xccdf --verbose DEVEL eval

    This is needed sometimes when debugging.
    maage committed May 4, 2023
    Configuration menu
    Copy the full SHA
    712ae85 View commit details
    Browse the repository at this point in the history
  8. style: oscap-ssh: shellcheck

    maage committed May 4, 2023
    Configuration menu
    Copy the full SHA
    922f902 View commit details
    Browse the repository at this point in the history