V8.00.000.2025.06.17

Signed-off-by: Marc S. Weidner <msw@coresecret.dev>

func/cdi_4400_hardening/4445_hardening_logrotate.sh

@@ -23,13 +23,17 @@ guard_sourcing
 #######################################
 hardening_logrotate() {
   ### Declare Arrays, HashMaps, and Variables.
-  declare -ar  ary_logrotate=( "alternatives" "apt" "btmp" "chrony" "dpkg" "fail2ban" "rkhunter" "ufw" "unattended-upgrades" "usbguard")
-  declare      var_file="" var_log=""
+  declare -ar ary_logrotate=( "alternatives" "apt" "btmp" "chrony" "dpkg" "fail2ban" "rkhunter" "ufw" "unattended-upgrades" "usbguard")
+  declare     var_file="" var_log=""
+  declare     var_target="${TARGET}"
 
-  rm -f           "${TARGET}/etc/logrotate.conf"
-  insert_header   "${TARGET}/etc/logrotate.conf"
-  insert_comments "${TARGET}/etc/logrotate.conf"
-  cat << EOF >>   "${TARGET}/etc/logrotate.conf"
+  ### Check for TARGET / RECOVERY.
+  [[ "${VAR_RUN_RECOVERY}" == "true" ]] && var_target="${RECOVERY}"
+
+  rm -f           "${var_target}/etc/logrotate.conf"
+  insert_header   "${var_target}/etc/logrotate.conf"
+  insert_comments "${var_target}/etc/logrotate.conf"
+  cat << EOF >>   "${var_target}/etc/logrotate.conf"
 # See "man logrotate" for details. Global options do not affect preceding include directives.
 
 # rotate log files daily
@@ -62,7 +66,7 @@ include /etc/logrotate.d
 EOF
 
   for var_log in "${ary_logrotate[@]}"; do
-    var_file="${TARGET}/etc/logrotate.d/${var_log}"
+    var_file="${var_target}/etc/logrotate.d/${var_log}"
     [[ -e "${var_file}" ]] || continue
     ### Replace leading 'monthly'/'weekly' directives with 'daily', preserving indentation and trailing comments.
     sed -E -i \