diff options
author | Michael Boelen <michael.boelen@cisofy.com> | 2018-08-27 15:25:59 +0300 |
---|---|---|
committer | Michael Boelen <michael.boelen@cisofy.com> | 2018-08-27 15:25:59 +0300 |
commit | 67f9d254614fb95644df6c5088ed51ec9e006ce5 (patch) | |
tree | 73e4a22d15359f8997bf48080b8514eef84c26c7 | |
parent | cfd853d0b0af474be8bb11f64be26cc97420888d (diff) |
Updated list of options and man page
-rw-r--r-- | include/helper_show | 2 | ||||
-rw-r--r-- | include/parameters | 3 | ||||
-rw-r--r-- | lynis.8 | 60 |
3 files changed, 35 insertions, 30 deletions
diff --git a/include/helper_show b/include/helper_show index e178299c..95e68ef0 100644 --- a/include/helper_show +++ b/include/helper_show @@ -30,7 +30,7 @@ COMMANDS="audit configure show update upload-only" HELPERS="audit configure show update" -OPTIONS="--auditor\n--check-all (-c)\n--cronjob (--cron)\n--debug\n--developer\n--help (-h)\n--license-key\n--log-file\n--manpage (--man)\n--no-colors --no-log\n--pentest\n--profile\n--plugins-dir\n--quiet (-q)\n--quick (-Q)\n--report-file\n--reverse-colors\n--tests\n--tests-from-category\n--tests-from-group\n--upload\n--verbose\n--version (-V)\n--wait" +OPTIONS="--auditor\n--cronjob (--cron)\n--debug\n--developer\n--help (-h)\n--license-key\n--log-file\n--manpage (--man)\n--no-colors\n--no-log\n--pentest\n--profile\n--plugin-dir\n--quick (-Q)\n--quiet (-q)\n--report-file\n--reverse-colors\n--skip-plugins\n--tests\n--tests-from-category\n--tests-from-group\n--upload\n--verbose\n--version (-V)\n--wait\n--warnings-only" SHOW_ARGS="categories changelog commands dbdir details environment groups help hostids includedir language license logfile man options os pidfile plugindir profiles release releasedate report settings tests version workdir" SHOW_HELP="lynis show ${BROWN}categories${NORMAL} (display test categories) diff --git a/include/parameters b/include/parameters index e665c6cb..4cfcacd3 100644 --- a/include/parameters +++ b/include/parameters @@ -235,6 +235,9 @@ for ITEM in ${OPTIONS}; do echo "${ITEM}" | tr '_' ' ' done + echo "This option is deprecated" + echo "Use: lynis show options" + ExitClean ;; @@ -1,4 +1,4 @@ -.TH Lynis 8 "13 Oct 2016" "1.26" "Unix System Administrator's Manual" +.TH Lynis 8 "27 Aug 2018" "1.27" "Unix System Administrator's Manual" .SH "NAME" @@ -16,12 +16,13 @@ Lynis \fP\- System and security auditing tool .fi .SH "DESCRIPTION" -\fBLynis\fP is a security auditing tool for Linux, Mac OSX, and UNIX systems. It -checks the system and the software configuration, to see if there is any room for -improvement the security defenses. All details are stored in a log file. Findings -and other discovered data is stored in a report file. This can be used to compare -differences between audits. \fBLynis\fP can run interactively or as a cronjob. Root permissions (e.g. sudo) -are not required, however provide more details during the audit. +\fBLynis\fP is a security auditing tool for Linux, macOS, and other systems based +on UNIX. The tool checks the system and the software configuration, to see if +there is any room for improvement the security defenses. All details are stored +in a log file. Findings and other discovered data is stored in a report file. +This can be used to compare differences between audits. \fBLynis\fP can run +interactively or as a cronjob. Root permissions (e.g. sudo) are not required, +however provide more details during the audit. .PP The following system areas may be checked: .IP @@ -41,7 +42,7 @@ When running \fBLynis\fP for the first time, run: lynis audit system .IP "audit \<type\>" Perform an audit of the selected type .IP "show \<parameter\>" -Show varies information details like configuration and paths +Show information, such as configuration and paths .IP "update \<parameter\>" Perform activities regarding updating .IP "upload-only" @@ -59,20 +60,10 @@ For more scan modes, see the helper utilities. .SH "OPTIONS" .TP -.B \-\-auditor <full name> -Define the name of the auditor/pen-tester. When a full name is used, add double +.B \-\-auditor <name> +Define the name of the auditor/pentester. When a full name is used, add double quotes, like "Your Name". .TP -.B \-\-checkall (or \-c) -\fBLynis\fP performs a full check of the system, printing out the results of -each test to stdout. Additional information will be saved into a log file -(default is /var/log/lynis.log). This option invokes scan mode "audit system". -.IP -In case the outcome of a scan needs to be automated, use the report file. -.TP -.B \-\-config -Show which settings file or profile is being used, then quit. -.TP .B \-\-cronjob Perform automatic scan with cron safe options (no colors, no questions, no breaks). @@ -83,22 +74,25 @@ Display debug information to screen for troubleshooting purposes. .B \-\-developer Display developer information when creating tests. .TP -.B \-\-dump\-options -Show all available parameters. +.B \-\-help +Show available commands and most-used options. .TP .B \-\-logfile </path/to/logfile> Defines location and name of log file, instead of default /var/log/lynis.log. .TP +.B \-\-man +Show the man page. Useful for systems that do not have the man page installed. +.TP .B \-\-no\-colors -Do not use colors for messages, warnings and sections. +Disable colored output. .TP .B \-\-no\-log Redirect all logging information to /dev/null, prevent sensitive information to be written to disk. .TP .B \-\-pentest -Run a non-privileged scan, usually for penetration testing. Some of the tests -will be skipped if they require root permissions. +Run a non-privileged scan, usually used for penetration testing. Some of the +tests will be skipped if they require root permissions. .TP .B \-\-plugin\-dir </path/to/plugins> Define location where plugins can be found. @@ -125,19 +119,27 @@ Do not run plugins. Only run the specific test(s). When using multiple tests, add quotes around the line. .TP +.B \-\-tests\-from\-category "<category>" +Tests are only performed if they belong to the defined category. Use the command +'show categories' to determine all valid options. +.TP .B \-\-tests\-from\-group "<group>" -Only perform tests from particular group of tests. Use 'show groups' to determine -valid options. +Similar to \-\-tests\-from\-category. Only perform tests from a particular group. +Use 'show categories' to determine valid options. .TP .B \-\-upload -Upload data to Lynis Enterprise server. +Upload data to Lynis Enterprise server (profile option: upload=yes). +.TP +.B \-\-verbose +Show more details on screen, such as components that could not found. These +details are hidden by default. .TP .B \-\-wait Wait for user to continue. This adds a break after each section (opposed of \-\-quick). .TP .B \-\-warnings\-only -Run quietly, except warnings. +Run quietly, except show warnings. .RE .PP .RS |