From: Alexander Popov <alex.popov@linux.com>
Date: Sun, 13 Aug 2023 16:28:05 +0000 (+0300)
Subject: Enable sysctl checking
X-Git-Tag: v0.6.6~104
X-Git-Url: https://jxself.org/git/?a=commitdiff_plain;h=92abe5f106c2b3522f7139f12f57dd83ffe7ab4e;p=kconfig-hardened-check.git

Enable sysctl checking

Refers to #65
---

diff --git a/kconfig_hardened_check/__init__.py b/kconfig_hardened_check/__init__.py
index 09d49d7..7b4993f 100644
--- a/kconfig_hardened_check/__init__.py
+++ b/kconfig_hardened_check/__init__.py
@@ -239,14 +239,13 @@ def main():
                         help='check the security hardening options in the kernel Kconfig file (also supports *.gz files)')
     parser.add_argument('-l', '--cmdline',
                         help='check the security hardening options in the kernel cmdline file (contents of /proc/cmdline)')
-#   parser.add_argument('-s', '--sysctl',
-#                       help='check the security hardening options in the sysctl output file (`sudo sysctl -a > file`)')
+    parser.add_argument('-s', '--sysctl',
+                        help='check the security hardening options in the sysctl output file (`sudo sysctl -a > file`)')
     parser.add_argument('-p', '--print', choices=supported_archs,
                         help='print the security hardening recommendations for the selected microarchitecture')
     parser.add_argument('-g', '--generate', choices=supported_archs,
                         help='generate a Kconfig fragment with the security hardening options for the selected microarchitecture')
     args = parser.parse_args()
-    args.sysctl = None # FIXME
 
     mode = None
     if args.mode: