Merge branch 'master' of ssh://srv1.dumalogiya.ru:3251/nixteam/linux-infosec-setupper

DESTDIR/var/lib/linux-infosec-setupper/audit/auditd-conf.sh

@@ -1,12 +1,12 @@
 # Generated by linux-infosec-setupper
 local_events="yes"
-log_file="."
+log_file="/var/log/audit/audit.log"
 write_logs="yes"
 log_format="ENRICHED"
 log_group="root"
 priority_boost="4"
 flush="incremental_async"
-freq="0"
+freq=""
 max_log_fileaction="rotate"
 num_logs="3"
 disp_qos="lossless"
@@ -16,11 +16,11 @@ name_format="hostname"
 name=""
 max_log_file="8"
 action_mail_acct=""
-space_left="10"
+space_left="10%"
 space_left_action="syslog"
 disk_full_action="halt"
 disk_error_action="halt"
-tcp_listen_port="1"
-tcp_max_per_addr="1"
+tcp_listen_port=""
+tcp_max_per_addr=""
 systemd_allowed_ip_list=""
 systemd_denied_ip_list=""

front_auditd.sh

@@ -39,6 +39,8 @@ _rm_temp() {
 }
 trap _rm_temp EXIT
 
+set +e
+
 yad --plug=$_NUMBER --tabnum=1 --form \
 	--text-align=center \
 	--bool-fmt=T \
@@ -115,6 +117,8 @@ if [ "$_status" == 3 ]; then
 	_mk_auditd_config || { _yad_error $"Unable to read file %s" "${VAR_DIR_AUDIT}/auditd-conf.sh"; exit 1; }
 fi	
 
+set -e
+
 var="$(<"$_temp_file1")$(<"$_temp_file2")"
 
 # If we decide to undo the changes and not change anything, the var variable will be empty.
@@ -161,6 +165,12 @@ fi
 if ! [[ "$(echo "$var2" | grep -o -- "--freq .*")" && "$(echo "$var2" | grep -o -- "--flush incremental_async")" ]]; then
 	var2="$(echo "$var2" | sed '/^--freq .*/d')"
 fi
+if [[ "$(echo "$var2" | grep -o -- "--tcp_listen_port 0")" ]]; then
+	var2="$(echo "$var2" | sed '/^--tcp_listen_port 0/d')"
+fi
+if [[ "$(echo "$var2" | grep -o -- "--tcp_max_per_addr 0")" ]]; then
+	var2="$(echo "$var2" | sed '/^--tcp_max_per_addr 0/d')"
+fi
 ####
 var2="$(echo "$var2" | tr '\n' ' ')"
 set -e