tyler.durden
/
lynis
mirror of https://github.com/CISOfy/lynis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
1,807 Commits 2 Branches 62 Tags 17 MiB
Commit Graph

1807 Commits

Author SHA1 Message Date
Michael Boelen 69224716f6 Updated logging 2017-03-20 13:13:01 +01:00
Michael Boelen 90e240cfb5 [CUPS-2308] removed exception handler, improved logging 2017-03-20 13:12:55 +01:00
Michael Boelen 72aed70677 Updated log 2017-03-17 19:00:20 +01:00
Yaisel Hurtado 4368013b43 Fixed detection of security repositories (#370) 2017-03-17 17:59:21 +00:00
Michael Boelen 7b28803a06 Updated log 2017-03-17 10:37:31 +01:00
Michael Boelen cba08e8002 Move to development release 2017-03-17 10:37:25 +01:00
Michael Boelen 9ff31074a1 Added more banner words 2017-03-17 10:37:14 +01:00
Michael Boelen 5693a6c196 Release 2.4.6 2017-03-15 10:35:12 +01:00
Michael Boelen 4d2e0e5aab Added another certificate path for Plesk 2017-03-14 16:47:01 +01:00
Michael Boelen ba7d13b4e4 Updated log 2017-03-14 16:43:00 +01:00
Michael Boelen 35440d437c Support for Plesk certificates path 2017-03-14 16:42:51 +01:00
Michael Boelen d8e41ca118 [CRYP-7902] Support for Plesk file names 2017-03-14 16:42:39 +01:00
Michael Boelen 70607daa65 Cleanups 2017-03-14 16:41:47 +01:00
Michael Boelen 352ea8c21c Added missing pipe 2017-03-13 19:55:00 +01:00
Michael Boelen b67d9233eb Added more logging 2017-03-13 19:53:56 +01:00
Michael Boelen cfc3fae91c Updated log 2017-03-13 19:48:10 +01:00
Michael Boelen e4474320ee [PKGS-7387] check all repositories for usage of gpg signing 2017-03-13 19:47:06 +01:00
Michael Boelen cd63e2389e [FILE-7524] Do not show missing files or paths by default 2017-03-13 16:26:26 +01:00
Michael Boelen 8cfd05fdef Updated log 2017-03-13 15:51:42 +01:00
Michael Boelen 4be6b958e4 [MALW-3280] added Avira detection 2017-03-13 15:51:13 +01:00
Michael Boelen 61f96d9b1c Updated log 2017-03-13 12:09:36 +01:00
Michael Boelen 6083f6d9ff [SCHD-7704] permission checks and minor code cleanups 2017-03-13 12:00:27 +01:00
Michael Boelen 320a397772 [TIME-3104] Test permissions before opening files 2017-03-13 11:59:05 +01:00
Michael Boelen 7d17bfbbd7 Escape file when needed to test if it is readable 2017-03-13 11:57:23 +01:00
noci2012 ad779f29eb Added new php paths (#369) 
removed php5.4,  added 7.0 and 7.1 and the flavours that are known on gentoo
(apache2, cgi, cli, embed,  fpm)
 2017-03-13 09:50:09 +00:00
Michael Boelen fa6f3f3278 Updated log 2017-03-12 19:27:22 +01:00
Michael Boelen de84454d3f Cleanup 2017-03-12 19:27:16 +01:00
Michael Boelen b66e1402df Support for Manjaro Linux 2017-03-12 19:27:04 +01:00
Michael Boelen 7135154420 Updated log 2017-03-12 17:02:03 +01:00
Michael Boelen 814f2355ca [NAME-4018] only perform test when /etc/resolv.conf exists 2017-03-12 17:01:58 +01:00
Michael Boelen 5df7773464 Updated log 2017-03-12 16:43:47 +01:00
Michael Boelen c2b7c76f97 Mark OS version of Arch Linux as rolling release 2017-03-12 16:42:44 +01:00
Michael Boelen 78b6a6b49f Remove lines related to report 2017-03-12 16:37:43 +01:00
Michael Boelen 369f0b82d7 Move to development version 2017-03-12 16:36:12 +01:00
Michael Boelen 88b37d16ca Added FileInstalledByPackage function 2017-03-12 16:36:02 +01:00
Michael Boelen 32b9af0767 [CRYP-7902] Test certificates with extension crt and pem, only if not part of a package 2017-03-12 16:35:50 +01:00
Michael Boelen a70cfd0a70 Improve message 2017-03-09 12:32:32 +01:00
Michael Boelen 26d155e012 Moving to 2.4.5 release 2017-03-09 12:29:09 +01:00
Michael Boelen bb83598ff1 [DBS-1882] include redis.conf 2017-03-09 12:28:05 +01:00
Michael Boelen 336dcb4811 [PKGS-7381] Enhanced FreeBSD pkg audit testing 2017-03-09 12:27:38 +01:00
Michael Boelen e082b8af08 Updated log 2017-03-08 21:19:20 +01:00
Michael Boelen d7d9539547 Updated log 2017-03-08 20:16:15 +01:00
Michael Boelen 658bbc6eba Rename host_alias to hostname_alias 2017-03-08 20:16:00 +01:00
hlein 62d9a18861 A bunch of Solaris compatibility tweaks (#367) 
* Work around Solaris' /bin/sh not being POSIX.

If /usr/xpg4/bin/sh is present, we are (definitely?) on Solaris or
a derivative, and /bin/sh cannot be trusted to support POSIX, but
/usr/xpg4/bin/sh can be.  Exec it right away.

* Work around Solaris 'which' command oddity.

Solaris' (at least) 'which' command outputs not-found errors to STDOUT
instead of STDERR.

This makes "did we get any output from which" checks insufficient;
piping to grep -v the "no foo in ..." message should work.

Note that this patch set includes all such uses of which that I could
find, including ones that should never be reached on Solaris (i.e. only
executed on some other OS) just for consistency.

* Improved alternate-sh exec to avoid looping.

* Solaris' /usr/ucb/echo supports -n.

* Check for the best hash type that openssl supports.

When using openssl to generate hashes, do not assume it supports
sha256; try that, then sha1, then give up and use md5.

* Solaris does not support sed -i; use a tempfile.

* Use the full path for modinfo.

When running as non-root, /usr/sbin/ might not be in PATH.
include/tests_accounting already calls modinfo by full path, but
include/tests_kernel did not.

* Solaris find does not support -maxdepth.

This mirrors the logic already in tests_homedirs.

* Use PSBINARY instead of ps.

* Work around Solaris' date not supporting +%s.

Printing nawk's srand value is a bizarre but apparently once popular
workaround for there being no normal userland command to print
UNIX epoch seconds.  A perl one-liner is the other common approach,
but nawk may be more reliably present on Solaris than perl.

* Revert to using sha1 for HOSTID.

* Whitespace cleanup for openssl hash tests.
 2017-03-08 16:24:24 +00:00
hlein e054e9757c Lots of cleanups (#366) 
* Description fix: SafePerms works on files not dirs.

All uses of SafePerms are on files (and indeed, it would reject
directories which would have +x set).

* Lots of whitespace cleanups.

Enforce everywhere(?) the same indentations for if/fi blocks.
The standard for the Lynis codebase is 4 spaces.  But sometimes
it's 1, sometimes 3, sometimes 8.

These patches standardize all(?) if blocks but _not_ else's (which
are usually indented 2, but sometimes zero); I was too lazy to
identify those (see below).

This diff is giant, but should not change code behavior at all;
diff -w shows no changes apart from whitespace.

FWIW I identified instances to check by using:

  perl -ne 'if ($oldfile ne $ARGV) { $.=1; $oldfile=$ARGV; }; chomp; if ($spaces) { next unless /^( *)([^ ]+)/; $newspaces=length($1); $firsttok = $2; next unless defined($firsttok); $offset = ($firsttok eq "elif" ? 0 : 4); if ($newspaces != $spaces + $offset) { print "$ARGV:$ifline\n$ARGV:$.:$_\n\n" }; $ifline=""; $spaces="";  } if (/^( *)if (?!.*[; ]fi)/) { $ifline = "$.:$_"; $spaces = length($1); }' $(find . -type f -print0 | xargs -0 file | egrep shell | cut -d: -f1)

Which produced output like:

  ./extras/build-lynis.sh:217:            if [ ${VERSION_IN_SPECFILE} = "" -o ! "${VERSION_IN_SPECFILE}" = "${LYNIS_VERSION}" ]; then
  ./extras/build-lynis.sh:218:               echo "[X] Version in specfile is outdated"

  ./plugins/plugin_pam_phase1:69:        if [ -d ${PAM_DIRECTORY} ]; then
  ./plugins/plugin_pam_phase1:70:                LogText "Result: /etc/pam.d exists"

...There's probably formal shellscript-beautification tools that
I'm oblivious about.

* More whitespace standardization.

* Fix a syntax error.

This looks like an if [ foo -o bar ]; was converted to if .. elif,
but incompletely.

* Add whitespace before closing ].

Without it, the shell thinks the ] is part of the last string, and
emits warnings like:

  .../lynis/include/tests_authentication: line 1028: [: missing `]'
 2017-03-07 19:23:08 +00:00
Michael Boelen 7e915df1ee Updated log 2017-03-06 15:42:47 +01:00
Jean Prat a53cb004fa umask can be 0027 or 0077 (#364) 
* umask can be 0027 or 0077

* Readme update
 2017-03-06 14:41:11 +00:00
hlein b595cc0fb5 Various cleanups (#363) 
* Typo fix.

* Style change: always use $(), never ``.

The Lynis code already mostly used $(), but backticks were sprinkled
around.  Converted all of them.

* Lots of minor spelling/typo fixes.

FWIW these were found with:

  find . -type f -print0 | xargs -0 cat | aspell list | sort -u | egrep '^[a-z]+$' | less

And then reviewing the list to pick out things that looked like
misspelled words as opposed to variables, etc., and then manual
inspection of context to determine the intention.
 2017-03-06 07:41:21 +00:00
Michael Boelen b9ae378edb Updated log 2017-03-05 20:45:19 +01:00
Michael Boelen b0cde02c71 Code enhancements and allow host alias to be defined in profile 2017-03-05 20:45:13 +01:00