#!/bin/sh ################################################################################# # # Lynis # ------------------ # # Copyright 2007-2013, Michael Boelen # Copyright 2007-2021, CISOfy # # Website : https://cisofy.com # Blog : http://linux-audit.com # GitHub : https://github.com/CISOfy/lynis # # Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are # welcome to redistribute it under the terms of the GNU General Public License. # See LICENSE file for usage of this software. # ################################################################################# # # Operating System detection # ################################################################################# # # Check operating system case $(uname) in # IBM AIX AIX) OS="AIX" OS_NAME="AIX" OS_VERSION=$(oslevel) OS_FULLNAME="AIX ${OS_VERSION}" CPU=$(uname -p) HARDWARE=$(uname -M) FIND_BINARIES="whereis -b" SYSCTL_READKEY="" ;; # Mac OS X and macOS Darwin) OS="macOS" if [ -x /usr/bin/sw_vers ]; then OS_NAME=$(/usr/bin/sw_vers -productName) OS_VERSION=$(/usr/bin/sw_vers -productVersion) OS_VERSION_NAME="unknown" OS_FULLNAME="macOS (unknown version)" case ${OS_VERSION} in 10.0 | 10.0.[0-9]*) OS_FULLNAME="Mac OS X 10.0 (Cheetah)" ;; 10.1 | 10.1.[0-9]*) OS_FULLNAME="Mac OS X 10.1 (Puma)" ;; 10.2 | 10.2.[0-9]*) OS_FULLNAME="Mac OS X 10.2 (Jaguar)" ;; 10.3 | 10.3.[0-9]*) OS_FULLNAME="Mac OS X 10.3 (Panther)" ;; 10.4 | 10.4.[0-9]*) OS_FULLNAME="Mac OS X 10.4 (Tiger)" ;; 10.5 | 10.5.[0-9]*) OS_FULLNAME="Mac OS X 10.5 (Leopard)" ;; 10.6 | 10.6.[0-9]*) OS_FULLNAME="Mac OS X 10.6 (Snow Leopard)" ;; 10.7 | 10.7.[0-9]*) OS_FULLNAME="Mac OS X 10.7 (Lion)" ;; 10.8 | 10.8.[0-9]*) OS_FULLNAME="Mac OS X 10.8 (Mountain Lion)" ;; 10.9 | 10.9.[0-9]*) OS_FULLNAME="Mac OS X 10.9 (Mavericks)" ;; 10.10 | 10.10.[0-9]*) OS_FULLNAME="Mac OS X 10.10 (Yosemite)" ;; 10.11 | 10.11.[0-9]*) OS_FULLNAME="Mac OS X 10.11 (El Capitan)" ;; 10.12 | 10.12.[0-9]*) OS_FULLNAME="macOS Sierra (${OS_VERSION})" ;; 10.13 | 10.13.[0-9]*) OS_FULLNAME="macOS High Sierra (${OS_VERSION})" ;; 10.14 | 10.14.[0-9]*) OS_FULLNAME="macOS Mojave (${OS_VERSION})" ;; 10.15 | 10.15.[0-9]*) OS_FULLNAME="macOS Catalina (${OS_VERSION})" ;; 11 | 11.[0-9]*) OS_FULLNAME="macOS Big Sur (${OS_VERSION})" ;; 12 | 12.[0-9]*) OS_FULLNAME="macOS Monterey (${OS_VERSION})" ;; 13 | 13.[0-9]*) OS_FULLNAME="macOS Ventura (${OS_VERSION})" ;; 14 | 14.[0-9]*) OS_FULLNAME="macOS Sonoma (${OS_VERSION})" ;; *) echo "Unknown macOS version. Do you know what version it is? Create an issue at ${PROGRAM_SOURCE}" ;; esac else # Fall back to a fairly safe name OS_NAME="macOS" # uname -s -r shows Darwin 16.1.0 OS_FULLNAME=$(uname -s -r) # shows 16.1.0 for Darwin's version, not macOS's OS_VERSION=$(uname -r) fi HARDWARE=$(uname -m) HOMEDIRS="/Users" FIND_BINARIES="whereis" OS_KERNELVERSION=$(uname -r) SYSCTL_READKEY="" ;; # DragonFly BSD DragonFly) OS="DragonFly" OS_NAME="DragonFly BSD" OS_FULLNAME=$(uname -s -r) OS_VERSION=$(uname -r) HARDWARE=$(uname -m) HOMEDIRS="/home /root" FIND_BINARIES="whereis -q -a -b" OS_KERNELVERSION=$(uname -i) SYSCTL_READKEY="sysctl -n" ;; # FreeBSD FreeBSD) OS="FreeBSD" OS_NAME="FreeBSD" OS_FULLNAME=$(uname -s -r) OS_VERSION=$(uname -r) HARDWARE=$(uname -m) HOMEDIRS="/home /root" FIND_BINARIES="whereis -q -a -b" OS_KERNELVERSION=$(uname -i) SYSCTL_READKEY="sysctl -n" # TrueOS if [ -f /etc/defaults/trueos ]; then OS_NAME="TrueOS" LogText "Result: found TrueOS file, system is completely based on FreeBSD though. Only adjusting OS name." fi ;; # HP-UX HP-UX) OS="HP-UX" OS_NAME="HP-UX" OS_FULLNAME=$(uname -s -r) OS_VERSION=$(uname -r) HARDWARE=$(uname -m) FIND_BINARIES="whereis -b" SYSCTL_READKEY="" LOGDIR="/var/adm/syslog" ;; # Linux Linux) OS="Linux" OS_NAME="Linux" OS_FULLNAME="" OS_VERSION=$(uname -r) LINUX_VERSION="" HARDWARE=$(uname -m) HOMEDIRS="/home" FIND_BINARIES="whereis -b" OS_KERNELVERSION_FULL=$(uname -r) OS_KERNELVERSION=$(echo ${OS_KERNELVERSION_FULL} | sed 's/-.*//') if [ -e /dev/grsec ]; then GRSEC_FOUND=1; fi # Generic if [ -e /etc/os-release ]; then OS_FULLNAME=$(awk -F= '/^PRETTY_NAME=/ {print substr($2,2,length($2)-2)}' /etc/os-release) OS_ID=$(grep "^ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') if [ -n "${OS_ID}" ]; then case ${OS_ID} in "almalinux") LINUX_VERSION="AlmaLinux" OS_NAME=$(grep "^PRETTY_NAME=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') OS_REDHAT_OR_CLONE=1 OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') OS_VERSION_FULL=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') ;; "alpine") LINUX_VERSION="Alpine Linux" OS_NAME=$(grep "^PRETTY_NAME=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') OS_VERSION_FULL=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') ;; "amzn") LINUX_VERSION="Amazon Linux" OS_NAME="Amazon Linux" OS_REDHAT_OR_CLONE=1 OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') ;; "arch") LINUX_VERSION="Arch Linux" OS_FULLNAME="Arch Linux" OS_VERSION="Rolling release" ;; "arch32") LINUX_VERSION="Arch Linux 32" OS_FULLNAME="Arch Linux 32" OS_VERSION="Rolling release" ;; "arcolinux") LINUX_VERSION="ArcoLinux" OS_FULLNAME="ArcoLinux" OS_VERSION="Rolling release" ;; "artix") LINUX_VERSION="Artix Linux" OS_FULLNAME="Artix Linux" OS_VERSION="Rolling release" ;; "bunsenlabs") LINUX_VERSION="BunsenLabs" OS_NAME="BunsenLabs" OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') OS_VERSION_FULL=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') ;; "centos") LINUX_VERSION="CentOS" OS_NAME="CentOS Linux" OS_REDHAT_OR_CLONE=1 OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') ;; "clear-linux-os") LINUX_VERSION="Clear Linux OS" OS_NAME="Clear Linux OS" OS_REDHAT_OR_CLONE=1 OS_VERSION="Rolling release" ;; "cloudlinux") LINUX_VERSION="CloudLinux" OS_NAME="CloudLinux" OS_REDHAT_OR_CLONE=1 OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') ;; "coreos") LINUX_VERSION="CoreOS" OS_NAME="CoreOS Linux" OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') ;; "debian") LINUX_VERSION="Debian" OS_NAME="Debian" OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') OS_VERSION_FULL=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') ;; "devuan") LINUX_VERSION="Devuan" OS_NAME="Devuan" OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') OS_VERSION_FULL=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') ;; "elementary") LINUX_VERSION="elementary OS" OS_NAME="elementary OS" OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') OS_VERSION_FULL=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') ;; "endeavouros") LINUX_VERSION="EndeavourOS" OS_NAME="EndeavourOS" OS_VERSION="Rolling release" OS_VERSION_FULL="Rolling release" ;; "fedora") LINUX_VERSION="Fedora" OS_NAME="Fedora Linux" OS_REDHAT_OR_CLONE=1 OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') ;; "flatcar") LINUX_VERSION="Flatcar" LINUX_VERSION_LIKE="CoreOS" OS_NAME="Flatcar Linux" OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') ;; "funtoo") LINUX_VERSION="Funtoo" OS_FULLNAME="Funtoo Linux" OS_VERSION="Rolling release" ;; "garuda") LINUX_VERSION="Garuda" OS_FULLNAME="Garuda Linux" OS_NAME="Garuda" OS_VERSION="Rolling release" ;; "gentoo") LINUX_VERSION="Gentoo" OS_NAME="Gentoo Linux" OS_VERSION="Rolling release" ;; "guix") LINUX_VERSION="Guix" OS_FULLNAME="Guix System" OS_NAME="Guix" OS_VERSION="Rolling release" ;; "ipfire") LINUX_VERSION="IPFire" OS_NAME="IPFire" OS_VERSION=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') ;; "kali") LINUX_VERSION="Kali" LINUX_VERSION_LIKE="Debian" OS_NAME="Kali Linux" OS_VERSION="Rolling release" ;; "linuxmint") LINUX_VERSION="Linux Mint" LINUX_VERSION_LIKE="Ubuntu" OS_NAME="Linux Mint" OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') OS_VERSION_FULL=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') ;; "lsdk") LINUX_VERSION="NXP LSDK" OS_NAME="NXP LSDK" OS_VERSION_FULL=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') ;; "mageia") LINUX_VERSION="Mageia" OS_NAME="Mageia" OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') OS_VERSION_FULL=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') ;; "manjaro" | "manjaro-arm") LINUX_VERSION="Manjaro" OS_FULLNAME="Manjaro Linux" OS_NAME="Manjaro" OS_VERSION="Rolling release" ;; "nethserver") LINUX_VERSION="NethServer" OS_NAME="NethServer" OS_REDHAT_OR_CLONE=1 OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') ;; "nixos") LINUX_VERSION="NixOS" OS_NAME="NixOS" OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') OS_VERSION_FULL=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') ;; "ol") LINUX_VERSION="Oracle Linux" OS_NAME="Oracle Linux" OS_REDHAT_OR_CLONE=1 OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') ;; "nodistro") LINUX_VERSION="openembedded" OS_NAME="OpenEmbedded" OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') OS_VERSION_FULL=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') ;; "opensuse-tumbleweed") LINUX_VERSION="openSUSE Tumbleweed" # It's rolling release but has a snapshot version (the date of the snapshot) OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') OS_NAME="openSUSE" ;; "opensuse-leap") LINUX_VERSION="openSUSE Leap" OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') OS_NAME="openSUSE" ;; "opensuse-microos") LINUX_VERSION="openSUSE MicroOS" OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') OS_NAME="openSUSE" ;; "parrot") LINUX_VERSION="Parrot" OS_NAME="Parrot GNU/Linux" OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') OS_VERSION_FULL=$(grep "^PRETTY_NAME=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') ;; "poky") LINUX_VERSION="Poky" OS_NAME="openembedded" LINUX_VERSION_LIKE="openembedded" OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') OS_VERSION_FULL=$(grep "^PRETTY_NAME=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') ;; "pop") LINUX_VERSION="Pop!_OS" LINUX_VERSION_LIKE="Ubuntu" OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') OS_VERSION_FULL=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') OS_NAME="Pop!_OS" ;; "pureos") LINUX_VERSION="PureOS" LINUX_VERSION_LIKE="Debian" OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') OS_VERSION_FULL=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') OS_NAME="PureOS" ;; "raspbian") LINUX_VERSION="Raspbian" LINUX_VERSION_LIKE="Debian" OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') OS_VERSION_FULL=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') OS_NAME="Raspbian" ;; "redhat" | "rhel") LINUX_VERSION="RHEL" OS_NAME="RHEL" OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') OS_VERSION_FULL=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') OS_FULLNAME="${OS_NAME} ${OS_VERSION_FULL}" OS_REDHAT_OR_CLONE=1 ;; "rocky") LINUX_VERSION="Rocky Linux" OS_NAME="Rocky Linux" OS_REDHAT_OR_CLONE=1 OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') ;; "rosa") LINUX_VERSION="ROSA Linux" OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') OS_VERSION_FULL=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') OS_NAME="ROSA Linux" ;; "slackware") LINUX_VERSION="Slackware" OS_NAME="Slackware Linux" OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') OS_VERSION_FULL=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') ;; "sles") LINUX_VERSION="SLES" OS_NAME="openSUSE" OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') OS_VERSION_FULL=$(grep "^PRETTY_NAME=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') ;; "ubuntu") LINUX_VERSION="Ubuntu" OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') OS_VERSION_FULL=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') OS_NAME="Ubuntu" ;; "void") LINUX_VERSION="Void Linux" OS_VERSION="Rolling release" OS_NAME="Void Linux" ;; "zorin") LINUX_VERSION="Zorin OS" OS_NAME="Zorin OS" OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') OS_VERSION_FULL=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') ;; *) ReportException "OS Detection" "Unknown OS found in /etc/os-release - Please create an issue on GitHub and share the the contents (cat /etc/os-release): ${PROGRAM_SOURCE}" ;; esac fi fi # Alpine if [ -e "/etc/alpine-release" ]; then LINUX_VERSION="Alpine Linux"; OS_VERSION=$(cat /etc/alpine-release); fi # Amazon if [ -z "${LINUX_VERSION}" -a -e "/etc/system-release" ]; then FIND=$(grep "^Amazon" /etc/system-release) if [ -n "${FIND}" ]; then OS_REDHAT_OR_CLONE=1 OS_FULLNAME=$(grep "^Amazon" /etc/system-release) OS_VERSION=$(grep "^Amazon" /etc/system-release | awk '{ if ($4=="release") { print $5 } }') LINUX_VERSION="Amazon" fi fi # Arch Linux if [ -z "${OS_FULLNAME}" -a -e "/etc/arch-release" ]; then OS_FULLNAME="Arch Linux" OS_VERSION="Unknown" LINUX_VERSION="Arch Linux" fi # Chakra Linux if [ -e "/etc/chakra-release" ]; then OS_FULLNAME=$(grep "^Chakra" /etc/chakra-release) OS_VERSION=$(awk '/^Chakra/ { if ($3=="release") { print $4 }}' /etc/chakra-release) LINUX_VERSION="Chakra Linux" fi # Cobalt if [ -e "/etc/cobalt-release" ]; then OS_FULLNAME=$(cat /etc/cobalt-release); fi # CPUBuilders Linux if [ -e "/etc/cpub-release" ]; then OS_FULLNAME=$(cat /etc/cpub-release); fi if [ -z "${LINUX_VERSION}" ] && [ -e "/etc/debian_version" ]; then # Debian/Ubuntu (***) - Set first to Debian OS_VERSION=$(cat /etc/debian_version) OS_FULLNAME="Debian ${OS_VERSION}" LINUX_VERSION="Debian" # /etc/lsb-release does not exist on Debian if [ -e /etc/lsb-release ]; then OS_VERSION=$(cat /etc/debian_version) FIND=$(grep "^DISTRIB_ID=" /etc/lsb-release | cut -d '=' -f2 | sed 's/"//g') if [ "${FIND}" = "Ubuntu" ]; then OS_VERSION=$(grep "^DISTRIB_RELEASE=" /etc/lsb-release | cut -d '=' -f2) OS_FULLNAME="Ubuntu ${OS_VERSION}" LINUX_VERSION="Ubuntu" elif [ "${FIND}" = "elementary OS" ]; then LINUX_VERSION="elementary OS" LINUX_VERSION_LIKE="Ubuntu" OS_VERSION=$(grep "^DISTRIB_RELEASE=" /etc/lsb-release | cut -d '=' -f2) OS_FULLNAME=$(grep "^DISTRIB_DESCRIPTION=" /etc/lsb-release | cut -d '=' -f2 | sed 's/"//g') else # Catch all, in case it's unclear what specific release this is. OS_FULLNAME="Debian ${OS_VERSION}" LINUX_VERSION="Debian" fi # Ubuntu test (optional) $(grep "[Uu]buntu" /proc/version) fi fi # Override for Linux Mint, as that is initially detected as Debian or Ubuntu if [ -x /usr/bin/lsb_release ]; then FIND=$(lsb_release --id | awk -F: '{ print $2 }' | awk '{ print $1 }') if [ "${FIND}" = "LinuxMint" ]; then LINUX_VERSION="Linux Mint" # LMDE (Linux Mint Debian Edition) should be detected as Debian LINUX_VERSION_LIKE="Ubuntu" OS_VERSION=$(lsb_release --release | awk '{ print $2 }') OS_FULLNAME="Linux Mint ${OS_VERSION}" fi fi # E-smith if [ -e "/etc/e-smith-release" ]; then OS_FULLNAME=$(cat /etc/e-smith-release); fi # Gentoo if [ -e "/etc/gentoo-release" ]; then LINUX_VERSION="Gentoo"; OS_FULLNAME=$(cat /etc/gentoo-release); fi # Red Hat and others if [ -z "${LINUX_VERSION}" -a -e "/etc/redhat-release" ]; then OS_REDHAT_OR_CLONE=1 # CentOS if grep "CentOS" /etc/redhat-release; then OS_FULLNAME=$(grep "CentOS" /etc/redhat-release) LINUX_VERSION="CentOS" OS_VERSION="${OS_FULLNAME}" fi # ClearOS FIND=$(grep "ClearOS" /etc/redhat-release) if [ ! "${FIND}" = "" ]; then OS_FULLNAME=$(grep "ClearOS" /etc/redhat-release) LINUX_VERSION="ClearOS" OS_VERSION="${OS_FULLNAME}" fi # Fedora FIND=$(grep "Fedora" /etc/redhat-release) if [ ! "${FIND}" = "" ]; then OS_FULLNAME=$(grep "Fedora" /etc/redhat-release) OS_VERSION="${OS_FULLNAME}" LINUX_VERSION="Fedora" fi # Oracle Enterprise Linux FIND=$(grep "Enterprise Linux Enterprise Linux Server" /etc/redhat-release) if [ ! "${FIND}" = "" ]; then LINUX_VERSION="Oracle Enterprise Linux" OS_FULLNAME=$(grep "Enterprise Linux" /etc/redhat-release) OS_VERSION="${OS_FULLNAME}" fi # Oracle Enterprise Linux if [ -e /etc/oracle-release ]; then FIND=$(grep "Oracle Linux Server" /etc/oracle-release) if [ ! "${FIND}" = "" ]; then LINUX_VERSION="Oracle Enterprise Linux" OS_FULLNAME=$(grep "Oracle Linux" /etc/oracle-release) OS_VERSION="${OS_FULLNAME}" fi fi # Oracle VM Server if [ -e /etc/ovs-release ]; then FIND=$(grep "Oracle VM" /etc/ovs-release) if [ ! "${FIND}" = "" ]; then LINUX_VERSION="Oracle VM Server" OS_FULLNAME=$(grep "Oracle VM" /etc/ovs-release) OS_VERSION="${OS_FULLNAME}" fi fi # Scientific FIND=$(grep "Scientific" /etc/redhat-release) if [ ! "${FIND}" = "" ]; then OS_FULLNAME=$(grep "^Scientific" /etc/redhat-release) OS_VERSION=$(grep "^Scientific" /etc/redhat-release | awk '{ if ($3=="release") { print $4 } }') LINUX_VERSION="Scientific" fi if [ -z "${LINUX_VERSION}" ]; then # Red Hat FIND=$(grep "Red Hat" /etc/redhat-release) if [ ! "${FIND}" = "" ]; then OS_FULLNAME=$(grep "Red Hat" /etc/redhat-release) OS_VERSION="${OS_FULLNAME}" LINUX_VERSION="Red Hat" fi fi fi # PCLinuxOS if [ -f /etc/pclinuxos-release ]; then FIND=$(grep "^PCLinuxOS" /etc/pclinuxos-release) if [ ! "${FIND}" = "" ]; then OS_FULLNAME="PCLinuxOS Linux" LINUX_VERSION="PCLinuxOS" OS_VERSION=$(grep "^PCLinuxOS" /etc/pclinuxos-release | awk '{ if ($2=="release") { print $3 } }') fi fi # Sabayon Linux if [ -f /etc/sabayon-edition ]; then FIND=$(grep "Sabayon Linux" /etc/sabayon-edition) if [ ! "${FIND}" = "" ]; then OS_FULLNAME="Sabayon Linux" LINUX_VERSION="Sabayon" OS_VERSION=$(awk '{ print $3 }' /etc/sabayon-edition) fi fi if [ -f /etc/SLOX-release ]; then OS_FULLNAME=$(grep "SuSE Linux" /etc/SLOX-release) LINUX_VERSION="SuSE" fi # Slackware if [ -f /etc/slackware-version ]; then LINUX_VERSION="Slackware" OS_VERSION=$(grep "^Slackware" /etc/slackware-version | awk '{ if ($1=="Slackware") { print $2 } }') OS_FULLNAME="Slackware Linux ${OS_VERSION}" fi # SuSE if [ -e "/etc/SuSE-release" ]; then OS_VERSION=$(head -n 1 /etc/SuSE-release) LINUX_VERSION="SuSE" fi # Turbo Linux if [ -e "/etc/turbolinux-release" ]; then OS_FULLNAME=$(cat /etc/turbolinux-release); fi # YellowDog if [ -e "/etc/yellowdog-release" ]; then OS_FULLNAME=$(cat /etc/yellowdog-release); fi # VMware if [ -e "/etc/vmware-release" ]; then OS_FULLNAME=$(cat /etc/vmware-release) OS_VERSION=$(uname -r) IS_VMWARE_ESXI=$(vmware -vl | grep VMware ESXi) if [ ! "${IS_VMWARE_ESXI}" = "" ]; then OS_FULLNAME="VMware ESXi ${OS_VERSION}" fi fi # =================================================================== # Set OS name to the discovered Linux version if [ ! "${LINUX_VERSION}" = "" -a "${OS_NAME}" = "Linux" ]; then OS_NAME="${LINUX_VERSION}" fi # If Linux version (full name) is unknown, use uname value if [ "${OS_FULLNAME}" = "" ]; then OS_FULLNAME=$(uname -s -r); fi SYSCTL_READKEY="sysctl -n" ;; # NetBSD NetBSD) OS="NetBSD" OS_NAME="NetBSD" OS_FULLNAME=$(uname -s -r) OS_KERNELVERSION=$(uname -v) OS_VERSION=$(uname -r) HARDWARE=$(uname -m) FIND_BINARIES="whereis" SYSCTL_READKEY="" ;; # OpenBSD OpenBSD) OS="OpenBSD" OS_NAME="OpenBSD" OS_FULLNAME=$(uname -s -r) OS_KERNELVERSION=$(uname -v) OS_VERSION=$(uname -r) HARDWARE=$(uname -m) FIND_BINARIES="whereis" SYSCTL_READKEY="" ;; # Solaris / OpenSolaris / Ilumos ... SunOS) OS="Solaris" OS_KERNELVERSION=$(uname -v) OPENSOLARIS=0 if [ -f /etc/os-release ]; then OS_ID=$(grep "^ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') OS_VERSION=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') OS_FULLNAME=$(awk -F= '/^PRETTY_NAME=/ {print substr($2,2,length($2)-2)}' /etc/os-release) case "${OS_ID}" in "solaris") OS_NAME="Oracle Solaris" ;; "omnios") OS_NAME="OmniOS" OPENSOLARIS=1 ;; "tribblix") OS_NAME="Tribblix" OS_FULLNAME="Tribblix ${OS_VERSION}" OPENSOLARIS=1 ;; "*") ReportException "OS Detection" "Unknown OS found in /etc/os-release - Please create issue on GitHub project page: ${PROGRAM_SOURCE}" ;; esac elif [ "$(uname -o 2> /dev/null)" = "illumos" ]; then OPENSOLARIS=1 # Solaris has a free form text file with release information if grep "OpenIndiana" /etc/release > /dev/null; then OS_NAME="OpenIndiana" if grep "Hipster" /etc/release > /dev/null; then OS_VERSION="$(tr ' ' '\n' < /etc/release | grep '[[:digit:]]\.[[:digit:]]')" OS_FULLNAME="OpenIndiana Hipster $OS_VERSION" else OS_VERSION="Unknown" OS_FULLNAME="OpenIndiana (unknown edition)" fi elif grep "OmniOS" /etc/release > /dev/null; then OS_NAME="OmniOS" OS_VERSION="$(tr ' ' '\n' < /etc/release | grep 'r[[:digit:]]')" if grep "Community Edition" /etc/release > /dev/null; then OS_FULLNAME="OmniOS Community Edition v11 $OS_VERSION" fi elif grep "SmartOS" /etc/release > /dev/null; then OS_NAME="SmartOS" OS_VERSION="-" OS_FULLNAME="SmartOS" else OS_NAME="Unknown Illumos" fi elif grep "SchilliX" /etc/release > /dev/null; then OS_NAME="SchilliX" OS_FULLNAME="$(head -n 1 /etc/release | xargs)" OS_VERSION="$(echo "$OS_FULLNAME" | cut -d '-' -f 2)" OPENSOLARIS=1 elif head -n 1 < /etc/release | grep "Oracle Solaris" > /dev/null; then OS_NAME="Oracle Solaris" OS_FULLNAME="$(head -n 1 /etc/release | xargs)" OS_VERSION="$(head -n 1 < /etc/release | xargs | cut -d ' ' -f 3)" elif head -n 1 < /etc/release | xargs | grep "^Solaris " > /dev/null; then OS_NAME="Sun Solaris" # Example of /etc/release: # Solaris 10 5/08 # ... # Solaris 10 10/09 (Update 8) # The first line does not contain the "Update" number, # only if present. if tail -1 < /etc/release | xargs | grep "^Solaris " > /dev/null; then OS_FULLNAME=$(tail -1 < /etc/release | xargs) else OS_FULLNAME=$(head -1 < /etc/release | xargs) fi OS_VERSION=$(echo "$OS_FULLNAME" | cut -d ' ' -f 2,3) else # Old behaviour OS_NAME="Sun Solaris" OS_FULLNAME=$(uname -s -r) OS_VERSION=$(uname -r) fi HARDWARE=$(uname -m) if [ -x /usr/bin/isainfo ]; then # Returns 32, 64 OS_MODE=$(/usr/bin/isainfo -b) fi SYSCTL_READKEY="" ;; # VMware products VMkernel) OS="VMware" OS_FULLNAME="" OS_VERSION="" HARDWARE=$(uname -m) if [ -e "/etc/vmware-release" ]; then OS_FULLNAME=$(cat /etc/vmware-release) OS_VERSION=$(uname -r) fi HAS_VMWARE_UTIL=$(which vmware 2> /dev/null | grep -v "no [^ ]* in ") if [ ! "${HAS_VMWARE_UTIL}" = "" ]; then IS_VMWARE_ESXI=$(vmware -vl | grep VMware ESXi) if [ ! "${IS_VMWARE_ESXI}" = "" ]; then OS_NAME="VMware ESXi" OS_FULLNAME="VMware ESXi ${OS_VERSION}" fi fi ;; # Unknown or unsupported systems *) echo "[ ${WARNING}WARNING${NORMAL} ]" echo "${WARNING}Error${NORMAL}: ${WHITE}Unknown OS found. No support available yet for this OS or platform...${NORMAL}" echo "Please consult the README/documentation for more information." exit 1 ;; esac # Set correct echo binary and parameters after detecting operating system ECHONB="" case ${OS} in "AIX") ECHOCMD="echo"; ECHONB="printf" ;; "DragonFly"|"FreeBSD"|"NetBSD") ECHOCMD="echo -e" ECHONB="echo -n" NOW=$(date "+%s") ;; "macOS" | "Mac OS X") ECHOCMD="echo" ECHONB="/bin/echo -n" NOW=$(date "+%s") ;; "Solaris") ECHOCMD="echo" test -f /usr/ucb/echo && ECHONB="/usr/ucb/echo -n" NOW=$(nawk 'BEGIN{print srand()}') ;; "Linux") # Check if dash is used (Debian/Ubuntu) DEFAULT_SHELL=$(ls -l /bin/sh | awk -F'>' '{print $2}') case ${DEFAULT_SHELL} in " dash") ECHOCMD="/bin/echo -e" ;; *) ECHOCMD="echo -e" ;; esac NOW=$(date "+%s") ;; *) ECHOCMD="echo -e" NOW=$(date "+%s") ;; esac # Check if we have full featured commands, or are using BusyBox as a shell if [ -x /bin/busybox ]; then if [ -L /bin/ps ]; then ShowSymlinkPath /bin/ps if [ "${SYMLINK}" = "/bin/busybox" ]; then SHELL_IS_BUSYBOX=1 fi fi fi # Specific checks for hardware # Detect if we are using a QNAP NAS if [ -d /share/CACHEDEV1_DATA/.qpkg ]; then QNAP_DEVICE=1 fi # Check if this OS is end-of-life EOL=255 EOL_DATE="" EOL_TIMESTAMP=0 if [ -n "${OS_VERSION}" ]; then if [ -f "${DBDIR}/software-eol.db" ]; then FIND="${OS_FULLNAME}" EOL_TIMESTAMP=$(awk -v value="${FIND}" -F: '{if ($1=="os" && value ~ $2){print $4}}' ${DBDIR}/software-eol.db | head -n 1) if [ -n "${EOL_TIMESTAMP}" ]; then EOL_DATE=$(awk -v value="${FIND}" -F: '{if ($1=="os" && value ~ $2){print $3}}' ${DBDIR}/software-eol.db | head -n 1) if [ -n "${EOL_DATE}" ]; then if [ ${NOW} -gt ${EOL_TIMESTAMP} ]; then EOL=1 else EOL=0 fi else EOL=0 fi fi fi fi #================================================================================ # Lynis - Security Auditing and System Hardening for Linux and UNIX - https://cisofy.com