tyler.durden/lynis
1
0
Fork 0
mirror of https://github.com/CISOfy/lynis.git synced 2025-08-29 21:58:19 +02:00
Code Issues Packages Projects Releases Wiki Activity
3,871 Commits 2 Branches 64 Tags
Commit Graph

120 Commits

Author SHA1 Message Date
Michael Boelen
5c5f540b43
Merge branch 'master' into master 2025-02-10 15:09:35 +01:00
Michael Boelen
95530fdc0e
Simplified copyright line and meta information as including (and updating) the year does not hold much value 2025-01-28 10:15:09 +00:00
Michael Boelen
f6275f6397
[FILE-6398] test disabled 2024-10-15 17:26:19 +00:00
Michael Boelen
699ec384d2
[FILE-6398] Only perform test if we know if Linux kernel is monolithic/modular 2024-09-30 10:00:55 +00:00
Stefan Baumgartner
9eafa7913c
Update tests_filesystems 
More elegant regex to accommodate for tabs and spaces.
 2024-05-24 08:18:16 +02:00
Stefan Baumgartner
0515094a33
Fix REGEX in FILE-6430 2024-05-19 12:34:57 +02:00
Michael Boelen
65ac3e65b4
Merge pull request #1388 from xnoguer/issue-1367 
Fixing test on kernel major and minor version (FILE-6344). Issue 1367
 2024-05-14 14:39:00 +02:00
Michael Boelen
fd62c192fe
Merge pull request #1156 from sanderu/FILE-6398 
Added FILE-6398 test
 2024-05-14 11:57:43 +02:00
xnoguer
68da1d2b92 Fixing test on kernel major and minor version 2023-04-26 17:38:42 -04:00
xnoguer
6f1797fb59 Using grep -E 2023-04-23 17:38:21 -04:00
Thomas Sjögren
975712a616 add plocate 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2022-05-15 23:58:43 +02:00
Johannes Segitz
ffbb4d7413 Merge remote-tracking branch 'upstream/master' 2022-01-25 09:49:57 +01:00
Thomas Sjögren
9819ac4023 allow unknown number of spaces in modprobe blacklists 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2021-10-26 10:53:33 +02:00
Johannes Segitz
13a8d2a190 tests_filesystems: check for blacklisted modules also under 
/usr/lib/modules.d
 2021-10-13 16:31:09 +02:00
Rob Chekaluk
b556450364 FILE-6344: support hidepid textual values 2021-06-21 08:53:43 -04:00
Sander
0298f51940 Added FILE-6398 test 2021-05-15 19:22:17 +00:00
Michael Boelen
0506d4467a
Merge pull request #1105 from afunix/1103-blacklisted-modules 
1103: FILE-6430 reports suggestion only when at least one kernel module is not in the blacklist
 2021-04-28 09:41:59 +02:00
Michael Boelen
aab6af4017
Merge pull request #1118 from steph78630/master 
Add translated status
 2021-04-01 13:34:20 +02:00
Stéphane
3683ffd3c4
Add translated status 2021-03-02 23:31:41 +01:00
Pavel Malyshev
fba5120f3f 1103: FILE-6430 reports suggestion only when at least one kernel module is not in the blacklist 2021-01-07 17:29:06 -06:00
Michael Boelen
da1c1eca10
Preparation for release 3.0.3 2021-01-07 15:22:19 +01:00
Stéphane
f1604c2e55
Add and improvements strings 2021-01-05 11:53:11 +01:00
Michael Boelen
01c970f73f
Merge pull request #1044 from delscate/master 
Fix wc and head cmd when using busybox
 2020-10-22 13:24:56 +02:00
Stéphane
67d04f2536
Add translate function for all sections 
+ add EN and FR up to date languages files
 2020-10-22 00:13:42 +02:00
Fabien Lehoussel
537624da15 Fix wc command with --lines argument to be used with busybox 2020-10-19 15:02:48 +02:00
Kepi
9d52395952 [FILE-6430] Don't grep nonexistant modprobe.d files 
We don't want to grep files in modprobe.d when dir is empty. Uses same approach
as in USB-1000.
 2020-07-02 18:22:03 +02:00
Michael Boelen
05ea9f873d
[FILE-6330] corrected description 2020-06-02 16:34:35 +02:00
Michael Boelen
b285623ac2
Remove double space 2020-06-02 16:30:43 +02:00
Michael Boelen
f232b4f9bb
Added quotes 2020-04-01 16:18:03 +02:00
Sander
4732b640ae Adding test FILE-6394 2020-03-28 19:23:00 +00:00
Topi Miettinen
339e0c3207
[FILE-6374]: Summarize unhardened file system 
Report total numbers of unhardened filesystems.

Signed-off-by: Topi Miettinen <toiwoton@gmail.com>
 2020-03-25 09:18:16 +02:00
Michael Boelen
3c8e3b0adb
Merge pull request #862 from topimiettinen/blacklist-fs 
FS module tests: check if modules are blacklisted
 2020-03-24 13:34:05 +01:00
Michael Boelen
f83025a283
Merge pull request #860 from topimiettinen/harden-mount-options 
Harden mount options for /var, check also /dev and /run
 2020-03-24 13:27:50 +01:00
Topi Miettinen
0da82a18cb
FS module tests: check if modules are blacklisted 
Check if FS modules are blacklisted.

Signed-off-by: Topi Miettinen <toiwoton@gmail.com>
 2020-03-23 17:43:53 +02:00
Michael Boelen
38310223a6
Updated date/year 2020-03-20 14:50:25 +01:00
Topi Miettinen
72e8f572bf
Harden mount options for /var, check also /dev and /run 
There should not be any need for char/block devices in /var, so
propose nodev. Sockets are not affected.

Check also /dev for noexec,nosuid and /run for
nodev,nosuid. Historically there was /dev/MAKEDEV script but that's
long gone.

In case a file system is not found in /etc/fstab, check if they are
mounted otherwise (e.g. via systemd mount units).

Signed-off-by: Topi Miettinen <toiwoton@gmail.com>
 2020-03-19 16:39:02 +02:00
gfelkel
d3287bd7ef
FILE-6310 for HP-UX 
HP-UX: /usr/sbin/mount reports "/home on /dev/…", so $1 has to be used
 2020-01-22 16:31:49 +01:00
Michael Boelen
35d248b74c
[FILE-6430] minor code improvements and show suggestion with more details 2019-12-18 19:20:48 +01:00
Michael Boelen
09f29a5e64
Code style improvement: quote argument 2019-12-18 12:17:46 +01:00
Michael Boelen
f188bac7e8
Update description for FILE-6374 2019-10-08 15:10:02 +02:00
Michael Boelen
ca0239b4d9
[FILE-6374] corrected defaults flag, added root directory, and changed logging 2019-09-12 16:34:45 +02:00
Michael Boelen
fa8bad20db
Use -n instead of ! -z 2019-07-16 13:20:30 +02:00
Michael Boelen
61d8c91eeb
[FILE-6310] filter on correct field for AIX 2019-06-06 14:20:12 +02:00
Michael Boelen
256bc1da0f
Undoed submitted pull request as it breaks testing at least on Ubuntu system 2019-04-08 11:07:41 +02:00
Capashenn
137dc6f0cc fix FILE-6374 (#672) 2019-04-08 10:36:17 +02:00
Michael Boelen
2c83037cba
Minor cleanup 2019-04-02 07:58:10 +02:00
Capashenn
7b7086566d Add test FILE-6324 check XFS file systems (#699) 2019-04-02 07:46:04 +02:00
Michael Boelen
66066ae226
Changed year and preparing for new release 2019-01-31 14:47:35 +01:00
Michael Boelen
d0f4a90c00
Grammar change 2018-09-06 07:55:58 +02:00
Katarina Durechova
993edc9738 [FILE-6363] Check for sticky bit on /var/tmp (#473) 2018-01-24 17:08:21 +01:00