tyler.durden
/
lynis
mirror of https://github.com/CISOfy/lynis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
1,642 Commits 2 Branches 63 Tags 18 MiB
Commit Graph

1149 Commits

Author SHA1 Message Date
afa- 4e139f4d71 Check for arpon as ARP monitoring software (#267) 2016-08-29 19:31:17 +02:00
alobodzinski 639c5adc72 Fixed cut-and-paste error (#265) 2016-08-29 19:31:06 +02:00
Mark Ruys e6a829b6ed GlusterFS mounts are nodev and nosuid by default, and are invalid mount options. So ignore GlusterFS mount points. (#268) 2016-08-29 19:30:48 +02:00
Michael Boelen 1ea2578494 Split of Docker tests 2016-08-29 19:26:35 +02:00
Michael Boelen facb68bc32 Added base64 binary 2016-08-29 10:06:41 +02:00
Michael Boelen a425e9b0a1 Added 'details' to help 2016-08-26 14:08:24 +02:00
Michael Boelen fdf3ded89f New command 'lynis show details' to display test details 2016-08-26 14:05:20 +02:00
Michael Boelen 8de53d87be Added missing dollar sign 2016-08-26 11:59:51 +02:00
Michael Boelen 679e8c628e Use detected binaries 2016-08-25 15:31:33 +02:00
Michael Boelen a6b04a3ace Added sort to list of binaries 2016-08-25 15:30:25 +02:00
Michael Boelen 2f4d65b831 Style changes 2016-08-25 15:25:51 +02:00
Michael Boelen dfb025a863 [AUTH-9204] style changes and add data to report 2016-08-25 15:18:44 +02:00
Michael Boelen cc5142329b [FILE-6362] added details 2016-08-24 11:37:25 +02:00
Michael Boelen e3af7c3727 [DBS-1816] Set skip reason variable 2016-08-24 11:36:51 +02:00
Michael Boelen 5ab139931d [FILE-6362] optimized test, style, removed warning 2016-08-24 11:36:16 +02:00
Michael Boelen c11f7fc1ce Do not show update message when using 'show' helper 2016-08-23 20:21:26 +02:00
Michael Boelen b85c782fae Added LOGG-2192 test 2016-08-22 12:21:43 +02:00
Michael Boelen c061d31bde Change text of AppArmor test and add more details to report 2016-08-22 12:12:38 +02:00
Michael Boelen b01c801a39 Added aliases for --tests-from-group 2016-08-18 22:00:05 +02:00
Michael Boelen 7744aa87ad [BOOT-5108] Support for Syslinux bootloader 2016-08-18 15:31:51 +02:00
Michael Boelen 8fcc2d7e12 [LOGG-2190] ignore files in /tmp caused by early MySQL 5.x releases 2016-08-18 15:25:57 +02:00
Eric Light b1bf319f18 Filter out open+deleted files held by MySQL <5.6 (#210) 
Resolves #209
 2016-08-18 15:09:59 +02:00
Michael Boelen d95ab3d253 Support sysctl checks with multiple profiles 2016-08-18 14:35:20 +02:00
cnrat 4368b59a1d Fix FILE-6344 bug (#263) 
The result of mount command returns like
/proc on /proc type proc (rw,hidepid=2)

Witch means the regular expression should be '^/proc' not '^proc' or you can grep nothing. :P
 2016-08-18 11:48:45 +02:00
Michael Boelen 0050c993f8 [FILE-6374] Improved logging 2016-08-17 11:54:57 +02:00
Michael Boelen 315c619825 [KRNL-5830] Improved logging 2016-08-17 11:49:02 +02:00
Michael Boelen 0dab1e9308 Allow multiple level of includes 2016-08-16 08:36:42 +02:00
Michael Boelen 4b96452dab Clean out unneeded file 2016-08-16 08:11:51 +02:00
Michael Boelen 1b30f6e558 Extended nginx testing 2016-08-16 08:08:15 +02:00
Michael Boelen 2bbc17868d Added --bin-dirs option 2016-08-16 08:07:52 +02:00
Michael Boelen c730a3185e Add StoreNginxSettings function to store parsed nginx configuration 2016-08-16 08:07:08 +02:00
Michael Boelen a0e289d73f Replace / with root directory 2016-08-15 20:00:54 +02:00
Michael Boelen 242f91ab97 Added --rootdir for forensics 2016-08-15 19:50:52 +02:00
Michael Boelen bf7b8ab44e Changed text for Redis test 2016-08-14 20:43:05 +02:00
Michael Boelen db88216326 Define Redis (server) running status in report 2016-08-13 17:05:38 +02:00
Michael Boelen 05585fab62 Add support for multiple Redis configuration files and permission check 2016-08-13 17:03:36 +02:00
Michael Boelen e06db1477d Add notebook hardware detection 2016-08-13 16:38:07 +02:00
Michael Boelen 67a636f351 Merge branch 'master' of https://github.com/CISOfy/lynis 2016-08-13 11:19:15 +02:00
Michael Boelen a928d57804 Add more details to report 2016-08-13 11:18:34 +02:00
Michael Boelen 1ae7028982 Add details on why a test is skipped 2016-08-13 11:17:01 +02:00
Michael Boelen 89cb348950 Variable for reason why tests are skipped 2016-08-13 11:16:37 +02:00
Michael Boelen bc87855b6f Aligning of code 2016-08-13 11:16:08 +02:00
Michael Boelen ed9c6190a7 Corrected setting display for show-tool-tips 2016-08-13 11:15:48 +02:00
Michael Boelen e0f50e9e25 Always register strict code checking in settings 2016-08-13 11:13:44 +02:00
Michael Boelen 075a69e125 Extended example 2016-08-13 10:48:35 +02:00
Michael Boelen d5a5cc3173 Allow logging a custom reason to skip a test 2016-08-13 10:16:15 +02:00
Michael Boelen 6fde12e579 Extended details for Redis tests 2016-08-13 10:06:34 +02:00
Michael Boelen f4ed6f11df Adjusted setting in registration 2016-08-13 10:06:09 +02:00
Michael Boelen 75d7c5dad6 Show logging of tests that have incorrect OS 2016-08-13 10:03:33 +02:00
Michael Boelen e691cb9faf Added aliases for several settings 2016-08-13 09:53:14 +02:00
Michael Boelen b90ce88b36 Added comment to debug setting 2016-08-13 09:51:02 +02:00
Michael Boelen bcf69503bc Added more aliases 2016-08-13 09:48:56 +02:00
Michael Boelen 2767cc2915 Added connections-max-wait-state setting alias 2016-08-13 09:47:50 +02:00
Michael Boelen bcfdcc2b97 Add show-report-solution setting 2016-08-13 09:45:38 +02:00
Michael Boelen 4eafdb6c85 [HRDN-7230] extended test and style change 2016-08-13 09:30:16 +02:00
erialor 32320b5575 Update tests_php (#261) 
Adding PHP5.6
 2016-08-12 19:14:09 +02:00
Michael Boelen 889a57fc03 Added DBS-1888 to test for Redis bound to localhost 2016-08-12 09:57:03 +02:00
Michael Boelen 1a6da63427 Added DBS-1886 to find renamed CONFIG command in Redis 2016-08-12 09:53:28 +02:00
Michael Boelen c761fe8106 Redefined test with requirepass option 2016-08-12 09:46:13 +02:00
Michael Boelen 30cb17cbc4 Added Redis tests DBS-1882 and DBS-1884 2016-08-11 19:56:33 +02:00
Michael Boelen aaa89fc6ce Set initial root directory to '/' 2016-08-11 19:55:29 +02:00
Michael Boelen 300ab03abc Improved SearchItem function and allow masking of sensitive details 2016-08-11 19:52:15 +02:00
Michael Boelen fa8826f59a Corrected text 2016-08-11 19:29:57 +02:00
Michael Boelen e78e7801ab Allow ExitFatal with text and test for input file on other tests 2016-08-11 19:03:01 +02:00
Michael Boelen bba7cfe200 Add return value to SearchItem() function 2016-08-11 18:46:17 +02:00
Michael Boelen 4f72cdf711 Mark VM type as OpenStack 2016-08-11 10:01:57 +02:00
Michael Boelen e176011912 Allow repository update to be disabled 2016-08-11 10:01:29 +02:00
Liao Tonglang b1c432c3e0 Make IsVirtualMachine detect centos6.8 on openstack (#258) 
These function made mistake in centos 6.8 virtual machine. Only dmicecode work
on these environment and it return Openstack Nova. A openstack case is needed
in codes that check $SHORT codes.
 2016-08-11 09:41:07 +02:00
Michael Boelen f9b2993f35 Removed unneeded field 2016-08-10 07:24:10 +02:00
Michael Boelen fc2d9b935c Removed unneeded field for warnings and suggestions 2016-08-10 07:13:38 +02:00
Michael Boelen 0115695d61 Removed unneeded field for warnings and suggestions 2016-08-10 07:13:33 +02:00
Michael Boelen 621e732797 Removed unneeded field for warnings and suggestions 2016-08-10 07:13:27 +02:00
Michael Boelen 3773e91597 Removed unneeded field for warnings and suggestions 2016-08-10 07:13:19 +02:00
Michael Boelen c3d438272f Removed unneeded field for warnings and suggestions 2016-08-10 07:13:10 +02:00
Michael Boelen 6392bc08d1 Removed unneeded field for warnings and suggestions 2016-08-10 07:13:04 +02:00
Michael Boelen b2ee2ffff1 Removed unneeded field for warnings and suggestions 2016-08-10 07:12:58 +02:00
Michael Boelen 3c4aee1358 Removed unneeded field for warnings and suggestions 2016-08-10 07:12:54 +02:00
Michael Boelen 74a11c97e7 Removed unneeded field for warnings and suggestions 2016-08-10 07:12:46 +02:00
Michael Boelen f14072d216 Removed unneeded field for warnings and suggestions 2016-08-10 07:12:41 +02:00
Michael Boelen dddfbdcb0a Removed unneeded field for warnings and suggestions 2016-08-10 07:12:35 +02:00
Michael Boelen 1715a1e2b5 Removed unneeded field for warnings and suggestions 2016-08-10 07:12:29 +02:00
Michael Boelen 387df54859 Removed unneeded field for warnings and suggestions 2016-08-10 07:12:22 +02:00
Michael Boelen d719706ecd Merge branch 'master' of https://github.com/CISOfy/lynis 2016-08-09 15:16:24 +02:00
Michael Boelen f434432954 [AUTH-9328] Test /etc/profile.d first for customizations of umask 2016-08-06 10:13:33 +02:00
alobodzinski 1d63d89dfd OS_KERNELVERSION_FULL is set only on Linux, OS_KERNELVERSION is not set on AIX, HP-UX, and Solaris (#254) 
Set initial values
 2016-08-04 14:24:44 +02:00
Michael Boelen 8a67003c0d Show --log-file on its own line 2016-08-02 15:50:17 +02:00
Michael Boelen 3c46482a9e Readability and style improvements 2016-07-31 21:20:38 +02:00
Michael Boelen 9874530615 Override reading of files when we are root 2016-07-31 21:18:56 +02:00
Michael Boelen 290252b764 [AUTH-9212] Added prerequisite to log 2016-07-31 21:15:31 +02:00
Michael Boelen d8ab98b845 [KRNL-5830] ignore rescue image for kernels 2016-07-31 21:09:05 +02:00
Michael Boelen 6283b9a7dd Code cleanup 2016-07-31 21:04:07 +02:00
Michael Boelen 1d2405cdaa Improve logging 2016-07-31 20:58:29 +02:00
Michael Boelen 039a829457 Style and readability improvements 2016-07-31 17:35:35 +02:00
Michael Boelen 66a871a07a Added missing dollar 2016-07-31 17:28:55 +02:00
Michael Boelen 9ae1aa749d Properly replace setting gathered from profiles 2016-07-31 17:18:36 +02:00
Michael Boelen ff38336e0b [KRNL-5830] Readability and style improvements 2016-07-31 16:28:17 +02:00
Michael Boelen 0993c0a13b Style and readability improvements 2016-07-31 15:58:20 +02:00
Michael Boelen 2fe1819c35 [PKGS-7383] Simplified test 2016-07-31 15:51:34 +02:00
Michael Boelen 1e62769ce0 [MAIL-8818] Style and refactoring 2016-07-31 15:43:06 +02:00
Michael Boelen 5e2f6d256b Removed word 'checking' from several tests' and style improvements 2016-07-31 13:53:26 +02:00
Michael Boelen 6426ce68c0 [AUTH-9216] Simplified test and make it more efficient 2016-07-31 13:45:21 +02:00
Michael Boelen 2b4d7a1e85 [AUTH-9218] Clean ups and improve readability 2016-07-31 13:34:17 +02:00
Michael Boelen 23e400ea9e More style and text changes, and removed warning 2016-07-31 13:29:23 +02:00
Michael Boelen 1b3cdb9883 [AUTH-9226] Style, text, and removed warning 2016-07-31 13:25:35 +02:00
Michael Boelen aad8d89bf8 [AUTH-9228] Provide just an suggestion instead of warning 2016-07-31 13:23:09 +02:00
Michael Boelen 8ee6cb42a3 DisplayError can now use an optional exit code to quit the program 2016-07-31 11:46:41 +02:00
beelsr 4143cd69b5 fix yum gpgenabled check to allow spaces around = (#247) 
Issue 245

yum.conf allows an arbitrary number of spaces to surround the equals assignment.
 2016-07-30 17:14:51 +02:00
Michael Boelen 15e364eae6 Initialize variable and unset at end 2016-07-30 16:41:57 +02:00
Michael Boelen 95b24f074f Initialize variables and style improvements 2016-07-30 16:41:34 +02:00
Michael Boelen 4faaa10a8c Initialize variables and cleanup 2016-07-30 16:41:11 +02:00
Michael Boelen cfdc8228fd [PKGS-7388] Readability improvements and initialization 2016-07-30 16:40:44 +02:00
Michael Boelen d776c30b06 [AUTH-9406] - Readability and code style changes 2016-07-30 16:08:45 +02:00
Michael Boelen 6375953b26 [PHP-2211] - Readability improvement and code style changes 2016-07-30 16:03:35 +02:00
Michael Boelen c74c572422 [FILE-6332] Enable testing for UUID usage with blkid command 2016-07-30 14:10:29 +02:00
Michael Boelen 220476d955 Test for blkid binary 2016-07-30 14:09:44 +02:00
Michael Boelen 9b9a97bceb [DBS-1880] Corrected variable name and style 2016-07-30 14:03:28 +02:00
Michael Boelen c8096dd06c Only show number of running containers when there are any 2016-07-30 14:01:36 +02:00
Michael Boelen 7670560c2a [HTTP-6720] Improve readability of test 2016-07-30 13:55:10 +02:00
Michael Boelen 0ec7f45f05 [AUTH-9268] Improve readability of test 2016-07-30 13:54:04 +02:00
Michael Boelen 0e18551b2c Catting of changelog removed 2016-07-30 13:48:22 +02:00
Michael Boelen b5408e50df Removed unneeded spacing instructions 2016-07-30 13:46:04 +02:00
Michael Boelen a5baafca02 Determine if all Docker tests should be executed, depending on exit code 2016-07-30 13:23:27 +02:00
Liao Tonglang 3fdb949152 Fix description of CheckFilePermissions (#243) 
* Fix description of CheckFilePermissions 

"Adds a system to a group, which can be used for categorizing" should belong to 
AddSystemGroup but not CheckFilePermissions

* make description of IsVirtualMachine right

"Check if a specific item exists in the report" should no be the description of IsVirtualMachien, change it.
 2016-07-30 12:08:43 +02:00
Michael Boelen f1dc6be5bf Start of refactor fail2ban tests and splitting them into different test areas 2016-07-30 12:06:30 +02:00
Michael Boelen af999d3207 Allow strict code checking for developers 2016-07-28 11:39:10 +02:00
Michael Boelen db5d825701 Check for number of arguments 2016-07-28 11:10:59 +02:00
Michael Boelen 22f99ede81 Check for number or arguments on ReportSuggestion and ReportWarning 2016-07-28 11:06:46 +02:00
Michael Boelen 052350feb4 [FINT-4402] Use correct variable 2016-07-28 10:38:10 +02:00
Michael Boelen 4e3de865ac Extended examples 2016-07-27 13:40:19 +02:00
Michael Boelen 17ab4708ec Removed --info from options, as it has been replaced with 'lynis update info' 2016-07-27 12:17:18 +02:00
Michael Boelen ff3f13cdd0 Make Lynis run in quick mode by default 2016-07-27 12:14:25 +02:00
Michael Boelen abf34b56b6 Rephrase suggestion 2016-07-27 09:55:06 +02:00
Michael Boelen f9a4348f10 Uppercase tests: detect them properly as atomic tests. 2016-07-26 16:01:38 +02:00
Michael Boelen d23e4b0fa5 Changed header and footer of screen output 2016-07-26 16:00:36 +02:00
Michael Boelen 2d2398714a More spacing in report 2016-07-26 15:33:52 +02:00
Michael Boelen 64075a8497 Replaced function with generic echo, as functions are not available yet 2016-07-26 15:20:18 +02:00
atao60 0b5b4a47a3 Display function creates wrong indentation of result column (#237) 2016-07-26 15:00:05 +02:00
Michael Boelen 532e242a2f Style changes 2016-07-26 14:58:04 +02:00
Michael Boelen 019203e7e8 Typo fix 2016-07-26 14:35:47 +02:00
n[oO]ne 7dbe80c7a4 Make time test 3106 work again (#239) 
There was a little typo in the test
 2016-07-25 09:59:41 +02:00
Michael Boelen 37763dcf4f [DBS-1880] Detection for redis 2016-07-24 19:46:45 +02:00
Michael Boelen 6d6cd79a82 Improve detection and display of gzipped changelog 2016-07-24 17:54:59 +02:00
Michael Boelen 773c410a02 Update remaining items for categories and groups 2016-07-24 17:24:09 +02:00
Michael Boelen 2f4c854ba7 Rename of categories, introduction of groups 2016-07-24 17:22:00 +02:00
Michael Boelen ee9d7963e7 Add 'lynis show changelog' to display release details 2016-07-24 15:40:55 +02:00
Michael Boelen 9a2dcc9dec Add DisplayError for showing errors on screen 2016-07-24 13:11:32 +02:00
Michael Boelen 65eaeb7ce9 Add header as color 2016-07-24 13:05:36 +02:00
Michael Boelen c1d351fe32 Add bold as color 2016-07-24 11:43:18 +02:00
Michael Boelen 64348b772c Add category and display more details about tests 2016-07-24 11:42:50 +02:00
Michael Boelen ccb39d5e52 [PHP-2374] Changed text and cleanups 2016-07-22 15:46:25 +02:00