From e59cf5a849dff973b9af37491cadc74567b6ae80 Mon Sep 17 00:00:00 2001 From: Gabriel Becker Date: Wed, 12 Feb 2020 21:23:47 +0100 Subject: [PATCH 1/3] Add template snippet for shell_lineinfile. --- snippets.json | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/snippets.json b/snippets.json index 39f16c7..41a2ddc 100644 --- a/snippets.json +++ b/snippets.json @@ -330,6 +330,21 @@ ], "description": "Checks if a system service is enabled. Uses either systemd or SysV init based on the product configuration in 'product.yml'.\n\nLanguages: Ansible, Bash, OVAL, Puppet\n\n" }, + + "Template shell_lineinfile": { + "prefix": "template_shell_lineinfile", + "body": [ + "template:", + "\tname: shell_lineinfile", + "\tvars:", + "\t\tpath: ${1:What file to check}", + "\t\tparameter: ${2:name of the shell variable, eg. SHELL.}", + "\t\tvalue: ${3:value of the SSH configuration option specified by parameter, eg. \"/bin/bash\". Don’t pass extra shell quoting - that will be handled on the lower level.}", + "\t\tno_quotes: ${4:If set to \"true\", the assigned value has to be without quotes during the check and remediation doesn’t quote assignments either.}", + "\t\tmissing_parameter_pass: ${5:If set to \"true\" the OVAL check will pass if the parameter is not present in the target file.}" + ], + "description": "Checks shell variable assignments in files. Remediations will paste assignments with single shell quotes unless there is the dollar sign in the value string, in which case double quotes are administered. The OVAL checks for a match with either of no quotes, single quoted string, or double quoted string.\n\nLanguages: Ansible, Bash, OVAL\n\nExample: A template invocation specifying that parameter HISTSIZE should be set to value 500 in /etc/profile will produce a check that passes if any of the following lines are present in /etc/profile:\n\nHISTSIZE=500\n\nHISTSIZE=\"500\"\n\nHISTSIZE='500'\n\nThe remediation would insert one of the quoted forms if the line was not present.\n\nIf the no_quotes would be set in the template, only the first form would be checked for, and the unquoted assignment would be inserted to the file by the remediation if not present." + }, "Template sshd_lineinfile": { "prefix": "template_sshd_lineinfile", "body": [ From d81f3799d177427ef918e97b83f6537213709bf5 Mon Sep 17 00:00:00 2001 From: Gabriel Becker Date: Wed, 12 Feb 2020 21:26:02 +0100 Subject: [PATCH 2/3] Update template documentation with shell_lineinfile. --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 4b39dde..18321b2 100644 --- a/README.md +++ b/README.md @@ -81,6 +81,7 @@ When editing a Rule file (`rule.yml`), code snippets are available. You can simp - template_sebool - template_service_disabled - template_service_enabled + - template_shell_lineinfile - template_sshd_lineinfile - template_sysctl - template_timer_enabled From a7b33ccf72d4d61c1981ab05b42c488b0d8964b2 Mon Sep 17 00:00:00 2001 From: Gabriel Becker Date: Wed, 12 Feb 2020 21:27:03 +0100 Subject: [PATCH 3/3] Update changelog. --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 08e4d3d..79753ea 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,7 @@ ### Added - Option to copy full prefixed rule ID. - Instructions on how to install the extension through VSCode Marketplace webpage. +- Snippet for `shell_lineinfile` template. ### Fixed - Content now opens from every context VSCode is. For example, there is no need to have an active opened editor to activate the shortcuts. ### Removed