usnistgov/macos_security
1
0
Fork 0
mirror of https://github.com/usnistgov/macos_security.git synced 2026-03-23 08:20:27 +00:00
Code Issues 21 Actions Packages Projects Releases Wiki Activity

fix[rule]: update check for time machine encryption

Browse Source 
changing to CIS method

Issue #538
This commit is contained in:
Dan Brodjieski
2025-09-08 12:02:07 -04:00
parent 36ff6a2343
commit 1a6a8dfed5
1 changed files with 1 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
rules/system_settings/system_settings_time_machine_encrypted_configure.yaml
View File

@@ -3,15 +3,7 @@ title: Ensure Time Machine Volumes are Encrypted
discussion: |
Time Machine volumes _MUST_ be encrypted.
check: |
error_count=0
for tm in $(/usr/bin/tmutil destinationinfo 2>/dev/null| /usr/bin/awk -F': ' '/Name/{print $2}'); do
tmMounted=$(/usr/sbin/diskutil info "${tm}" 2>/dev/null | /usr/bin/awk '/Mounted/{print $2}')
tmEncrypted=$(/usr/sbin/diskutil info "${tm}" 2>/dev/null | /usr/bin/awk '/FileVault/{print $2}')
if [[ "$tmMounted" = "Yes" && "$tmEncrypted" = "No" ]]; then
((error_count++))
fi
done
echo "$error_count"
/usr/bin/sudo /usr/bin/defaults read /Library/Preferences/com.apple.TimeMachine.plist | grep -c NotEncrypted
result:
integer: 0
fix: |