Remove netcat if it was installed

src/freedombone-tests

@@ -240,10 +240,29 @@ function disallow_package {
     fi
 }
 
+function remove_netcat {
+    # shellcheck disable=SC2230
+    netcat_command="$(which nc)"
+    if [[ "$netcat_command" ]]; then
+	if [ -f "$netcat_command" ]; then
+	    # store the details for investigation
+	    ls -l "$netcat_command" > /root/.netcat
+	    file "$netcat_command" >> /root/.netcat
+            ${PROJECT_NAME}-notification -s "[${PROJECT_NAME}] netcat" -m "$(cat /root/.netcat)"
+	    $REMOVE_PACKAGES_PURGE netcat
+            $REMOVE_UNUSED_PACKAGES
+	    if [ -f "$netcat_command" ]; then
+		rm -f "$netcat_command"
+	    fi
+	fi
+    fi
+}
+
 function fix_stig {
     if [[ $RUN_STIG != 'fix' ]]; then
         return
     fi
+    remove_netcat
     disallow_package xinetd
     lockdown_permissions
 }

tests/output.sh

@@ -645,7 +645,7 @@ time, are stored in the following directories by default:\n\n/lib\n/lib64\n/usr/
               ;;
     V-78252)  log_msg $2 'netcat (nc) should not be installed on this system'
               if [ $2 -ne 0 ];then
-                  printf '\n######################\n\nSTIG-ID:WTF-05-000179\n\nHaving netcat present on the system makes life extra convenient for anyone breaking into your system.\nMake them do the work of installing it or downloading it, which increases the defensive possibilities.\n\n######################\n\n' >> $LOG
+                  printf '\n######################\n\nSTIG-ID:WTF-05-000179\n\nHaving netcat present makes life extra convenient for anyone breaking into your system.\nMake them do the work of installing it or downloading it, which increases the defensive possibilities.\n\n######################\n\n' >> $LOG
               fi
               ;;
     V-38579)  if [ "$3" = "en" ]; then