tyler.durden/lynis
1
0
Fork 0
mirror of https://github.com/CISOfy/lynis.git synced 2025-07-31 01:34:23 +02:00
Code Issues Packages Projects Releases Wiki Activity

[BOOT-5264] Change output and link to clarify options

Browse Source
This commit is contained in:
Michael Boelen 2024-10-10 13:03:11 +00:00
parent 94a944b110
commit 8918445e2c
No known key found for this signature in database
GPG Key ID: 26141F77A09D7F04
1 changed files with 6 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
include/tests_boot_services
View File

@ -1090,6 +1090,8 @@
if [ ${SKIPTEST} -eq 0 ]; then
LogText "Test: Run systemd-analyze security"
Display --indent 2 --text "- Running 'systemd-analyze security'"
Display --indent 6 --text "Unit name (exposure value) and predicate"
Display --indent 6 --text "--------------------------------"
${SYSTEMDANALYZEBINARY} security | while read UNIT EXPOSURE PREDICATE HAPPY; do
if [ "${UNIT}" = "UNIT" ]; then
continue
@ -1111,13 +1113,13 @@
;;
UNSAFE | DANGEROUS)
STATUS="${STATUS_UNSAFE}"
COLOR=RED
COLOR=YELLOW
;;
esac
Display --indent 8 --text "- ${UNIT}:" --result "${STATUS}" --color "${COLOR}"
LogText "Result: ${UNIT}: ${EXPOSURE} ${STATUS}"
Display --indent 4 --text "- ${UNIT} (value=${EXPOSURE})" --result "${STATUS}" --color "${COLOR}"
LogText "Result: ${UNIT} has exposure value ${EXPOSURE} with predicate '${STATUS}'"
done
ReportSuggestion "${TEST_NO}" "Consider hardening system services" "Run '${SYSTEMDANALYZEBINARY} security SERVICE' for each service"
ReportSuggestion "${TEST_NO}" "Consider hardening system services" "Run '${SYSTEMDANALYZEBINARY} security SERVICE' for each service" "Learn about systemd features to secure services: https://linux-audit.com/systemd/systemd-features-to-secure-units-and-services/"
fi
#
#################################################################################