Merge branch 'master' into patch-3

app.go

@@ -51,7 +51,7 @@ func outputResults(controls *check.Controls, summary check.Summary) error {
 		if err != nil {
 			return err
 		}
-		fmt.Println(string(out))
+		util.PrintOutput(string(out), outputFile)
 	} else {
 		util.PrettyPrint(controls, summary, noRemediations, includeTestOutput)
 	}

cfg/1.1.0/1.1.25.sh

@@ -0,0 +1 @@
+df --local -P | awk {'if (NR!=1) print $6'} | xargs -I '{}' find '{}' -xdev -type d \( -perm -0002 -a ! -perm -1000 \) 2>/dev/null

cfg/1.1.0/definitions.yaml

@@ -564,7 +564,7 @@ groups:
             
     - id: 1.1.25
       description: "Ensure sticky bit is set on all world-writable directories"
-      audit: "df --local -P | awk {'if (NR!=1) print $6'} | xargs -I '{}' find '{}' -xdev -type d \\( -perm -0002 -a ! -perm -1000 \\) 2>/dev/null"   
+      audit: "./1.1.25.sh"   
       tests:
         test_items:
         - flag: ""
@@ -7824,7 +7824,7 @@ groups:
             
     - id: 6.1.10.a
       description: "Ensure no world writable files exist"
-      audit: "df --local -P | awk {'if (NR!=1) print $6'} | xargs -I '{}' find '{}' -xdev -type f -perm -0002"   
+      audit: "df --local -P | awk {'if (NR!=1) print $6'} | xargs -I '{}' find '{}' -xdev -type f -perm -0002 | head -n 100"   
       tests:
         test_items:
         - flag: ""
@@ -7846,7 +7846,7 @@ groups:
 
     - id: 6.1.11.a
       description: "Ensure no unowned files or directories exist"
-      audit: "df --local -P | awk {'if (NR!=1) print $6'} | xargs -I '{}' find '{}' -xdev -nouser"   
+      audit: "df --local -P | awk {'if (NR!=1) print $6'} | xargs -I '{}' find '{}' -xdev -nouser | head -n 100"   
       tests:
         test_items:
         - flag: ""
@@ -7868,7 +7868,7 @@ groups:
             
     - id: 6.1.12.a
       description: "Ensure no ungrouped files or directories exist"
-      audit: "df --local -P | awk {'if (NR!=1) print $6'} | xargs -I '{}' find '{}' -xdev -nogroup"   
+      audit: "df --local -P | awk {'if (NR!=1) print $6'} | xargs -I '{}' find '{}' -xdev -nogroup | head -n 100"   
       tests:
         test_items:
         - flag: ""
@@ -7890,7 +7890,7 @@ groups:
             
     - id: 6.1.13.a
       description: "Audit SUID executables"
-      audit: "df --local -P | awk {'if (NR!=1) print $6'} | xargs -I '{}' find '{}' -xdev -type f -perm -4000"   
+      audit: "df --local -P | awk {'if (NR!=1) print $6'} | xargs -I '{}' find '{}' -xdev -type f -perm -4000 | head -n 100"   
       type: manual
       tests:
         test_items:
@@ -7913,7 +7913,7 @@ groups:
             
     - id: 6.1.14.a
       description: "Audit SGID executables"
-      audit: "df --local -P | awk {'if (NR!=1) print $6'} | xargs -I '{}' find '{}' -xdev -type f -perm -2000"   
+      audit: "df --local -P | awk {'if (NR!=1) print $6'} | xargs -I '{}' find '{}' -xdev -type f -perm -2000 | head -n 100"   
       type: manual 
       tests:
         test_items:

root.go

@@ -35,6 +35,7 @@ var (
 	checkList         string
 	jsonFmt           bool
 	includeTestOutput bool
+	outputFile        string
 )
 
 // RootCmd represents the base command when called without any subcommands
@@ -74,6 +75,7 @@ func init() {
 	RootCmd.Flags().StringVarP(&cfgDir, "config-dir", "D", "cfg", "directory to get benchmark definitions")
 	RootCmd.PersistentFlags().BoolVar(&jsonFmt, "json", false, "Prints the results as JSON")
 	RootCmd.PersistentFlags().BoolVar(&includeTestOutput, "include-test-output", false, "Prints the test's output")
+	RootCmd.PersistentFlags().StringVar(&outputFile, "outputfile", "", "Writes the JSON results to output file")
 	RootCmd.PersistentFlags().StringVarP(
 		&checkList,
 		"check",