in src/common/asb/Asb.c [4991:5979]
int AsbMmiSet(const char* componentName, const char* objectName, const char* payload, const int payloadSizeBytes, OsConfigLogHandle log)
{
const char* init = "init";
JSON_Value* jsonValue = NULL;
char* jsonString = NULL;
char* payloadString = NULL;
PerfClock perfClock = {{0, 0}, {0, 0}};
int status = 0;
// No payload is accepted for now, this may change once the complete Azure Security Baseline is implemented
if ((NULL == componentName) || (NULL == objectName))
{
OsConfigLogError(log, "AsbMmiSet(%s, %s, %s, %d) called with invalid arguments", componentName, objectName, payload, payloadSizeBytes);
return EINVAL;
}
StartPerfClock(&perfClock, GetPerfLog());
if (0 != strcmp(componentName, g_securityBaselineComponentName))
{
OsConfigLogError(log, "AsbMmiSet called for an unsupported component name (%s)", componentName);
status = EINVAL;
}
if ((0 == status) && (NULL != payload) && (0 < payloadSizeBytes))
{
if (NULL != (payloadString = malloc(payloadSizeBytes + 1)))
{
memset(payloadString, 0, payloadSizeBytes + 1);
memcpy(payloadString, payload, payloadSizeBytes);
if (NULL != (jsonValue = json_parse_string(payloadString)))
{
if (NULL == (jsonString = (char*)json_value_get_string(jsonValue)))
{
status = EINVAL;
OsConfigLogError(log, "AsbMmiSet: json_value_get_string(%s) failed", payloadString);
}
}
else
{
status = EINVAL;
OsConfigLogError(log, "AsbMmiSet: json_parse_string(%s) failed", payloadString);
}
}
else
{
status = ENOMEM;
OsConfigLogError(log, "AsbMmiSet: failed to allocate %d bytes of memory", payloadSizeBytes + 1);
}
}
if (0 == status)
{
if (0 == strcmp(objectName, g_remediateEnsureLoggingLevelObject))
{
status = RemediateEnsureLoggingLevel(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsurePermissionsOnEtcIssueObject))
{
status = RemediateEnsurePermissionsOnEtcIssue(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsurePermissionsOnEtcIssueNetObject))
{
status = RemediateEnsurePermissionsOnEtcIssueNet(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsurePermissionsOnEtcHostsAllowObject))
{
status = RemediateEnsurePermissionsOnEtcHostsAllow(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsurePermissionsOnEtcHostsDenyObject))
{
status = RemediateEnsurePermissionsOnEtcHostsDeny(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsurePermissionsOnEtcSshSshdConfigObject))
{
status = RemediateEnsurePermissionsOnEtcSshSshdConfig(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsurePermissionsOnEtcShadowObject))
{
status = RemediateEnsurePermissionsOnEtcShadow(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsurePermissionsOnEtcShadowDashObject))
{
status = RemediateEnsurePermissionsOnEtcShadowDash(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsurePermissionsOnEtcGShadowObject))
{
status = RemediateEnsurePermissionsOnEtcGShadow(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsurePermissionsOnEtcGShadowDashObject))
{
status = RemediateEnsurePermissionsOnEtcGShadowDash(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsurePermissionsOnEtcPasswdObject))
{
status = RemediateEnsurePermissionsOnEtcPasswd(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsurePermissionsOnEtcPasswdDashObject))
{
status = RemediateEnsurePermissionsOnEtcPasswdDash(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsurePermissionsOnEtcGroupObject))
{
status = RemediateEnsurePermissionsOnEtcGroup(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsurePermissionsOnEtcGroupDashObject))
{
status = RemediateEnsurePermissionsOnEtcGroupDash(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsurePermissionsOnEtcAnacronTabObject))
{
status = RemediateEnsurePermissionsOnEtcAnacronTab(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsurePermissionsOnEtcCronDObject))
{
status = RemediateEnsurePermissionsOnEtcCronD(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsurePermissionsOnEtcCronDailyObject))
{
status = RemediateEnsurePermissionsOnEtcCronDaily(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsurePermissionsOnEtcCronHourlyObject))
{
status = RemediateEnsurePermissionsOnEtcCronHourly(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsurePermissionsOnEtcCronMonthlyObject))
{
status = RemediateEnsurePermissionsOnEtcCronMonthly(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsurePermissionsOnEtcCronWeeklyObject))
{
status = RemediateEnsurePermissionsOnEtcCronWeekly(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsurePermissionsOnEtcMotdObject))
{
status = RemediateEnsurePermissionsOnEtcMotd(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureInetdNotInstalledObject))
{
status = RemediateEnsureInetdNotInstalled(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureXinetdNotInstalledObject))
{
status = RemediateEnsureXinetdNotInstalled(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureRshServerNotInstalledObject))
{
status = RemediateEnsureRshServerNotInstalled(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureNisNotInstalledObject))
{
status = RemediateEnsureNisNotInstalled(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureTftpdNotInstalledObject))
{
status = RemediateEnsureTftpdNotInstalled(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureReadaheadFedoraNotInstalledObject))
{
status = RemediateEnsureReadaheadFedoraNotInstalled(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureBluetoothHiddNotInstalledObject))
{
status = RemediateEnsureBluetoothHiddNotInstalled(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureIsdnUtilsBaseNotInstalledObject))
{
status = RemediateEnsureIsdnUtilsBaseNotInstalled(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureIsdnUtilsKdumpToolsNotInstalledObject))
{
status = RemediateEnsureIsdnUtilsKdumpToolsNotInstalled(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureIscDhcpdServerNotInstalledObject))
{
status = RemediateEnsureIscDhcpdServerNotInstalled(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureSendmailNotInstalledObject))
{
status = RemediateEnsureSendmailNotInstalled(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureSldapdNotInstalledObject))
{
status = RemediateEnsureSldapdNotInstalled(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureBind9NotInstalledObject))
{
status = RemediateEnsureBind9NotInstalled(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureDovecotCoreNotInstalledObject))
{
status = RemediateEnsureDovecotCoreNotInstalled(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureAuditdInstalledObject))
{
status = RemediateEnsureAuditdInstalled(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsurePrelinkIsDisabledObject))
{
status = RemediateEnsurePrelinkIsDisabled(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureTalkClientIsNotInstalledObject))
{
status = RemediateEnsureTalkClientIsNotInstalled(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureCronServiceIsEnabledObject))
{
status = RemediateEnsureCronServiceIsEnabled(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureAuditdServiceIsRunningObject))
{
status = RemediateEnsureAuditdServiceIsRunning(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureKernelSupportForCpuNxObject))
{
status = RemediateEnsureKernelSupportForCpuNx(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureNodevOptionOnHomePartitionObject))
{
status = RemediateEnsureNodevOptionOnHomePartition(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureNodevOptionOnTmpPartitionObject))
{
status = RemediateEnsureNodevOptionOnTmpPartition(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureNodevOptionOnVarTmpPartitionObject))
{
status = RemediateEnsureNodevOptionOnVarTmpPartition(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureNosuidOptionOnTmpPartitionObject))
{
status = RemediateEnsureNosuidOptionOnTmpPartition(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureNosuidOptionOnVarTmpPartitionObject))
{
status = RemediateEnsureNosuidOptionOnVarTmpPartition(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureNoexecOptionOnVarTmpPartitionObject))
{
status = RemediateEnsureNoexecOptionOnVarTmpPartition(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureNoexecOptionOnDevShmPartitionObject))
{
status = RemediateEnsureNoexecOptionOnDevShmPartition(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureNodevOptionEnabledForAllRemovableMediaObject))
{
status = RemediateEnsureNodevOptionEnabledForAllRemovableMedia(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureNoexecOptionEnabledForAllRemovableMediaObject))
{
status = RemediateEnsureNoexecOptionEnabledForAllRemovableMedia(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureNosuidOptionEnabledForAllRemovableMediaObject))
{
status = RemediateEnsureNosuidOptionEnabledForAllRemovableMedia(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureNoexecNosuidOptionsEnabledForAllNfsMountsObject))
{
status = RemediateEnsureNoexecNosuidOptionsEnabledForAllNfsMounts(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureAllTelnetdPackagesUninstalledObject))
{
status = RemediateEnsureAllTelnetdPackagesUninstalled(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureAllEtcPasswdGroupsExistInEtcGroupObject))
{
status = RemediateEnsureAllEtcPasswdGroupsExistInEtcGroup(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureNoDuplicateUidsExistObject))
{
status = RemediateEnsureNoDuplicateUidsExist(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureNoDuplicateGidsExistObject))
{
status = RemediateEnsureNoDuplicateGidsExist(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureNoDuplicateUserNamesExistObject))
{
status = RemediateEnsureNoDuplicateUserNamesExist(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureNoDuplicateGroupsExistObject))
{
status = RemediateEnsureNoDuplicateGroupsExist(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureShadowGroupIsEmptyObject))
{
status = RemediateEnsureShadowGroupIsEmpty(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureRootGroupExistsObject))
{
status = RemediateEnsureRootGroupExists(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureAllAccountsHavePasswordsObject))
{
status = RemediateEnsureAllAccountsHavePasswords(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureNonRootAccountsHaveUniqueUidsGreaterThanZeroObject))
{
status = RemediateEnsureNonRootAccountsHaveUniqueUidsGreaterThanZero(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureNoLegacyPlusEntriesInEtcPasswdObject))
{
status = RemediateEnsureNoLegacyPlusEntriesInEtcPasswd(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureNoLegacyPlusEntriesInEtcShadowObject))
{
status = RemediateEnsureNoLegacyPlusEntriesInEtcShadow(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureNoLegacyPlusEntriesInEtcGroupObject))
{
status = RemediateEnsureNoLegacyPlusEntriesInEtcGroup(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureDefaultRootAccountGroupIsGidZeroObject))
{
status = RemediateEnsureDefaultRootAccountGroupIsGidZero(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureRootIsOnlyUidZeroAccountObject))
{
status = RemediateEnsureRootIsOnlyUidZeroAccount(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureAllUsersHomeDirectoriesExistObject))
{
status = RemediateEnsureAllUsersHomeDirectoriesExist(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureUsersOwnTheirHomeDirectoriesObject))
{
status = RemediateEnsureUsersOwnTheirHomeDirectories(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureRestrictedUserHomeDirectoriesObject))
{
status = RemediateEnsureRestrictedUserHomeDirectories(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsurePasswordHashingAlgorithmObject))
{
status = RemediateEnsurePasswordHashingAlgorithm(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureMinDaysBetweenPasswordChangesObject))
{
status = RemediateEnsureMinDaysBetweenPasswordChanges(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureInactivePasswordLockPeriodObject))
{
status = RemediateEnsureInactivePasswordLockPeriod(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateMaxDaysBetweenPasswordChangesObject))
{
status = RemediateEnsureMaxDaysBetweenPasswordChanges(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsurePasswordExpirationObject))
{
status = RemediateEnsurePasswordExpiration(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsurePasswordExpirationWarningObject))
{
status = RemediateEnsurePasswordExpirationWarning(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureSystemAccountsAreNonLoginObject))
{
status = RemediateEnsureSystemAccountsAreNonLogin(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureAuthenticationRequiredForSingleUserModeObject))
{
status = RemediateEnsureAuthenticationRequiredForSingleUserMode(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureDotDoesNotAppearInRootsPathObject))
{
status = RemediateEnsureDotDoesNotAppearInRootsPath(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureRemoteLoginWarningBannerIsConfiguredObject))
{
status = RemediateEnsureRemoteLoginWarningBannerIsConfigured(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureLocalLoginWarningBannerIsConfiguredObject))
{
status = RemediateEnsureLocalLoginWarningBannerIsConfigured(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureAuditdServiceIsRunningObject))
{
status = RemediateEnsureAuditdServiceIsRunning(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureSuRestrictedToRootGroupObject))
{
status = RemediateEnsureSuRestrictedToRootGroup(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureDefaultUmaskForAllUsersObject))
{
status = RemediateEnsureDefaultUmaskForAllUsers(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureAutomountingDisabledObject))
{
status = RemediateEnsureAutomountingDisabled(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureKernelCompiledFromApprovedSourcesObject))
{
status = RemediateEnsureKernelCompiledFromApprovedSources(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureDefaultDenyFirewallPolicyIsSetObject))
{
status = RemediateEnsureDefaultDenyFirewallPolicyIsSet(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsurePacketRedirectSendingIsDisabledObject))
{
status = RemediateEnsurePacketRedirectSendingIsDisabled(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureIcmpRedirectsIsDisabledObject))
{
status = RemediateEnsureIcmpRedirectsIsDisabled(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureSourceRoutedPacketsIsDisabledObject))
{
status = RemediateEnsureSourceRoutedPacketsIsDisabled(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureAcceptingSourceRoutedPacketsIsDisabledObject))
{
status = RemediateEnsureAcceptingSourceRoutedPacketsIsDisabled(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureIgnoringBogusIcmpBroadcastResponsesObject))
{
status = RemediateEnsureIgnoringBogusIcmpBroadcastResponses(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureIgnoringIcmpEchoPingsToMulticastObject))
{
status = RemediateEnsureIgnoringIcmpEchoPingsToMulticast(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureMartianPacketLoggingIsEnabledObject))
{
status = RemediateEnsureMartianPacketLoggingIsEnabled(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureReversePathSourceValidationIsEnabledObject))
{
status = RemediateEnsureReversePathSourceValidationIsEnabled(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureTcpSynCookiesAreEnabledObject))
{
status = RemediateEnsureTcpSynCookiesAreEnabled(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureSystemNotActingAsNetworkSnifferObject))
{
status = RemediateEnsureSystemNotActingAsNetworkSniffer(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureAllWirelessInterfacesAreDisabledObject))
{
status = RemediateEnsureAllWirelessInterfacesAreDisabled(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureIpv6ProtocolIsEnabledObject))
{
status = RemediateEnsureIpv6ProtocolIsEnabled(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureDccpIsDisabledObject))
{
status = RemediateEnsureDccpIsDisabled(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureSctpIsDisabledObject))
{
status = RemediateEnsureSctpIsDisabled(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureDisabledSupportForRdsObject))
{
status = RemediateEnsureDisabledSupportForRds(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureTipcIsDisabledObject))
{
status = RemediateEnsureTipcIsDisabled(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureZeroconfNetworkingIsDisabledObject))
{
status = RemediateEnsureZeroconfNetworkingIsDisabled(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsurePermissionsOnBootloaderConfigObject))
{
status = RemediateEnsurePermissionsOnBootloaderConfig(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsurePasswordReuseIsLimitedObject))
{
status = RemediateEnsurePasswordReuseIsLimited(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureMountingOfUsbStorageDevicesIsDisabledObject))
{
status = RemediateEnsureMountingOfUsbStorageDevicesIsDisabled(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureCoreDumpsAreRestrictedObject))
{
status = RemediateEnsureCoreDumpsAreRestricted(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsurePasswordCreationRequirementsObject))
{
status = RemediateEnsurePasswordCreationRequirements(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureLockoutForFailedPasswordAttemptsObject))
{
status = RemediateEnsureLockoutForFailedPasswordAttempts(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureDisabledInstallationOfCramfsFileSystemObject))
{
status = RemediateEnsureDisabledInstallationOfCramfsFileSystem(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureDisabledInstallationOfFreevxfsFileSystemObject))
{
status = RemediateEnsureDisabledInstallationOfFreevxfsFileSystem(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureDisabledInstallationOfHfsFileSystemObject))
{
status = RemediateEnsureDisabledInstallationOfHfsFileSystem(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureDisabledInstallationOfHfsplusFileSystemObject))
{
status = RemediateEnsureDisabledInstallationOfHfsplusFileSystem(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureDisabledInstallationOfJffs2FileSystemObject))
{
status = RemediateEnsureDisabledInstallationOfJffs2FileSystem(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureVirtualMemoryRandomizationIsEnabledObject))
{
status = RemediateEnsureVirtualMemoryRandomizationIsEnabled(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureAllBootloadersHavePasswordProtectionEnabledObject))
{
status = RemediateEnsureAllBootloadersHavePasswordProtectionEnabled(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureLoggingIsConfiguredObject))
{
status = RemediateEnsureLoggingIsConfigured(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureSyslogPackageIsInstalledObject))
{
status = RemediateEnsureSyslogPackageIsInstalled(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureSystemdJournaldServicePersistsLogMessagesObject))
{
status = RemediateEnsureSystemdJournaldServicePersistsLogMessages(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureALoggingServiceIsEnabledObject))
{
status = RemediateEnsureALoggingServiceIsEnabled(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureFilePermissionsForAllRsyslogLogFilesObject))
{
status = RemediateEnsureFilePermissionsForAllRsyslogLogFiles(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureLoggerConfigurationFilesAreRestrictedObject))
{
status = RemediateEnsureLoggerConfigurationFilesAreRestricted(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureAllRsyslogLogFilesAreOwnedByAdmGroupObject))
{
status = RemediateEnsureAllRsyslogLogFilesAreOwnedByAdmGroup(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureAllRsyslogLogFilesAreOwnedBySyslogUserObject))
{
status = RemediateEnsureAllRsyslogLogFilesAreOwnedBySyslogUser(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureRsyslogNotAcceptingRemoteMessagesObject))
{
status = RemediateEnsureRsyslogNotAcceptingRemoteMessages(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureSyslogRotaterServiceIsEnabledObject))
{
status = RemediateEnsureSyslogRotaterServiceIsEnabled(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureTelnetServiceIsDisabledObject))
{
status = RemediateEnsureTelnetServiceIsDisabled(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureRcprshServiceIsDisabledObject))
{
status = RemediateEnsureRcprshServiceIsDisabled(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureTftpServiceisDisabledObject))
{
status = RemediateEnsureTftpServiceisDisabled(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureAtCronIsRestrictedToAuthorizedUsersObject))
{
status = RemediateEnsureAtCronIsRestrictedToAuthorizedUsers(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureSshPortIsConfiguredObject))
{
status = RemediateEnsureSshPortIsConfigured(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureSshBestPracticeProtocolObject))
{
status = RemediateEnsureSshBestPracticeProtocol(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureSshBestPracticeIgnoreRhostsObject))
{
status = RemediateEnsureSshBestPracticeIgnoreRhosts(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureSshLogLevelIsSetObject))
{
status = RemediateEnsureSshLogLevelIsSet(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureSshMaxAuthTriesIsSetObject))
{
status = RemediateEnsureSshMaxAuthTriesIsSet(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureAllowUsersIsConfiguredObject))
{
status = RemediateEnsureAllowUsersIsConfigured(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureDenyUsersIsConfiguredObject))
{
status = RemediateEnsureDenyUsersIsConfigured(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureAllowGroupsIsConfiguredObject))
{
status = RemediateEnsureAllowGroupsIsConfigured(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureDenyGroupsConfiguredObject))
{
status = RemediateEnsureDenyGroupsConfigured(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureSshHostbasedAuthenticationIsDisabledObject))
{
status = RemediateEnsureSshHostbasedAuthenticationIsDisabled(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureSshPermitRootLoginIsDisabledObject))
{
status = RemediateEnsureSshPermitRootLoginIsDisabled(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureSshPermitEmptyPasswordsIsDisabledObject))
{
status = RemediateEnsureSshPermitEmptyPasswordsIsDisabled(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureSshClientIntervalCountMaxIsConfiguredObject))
{
status = RemediateEnsureSshClientIntervalCountMaxIsConfigured(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureSshClientAliveIntervalIsConfiguredObject))
{
status = RemediateEnsureSshClientAliveIntervalIsConfigured(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureSshLoginGraceTimeIsSetObject))
{
status = RemediateEnsureSshLoginGraceTimeIsSet(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureOnlyApprovedMacAlgorithmsAreUsedObject))
{
status = RemediateEnsureOnlyApprovedMacAlgorithmsAreUsed(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureSshWarningBannerIsEnabledObject))
{
status = RemediateEnsureSshWarningBannerIsEnabled(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureUsersCannotSetSshEnvironmentOptionsObject))
{
status = RemediateEnsureUsersCannotSetSshEnvironmentOptions(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureAppropriateCiphersForSshObject))
{
status = RemediateEnsureAppropriateCiphersForSsh(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureAvahiDaemonServiceIsDisabledObject))
{
status = RemediateEnsureAvahiDaemonServiceIsDisabled(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureCupsServiceisDisabledObject))
{
status = RemediateEnsureCupsServiceisDisabled(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsurePostfixPackageIsUninstalledObject))
{
status = RemediateEnsurePostfixPackageIsUninstalled(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsurePostfixNetworkListeningIsDisabledObject))
{
status = RemediateEnsurePostfixNetworkListeningIsDisabled(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureRpcgssdServiceIsDisabledObject))
{
status = RemediateEnsureRpcgssdServiceIsDisabled(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureRpcidmapdServiceIsDisabledObject))
{
status = RemediateEnsureRpcidmapdServiceIsDisabled(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsurePortmapServiceIsDisabledObject))
{
status = RemediateEnsurePortmapServiceIsDisabled(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureNetworkFileSystemServiceIsDisabledObject))
{
status = RemediateEnsureNetworkFileSystemServiceIsDisabled(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureRpcsvcgssdServiceIsDisabledObject))
{
status = RemediateEnsureRpcsvcgssdServiceIsDisabled(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureSnmpServerIsDisabledObject))
{
status = RemediateEnsureSnmpServerIsDisabled(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureRsynServiceIsDisabledObject))
{
status = RemediateEnsureRsynServiceIsDisabled(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureNisServerIsDisabledObject))
{
status = RemediateEnsureNisServerIsDisabled(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureRshClientNotInstalledObject))
{
status = RemediateEnsureRshClientNotInstalled(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureSmbWithSambaIsDisabledObject))
{
status = RemediateEnsureSmbWithSambaIsDisabled(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureUsersDotFilesArentGroupOrWorldWritableObject))
{
status = RemediateEnsureUsersDotFilesArentGroupOrWorldWritable(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureNoUsersHaveDotForwardFilesObject))
{
status = RemediateEnsureNoUsersHaveDotForwardFiles(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureNoUsersHaveDotNetrcFilesObject))
{
status = RemediateEnsureNoUsersHaveDotNetrcFiles(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureNoUsersHaveDotRhostsFilesObject))
{
status = RemediateEnsureNoUsersHaveDotRhostsFiles(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureRloginServiceIsDisabledObject))
{
status = RemediateEnsureRloginServiceIsDisabled(jsonString, log);
}
else if (0 == strcmp(objectName, g_remediateEnsureUnnecessaryAccountsAreRemovedObject))
{
status = RemediateEnsureUnnecessaryAccountsAreRemoved(jsonString, log);
}
// Initialization for audit before remediation
else if (0 == strcmp(objectName, g_initEnsureLoggingLevelObject))
{
status = InitEnsureLoggingLevel(jsonString);
}
else if (0 == strcmp(objectName, g_initEnsurePermissionsOnEtcSshSshdConfigObject))
{
status = InitEnsurePermissionsOnEtcSshSshdConfig(jsonString, log);
}
else if (0 == strcmp(objectName, g_initEnsureSshPortIsConfiguredObject))
{
status = InitEnsureSshPortIsConfigured(jsonString, log);
}
else if (0 == strcmp(objectName, g_initEnsureSshBestPracticeProtocolObject))
{
status = InitEnsureSshBestPracticeProtocol(jsonString, log);
}
else if (0 == strcmp(objectName, g_initEnsureSshBestPracticeIgnoreRhostsObject))
{
status = InitEnsureSshBestPracticeIgnoreRhosts(jsonString, log);
}
else if (0 == strcmp(objectName, g_initEnsureSshLogLevelIsSetObject))
{
status = InitEnsureSshLogLevelIsSet(jsonString, log);
}
else if (0 == strcmp(objectName, g_initEnsureSshMaxAuthTriesIsSetObject))
{
status = InitEnsureSshMaxAuthTriesIsSet(jsonString, log);
}
else if (0 == strcmp(objectName, g_initEnsureAllowUsersIsConfiguredObject))
{
status = InitEnsureAllowUsersIsConfigured(jsonString, log);
}
else if (0 == strcmp(objectName, g_initEnsureDenyUsersIsConfiguredObject))
{
status = InitEnsureDenyUsersIsConfigured(jsonString, log);
}
else if (0 == strcmp(objectName, g_initEnsureAllowGroupsIsConfiguredObject))
{
status = InitEnsureAllowGroupsIsConfigured(jsonString, log);
}
else if (0 == strcmp(objectName, g_initEnsureDenyGroupsConfiguredObject))
{
status = InitEnsureDenyGroupsConfigured(jsonString, log);
}
else if (0 == strcmp(objectName, g_initEnsureSshHostbasedAuthenticationIsDisabledObject))
{
status = InitEnsureSshHostbasedAuthenticationIsDisabled(jsonString, log);
}
else if (0 == strcmp(objectName, g_initEnsureSshPermitRootLoginIsDisabledObject))
{
status = InitEnsureSshPermitRootLoginIsDisabled(jsonString, log);
}
else if (0 == strcmp(objectName, g_initEnsureSshPermitEmptyPasswordsIsDisabledObject))
{
status = InitEnsureSshPermitEmptyPasswordsIsDisabled(jsonString, log);
}
else if (0 == strcmp(objectName, g_initEnsureSshClientIntervalCountMaxIsConfiguredObject))
{
status = InitEnsureSshClientIntervalCountMaxIsConfigured(jsonString, log);
}
else if (0 == strcmp(objectName, g_initEnsureSshClientAliveIntervalIsConfiguredObject))
{
status = InitEnsureSshClientAliveIntervalIsConfigured(jsonString, log);
}
else if (0 == strcmp(objectName, g_initEnsureSshLoginGraceTimeIsSetObject))
{
status = InitEnsureSshLoginGraceTimeIsSet(jsonString, log);
}
else if (0 == strcmp(objectName, g_initEnsureOnlyApprovedMacAlgorithmsAreUsedObject))
{
status = InitEnsureOnlyApprovedMacAlgorithmsAreUsed(jsonString, log);
}
else if (0 == strcmp(objectName, g_initEnsureSshWarningBannerIsEnabledObject))
{
status = InitEnsureSshWarningBannerIsEnabled(jsonString, log);
}
else if (0 == strcmp(objectName, g_initEnsureUsersCannotSetSshEnvironmentOptionsObject))
{
status = InitEnsureUsersCannotSetSshEnvironmentOptions(jsonString, log);
}
else if (0 == strcmp(objectName, g_initEnsureAppropriateCiphersForSshObject))
{
status = InitEnsureAppropriateCiphersForSsh(jsonString, log);
}
else if (0 == strcmp(objectName, g_initEnsurePermissionsOnEtcIssueObject))
{
status = InitEnsurePermissionsOnEtcIssue(jsonString);
}
else if (0 == strcmp(objectName, g_initEnsurePermissionsOnEtcIssueNetObject))
{
status = InitEnsurePermissionsOnEtcIssueNet(jsonString);
}
else if (0 == strcmp(objectName, g_initEnsurePermissionsOnEtcHostsAllowObject))
{
status = InitEnsurePermissionsOnEtcHostsAllow(jsonString);
}
else if (0 == strcmp(objectName, g_initEnsurePermissionsOnEtcHostsDenyObject))
{
status = InitEnsurePermissionsOnEtcHostsDeny(jsonString);
}
else if (0 == strcmp(objectName, g_initEnsurePermissionsOnEtcShadowObject))
{
status = InitEnsurePermissionsOnEtcShadow(jsonString);
}
else if (0 == strcmp(objectName, g_initEnsurePermissionsOnEtcShadowDashObject))
{
status = InitEnsurePermissionsOnEtcShadowDash(jsonString);
}
else if (0 == strcmp(objectName, g_initEnsurePermissionsOnEtcGShadowObject))
{
status = InitEnsurePermissionsOnEtcGShadow(jsonString);
}
else if (0 == strcmp(objectName, g_initEnsurePermissionsOnEtcGShadowDashObject))
{
status = InitEnsurePermissionsOnEtcGShadowDash(jsonString);
}
else if (0 == strcmp(objectName, g_initEnsurePermissionsOnEtcPasswdObject))
{
status = InitEnsurePermissionsOnEtcPasswd(jsonString);
}
else if (0 == strcmp(objectName, g_initEnsurePermissionsOnEtcPasswdDashObject))
{
status = InitEnsurePermissionsOnEtcPasswdDash(jsonString);
}
else if (0 == strcmp(objectName, g_initEnsurePermissionsOnEtcGroupObject))
{
status = InitEnsurePermissionsOnEtcGroup(jsonString);
}
else if (0 == strcmp(objectName, g_initEnsurePermissionsOnEtcGroupDashObject))
{
status = InitEnsurePermissionsOnEtcGroupDash(jsonString);
}
else if (0 == strcmp(objectName, g_initEnsurePermissionsOnEtcAnacronTabObject))
{
status = InitEnsurePermissionsOnEtcAnacronTab(jsonString);
}
else if (0 == strcmp(objectName, g_initEnsurePermissionsOnEtcCronDObject))
{
status = InitEnsurePermissionsOnEtcCronD(jsonString);
}
else if (0 == strcmp(objectName, g_initEnsurePermissionsOnEtcCronDailyObject))
{
status = InitEnsurePermissionsOnEtcCronDaily(jsonString);
}
else if (0 == strcmp(objectName, g_initEnsurePermissionsOnEtcCronHourlyObject))
{
status = InitEnsurePermissionsOnEtcCronHourly(jsonString);
}
else if (0 == strcmp(objectName, g_initEnsurePermissionsOnEtcCronMonthlyObject))
{
status = InitEnsurePermissionsOnEtcCronMonthly(jsonString);
}
else if (0 == strcmp(objectName, g_initEnsurePermissionsOnEtcCronWeeklyObject))
{
status = InitEnsurePermissionsOnEtcCronWeekly(jsonString);
}
else if (0 == strcmp(objectName, g_initEnsurePermissionsOnEtcMotdObject))
{
status = InitEnsurePermissionsOnEtcMotd(jsonString);
}
else if (0 == strcmp(objectName, g_initEnsureRestrictedUserHomeDirectoriesObject))
{
status = InitEnsureRestrictedUserHomeDirectories(jsonString);
}
else if (0 == strcmp(objectName, g_initEnsurePasswordHashingAlgorithmObject))
{
status = InitEnsurePasswordHashingAlgorithm(jsonString);
}
else if (0 == strcmp(objectName, g_initEnsureMinDaysBetweenPasswordChangesObject))
{
status = InitEnsureMinDaysBetweenPasswordChanges(jsonString);
}
else if (0 == strcmp(objectName, g_initEnsureInactivePasswordLockPeriodObject))
{
status = InitEnsureInactivePasswordLockPeriod(jsonString);
}
else if (0 == strcmp(objectName, g_initEnsureMaxDaysBetweenPasswordChangesObject))
{
status = InitEnsureMaxDaysBetweenPasswordChanges(jsonString);
}
else if (0 == strcmp(objectName, g_initEnsurePasswordExpirationObject))
{
status = InitEnsurePasswordExpiration(jsonString);
}
else if (0 == strcmp(objectName, g_initEnsurePasswordExpirationWarningObject))
{
status = InitEnsurePasswordExpirationWarning(jsonString);
}
else if (0 == strcmp(objectName, g_initEnsureDefaultUmaskForAllUsersObject))
{
status = InitEnsureDefaultUmaskForAllUsers(jsonString);
}
else if (0 == strcmp(objectName, g_initEnsurePermissionsOnBootloaderConfigObject))
{
status = InitEnsurePermissionsOnBootloaderConfig(jsonString);
}
else if (0 == strcmp(objectName, g_initEnsurePasswordReuseIsLimitedObject))
{
status = InitEnsurePasswordReuseIsLimited(jsonString);
}
else if (0 == strcmp(objectName, g_initEnsurePasswordCreationRequirementsObject))
{
status = InitEnsurePasswordCreationRequirements(jsonString);
}
else if (0 == strcmp(objectName, g_initEnsureFilePermissionsForAllRsyslogLogFilesObject))
{
status = InitEnsureFilePermissionsForAllRsyslogLogFiles(jsonString);
}
else if (0 == strcmp(objectName, g_initEnsureUsersDotFilesArentGroupOrWorldWritableObject))
{
status = InitEnsureUsersDotFilesArentGroupOrWorldWritable(jsonString);
}
else if (0 == strcmp(objectName, g_initEnsureUnnecessaryAccountsAreRemovedObject))
{
status = InitEnsureUnnecessaryAccountsAreRemoved(jsonString);
}
else if (0 == strcmp(objectName, g_initEnsureDefaultDenyFirewallPolicyIsSetObject))
{
status = InitEnsureDefaultDenyFirewallPolicyIsSet(jsonString);
}
else
{
OsConfigLogError(log, "AsbMmiSet called for an unsupported object name: %s", objectName);
status = EINVAL;
}
}
OsConfigLogInfo(log, "AsbMmiSet(%s, %s, %.*s, %d) returning %d", componentName, objectName, payloadSizeBytes, payload, payloadSizeBytes, status);
if (NULL != jsonValue)
{
json_value_free(jsonValue);
}
FREE_MEMORY(payloadString);
if (0 == StopPerfClock(&perfClock, GetPerfLog()))
{
// Ignore the successful init* objects and focus on remediate* ones
if (0 != strncmp(objectName, init, strlen(init)))
{
g_auditOnly = false;
LogPerfClock(&perfClock, componentName, objectName, status, g_maxRemediateTime, GetPerfLog());
// For telemetry:
OsConfigLogCritical(log, "TargetName: '%s', ComponentName: '%s', 'ObjectName:'%s', ObjectResult:'%s (%d)', Microseconds: %ld",
g_prettyName, componentName, objectName, strerror(status), status, GetPerfClockTime(&perfClock, log));
}
}
return status;
}