Update accounts_umask_interactive_users to ignore .bash_history #9826
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This rule is intended to search for umask setting in init files under home directories. Update to ignore the file .bash_history, since this is not an init file Signed-off-by: Edgar Aguilar <edgar.aguilar@oracle.com>
This to validate the rule indeed ignores .bash_history Signed-off-by: Edgar Aguilar <edgar.aguilar@oracle.com>
|
Hi @Xeicker. Thanks for your PR. I'm waiting for a ComplianceAsCode member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
Start a new ephemeral environment with changes proposed in this pull request: rhel8 (from CTF) Environment (using Fedora as testing environment) Fedora Testing Environment Oracle Linux 8 Environment |
|
This datastream diff is auto generated by the check Click here to see the full diffbash remediation for rule 'xccdf_org.ssgproject.content_rule_accounts_umask_interactive_users' differs.
--- xccdf_org.ssgproject.content_rule_accounts_umask_interactive_users
+++ xccdf_org.ssgproject.content_rule_accounts_umask_interactive_users
@@ -1,6 +1,8 @@
while IFS= read -r dir; do
while IFS= read -r -d '' file; do
- sed -i 's/^\([\s]*umask\s*\)/#\1/g' "$file"
+ if [[ $(basename "$file") != ".bash_history" ]]; then
+ sed -i 's/^\([\s]*umask\s*\)/#\1/g' "$file"
+ fi
done < <(find $dir -maxdepth 1 -type f -name ".*" -print0)
done < <(awk -F':' '{ if ($3 >= 1000 && $3 != 65534) print $6}' /etc/passwd)
ansible remediation for rule 'xccdf_org.ssgproject.content_rule_accounts_umask_interactive_users' differs.
--- xccdf_org.ssgproject.content_rule_accounts_umask_interactive_users
+++ xccdf_org.ssgproject.content_rule_accounts_umask_interactive_users
@@ -4,7 +4,9 @@
cmd: |-
for dir in $(awk -F':' '{ if ($3 >= 1000 && $3 != 65534) print $6}' /etc/passwd); do
for file in $(find $dir -maxdepth 1 -type f -name ".*"); do
- sed -i 's/^\([\s]*umask\s*\)/#\1/g' $file
+ if [[ $(basename "$file") != ".bash_history" ]]; then
+ sed -i 's/^\([\s]*umask\s*\)/#\1/g' $file
+ fi
done
done
tags:
bash remediation for rule 'xccdf_org.ssgproject.content_rule_file_groupowner_efi_grub2_cfg' differs.
--- xccdf_org.ssgproject.content_rule_file_groupowner_efi_grub2_cfg
+++ xccdf_org.ssgproject.content_rule_file_groupowner_efi_grub2_cfg
@@ -1,5 +1,5 @@
# Remediation is applicable only in certain platforms
-if rpm --quiet -q grub2-common && [ -f /sys/firmware/efi ] && { [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ]; }; then
+if [ -f /sys/firmware/efi ] && rpm --quiet -q grub2-common && { [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ]; }; then
chgrp 0 /boot/efi/EFI/redhat/grub.cfg
ansible remediation for rule 'xccdf_org.ssgproject.content_rule_file_groupowner_efi_grub2_cfg' differs.
--- xccdf_org.ssgproject.content_rule_file_groupowner_efi_grub2_cfg
+++ xccdf_org.ssgproject.content_rule_file_groupowner_efi_grub2_cfg
@@ -20,8 +20,8 @@
path: /boot/efi/EFI/redhat/grub.cfg
register: file_exists
when:
+ - '"/boot/efi" in ansible_mounts | map(attribute="mount") | list'
- '"grub2-common" in ansible_facts.packages'
- - '"/boot/efi" in ansible_mounts | map(attribute="mount") | list'
- ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
tags:
- CCE-85915-7
@@ -42,8 +42,8 @@
path: /boot/efi/EFI/redhat/grub.cfg
group: '0'
when:
+ - '"/boot/efi" in ansible_mounts | map(attribute="mount") | list'
- '"grub2-common" in ansible_facts.packages'
- - '"/boot/efi" in ansible_mounts | map(attribute="mount") | list'
- ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
- file_exists.stat is defined and file_exists.stat.exists
tags:
bash remediation for rule 'xccdf_org.ssgproject.content_rule_file_groupowner_efi_user_cfg' differs.
--- xccdf_org.ssgproject.content_rule_file_groupowner_efi_user_cfg
+++ xccdf_org.ssgproject.content_rule_file_groupowner_efi_user_cfg
@@ -1,5 +1,5 @@
# Remediation is applicable only in certain platforms
-if rpm --quiet -q grub2-common && [ -f /sys/firmware/efi ] && { [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ]; }; then
+if [ -f /sys/firmware/efi ] && rpm --quiet -q grub2-common && { [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ]; }; then
chgrp 0 /boot/efi/EFI/redhat/user.cfg
ansible remediation for rule 'xccdf_org.ssgproject.content_rule_file_groupowner_efi_user_cfg' differs.
--- xccdf_org.ssgproject.content_rule_file_groupowner_efi_user_cfg
+++ xccdf_org.ssgproject.content_rule_file_groupowner_efi_user_cfg
@@ -20,8 +20,8 @@
path: /boot/efi/EFI/redhat/user.cfg
register: file_exists
when:
+ - '"/boot/efi" in ansible_mounts | map(attribute="mount") | list'
- '"grub2-common" in ansible_facts.packages'
- - '"/boot/efi" in ansible_mounts | map(attribute="mount") | list'
- ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
tags:
- CCE-86012-2
@@ -42,8 +42,8 @@
path: /boot/efi/EFI/redhat/user.cfg
group: '0'
when:
+ - '"/boot/efi" in ansible_mounts | map(attribute="mount") | list'
- '"grub2-common" in ansible_facts.packages'
- - '"/boot/efi" in ansible_mounts | map(attribute="mount") | list'
- ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
- file_exists.stat is defined and file_exists.stat.exists
tags:
bash remediation for rule 'xccdf_org.ssgproject.content_rule_file_owner_efi_grub2_cfg' differs.
--- xccdf_org.ssgproject.content_rule_file_owner_efi_grub2_cfg
+++ xccdf_org.ssgproject.content_rule_file_owner_efi_grub2_cfg
@@ -1,5 +1,5 @@
# Remediation is applicable only in certain platforms
-if rpm --quiet -q grub2-common && [ -f /sys/firmware/efi ] && { [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ]; }; then
+if [ -f /sys/firmware/efi ] && rpm --quiet -q grub2-common && { [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ]; }; then
chown 0 /boot/efi/EFI/redhat/grub.cfg
ansible remediation for rule 'xccdf_org.ssgproject.content_rule_file_owner_efi_grub2_cfg' differs.
--- xccdf_org.ssgproject.content_rule_file_owner_efi_grub2_cfg
+++ xccdf_org.ssgproject.content_rule_file_owner_efi_grub2_cfg
@@ -20,8 +20,8 @@
path: /boot/efi/EFI/redhat/grub.cfg
register: file_exists
when:
+ - '"/boot/efi" in ansible_mounts | map(attribute="mount") | list'
- '"grub2-common" in ansible_facts.packages'
- - '"/boot/efi" in ansible_mounts | map(attribute="mount") | list'
- ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
tags:
- CCE-85913-2
@@ -42,8 +42,8 @@
path: /boot/efi/EFI/redhat/grub.cfg
owner: '0'
when:
+ - '"/boot/efi" in ansible_mounts | map(attribute="mount") | list'
- '"grub2-common" in ansible_facts.packages'
- - '"/boot/efi" in ansible_mounts | map(attribute="mount") | list'
- ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
- file_exists.stat is defined and file_exists.stat.exists
tags:
bash remediation for rule 'xccdf_org.ssgproject.content_rule_file_owner_efi_user_cfg' differs.
--- xccdf_org.ssgproject.content_rule_file_owner_efi_user_cfg
+++ xccdf_org.ssgproject.content_rule_file_owner_efi_user_cfg
@@ -1,5 +1,5 @@
# Remediation is applicable only in certain platforms
-if rpm --quiet -q grub2-common && [ -f /sys/firmware/efi ] && { [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ]; }; then
+if [ -f /sys/firmware/efi ] && rpm --quiet -q grub2-common && { [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ]; }; then
chown 0 /boot/efi/EFI/redhat/user.cfg
ansible remediation for rule 'xccdf_org.ssgproject.content_rule_file_owner_efi_user_cfg' differs.
--- xccdf_org.ssgproject.content_rule_file_owner_efi_user_cfg
+++ xccdf_org.ssgproject.content_rule_file_owner_efi_user_cfg
@@ -20,8 +20,8 @@
path: /boot/efi/EFI/redhat/user.cfg
register: file_exists
when:
+ - '"/boot/efi" in ansible_mounts | map(attribute="mount") | list'
- '"grub2-common" in ansible_facts.packages'
- - '"/boot/efi" in ansible_mounts | map(attribute="mount") | list'
- ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
tags:
- CCE-86021-3
@@ -42,8 +42,8 @@
path: /boot/efi/EFI/redhat/user.cfg
owner: '0'
when:
+ - '"/boot/efi" in ansible_mounts | map(attribute="mount") | list'
- '"grub2-common" in ansible_facts.packages'
- - '"/boot/efi" in ansible_mounts | map(attribute="mount") | list'
- ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
- file_exists.stat is defined and file_exists.stat.exists
tags:
bash remediation for rule 'xccdf_org.ssgproject.content_rule_file_permissions_efi_grub2_cfg' differs.
--- xccdf_org.ssgproject.content_rule_file_permissions_efi_grub2_cfg
+++ xccdf_org.ssgproject.content_rule_file_permissions_efi_grub2_cfg
@@ -1,5 +1,5 @@
# Remediation is applicable only in certain platforms
-if rpm --quiet -q grub2-common && [ -f /sys/firmware/efi ] && { [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ]; }; then
+if [ -f /sys/firmware/efi ] && rpm --quiet -q grub2-common && { [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ]; }; then
chmod u-s,g-xwrs,o-xwrt /boot/efi/EFI/redhat/grub.cfg
ansible remediation for rule 'xccdf_org.ssgproject.content_rule_file_permissions_efi_grub2_cfg' differs.
--- xccdf_org.ssgproject.content_rule_file_permissions_efi_grub2_cfg
+++ xccdf_org.ssgproject.content_rule_file_permissions_efi_grub2_cfg
@@ -18,8 +18,8 @@
path: /boot/efi/EFI/redhat/grub.cfg
register: file_exists
when:
+ - '"/boot/efi" in ansible_mounts | map(attribute="mount") | list'
- '"grub2-common" in ansible_facts.packages'
- - '"/boot/efi" in ansible_mounts | map(attribute="mount") | list'
- ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
tags:
- CCE-85912-4
@@ -38,8 +38,8 @@
path: /boot/efi/EFI/redhat/grub.cfg
mode: u-s,g-xwrs,o-xwrt
when:
+ - '"/boot/efi" in ansible_mounts | map(attribute="mount") | list'
- '"grub2-common" in ansible_facts.packages'
- - '"/boot/efi" in ansible_mounts | map(attribute="mount") | list'
- ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
- file_exists.stat is defined and file_exists.stat.exists
tags:
bash remediation for rule 'xccdf_org.ssgproject.content_rule_file_permissions_efi_user_cfg' differs.
--- xccdf_org.ssgproject.content_rule_file_permissions_efi_user_cfg
+++ xccdf_org.ssgproject.content_rule_file_permissions_efi_user_cfg
@@ -1,5 +1,5 @@
# Remediation is applicable only in certain platforms
-if rpm --quiet -q grub2-common && [ -f /sys/firmware/efi ] && { [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ]; }; then
+if [ -f /sys/firmware/efi ] && rpm --quiet -q grub2-common && { [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ]; }; then
chmod u-xs,g-xwrs,o-xwrt /boot/efi/EFI/redhat/user.cfg
ansible remediation for rule 'xccdf_org.ssgproject.content_rule_file_permissions_efi_user_cfg' differs.
--- xccdf_org.ssgproject.content_rule_file_permissions_efi_user_cfg
+++ xccdf_org.ssgproject.content_rule_file_permissions_efi_user_cfg
@@ -18,8 +18,8 @@
path: /boot/efi/EFI/redhat/user.cfg
register: file_exists
when:
+ - '"/boot/efi" in ansible_mounts | map(attribute="mount") | list'
- '"grub2-common" in ansible_facts.packages'
- - '"/boot/efi" in ansible_mounts | map(attribute="mount") | list'
- ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
tags:
- CCE-86028-8
@@ -38,8 +38,8 @@
path: /boot/efi/EFI/redhat/user.cfg
mode: u-xs,g-xwrs,o-xwrt
when:
+ - '"/boot/efi" in ansible_mounts | map(attribute="mount") | list'
- '"grub2-common" in ansible_facts.packages'
- - '"/boot/efi" in ansible_mounts | map(attribute="mount") | list'
- ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
- file_exists.stat is defined and file_exists.stat.exists
tags:
bash remediation for rule 'xccdf_org.ssgproject.content_rule_sssd_ldap_configure_tls_ca_dir' differs.
--- xccdf_org.ssgproject.content_rule_sssd_ldap_configure_tls_ca_dir
+++ xccdf_org.ssgproject.content_rule_sssd_ldap_configure_tls_ca_dir
@@ -1,5 +1,5 @@
# Remediation is applicable only in certain platforms
-if rpm --quiet -q sssd-common && [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ]; then
+if [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ] && rpm --quiet -q sssd-common; then
var_sssd_ldap_tls_ca_dir=''
ansible remediation for rule 'xccdf_org.ssgproject.content_rule_sssd_ldap_configure_tls_ca_dir' differs.
--- xccdf_org.ssgproject.content_rule_sssd_ldap_configure_tls_ca_dir
+++ xccdf_org.ssgproject.content_rule_sssd_ldap_configure_tls_ca_dir
@@ -25,8 +25,8 @@
changed_when: false
check_mode: false
when:
+ - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
- '"sssd-common" in ansible_facts.packages'
- - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
tags:
- CCE-82456-5
- NIST-800-53-CM-6(a)
@@ -45,8 +45,8 @@
changed_when: false
check_mode: false
when:
+ - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
- '"sssd-common" in ansible_facts.packages'
- - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
tags:
- CCE-82456-5
- NIST-800-53-CM-6(a)
@@ -73,8 +73,8 @@
option: ldap_tls_cacertdir
value: '{{ var_sssd_ldap_tls_ca_dir }}'
when:
+ - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
- '"sssd-common" in ansible_facts.packages'
- - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
- test_grep_domain.stdout is defined
- test_grep_domain.stdout | length < 1
- test_id_provider.stdout is defined
@@ -97,8 +97,8 @@
option: ldap_tls_cacertdir
value: '{{ var_sssd_ldap_tls_ca_dir }}'
when:
+ - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
- '"sssd-common" in ansible_facts.packages'
- - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
- test_grep_domain.stdout is defined
- test_grep_domain.stdout | length > 0
- test_id_provider.stdout is defined
bash remediation for rule 'xccdf_org.ssgproject.content_rule_sssd_ldap_configure_tls_reqcert' differs.
--- xccdf_org.ssgproject.content_rule_sssd_ldap_configure_tls_reqcert
+++ xccdf_org.ssgproject.content_rule_sssd_ldap_configure_tls_reqcert
@@ -1,5 +1,5 @@
# Remediation is applicable only in certain platforms
-if rpm --quiet -q sssd-common && [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ]; then
+if [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ] && rpm --quiet -q sssd-common; then
SSSD_CONF="/etc/sssd/sssd.conf"
LDAP_REGEX='[[:space:]]*\[domain\/[^]]*]([^(\n)]*(\n)+)+?[[:space:]]*ldap_tls_reqcert'
ansible remediation for rule 'xccdf_org.ssgproject.content_rule_sssd_ldap_configure_tls_reqcert' differs.
--- xccdf_org.ssgproject.content_rule_sssd_ldap_configure_tls_reqcert
+++ xccdf_org.ssgproject.content_rule_sssd_ldap_configure_tls_reqcert
@@ -20,8 +20,8 @@
changed_when: false
check_mode: false
when:
+ - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
- '"sssd-common" in ansible_facts.packages'
- - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
tags:
- CCE-84062-9
- NIST-800-53-CM-6(a)
@@ -40,8 +40,8 @@
changed_when: false
check_mode: false
when:
+ - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
- '"sssd-common" in ansible_facts.packages'
- - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
tags:
- CCE-84062-9
- NIST-800-53-CM-6(a)
@@ -68,8 +68,8 @@
option: ldap_tls_reqcert
value: demand
when:
+ - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
- '"sssd-common" in ansible_facts.packages'
- - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
- test_grep_domain.stdout is defined
- test_grep_domain.stdout | length < 1
- test_id_provider.stdout is defined
@@ -92,8 +92,8 @@
option: ldap_tls_reqcert
value: demand
when:
+ - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
- '"sssd-common" in ansible_facts.packages'
- - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
- test_grep_domain.stdout is defined
- test_grep_domain.stdout | length > 0
- test_id_provider.stdout is defined
bash remediation for rule 'xccdf_org.ssgproject.content_rule_sssd_ldap_start_tls' differs.
--- xccdf_org.ssgproject.content_rule_sssd_ldap_start_tls
+++ xccdf_org.ssgproject.content_rule_sssd_ldap_start_tls
@@ -1,5 +1,5 @@
# Remediation is applicable only in certain platforms
-if rpm --quiet -q sssd-common && [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ]; then
+if [ ! -f /.dockerenv ] && [ ! -f /run/.containerenv ] && rpm --quiet -q sssd-common; then
SSSD_CONF="/etc/sssd/sssd.conf"
LDAP_REGEX='[[:space:]]*\[domain\/[^]]*]([^(\n)]*(\n)+)+?[[:space:]]*ldap_id_use_start_tls'
ansible remediation for rule 'xccdf_org.ssgproject.content_rule_sssd_ldap_start_tls' differs.
--- xccdf_org.ssgproject.content_rule_sssd_ldap_start_tls
+++ xccdf_org.ssgproject.content_rule_sssd_ldap_start_tls
@@ -21,8 +21,8 @@
changed_when: false
check_mode: false
when:
+ - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
- '"sssd-common" in ansible_facts.packages'
- - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
tags:
- CCE-82437-5
- NIST-800-53-CM-6(a)
@@ -42,8 +42,8 @@
changed_when: false
check_mode: false
when:
+ - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
- '"sssd-common" in ansible_facts.packages'
- - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
tags:
- CCE-82437-5
- NIST-800-53-CM-6(a)
@@ -71,8 +71,8 @@
option: ldap_id_use_start_tls
value: 'true'
when:
+ - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
- '"sssd-common" in ansible_facts.packages'
- - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
- test_grep_domain.stdout is defined
- test_grep_domain.stdout | length < 1
- test_id_provider.stdout is defined
@@ -96,8 +96,8 @@
option: ldap_id_use_start_tls
value: 'true'
when:
+ - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
- '"sssd-common" in ansible_facts.packages'
- - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
- test_grep_domain.stdout is defined
- test_grep_domain.stdout | length > 0
- test_id_provider.stdout is defined |
|
Code Climate has analyzed commit 53bdd97 and detected 0 issues on this pull request. The test coverage on the diff in this pull request is 100.0% (50% is the threshold). This pull request will bring the total coverage in the repository to 47.2% (0.0% change). View more on Code Climate. |
|
Hi, this is mostly a duplicate of #9816. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description:
accounts_umask_interactive_usersrule's OVAL, bash and ansible to ignore bash command historyRationale:
.bash_history, but this file has no effect in actual system configuration.Review Hints:
.bash_historyit could be necessary to run scripts mannually