Michael Boelen
6e549eb545
Set ip binary
2018-01-18 16:23:55 +01:00
Michael Boelen
3957ca32cd
Minor code enhancements
2018-01-18 16:23:23 +01:00
Michael Boelen
173068b402
Added getcap and grpck back
2018-01-18 11:10:11 +01:00
Michael Boelen
4f751c9037
Remove service manager reference from systemctl, minor cleanup
2018-01-18 10:23:39 +01:00
Michael Boelen
182ce09bc1
Additional code enhancements
2018-01-18 09:19:06 +01:00
Michael Boelen
8934042473
Code enhancements
2018-01-17 17:26:30 +01:00
mslifcak
25b3c4f1eb
VBoxService running is another VirtualBox clue ( #505 )
2018-01-17 17:19:51 +01:00
BlessJah
d7d42d9103
remove non printable characters from code ( #470 )
...
Non printable ESC character is required to obtain terminal escape
sequence i.e. for changing output color.
Such sequences (especially ESC character) were replaced by command
substitution producing exactly same result (variable value), but using
only "safe" characters.
Use of printf and especialy '\033' or '\0ddd' sequences is described
here:
http://pubs.opengroup.org/onlinepubs/9699919799/utilities/printf.html#tag_20_94_13
Use of $(command) or command substitution is described here:
http://pubs.opengroup.org/onlinepubs/9699919799/utilities/V3_chap02.html#tag_18_06_03
Verbatim TAB characters were replaced with \t escape sequence as
described to avoid problems with editors silently replacing them or
developer accidentialy messing up the regex.
2018-01-17 17:12:36 +01:00
mslifcak
173843bdfd
Pin svc mgr ( #506 )
...
* systemctl does not mean systemd is used
* Check for systemd active
* determine service manager if not already set
2018-01-17 15:56:19 +01:00
Michael Boelen
9ba5d200ad
Enhancements to reduce file access and removing unneeded variables
2018-01-17 14:46:29 +01:00
mslifcak
2c774b8795
sort BIN_PATHS before process ( #510 )
2018-01-17 13:49:07 +01:00
Jason Soto
73e0e7b5e4
Changed Process name search for Bitdefender test. ( #503 )
...
* Added php.ini locations for Ubuntu 16.04LTS
* Switched Process name Search Bitdefender
* Switched Process name Search Bitdefender
2018-01-13 12:55:16 +01:00
Michael Boelen
b236e7d95d
[PHP-2379] added quotes
2018-01-13 12:53:50 +01:00
Michael Boelen
b4758e0b23
Use PATH variable as first method to scan directories
2018-01-11 12:05:21 +01:00
Michael Boelen
541996f672
Rename variable
2018-01-11 10:38:11 +01:00
Michael Boelen
00ad535c6b
Use different variable in for loop
2018-01-11 10:37:56 +01:00
Michael Boelen
35a1524d07
Added alias for skipping plugins
2018-01-11 10:19:29 +01:00
Michael Boelen
1504370e41
Added solution, extended timestamps key values, allow multiple values
2018-01-11 10:19:16 +01:00
Michael Boelen
66f8cb2441
Changed year
2018-01-11 09:50:26 +01:00
n[oO]ne
aebb0c8ed4
lynis should not suggest suhosin for PHP 7 ( #498 )
2018-01-11 09:47:47 +01:00
Michael Boelen
c487bcb277
\-C flag of ps is different on BSD
2017-12-24 14:05:55 +01:00
Michael Boelen
4042c45954
Changes for new plugin class 'hardware'
2017-12-08 09:37:55 +01:00
Shaleen Jain
21b129f947
Fix detecting systemd timedate deamon ( #494 )
...
Fix detecting systemd timedate daemon
2017-11-29 15:59:07 +01:00
Michael Boelen
e4cb190237
Support for allow-auto-purge option in profiles
2017-11-25 16:11:04 +01:00
wschaft
c453331265
fixing "Repository listed more than once" issue ( #449 ) ( #490 )
2017-11-08 19:20:20 +01:00
Katarina Durechova
09de901d11
Check zero size of files correctly ( #487 )
...
from man test:
-s FILE
FILE exists and has a size greater than zero
-z STRING
the length of STRING is zero
2017-10-31 09:05:29 +01:00
Michael Boelen
e5c11991ef
Code enhancements and textual change
2017-10-29 11:26:25 +01:00
Michael Boelen
ebf16462a8
Improve IsRunning function to match full process names
2017-10-29 10:54:40 +01:00
Michael Boelen
011e6248c2
Use full match for Little Snitch
2017-10-29 10:54:16 +01:00
Michael Boelen
764c18c218
Code enhancements, improve detection for Puppet
2017-10-29 10:52:42 +01:00
Michael Boelen
331422384a
Added --silent as parameter for --quiet
2017-10-29 10:26:18 +01:00
Michael Boelen
d13cdda1e3
Filter only relevant messages for report
2017-10-26 08:23:15 +02:00
Michael Boelen
b29732bf5f
Spacing and readability
2017-10-24 14:15:59 +02:00
Michael Boelen
c5e014eaf4
Corrected description
2017-10-24 13:39:41 +02:00
James White
45748184a8
Add additional DirectAdmin paths for php.ini ( #479 )
2017-10-24 13:16:59 +02:00
Michael Boelen
539fe2242a
Merge branch 'master' of https://github.com/CISOfy/lynis
2017-10-19 19:38:36 +02:00
Michael Boelen
9d238f6e78
Added HP-UX routine for GetHostID
2017-10-19 19:37:25 +02:00
dataking
099c3b4468
fix for issue #453 ; simply add RPi/Raspian path to PAM_FILE_LOCATIONS ( #475 )
2017-10-19 11:33:09 +02:00
vins1993
6a74a8727f
Fix displayed result for signing keys check ( #466 )
...
The result of the signing keys check is saved under KEYS_USED variable,
but SSL_USED was used to present the result to the end user.
2017-09-21 15:09:57 +02:00
Michael Boelen
19bbc4272f
[SHLL-6220] Improved detection of shell settings like TMOUT
2017-09-18 19:50:41 +02:00
Michael Boelen
76b4afb14d
[SSH-7408] set default 'delayed' compression as a sane value
2017-09-18 19:18:11 +02:00
Michael Boelen
94f656bf65
Add 127.0.1.1 to NETW-2704 test
2017-09-17 20:01:07 +02:00
Michael Boelen
3670e0c5c9
Minor changes to using local resolvers
2017-09-16 14:25:01 +02:00
Michael Boelen
83ce145f1b
Merge branch 'master' of https://github.com/CISOfy/lynis
2017-09-16 14:10:20 +02:00
Ben Abrams
192cc494ed
[NETW-2705] This is related to #437 and resolvconf but is split up. ( #459 )
...
This specifically makes it so that when `/etc/resolv.conf` has one or more nameservers matching `127.0.[0-1].1` it should not warn as it is using local resolvers.
We are simply using `grep -c "127.0.[0-1].1" /etc/resolv.conf` to determine this.
2017-09-16 14:09:32 +02:00
Michael Boelen
11f81345ee
Code enhancement
2017-09-16 14:08:38 +02:00
Michael Boelen
499f7d5015
Improve process detection
2017-09-16 14:08:26 +02:00
FlorentCoppint
ccf9db18f8
Improved IsRunning() process matching ( #463 )
2017-09-16 13:58:04 +02:00
Michael Boelen
79278c32ef
Added extra legal words for banners
2017-09-12 15:23:37 +02:00
Michael Boelen
c248ab6a16
[CRYP-7902] fix for bourne shell and rewrite
2017-09-06 12:56:32 +02:00
Michael Boelen
2451029a6e
Allow for files with spaces
2017-09-06 12:55:56 +02:00
Michael Boelen
77400d3952
Improve logging
2017-09-05 13:29:21 +02:00
Brian Ginsbach
30c58dd1ed
Don't assume sshd version is in first line ( #452 )
...
There are some versions of OpenSSH where the version information
isn't in the first line (like NetBSD's with the HPN patches).
2017-09-04 15:33:28 +02:00
Tom Reynolds
41174afda6
Do not limit debsums to Debian systems ( #457 )
...
Debsums is supported on Debian and other systems as per GitHub issue #446 .
Undo commit d1969001c6
.
2017-09-04 15:30:25 +02:00
Michael Boelen
0fc8adb3c5
When providing suggestion related to hostid, append to file instead of overwriting
2017-08-31 17:11:15 +02:00
Michael Boelen
769b1f49e2
Detection of Linux Mint missed right field
2017-08-31 17:04:17 +02:00
Bruno Vernay
6cf1c324f8
Support spaces in file names ( #445 )
...
* Support spaces in file names
File names may contain spaces
* Fixed 2more cases
2017-08-29 14:33:18 +02:00
Bruno Vernay
4107d8a461
Support spaces in file names ( #444 )
...
File names may contain spaces
2017-08-29 14:32:42 +02:00
Brian Ginsbach
3512068a49
[PKGS-7380] Fix NetBSD packages vulnerabilities file name ( #443 )
...
* [PKGS-7380] Fix NetBSD packages vulnerabilities file name
* OS Detection: Add early Mac OS X releases
2017-08-19 10:53:25 +02:00
Michael Boelen
d682673c63
Preparations for APT
2017-08-19 10:51:06 +02:00
Michael Boelen
06491a5b4f
Linux Mint detection
2017-08-19 10:50:53 +02:00
Michael Boelen
1190efac2b
[CRYP-7902] add a test to filter out non-certificate files
2017-08-18 19:19:15 +02:00
Michael Boelen
4a673aebc7
[CRYP-7902] certificate validation changed
2017-08-18 14:14:28 +02:00
Michael Boelen
00648a636c
Improve systemd detection
2017-08-17 20:28:32 +02:00
Michael Boelen
c0a6aaf855
[TOOL-5002] performance enhancement to reduce number of dirs/files to check
2017-08-17 20:10:51 +02:00
Michael Boelen
5be81289ee
[TOOL-5002] rewrite of Ansible detection
2017-08-17 20:06:41 +02:00
Michael Boelen
43228c2ca7
[TOOL-5002] Ansible detection added
2017-08-17 14:20:54 +02:00
Michael Boelen
358dc46b81
Ignore file access errors when trying to access them
2017-08-17 14:18:29 +02:00
Michael Boelen
77ebb23320
[HRDN-7230] Show single line when no malware scanner was detected
2017-08-17 14:17:57 +02:00
Lukas Pirl
b3dffbf750
remove test for deprecated sshd option UsePrivilegeSeparation ( #432 )
...
see also https://www.openssh.com/txt/release-7.5
2017-08-16 20:33:33 +02:00
Tom H
3adeac922e
Do not unset PHPVERSION after detect it ( #438 )
2017-08-16 20:33:11 +02:00
Jason Soto
5b81f625a6
Added php.ini locations for Ubuntu 16.04LTS ( #439 )
2017-08-16 20:32:55 +02:00
Michael Boelen
a547953d99
Set default log directory, or allow it be set per OS
2017-08-08 14:52:59 +02:00
Michael Boelen
4660362e74
Redirect errors like file permissions
2017-08-08 14:52:11 +02:00
Michael Boelen
49c1bf8d55
[NETW-3006] Updated detection of MAC addresses on Linux
2017-08-03 20:28:38 +02:00
Michael Boelen
4781b1c170
Added /opt/apache
2017-08-02 13:01:23 +02:00
Stéphane BARBARAY
9ca2d640b8
Enhanced detection for LXC and LXC over VM ( #426 )
...
* Update functions
* Update functions
* Update tests_shells
* Update tests_shells
* Update IsVirtualMachine
extra check on /proc/1/environ existence + Log result
2017-07-31 12:51:19 +02:00
Michael Boelen
dbec83566b
[FILE-6310] match mount points by exact name
2017-07-28 10:42:17 +02:00
Michael Boelen
ebc706aa64
Merge branch 'master' of https://github.com/CISOfy/lynis
2017-07-28 10:26:34 +02:00
alobodzinski
6147ebd47b
Suhosin is hard linked into PHP on OpenBSD ( #423 )
2017-07-28 10:14:04 +02:00
Michael Boelen
60f94fef47
[CRYP-7902] prevent test from showing error on screen related to wrong certificate file
2017-07-18 11:51:45 +02:00
James White
d7b0c28699
Add /usr/lib/apache module search path for DirectAdmin ( #417 )
2017-07-11 09:26:00 +02:00
Michael Boelen
d1969001c6
[PKGS-7370] only use debsums test for Debian systems
2017-07-10 16:08:32 +02:00
Michael Boelen
df32cb29b0
Include instructions if hostid2 is empty
2017-07-10 16:07:39 +02:00
superpoussin22
29f5dc7e53
Update tests_containers ( #412 )
...
last docker version no more use docker -d sounds better to check dockerd
2017-07-10 15:24:09 +02:00
(╯°□°)╯︵ uᴉǝssnH ɐɟɐʇsoW
3b66a22f39
Firewall check updates ( #414 )
...
* Check if CSF is running
* Check for APF presence
2017-07-10 15:23:32 +02:00
(╯°□°)╯︵ uᴉǝssnH ɐɟɐʇsoW
3a6fa0bb6b
Suhosin simulation mode status ( #411 )
...
* fix suhsoin check text
* use PHPINI_ALLFILES variable
* Check suhosin simulation mode status
* Small style improvement
2017-07-10 14:38:42 +02:00
Jeremy Daer
f33cdd3a17
OS detection: macOS 10.13, High Sierra ( #409 )
2017-07-01 10:29:05 +02:00
Michael Boelen
f903b6f079
Allow tags and system-customer-name to be specified
2017-06-22 10:15:39 +02:00
Michael Boelen
f4b6d8d401
Show full command for remote usage
2017-06-21 14:28:12 +02:00
Daniel Romell
5b12f17e3f
Minor fixes for embedded Linux. ( #406 )
...
* Check if the "locale" binary is available before using it.
This is no functional change as it will still fall back to english
when the locale can't be determined. This fix gets rid of the
following error when running on systems without the locale binary:
./lynis: line 112: locale: command not found
Signed-off-by: Daniel Romell <daro@hms.se>
* tests_kernel: KRNL-5677: Fix invalid use of shell test.
This fixes an issue (syntax error) triggered on systems with no PAE or
NX extensions:
- Checking CPU support (NX/PAE)
/usr/libexec/lynis/include/tests_kernel: line 126: [: too many arguments
/usr/libexec/lynis/include/tests_kernel: line 132: [: too many arguments
No need to use [] when only looking at function return values.
Signed-off-by: Daniel Romell <daro@hms.se>
2017-06-21 14:17:49 +02:00
Athmane Madjoudj
ac2c83870b
Add lowercase path for changelog search (eg: Fedora/EPEL pkg) ( #408 )
2017-06-21 14:08:57 +02:00
(╯°□°)╯︵ uᴉǝssnH ɐɟɐʇsoW
98b80f7c49
add ini paths for cloudlinux ( #400 )
2017-06-14 14:07:37 +02:00
(╯°□°)╯︵ uᴉǝssnH ɐɟɐʇsoW
4cbe8f32c6
add suhosin status test ( #401 )
...
* add suhosin status test
* get matched line only
2017-06-14 14:06:51 +02:00
Jose Luis Duran
9dc4efefd6
Fix pkg audit option ( #403 )
...
-F, --fetch
Fetch the database before checking.
[ci skip]
2017-06-14 14:06:18 +02:00
Michael Boelen
0e535c851a
Small style improvement
2017-05-31 15:47:21 +02:00
mslifcak
8d2b3a202f
A250 2 ( #398 )
...
* fix missing ROOTDIR prefix
* sort list of services before processing
* sort list of certificates before processing
* sort list of startup scripts before processing
* spell check
* remove possessive pronoun
2017-05-31 15:40:39 +02:00
(╯°□°)╯︵ uᴉǝssnH ɐɟɐʇsoW
360be2a700
Add a check for csf testing mode ( #399 )
2017-05-31 15:37:22 +02:00
mslifcak
af60a2463a
250 fixes ( #393 )
...
* restore use of lshw
* add ROOTDIR to restore lost PHP file ref
* refactor certificate search to benefit older "find" command
2017-05-23 14:56:25 +02:00
Michael Boelen
aec9b57c29
Changes to BOOT-5104 and HTTP-6716
2017-05-08 14:56:39 +02:00
Michael Boelen
918b962ae5
Code enhancements
2017-05-03 10:42:34 +02:00
Michael Boelen
a9b67dc675
Reinitialize temporary files to prevent possible symlink attack - CVE-2017-8108
2017-05-03 09:47:35 +02:00
Michael Boelen
67333bb09a
[SHLL-6290] Removed ShellShock test as it is no longer needed - CVE-2017-8108
2017-05-03 09:33:40 +02:00
Michael Boelen
4ecb9d4d05
[bulk change] cleaning up, code enhancements, initialization of variables, and new tests
2017-04-30 17:59:35 +02:00
Michael Boelen
5ccd0912cf
[MALW-3280] Added detection of Symantic components
2017-04-29 14:22:40 +02:00
Michael Boelen
f39e72dbd5
Remove unused file
2017-04-23 20:19:30 +02:00
Michael Boelen
2340e7bbbc
Added HasData and IsEmpty function
2017-04-23 20:19:18 +02:00
Michael Boelen
a04b2da851
Initialize variables
2017-04-23 20:19:02 +02:00
Michael Boelen
70ea29483a
Code enhancements
2017-04-23 20:06:54 +02:00
Michael Boelen
9e9b95e1da
Apply substite for TIME-3148 and first batch of code enhancements
2017-04-23 20:06:24 +02:00
0ri0n
b433cf0bac
Add Additional php.ini Paths ( #377 )
2017-04-17 15:38:48 +02:00
Michael Boelen
b0b0fd0256
Add atomic tests to report
2017-03-27 17:15:02 +02:00
Michael Boelen
e498e6ae64
Remove unused test parts
2017-03-27 17:14:34 +02:00
Michael Boelen
7f06a2c34f
Added MAIL-8820 test for Postfix
2017-03-27 17:14:11 +02:00
Michael Boelen
e14376cdab
Minor cleanups
2017-03-27 12:23:27 +02:00
Michael Boelen
b306ab891f
Add additional check for Puppet tool
2017-03-27 12:21:42 +02:00
Athmane Madjoudj
5f0b24d2c8
Add support for cPanel PHP (Scl-based pacakging) GHT #340 ( #373 )
...
* Add support for cPanel PHP (Scl-based pacakging) GHT #340
* Add myself to contributors as requested
2017-03-27 09:21:37 +02:00
pyllyukko
88f39b9540
Fix regex to disregard locked accounts ( #371 )
...
This way, accounts that have ":!!:" in shadow and have an entry in
"Password expires" field don't get flagged with "Result: password of
user XYZ has been expired" by AUTH-9288.
Fixes #362
2017-03-27 09:19:55 +02:00
guyav
a0849ac053
Added quote marks on SSH commands ( #372 )
...
Added quote marks for the SSH commands in steps and 6.
2017-03-27 09:19:01 +02:00
Michael Boelen
57770fe332
[HTTP-6641] support Apache mod_reqtimeout module
2017-03-20 13:40:00 +01:00
Michael Boelen
90e240cfb5
[CUPS-2308] removed exception handler, improved logging
2017-03-20 13:12:55 +01:00
Yaisel Hurtado
4368013b43
Fixed detection of security repositories ( #370 )
2017-03-17 17:59:21 +00:00
Michael Boelen
9ff31074a1
Added more banner words
2017-03-17 10:37:14 +01:00
Michael Boelen
d8e41ca118
[CRYP-7902] Support for Plesk file names
2017-03-14 16:42:39 +01:00
Michael Boelen
352ea8c21c
Added missing pipe
2017-03-13 19:55:00 +01:00
Michael Boelen
b67d9233eb
Added more logging
2017-03-13 19:53:56 +01:00
Michael Boelen
e4474320ee
[PKGS-7387] check all repositories for usage of gpg signing
2017-03-13 19:47:06 +01:00
Michael Boelen
cd63e2389e
[FILE-7524] Do not show missing files or paths by default
2017-03-13 16:26:26 +01:00
Michael Boelen
4be6b958e4
[MALW-3280] added Avira detection
2017-03-13 15:51:13 +01:00
Michael Boelen
6083f6d9ff
[SCHD-7704] permission checks and minor code cleanups
2017-03-13 12:00:27 +01:00
Michael Boelen
320a397772
[TIME-3104] Test permissions before opening files
2017-03-13 11:59:05 +01:00
Michael Boelen
7d17bfbbd7
Escape file when needed to test if it is readable
2017-03-13 11:57:23 +01:00
noci2012
ad779f29eb
Added new php paths ( #369 )
...
removed php5.4, added 7.0 and 7.1 and the flavours that are known on gentoo
(apache2, cgi, cli, embed, fpm)
2017-03-13 09:50:09 +00:00
Michael Boelen
de84454d3f
Cleanup
2017-03-12 19:27:16 +01:00
Michael Boelen
b66e1402df
Support for Manjaro Linux
2017-03-12 19:27:04 +01:00
Michael Boelen
814f2355ca
[NAME-4018] only perform test when /etc/resolv.conf exists
2017-03-12 17:01:58 +01:00
Michael Boelen
c2b7c76f97
Mark OS version of Arch Linux as rolling release
2017-03-12 16:42:44 +01:00
Michael Boelen
78b6a6b49f
Remove lines related to report
2017-03-12 16:37:43 +01:00
Michael Boelen
88b37d16ca
Added FileInstalledByPackage function
2017-03-12 16:36:02 +01:00
Michael Boelen
32b9af0767
[CRYP-7902] Test certificates with extension crt and pem, only if not part of a package
2017-03-12 16:35:50 +01:00
Michael Boelen
a70cfd0a70
Improve message
2017-03-09 12:32:32 +01:00
Michael Boelen
bb83598ff1
[DBS-1882] include redis.conf
2017-03-09 12:28:05 +01:00
Michael Boelen
336dcb4811
[PKGS-7381] Enhanced FreeBSD pkg audit testing
2017-03-09 12:27:38 +01:00
Michael Boelen
e082b8af08
Updated log
2017-03-08 21:19:20 +01:00
Michael Boelen
658bbc6eba
Rename host_alias to hostname_alias
2017-03-08 20:16:00 +01:00
hlein
62d9a18861
A bunch of Solaris compatibility tweaks ( #367 )
...
* Work around Solaris' /bin/sh not being POSIX.
If /usr/xpg4/bin/sh is present, we are (definitely?) on Solaris or
a derivative, and /bin/sh cannot be trusted to support POSIX, but
/usr/xpg4/bin/sh can be. Exec it right away.
* Work around Solaris 'which' command oddity.
Solaris' (at least) 'which' command outputs not-found errors to STDOUT
instead of STDERR.
This makes "did we get any output from which" checks insufficient;
piping to grep -v the "no foo in ..." message should work.
Note that this patch set includes all such uses of which that I could
find, including ones that should never be reached on Solaris (i.e. only
executed on some other OS) just for consistency.
* Improved alternate-sh exec to avoid looping.
* Solaris' /usr/ucb/echo supports -n.
* Check for the best hash type that openssl supports.
When using openssl to generate hashes, do not assume it supports
sha256; try that, then sha1, then give up and use md5.
* Solaris does not support sed -i; use a tempfile.
* Use the full path for modinfo.
When running as non-root, /usr/sbin/ might not be in PATH.
include/tests_accounting already calls modinfo by full path, but
include/tests_kernel did not.
* Solaris find does not support -maxdepth.
This mirrors the logic already in tests_homedirs.
* Use PSBINARY instead of ps.
* Work around Solaris' date not supporting +%s.
Printing nawk's srand value is a bizarre but apparently once popular
workaround for there being no normal userland command to print
UNIX epoch seconds. A perl one-liner is the other common approach,
but nawk may be more reliably present on Solaris than perl.
* Revert to using sha1 for HOSTID.
* Whitespace cleanup for openssl hash tests.
2017-03-08 16:24:24 +00:00
hlein
e054e9757c
Lots of cleanups ( #366 )
...
* Description fix: SafePerms works on files not dirs.
All uses of SafePerms are on files (and indeed, it would reject
directories which would have +x set).
* Lots of whitespace cleanups.
Enforce everywhere(?) the same indentations for if/fi blocks.
The standard for the Lynis codebase is 4 spaces. But sometimes
it's 1, sometimes 3, sometimes 8.
These patches standardize all(?) if blocks but _not_ else's (which
are usually indented 2, but sometimes zero); I was too lazy to
identify those (see below).
This diff is giant, but should not change code behavior at all;
diff -w shows no changes apart from whitespace.
FWIW I identified instances to check by using:
perl -ne 'if ($oldfile ne $ARGV) { $.=1; $oldfile=$ARGV; }; chomp; if ($spaces) { next unless /^( *)([^ ]+)/; $newspaces=length($1); $firsttok = $2; next unless defined($firsttok); $offset = ($firsttok eq "elif" ? 0 : 4); if ($newspaces != $spaces + $offset) { print "$ARGV:$ifline\n$ARGV:$.:$_\n\n" }; $ifline=""; $spaces=""; } if (/^( *)if (?!.*[; ]fi)/) { $ifline = "$.:$_"; $spaces = length($1); }' $(find . -type f -print0 | xargs -0 file | egrep shell | cut -d: -f1)
Which produced output like:
./extras/build-lynis.sh:217: if [ ${VERSION_IN_SPECFILE} = "" -o ! "${VERSION_IN_SPECFILE}" = "${LYNIS_VERSION}" ]; then
./extras/build-lynis.sh:218: echo "[X] Version in specfile is outdated"
./plugins/plugin_pam_phase1:69: if [ -d ${PAM_DIRECTORY} ]; then
./plugins/plugin_pam_phase1:70: LogText "Result: /etc/pam.d exists"
...There's probably formal shellscript-beautification tools that
I'm oblivious about.
* More whitespace standardization.
* Fix a syntax error.
This looks like an if [ foo -o bar ]; was converted to if .. elif,
but incompletely.
* Add whitespace before closing ].
Without it, the shell thinks the ] is part of the last string, and
emits warnings like:
.../lynis/include/tests_authentication: line 1028: [: missing `]'
2017-03-07 19:23:08 +00:00
Jean Prat
a53cb004fa
umask can be 0027 or 0077 ( #364 )
...
* umask can be 0027 or 0077
* Readme update
2017-03-06 14:41:11 +00:00
hlein
b595cc0fb5
Various cleanups ( #363 )
...
* Typo fix.
* Style change: always use $(), never ``.
The Lynis code already mostly used $(), but backticks were sprinkled
around. Converted all of them.
* Lots of minor spelling/typo fixes.
FWIW these were found with:
find . -type f -print0 | xargs -0 cat | aspell list | sort -u | egrep '^[a-z]+$' | less
And then reviewing the list to pick out things that looked like
misspelled words as opposed to variables, etc., and then manual
inspection of context to determine the intention.
2017-03-06 07:41:21 +00:00
Michael Boelen
b0cde02c71
Code enhancements and allow host alias to be defined in profile
2017-03-05 20:45:13 +01:00
Michael Boelen
44f5209cb9
Add description of CheckItem
2017-03-05 15:12:01 +01:00
Michael Boelen
89c3e449ad
[BOOT-5104] added initsplash and code enhancements
2017-03-05 13:13:20 +01:00
Michael Boelen
295fe93ca6
[FILE-6372] Properly deal with comments in /etc/fstab
2017-03-01 16:11:17 +01:00
Michael Boelen
d15ba9607f
[SSH-7408] Corrected variable and allow a few more retries to prevent issues with public key authentication
2017-03-01 16:07:32 +01:00
Mark Janssen
339ddfea83
Add /usr/local/etc/zend/php.ini as possible php path ( #360 )
...
Thanks, merging!
2017-03-01 14:31:20 +00:00
Michael Boelen
03fd94aafa
Code cleanups and removed 'lynis update release' command
2017-03-01 15:27:02 +01:00
Michael Boelen
9cf25723e0
[AUTH-9308] Test for tilde in inittab for Debian systems
2017-02-28 20:18:47 +01:00
Michael Boelen
5668f7bed1
Corrected variable for data uploads
2017-02-28 20:17:49 +01:00
Michael Boelen
ed52d0dd41
New test and reduction of output on screen
2017-02-28 20:17:01 +01:00
Michael Boelen
b2f13a2f92
[TIME-3148] new test for TZ variable
2017-02-22 15:06:19 +01:00
Michael Boelen
1c59bfd6f1
Set correct variable for data upload mode
2017-02-21 15:40:49 +01:00
Michael Boelen
a19a34cbf3
Allow data uploads to be configured in profile
2017-02-21 15:40:06 +01:00
ryneeverett
f5d70a6889
Match for sulogin fails to detect inittab entry ( #356 )
...
A valid inittab entry was missed. Gentoo delivers an inittab
containing su1:S:wait:/sbin/sulogin
2017-02-21 14:26:32 +00:00
alobodzinski
08b6a40751
MAIL-8818: $LINUX_VERSION is not set on every OS ( #357 )
2017-02-21 14:25:48 +00:00
Michael Boelen
2d8b06678f
[TIME-3116] skip stratum 16 items for time pools
2017-02-18 14:28:56 +01:00
Michael Boelen
8d6bc1ad21
Allow colored output to be configured from profile
2017-02-16 10:27:54 +01:00
Michael Boelen
a817bf2f1b
[SSH-7408] allow filtering for multiple options and new SSH value for PermitRootLogin
2017-02-15 13:14:54 +01:00
Michael Boelen
0209c6ce90
[AUTH-9208] Remove double logging
2017-02-14 20:18:37 +01:00
Michael Boelen
f7478bc9e0
Unique sort of systemctl unit files
2017-02-14 20:15:00 +01:00
Michael Boelen
38af9121ea
Properly detect SSH version
2017-02-14 20:10:42 +01:00
Michael Boelen
ea16e798ee
Grammar fix
2017-02-14 20:05:45 +01:00
Michael Boelen
30d9c2b72d
[FIRE-4512] lowered number of minimum rules
2017-02-14 16:19:44 +01:00
Michael Boelen
c0e604c059
[HRDN-7222] changed reporting key
2017-02-14 15:08:55 +01:00
Michael Boelen
a7dd733dc0
Improve logging for group checks
2017-02-11 21:25:25 +01:00
Michael Boelen
36f7bcbf1c
Rename authentication to authorization
2017-02-10 17:18:23 +01:00
Michael Boelen
a8c021dd9c
Status of MongoDB instances
2017-02-10 13:07:53 +01:00
Michael Boelen
2cc3f889c8
[DBS-1818] MongoDB status
2017-02-10 13:07:30 +01:00
Michael Boelen
9c71f6061d
Check for pgrep binary
2017-02-10 12:58:59 +01:00
Michael Boelen
d27c1eda84
[DBS-1820] Test for MongoDB authentication
2017-02-10 12:58:47 +01:00
Michael Boelen
bfbe35055a
[FIRE-4586] escape search string
2017-02-10 11:14:01 +01:00
Michael Boelen
34ba1ba184
Changed date and preparing for release
2017-02-09 13:35:40 +01:00
Michael Boelen
a7409568c9
Updated commands
2017-02-05 21:08:08 +01:00
Michael Boelen
bbe95bb0ff
Check for OS name in Postfix banner
2017-01-28 15:48:26 +01:00
Michael Boelen
551f89c63b
Log weak banner and code enhancements
2017-01-28 15:47:47 +01:00
Michael Boelen
57dd96f6c6
Added support for iptables-save
2017-01-28 15:46:56 +01:00
Michael Boelen
103ed2afb3
Added FIRE-4586
2017-01-28 15:46:42 +01:00
Michael Boelen
ed45fe7b29
Use the data from machine ID when no SSH keys are available
2017-01-28 12:11:38 +01:00
Michael Boelen
670b18b6f5
Strip out any comments at end of nginx configuration lines
2017-01-27 14:36:55 +01:00
Michael Boelen
d4f4c2d785
Added support for Trend Micro and Cylance (macOS)
2017-01-24 20:01:22 +01:00
Michael Boelen
338edb4971
Add stderr for other network tests
2017-01-24 19:30:17 +01:00
Michael Boelen
d2a80ed789
Add stderr for NETW-3004
2017-01-24 19:28:06 +01:00
Andres Gomez Casanova
145e1164be
Variable name in reportWarning function ( #342 )
...
* Variable name
* Update functions
* Update functions
2017-01-16 11:03:07 +00:00
pyllyukko
d25dcd09ef
Set MAC_FRAMEWORK_ACTIVE=1 if grsecurity's RBAC is enabled ( #348 )
...
* Look for gradm utility
* Set MAC_FRAMEWORK_ACTIVE=1 if grsec's RBAC is enabled
2017-01-16 11:02:03 +00:00
Michael Boelen
e483d69050
Solved error on AIX
2016-12-02 20:48:37 +01:00
Michael Boelen
aadd58e6a6
Allow option to configure host IDs via profile
2016-12-02 13:19:29 +01:00
Michael Boelen
c6f80c0a90
Improve output of report
2016-11-20 16:23:25 +01:00
Michael Boelen
e7938c19e6
[KRNL-5830] Improved logging
2016-11-20 16:23:17 +01:00
Michael Boelen
d7ed46ae9e
[KRNL-5788] Remove exception, style improvements
2016-11-20 16:16:02 +01:00
Michael Boelen
f16325ff55
Only show non-privileged tests that were skipped if they are applicable to our platform
2016-11-19 15:38:32 +01:00
Zach Crownover
659d3e42c5
Improve DragonFly support ( #329 )
...
* Update facter location for BSDs
BSDs tend to place third party binaries in /usr/local rather than /usr
* Add support for DragonFly boot loader detection
DragonFly BSD has the same file paths for the bootloader as FreeBSD
* Add kernel module checking for DragonFly
DragonFly BSD checks kernel modules the same way as FreeBSD
* Add DragonFly check for login shells
DragonFly's login files are the same as FreeBSD's
* Add HAMMER PFS Detection
All PFS mounts in HAMMER systems for DragonFly will be detected now
2016-11-19 12:39:57 +00:00