parse drop-in config folder rather than only one config file

2024-10-01 08:25:45 -04:00 · 2019-12-20 05:49:11 -05:00 · 2019-12-20 05:49:11 -05:00 · 46466c12ad
commit 46466c12ad
parent 66fd31189d
2 changed files with 8 additions and 3 deletions
--- a/etc/permission-hardening.d/30_default.conf
+++ b/etc/permission-hardening.d/30_default.conf
--- a/usr/lib/security-misc/permission-hardening
+++ b/usr/lib/security-misc/permission-hardening
@ -7,8 +7,6 @@

 exit_code=0

-config_file="/etc/permission-hardening.conf"
-
 echo_wrapper() {
   echo "run: $@"
   "$@"
@ -161,6 +159,13 @@ set_file_perms() {
  done < "$config_file"
 }

-set_file_perms
+parse_config_folder() {
+  shopt -s nullglob
+  for config_file in /etc/permission-hardening.d/*.conf /usr/local/etc/permission-hardening.d/*.conf; do
+    set_file_perms
+  done
+}
+
+parse_config_folder

 exit "$exit_code"