class Ardecy::Harden::Sysctl::SysKern

Public Class Methods

new(args) click to toggle source
# File lib/ardecy/harden/sysctl.rb, line 14
def initialize(args)
  @res = 'FALSE'
  @args = args
  @exp = '0'
end

Public Instance Methods

fix() click to toggle source
# File lib/ardecy/harden/sysctl.rb, line 35
def fix
  return unless File.exist? @file

  KERNEL << "#{@line} = #{@exp}"
end
repair() click to toggle source
# File lib/ardecy/harden/sysctl.rb, line 41
def repair
  return unless @args[:fix]

  Ardecy::Guard.perm
  if @res != 'OK' && @res != 'PROTECTED'
    if File.exist? @file
      File.write(@file, @exp, mode: 'w', preserve: true)
    end
  end
end
scan() click to toggle source
# File lib/ardecy/harden/sysctl.rb, line 20
def scan
  kernel_show(@line, @exp) if @args[:audit]
  if File.exist? @file
    if File.readable? @file
      value = File.read(@file).chomp
      @res = value.to_s =~ /#{@exp}/ ? 'OK' : 'FAIL'
    else
      @res = 'PROTECTED'
    end
  else
    @res = 'NO FOUND'
  end
  @tab ? result(@res, @tab) : result(@res) if @args[:audit]
end
x() click to toggle source
# File lib/ardecy/harden/sysctl.rb, line 52
def x
  scan
  fix
  repair
end