tyler.durden
/
lynis
mirror of https://github.com/CISOfy/lynis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
2,838 Commits 2 Branches 63 Tags 18 MiB
Commit Graph

1893 Commits

Author SHA1 Message Date
Michael Boelen efc591c791
Merge pull request #846 from Skactor/patch-2 
Update tests_shells
 2020-03-11 15:52:33 +01:00
Michael Boelen 73491ec850
Merge pull request #843 from Skactor/patch-1 
Update tests_ports_packages
 2020-03-10 15:21:08 +01:00
Nicolas CARPi 600cb84310 Use a POSIX implementation to check for substring 
This works with all shells, even busybox.
 2020-03-05 21:42:54 +01:00
Nicolas CARPi 0593c69f2f Skip the PHP cli configuration file when looking for expose_php 
The expose_php configuration option is only relevant for non-cli PHP and
thus lynis should not look for it in config files that are for cli

Fix #849
 2020-03-05 00:53:27 +01:00
Michael Boelen 3f883106c9
Merge pull request #840 from deltablot/ssh 
Remove the test for ssh config VerifyReverseMapping
 2020-03-04 19:36:56 +01:00
Michael Boelen 28bd36d9c6
Added Fedora 2020-03-04 15:09:10 +01:00
Michael Boelen c0158da38e
Corrected test ID 2020-03-04 15:04:54 +01:00
Michael Boelen 5faf69af16
Code enhancement to avoid repetition 2020-03-04 15:02:39 +01:00
Michael Boelen 6e5f638640
Merge pull request #852 from craigcomstock/pureos 
Added detection of PureOS in /etc/os-release
 2020-03-04 14:58:59 +01:00
Michael Boelen e008907ff1
Remove 's' from word 'colours' 2020-03-04 14:51:13 +01:00
Michael Boelen b011b7a8d5
Merge pull request #850 from gcsgithub/soerelease 
Soerelease
 2020-03-04 14:48:19 +01:00
Craig Comstock 22ceeaa926
Added detection of PureOS in /etc/os-release 2020-03-03 13:56:33 -06:00
Mark Garrett 0cd256372c fix whitespace 2020-03-01 10:31:52 +11:00
Mark Garrett b2f676da7b allow for correct spelling for colour should drop the s from colours but didnt 2020-03-01 10:19:33 +11:00
Mark Garrett 30b1e4170b macosx add Catalina 10.15 2020-03-01 10:18:33 +11:00
Skactor fc7c5fb723
Update tests_shells 
Write function as variable due to careless error
 2020-02-25 15:48:55 +08:00
maczniak d8a3bc8afa fix CISOfy/lynis#844 2020-02-24 23:17:09 +09:00
Skactor 35e568e695
Update tests_ports_packages 
Incorrect constant name spelling
 2020-02-24 20:44:05 +08:00
Kevin 42b2831f75 add basic xbps/void support 2020-02-21 08:06:24 +01:00
Nicolas CARPi 91ad10d464 Remove the test for ssh config VerifyReverseMapping 
This option is deprecated since 2003. Having it in a config file raises
a warning and UseDNS (that is on by default) includes the
VerifyReverseMapping check.

See
3a961dc0d3

See #528
 2020-02-18 22:19:45 +01:00
Michael Boelen 3bbe34ea73
[CRYP-8004] enhanced after pulling in initital test 2020-02-15 14:09:56 +01:00
Michael Boelen 5ca8baf7a8
[USB-2000] improved testing for USB devices and filtering out possible incorrect state 2020-02-15 14:09:23 +01:00
Michael Boelen af70303aeb
Set preferred option to skip plugin executiont o --no-plugins, as that is more in line with the other 'no' options 2020-02-14 11:49:32 +01:00
Michael Boelen 3f834e6ad5
Merge pull request #821 from pyllyukko/CRYP-8004 
Added CRYP-8004
 2020-02-13 13:40:10 +01:00
Sascha Holzleiter 530ad1ef75 NETW-3014: Report correct promisc interface 2020-01-28 21:29:34 +01:00
Kristian Schuster 79a29381a4
restructered test and fixed vmlinuz detection 2020-01-26 19:13:26 +01:00
gfelkel 5bce9d598c
AUTH-9228 for HP-UX 
HP-UX also has /usr/sbin/pwck. For trusted systems, two additional options -s (check inconsistencies with the protected password database) and -l (check encrypted password lengths that are greater than 8 characters) are available.
 2020-01-23 13:30:46 +01:00
gfelkel d3287bd7ef
FILE-6310 for HP-UX 
HP-UX: /usr/sbin/mount reports "/home on /dev/…", so $1 has to be used
 2020-01-22 16:31:49 +01:00
Michael Boelen a7b48e40b0
[NETW-3015] check for promiscuity value that is higher than 0 instead of just 1 2020-01-11 11:31:40 +01:00
Michael Boelen 232b1cdc3f
[KRNL-5820] allow dash to define hard/soft value 2020-01-11 11:27:37 +01:00
pyllyukko 618a843017
KRNL-5788 in Raspi: don't complain about missing /vmlinuz 
The Raspberry Pi kernels reside within raspberrypi-kernel package[1].

[1] https://www.raspberrypi.org/documentation/linux/kernel/updating.md
 2020-01-07 22:27:27 +02:00
pyllyukko 40acdc111d
Added CRYP-8004 2020-01-06 21:22:00 +02:00
Michael Boelen b7da40c6ae
[KRNL-5830] derive kernel version from filename after obtaining symlink target 2019-12-23 15:41:26 +01:00
Michael Boelen ab4291242d
[KRNL-5830] check for symlink 2019-12-23 15:36:26 +01:00
Michael Boelen e5091772c5
Removed -o which had no purpose 2019-12-23 13:59:06 +01:00
Michael Boelen 35d248b74c
[FILE-6430] minor code improvements and show suggestion with more details 2019-12-18 19:20:48 +01:00
Michael Boelen cb59e92441
[MALW-3280] Added support for falcon-sensor by CrowdStrike 2019-12-18 12:22:51 +01:00
Michael Boelen 09f29a5e64
Code style improvement: quote argument 2019-12-18 12:17:46 +01:00
Michael Boelen 94ba30e765
[INSE-8050] corrected function call for showing suggestion 2019-12-18 12:04:32 +01:00
Michael Boelen c4b24c48a9
[INSE-8314] changed text of suggestion 2019-12-18 12:01:32 +01:00
Michael Boelen 2dfb901bcb
[PKGS-7410] Use multiple package managers when they are available on system. Also added support for Zypper for this test 2019-12-17 08:23:12 +01:00
Michael Boelen 11f8ce2361
[KRNL-5830] Use symlink, only test for 'version' keyword if needed, adjusted exception message 2019-12-17 08:03:51 +01:00
Michael Boelen 4e255617d3
[KRNL-5830] Fetch target for symlinked kernel 2019-12-16 09:47:40 +01:00
Michael Boelen d680fe549f
Switched from warnings to suggestions, corrected path selection for DIR variable 2019-12-13 12:59:43 +01:00
Michael Boelen f35a08ad28
Quoting should not be used when globbing 2019-12-13 12:40:29 +01:00
Michael Boelen 1b4b02d813
Decrease length of line breaks between tests 2019-12-13 12:36:19 +01:00
Michael Boelen bf4374bb19
[KRNL-5830] skip test partially if non-privileged 2019-12-13 12:35:38 +01:00
Michael Boelen fd84be485b
Improved permission check for BSD systems 2019-12-13 12:34:56 +01:00
Michael Boelen f00447fd1b
Style change, add curly brackets 2019-12-06 15:55:59 +01:00
Michael Boelen c7c44535e7
Merge pull request #800 from Schmuuu/core/fix-relative-path-detection 
don't fail relative paths check with spaces in PATH
 2019-12-06 15:39:55 +01:00
Michael Boelen 24c5a9fcea
Merge branch 'master' into master 2019-12-06 15:35:46 +01:00
Michael Boelen 6421c2e419
[BANN-7126] additional words for login banner are accepted 2019-12-06 09:49:06 +01:00
Michael Boelen 15ae5ea0c1
Added alias --use-cwd as that is more in line with other options (instead of --usecwd) 2019-12-04 08:01:56 +01:00
Michael Boelen c67696455f
Merge pull request #797 from Schmuuu/KRNL-5840/find-more-kernels 
KRNL-5840: add detection for proxmox and raspi kernel
 2019-12-03 14:32:52 +01:00
Michael Boelen 3e9902b35e
Merge pull request #798 from Schmuuu/OS-detection/detect-raspbian 
OS-Detection: add raspian detection
 2019-11-28 15:42:45 +01:00
Michael Boelen dd2cb31c7f
Merge pull request #799 from Schmuuu/ntp/set-NTP_CONFIG_FOUND 
do set variable NTP_CONFIG_FOUND if ntp config is found
 2019-11-28 15:05:01 +01:00
Michael Boelen ea03723093
Merge pull request #803 from dvehrs/PermTests 
Updated tests for file permissions to case statements
 2019-11-25 15:32:06 +01:00
Michael Boelen cad55d8bec
Merge pull request #802 from dvehrs/HCFP 
Updated permissions checks
 2019-11-25 15:28:00 +01:00
Michael Boelen 65f88e148b
Merge pull request #804 from Schmuuu/krnl/fix-wrong-limits-subfolder 
fix left over test folder with correct folder from variable
 2019-11-25 15:23:47 +01:00
Michael Boelen 35ca01eaac
Merge pull request #805 from Schmuuu/tests_php/add_some_php72_and_php73_support 
added additional php folders to check, plus added PHP72 and PHP73
 2019-11-25 15:23:11 +01:00
Michael Boelen f81ff3d7d6
Removed empty lines 2019-11-18 10:20:31 +01:00
Michael Boelen ffc9309338
Merge branch 'master' of https://github.com/CISOfy/lynis 2019-11-18 10:19:58 +01:00
Michael Boelen a07fcb3348
Add USR1 trap to show status such as active test 2019-11-18 10:19:43 +01:00
Michael Boelen 421b42c5b0
Merge pull request #809 from Marzal/master 
First fix in order make lynis work OK in AIX
 2019-11-13 11:21:43 +01:00
Michael Boelen 6d594b899f
Merge pull request #810 from neilmayhew/fix/773-home-9306 
Fix for false positive for some users on HOME-9306
 2019-11-13 11:18:04 +01:00
fbomj 2b8f761efa MALW-3280: Kaspersky detection 2019-11-06 21:49:54 +01:00
János Márkus d9013b13ac Fixes CISOfy/lynis#773 2019-11-03 11:48:03 +01:00
Neil Mayhew 9de8227674 Fix for false positive for some users on HOME-9306 
Closes #773

Patch from @church1e
 2019-11-01 18:12:33 -06:00
Marzal 8353483d1d grep doesn't work with '\|' in AIX. grep -E is more POSIX compliant. 2019-10-29 18:47:07 +01:00
Kristian Schuster d97221b851
added additional php folders to check, plus added PHP72 and PHP73 2019-10-24 00:14:42 +02:00
Kristian Schuster 32ee016810
fix: forgot to replace test folder with correct folder from variable 2019-10-23 23:06:03 +02:00
Dave Vehrs e6bf111f41 Updated tests for file permissions to case statements 2019-10-23 14:47:03 -06:00
Dave Vehrs 6dad2f476e Updated permissions checks 2019-10-23 12:31:20 -06:00
Kristian Schuster 4898e48e16
don't fail relative paths check with spaces in PATH 2019-10-22 21:43:37 +02:00
Kristian Schuster 62feaf3fff
do set variable NTP_CONFIG_FOUND if ntp config is found 2019-10-22 20:07:56 +02:00
Kristian Schuster 66a754fa18
OS-Detection: add raspian detection 2019-10-20 20:21:54 +02:00
Kristian Schuster ace2e27237
KRNL-5840: add detection for proxmox and raspi kernel 2019-10-20 19:55:34 +02:00
Kristian Schuster 62419033f5
fix for #781 - run lsblk without --paths 2019-10-19 00:34:25 +02:00
Michael Boelen c16133b255
Merge pull request #772 from Marzal/Marzal-test_storage 
Clean shellcheck warnings in STRG-1846
 2019-10-16 14:49:46 +02:00
Kristian Schuster 4eeb2899cc
add missing variables and replace '\s' to be posix conform 2019-10-15 21:52:53 +02:00
Michael Boelen 7932daca8f
Merge pull request #784 from Schmuuu/krnl/disabled-coredumps-detection 
KRNL-5820: add checks for disabled coredumps in systemd & etc/profile
 2019-10-15 16:06:44 +02:00
Michael Boelen 7ce61bb5dd
Merge pull request #778 from pyllyukko/SINT-7010-MacOS 
Test SINT-7010 in macOS only
 2019-10-15 15:43:26 +02:00
Michael Boelen 6c3fc531ec
Merge pull request #779 from pyllyukko/gradm-stderr 
Redirect gradm stderr to /dev/null
 2019-10-15 15:42:08 +02:00
Michael Boelen fda0d3cf4a
Merge pull request #770 from Schmuuu/master 
nginx-test: add log file detection for relative paths
 2019-10-15 15:40:30 +02:00
Michael Boelen 1f4092d8e0
Merge pull request #777 from pyllyukko/osdetection-slackware 
Slackware Linux OS detection
 2019-10-15 15:36:31 +02:00
Katarina Durechova 4bb78d721e Databases - variables initialization 2019-10-14 21:50:22 +02:00
Kristian Schuster 3bc70b425e
fix old limits check not working in a few cases 2019-10-13 23:08:19 +02:00
Kristian Schuster 7b52ff52c7
add check for disabled coredumps in etc/profile and systemd 2019-10-13 22:06:50 +02:00
pyllyukko b771437cd0
Redirect gradm stderr to /dev/null 
If the tool exists but the kernel doesn't have grsec, you'll get the
following error into stderr:

Could not open /dev/grsec.
open: No such file or directory
 2019-10-08 20:52:55 +03:00
pyllyukko c88953a815
Test SINT-7010 in macOS only 2019-10-08 20:31:35 +03:00
pyllyukko 52cef0ed87
Slackware Linux OS detection 2019-10-08 20:19:30 +03:00
Michael Boelen 52e1231433
Additional check to ensure pacman package manager is used instead of pacman game 2019-10-08 16:43:09 +02:00
Michael Boelen 87f5596952
Added new test DBS-1828 2019-10-08 15:15:18 +02:00
Michael Boelen f188bac7e8
Update description for FILE-6374 2019-10-08 15:10:02 +02:00
Marzal f77e56ed4b Prefer [ p ] && [ q ] as [ p -a q ] is not well defined. SC2166 2019-09-29 21:17:52 +02:00
Marzal a052a107d3 SC2086 2019-09-29 21:15:29 +02:00
Marzal 7d430d5abc rephrasing comment to avioid false positive in lynis-sdk 2019-09-29 21:13:47 +02:00
Kristian Schuster 51d3c56842
crypto-test: suppress errors when devs are not accessible for cryptsetup 2019-09-29 17:44:15 +02:00
Kristian Schuster 001cd85183
kernel-test: additional improvements for required reboot detection 2019-09-29 17:42:07 +02:00
Kristian Schuster 364b770c64
kernel-test: determine reboot requirement for more distros. Plus a few fixes 2019-09-28 00:39:12 +02:00