diff options
| author | Michael Boelen <michael.boelen@cisofy.com> | 2020-03-23 17:56:03 +0300 |
|---|---|---|
| committer | Michael Boelen <michael.boelen@cisofy.com> | 2020-03-23 17:56:03 +0300 |
| commit | dcddfdb6cc803b6b7401ff36beaac7501c7e69d7 (patch) | |
| tree | ece3cd6b0afc18f94c736ab45f3287a5ea452de3 | |
| parent | 1e74f9be9a0c010ea63b7b0dd7d59d9933eb06c1 (diff) | |
| parent | 8f77116ce7b824edd19a2ad7410aa304a37f58d7 (diff) | |
Merge branch 'master' of https://github.com/CISOfy/lynis
| -rw-r--r-- | include/tests_mac_frameworks | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/include/tests_mac_frameworks b/include/tests_mac_frameworks index d6d40a6b..94f2065d 100644 --- a/include/tests_mac_frameworks +++ b/include/tests_mac_frameworks @@ -75,6 +75,12 @@ Report "apparmor_enabled=1" Report "apparmor_policy_loaded=1" AddHP 3 3 + # ignore kernel threads (Parent PID = 2 [kthreadd]) + NUNCONFINED=$(${PSBINARY} -N --ppid 2 -o label | ${GREPBINARY} '^unconfined' | ${WCBINARY} --lines) + Display --indent 8 --text "Found ${NUNCONFINED} unconfined processes" + for PROCESS in $(${PSBINARY} -N --ppid 2 -o label:1,pid,comm | ${GREPBINARY} '^unconfined' | ${TRBINARY} ' ' ':'); do + LogText "Result: Unconfined process: ${PROCESS}" + done elif [ $? -eq 4 ]; then LogText "Result: Can not determine status, most likely due to lacking permissions" Display --indent 4 --text "- Checking AppArmor status" --result "${STATUS_UNKNOWN}" --color RED |