From ccb2cc398bfc3282a30c96ed07fabd2dc8cc7f4f Mon Sep 17 00:00:00 2001 From: Allen Golbig Date: Tue, 13 Dec 2022 12:59:53 -0500 Subject: [PATCH] feat[script] added check/fix/check logic Added check/fix/check logic to compliance script --- scripts/generate_guidance.py | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/scripts/generate_guidance.py b/scripts/generate_guidance.py index a10a12dc..4a4b8ad5 100755 --- a/scripts/generate_guidance.py +++ b/scripts/generate_guidance.py @@ -628,7 +628,7 @@ vared -p "Press [Enter] key to continue..." -c fackEnterKey ask() {{ # if fix flag is passed, assume YES for everything - if [[ $fix ]]; then + if [[ $fix ]] || [[ $cfc ]]; then return 0 fi @@ -1004,7 +1004,7 @@ fi lastComplianceScan=$(defaults read "$audit_plist" lastComplianceCheck) echo "Results written to $audit_plist" -if [[ ! $check ]];then +if [[ ! $check ]] && [[ ! $cfc ]];then pause fi @@ -1024,7 +1024,7 @@ if [[ ! -e "$audit_plist" ]]; then fi fi -if [[ ! $fix ]]; then +if [[ ! $fix ]] && [[ ! $cfc ]]; then ask 'THE SOFTWARE IS PROVIDED "AS IS" WITHOUT ANY WARRANTY OF ANY KIND, EITHER EXPRESSED, IMPLIED, OR STATUTORY, INCLUDING, BUT NOT LIMITED TO, ANY WARRANTY THAT THE SOFTWARE WILL CONFORM TO SPECIFICATIONS, ANY IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND FREEDOM FROM INFRINGEMENT, AND ANY WARRANTY THAT THE DOCUMENTATION WILL CONFORM TO THE SOFTWARE, OR ANY WARRANTY THAT THE SOFTWARE WILL BE ERROR FREE. IN NO EVENT SHALL NIST BE LIABLE FOR ANY DAMAGES, INCLUDING, BUT NOT LIMITED TO, DIRECT, INDIRECT, SPECIAL OR CONSEQUENTIAL DAMAGES, ARISING OUT OF, RESULTING FROM, OR IN ANY WAY CONNECTED WITH THIS SOFTWARE, WHETHER OR NOT BASED UPON WARRANTY, CONTRACT, TORT, OR OTHERWISE, WHETHER OR NOT INJURY WAS SUSTAINED BY PERSONS OR PROPERTY OR OTHERWISE, AND WHETHER OR NOT LOSS WAS SUSTAINED FROM, OR AROSE OUT OF THE RESULTS OF, OR USE OF, THE SOFTWARE OR SERVICES PROVIDED HEREUNDER. WOULD YOU LIKE TO CONTINUE? ' N if [[ $? != 0 ]]; then @@ -1048,13 +1048,14 @@ echo "$(date -u) Remediation complete" >> "$audit_log" } -zparseopts -D -E -check=check -fix=fix -stats=stats -compliant=compliant_opt -non_compliant=non_compliant_opt -reset=reset +zparseopts -D -E -check=check -fix=fix -stats=stats -compliant=compliant_opt -non_compliant=non_compliant_opt -reset=reset -cfc=cfc if [[ $reset ]]; then reset_plist; fi -if [[ $check ]] || [[ $fix ]] || [[ $stats ]] || [[ $compliant_opt ]] || [[ $non_compliant_opt ]]; then +if [[ $check ]] || [[ $fix ]] || [[ $cfc ]] || [[ $stats ]] || [[ $compliant_opt ]] || [[ $non_compliant_opt ]]; then if [[ $fix ]]; then run_fix; fi if [[ $check ]]; then run_scan; fi + if [[ $cfc ]]; then run_scan; run_fix; run_scan; fi if [[ $stats ]];then generate_stats; fi if [[ $compliant_opt ]];then compliance_count "compliant"; fi if [[ $non_compliant_opt ]];then compliance_count "non-compliant"; fi