tyler.durden
/
lynis
mirror of https://github.com/CISOfy/lynis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
2,257 Commits 2 Branches 62 Tags 17 MiB
Commit Graph

1501 Commits

Author SHA1 Message Date
Michael Boelen 9cf25723e0 [AUTH-9308] Test for tilde in inittab for Debian systems 2017-02-28 20:18:47 +01:00
Michael Boelen 5668f7bed1 Corrected variable for data uploads 2017-02-28 20:17:49 +01:00
Michael Boelen ed52d0dd41 New test and reduction of output on screen 2017-02-28 20:17:01 +01:00
Michael Boelen b2f13a2f92 [TIME-3148] new test for TZ variable 2017-02-22 15:06:19 +01:00
Michael Boelen 1c59bfd6f1 Set correct variable for data upload mode 2017-02-21 15:40:49 +01:00
Michael Boelen a19a34cbf3 Allow data uploads to be configured in profile 2017-02-21 15:40:06 +01:00
ryneeverett f5d70a6889 Match for sulogin fails to detect inittab entry (#356) 
A valid inittab entry was missed. Gentoo delivers an inittab
containing su1:S:wait:/sbin/sulogin
 2017-02-21 14:26:32 +00:00
alobodzinski 08b6a40751 MAIL-8818: $LINUX_VERSION is not set on every OS (#357) 2017-02-21 14:25:48 +00:00
Michael Boelen 2d8b06678f [TIME-3116] skip stratum 16 items for time pools 2017-02-18 14:28:56 +01:00
Michael Boelen 8d6bc1ad21 Allow colored output to be configured from profile 2017-02-16 10:27:54 +01:00
Michael Boelen a817bf2f1b [SSH-7408] allow filtering for multiple options and new SSH value for PermitRootLogin 2017-02-15 13:14:54 +01:00
Michael Boelen 0209c6ce90 [AUTH-9208] Remove double logging 2017-02-14 20:18:37 +01:00
Michael Boelen f7478bc9e0 Unique sort of systemctl unit files 2017-02-14 20:15:00 +01:00
Michael Boelen 38af9121ea Properly detect SSH version 2017-02-14 20:10:42 +01:00
Michael Boelen ea16e798ee Grammar fix 2017-02-14 20:05:45 +01:00
Michael Boelen 30d9c2b72d [FIRE-4512] lowered number of minimum rules 2017-02-14 16:19:44 +01:00
Michael Boelen c0e604c059 [HRDN-7222] changed reporting key 2017-02-14 15:08:55 +01:00
Michael Boelen a7dd733dc0 Improve logging for group checks 2017-02-11 21:25:25 +01:00
Michael Boelen 36f7bcbf1c Rename authentication to authorization 2017-02-10 17:18:23 +01:00
Michael Boelen a8c021dd9c Status of MongoDB instances 2017-02-10 13:07:53 +01:00
Michael Boelen 2cc3f889c8 [DBS-1818] MongoDB status 2017-02-10 13:07:30 +01:00
Michael Boelen 9c71f6061d Check for pgrep binary 2017-02-10 12:58:59 +01:00
Michael Boelen d27c1eda84 [DBS-1820] Test for MongoDB authentication 2017-02-10 12:58:47 +01:00
Michael Boelen bfbe35055a [FIRE-4586] escape search string 2017-02-10 11:14:01 +01:00
Michael Boelen 34ba1ba184 Changed date and preparing for release 2017-02-09 13:35:40 +01:00
Michael Boelen a7409568c9 Updated commands 2017-02-05 21:08:08 +01:00
Michael Boelen bbe95bb0ff Check for OS name in Postfix banner 2017-01-28 15:48:26 +01:00
Michael Boelen 551f89c63b Log weak banner and code enhancements 2017-01-28 15:47:47 +01:00
Michael Boelen 57dd96f6c6 Added support for iptables-save 2017-01-28 15:46:56 +01:00
Michael Boelen 103ed2afb3 Added FIRE-4586 2017-01-28 15:46:42 +01:00
Michael Boelen ed45fe7b29 Use the data from machine ID when no SSH keys are available 2017-01-28 12:11:38 +01:00
Michael Boelen 670b18b6f5 Strip out any comments at end of nginx configuration lines 2017-01-27 14:36:55 +01:00
Michael Boelen d4f4c2d785 Added support for Trend Micro and Cylance (macOS) 2017-01-24 20:01:22 +01:00
Michael Boelen 338edb4971 Add stderr for other network tests 2017-01-24 19:30:17 +01:00
Michael Boelen d2a80ed789 Add stderr for NETW-3004 2017-01-24 19:28:06 +01:00
Andres Gomez Casanova 145e1164be Variable name in reportWarning function (#342) 
* Variable name

* Update functions

* Update functions
 2017-01-16 11:03:07 +00:00
pyllyukko d25dcd09ef Set MAC_FRAMEWORK_ACTIVE=1 if grsecurity's RBAC is enabled (#348) 
* Look for gradm utility

* Set MAC_FRAMEWORK_ACTIVE=1 if grsec's RBAC is enabled
 2017-01-16 11:02:03 +00:00
Michael Boelen e483d69050 Solved error on AIX 2016-12-02 20:48:37 +01:00
Michael Boelen aadd58e6a6 Allow option to configure host IDs via profile 2016-12-02 13:19:29 +01:00
Michael Boelen c6f80c0a90 Improve output of report 2016-11-20 16:23:25 +01:00
Michael Boelen e7938c19e6 [KRNL-5830] Improved logging 2016-11-20 16:23:17 +01:00
Michael Boelen d7ed46ae9e [KRNL-5788] Remove exception, style improvements 2016-11-20 16:16:02 +01:00
Michael Boelen f16325ff55 Only show non-privileged tests that were skipped if they are applicable to our platform 2016-11-19 15:38:32 +01:00
Zach Crownover 659d3e42c5 Improve DragonFly support (#329) 
* Update facter location for BSDs

BSDs tend to place third party binaries in /usr/local rather than /usr

* Add support for DragonFly boot loader detection

DragonFly BSD has the same file paths for the bootloader as FreeBSD

* Add kernel module checking for DragonFly

DragonFly BSD checks kernel modules the same way as FreeBSD

* Add DragonFly check for login shells

DragonFly's login files are the same as FreeBSD's

* Add HAMMER PFS Detection

All PFS mounts in HAMMER systems for DragonFly will be detected now
 2016-11-19 12:39:57 +00:00
Michael Boelen 40e19b62be Added Arch Linux detection via /etc/os-release 2016-11-08 19:53:11 +01:00
Michael Boelen b5a1deae47 Added variable for readlink binary 2016-11-08 19:47:59 +01:00
alobodzinski 3aa2efba4d Fix for NAME-4408: getent hosts localhost may show two lines on Ope… (#310) 
* Fix for NAME-4408: getent hosts localhost   may show two lines on OpenBSD

* This version does the comparisons in little less awkward way
 2016-11-05 11:55:11 +01:00
Justin P 50b06efd30 macOS Refactoring (#311) 
* Default all macOS `OS` names as macOS. Added comments to specify `uname` outputs for better understanding.

* Refactored all `Mac` instances referring to macOS over to `macOS` formatting.

Tested on my own machine, unable to find any errors outside of normal parameters.
 2016-11-05 11:53:22 +01:00
Michael Mior 0f318a4b7c Fix Dockerfile audit (#313) 2016-11-05 11:52:06 +01:00
Michael Boelen 1cb1fc40ca Added more definitions for tools 2016-10-28 11:48:20 +02:00
Michael Boelen 3c8e93c28e Improve usage and display of update tool 2016-10-28 11:47:31 +02:00
Michael Boelen 7155afa2bb Added missing space 2016-10-27 11:45:21 +02:00
Michael Boelen a1f9f902a1 [FIRE-4518] mark as a root-only test - correction 2016-10-27 10:08:43 +02:00
Michael Boelen 3a57b628d6 [FIRE-4518] mark as a root-only test 2016-10-27 10:07:03 +02:00
Michael Boelen e0ea967f01 [NETW-3004] add macOS support 2016-10-27 10:06:41 +02:00
Michael Boelen e4cc0b1b9b [AUTH-9234] reversed username and uid 2016-10-27 09:40:13 +02:00
Michael Boelen 43d3088a04 Check for presence of custom.prf, otherwise quit with suggestion 2016-10-27 09:30:25 +02:00
Michael Boelen db0ebcd374 Improved logging 2016-10-27 09:21:56 +02:00
Michael Boelen 5488c6fc4b Missing exclamation mark 2016-10-27 09:19:37 +02:00
Michael Boelen 0d66aec62c [AUTH-9234] style and enhanced support for macOS 2016-10-27 09:13:57 +02:00
Michael Boelen ef7a120997 [AUTH-9234] support for macOS user gathering 2016-10-27 08:56:52 +02:00
Justin P e687b20866 Updates to include/tests_authentication (#308) 
* adjusted.
For test number 9234, added comments stating macOS doesn’t use
/etc/passwd for normal users. macOS uses `opendirectoryd` as the
backend for user management. So, `dscacheutil` is the recommended
program to parse that information. I input a sample line as a comment
in the test area.

* Revert "adjusted."

This reverts commit 2166e5da94.

* Test 9208 and 9234 Updated

For test number 9208, the LogText was clumsily written. Text has been adjusted.
For test number 9234, added comments stating macOS doesn’t use `/etc/passwd` for normal users. macOS uses `opendirectoryd` as the backend for user management. So, `dscacheutil` is the recommended
program to parse that information. I input a sample line as a comment in the test area.

* Test 9208 and 9234 Updated

For test number 9208, the LogText was clumsily written. Text has been adjusted.

For test number 9234, added comments stating macOS doesn’t use `/etc/passwd` for normal users. macOS uses `opendirectoryd` as the backend for user management. So, `dscacheutil` is the recommended
program to parse that information. I input a sample line as a comment in the test area.
 2016-10-27 08:46:23 +02:00
Michael Boelen db7bff9cb2 Missing fi in BOOT-5139 2016-10-26 13:31:59 +02:00
Michael Boelen e96a31eab4 Style improvements 2016-10-26 12:58:51 +02:00
Michael Boelen 4886054187 Style improvements 2016-10-26 12:55:46 +02:00
Michael Boelen e54bae0c6d Merge branch 'master' of https://github.com/CISOfy/lynis 2016-10-26 12:54:59 +02:00
marcus-cr 94d31bba22 NETW-3030 - DHCPD Support Added (#299) 
Added support for DHCPD
 2016-10-26 12:37:35 +02:00
marcus-cr 9208125c06 Malware Scanner Colors for Personal Machine Role (#301) 
Results for malware scanner will show  different color for “personal”
machine-roles (in yellow) rather than the other roles (in red).

Added for leniency towards typical personal PC users for not having
malware scanner (should be a suggestion).

Also included log text result if no scanner found, regardless of
machine-role.
 2016-10-26 12:36:31 +02:00
marcus-cr 56ce017b4f Updated profiles (#300) 
* Updated profiles

Added “personal” machine-role, changed “desktop” to “workstation”.

* Changed Default Profile

Amended roles of system: changed “desktop” to “workstation”, and added
“personal”.
 2016-10-26 12:35:47 +02:00
Michael Boelen 9203b01f88 [BOOT-5139] support for roles 2016-10-26 12:34:56 +02:00
marcus-cr b95e44a526 Changed LILO testing depending on server/workstation or personal roles (#302) 
Test will display result in red if no boot loader password set and if
server or workstation role was set. Cosmetic change for log text, one
instead of two log texts.

Test displays result in yellow if using personal machine role as
suggestion for typical users.
 2016-10-26 12:30:31 +02:00
marcus-cr 6c02d49de0 Warning added for missing AIDE config file (#303) 
Warning given if AIDE is detected but no configuration file found.
Without configuration file AIDE will not work.
 2016-10-26 12:28:47 +02:00
Michael Boelen 3a69103a0e Improve versions for macOS 2016-10-26 12:19:01 +02:00
Michael Boelen 9c6864589b Allow x.y.z for macOS versions 2016-10-26 11:53:44 +02:00
Michael Boelen 270f2e4fb1 Improve logging and detection of domain name 2016-10-23 16:25:38 +02:00
Michael Boelen f18ef5c210 [TIME-3104] extended support for Chrony 2016-10-19 11:28:20 +02:00
marcus-cr f93573ff60 [MALW-3280] Bitdefender AV Support (macOS) (#293) 
* Support for Bitdefender AV (Mac OS)

* Update CHANGELOG.md
 2016-10-19 11:17:54 +02:00
marcus-cr 9dabecadbf Update tests_time (#294) 2016-10-19 11:17:33 +02:00
Michael Boelen a60d4b973a Disabled exception for boot loader 2016-10-19 10:07:11 +02:00
Michael Boelen 9a5b5e5a42 [MALW-3280] Added support for Avast on macOS 2016-10-17 20:45:53 +02:00
Michael Boelen 7b8c04c3b1 [BOOT-5202] use generic variables between OSes 2016-10-17 17:24:34 +02:00
Michael Boelen 61fb197638 [BOOT-5202] changes to uptime measurement for macOS and others 2016-10-17 17:18:10 +02:00
Michael Boelen 1641f4c88f Use machine ID if we have no suitable other string yet 2016-10-17 17:16:36 +02:00
Michael Boelen 404bd9ad4c Correct path to cgroup file 2016-10-16 15:51:30 +02:00
Michael Boelen 27054e2f2e Improve logging for non-privileged users 2016-10-16 15:29:50 +02:00
Michael Boelen 99de3bb0b6 Add 'lynis show environment' 2016-10-16 15:23:47 +02:00
Michael Boelen d0eae6480d Support for Docker container detection 2016-10-16 15:13:04 +02:00
Michael Boelen c0e63699e5 Added 'lynis show os' command and detection improvement 2016-10-16 12:01:33 +02:00
Michael Boelen 7cc56cf4ea Use ID from /etc/os-release 2016-10-16 11:57:19 +02:00
Michael Boelen ae02e81101 Improve usage of /etc/os-release 2016-10-16 11:55:11 +02:00
Michael Boelen fc494a6d3f OS detection of CoreOS 2016-10-16 11:50:23 +02:00
Michael Boelen 22d27434c9 Enhance pkg support on FreeBSD 2016-10-15 16:38:33 +02:00
Michael Boelen f1c3c23cae Corrected error redirection 2016-10-15 16:22:18 +02:00
Michael Boelen 8777a5e616 Use rootdir and proper error redirection 2016-10-15 16:20:04 +02:00
Michael Boelen f0b9a64c47 [PKGS-7381] bugfix at detection of pkg tool 2016-10-15 16:16:26 +02:00
Michael Boelen d88f755f40 [PKGS-7381] check pkg audit and report when the vulnerability database is missing 2016-10-15 16:12:49 +02:00
Michael Boelen b9561b515b [MACF-6208] Allow non-privileged execution and filter permission issues 2016-10-15 16:08:59 +02:00
Michael Boelen d0d76c44cb Improved logging 2016-10-15 15:38:06 +02:00
Michael Boelen b936f3b05b [FIRE-4530] Don't show error on screen for missing IPFW sysctl key 2016-10-15 15:34:03 +02:00
Michael Boelen c4b6aab8c7 Reversed file check on /dev/pf 2016-10-15 15:28:22 +02:00
Michael Boelen 81024635aa Improve detection of pf on FreeBSD 2016-10-15 15:26:15 +02:00
Michael Boelen f16315e0d3 Another enhancement for macOS (Sierra) 2016-10-15 11:35:26 +02:00
Michael Boelen 6b79f38b82 Add then statement 2016-10-15 11:35:07 +02:00
Michael Boelen 76277f1bf9 Added process detection for Little Snitch 2016-10-15 11:30:12 +02:00
Michael Boelen 19bfb4a7a4 Version information for macOS 2016-10-15 11:27:04 +02:00
Michael Boelen fba5140150 [FIRE-4534] detection of Little Snitch 2016-10-15 11:26:51 +02:00
Michael Boelen 7dd3c27b97 Improvements for macOS 2016-10-15 10:43:45 +02:00
Michael Boelen 32711e4155 Added missing quote 2016-10-14 08:57:47 +02:00
Michael Boelen c87e423196 Added HOSTID2 for macOS platform 2016-10-14 08:49:00 +02:00
Michael Boelen 063f50f39c Add upload-only command 2016-10-13 20:15:00 +02:00
Michael Boelen 622d15321b Added clamconf binary 2016-10-06 11:15:28 +02:00
Michael Boelen e5e4262fba New group system integrity 2016-10-05 09:50:20 +02:00
Michael Boelen 0cc27b956e New test INSE-8050 2016-10-05 09:50:06 +02:00
Michael Boelen f0cfab3f04 Style changes and improved detection of Red Hat based clones 2016-09-27 11:20:35 +02:00
Michael Boelen 9caf3005b5 Style improvements and hardening points 2016-09-26 12:05:30 +02:00
Florian Heigl 343eb5304f Add support for Rudder configuration management (#284) 
Rudder (http://www.rudder-project.org) is a config management tool with automatic reporting / dynamic policy adjustment.
The "dynamic" bit happens using FusionInventory.
The config management part uses CFEngine under the hood.
I don't know if hw/os inventory tools also matter in the Lynis report, if yes, I can look into that too.

This patch extends the path searched to detect a running CFEngine agent (and fileserver daemon)
Since the agent is the same, this should immediately detect it.
 2016-09-26 10:34:38 +02:00
Michael Boelen a3f57e6d01 Mark tests PKGS-7320 and PKGS-7322 as Linux-only 2016-09-24 16:17:11 +02:00
Michael Boelen 870ac295c6 Show possible solution with findings 2016-09-24 15:51:05 +02:00
Michael Boelen 98d9096739 Mark arch-audit as a package audit tool 2016-09-24 15:36:45 +02:00
Michael Boelen 1418e0404b Extended message for arch-audit 2016-09-24 15:34:31 +02:00
Michael Boelen fb88bcaf1f Style improvements 2016-09-24 15:34:05 +02:00
Michael Boelen 263c0b558b Changes to show more details for warnings 2016-09-24 15:27:42 +02:00
Michael Boelen 1bc29ebb2e Added solution to arch-audit test 2016-09-24 15:20:24 +02:00
Michael Boelen 35ef5988e6 Add details to warnings 2016-09-24 15:16:41 +02:00
Michael Boelen 1063c8f3e8 Replace calls to binaries and changes in output within report 2016-09-24 15:07:20 +02:00
Michael Boelen 780e66ea81 Use OS full name to detect distribution 2016-09-24 14:58:30 +02:00
Michael Boelen db419495bf Added support for arch-audit tooling 2016-09-24 14:49:14 +02:00
Michael Boelen 9d91f7dac7 [PKGS-7381] Improved output of log and warning 2016-09-22 14:54:55 +02:00
Michael Boelen 6a7ec8795a [PKGS-7381] Collect FreeBSD details for vulnerable packages 2016-09-22 14:47:06 +02:00
Alex Zepeda 100afa5f5b Skip NTP checks from within a FreeBSD jail (#281) 2016-09-22 11:39:55 +02:00
Michael Boelen 76aece2e61 Removed warning and added more report data 2016-09-14 13:15:10 +02:00
Michael Boelen df2fff6cc7 Added NAME-4408 to check localhost to IP mapping 2016-09-13 17:27:25 +02:00
Michael Boelen 86051feaf8 Correct ServerAlias test 2016-09-10 16:16:58 +02:00
Michael Boelen 903016df36 Code cleanups and generic enhancements 2016-09-10 16:12:44 +02:00
Michael Boelen 2534fb99a9 Added file, head, mount, uname, uniq, wc, and xargs 2016-09-10 16:12:15 +02:00
Michael Boelen 9e7dfd52d8 Initialize variables for binaries 2016-09-10 16:11:43 +02:00
Michael Boelen 2b005afd04 Add cut and sed to binary list 2016-09-08 21:04:35 +02:00
Michael Boelen 82ededed31 Style improvements and command replacements 2016-09-08 21:04:17 +02:00
Michael Boelen 81d8486cb0 [CRYP-7902] Gather more certificate details and style improvements 2016-09-08 21:04:02 +02:00
BlueC0re a596bdc349 added TRBINARY + fix nftables check (#276) 
fixes #273
 2016-09-06 20:58:30 +02:00
Michael Boelen 5b2d1570db [KRNL-5820] Corrected function and style changes 2016-09-06 20:57:47 +02:00
Michael Boelen 737b9359ae Renamed tr command 2016-09-05 22:01:02 +02:00
Michael Boelen 1a832476bb [TIME-3104] Changed timedatectl test 2016-09-05 19:48:23 +02:00
alobodzinski 01c687eb55 FILE-6336: Fixed flawed logic: work correctly even if there is no swap at all (#272) 2016-09-05 19:30:04 +02:00
Michael Boelen 0a0453e1bc [FILE-6344] Adjusted /proc test 2016-09-05 19:28:44 +02:00
Michael Boelen 2eb6d908e1 Style improvement and extended log messages 2016-09-05 12:56:58 +02:00
Michael Boelen 2942b4196b Added test FIRE-4540 and textual changes 2016-09-05 12:29:04 +02:00
Michael Boelen cbed07cdb2 [LOGG-2146] Changed text and style 2016-09-05 11:54:42 +02:00
Michael Boelen 04f9fae67c [FIRE-4520] Use discovered pfctl binary and style improvement 2016-09-05 11:22:39 +02:00
Michael Boelen 042e52c0b9 [FIRE-4520] Remove suggestion 2016-09-05 11:21:27 +02:00
Michael Boelen 08036358ea Style changes 2016-09-01 17:33:18 +02:00
Rutger van Sleen 67b1abedfa Fix sed syntax for ServerAlias removal 
When a Apache config directive is in use, it has whitespace(s) or nothing at all prepended. Assuming that it always has a space before it doesn't have to match.
 2016-08-30 20:03:38 +02:00
afa- 4e139f4d71 Check for arpon as ARP monitoring software (#267) 2016-08-29 19:31:17 +02:00
alobodzinski 639c5adc72 Fixed cut-and-paste error (#265) 2016-08-29 19:31:06 +02:00
Mark Ruys e6a829b6ed GlusterFS mounts are nodev and nosuid by default, and are invalid mount options. So ignore GlusterFS mount points. (#268) 2016-08-29 19:30:48 +02:00
Michael Boelen 1ea2578494 Split of Docker tests 2016-08-29 19:26:35 +02:00
Michael Boelen facb68bc32 Added base64 binary 2016-08-29 10:06:41 +02:00
Michael Boelen a425e9b0a1 Added 'details' to help 2016-08-26 14:08:24 +02:00
Michael Boelen fdf3ded89f New command 'lynis show details' to display test details 2016-08-26 14:05:20 +02:00
Michael Boelen 8de53d87be Added missing dollar sign 2016-08-26 11:59:51 +02:00
Michael Boelen 679e8c628e Use detected binaries 2016-08-25 15:31:33 +02:00
Michael Boelen a6b04a3ace Added sort to list of binaries 2016-08-25 15:30:25 +02:00
Michael Boelen 2f4d65b831 Style changes 2016-08-25 15:25:51 +02:00
Michael Boelen dfb025a863 [AUTH-9204] style changes and add data to report 2016-08-25 15:18:44 +02:00
Michael Boelen cc5142329b [FILE-6362] added details 2016-08-24 11:37:25 +02:00
Michael Boelen e3af7c3727 [DBS-1816] Set skip reason variable 2016-08-24 11:36:51 +02:00
Michael Boelen 5ab139931d [FILE-6362] optimized test, style, removed warning 2016-08-24 11:36:16 +02:00
Michael Boelen c11f7fc1ce Do not show update message when using 'show' helper 2016-08-23 20:21:26 +02:00
Michael Boelen b85c782fae Added LOGG-2192 test 2016-08-22 12:21:43 +02:00
Michael Boelen c061d31bde Change text of AppArmor test and add more details to report 2016-08-22 12:12:38 +02:00
Michael Boelen b01c801a39 Added aliases for --tests-from-group 2016-08-18 22:00:05 +02:00
Michael Boelen 7744aa87ad [BOOT-5108] Support for Syslinux bootloader 2016-08-18 15:31:51 +02:00
Michael Boelen 8fcc2d7e12 [LOGG-2190] ignore files in /tmp caused by early MySQL 5.x releases 2016-08-18 15:25:57 +02:00
Eric Light b1bf319f18 Filter out open+deleted files held by MySQL <5.6 (#210) 
Resolves #209
 2016-08-18 15:09:59 +02:00
Michael Boelen d95ab3d253 Support sysctl checks with multiple profiles 2016-08-18 14:35:20 +02:00
cnrat 4368b59a1d Fix FILE-6344 bug (#263) 
The result of mount command returns like
/proc on /proc type proc (rw,hidepid=2)

Witch means the regular expression should be '^/proc' not '^proc' or you can grep nothing. :P
 2016-08-18 11:48:45 +02:00
Michael Boelen 0050c993f8 [FILE-6374] Improved logging 2016-08-17 11:54:57 +02:00
Michael Boelen 315c619825 [KRNL-5830] Improved logging 2016-08-17 11:49:02 +02:00
Michael Boelen 0dab1e9308 Allow multiple level of includes 2016-08-16 08:36:42 +02:00
Michael Boelen 4b96452dab Clean out unneeded file 2016-08-16 08:11:51 +02:00
Michael Boelen 1b30f6e558 Extended nginx testing 2016-08-16 08:08:15 +02:00
Michael Boelen 2bbc17868d Added --bin-dirs option 2016-08-16 08:07:52 +02:00
Michael Boelen c730a3185e Add StoreNginxSettings function to store parsed nginx configuration 2016-08-16 08:07:08 +02:00
Michael Boelen a0e289d73f Replace / with root directory 2016-08-15 20:00:54 +02:00
Michael Boelen 242f91ab97 Added --rootdir for forensics 2016-08-15 19:50:52 +02:00
Michael Boelen bf7b8ab44e Changed text for Redis test 2016-08-14 20:43:05 +02:00
Michael Boelen db88216326 Define Redis (server) running status in report 2016-08-13 17:05:38 +02:00
Michael Boelen 05585fab62 Add support for multiple Redis configuration files and permission check 2016-08-13 17:03:36 +02:00
Michael Boelen e06db1477d Add notebook hardware detection 2016-08-13 16:38:07 +02:00
Michael Boelen 67a636f351 Merge branch 'master' of https://github.com/CISOfy/lynis 2016-08-13 11:19:15 +02:00
Michael Boelen a928d57804 Add more details to report 2016-08-13 11:18:34 +02:00
Michael Boelen 1ae7028982 Add details on why a test is skipped 2016-08-13 11:17:01 +02:00
Michael Boelen 89cb348950 Variable for reason why tests are skipped 2016-08-13 11:16:37 +02:00
Michael Boelen bc87855b6f Aligning of code 2016-08-13 11:16:08 +02:00
Michael Boelen ed9c6190a7 Corrected setting display for show-tool-tips 2016-08-13 11:15:48 +02:00
Michael Boelen e0f50e9e25 Always register strict code checking in settings 2016-08-13 11:13:44 +02:00
Michael Boelen 075a69e125 Extended example 2016-08-13 10:48:35 +02:00
Michael Boelen d5a5cc3173 Allow logging a custom reason to skip a test 2016-08-13 10:16:15 +02:00
Michael Boelen 6fde12e579 Extended details for Redis tests 2016-08-13 10:06:34 +02:00
Michael Boelen f4ed6f11df Adjusted setting in registration 2016-08-13 10:06:09 +02:00
Michael Boelen 75d7c5dad6 Show logging of tests that have incorrect OS 2016-08-13 10:03:33 +02:00
Michael Boelen e691cb9faf Added aliases for several settings 2016-08-13 09:53:14 +02:00
Michael Boelen b90ce88b36 Added comment to debug setting 2016-08-13 09:51:02 +02:00
Michael Boelen bcf69503bc Added more aliases 2016-08-13 09:48:56 +02:00
Michael Boelen 2767cc2915 Added connections-max-wait-state setting alias 2016-08-13 09:47:50 +02:00
Michael Boelen bcfdcc2b97 Add show-report-solution setting 2016-08-13 09:45:38 +02:00
Michael Boelen 4eafdb6c85 [HRDN-7230] extended test and style change 2016-08-13 09:30:16 +02:00
erialor 32320b5575 Update tests_php (#261) 
Adding PHP5.6
 2016-08-12 19:14:09 +02:00
Michael Boelen 889a57fc03 Added DBS-1888 to test for Redis bound to localhost 2016-08-12 09:57:03 +02:00
Michael Boelen 1a6da63427 Added DBS-1886 to find renamed CONFIG command in Redis 2016-08-12 09:53:28 +02:00
Michael Boelen c761fe8106 Redefined test with requirepass option 2016-08-12 09:46:13 +02:00
Michael Boelen 30cb17cbc4 Added Redis tests DBS-1882 and DBS-1884 2016-08-11 19:56:33 +02:00
Michael Boelen aaa89fc6ce Set initial root directory to '/' 2016-08-11 19:55:29 +02:00
Michael Boelen 300ab03abc Improved SearchItem function and allow masking of sensitive details 2016-08-11 19:52:15 +02:00
Michael Boelen fa8826f59a Corrected text 2016-08-11 19:29:57 +02:00
Michael Boelen e78e7801ab Allow ExitFatal with text and test for input file on other tests 2016-08-11 19:03:01 +02:00
Michael Boelen bba7cfe200 Add return value to SearchItem() function 2016-08-11 18:46:17 +02:00
Michael Boelen 4f72cdf711 Mark VM type as OpenStack 2016-08-11 10:01:57 +02:00
Michael Boelen e176011912 Allow repository update to be disabled 2016-08-11 10:01:29 +02:00
Liao Tonglang b1c432c3e0 Make IsVirtualMachine detect centos6.8 on openstack (#258) 
These function made mistake in centos 6.8 virtual machine. Only dmicecode work
on these environment and it return Openstack Nova. A openstack case is needed
in codes that check $SHORT codes.
 2016-08-11 09:41:07 +02:00
Michael Boelen f9b2993f35 Removed unneeded field 2016-08-10 07:24:10 +02:00
Michael Boelen fc2d9b935c Removed unneeded field for warnings and suggestions 2016-08-10 07:13:38 +02:00
Michael Boelen 0115695d61 Removed unneeded field for warnings and suggestions 2016-08-10 07:13:33 +02:00
Michael Boelen 621e732797 Removed unneeded field for warnings and suggestions 2016-08-10 07:13:27 +02:00
Michael Boelen 3773e91597 Removed unneeded field for warnings and suggestions 2016-08-10 07:13:19 +02:00
Michael Boelen c3d438272f Removed unneeded field for warnings and suggestions 2016-08-10 07:13:10 +02:00
Michael Boelen 6392bc08d1 Removed unneeded field for warnings and suggestions 2016-08-10 07:13:04 +02:00
Michael Boelen b2ee2ffff1 Removed unneeded field for warnings and suggestions 2016-08-10 07:12:58 +02:00
Michael Boelen 3c4aee1358 Removed unneeded field for warnings and suggestions 2016-08-10 07:12:54 +02:00
Michael Boelen 74a11c97e7 Removed unneeded field for warnings and suggestions 2016-08-10 07:12:46 +02:00
Michael Boelen f14072d216 Removed unneeded field for warnings and suggestions 2016-08-10 07:12:41 +02:00
Michael Boelen dddfbdcb0a Removed unneeded field for warnings and suggestions 2016-08-10 07:12:35 +02:00
Michael Boelen 1715a1e2b5 Removed unneeded field for warnings and suggestions 2016-08-10 07:12:29 +02:00
Michael Boelen 387df54859 Removed unneeded field for warnings and suggestions 2016-08-10 07:12:22 +02:00
Michael Boelen d719706ecd Merge branch 'master' of https://github.com/CISOfy/lynis 2016-08-09 15:16:24 +02:00
Michael Boelen f434432954 [AUTH-9328] Test /etc/profile.d first for customizations of umask 2016-08-06 10:13:33 +02:00
alobodzinski 1d63d89dfd OS_KERNELVERSION_FULL is set only on Linux, OS_KERNELVERSION is not set on AIX, HP-UX, and Solaris (#254) 
Set initial values
 2016-08-04 14:24:44 +02:00
Michael Boelen 8a67003c0d Show --log-file on its own line 2016-08-02 15:50:17 +02:00
Michael Boelen 3c46482a9e Readability and style improvements 2016-07-31 21:20:38 +02:00
Michael Boelen 9874530615 Override reading of files when we are root 2016-07-31 21:18:56 +02:00
Michael Boelen 290252b764 [AUTH-9212] Added prerequisite to log 2016-07-31 21:15:31 +02:00
Michael Boelen d8ab98b845 [KRNL-5830] ignore rescue image for kernels 2016-07-31 21:09:05 +02:00
Michael Boelen 6283b9a7dd Code cleanup 2016-07-31 21:04:07 +02:00
Michael Boelen 1d2405cdaa Improve logging 2016-07-31 20:58:29 +02:00
Michael Boelen 039a829457 Style and readability improvements 2016-07-31 17:35:35 +02:00
Michael Boelen 66a871a07a Added missing dollar 2016-07-31 17:28:55 +02:00
Michael Boelen 9ae1aa749d Properly replace setting gathered from profiles 2016-07-31 17:18:36 +02:00
Michael Boelen ff38336e0b [KRNL-5830] Readability and style improvements 2016-07-31 16:28:17 +02:00
Michael Boelen 0993c0a13b Style and readability improvements 2016-07-31 15:58:20 +02:00
Michael Boelen 2fe1819c35 [PKGS-7383] Simplified test 2016-07-31 15:51:34 +02:00
Michael Boelen 1e62769ce0 [MAIL-8818] Style and refactoring 2016-07-31 15:43:06 +02:00
Michael Boelen 5e2f6d256b Removed word 'checking' from several tests' and style improvements 2016-07-31 13:53:26 +02:00
Michael Boelen 6426ce68c0 [AUTH-9216] Simplified test and make it more efficient 2016-07-31 13:45:21 +02:00
Michael Boelen 2b4d7a1e85 [AUTH-9218] Clean ups and improve readability 2016-07-31 13:34:17 +02:00
Michael Boelen 23e400ea9e More style and text changes, and removed warning 2016-07-31 13:29:23 +02:00
Michael Boelen 1b3cdb9883 [AUTH-9226] Style, text, and removed warning 2016-07-31 13:25:35 +02:00
Michael Boelen aad8d89bf8 [AUTH-9228] Provide just an suggestion instead of warning 2016-07-31 13:23:09 +02:00
Michael Boelen 8ee6cb42a3 DisplayError can now use an optional exit code to quit the program 2016-07-31 11:46:41 +02:00
beelsr 4143cd69b5 fix yum gpgenabled check to allow spaces around = (#247) 
Issue 245

yum.conf allows an arbitrary number of spaces to surround the equals assignment.
 2016-07-30 17:14:51 +02:00
Michael Boelen 15e364eae6 Initialize variable and unset at end 2016-07-30 16:41:57 +02:00
Michael Boelen 95b24f074f Initialize variables and style improvements 2016-07-30 16:41:34 +02:00
Michael Boelen 4faaa10a8c Initialize variables and cleanup 2016-07-30 16:41:11 +02:00
Michael Boelen cfdc8228fd [PKGS-7388] Readability improvements and initialization 2016-07-30 16:40:44 +02:00
Michael Boelen d776c30b06 [AUTH-9406] - Readability and code style changes 2016-07-30 16:08:45 +02:00
Michael Boelen 6375953b26 [PHP-2211] - Readability improvement and code style changes 2016-07-30 16:03:35 +02:00
Michael Boelen c74c572422 [FILE-6332] Enable testing for UUID usage with blkid command 2016-07-30 14:10:29 +02:00
Michael Boelen 220476d955 Test for blkid binary 2016-07-30 14:09:44 +02:00
Michael Boelen 9b9a97bceb [DBS-1880] Corrected variable name and style 2016-07-30 14:03:28 +02:00
Michael Boelen c8096dd06c Only show number of running containers when there are any 2016-07-30 14:01:36 +02:00
Michael Boelen 7670560c2a [HTTP-6720] Improve readability of test 2016-07-30 13:55:10 +02:00
Michael Boelen 0ec7f45f05 [AUTH-9268] Improve readability of test 2016-07-30 13:54:04 +02:00
Michael Boelen 0e18551b2c Catting of changelog removed 2016-07-30 13:48:22 +02:00
Michael Boelen b5408e50df Removed unneeded spacing instructions 2016-07-30 13:46:04 +02:00
Michael Boelen a5baafca02 Determine if all Docker tests should be executed, depending on exit code 2016-07-30 13:23:27 +02:00
Liao Tonglang 3fdb949152 Fix description of CheckFilePermissions (#243) 
* Fix description of CheckFilePermissions 

"Adds a system to a group, which can be used for categorizing" should belong to 
AddSystemGroup but not CheckFilePermissions

* make description of IsVirtualMachine right

"Check if a specific item exists in the report" should no be the description of IsVirtualMachien, change it.
 2016-07-30 12:08:43 +02:00
Michael Boelen f1dc6be5bf Start of refactor fail2ban tests and splitting them into different test areas 2016-07-30 12:06:30 +02:00
Michael Boelen af999d3207 Allow strict code checking for developers 2016-07-28 11:39:10 +02:00
Michael Boelen db5d825701 Check for number of arguments 2016-07-28 11:10:59 +02:00
Michael Boelen 22f99ede81 Check for number or arguments on ReportSuggestion and ReportWarning 2016-07-28 11:06:46 +02:00
Michael Boelen 052350feb4 [FINT-4402] Use correct variable 2016-07-28 10:38:10 +02:00
Michael Boelen 4e3de865ac Extended examples 2016-07-27 13:40:19 +02:00
Michael Boelen 17ab4708ec Removed --info from options, as it has been replaced with 'lynis update info' 2016-07-27 12:17:18 +02:00
Michael Boelen ff3f13cdd0 Make Lynis run in quick mode by default 2016-07-27 12:14:25 +02:00
Michael Boelen abf34b56b6 Rephrase suggestion 2016-07-27 09:55:06 +02:00
Michael Boelen f9a4348f10 Uppercase tests: detect them properly as atomic tests. 2016-07-26 16:01:38 +02:00
Michael Boelen d23e4b0fa5 Changed header and footer of screen output 2016-07-26 16:00:36 +02:00
Michael Boelen 2d2398714a More spacing in report 2016-07-26 15:33:52 +02:00
Michael Boelen 64075a8497 Replaced function with generic echo, as functions are not available yet 2016-07-26 15:20:18 +02:00
atao60 0b5b4a47a3 Display function creates wrong indentation of result column (#237) 2016-07-26 15:00:05 +02:00
Michael Boelen 532e242a2f Style changes 2016-07-26 14:58:04 +02:00
Michael Boelen 019203e7e8 Typo fix 2016-07-26 14:35:47 +02:00
n[oO]ne 7dbe80c7a4 Make time test 3106 work again (#239) 
There was a little typo in the test
 2016-07-25 09:59:41 +02:00
Michael Boelen 37763dcf4f [DBS-1880] Detection for redis 2016-07-24 19:46:45 +02:00
Michael Boelen 6d6cd79a82 Improve detection and display of gzipped changelog 2016-07-24 17:54:59 +02:00
Michael Boelen 773c410a02 Update remaining items for categories and groups 2016-07-24 17:24:09 +02:00
Michael Boelen 2f4c854ba7 Rename of categories, introduction of groups 2016-07-24 17:22:00 +02:00
Michael Boelen ee9d7963e7 Add 'lynis show changelog' to display release details 2016-07-24 15:40:55 +02:00
Michael Boelen 9a2dcc9dec Add DisplayError for showing errors on screen 2016-07-24 13:11:32 +02:00
Michael Boelen 65eaeb7ce9 Add header as color 2016-07-24 13:05:36 +02:00
Michael Boelen c1d351fe32 Add bold as color 2016-07-24 11:43:18 +02:00
Michael Boelen 64348b772c Add category and display more details about tests 2016-07-24 11:42:50 +02:00
Michael Boelen ccb39d5e52 [PHP-2374] Changed text and cleanups 2016-07-22 15:46:25 +02:00
Michael Boelen 7f25a1f00e Remove colors properly with one function (contribution: Mike Slifcak at Pindrop 2016-07-18 19:58:32 +02:00
Michael Boelen 75d8824d8f Add 'update check' as example 2016-07-18 10:34:10 +02:00
Michael Boelen 6b92407234 Add 'update check' functionality 2016-07-18 10:33:52 +02:00
Michael Boelen d02cb095da [PHP-2376] Log to discovered item to report instead of logfile 2016-07-16 16:28:43 +02:00
Michael Boelen 7ec51cdae0 Only use license key when it is defined 2016-07-14 15:26:46 +02:00
n[oO]ne 8aeba9fa3d fix: Test names are different. (#228) 
After changes in 9aa5736 the test names are different. This results in something like BOOT-5122 = boot-5122 and skipped test aren't skipped anymore.
 2016-07-14 13:49:20 +02:00
Michael Boelen 9aa57362e6 Show all tests uppercase and remove first space from list for correct display 2016-07-13 13:21:35 +02:00
Michael Boelen dd378a0ca3 Allow showing categories, logfile, report, and test details 2016-07-13 13:20:55 +02:00
Michael Boelen f9011c43e6 Exit cleanly when displaying categories 2016-07-13 11:12:31 +02:00
Michael Boelen 09aa31bb5c Minor code cleanup 2016-07-12 20:32:49 +02:00
Michael Boelen 07a113e46e Set initial value for language and improve auto detection 2016-07-12 20:32:15 +02:00
Michael Boelen cb76421d9c Proper display of tool tips configuration, while not showing tips when using show module 2016-07-12 20:09:10 +02:00
Michael Boelen c090e73ca1 Add blue colors for tips 2016-07-11 20:06:46 +02:00
Michael Boelen 38e6ff18d4 Merge and initial changes for new tests FILE-6344 and FILE-6430 2016-07-11 19:57:45 +02:00
Lukas Pirl 9a5647f66c added test FILE-6337: check if /proc mounted with hidepid=(1|2) (#225) 
to hide users' sensitive files in /proc from other users
  (see `man proc` for details)
 2016-07-11 16:48:25 +02:00
Lukas Pirl f19f5927a5 added test for AllowAgentForwarding being turned off (#222) 
for reasons, see links below:
  https://wiki.mozilla.org/Security/Guidelines/OpenSSH#SSH_agent_forwarding
  https://heipei.github.io/2015/02/26/SSH-Agent-Forwarding-considered-harmful/
 2016-07-11 11:25:51 +02:00
Michael Boelen 576e11b995 [BOOT-5122] Extended password check 2016-07-11 11:24:52 +02:00
Michael Boelen 09a9b80fde Merge branch 'master' of https://github.com/CISOfy/lynis 2016-07-11 11:21:08 +02:00
ratrop cd2429688b Update tests_boot_services (#201) 
Added detection of password for Grub2 in Ubuntu 14.04 LTS. Previous version doesn't detect it.
 2016-07-11 11:20:05 +02:00
Michael Boelen 648d043b0a [FILE-6430] initial import and changes 2016-07-11 11:18:53 +02:00
Michael Boelen d1c8cd3d05 Merge branch 'master' of https://github.com/CISOfy/lynis 2016-07-11 10:32:30 +02:00
Michael Boelen 52317de56c Set date of break lines to similar format as normal log entries 2016-07-11 10:32:00 +02:00
Yann ILAS a62a09d9e4 Remove the support of some filesystems (#205) 
For now keeping the test as-is and merge.
 2016-07-11 10:24:38 +02:00
Michael Boelen 74c9513fbb [HTTP-6632] fix for proper detection of Apache modules 2016-07-11 09:49:24 +02:00
Michael Boelen 13c228fd2d Add --configured-only option to lynis show settings 2016-07-05 19:57:11 +02:00
Michael Boelen 1655b5728b Disable color status and clear blue color 2016-07-05 19:56:38 +02:00
Michael Boelen 467c30b16b Start of migration of deprecated profile options 2016-07-05 19:56:13 +02:00
Michael Boelen b44acc16e0 Disable upload compression for now 2016-07-05 19:55:45 +02:00
Michael Boelen 474455d18b Define colors 2016-07-05 19:55:31 +02:00
Michael Boelen f8bee58ade Implement tooltips 2016-07-05 18:18:54 +02:00
Michael Boelen bac442c6fe Migrate to new options, including skip-plugins 2016-07-05 17:26:27 +02:00
Michael Boelen 75786a1c80 Added DisplayToolTip 2016-07-05 17:25:19 +02:00
Michael Boelen 0c5387f1fe Migration to new profile names and store the related settings 2016-07-05 16:49:36 +02:00
Michael Boelen bdf9a5cf04 Add lynis show settings with --brief and --nocolors options 2016-07-05 16:49:10 +02:00
Michael Boelen 5778d4fa0d Add fuctions: AddSetting, DiscoverProfiles, ParseProfiles 2016-07-05 16:47:32 +02:00
Michael Boelen 8b8a1a9b66 [CRYP-7902] Use SSL paths as configured by profile 2016-07-05 16:46:50 +02:00
Michael Boelen 998af3d7de Add variable for settings and SSL paths 2016-07-05 16:45:27 +02:00
Michael Boelen 6c24c198ee [PRNT-2306] Check if files are readable before parsing them 2016-07-05 12:19:43 +02:00
Michael Boelen fbd24b585a Rename Maid to CleanUp 2016-07-05 12:16:49 +02:00
Michael Boelen 72ca2b926d [AUTH-9254] Only let root use this test, due to permissions 2016-07-05 12:10:32 +02:00
Michael Boelen c181a5745f [AUTH-9288] Only check for accounts which have a maximum password age set 2016-07-05 10:51:59 +02:00
Michael Boelen d9b609ed98 Do not provide a tip about uploading data when user is already doing that 2016-07-05 10:40:07 +02:00
Michael Boelen a1ebc18a76 Don't override variables of ReportDetails functions on every parameter 2016-06-30 11:34:27 +02:00
Michael Boelen 114d95c475 [AUTH-9234] Test for minimal UID number via /etc/login.defs 2016-06-30 11:30:58 +02:00
Michael Boelen 6861e8065f Improve screen output 2016-06-18 11:15:39 +02:00
Michael Boelen 87efe5651f Replaced text strings to allow translations 2016-06-18 11:15:11 +02:00
Michael Boelen b553f01b2a Allow long lines of text by resetting number of spaces to 0 when needed 2016-06-18 11:14:50 +02:00
Michael Boelen 983e293eb1 Replaced text strings to allow translations 2016-06-18 11:14:01 +02:00