tyler.durden
/
lynis
mirror of https://github.com/CISOfy/lynis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
3,573 Commits 2 Branches 62 Tags 17 MiB
Commit Graph

2297 Commits

Author SHA1 Message Date
Thomas Sjögren fe5990f208 remove whitespaces 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2022-08-23 11:56:25 +02:00
Thomas Sjögren 975712a616 add plocate 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2022-05-15 23:58:43 +02:00
Thomas Sjögren e124499e27 Only test Compression if sshd version < 7.4 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2022-05-04 10:51:35 +02:00
Michael Boelen 0664dea946
Merge branch 'master' into symlink_file 2022-03-14 11:54:03 +01:00
Michael Boelen e2781677ba
[KRNL-5820] small changes to prevent using ROOTDIR and resetting it, also showing additional paths in screen output 2022-03-14 11:48:30 +01:00
Michael Boelen ff3f24bbba
Merge pull request #1265 from rfrohl/alternative_path_security-limits 
[KRNL-5820] additional path for security/limits.conf
 2022-03-14 11:30:29 +01:00
Wojciech Banaś 4098236412 #1270 added finding configuration files in the "etc" directory, even if they are symlinks 2022-02-14 13:23:20 +01:00
Michael Boelen 4f382331b3
Renumbered new test PKGS-7346 to PKGS-7200 2022-02-10 14:26:38 +01:00
Michael Boelen 8afa7d93fe
Merge pull request #1254 from pyllyukko/pam_faillock 
Check for pam_faillock in AUTH-9408
 2022-02-10 14:18:19 +01:00
Michael Boelen 59d1d8acd8
Merge pull request #1247 from devnull-hub-lab/patch-1 
Update mod_security module version
 2022-02-10 12:05:43 +01:00
Michael Boelen 0830a745cc
Merge pull request #1250 from JensChrG/master 
Dont write over FIND variable. Fixes #1021
 2022-02-10 12:03:46 +01:00
Michael Boelen cd433e928e
Merge pull request #1205 from kolenichsj/alpine_apk 
Adding support for Alpine Package Keeper
 2022-02-10 12:00:38 +01:00
Michael Boelen e0b5dcf7d4
Merge pull request #1226 from konstruktoid/1220 
Extend HasCorrectCheckPermissions logging
 2022-02-10 11:52:11 +01:00
Michael Boelen 7fbcede421
Merge pull request #1235 from zwack-am/master 
Updated PAM_FILES_LOCATION for AARCH64
 2022-02-10 11:49:21 +01:00
Michael Boelen 66f93f0275
Removed bashism: == 2022-02-10 09:35:41 +01:00
Michael Boelen 4ecd03598f
Merge pull request #1225 from konstruktoid/ISSUE1214 
add symlink support to HasCorrectFilePermissions and IsWorldWritable
 2022-02-08 11:27:29 +01:00
Robert Frohl 14fd7dabc8
[KRNL-5820] additional path for security/limits.conf 
Changes the user facing output to display a full path, allowing the user to
better grasp which security/limits.conf file is affected.

fix issue #1264
 2022-02-04 13:51:36 +01:00
Michael Boelen b0ca58895b
[KRNL-5788] Only run relevant tests and improved logging 2022-01-31 17:07:41 +01:00
Michael Boelen 8604431e19
Merge pull request #1261 from jsegitz/reboot_test 
check /boot/vmlinuz as a symlink in the reboot test
 2022-01-31 16:38:38 +01:00
Steve Kolenich eb46f39c44 Merge remote-tracking branch 'origin/master' into alpine_apk 2022-01-31 10:05:26 -05:00
Michael Boelen a0e9e3d363
Merge pull request #1263 from pyllyukko/needs_restarting 
KRNL-5830: Check for /var/run/needs_restarting
 2022-01-31 15:07:50 +01:00
Michael Boelen e5f5750bfa
Improved log message 2022-01-31 13:55:55 +01:00
Michael Boelen 98f57d6d76
Added MALW-3274 to detect McAfee VirusScan Command Line Scanner 2022-01-31 13:29:11 +01:00
pyllyukko 12ad1ca6bd KRNL-5830: Check for /var/run/needs_restarting 
Creating this file was introduced in slackpkg version 15.0.10.
 2022-01-25 18:59:36 +02:00
Johannes Segitz 521487310f check /boot/vmlinuz as a symlink in the reboot test 2022-01-25 09:55:52 +01:00
Michael Boelen 28409265db
Switch to array type for account_without_password 2022-01-18 14:23:39 +01:00
pyllyukko 3153c89c87
Check for pam_faillock in AUTH-9408 
pam_tally2 was removed in PAM 1.5.0 and pam_faillock has replaced it.
 2022-01-12 19:09:42 +02:00
Steve Kolenich 302b52c55d Merge remote-tracking branch 'upstream/master' into alpine_apk 2022-01-11 09:19:19 -05:00
Jens Christian Gram f81aff384c Dont write over FIND variable. Fixes #1021 2022-01-01 18:55:01 +01:00
Rafael Grether 6c5ddb9cc2
Update mod_security module version 
Update ModSecurity version. Actual version: 3

Issue #1246
 2021-12-16 15:41:18 -03:00
Adam Morris 11306422ac
Corrected a minor typo 2021-11-20 05:23:34 +00:00
Adam Morris 0eb92f5291
Added the aarch64-linux-64 path 
This resolves Issue #1234
 2021-11-20 05:19:37 +00:00
Michael Boelen 2d16c60da1
Merge pull request #1209 from mrpjl/master 
Added Funtoo Linux to osdetection
 2021-11-18 11:08:06 +01:00
Michael Boelen 7674a08ab8
Merge pull request #1202 from digitalcheetah/openrc 
Adding OpenRC to boot service test
 2021-11-18 11:06:14 +01:00
Michael Boelen 5f113f5699
Merge pull request #1223 from konstruktoid/ISSUE1219 
allow unknown number of spaces in modprobe blacklists
 2021-11-18 11:04:52 +01:00
Lahfa Samy c45e502796 Add Garuda Linux to audit package test tool 2021-11-16 22:28:10 +01:00
Thomas Sjögren 3bfff0ca62 present expected permission value in octal 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2021-11-08 13:29:51 +01:00
Thomas Sjögren f2e49ba74c add symlink support to HasCorrectFilePermissions and IsWorldWritable 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2021-11-08 12:26:20 +01:00
Thomas Sjögren 9819ac4023 allow unknown number of spaces in modprobe blacklists 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2021-10-26 10:53:33 +02:00
Prajwal e7c8b235bb Added Funtoo Linux to osdetection 2021-09-26 16:57:07 +05:30
Steve Kolenich a4bee8a329 Added two tests using apk (Alpine Package Keeper) to check for 
installed packages and packages that can be upgraded
 2021-09-01 16:00:01 -04:00
Jay Keller 3699484712
Merge branch 'CISOfy:master' into openrc 2021-08-15 07:36:09 +00:00
Michael Boelen 43054c0999
Added 'RedHat' to OS detection routine (RHEL 6) 2021-07-30 08:17:03 +02:00
Michael Boelen da90488fe6
Merge pull request #1142 from konstruktoid/aideloc 
add support for additional Aide db paths
 2021-07-29 14:57:00 +02:00
Michael Boelen 480cf7e6d1
Merge pull request #1193 from zcrayfish/patch-1 
Use posix grep/egrep options, fixing issue #1166
 2021-07-29 14:53:52 +02:00
Michael Boelen 32e2dc313d
Merge pull request #1194 from zcrayfish/patch-2 
grep options change from gnu to posix
 2021-07-29 14:52:56 +02:00
Michael Boelen 9ba09ac408
Update tests_networking 2021-07-29 14:52:29 +02:00
Glowsome d59970ef16 Update tests_databases 
Add mariadb as binary to check
 2021-07-28 17:25:04 +02:00
Michael Boelen c74bc10db8
Added MALW-3290, Trend Micro malware agent detection, added agent and rootkit scanner status 2021-07-27 10:44:08 +02:00
Zachary Lee Andrews 55cc7215ea
grep options change from gnu to posix 
fix issue #1167
 2021-07-23 22:44:36 -04:00
Zachary Lee Andrews 886adae4ef
Use posix egrep options, fixing issue #1166 2021-07-23 22:38:31 -04:00
Michael Boelen 923f60d420
Merge pull request #1173 from rchekaluk/master 
Kernel 5.8 permits hidepid textual values
 2021-07-22 11:00:03 +02:00
Michael Boelen 755abdc556
Merge pull request #1137 from teoberi/Lynis-with-PostgreSQL-13.1---test-ID-DBS-1826/DBS-1828 
Lynis with PostgreSQL 13.1 test ID DBS-1826/DBS-1828
 2021-07-21 17:22:17 +02:00
Michael Boelen b0bee65843
KRNL-5830: sort kernels by version (ls -v) instead of date on disk (ls -t) 2021-07-21 15:26:48 +02:00
Michael Boelen ad5909372d
PKGS-7410: don't show exception for systems running LXC 2021-07-21 13:16:08 +02:00
Michael Boelen 8f6a373f6b
Merge pull request #1153 from Idesmi/patch-1 
Added openSUSE MicroOS
 2021-07-20 23:29:10 +02:00
Michael Boelen 93a681006f
Merge pull request #1169 from al-lac/macos-detection 
Fix Big Sur Detection and add macOS Monterey
 2021-07-20 21:07:11 +02:00
Michael Boelen 71c15afbd1
Added missing quote 2021-07-20 16:32:18 +02:00
Michael Boelen 20be0f61e3
Merge pull request #1188 from digitalcheetah/artix-linux 
Adding Artix Linux to osdetection
 2021-07-20 11:34:17 +02:00
Michael Boelen 6d6e160100
Merge branch 'master' of https://github.com/CISOfy/lynis 2021-07-20 11:32:05 +02:00
Michael Boelen 3a03af42aa
Fix: show 'egrep' instead of 'grep' when egrep is missing 2021-07-20 11:31:18 +02:00
Michael Boelen 6755ac45c2
Replaced tab with space 2021-07-20 11:30:23 +02:00
Michael Boelen e0a5555715
Merge pull request #1186 from just-some-tall-bloke/patch-1 
Added detection for NethServer
 2021-07-15 13:16:09 +02:00
Michael Boelen aa91bb4c85
Corrected syntax 2021-07-12 15:21:35 +02:00
Jay Keller cd632059e0
Adding OpenRC to boot services detection 2021-07-11 04:39:36 +00:00
digitalcheetah 2816ed5598
Adding Artix Linux to osdetection 2021-07-11 04:25:38 +00:00
just-some-tall-bloke e2aa40665c
Update osdetection 
Added NethServer

https://www.nethserver.org/
 2021-07-09 11:06:12 +02:00
Michael Boelen 7867759750
Dropping option to filter by label as newer versions of 'ip' give another result (no output) 2021-07-08 15:18:20 +02:00
Michael Boelen 5d96098a82
Switched order for interface detection on Linux 2021-07-08 14:54:49 +02:00
Michael Boelen 97e435ffe8
Add fallbacks for hostid generation and improve logging 2021-07-08 13:39:13 +02:00
Michael Boelen da024079f1
Improve HostID generation and logging 2021-07-02 14:23:53 +02:00
Rob Chekaluk b556450364 FILE-6344: support hidepid textual values 2021-06-21 08:53:43 -04:00
Alexander Lackner fff5df170e Fix Big Sur Detection and add macOS Monterey 2021-06-15 20:49:00 +02:00
Michael Boelen 54684aaac5
Merge pull request #1158 from jhe2/wc-argument-fix 
[HRDN-7231] When calling wc, use the short -l flag instead of --lines…
 2021-06-03 13:46:58 +02:00
Michael Boelen 922f822133
Merge pull request #1157 from mhdry/test-arch32-audit 
Test PKGS-7320 extended to "Arch Linux 32"
 2021-06-03 13:46:06 +02:00
Johannes Heimansberg 5666ed0a6d [HRDN-7231] When calling wc, use the short -l flag instead of --lines to make it work with busybox's wc implementation also 2021-05-21 19:51:53 +02:00
Michael Boelen d23c722c04
Removed trailing spaces 2021-05-20 08:30:54 +02:00
Michael Boelen 54f9281040
Added BunsenLabs detection 2021-05-20 08:28:54 +02:00
Marc Hendry 13bf829461 Test PKGS-7320 extended to "Arch Linux 32" 
PKGS-7320 checks whether package arch-audit is installed. This test has been
extended to test ${OS_FULLNAME} for both "Arch Linux" as well as "Arch Linux 32".
 2021-05-19 14:43:55 +02:00
Marc Hendry b339145b84 Added Arch Linux 32 2021-05-14 16:04:07 +02:00
Idesmi 7044d7647e
Added openSUSE MicroOS 2021-05-14 11:00:39 +02:00
Michael Boelen efc71ae6bb
Merge pull request #1119 from NicolaiSoeborg/add-MOR-bit-check 
Check MemoryOverwriteRequest Control
 2021-05-11 19:56:55 +02:00
Michael Boelen 4cfd59d60c
Merge pull request #1135 from pyllyukko/typo-fix 
Small typo fix in ACCT-9622 LogText
 2021-05-11 19:54:15 +02:00
Michael Boelen d694afadd6
Update osdetection 2021-05-11 16:56:39 +02:00
Fred e1d49ff007 Added detection of Rocky Linux to include/osdetection 2021-05-11 10:15:23 -04:00
Michael Boelen 32143f6377
Merge pull request #1139 from teoberi/New-test-BOOT-5140---Check-for-ELILO-boot-loader-presence 
New test: BOOT-5140 - Check for ELILO boot loader presence
 2021-05-11 11:21:33 +02:00
Michael Boelen 2ee335503d
Merge pull request #1143 from jhe2/logg-2138-metalog 
[LOGG-2138] Do not check for klogd when metalog is being used
 2021-05-11 11:14:27 +02:00
Michael Boelen b941d7fccb
Added Manjaro (ARM) 2021-05-11 11:12:23 +02:00
Michael Boelen ac313553fb
Added AlmaLinux 2021-05-11 11:03:43 +02:00
Johannes Heimansberg 0a5dfbe5e2 [LOGG-2138] Do not check for klogd when metalog is being used 
Metalog comes with its own kernel logger, so there is no need to also run klogd.
 2021-05-04 10:50:56 +02:00
Thomas Sjögren ed3d75872e add support for additional Aide db paths 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2021-04-30 22:07:42 +02:00
Michael Boelen db033ed320
Merge pull request #1138 from jhe2/b1134 
[BOOT-5104] Add service manager detection support for runit
 2021-04-29 09:56:22 +02:00
Michael Boelen 0506d4467a
Merge pull request #1105 from afunix/1103-blacklisted-modules 
1103: FILE-6430 reports suggestion only when at least one kernel module is not in the blacklist
 2021-04-28 09:41:59 +02:00
Johannes Heimansberg 1d45d5534e [BOOT-5104] Add service manager detection support for runit 
This fixes issue #1134.
 2021-04-25 10:54:00 +02:00
Michael Boelen f41a2ead38
Merge pull request #1130 from ocafebabe/cmd_support 
Initial draft for Cmd support
 2021-04-15 08:35:31 +02:00
Michael Boelen 95d2ae0dee
Update tests_accounting 
Added condition
 2021-04-15 08:34:56 +02:00
Michael Boelen 032ba73987
Merge pull request #1136 from murin-matus/patch-1 
Add missing bracket in 4402
 2021-04-15 08:33:30 +02:00
Michael Boelen dc0cb691e0
Merge pull request #1128 from nberlee/nft-empty-fix 
nftables empy ruleset test fix by reorder --stateless
 2021-04-15 08:33:02 +02:00
Matus Murin 010e68789e
Add missing bracket in 4402 2021-04-14 14:52:04 +00:00
pyllyukko a8beb37e82
Small typo fix in ACCT-9622 LogText 2021-04-12 22:51:34 +03:00