From 2dca031527fa38a932619ed2336a5aa472a85205 Mon Sep 17 00:00:00 2001
From: Patrick Schleizer <adrelanos@riseup.net>
Date: Sat, 21 Dec 2019 06:22:46 -0500
Subject: [PATCH] debugging

---
 usr/lib/security-misc/permission-hardening | 14 +++++---------
 1 file changed, 5 insertions(+), 9 deletions(-)

diff --git a/usr/lib/security-misc/permission-hardening b/usr/lib/security-misc/permission-hardening
index 50162c7..64ca42f 100755
--- a/usr/lib/security-misc/permission-hardening
+++ b/usr/lib/security-misc/permission-hardening
@@ -170,8 +170,7 @@ add_nosuid_statoverride_entry() {
       echo "INFO: $setuid_output $setsgid_output found - file_name: '$file_name' | existing_mode: '$existing_mode' | new_mode: '$new_mode'"
 
       if dpkg-statoverride $dpkg_admindir_parameter_existing_mode --list "$file_name" >/dev/null ; then
-         ## Existing mode already saved previously. No need to save again.
-         true OK
+         true "OK Existing mode already saved previously. No need to save again."
       else
          ## Save existing_mode in separate database.
          ## Not using --update as not intending to enforce existing_mode.
@@ -222,7 +221,7 @@ set_file_perms() {
     fi
 
     if [[ "$line" =~ [0-9a-zA-Z/] ]]; then
-      true OK
+      true "OK line contains only white listed characters."
     else
       exit_code=200
       echo "ERROR: cannot parse line with invalid character: $line" >&2
@@ -339,16 +338,14 @@ set_file_perms() {
       if dpkg-statoverride --list "$fso_without_trailing_slash" >/dev/null ; then
         ## There is an fso entry. Check if owner/group/mode match.
         if dpkg-statoverride --list | grep -q "$owner_from_config $group_from_config $mode_for_grep $fso_without_trailing_slash" ; then
-          ## The owner/group/mode matches. No further action required.
-          true OK
+          true "OK The owner/group/mode matches. No further action required."
         else
           ## The owner/group/mode do not match, therefore remove and re-add the entry to update it.
           ## fso_without_trailing_slash instead of fso to prevent
           ## "dpkg-statoverride: warning: stripping trailing /"
 
           if dpkg-statoverride $dpkg_admindir_parameter_existing_mode --list "$fso_without_trailing_slash" >/dev/null ; then
-            ## Existing mode already saved previously. No need to save again.
-            true OK
+            true "OK Existing mode already saved previously. No need to save again."
           else
             ## Save existing_mode in separate database.
             ## Not using --update as not intending to enforce existing_mode.
@@ -369,8 +366,7 @@ set_file_perms() {
         ## There is no fso entry. Therefore add one.
 
         if dpkg-statoverride $dpkg_admindir_parameter_existing_mode --list "$fso_without_trailing_slash" >/dev/null ; then
-          ## Existing mode already saved previously. No need to save again.
-          true OK
+          true "OK Existing mode already saved previously. No need to save again."
         else
           ## Save existing_mode in separate database.
           ## Not using --update as not intending to enforce existing_mode.