Merge branch 'stretch' of https://github.com/bashrc/freedombone

src/freedombone-tests

     ##RHEL-06-000302
     ##A file integrity tool must be used at least weekly to check for unauthorized file changes, particularly the addition of unauthorized system libraries or binaries, or for unauthorized modification to authorized system libraries or binaries.
 
-    bash $STIG_TESTS_DIR/check-aide-cron.sh > /dev/null 2>&1 &
+    bash $STIG_TESTS_DIR/check-tripwire-cron.sh > /dev/null 2>&1 &
 
     stig_spinner $!
     output "V-38695" $? ${SETLANG}
     ################
 
+    ##RHEL-06-000018
+    #For tripwire to be effective, an initial database of "known-good" information about files must be captured and it should be able to be verified against the installed files.
+
+    bash $STIG_TESTS_DIR/check-tripwire-baseline.sh > /dev/null 2>&1 &
+
+    stig_spinner $!
+    output "V-51391" $? ${SETLANG}
+    ################
+
     ##RHEL-06-000308
     ##Process core dumps must be disabled unless needed.
 

tests/check-aide-baseline.sh

-#!/bin/bash
-#Tested on Aide 0.16a2-19-g16ed855
-
-CHECKDATABASE=$(grep "database=" /etc/aide/aide.conf  2>/dev/null )
-if [ $? -eq 0 ];then
-        :
-else 
-        echo "couldn""'""t found aide.conf"
-        exit 1
-fi
-
-DATABASE=$(echo $CHECKDATABASE | awk -F ':' '{printf $2}' 2>/dev/null)
-
-if [ $? -eq 0 ];then
-        :
-else 
-        echo "couldn""'""t found database location at aide.conf"
-        exit 1
-fi
-
-if [ -f "$DATABASE" ];then
-        echo "There is a baseline for aide."
-	exit 0
-else
-        echo "Can""'""t find aide baseline"
-	exit 1
-fi

tests/check-aide-cron.sh

-#1/bin/bash
-
-if [ $(grep aide /etc/crontab /etc/cron.*/* | wc -l) -ne 0 ];then
-        exit 1
-fi

tests/check-tripwire-baseline.sh

+#!/bin/bash
+
+if ! ls /var/lib/tripwire/*.twd 1> /dev/null 2>&1; then
+    exit 1
+fi

tests/check-tripwire-cron.sh

+#1/bin/bash
+
+if [ ! -f /etc/cron.daily/tripwire ];then
+        exit 1
+fi

tests/output.sh

                   log_msg $2 '必须创建文件完整性基线。'
               fi
               if [ $2 -ne 0 ];then
-                  printf '\n######################\n\nSTIG-ID:RHEL-06-000018\n\nVulnerability Discussion: For AIDE to be effective, an initial database of "known-good" information about files must be captured and it should be able to be verified against the installed files.\n\nFix text: Run the following command to generate a new database:\n\n#aideinit\n\nBy default, the database will be written to the file "/var/lib/aide/aide.db.new.gz". Storing the database, the configuration file "/etc/aide.conf", and the binary "/usr/sbin/aide" (or hashes of these files), in a secure location (such as on read-only media) provides additional assurance about their integrity.\n\nThe newlygenerated database can be installed as follows:\n\n#cp /var/lib/aide/aide.db.new /var/lib/aide/aide.db\n\nTo initiate a manual check, run the following command:\n\n#/usr/sbin/aide --check\n\nIf this check produces any unexpected output, investigate.\n\n######################\n\n' >> $LOG
+                  printf '\n######################\n\nSTIG-ID:RHEL-06-000018\n\nVulnerability Discussion: For tripwire to be effective, an initial database of "known-good" information about files must be captured and it should be able to be verified against the installed files.\n\nFix text: Run "reset tripwire" from the administrator control panel.\n\n######################\n\n' >> $LOG
               fi
               ;;
     V-38491)  if [ "$3" = "en" ]; then