tyler.durden
/
lynis
mirror of https://github.com/CISOfy/lynis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
2,604 Commits 2 Branches 63 Tags 18 MiB
Commit Graph

1726 Commits

Author SHA1 Message Date
Michael Boelen f76cf70651
Missing } 2019-08-04 19:40:02 +02:00
Michael Boelen 48ba463376
Added support for swupd (Clear Linux OS) 2019-08-04 19:37:55 +02:00
Michael Boelen 04d2cb838b
Test for presence of /etc/hosts (e.g. Clear Linux OS), changed screen and log output 2019-08-04 19:20:16 +02:00
Michael Boelen d3355937a4
Don't quote in for loop to prevent glueing individual lines together 2019-08-04 19:19:12 +02:00
Michael Boelen f2b385fbf7
Initial support for Clear Linux OS 2019-08-04 19:18:16 +02:00
Michael Boelen da055ae0aa
More standardization of text and adding deprecated functions for transition period 2019-08-01 14:59:03 +02:00
David Marzal 28801e7ad7 Clean up of not used legacy functions and not used broken functions 2019-07-31 22:29:26 +02:00
Michael Boelen 3ea66d4298
[LOGG-2154] corrected output of files in /etc/rsyslog.d directory 2019-07-31 08:17:15 +02:00
Michael Boelen 4b77e27495
Reversed if/then to show correct status of minilogd 2019-07-31 08:03:21 +02:00
David Marzal 000838b154 Document --usecwd in helper_show and man 2019-07-29 15:22:48 +02:00
Michael Boelen 429ad46649
[LOGG-2154] added support for rsyslog configurations 2019-07-26 20:07:14 +02:00
Michael Boelen fa064a824b
[FINT-4334] improved process detection for lfd 2019-07-26 16:14:26 +02:00
Michael Boelen 9605f0fa80
Combined sort and uniq to sort -u 2019-07-26 15:34:02 +02:00
Michael Boelen 7f1742fc54
Replaced direct calls to tools 2019-07-26 14:14:54 +02:00
Michael Boelen 1c79357526
Merge pull request #720 from dvehrs/exim4 
Added certificate tests for Exim
 2019-07-26 14:07:39 +02:00
Michael Boelen 3af72e41c7
Improved selection of home directories for normal users in HOME-9304 and HOME-9306 2019-07-26 11:59:03 +02:00
Michael Boelen 2ec0268692
Merge pull request #732 from Marzal/Marzal-FILE-7524 
Changes for new profile format
 2019-07-26 11:33:38 +02:00
Michael Boelen 17137408d2
Use IsRunning exit code instead of variable 2019-07-26 11:32:48 +02:00
Michael Boelen 8321b98689
[AUTH-9408] double escape to prevent error message (awk: warning: escape sequence '\[' treated as plain '[') 2019-07-26 11:11:03 +02:00
Michael Boelen b7fb98a47f
[AUTH-9266] skip .pam-old files in /etc/pam.d (used by Ubuntu) 2019-07-26 10:57:44 +02:00
Michael Boelen d621355b7e
Set variable instead of using return, otherwise other parameters won't be checked 2019-07-26 09:00:47 +02:00
Michael Boelen b384fa2887
New option: --usecwd to run from current working directory 2019-07-25 11:34:58 +02:00
David b8a0190e82
Fix grep in PROFILEVALUE 
Make it work with new profile format
 2019-07-18 18:58:11 +02:00
David 4d5a0c59c7
Fix find fields in new profile format 
New format uses permfile= so it needs a new cut to filter the name file
 2019-07-18 18:52:36 +02:00
Michael Boelen d6cce1cd08
Test if profiles provided using the command line are readable 2019-07-18 11:54:11 +02:00
Michael Boelen dcd829076b
Move this check to the DiscoverProfiles function 2019-07-18 11:48:00 +02:00
Michael Boelen 4b0f5517f7
Textual change 2019-07-18 11:47:24 +02:00
Michael Boelen b53b894f33
Added file check when a profile is provided 2019-07-18 11:42:26 +02:00
Michael Boelen b7f7179f1e
Moved variables 2019-07-18 11:42:01 +02:00
Michael Boelen 0e9e0fab36
Merge pull request #730 from Marzal/Marzal-PRIVILEGED 
Fix $privileged var being overwrite
 2019-07-18 11:36:47 +02:00
Michael Boelen 87fef1c27b
Merge pull request #729 from Marzal/Marzal-strictmode 
strictmode fixes
 2019-07-18 11:36:23 +02:00
Michael Boelen 63043b536d
[AUTH-9408] added support for pam_tally2 to log failed logins 2019-07-18 11:33:28 +02:00
Julian Phillips e293af16aa Add FOUND var to unset list 2019-07-17 18:01:44 -07:00
Julian Phillips 84dd024887 [CRYP-7930] Modify to use 'lsblk' and 'cryptsetup' 
There are several challenges with the existing method of using
/etc/crypttab:

1)encrypted rootfs partitions are not typically listed in this
file (users are prompted for password in early boot instead)

2)the 'luks' option is the default option so it is possible for
/etc/crypttab entries to never have this set explicitly and any
block device configured as such will be missed currently

3)any device mounted manually, or using any other mechanism aside
from /etc/crypttab will be missed

This commit executes 'cryptsetup isLuks' on every block device in
the system to determine whether it is a LUKS device. This handles
all 3 cases mentioned above.

Test case wording was also updated to reflect the fact that it
only checks for LUKS entrypted block devices. So, plain dm-crypt
and TrueCrypt/VeraCrypt block device encryption is not detected.
Nor is any file system level encryption such as eCryptfs, EncFs,
gocryptfs.
 2019-07-17 16:18:12 -07:00
David d1cb74e7d9
Delete PRIVILEGED var from this file 
if PRIVILEGED is set in the file, it will overwrite the value in the main program always to 0.
This change depends in the other commit that set the variable in both cases.
 2019-07-17 23:28:51 +02:00
David 06413994cf
Initialize some vars to allow strict mode to work 
IsRunning():
To check if $users is empty in strict mode we need the var to be initializez

ReportException:
Some test call this function without the second parameter, this is not allowed in strict mode if we don't initialize the variable
 2019-07-17 23:16:47 +02:00
David 250fb965d3
Strict mode needs this vars initialized 2019-07-17 23:08:20 +02:00
Michael Boelen a4d15f77b5
Differentiate between a discovered binary and running process 2019-07-16 19:10:04 +02:00
Michael Boelen 9e56706aa6
Formatting and improved logging 2019-07-16 19:06:31 +02:00
Michael Boelen 2bd1b1b590
Format change 2019-07-16 19:05:28 +02:00
Michael Boelen d696d521c1
Extended IsRunning function to allow for searching by a combination of process name and user. 2019-07-16 19:04:53 +02:00
Michael Boelen 5869fa4eb1
[INSE-8050] added com.apple.ftp-proxy and improved text output 2019-07-16 14:35:00 +02:00
Michael Boelen a2c57e0b75
Added missing 'then' 2019-07-16 13:21:32 +02:00
Michael Boelen fa8bad20db
Use -n instead of ! -z 2019-07-16 13:20:30 +02:00
Michael Boelen a12aaa2d3a
Added quotes 2019-07-16 13:13:15 +02:00
Michael Boelen 2e192788bb
Added new tests INSE-8318 and INSE-8320 2019-07-16 13:12:17 +02:00
Michael Boelen f8564f2923
[STRG-1840] renamed to USB-1000 2019-07-15 20:04:38 +02:00
Michael Boelen 52610e1abe
[STRG-1842] renamed to USB-2000 2019-07-15 20:00:14 +02:00
Michael Boelen 7ec81715aa
Minor cleanup 2019-07-15 19:57:23 +02:00
Michael Boelen 08cbc6fe2e
Merge pull request #680 from Capashenn/patch_12 
fix issue #610 STRG-1842
 2019-07-15 19:53:33 +02:00
Michael Boelen 455fc26bf7
Small code enhancements 2019-07-15 19:39:04 +02:00
Michael Boelen 2e7c6c7816
[FINT-4328] correct text in log 2019-07-15 19:34:37 +02:00
Michael Boelen c1cf106d03
Show location for Lynis package and new documentation 2019-07-15 19:05:57 +02:00
Michael Boelen 7728213ac4
Merge branch 'master' into docu 2019-07-15 18:55:10 +02:00
Michael Boelen c074c81897
Initial work on GetReportData function 2019-07-14 15:12:25 +02:00
Michael Boelen ced78b52b0
Small markup changes 2019-07-14 15:11:45 +02:00
Michael Boelen 591bc05f4d
[SSH-7408] changed text in suggestion and report 2019-07-14 14:43:35 +02:00
Michael Boelen dbc6f9bc4c
[SCHD-7702] removed hardening points 2019-07-14 13:40:55 +02:00
Michael Boelen b025b3301a
Define relative or absolute path, depending on directory/file or being a binary 2019-07-14 13:36:45 +02:00
Michael Boelen 1df9630bcf
Merge pull request #676 from Capashenn/patch_8 
fix issue #659
 2019-07-14 13:30:16 +02:00
Michael Boelen 4b68c22f30
Use relative paths 2019-07-14 13:27:08 +02:00
David 8400849c58
Add missing commands to show command helper 
configure,generate,update,upload-only
 2019-07-14 13:26:03 +02:00
Michael Boelen 9ebddf0e0c
Merge pull request #675 from Capashenn/patch_7 
fix issues #666 #667
 2019-07-14 13:21:40 +02:00
Michael Boelen ceb9ea193d
Renamed INSE-8342 to INSE-8304 2019-07-14 13:16:48 +02:00
Michael Boelen 93e311e52e
Added INSE-8314 and INSE-8316 for NIS client and server 2019-07-14 13:13:02 +02:00
Michael Boelen 3f04235353
[INSE-8116] added rsync service 2019-07-14 13:06:23 +02:00
Michael Boelen 96434508d4
Disable testing for other tools, as xxd is not present on all systems by default 2019-07-14 12:18:22 +02:00
Michael Boelen ba32b1a001
Use xxd or hexdump, depending on OS 2019-07-14 12:18:05 +02:00
Michael Boelen 4829ae9722
Long format for od does not exist on BSD 2019-07-14 11:57:44 +02:00
Michael Boelen 34f306eb0b
Internal reorganization 2019-07-14 11:50:02 +02:00
Michael Boelen 26fca99c40
Textual changes 2019-07-14 11:49:14 +02:00
Michael Boelen 1a512984c1
[SSH-7406] instead of just carriage return, strip all control characters 2019-07-14 08:43:06 +02:00
Michael Boelen 0bdcb57763
Merge branch 'master' into patch_3 2019-07-14 08:36:47 +02:00
Michael Boelen 82b1c63341
[NETW-3032] small rewrite of test and extended with addrwatch 2019-07-14 08:28:49 +02:00
Michael Boelen 96b9fc33e4
Add generator/version for future 2019-07-13 20:12:38 +02:00
Michael Boelen 6096db8828
Merge pull request #727 from Marzal/showhelperversion 
Prepend sed to discard '## ' in CHANGELOG.md
 2019-07-13 20:05:37 +02:00
Michael Boelen 9f7e0775a5
New command: lynis generate systemd-units 2019-07-13 20:03:30 +02:00
David 2dcf816e86
Prepend sed to discard '## ' in CHANGELOG.md 
Since version 2.6.6 CHANGELOG.md has markdown formatting. This breaks the show changelog command.
This is a workaound to "fix" the issue without changing all the versions in CHANGELOG.md
 2019-07-13 12:41:10 +02:00
Michael Boelen 76e84f4b56
Run non-interactive by default, use --wait to enforce waiting after finishing a group of tests 2019-07-12 14:38:52 +02:00
Michael Boelen c31c6a5a9e
Add timing measurement of individual tests and report them 2019-07-12 14:20:32 +02:00
Michael Boelen aaba4932b0
Show name of deprecated function on screen output 2019-07-12 13:13:39 +02:00
Michael Boelen b9a13893b9
[NAME-4408] corrected Report function call 2019-07-12 13:12:59 +02:00
Michael Boelen 0f80fa07aa
New function SafeFile 2019-07-12 13:05:43 +02:00
Michael Boelen ce263f8cd6
Textual changes 2019-07-10 20:22:31 +02:00
Michael Boelen f40b4287eb
Show 'Not found' instead of 'OK' 2019-07-10 20:12:17 +02:00
Michael Boelen afba58e743
[PROC-3802] test for presence of prelink tooling 2019-07-10 20:10:31 +02:00
Michael Boelen 1a57b41bdd
[PROC-3602] Use ROOTDIR 2019-07-10 20:00:52 +02:00
Michael Boelen f5adb68e00
First round of cleanups and textual improvements 2019-07-10 19:36:51 +02:00
Michael Boelen 83d510934d
Quote file name as it may include spaces 2019-07-10 19:36:19 +02:00
Michael Boelen c97dc3044a
Use exit code instead of ITEM_FOUND value 2019-07-10 19:35:51 +02:00
Michael Boelen 09d8832a0b
[CRYP-7903] enhanced test to properly work 2019-07-09 11:42:04 +02:00
Michael Boelen ae474c72c6
[SSH-7402] detect other SSH daemons like dropbear and split SSH daemon from OpenSSH daemon 2019-07-09 11:16:59 +02:00
Michael Boelen 6891f64c39
Added CRYP-7930 2019-07-09 10:33:51 +02:00
Michael Boelen f3f6be6630
Fix for incorrect subdirectory retrieval and adding enhancement to reduce number of evaluations needed 2019-07-08 21:20:45 +02:00
Michael Boelen 054ca21ee3
Fix: split directories 2019-07-08 21:19:28 +02:00
Michael Boelen 2c17c14c3b
New profile option to ignore specified certificate directories 2019-07-08 15:08:56 +02:00
Michael Boelen 1854e51e7e
New function: Equals 2019-07-08 15:05:28 +02:00
Michael Boelen 16146aabc0
Added option: ssl-certificate-paths-to-ignore 2019-07-08 14:27:40 +02:00
Michael Boelen 5217db95b1
Add deprecation message for old format and added check for unexpected/invalid characters in profile (additional security measure) 2019-07-07 18:49:01 +02:00
Michael Boelen 7a816ece8a
Added DisplayWarning function 2019-07-07 18:47:55 +02:00