RHEL-09-211045: Red Hat Enterprise Linux 9 Security Technical Implementation Guide :: Version 1, Release: 2 Benchmark Date: 24 Jan 2024
Updated on 2024-04-05
All fix and check commands must be run as root.
#!/bin/bash | |
# Collection of utility functions for bash scripts | |
# Version 0.6.4 modified 2024-04-12 by AfroThundr | |
# SPDX-License-Identifier: GPL-3.0-or-later | |
# | |
# For issues or updated versions of this script, browse to the following URL: | |
# https://gist.github.com/AfroThundr3007730/b761bd1a6b2f32a2e97727c7e049e354 | |
# Take caution sourcing this file in your shell, as it uses strict mode. | |
#----------------------------------------------------------------------# |
#!/bin/bash | |
# Import DoD root certificates into linux CA store | |
# Version 0.3.0 updated 20240304 | |
# SPDX-License-Identifier: GPL-3.0-or-later | |
add_dod_certs() { | |
local bundle cert certdir file form tmpdir url update | |
# Location of bundle from DISA site | |
url='https://public.cyber.mil/pki-pke/pkipke-document-library/' | |
bundle=$(curl -s $url | awk -F '"' 'tolower($2) ~ /dod.zip/ {print $2}') |
#!/bin/bash | |
# Does the equivalent of sysprep for linux boxes to prepare them for cloning. | |
# Based on https://lonesysadmin.net/2013/03/26/preparing-linux-template-vms/ | |
# For issues or updated versions of this script, browse to the following URL: | |
# https://gist.github.com/AfroThundr3007730/ff5229c5b1f9a018091b14ceac95aa55 | |
# SPDX-License-Identifier: GPL-3.0-or-later | |
AUTHOR='AfroThundr' | |
BASENAME="${0##*/}" | |
MODIFIED='20240409' |
# Last updated 20240331 by AfroThundr | |
# SPDX-License-Identifier: GPL-3.0-or-later | |
Set-StrictMode -Version Latest | |
#region Internal Variables | |
$DefaultPSProfileContent = @' | |
# Note: This profile stub is automatically overwritten, make changes instead in profile_local.ps1 | |
# Always use strict mode | |
Set-StrictMode -Version Latest |
# Original version | |
function New-SecurePassword { | |
<# .SYNOPSIS | |
Generates high entropy passwords of configurable length #> | |
[Alias('genpw')] | |
Param( | |
# Length of passwords to genereate | |
[int]$Length = 20, | |
# How many passwords to generate | |
[int]$Count = 5, |
function Get-StringPermutations { | |
<# .SYNOPSIS | |
Calculates the permutations of an input string #> | |
[Alias('permutate')] | |
Param( | |
# String to calculate permutations from | |
[Parameter(Mandatory)] | |
[String]$String, | |
# Return only unique permutations | |
[Parameter()] |
# Version 1 | |
$idleDays = 2 | |
$users = (((query user) -replace '^>', '') -replace '\s{2,}', ',').Trim() | | |
ForEach-Object { | |
if ($_.Split(',').Count -eq 5) { | |
Write-Output ($_ -replace '(^[^,]+)', '$1,') | |
} | |
else { | |
Write-Output $_ |
function Get-RunningTasks() { | |
while ((Get-Task | Where-Object { $_.state -eq 'running' }).count -gt 0) { | |
Get-Task | Where-Object { $_.state -eq 'running' } | | |
Sort-Object name, percentcomplete | | |
Format-Table Name, State, PercentComplete, StartTime, | |
@{ L = 'Target'; E = { $_.ExtensionData.Info.EntityName } }, | |
@{ L = 'Initiator'; E = { $_.ExtensionData.Info.Reason.UserName } } | |
Start-Sleep 10 | |
} | |
} |
function Get-ESXiSerials { | |
<# | |
.SYNOPSIS | |
Get the serial number and service tags for ESXi hosts | |
#> | |
Param( | |
# Full name of host or a regex | |
[Parameter(Mandatory = $false)] | |
[string]$HostSpec | |
) |