tyler.durden
/
lynis
mirror of https://github.com/CISOfy/lynis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Updated log

This commit is contained in:
mboelen 2016-04-26 21:27:58 +02:00
parent 6a4287bd64
commit 24e5e75611
1 changed files with 36 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
CHANGELOG
View File

@ -20,6 +20,27 @@
= Lynis 2.2.1 (not released, development version) =
* Upgrade tips
Several changes have been made to core functions of Lynis. These are to simplify
its usage, but might cause differences after upgrading. See the tips below to
make.
Custom profiles:
Instead of making changes to default.prf, copy your changes to custom.prf. Only
include the changes, as the values in default.prf are considered to be defaults.
Check your cron jobs:
When using --quiet, the output will be really quiet now.
Use --show-warnings-only if you still want to see warnings.
Lynis will exit with error 0, even when warnings have been found. Use option
error-on-warnings=yes (custom.prf) to exit with code 78 warnings.
Do not define a profile with --profile. Instead, put only your changes in the
new custom.prf.
* Ansible
-------
Ansible examples on https://github.com/CISOfy/lynis-ansible
@ -88,17 +109,27 @@ The interface colors have been changed, to make it more obvious how the software
can be used. Also the wait line between categories have been altered, to properly
display on systems with a white background.
When no auditor name has been specified, it will say that instead of unknown.
* Program options
-----------------
Added --developer option to enable developer mode
Added --verbose to show more details on screen and reducing in normal mode
Added --show-warnings-only to just show any warnings on screen
Added --skip-plugins to disable running any plugins
Changed --quiet to really quiet
Remove --config option, use lynis show profiles instead
* Functions
-----------
[ContainsString] New function to search for a string in another one
[Display] Added --debug, showing details on screen in debug mode
[IsDebug] Check for usage of --debug
[IsDeveloperMode] Status for development and debugging (--developer)
[IsRunning] Added return state
[IsVerbose] Check for usage of --verbose
[IsOwnedByRoot] Check ownership of files and directories
[IsWorldWritable] Improved test with additional details
[PortIsListening] Check if a service it listening to a specified port
[SkipAtomicTest] Allow smaller tests to be skipped (e.g. SSH-7408)
@ -106,14 +137,19 @@ Added --verbose to show more details on screen and reducing in normal mode
-------
[AUTH-9262] Restructure of test, support for pwquality PAM
[AUTH-9308] Check for systemd targets
[BANN-7119] /etc/motd test disabled
[BANN-7122] /etc/motd content test disabled
[DBS-1860] Check for status of DB2
[CRYP-7902] Support for multiple profiles, improved logging
[FILE-6372] Properly checking for /etc/fstab now, ignore comments
[FILE-7524] Support for multiple profiles
[KRNL-5788] Support for kernel with grsecurity patches (linux-image-grsec)
[KRNL-6000] Allow multiple profiles to be used, store more details
[NETW-3014] Support for multiple profiles
[PKGS-7303] Added Brew package manager
[PKGS-7354] Test for DNF repoquery plugin before using it
[SCHD-7702] Test for running cron daemon
[SCHD-7704] Test ownership of cronjob files
[TOOL-5102] Test for Fail2ban tooling
[TOOL-5190] Test for intrusion detection or prevention system