Revert "motd may be configured under /etc/update-motd.d/"

This reverts commit 79d234c. Signed-off-by: Bryan Endres <[email protected]>
dev-sec · Mar 29, 2023 · a04b289 · a04b289
1 parent 8999ad4
commit a04b289
Showing 1 changed file with 6 additions and 17 deletions.
diff --git a/controls/1_7_warning_banners.rb b/controls/1_7_warning_banners.rb
@@ -59,28 +59,17 @@
 end
 
 control 'cis-dil-benchmark-1.7.1.4' do
-  title 'Ensure permissions on /etc/motd and /etc/update-motd.d/* are configured'
-  desc  "The contents of the /etc/motd and /etc/update-motd.d/* files are displayed to users after login and function as a message of the day for authenticated users.\n\nRationale: If the files do not have the correct ownership, they could be modified by unauthorized users with incorrect or misleading information."
+  title 'Ensure permissions on /etc/motd are configured'
+  desc  "The contents of the /etc/motd file are displayed to users after login and function as a message of the day for authenticated users.\n\nRationale: If the /etc/motd file does not have the correct ownership it could be modified by unauthorized users with incorrect or misleading information."
   impact 0.0
 
   tag cis: 'distribution-independent-linux:1.7.1.4'
   tag level: 1
 
-  motd_file = '/etc/motd'
-
-  if File.exist?(motd_file)
-    describe file(motd_file) do
-      its('group') { should eq 'root' }
-      its('owner') { should eq 'root' }
-      its('mode') { should cmp '0644' }
-    end
-  end
-  command('find /etc/update-motd.d/ -type f').stdout.split.each do |f|
-    describe file(f) do
-      its('group') { should eq 'root' }
-      its('owner') { should eq 'root' }
-      its('mode') { should cmp '0755' }
-    end
+  describe file('/etc/motd') do
+    its('group') { should eq 'root' }
+    its('owner') { should eq 'root' }
+    its('mode') { should cmp '0644' }
   end
 end