Menu option to fix stig test failures

75d6de30 · Bob Mottram · 80be0524 · 75d6de30
Commit 75d6de30 authored 7 years ago by Bob Mottram
--- a/src/freedombone-sec
+++ b/src/freedombone-sec
@@ -969,22 +969,23 @@ function menu_security_settings {
    trap "rm -f $data" 0 1 2 5 15
    dialog --backtitle $"Freedombone Control Panel" \
           --title $"Security Settings" \
-           --radiolist $"Choose an operation:" 22 76 22 \
+           --radiolist $"Choose an operation:" 23 76 23 \
           1 $"Run STIG tests" off \
-           2 $"Show ssh host public key" off \
-           3 $"Tor bridges" off \
-           4 $"Password storage" off \
-           5 $"Export passwords" off \
-           6 $"Regenerate ssh host keys" off \
-           7 $"Regenerate Diffie-Hellman keys" off \
-           8 $"Update cipersuite" off \
-           9 $"Create a new Let's Encrypt certificate" off \
-           10 $"Renew Let's Encrypt certificate" off \
-           11 $"Delete a Let's Encrypt certificate" off \
-           12 $"Enable GPG based authentication (monkeysphere)" off \
-           13 $"Register a website with monkeysphere" off \
-           14 $"Allow ssh login with passwords" off \
-           15 $"Go Back/Exit" on 2> $data
+           2 $"Fix STIG test failures" off \
+           3 $"Show ssh host public key" off \
+           4 $"Tor bridges" off \
+           5 $"Password storage" off \
+           6 $"Export passwords" off \
+           7 $"Regenerate ssh host keys" off \
+           8 $"Regenerate Diffie-Hellman keys" off \
+           9 $"Update cipersuite" off \
+           10 $"Create a new Let's Encrypt certificate" off \
+           11 $"Renew Let's Encrypt certificate" off \
+           12 $"Delete a Let's Encrypt certificate" off \
+           13 $"Enable GPG based authentication (monkeysphere)" off \
+           14 $"Register a website with monkeysphere" off \
+           15 $"Allow ssh login with passwords" off \
+           16 $"Go Back/Exit" on 2> $data
    sel=$?
    case $sel in
        1) exit 1;;
@@ -1014,53 +1015,60 @@ function menu_security_settings {
            exit 0
            ;;
        2)
+            clear
+            echo $'Fixing any STIG failures...'
+            echo ''
+            ${PROJECT_NAME}-tests --stig fix
+            exit 0
+            ;;
+        3)
            dialog --title $"SSH host public keys" \
                   --msgbox "\n$(get_ssh_server_key)" 12 60
            exit 0
            ;;
-        3)
+        4)
            menu_tor_bridges
            exit 0
            ;;
-        4)
+        5)
            store_passwords
            exit 0
            ;;
-        5)
+        6)
            export_passwords
            exit 0
            ;;
-        6)
+        7)
            regenerate_ssh_host_keys
            ;;
-        7)
+        8)
            regenerate_dh_keys
            ;;
-        8)
+        9)
            interactive_setup
            update_ciphersuite
            ;;
-        9)
+        10)
            create_letsencrypt
            ;;
-        10)
+        11)
            renew_letsencrypt
            ;;
-        11)
+        12)
            delete_letsencrypt
            ;;
-        12)
+        13)
            enable_monkeysphere
            ;;
-        13)
+        14)
            register_website
            ;;
-        14)
+        15)
            allow_ssh_passwords
            change_ssh_settings
            exit 0
            ;;
-        15)
+        16)
            exit 0
            ;;
    esac