runs-on: ubuntu-latest
strategy:
- max-parallel: 3
+ max-parallel: 1
fail-fast: false
matrix:
# Current ubuntu-latest (Ubuntu 22.04) provides the following versions of Python:
run: |
python -m pip install --upgrade pip
echo "Install the package via pip..."
- pip --verbose install git+https://github.com/a13xp0p0v/kconfig-hardened-check
+ pip --verbose install git+https://github.com/a13xp0p0v/kernel-hardening-checker
echo "Run the installed tool..."
- kconfig-hardened-check
+ kernel-hardening-checker
- name: Check all configs with the installed tool
run: |
echo "Check all configs with the installed tool..."
+ sysctl -a > /tmp/sysctls
CONFIG_DIR=`find /opt/hostedtoolcache/Python/ -name config_files`
KCONFIGS=`find $CONFIG_DIR -type f | grep -e "\.config" -e "\.gz"`
COUNT=0
do
COUNT=$(expr $COUNT + 1)
echo -e "\n>>>>> checking kconfig number $COUNT <<<<<"
- kconfig-hardened-check -c $C -l /proc/cmdline
+ kernel-hardening-checker -c $C -l /proc/cmdline -s /tmp/sysctls
done
echo -e "\nHave checked $COUNT kconfigs"
projects / kconfig-hardened-check.git / blobdiff