Understanding of set -x output when ran against Bash script
Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I'm having trouble figuring out part of the output. I understand the user is Root, the hostname of the VM that I ran the script on is localhost and the directory of where I ran the script.
I don't understand the first part of the output. Can someone shed a little more light on this?
Ok...I posted the wrong name of the script. It should be rhel6_stig_fix.sh, not frag.sh.
I think my script damaged the guest VM too, as I can't run certain commands anymore...and had to mount a usb drive to pull off this code in order share it as I don't have Guest Additions installed, and samba wasn't working either to share with Win 7 desktop.
Here is the output when running set -x against the script file:
Code:
set -x rhel6_stig_fix.sh
++printf '\033]0;%s@%s:%s\007' root localhost '~/scripts'
Here is the script in its entirety
Code:
#!/bin/bash
touch /var/tmp/stig_output.txt
echo
echo `date` >> /var/tmp/stig_output.txt
echo
echo "Applying RHEL6 STIGs"
echo "Backing up important files to /root/bkup before applying STIGs"
sleep 30
mkdir -p /root/bkup
cp /etc/pam.d/system-auth /root/bkup
cp /etc/pam.d/system-auth-ac /root/bkup
cp /etc/ssh/sshd_config /root/bkup
echo
echo "############################################"
echo "creating RHEL6 stig log file under /var/tmp "
echo "############################################"
echo
# CAT 1
echo
echo "rhel-06-0000008 rule id sv-50276r3 vuln id v-38476" >> /var/tmp/stig_output.txt
rpm -q gpg-pubkey >> /var/tmp/stig_output.txt
# CAT 1
echo
echo "rhel-06-000019 rule id sv-50292r1_rule vule id v-38491" >> /var/tmp/stig_output.txt
if [ -f /etc/hosts.equiv ];
then
echo "File hosts.equiv exist in /etc." >> /var/tmp/stig_output.txt
else
echo "File hosts.equiv does not exist in /etc." >> /var/tmp/stig_output.txt
fi
# CAT 1
# still working on this stig
echo
nullok_var = nullok
echo "rhel-06-000030 rule id sv-50298r2_rule vuln id v-38497" >> /var/tmp/stig_output.txt
grep "nullok" /etc/pam.d/system-auth >> /var/tmp/stig_output.txt
sed -i '/nullok/d' /etc/pam.d/system-auth
if [ grep -q $nullok /etc/pam.d/system-auth ] ;
then
echo "nullok has been removed from /etc/pam.d/system-auth" >> /var/tmp/stig_output.txt
else
echo "nullok still in /etc/pam.d/system-auth...please fix" >> /var/tmp/stig_output.txt
# CAT 1
echo
echo "rhel-06-000206 rule id sv-50388r1_rule vuln id v-38587" >> /var/tmp/stig_output.txt
telnet_package=telnet-server
if rpm -qa | grep -q $telnet_package;
then
echo "$telnet_package is installed"
else
echo "$telnet_package is NOT installed"
fi
# CAT 1
echo
echo "rhel-06-000211 rule id sv-50390r2_rule vuln id v-38589" >> /var/tmp/stig_output.txt
if pgrep telnet > /dev/null 2>&1
then
echo "Telnet is running, turn it off" >> /var/tmp/stig_output.txt && chkconfig --level 2345 off telnet
else
echo "Telnet is NOT running" >> /var/tmp/stig_output.txt
fi
# CAT 1
echo
echo "rhel-06-000213 rule id sv-50392r1_rule vuln id v-38591" >> /var/tmp/stig_output.txt
rsh_server_package=rsh-server
if rpm -qa | grep -q $rsh_server_package;
then
echo "$rsh_server_package is installed...removing" && rpm -e $rsh_server_package >> /var/tmp/stig_output.txt
else
echo "$rsh_server_package is NOT installed" >> /var/tmp/stig_output.txt
fi
# CAT 1
echo
echo "rhel-06-000241 rule id sv-50395r2_rule vuln id v-38594" >> /var/tmp/stig_output.txt
if pgrep rsh > /dev/null 2>&1
then
echo "rsh is running, turn it off" >> /var/tmp/stig_output.txt && chkconfig --level 2345 off rsh
else
echo "rsh is NOT running" >> /var/tmp/stig_output.txt
fi
# CAT 1
echo
echo "rhel-06-000216 rule id sv-50399r2_rule vuln id v-38598" >> /var/tmp/stig_output.txt
if pgrep rexec > /dev/null 2>&1
then
echo "rexec is running, turn it off" >> /var/tmp/stig_output.txt && chkconfig --level 2345 off rexec
else
echo "rexec is NOT running" >> /var/tmp/stig_output.txt
fi
# CAT 1
echo
echo "rhel-06-000218 rule id sv-50403r2_rule vuln id v-38602" >> /var/tmp/stig_output.txt
# CAT 1
echo
echo "rhel-06-000227 rule id sv-50408r1_rule vuln id v-38607" >> /var/tmp/stig_output.txt
if grep -i 'Protocol 2' /etc/ssh/sshd_configi >> /var/tmp/stig_output.txt
then
echo "Protocol 2 exist in /etc/ssh/sshd_config" >> /var/tmp/stig_output.txt
else
echo "Protocol 2 DOES NOT exist in /etc/ssh/sshd_config, please add" >> /var/tmp/stig_output.txt
fi
# CAT 1
echo
echo "rhel-06-000239 rule id sv-50415r1_rule vuln id v-38614" >> /var/tmp/stig_output.txt
grep -i 'PermitEmptyPasswords' | tr -d '#' | service sshd restart && echo 'Remove # from PermitEmpytPasswords' >> /var/tmp/stig_output.txt
# if grep -i 'PermitEmptyPasswords' /etc/ssh/sshd_config >> /var/tmp/stig_output.txt
# then
# echo && service restart sshd
# CAT 1
echo
echo 'rhel-06-000286 rule id sv-50469r3_rule vuln id v-38668' >> /var/tmp/stig_output.txt
touch /etc/init/control-alt-delete.override
echo "exec /usr/bin/logger -p security.info \"Ctrl-Alt-Delete pressed\"" > /etc/init/control-alt-delete.override
# CAT 1
echo
echo "rhel-06-000309' rule id sv-50478r1_rule vuln id v-38677" >> /var/tmp/stig_output.txt
if grep -i 'insecure_locks' /etc/exports ; then
echo "Remove all instancs of insecure locks from /etc/exports" >> /var/tmp/stig_output.txt
else
echo "No insecure_locks exist in /etc/exports...ok" >> /var/tmp/stig_output.txt
# CAT 1
echo
echo "rhel-06-000338 rule id sv-50502r1_rule vuln id v-38701" >> /var/tmp/stig_output.txt
touch /etc/xinetd.d/tftp
echo "server_args = -s /var/lib/tftpboot" > /etc/xinetd.d/tftp
echo "tftp file created under /etc/xinetd.d and populated with the correct info...ok" >> /var/tmp/stig_output.txt
# CAT 1
echo
echo "rhel-06-000341 rule id sv-50454r1_rule vuln id v-38653" >> /var/tmp/stig_output.txt
mkdir -p /etc/snmp && touch /etc/snmp/snmpd.conf
service snmpd restart
echo
echo "######################################"
echo "Finished Applying RHEL6 STIGS, see log for more information"
echo "######################################"
echo
I missed it in post #1, but set -x <script> is definitely wrong.
You need to put set -xv in the script itself, at the beginning, just after the shebang (#!/bin/bash).
Or you need to invoke your script as: bash -xv <script>.
The printf you asked about is coming from your current shell (because set -x was invoked in your actual shell), it is not related to the script you wanted to execute at all. Most probably it is related to the prompt configuration (see the variable PS1).
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
