tyler.durden
/
lynis
mirror of https://github.com/CISOfy/lynis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
1,582 Commits 2 Branches 63 Tags 18 MiB
Commit Graph

1097 Commits

Author SHA1 Message Date
Michael Boelen 2767cc2915 Added connections-max-wait-state setting alias 2016-08-13 09:47:50 +02:00
Michael Boelen bcfdcc2b97 Add show-report-solution setting 2016-08-13 09:45:38 +02:00
Michael Boelen 4eafdb6c85 [HRDN-7230] extended test and style change 2016-08-13 09:30:16 +02:00
erialor 32320b5575 Update tests_php (#261) 
Adding PHP5.6
 2016-08-12 19:14:09 +02:00
Michael Boelen 889a57fc03 Added DBS-1888 to test for Redis bound to localhost 2016-08-12 09:57:03 +02:00
Michael Boelen 1a6da63427 Added DBS-1886 to find renamed CONFIG command in Redis 2016-08-12 09:53:28 +02:00
Michael Boelen c761fe8106 Redefined test with requirepass option 2016-08-12 09:46:13 +02:00
Michael Boelen 30cb17cbc4 Added Redis tests DBS-1882 and DBS-1884 2016-08-11 19:56:33 +02:00
Michael Boelen aaa89fc6ce Set initial root directory to '/' 2016-08-11 19:55:29 +02:00
Michael Boelen 300ab03abc Improved SearchItem function and allow masking of sensitive details 2016-08-11 19:52:15 +02:00
Michael Boelen fa8826f59a Corrected text 2016-08-11 19:29:57 +02:00
Michael Boelen e78e7801ab Allow ExitFatal with text and test for input file on other tests 2016-08-11 19:03:01 +02:00
Michael Boelen bba7cfe200 Add return value to SearchItem() function 2016-08-11 18:46:17 +02:00
Michael Boelen 4f72cdf711 Mark VM type as OpenStack 2016-08-11 10:01:57 +02:00
Michael Boelen e176011912 Allow repository update to be disabled 2016-08-11 10:01:29 +02:00
Liao Tonglang b1c432c3e0 Make IsVirtualMachine detect centos6.8 on openstack (#258) 
These function made mistake in centos 6.8 virtual machine. Only dmicecode work
on these environment and it return Openstack Nova. A openstack case is needed
in codes that check $SHORT codes.
 2016-08-11 09:41:07 +02:00
Michael Boelen f9b2993f35 Removed unneeded field 2016-08-10 07:24:10 +02:00
Michael Boelen fc2d9b935c Removed unneeded field for warnings and suggestions 2016-08-10 07:13:38 +02:00
Michael Boelen 0115695d61 Removed unneeded field for warnings and suggestions 2016-08-10 07:13:33 +02:00
Michael Boelen 621e732797 Removed unneeded field for warnings and suggestions 2016-08-10 07:13:27 +02:00
Michael Boelen 3773e91597 Removed unneeded field for warnings and suggestions 2016-08-10 07:13:19 +02:00
Michael Boelen c3d438272f Removed unneeded field for warnings and suggestions 2016-08-10 07:13:10 +02:00
Michael Boelen 6392bc08d1 Removed unneeded field for warnings and suggestions 2016-08-10 07:13:04 +02:00
Michael Boelen b2ee2ffff1 Removed unneeded field for warnings and suggestions 2016-08-10 07:12:58 +02:00
Michael Boelen 3c4aee1358 Removed unneeded field for warnings and suggestions 2016-08-10 07:12:54 +02:00
Michael Boelen 74a11c97e7 Removed unneeded field for warnings and suggestions 2016-08-10 07:12:46 +02:00
Michael Boelen f14072d216 Removed unneeded field for warnings and suggestions 2016-08-10 07:12:41 +02:00
Michael Boelen dddfbdcb0a Removed unneeded field for warnings and suggestions 2016-08-10 07:12:35 +02:00
Michael Boelen 1715a1e2b5 Removed unneeded field for warnings and suggestions 2016-08-10 07:12:29 +02:00
Michael Boelen 387df54859 Removed unneeded field for warnings and suggestions 2016-08-10 07:12:22 +02:00
Michael Boelen d719706ecd Merge branch 'master' of https://github.com/CISOfy/lynis 2016-08-09 15:16:24 +02:00
Michael Boelen f434432954 [AUTH-9328] Test /etc/profile.d first for customizations of umask 2016-08-06 10:13:33 +02:00
alobodzinski 1d63d89dfd OS_KERNELVERSION_FULL is set only on Linux, OS_KERNELVERSION is not set on AIX, HP-UX, and Solaris (#254) 
Set initial values
 2016-08-04 14:24:44 +02:00
Michael Boelen 8a67003c0d Show --log-file on its own line 2016-08-02 15:50:17 +02:00
Michael Boelen 3c46482a9e Readability and style improvements 2016-07-31 21:20:38 +02:00
Michael Boelen 9874530615 Override reading of files when we are root 2016-07-31 21:18:56 +02:00
Michael Boelen 290252b764 [AUTH-9212] Added prerequisite to log 2016-07-31 21:15:31 +02:00
Michael Boelen d8ab98b845 [KRNL-5830] ignore rescue image for kernels 2016-07-31 21:09:05 +02:00
Michael Boelen 6283b9a7dd Code cleanup 2016-07-31 21:04:07 +02:00
Michael Boelen 1d2405cdaa Improve logging 2016-07-31 20:58:29 +02:00
Michael Boelen 039a829457 Style and readability improvements 2016-07-31 17:35:35 +02:00
Michael Boelen 66a871a07a Added missing dollar 2016-07-31 17:28:55 +02:00
Michael Boelen 9ae1aa749d Properly replace setting gathered from profiles 2016-07-31 17:18:36 +02:00
Michael Boelen ff38336e0b [KRNL-5830] Readability and style improvements 2016-07-31 16:28:17 +02:00
Michael Boelen 0993c0a13b Style and readability improvements 2016-07-31 15:58:20 +02:00
Michael Boelen 2fe1819c35 [PKGS-7383] Simplified test 2016-07-31 15:51:34 +02:00
Michael Boelen 1e62769ce0 [MAIL-8818] Style and refactoring 2016-07-31 15:43:06 +02:00
Michael Boelen 5e2f6d256b Removed word 'checking' from several tests' and style improvements 2016-07-31 13:53:26 +02:00
Michael Boelen 6426ce68c0 [AUTH-9216] Simplified test and make it more efficient 2016-07-31 13:45:21 +02:00
Michael Boelen 2b4d7a1e85 [AUTH-9218] Clean ups and improve readability 2016-07-31 13:34:17 +02:00
Michael Boelen 23e400ea9e More style and text changes, and removed warning 2016-07-31 13:29:23 +02:00
Michael Boelen 1b3cdb9883 [AUTH-9226] Style, text, and removed warning 2016-07-31 13:25:35 +02:00
Michael Boelen aad8d89bf8 [AUTH-9228] Provide just an suggestion instead of warning 2016-07-31 13:23:09 +02:00
Michael Boelen 8ee6cb42a3 DisplayError can now use an optional exit code to quit the program 2016-07-31 11:46:41 +02:00
beelsr 4143cd69b5 fix yum gpgenabled check to allow spaces around = (#247) 
Issue 245

yum.conf allows an arbitrary number of spaces to surround the equals assignment.
 2016-07-30 17:14:51 +02:00
Michael Boelen 15e364eae6 Initialize variable and unset at end 2016-07-30 16:41:57 +02:00
Michael Boelen 95b24f074f Initialize variables and style improvements 2016-07-30 16:41:34 +02:00
Michael Boelen 4faaa10a8c Initialize variables and cleanup 2016-07-30 16:41:11 +02:00
Michael Boelen cfdc8228fd [PKGS-7388] Readability improvements and initialization 2016-07-30 16:40:44 +02:00
Michael Boelen d776c30b06 [AUTH-9406] - Readability and code style changes 2016-07-30 16:08:45 +02:00
Michael Boelen 6375953b26 [PHP-2211] - Readability improvement and code style changes 2016-07-30 16:03:35 +02:00
Michael Boelen c74c572422 [FILE-6332] Enable testing for UUID usage with blkid command 2016-07-30 14:10:29 +02:00
Michael Boelen 220476d955 Test for blkid binary 2016-07-30 14:09:44 +02:00
Michael Boelen 9b9a97bceb [DBS-1880] Corrected variable name and style 2016-07-30 14:03:28 +02:00
Michael Boelen c8096dd06c Only show number of running containers when there are any 2016-07-30 14:01:36 +02:00
Michael Boelen 7670560c2a [HTTP-6720] Improve readability of test 2016-07-30 13:55:10 +02:00
Michael Boelen 0ec7f45f05 [AUTH-9268] Improve readability of test 2016-07-30 13:54:04 +02:00
Michael Boelen 0e18551b2c Catting of changelog removed 2016-07-30 13:48:22 +02:00
Michael Boelen b5408e50df Removed unneeded spacing instructions 2016-07-30 13:46:04 +02:00
Michael Boelen a5baafca02 Determine if all Docker tests should be executed, depending on exit code 2016-07-30 13:23:27 +02:00
Liao Tonglang 3fdb949152 Fix description of CheckFilePermissions (#243) 
* Fix description of CheckFilePermissions 

"Adds a system to a group, which can be used for categorizing" should belong to 
AddSystemGroup but not CheckFilePermissions

* make description of IsVirtualMachine right

"Check if a specific item exists in the report" should no be the description of IsVirtualMachien, change it.
 2016-07-30 12:08:43 +02:00
Michael Boelen f1dc6be5bf Start of refactor fail2ban tests and splitting them into different test areas 2016-07-30 12:06:30 +02:00
Michael Boelen af999d3207 Allow strict code checking for developers 2016-07-28 11:39:10 +02:00
Michael Boelen db5d825701 Check for number of arguments 2016-07-28 11:10:59 +02:00
Michael Boelen 22f99ede81 Check for number or arguments on ReportSuggestion and ReportWarning 2016-07-28 11:06:46 +02:00
Michael Boelen 052350feb4 [FINT-4402] Use correct variable 2016-07-28 10:38:10 +02:00
Michael Boelen 4e3de865ac Extended examples 2016-07-27 13:40:19 +02:00
Michael Boelen 17ab4708ec Removed --info from options, as it has been replaced with 'lynis update info' 2016-07-27 12:17:18 +02:00
Michael Boelen ff3f13cdd0 Make Lynis run in quick mode by default 2016-07-27 12:14:25 +02:00
Michael Boelen abf34b56b6 Rephrase suggestion 2016-07-27 09:55:06 +02:00
Michael Boelen f9a4348f10 Uppercase tests: detect them properly as atomic tests. 2016-07-26 16:01:38 +02:00
Michael Boelen d23e4b0fa5 Changed header and footer of screen output 2016-07-26 16:00:36 +02:00
Michael Boelen 2d2398714a More spacing in report 2016-07-26 15:33:52 +02:00
Michael Boelen 64075a8497 Replaced function with generic echo, as functions are not available yet 2016-07-26 15:20:18 +02:00
atao60 0b5b4a47a3 Display function creates wrong indentation of result column (#237) 2016-07-26 15:00:05 +02:00
Michael Boelen 532e242a2f Style changes 2016-07-26 14:58:04 +02:00
Michael Boelen 019203e7e8 Typo fix 2016-07-26 14:35:47 +02:00
n[oO]ne 7dbe80c7a4 Make time test 3106 work again (#239) 
There was a little typo in the test
 2016-07-25 09:59:41 +02:00
Michael Boelen 37763dcf4f [DBS-1880] Detection for redis 2016-07-24 19:46:45 +02:00
Michael Boelen 6d6cd79a82 Improve detection and display of gzipped changelog 2016-07-24 17:54:59 +02:00
Michael Boelen 773c410a02 Update remaining items for categories and groups 2016-07-24 17:24:09 +02:00
Michael Boelen 2f4c854ba7 Rename of categories, introduction of groups 2016-07-24 17:22:00 +02:00
Michael Boelen ee9d7963e7 Add 'lynis show changelog' to display release details 2016-07-24 15:40:55 +02:00
Michael Boelen 9a2dcc9dec Add DisplayError for showing errors on screen 2016-07-24 13:11:32 +02:00
Michael Boelen 65eaeb7ce9 Add header as color 2016-07-24 13:05:36 +02:00
Michael Boelen c1d351fe32 Add bold as color 2016-07-24 11:43:18 +02:00
Michael Boelen 64348b772c Add category and display more details about tests 2016-07-24 11:42:50 +02:00
Michael Boelen ccb39d5e52 [PHP-2374] Changed text and cleanups 2016-07-22 15:46:25 +02:00
Michael Boelen 7f25a1f00e Remove colors properly with one function (contribution: Mike Slifcak at Pindrop 2016-07-18 19:58:32 +02:00
Michael Boelen 75d8824d8f Add 'update check' as example 2016-07-18 10:34:10 +02:00
Michael Boelen 6b92407234 Add 'update check' functionality 2016-07-18 10:33:52 +02:00
Michael Boelen d02cb095da [PHP-2376] Log to discovered item to report instead of logfile 2016-07-16 16:28:43 +02:00
Michael Boelen 7ec51cdae0 Only use license key when it is defined 2016-07-14 15:26:46 +02:00
n[oO]ne 8aeba9fa3d fix: Test names are different. (#228) 
After changes in 9aa5736 the test names are different. This results in something like BOOT-5122 = boot-5122 and skipped test aren't skipped anymore.
 2016-07-14 13:49:20 +02:00
Michael Boelen 9aa57362e6 Show all tests uppercase and remove first space from list for correct display 2016-07-13 13:21:35 +02:00
Michael Boelen dd378a0ca3 Allow showing categories, logfile, report, and test details 2016-07-13 13:20:55 +02:00
Michael Boelen f9011c43e6 Exit cleanly when displaying categories 2016-07-13 11:12:31 +02:00
Michael Boelen 09aa31bb5c Minor code cleanup 2016-07-12 20:32:49 +02:00
Michael Boelen 07a113e46e Set initial value for language and improve auto detection 2016-07-12 20:32:15 +02:00
Michael Boelen cb76421d9c Proper display of tool tips configuration, while not showing tips when using show module 2016-07-12 20:09:10 +02:00
Michael Boelen c090e73ca1 Add blue colors for tips 2016-07-11 20:06:46 +02:00
Michael Boelen 38e6ff18d4 Merge and initial changes for new tests FILE-6344 and FILE-6430 2016-07-11 19:57:45 +02:00
Lukas Pirl 9a5647f66c added test FILE-6337: check if /proc mounted with hidepid=(1|2) (#225) 
to hide users' sensitive files in /proc from other users
  (see `man proc` for details)
 2016-07-11 16:48:25 +02:00
Lukas Pirl f19f5927a5 added test for AllowAgentForwarding being turned off (#222) 
for reasons, see links below:
  https://wiki.mozilla.org/Security/Guidelines/OpenSSH#SSH_agent_forwarding
  https://heipei.github.io/2015/02/26/SSH-Agent-Forwarding-considered-harmful/
 2016-07-11 11:25:51 +02:00
Michael Boelen 576e11b995 [BOOT-5122] Extended password check 2016-07-11 11:24:52 +02:00
Michael Boelen 09a9b80fde Merge branch 'master' of https://github.com/CISOfy/lynis 2016-07-11 11:21:08 +02:00
ratrop cd2429688b Update tests_boot_services (#201) 
Added detection of password for Grub2 in Ubuntu 14.04 LTS. Previous version doesn't detect it.
 2016-07-11 11:20:05 +02:00
Michael Boelen 648d043b0a [FILE-6430] initial import and changes 2016-07-11 11:18:53 +02:00
Michael Boelen d1c8cd3d05 Merge branch 'master' of https://github.com/CISOfy/lynis 2016-07-11 10:32:30 +02:00
Michael Boelen 52317de56c Set date of break lines to similar format as normal log entries 2016-07-11 10:32:00 +02:00
Yann ILAS a62a09d9e4 Remove the support of some filesystems (#205) 
For now keeping the test as-is and merge.
 2016-07-11 10:24:38 +02:00
Michael Boelen 74c9513fbb [HTTP-6632] fix for proper detection of Apache modules 2016-07-11 09:49:24 +02:00
Michael Boelen 13c228fd2d Add --configured-only option to lynis show settings 2016-07-05 19:57:11 +02:00
Michael Boelen 1655b5728b Disable color status and clear blue color 2016-07-05 19:56:38 +02:00
Michael Boelen 467c30b16b Start of migration of deprecated profile options 2016-07-05 19:56:13 +02:00
Michael Boelen b44acc16e0 Disable upload compression for now 2016-07-05 19:55:45 +02:00
Michael Boelen 474455d18b Define colors 2016-07-05 19:55:31 +02:00
Michael Boelen f8bee58ade Implement tooltips 2016-07-05 18:18:54 +02:00
Michael Boelen bac442c6fe Migrate to new options, including skip-plugins 2016-07-05 17:26:27 +02:00
Michael Boelen 75786a1c80 Added DisplayToolTip 2016-07-05 17:25:19 +02:00
Michael Boelen 0c5387f1fe Migration to new profile names and store the related settings 2016-07-05 16:49:36 +02:00
Michael Boelen bdf9a5cf04 Add lynis show settings with --brief and --nocolors options 2016-07-05 16:49:10 +02:00
Michael Boelen 5778d4fa0d Add fuctions: AddSetting, DiscoverProfiles, ParseProfiles 2016-07-05 16:47:32 +02:00
Michael Boelen 8b8a1a9b66 [CRYP-7902] Use SSL paths as configured by profile 2016-07-05 16:46:50 +02:00
Michael Boelen 998af3d7de Add variable for settings and SSL paths 2016-07-05 16:45:27 +02:00
Michael Boelen 6c24c198ee [PRNT-2306] Check if files are readable before parsing them 2016-07-05 12:19:43 +02:00
Michael Boelen fbd24b585a Rename Maid to CleanUp 2016-07-05 12:16:49 +02:00
Michael Boelen 72ca2b926d [AUTH-9254] Only let root use this test, due to permissions 2016-07-05 12:10:32 +02:00
Michael Boelen c181a5745f [AUTH-9288] Only check for accounts which have a maximum password age set 2016-07-05 10:51:59 +02:00
Michael Boelen d9b609ed98 Do not provide a tip about uploading data when user is already doing that 2016-07-05 10:40:07 +02:00
Michael Boelen a1ebc18a76 Don't override variables of ReportDetails functions on every parameter 2016-06-30 11:34:27 +02:00
Michael Boelen 114d95c475 [AUTH-9234] Test for minimal UID number via /etc/login.defs 2016-06-30 11:30:58 +02:00
Michael Boelen 6861e8065f Improve screen output 2016-06-18 11:15:39 +02:00
Michael Boelen 87efe5651f Replaced text strings to allow translations 2016-06-18 11:15:11 +02:00
Michael Boelen b553f01b2a Allow long lines of text by resetting number of spaces to 0 when needed 2016-06-18 11:14:50 +02:00
Michael Boelen 983e293eb1 Replaced text strings to allow translations 2016-06-18 11:14:01 +02:00
Michael Boelen 1be27c7b00 Added IsDeveloperVersion to detect if release is still under development 2016-06-18 09:28:53 +02:00
Michael Boelen 52ad74c5ce [SSH-7408] Show SSH items as a suggestion on screen, like in the report 2016-06-11 14:45:17 +02:00
Michael Boelen f8b134f3c3 Add automatic detection of used language 2016-06-11 14:34:21 +02:00
Michael Boelen f851834dbd Added support for multiple languages 2016-06-11 14:09:41 +02:00