tyler.durden
/
lynis
mirror of https://github.com/CISOfy/lynis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
3,808 Commits 2 Branches 63 Tags 18 MiB
Commit Graph

2448 Commits

Author SHA1 Message Date
Michael Boelen d0c855d19b
Merge branch 'master' into issue-1338 2023-08-07 10:06:12 +02:00
al-lac 461edd3e1f Add OS support for macOS Sonoma (14.x) 2023-08-07 09:55:28 +02:00
rpmbuild 6e3cea8c87 use grep -E instead of egrep if possible 2023-07-30 09:37:10 +02:00
Jay Keller 5214132e97
Update osdetection with LSDK 
This should close issue #1393.
 2023-06-10 11:20:10 +00:00
Jay Keller be5a63a45b
Update osdetection with Guix 
Closes issue #1379
 2023-06-10 11:03:48 +00:00
Xavier Noguer d26a98ca19 Checking debsums default file to make sure cron jobs are enabled 2023-06-02 09:16:28 +00:00
Xavier Noguer 6963e4e408 Updating parsing of arch-audit since arch-audit modified its output 2023-05-30 14:56:11 +00:00
Ben Perry aa7085bf92
Update tests_malware 2023-05-30 18:19:46 +10:00
Xavier Noguer 1e70cd0b92 Fixing missing or erroneous test number comments 2023-05-30 08:04:36 +00:00
Xavier Noguer 9f36e17ee0 Added tests considering Wazuh for file integrity and tooling 2023-05-23 15:07:42 +00:00
Xavier Noguer dbf263dbbd Looking for configuration files in all /usr/local/pgsql/data* directories 2023-05-20 15:58:12 +00:00
Xavier Noguer 6fdfa0a012 Replacing deprecated option -i 2023-05-19 23:12:39 +00:00
Xavier Noguer ae129b24be Adding missing test number for suggestion 2023-05-18 22:02:30 +00:00
Ian Chesal 1aba2b1409 feat(cos): Add detection for Google's Container-Optimized OS 2023-05-10 17:04:57 -04:00
Armin Kuster 2b82fa6eba osdetection: add OpenEmbedded and Poky 
Signed-off-by: Armin Kuster <akuster@mvista.com>
 2023-05-03 07:38:38 -04:00
xnoguer e1cb35f28f Adding package libpam-passwdqc as suggestion 2023-04-27 17:31:32 -04:00
xnoguer 68da1d2b92 Fixing test on kernel major and minor version 2023-04-26 17:38:42 -04:00
xnoguer 7d494da5c4 Checking for errors, not only warning in docker info output 2023-04-25 10:06:02 -04:00
xnoguer c845cecb6f Fixing test 2023-04-23 19:00:16 -04:00
xnoguer c7b73837db Removing changes from another branch 2023-04-23 17:44:44 -04:00
xnoguer 6f1797fb59 Using grep -E 2023-04-23 17:38:21 -04:00
xnoguer fd64aa24d6 Adding test MALW-3291 in order to solve issue 1322 (related to issue 994) 2023-04-18 16:46:19 -04:00
xnoguer 833508a590 Adding php.ini files for versions 8.0, 8.1 and 8.2 2023-04-05 15:58:26 -04:00
Johannes Segitz 349975103f tests_mac_frameworks: check for existance of semanage binary. It's not 
installed everywhere, causing this error message:
/usr/share/lynis/include/tests_mac_frameworks: line 161: permissive: command not found
/usr/share/lynis/include/tests_mac_frameworks: line 162: permissive: command not found
 2023-02-23 14:15:16 +01:00
al-lac ef3a8338a0 osdetection: add macOS Ventura 2023-01-27 15:12:17 +01:00
pyllyukko 31c22f2daa
Added "prosecute" & "report" to LEGAL_BANNER_STRINGS 
https://xkcd.com/838/
 2023-01-05 14:43:29 +02:00
pyllyukko 91ff939d19
KRNL-5820: Accept ulimit with -H parameter also 2023-01-03 17:53:23 +02:00
pyllyukko 051052cc15
Added Slackware support for PackageIsInstalled() function 2022-11-17 18:47:44 +02:00
Alan Gonzalez 4edbce250b
Update profiles 2022-10-28 14:45:05 -04:00
Alan Gonzalez 8e9a95d887
Update profiles 2022-10-28 14:08:26 -04:00
HansHoogerwerf bbe135d56f
Fix space 2022-10-17 16:27:21 +02:00
HansHoogerwerf ff26dca83a
Fix simple mistake 2022-10-17 16:24:59 +02:00
HansHoogerwerf 98ac5a562a
Verify the linux OS supports nanoseconds 
Add extra check to verify the linux OS supports nanoseconds. This might not be the case with certain busybox implementations.
 2022-10-17 15:46:40 +02:00
Michael Boelen 490d39f580
Merge pull request #1292 from konstruktoid/issue1291 
Only test Compression if sshd version < 7.4
 2022-10-12 10:51:31 +02:00
Michael Boelen bf4fa9fabf
Merge pull request #1294 from konstruktoid/issue1288 
add plocate
 2022-10-12 10:48:25 +02:00
Ximalas 49bbf25abe
Update tests_database: Redis configuration file 
On FreeBSD the Redis configuration file is typically stored as /usr/local/etc/redis.conf.
 2022-09-26 10:05:39 +02:00
Michael Boelen 73d43c25eb
Moved section to discover current timestamp related to issue #1329 2022-09-17 14:49:26 +00:00
Zafer Balkan 2788d9fff3
Merge branch 'CISOfy:master' into wazuh-malware-scan 2022-08-29 15:40:23 +03:00
Michael Boelen 622f53247d
[DBS-1820] added newer style format for Mongo authorization setting 2022-08-24 11:42:22 +00:00
Thomas Sjögren 4f6eeb7537 remove file from path 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2022-08-24 10:17:54 +02:00
Thomas Sjögren fc62b39f34 find redis.conf if /snap directory exists 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2022-08-23 11:57:05 +02:00
Thomas Sjögren fe5990f208 remove whitespaces 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2022-08-23 11:56:25 +02:00
Zafer Balkan 3140a245da
Added wazuh-agent as a remote syslog capability 2022-08-05 15:45:35 +03:00
Zafer Balkan 32a39eaaf8
Added Wazuh agent as a rootkit scanner 
Wazuh is a fork of OSSEC and is being actively maintained. Wazuh agent has capabilities to detect and prevent rootkits. Therefore, it seems feasible to add wazuh-agent to the accepted rootkit detection products.

https://documentation.wazuh.com/current/pci-dss/rootkit-detection.html
 2022-07-20 21:50:26 +03:00
Zafer Balkan e4cd5eaede
Added Wazuh Agent as a malware scanner/antivirus 
Solves https://github.com/CISOfy/lynis/issues/1304

Wazuh is a fork of OSSEC and is being actively maintained. Wazuh agent has capabilities to detect and prevent malware acting as an EDR. Therefore, it seems feasible to add wazuh-agent to the accepted antivirus products.

https://documentation.wazuh.com/current/user-manual/capabilities/anomalies-detection/index.html
https://documentation.wazuh.com/current/pci-dss/rootkit-detection.html
 2022-07-20 21:41:55 +03:00
Fionn Fitzmaurice 74fdee1e33 Support Arch Linux ARM detection 2022-07-12 20:53:03 +08:00
Thomas Sjögren b3436629ce add check for ESET oaeventd 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2022-06-20 09:54:29 +02:00
Thomas Sjögren 225338a923 use systemctl get-default instead of following links 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2022-05-18 18:02:34 +02:00
Thomas Sjögren 975712a616 add plocate 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2022-05-15 23:58:43 +02:00
Thomas Sjögren e124499e27 Only test Compression if sshd version < 7.4 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2022-05-04 10:51:35 +02:00
mab974 f315c0b325
osdetection: add Koozali #1274 2022-04-13 13:42:21 +04:00
Skia 34d99f72f6 osdetection: add PostmarketOS 2022-03-17 23:28:34 +01:00
Michael Boelen 0664dea946
Merge branch 'master' into symlink_file 2022-03-14 11:54:03 +01:00
Michael Boelen e2781677ba
[KRNL-5820] small changes to prevent using ROOTDIR and resetting it, also showing additional paths in screen output 2022-03-14 11:48:30 +01:00
Michael Boelen ff3f24bbba
Merge pull request #1265 from rfrohl/alternative_path_security-limits 
[KRNL-5820] additional path for security/limits.conf
 2022-03-14 11:30:29 +01:00
Wojciech Banaś 4098236412 #1270 added finding configuration files in the "etc" directory, even if they are symlinks 2022-02-14 13:23:20 +01:00
Michael Boelen 4f382331b3
Renumbered new test PKGS-7346 to PKGS-7200 2022-02-10 14:26:38 +01:00
Michael Boelen 8afa7d93fe
Merge pull request #1254 from pyllyukko/pam_faillock 
Check for pam_faillock in AUTH-9408
 2022-02-10 14:18:19 +01:00
Michael Boelen 59d1d8acd8
Merge pull request #1247 from devnull-hub-lab/patch-1 
Update mod_security module version
 2022-02-10 12:05:43 +01:00
Michael Boelen 0830a745cc
Merge pull request #1250 from JensChrG/master 
Dont write over FIND variable. Fixes #1021
 2022-02-10 12:03:46 +01:00
Michael Boelen cd433e928e
Merge pull request #1205 from kolenichsj/alpine_apk 
Adding support for Alpine Package Keeper
 2022-02-10 12:00:38 +01:00
Michael Boelen e0b5dcf7d4
Merge pull request #1226 from konstruktoid/1220 
Extend HasCorrectCheckPermissions logging
 2022-02-10 11:52:11 +01:00
Michael Boelen 7fbcede421
Merge pull request #1235 from zwack-am/master 
Updated PAM_FILES_LOCATION for AARCH64
 2022-02-10 11:49:21 +01:00
Michael Boelen 66f93f0275
Removed bashism: == 2022-02-10 09:35:41 +01:00
Michael Boelen 4ecd03598f
Merge pull request #1225 from konstruktoid/ISSUE1214 
add symlink support to HasCorrectFilePermissions and IsWorldWritable
 2022-02-08 11:27:29 +01:00
Robert Frohl 14fd7dabc8
[KRNL-5820] additional path for security/limits.conf 
Changes the user facing output to display a full path, allowing the user to
better grasp which security/limits.conf file is affected.

fix issue #1264
 2022-02-04 13:51:36 +01:00
Michael Boelen b0ca58895b
[KRNL-5788] Only run relevant tests and improved logging 2022-01-31 17:07:41 +01:00
Michael Boelen 8604431e19
Merge pull request #1261 from jsegitz/reboot_test 
check /boot/vmlinuz as a symlink in the reboot test
 2022-01-31 16:38:38 +01:00
Steve Kolenich eb46f39c44 Merge remote-tracking branch 'origin/master' into alpine_apk 2022-01-31 10:05:26 -05:00
Michael Boelen a0e9e3d363
Merge pull request #1263 from pyllyukko/needs_restarting 
KRNL-5830: Check for /var/run/needs_restarting
 2022-01-31 15:07:50 +01:00
Michael Boelen e5f5750bfa
Improved log message 2022-01-31 13:55:55 +01:00
Michael Boelen 98f57d6d76
Added MALW-3274 to detect McAfee VirusScan Command Line Scanner 2022-01-31 13:29:11 +01:00
pyllyukko 12ad1ca6bd KRNL-5830: Check for /var/run/needs_restarting 
Creating this file was introduced in slackpkg version 15.0.10.
 2022-01-25 18:59:36 +02:00
Johannes Segitz 521487310f check /boot/vmlinuz as a symlink in the reboot test 2022-01-25 09:55:52 +01:00
Michael Boelen 28409265db
Switch to array type for account_without_password 2022-01-18 14:23:39 +01:00
pyllyukko 3153c89c87
Check for pam_faillock in AUTH-9408 
pam_tally2 was removed in PAM 1.5.0 and pam_faillock has replaced it.
 2022-01-12 19:09:42 +02:00
Steve Kolenich 302b52c55d Merge remote-tracking branch 'upstream/master' into alpine_apk 2022-01-11 09:19:19 -05:00
Jens Christian Gram f81aff384c Dont write over FIND variable. Fixes #1021 2022-01-01 18:55:01 +01:00
Rafael Grether 6c5ddb9cc2
Update mod_security module version 
Update ModSecurity version. Actual version: 3

Issue #1246
 2021-12-16 15:41:18 -03:00
Adam Morris 11306422ac
Corrected a minor typo 2021-11-20 05:23:34 +00:00
Adam Morris 0eb92f5291
Added the aarch64-linux-64 path 
This resolves Issue #1234
 2021-11-20 05:19:37 +00:00
Michael Boelen 2d16c60da1
Merge pull request #1209 from mrpjl/master 
Added Funtoo Linux to osdetection
 2021-11-18 11:08:06 +01:00
Michael Boelen 7674a08ab8
Merge pull request #1202 from digitalcheetah/openrc 
Adding OpenRC to boot service test
 2021-11-18 11:06:14 +01:00
Michael Boelen 5f113f5699
Merge pull request #1223 from konstruktoid/ISSUE1219 
allow unknown number of spaces in modprobe blacklists
 2021-11-18 11:04:52 +01:00
Lahfa Samy c45e502796 Add Garuda Linux to audit package test tool 2021-11-16 22:28:10 +01:00
Thomas Sjögren 3bfff0ca62 present expected permission value in octal 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2021-11-08 13:29:51 +01:00
Thomas Sjögren f2e49ba74c add symlink support to HasCorrectFilePermissions and IsWorldWritable 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2021-11-08 12:26:20 +01:00
Thomas Sjögren 9819ac4023 allow unknown number of spaces in modprobe blacklists 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2021-10-26 10:53:33 +02:00
Prajwal e7c8b235bb Added Funtoo Linux to osdetection 2021-09-26 16:57:07 +05:30
Steve Kolenich a4bee8a329 Added two tests using apk (Alpine Package Keeper) to check for 
installed packages and packages that can be upgraded
 2021-09-01 16:00:01 -04:00
Jay Keller 3699484712
Merge branch 'CISOfy:master' into openrc 2021-08-15 07:36:09 +00:00
Michael Boelen 43054c0999
Added 'RedHat' to OS detection routine (RHEL 6) 2021-07-30 08:17:03 +02:00
Michael Boelen da90488fe6
Merge pull request #1142 from konstruktoid/aideloc 
add support for additional Aide db paths
 2021-07-29 14:57:00 +02:00
Michael Boelen 480cf7e6d1
Merge pull request #1193 from zcrayfish/patch-1 
Use posix grep/egrep options, fixing issue #1166
 2021-07-29 14:53:52 +02:00
Michael Boelen 32e2dc313d
Merge pull request #1194 from zcrayfish/patch-2 
grep options change from gnu to posix
 2021-07-29 14:52:56 +02:00
Michael Boelen 9ba09ac408
Update tests_networking 2021-07-29 14:52:29 +02:00
Glowsome d59970ef16 Update tests_databases 
Add mariadb as binary to check
 2021-07-28 17:25:04 +02:00
Michael Boelen c74bc10db8
Added MALW-3290, Trend Micro malware agent detection, added agent and rootkit scanner status 2021-07-27 10:44:08 +02:00
Zachary Lee Andrews 55cc7215ea
grep options change from gnu to posix 
fix issue #1167
 2021-07-23 22:44:36 -04:00
Zachary Lee Andrews 886adae4ef
Use posix egrep options, fixing issue #1166 2021-07-23 22:38:31 -04:00
Michael Boelen 923f60d420
Merge pull request #1173 from rchekaluk/master 
Kernel 5.8 permits hidepid textual values
 2021-07-22 11:00:03 +02:00
Michael Boelen 755abdc556
Merge pull request #1137 from teoberi/Lynis-with-PostgreSQL-13.1---test-ID-DBS-1826/DBS-1828 
Lynis with PostgreSQL 13.1 test ID DBS-1826/DBS-1828
 2021-07-21 17:22:17 +02:00
Michael Boelen b0bee65843
KRNL-5830: sort kernels by version (ls -v) instead of date on disk (ls -t) 2021-07-21 15:26:48 +02:00
Michael Boelen ad5909372d
PKGS-7410: don't show exception for systems running LXC 2021-07-21 13:16:08 +02:00
Michael Boelen 8f6a373f6b
Merge pull request #1153 from Idesmi/patch-1 
Added openSUSE MicroOS
 2021-07-20 23:29:10 +02:00
Michael Boelen 93a681006f
Merge pull request #1169 from al-lac/macos-detection 
Fix Big Sur Detection and add macOS Monterey
 2021-07-20 21:07:11 +02:00
Michael Boelen 71c15afbd1
Added missing quote 2021-07-20 16:32:18 +02:00
Michael Boelen 20be0f61e3
Merge pull request #1188 from digitalcheetah/artix-linux 
Adding Artix Linux to osdetection
 2021-07-20 11:34:17 +02:00
Michael Boelen 6d6e160100
Merge branch 'master' of https://github.com/CISOfy/lynis 2021-07-20 11:32:05 +02:00
Michael Boelen 3a03af42aa
Fix: show 'egrep' instead of 'grep' when egrep is missing 2021-07-20 11:31:18 +02:00
Michael Boelen 6755ac45c2
Replaced tab with space 2021-07-20 11:30:23 +02:00
Michael Boelen e0a5555715
Merge pull request #1186 from just-some-tall-bloke/patch-1 
Added detection for NethServer
 2021-07-15 13:16:09 +02:00
Michael Boelen aa91bb4c85
Corrected syntax 2021-07-12 15:21:35 +02:00
Jay Keller cd632059e0
Adding OpenRC to boot services detection 2021-07-11 04:39:36 +00:00
digitalcheetah 2816ed5598
Adding Artix Linux to osdetection 2021-07-11 04:25:38 +00:00
just-some-tall-bloke e2aa40665c
Update osdetection 
Added NethServer

https://www.nethserver.org/
 2021-07-09 11:06:12 +02:00
Michael Boelen 7867759750
Dropping option to filter by label as newer versions of 'ip' give another result (no output) 2021-07-08 15:18:20 +02:00
Michael Boelen 5d96098a82
Switched order for interface detection on Linux 2021-07-08 14:54:49 +02:00
Michael Boelen 97e435ffe8
Add fallbacks for hostid generation and improve logging 2021-07-08 13:39:13 +02:00
Michael Boelen da024079f1
Improve HostID generation and logging 2021-07-02 14:23:53 +02:00
Rob Chekaluk b556450364 FILE-6344: support hidepid textual values 2021-06-21 08:53:43 -04:00
Alexander Lackner fff5df170e Fix Big Sur Detection and add macOS Monterey 2021-06-15 20:49:00 +02:00
Michael Boelen 54684aaac5
Merge pull request #1158 from jhe2/wc-argument-fix 
[HRDN-7231] When calling wc, use the short -l flag instead of --lines…
 2021-06-03 13:46:58 +02:00
Michael Boelen 922f822133
Merge pull request #1157 from mhdry/test-arch32-audit 
Test PKGS-7320 extended to "Arch Linux 32"
 2021-06-03 13:46:06 +02:00
Johannes Heimansberg 5666ed0a6d [HRDN-7231] When calling wc, use the short -l flag instead of --lines to make it work with busybox's wc implementation also 2021-05-21 19:51:53 +02:00
Michael Boelen d23c722c04
Removed trailing spaces 2021-05-20 08:30:54 +02:00
Michael Boelen 54f9281040
Added BunsenLabs detection 2021-05-20 08:28:54 +02:00
Marc Hendry 13bf829461 Test PKGS-7320 extended to "Arch Linux 32" 
PKGS-7320 checks whether package arch-audit is installed. This test has been
extended to test ${OS_FULLNAME} for both "Arch Linux" as well as "Arch Linux 32".
 2021-05-19 14:43:55 +02:00
Sander 0298f51940 Added FILE-6398 test 2021-05-15 19:22:17 +00:00
Marc Hendry b339145b84 Added Arch Linux 32 2021-05-14 16:04:07 +02:00
Sander d96628d9b1 Adding HTTP-6660 test 2021-05-14 11:56:48 +00:00
Idesmi 7044d7647e
Added openSUSE MicroOS 2021-05-14 11:00:39 +02:00
Michael Boelen efc71ae6bb
Merge pull request #1119 from NicolaiSoeborg/add-MOR-bit-check 
Check MemoryOverwriteRequest Control
 2021-05-11 19:56:55 +02:00
Michael Boelen 4cfd59d60c
Merge pull request #1135 from pyllyukko/typo-fix 
Small typo fix in ACCT-9622 LogText
 2021-05-11 19:54:15 +02:00
Michael Boelen d694afadd6
Update osdetection 2021-05-11 16:56:39 +02:00
Fred e1d49ff007 Added detection of Rocky Linux to include/osdetection 2021-05-11 10:15:23 -04:00
Michael Boelen 32143f6377
Merge pull request #1139 from teoberi/New-test-BOOT-5140---Check-for-ELILO-boot-loader-presence 
New test: BOOT-5140 - Check for ELILO boot loader presence
 2021-05-11 11:21:33 +02:00
Michael Boelen 2ee335503d
Merge pull request #1143 from jhe2/logg-2138-metalog 
[LOGG-2138] Do not check for klogd when metalog is being used
 2021-05-11 11:14:27 +02:00
Michael Boelen b941d7fccb
Added Manjaro (ARM) 2021-05-11 11:12:23 +02:00
Michael Boelen ac313553fb
Added AlmaLinux 2021-05-11 11:03:43 +02:00
Johannes Heimansberg 0a5dfbe5e2 [LOGG-2138] Do not check for klogd when metalog is being used 
Metalog comes with its own kernel logger, so there is no need to also run klogd.
 2021-05-04 10:50:56 +02:00
Thomas Sjögren ed3d75872e add support for additional Aide db paths 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2021-04-30 22:07:42 +02:00
Michael Boelen db033ed320
Merge pull request #1138 from jhe2/b1134 
[BOOT-5104] Add service manager detection support for runit
 2021-04-29 09:56:22 +02:00
Michael Boelen 0506d4467a
Merge pull request #1105 from afunix/1103-blacklisted-modules 
1103: FILE-6430 reports suggestion only when at least one kernel module is not in the blacklist
 2021-04-28 09:41:59 +02:00
Johannes Heimansberg 1d45d5534e [BOOT-5104] Add service manager detection support for runit 
This fixes issue #1134.
 2021-04-25 10:54:00 +02:00
Michael Boelen f41a2ead38
Merge pull request #1130 from ocafebabe/cmd_support 
Initial draft for Cmd support
 2021-04-15 08:35:31 +02:00
Michael Boelen 95d2ae0dee
Update tests_accounting 
Added condition
 2021-04-15 08:34:56 +02:00
Michael Boelen 032ba73987
Merge pull request #1136 from murin-matus/patch-1 
Add missing bracket in 4402
 2021-04-15 08:33:30 +02:00
Michael Boelen dc0cb691e0
Merge pull request #1128 from nberlee/nft-empty-fix 
nftables empy ruleset test fix by reorder --stateless
 2021-04-15 08:33:02 +02:00
Matus Murin 010e68789e
Add missing bracket in 4402 2021-04-14 14:52:04 +00:00
pyllyukko a8beb37e82
Small typo fix in ACCT-9622 LogText 2021-04-12 22:51:34 +03:00
Christian Bourque 7b632bdbfa Initial draft for Cmd support 2021-04-02 00:37:29 +00:00
Michael Boelen 21219c91eb
Added Devuan 2021-04-01 14:34:26 +02:00
Michael Boelen a8f7b0cb85
Merge pull request #1108 from schurzi/rounds 
[AUTH-9229] resolve inconsistency with AUTH-9230
 2021-04-01 13:44:17 +02:00
Michael Boelen aab6af4017
Merge pull request #1118 from steph78630/master 
Add translated status
 2021-04-01 13:34:20 +02:00
Michael Boelen a59aa785d1
Merge pull request #1123 from sbathe/master 
1122: Add OS detection block for Garuda Linux
 2021-04-01 13:31:59 +02:00
Nico Berlee 7849965d98
nftables empy ruleset test fix by reorder --stateless 2021-03-31 17:05:12 +02:00
Stefan Baumgartner 2be4bcf0d2
Update tests_time 
Fix for TIME-3185 on debian stretch
 2021-03-28 19:16:46 +02:00
Saurabh Bathe 543c41675b 1122: Add OS detection block for Garuda Linux 2021-03-14 17:13:41 +05:30
Nicolai Søborg 3d2f57fe1d
Check MemoryOverwriteRequest Control 2021-03-03 22:38:45 +01:00
Stéphane 3683ffd3c4
Add translated status 2021-03-02 23:31:41 +01:00
Martin Schurz 2d1b217c6c [AUTH-9229] resolve inconsistency with AUTH-9230 2021-01-13 15:07:12 +01:00
teoberi 403a5b5651
Update tests_boot_services 
Modify CONF_FILES variable
 2021-01-09 17:58:02 +02:00
Pavel Malyshev fba5120f3f 1103: FILE-6430 reports suggestion only when at least one kernel module is not in the blacklist 2021-01-07 17:29:06 -06:00
teoberi 82db002025
Update tests_databases 
Change pattern to detect all configuration files
 2021-01-07 21:16:19 +02:00
Michael Boelen da1c1eca10
Preparation for release 3.0.3 2021-01-07 15:22:19 +01:00
Michael Boelen ab1111c0ed
Merge pull request #905 from topimiettinen/check-non-native-binary-formats 
Check for registered non-native binary formats
 2021-01-07 15:16:34 +01:00
Michael Boelen a2f4d52404
Added CCBINARY and GCCBINARY 2021-01-07 12:36:10 +01:00
Michael Boelen cd6edc577b
Small style improvement 2021-01-07 11:34:46 +01:00
Michael Boelen c38c89ae4e
Merge pull request #1004 from Varbin/1003-os-detection 
Test for LINUX_VERSION before setting it again
 2021-01-07 11:30:51 +01:00
Michael Boelen 0abf01b358
Merge pull request #1100 from teoberi/Lynis-with-MariaDB->-10.4 
[DBS-1816] Force test to check only password authentication
 2021-01-07 11:09:40 +01:00
Michael Boelen c864daa742
Merge pull request #1104 from steph78630/master 
Add and improvements strings (GUI)
 2021-01-06 15:17:34 +01:00
Michael Boelen a5a0bc0434
Merge pull request #1099 from gcsgithub/master 
fix syntax must include ${}
 2021-01-06 13:59:42 +01:00
Stéphane f1604c2e55
Add and improvements strings 2021-01-05 11:53:11 +01:00
teoberi 06e3d98c91
Update tests_boot_services 
Add test for ELILO boot loader
 2021-01-03 12:14:24 +02:00
teoberi 49b5398266
Update tests_databases 
Fix the process name for PostgreSQL
Add new path to variable FIND_PATHS
Fix variable CONFIG_FILES
Check permissions for configuration files
 2021-01-03 12:02:38 +02:00
teoberi e859b89cec
Update consts 
Fix the variable name for PostgreSQL
 2021-01-03 11:54:35 +02:00
teoberi 82e5a8beed
Update tests_databases 
Fix for Test: DBS-1816 - Check empty MySQL root password
 2021-01-03 11:48:34 +02:00
Mark Garrett c8175cf74d Syntax fix was only valid in ksh93+ 2021-01-03 18:29:17 +11:00
Brian Ginsbach 7292f0f179 KRNL-5677 add NetBSD 
It is possible that NetBSD has the `proc` filesystem mounted. When
`/proc` is mounted there will be a `/proc/cpuinfo`. Handle the simple
case first (`proc` filesystem mounted). There are multiple other means
to determine PAE/NX without `/proc/cpuinfo`.
 2020-12-31 21:02:04 -06:00
Brian Ginsbach 89403f1494 Multiple platform support in Register 
Support specifying multiple platforms with `--platform`. Useful as
not all operating systems identify identical hardware (platforms)
with the same name (example x86_64 and amd64).
 2020-12-31 21:02:04 -06:00
Michael Boelen 8053165d2f
Remove check at this place 2020-12-28 18:34:19 +01:00
Michael Boelen 7f613f17ca
Improved call-to-action when OS is unknown 2020-12-26 15:37:46 +01:00
Michael Boelen fa69256f45
Added support for Parrot GNU/Linux 2020-12-26 15:36:36 +01:00
Michael Boelen 372c7fb98e
Merge pull request #1087 from konstruktoid/ISSUE1085 
only fail AUTH-9230 if both SHA_CRYPT_{MIN,MAX}_ROUNDS are undefined
 2020-12-24 10:19:25 +01:00
Michael Boelen 44201f02ab
Added elementary OS 2020-12-18 14:04:58 +01:00
Michael Boelen a26ebd3004
Fix: missing curly bracket 2020-12-17 20:17:52 +01:00
Michael Boelen 8fb98cb25c
Only retrieve exit code 
Redirect output of the count and every error to /dev/null, so we only get the exit code
 2020-12-17 14:51:52 +01:00
Michael Boelen 208518d8fa
Merge pull request #1088 from steph78630/master 
Addition and improvement of translated strings
 2020-12-17 14:23:48 +01:00
Michael Boelen c9a57d2caf
Merge pull request #1062 from Varbin/solaris-loghost-not-localhost 
Test if loghost is not localhost
 2020-12-17 14:18:31 +01:00
Stéphane 4cf9660185
Adding and improvement translated strings 2020-12-16 01:07:27 +01:00
Thomas Sjögren 60ed001140 indentation 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2020-12-15 23:14:03 +01:00
Michael Boelen 701be9852b
Merge pull request #1060 from Varbin/solaris-netstat 
[NETW-3012] Use netstat on Solaris to gather listening ports
 2020-12-15 14:30:09 +01:00
Michael Boelen 258b2bf05f
Merge pull request #1064 from Varbin/solaris-ips-svcs 
Add support for Solaris services, run BOOT-5184 there
 2020-12-15 14:16:18 +01:00
Michael Boelen 15ec001a2a
Merge pull request #1074 from Varbin/german-translation 
Extend German translation and add more translated statuses
 2020-12-15 14:13:03 +01:00
Michael Boelen 6e14b73b0c
Merge pull request #1079 from Varbin/1078-path-spaces 
Quote binary variables during SUID/GID enumeration
 2020-12-15 14:11:08 +01:00
Michael Boelen d1d3882130
Merge pull request #1076 from Varbin/1075-solaris-hostid 
Use first e1000 interface and break after match (for hostid generation on Solaris)
 2020-12-15 14:10:34 +01:00
Thomas Sjögren 807cfd430a nitpick about new line 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2020-12-15 01:45:58 +01:00
Thomas Sjögren fbb8ffa301 only check the lowest hashing round value, and correct log text 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2020-12-15 01:43:10 +01:00
Thomas Sjögren 76e89b525b only fail AUTH-9230 if no _MAX_ROUNDS is defined 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2020-12-14 21:43:14 +01:00