tyler.durden/lynis
1
0
Fork 0
mirror of https://github.com/CISOfy/lynis.git synced 2025-04-08 17:15:25 +02:00
Code Issues Packages Projects Releases Wiki Activity
3,443 Commits 2 Branches 63 Tags
Commit Graph

317 Commits

Author SHA1 Message Date
Michael Boelen
cd433e928e
Merge pull request #1205 from kolenichsj/alpine_apk 
Adding support for Alpine Package Keeper
 2022-02-10 12:00:38 +01:00
Michael Boelen
e0b5dcf7d4
Merge pull request #1226 from konstruktoid/1220 
Extend HasCorrectCheckPermissions logging
 2022-02-10 11:52:11 +01:00
Thomas Sjögren
3bfff0ca62 present expected permission value in octal 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2021-11-08 13:29:51 +01:00
Thomas Sjögren
f2e49ba74c add symlink support to HasCorrectFilePermissions and IsWorldWritable 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2021-11-08 12:26:20 +01:00
Steve Kolenich
a4bee8a329 Added two tests using apk (Alpine Package Keeper) to check for 
installed packages and packages that can be upgraded
 2021-09-01 16:00:01 -04:00
Michael Boelen
aa91bb4c85
Corrected syntax 2021-07-12 15:21:35 +02:00
Michael Boelen
7867759750
Dropping option to filter by label as newer versions of 'ip' give another result (no output) 2021-07-08 15:18:20 +02:00
Michael Boelen
5d96098a82
Switched order for interface detection on Linux 2021-07-08 14:54:49 +02:00
Michael Boelen
97e435ffe8
Add fallbacks for hostid generation and improve logging 2021-07-08 13:39:13 +02:00
Michael Boelen
da024079f1
Improve HostID generation and logging 2021-07-02 14:23:53 +02:00
Michael Boelen
da1c1eca10
Preparation for release 3.0.3 2021-01-07 15:22:19 +01:00
Brian Ginsbach
89403f1494 Multiple platform support in Register 
Support specifying multiple platforms with `--platform`. Useful as
not all operating systems identify identical hardware (platforms)
with the same name (example x86_64 and amd64).
 2020-12-31 21:02:04 -06:00
Simon Biewald
73f39baca8 Use first e1000 interface and break after match 
Fixes CISOfy/lynis#1075.

Before this commit, the interfaces "e1000g1" and "net0" were allowed.
The name "e1000g0" is appended to the list.
After finding an interface, the loop is interrupted now. As previously
"net0" was always used, even if another interface was available, the list
is reordered to "net0 e1000g1 e1000g0" to not break previous generations.

A typo is also fixed ("No interface found op Solaris ..." -> "No
interface found on").

Signed-off-by: Simon Biewald <simon@fam-biewald.de>
 2020-11-14 22:56:42 +00:00
Josh Soref
eadd2a8ed8 spelling: indentation 
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
 2020-11-08 23:38:46 -05:00
Michael Boelen
7930644b6c
Merge branch 'master' into fix_nginx_parser 2020-10-22 08:43:44 +02:00
Thomas Sjögren
3124a04ce9 require pgrep before usage 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2020-10-21 11:27:44 +02:00
Michael Boelen
92df49d08e
Merge pull request #973 from igloonet/fix/functions-parse-nginx-abs-path 
Support absolute paths in nginx includes and fix ls warning on empty directories
 2020-10-20 13:38:08 +02:00
Jimver
554dd2d5e9
Better log message 2020-08-27 12:57:22 +02:00
Jimver
e6891feeb4
Remove newline 2020-08-27 12:52:59 +02:00
Jimver
cd94da3449
Use shell wildcard expansion now 2020-08-27 12:50:48 +02:00
Jimver
6f6e21add2
Fix wildcard expansion, absolute path handling and output to stderr 2020-08-26 16:38:35 +02:00
Kepi
a2e752a8db [functions] ParseNginx: Ignore empty included wildcards 
Its ok to have empty directories included. We should not output errors with
lsbinary unable to find anything there.
 2020-07-07 15:38:19 +02:00
Kepi
de18ddc2c0 [functions] ParseNginx: Support include on absolute paths 
Includes can be absolute paths too. This is quick fix counting on fact that
absolute paths have slash at start.
 2020-07-07 15:37:56 +02:00
Kepi
f94817f66f Command line option for slow test threshold 
IMHO it should be OK to run long tests if we count with it.

Example:

    lynis audit system --slow-warning 300

Will warn when test takes longer than 300 seconds, instead of default 10.
 2020-07-02 23:42:28 +02:00
Michael Boelen
871f95cbf3
Use BSD style format when calling stat 2020-06-26 09:53:23 +02:00
Thomas Sjögren
51dfc34663 accept more restrictive file permissions 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2020-04-22 10:34:58 +02:00
Michael Boelen
c368846a08
Added support to require a detected and known package manager 2020-04-06 20:47:45 +02:00
Michael Boelen
b5a2d11738
Added fallback for awk/tr, small code enhancement, added note 2020-04-02 09:28:41 +02:00
Michael Boelen
156f740ff2
The IsRunning function may have not everything defined early on, so added a fallback 2020-04-01 19:02:11 +02:00
Michael Boelen
a38e2b535e
Corrected case where binaries were not checked while we do want to use dmidecode if it available 2020-03-31 16:31:41 +02:00
Michael Boelen
53ad72e791
Removed unneeded complexity regarding dmidecode, as binary checks are already done at this point 2020-03-31 16:25:27 +02:00
Brian Ginsbach
eb7dbab1ee Add pkg_info to PackageIsInstalled 
The `pkg_info` command is used on a system using NetBSD pkgsrc to
determine which packages are installed.
 2020-03-30 14:12:36 -05:00
Michael Boelen
38310223a6
Updated date/year 2020-03-20 14:50:25 +01:00
Kevin
42b2831f75 add basic xbps/void support 2020-02-21 08:06:24 +01:00
Michael Boelen
f35a08ad28
Quoting should not be used when globbing 2019-12-13 12:40:29 +01:00
Michael Boelen
1b4b02d813
Decrease length of line breaks between tests 2019-12-13 12:36:19 +01:00
Michael Boelen
fd84be485b
Improved permission check for BSD systems 2019-12-13 12:34:56 +01:00
Michael Boelen
cad55d8bec
Merge pull request #802 from dvehrs/HCFP 
Updated permissions checks
 2019-11-25 15:28:00 +01:00
Michael Boelen
a07fcb3348
Add USR1 trap to show status such as active test 2019-11-18 10:19:43 +01:00
Dave Vehrs
6dad2f476e Updated permissions checks 2019-10-23 12:31:20 -06:00
Kristian Schuster
d17d30d6a7
nginx-test: add log file detection for relative paths 2019-09-26 21:24:15 +02:00
Michael Boelen
e64e49a551
Merge pull request #763 from Marzal/Marzal-F_isRunning 
Second version of #740 without shellcheck directives
 2019-09-22 15:07:53 +02:00
Michael Boelen
a1b6d463b2
Fixed a typo 2019-09-21 16:31:06 +02:00
Marzal
ddd87371b5 Double quote to prevent globbing and word splitting.SC2086 Info 2019-09-19 20:01:31 +02:00
Marzal
09a60783a6 Prefer [ p ] && [ q ] as [ p -a q ] is not well defined.SC2166 2019-09-19 20:00:12 +02:00
Michael Boelen
f389cc5d99
Merge pull request #761 from Schmuuu/master 
enhance nginx include config detection …
 2019-09-19 14:21:32 +02:00
Michael Boelen
36627a4eb7
Style improvements 2019-09-19 14:05:15 +02:00
Kristian Schuster
ccb8b2b615
enhance nginx config detection to correctly include confs via relative path and wildcards 2019-09-18 20:47:09 +02:00
Michael Boelen
98017c78ca
Implemented several code style improvements 2019-09-17 14:04:30 +02:00
Michael Boelen
95e9e80834
Moved function 2019-09-14 13:23:28 +02:00