DSCResources/Resources/linux.nxFileLine.ps1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
# Copyright (c) Microsoft Corporation. All rights reserved.
# Licensed under the MIT License.

$rules = Select-Rule -Type nxFileLineRule -RuleList $stig.RuleList

$audispRemoteConfCreated = $false
$auRemoteConfCreated = $false

foreach ($rule in $rules)
{
    <#
        There are 8 rules that require audisp-remote.conf and audisp-remote.conf, which do not exist by default.
        In order to successfully apply these rules the file will need to be created. Unfortunately the file cannot
        be created if it does not exist with nxFileLine, instead, the current automation will hard code the file creation
        using nxFile when the FilePath for those files is detected.
    #>

    if ($rule.FilePath -eq '/etc/audisp/audisp-remote.conf' -and -not $audispRemoteConfCreated)
    {
        nxFile (Get-ResourceTitle -Rule $rule)
        {
            DestinationPath = '/etc/audisp/audisp-remote.conf'
            Contents        = "# Generated via PowerSTIG`n"
        }

        $audispRemoteConfCreated = $true
    }

    if ($rule.FilePath -eq '/etc/audisp/plugins.d/au-remote.conf' -and -not $auRemoteConfCreated)
    {
        nxFile (Get-ResourceTitle -Rule $rule)
        {
            DestinationPath = '/etc/audisp/plugins.d/au-remote.conf'
            Contents        = "# Generated via PowerSTIG`n"
        }

        $auRemoteConfCreated = $true
    }

    if ($rule.DoesNotContainPattern -ne 'PatternNotRequired')
    {
        nxFileLine (Get-ResourceTitle -Rule $rule)
        {
            FilePath              = $rule.FilePath
            ContainsLine          = $rule.ContainsLine
            DoesNotContainPattern = $rule.DoesNotContainPattern
        }
    }
    else
    {
        nxFileLine (Get-ResourceTitle -Rule $rule)
        {
            FilePath     = $rule.FilePath
            ContainsLine = $rule.ContainsLine
        }
    }
}