diff options
61 files changed, 210 insertions, 135 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index 15ffd07d..dc357c76 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,13 +1,17 @@ # Lynis Changelog -## Lynis 3.0.3 (not released yet) +## Lynis 3.0.3 (2021-01-07) ### Added +- HRDN-7231 - Check for registered non-native binary formats - OS detection of Parrot GNU/Linux ### Changed +- DBS-1816 - Force test to check only password authentication +- KRNL-5677 - Support for NetBSD +- Bugfix: command 'configure settings' did not work as intended --------------------------------------------------------------------------------- @@ -98,4 +98,4 @@ ================================================================================ - Lynis - Copyright 2007-2020, Michael Boelen, CISOfy - https://cisofy.com + Lynis - Copyright 2007-2021, Michael Boelen, CISOfy - https://cisofy.com @@ -48,4 +48,4 @@ ================================================================================ - Lynis - Copyright 2007-2020, Michael Boelen, CISOfy - https://cisofy.com + Lynis - Copyright 2007-2021, Michael Boelen, CISOfy - https://cisofy.com diff --git a/db/software-eol.db b/db/software-eol.db index 0c89b74b..bebd4de8 100644 --- a/db/software-eol.db +++ b/db/software-eol.db @@ -14,8 +14,9 @@ # For rolling releases or releases that do not (currently have an EOL date, leave field three empty and set field four to -1. # Full string for CentOS can be something like 'CentOS Linux 8 (Core)'. As this does not correctly match, shorter string is used for matching. # -# Alpine - https://wiki.alpinelinux.org/wiki/Alpine_Linux:Releases +# Alpine - https://alpinelinux.org/releases/ # +os:Alpine 3.13:2022-11-01:1667275200 os:Alpine 3.12:2022-05-01:1651377600 os:Alpine 3.11:2021-11-01:1635739200 os:Alpine 3.10:2021-05-01:1619841600 diff --git a/db/tests.db b/db/tests.db index f9f8a3f7..bb31972b 100644 --- a/db/tests.db +++ b/db/tests.db @@ -171,6 +171,7 @@ HOME-9350:test:security:homedirs::Collecting information from home directories: HRDN-7220:test:security:hardening::Check if one or more compilers are installed: HRDN-7222:test:security:hardening::Check compiler permissions: HRDN-7230:test:security:hardening::Check for malware scanner: +HRDN-7231:test:security:hardening:Linux:Check for registered non-native binary formats: HTTP-6622:test:security:webservers::Checking Apache presence: HTTP-6624:test:security:webservers::Testing main Apache configuration file: HTTP-6626:test:security:webservers::Testing other Apache configuration file: diff --git a/include/binaries b/include/binaries index 95d56c3d..7d6d38c8 100644 --- a/include/binaries +++ b/include/binaries @@ -6,7 +6,7 @@ # ------------------ # # Copyright 2007-2013, Michael Boelen -# Copyright 2007-2020, CISOfy +# Copyright 2007-2021, CISOfy # # Website : https://cisofy.com # Blog : http://linux-audit.com diff --git a/include/consts b/include/consts index bb1d63ff..513515cd 100644 --- a/include/consts +++ b/include/consts @@ -6,7 +6,7 @@ # ------------------ # # Copyright 2007-2013, Michael Boelen -# Copyright 2007-2020, CISOfy +# Copyright 2007-2021, CISOfy # # Website : https://cisofy.com # Blog : http://linux-audit.com @@ -60,6 +60,7 @@ ETC_PATHS="/etc /usr/local/etc" BLKIDBINARY="" BOOTCTLBINARY="" CAT_BINARY="" + CCBINARY="" CFAGENTBINARY="" CHECK=0 CHECK_BINARIES=1 @@ -117,6 +118,7 @@ ETC_PATHS="/etc /usr/local/etc" FIREWALL_ACTIVE=0 FOUNDPATH=0 FORENSICS_MODE=0 + GCCBINARY="" GETENT_BINARY="" GRADMBINARY="" GREPBINARY="grep" @@ -145,6 +147,7 @@ ETC_PATHS="/etc /usr/local/etc" LICENSE_KEY="" LICENSE_SERVER="" LINUX_VERSION="" + LINUX_VERSION_LIKE="" LINUXCONFIGFILE="" LMDBINARY="" LMDFOUND=0 diff --git a/include/data_upload b/include/data_upload index eae2b5cc..c85a4140 100644 --- a/include/data_upload +++ b/include/data_upload @@ -6,7 +6,7 @@ # ------------------ # # Copyright 2007-2013, Michael Boelen -# Copyright 2007-2020, CISOfy +# Copyright 2007-2021, CISOfy # # Website : https://cisofy.com # Blog : http://linux-audit.com diff --git a/include/functions b/include/functions index 2bb82eae..62ffdfc5 100644 --- a/include/functions +++ b/include/functions @@ -6,7 +6,7 @@ # ------------------ # # Copyright 2007-2013, Michael Boelen -# Copyright 2007-2020, CISOfy +# Copyright 2007-2021, CISOfy # # Website : https://cisofy.com # Blog : http://linux-audit.com @@ -3693,4 +3693,4 @@ #================================================================================ # Lynis is part of Lynis Enterprise and released under GPLv3 license -# Copyright 2007-2020 - Michael Boelen, CISOfy - https://cisofy.com +# Copyright 2007-2021 - Michael Boelen, CISOfy - https://cisofy.com diff --git a/include/helper_audit_dockerfile b/include/helper_audit_dockerfile index a71326ee..3ebbb7b2 100644 --- a/include/helper_audit_dockerfile +++ b/include/helper_audit_dockerfile @@ -6,7 +6,7 @@ # ------------------ # # Copyright 2007-2013, Michael Boelen -# Copyright 2007-2020, CISOfy +# Copyright 2007-2021, CISOfy # # Website : https://cisofy.com # Blog : http://linux-audit.com diff --git a/include/helper_configure b/include/helper_configure index 85c6dadf..315b92f3 100644 --- a/include/helper_configure +++ b/include/helper_configure @@ -6,7 +6,7 @@ # ------------------ # # Copyright 2007-2013, Michael Boelen -# Copyright 2007-2020, CISOfy +# Copyright 2007-2021, CISOfy # # Website : https://cisofy.com # Blog : http://linux-audit.com diff --git a/include/helper_generate b/include/helper_generate index f3a8d909..bbfbb8dc 100644 --- a/include/helper_generate +++ b/include/helper_generate @@ -6,7 +6,7 @@ # ------------------ # # Copyright 2007-2013, Michael Boelen -# Copyright 2007-2020, CISOfy +# Copyright 2007-2021, CISOfy # # Website : https://cisofy.com # Blog : http://linux-audit.com diff --git a/include/helper_show b/include/helper_show index e251aad0..70a066be 100644 --- a/include/helper_show +++ b/include/helper_show @@ -6,7 +6,7 @@ # ------------------ # # Copyright 2007-2013, Michael Boelen -# Copyright 2007-2020, CISOfy +# Copyright 2007-2021, CISOfy # # Website : https://cisofy.com # Blog : http://linux-audit.com diff --git a/include/helper_system_remote_scan b/include/helper_system_remote_scan index 8f9df294..5c54814a 100644 --- a/include/helper_system_remote_scan +++ b/include/helper_system_remote_scan @@ -6,7 +6,7 @@ # ------------------ # # Copyright 2007-2013, Michael Boelen -# Copyright 2007-2020, CISOfy +# Copyright 2007-2021, CISOfy # # Website : https://cisofy.com # Blog : http://linux-audit.com diff --git a/include/helper_update b/include/helper_update index cc5f672c..0453ffbd 100644 --- a/include/helper_update +++ b/include/helper_update @@ -6,7 +6,7 @@ # ------------------ # # Copyright 2007-2013, Michael Boelen -# Copyright 2007-2020, CISOfy +# Copyright 2007-2021, CISOfy # # Website : https://cisofy.com # Blog : http://linux-audit.com diff --git a/include/osdetection b/include/osdetection index 3c5932ce..fe83c10b 100644 --- a/include/osdetection +++ b/include/osdetection @@ -6,7 +6,7 @@ # ------------------ # # Copyright 2007-2013, Michael Boelen -# Copyright 2007-2020, CISOfy +# Copyright 2007-2021, CISOfy # # Website : https://cisofy.com # Blog : http://linux-audit.com @@ -214,6 +214,12 @@ OS_NAME="Flatcar Linux" OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') ;; + "garuda") + LINUX_VERSION="Garuda" + OS_FULLNAME="Garuda Linux" + OS_NAME="Garuda" + OS_VERSION="Rolling release" + ;; "gentoo") LINUX_VERSION="Gentoo" OS_NAME="Gentoo Linux" @@ -226,11 +232,13 @@ ;; "kali") LINUX_VERSION="Kali" + LINUX_VERSION_LIKE="Debian" OS_NAME="Kali Linux" OS_VERSION="Rolling release" ;; "linuxmint") LINUX_VERSION="Linux Mint" + LINUX_VERSION_LIKE="Ubuntu" OS_NAME="Linux Mint" OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') OS_VERSION_FULL=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') @@ -278,18 +286,21 @@ ;; "pop") LINUX_VERSION="Pop!_OS" + LINUX_VERSION_LIKE="Ubuntu" OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') OS_VERSION_FULL=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') OS_NAME="Pop!_OS" ;; "pureos") LINUX_VERSION="PureOS" + LINUX_VERSION_LIKE="Debian" OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') OS_VERSION_FULL=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') OS_NAME="PureOS" ;; "raspbian") LINUX_VERSION="Raspbian" + LINUX_VERSION_LIKE="Debian" OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') OS_VERSION_FULL=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"') OS_NAME="Raspbian" @@ -378,31 +389,32 @@ # CPUBuilders Linux if [ -e "/etc/cpub-release" ]; then OS_FULLNAME=$(cat /etc/cpub-release); fi - # Debian/Ubuntu (***) - Set first to Debian - if [ -e "/etc/debian_version" ]; then + if [ -z "${LINUX_VERSION}" ] && [ -e "/etc/debian_version" ]; then + # Debian/Ubuntu (***) - Set first to Debian OS_VERSION=$(cat /etc/debian_version) OS_FULLNAME="Debian ${OS_VERSION}" LINUX_VERSION="Debian" - fi - # /etc/lsb-release does not exist on Debian - if [ -e "/etc/debian_version" -a -e /etc/lsb-release ]; then - OS_VERSION=$(cat /etc/debian_version) - FIND=$(grep "^DISTRIB_ID=" /etc/lsb-release | cut -d '=' -f2 | sed 's/"//g') - if [ "${FIND}" = "Ubuntu" ]; then - OS_VERSION=$(grep "^DISTRIB_RELEASE=" /etc/lsb-release | cut -d '=' -f2) - OS_FULLNAME="Ubuntu ${OS_VERSION}" - LINUX_VERSION="Ubuntu" - elif [ "${FIND}" = "elementary OS" ]; then - LINUX_VERSION="elementary OS" - OS_VERSION=$(grep "^DISTRIB_RELEASE=" /etc/lsb-release | cut -d '=' -f2) - OS_FULLNAME=$(grep "^DISTRIB_DESCRIPTION=" /etc/lsb-release | cut -d '=' -f2 | sed 's/"//g') - else - # Catch all, in case it's unclear what specific release this is. - OS_FULLNAME="Debian ${OS_VERSION}" - LINUX_VERSION="Debian" + # /etc/lsb-release does not exist on Debian + if [ -e /etc/lsb-release ]; then + OS_VERSION=$(cat /etc/debian_version) + FIND=$(grep "^DISTRIB_ID=" /etc/lsb-release | cut -d '=' -f2 | sed 's/"//g') + if [ "${FIND}" = "Ubuntu" ]; then + OS_VERSION=$(grep "^DISTRIB_RELEASE=" /etc/lsb-release | cut -d '=' -f2) + OS_FULLNAME="Ubuntu ${OS_VERSION}" + LINUX_VERSION="Ubuntu" + elif [ "${FIND}" = "elementary OS" ]; then + LINUX_VERSION="elementary OS" + LINUX_VERSION_LIKE="Ubuntu" + OS_VERSION=$(grep "^DISTRIB_RELEASE=" /etc/lsb-release | cut -d '=' -f2) + OS_FULLNAME=$(grep "^DISTRIB_DESCRIPTION=" /etc/lsb-release | cut -d '=' -f2 | sed 's/"//g') + else + # Catch all, in case it's unclear what specific release this is. + OS_FULLNAME="Debian ${OS_VERSION}" + LINUX_VERSION="Debian" + fi + # Ubuntu test (optional) $(grep "[Uu]buntu" /proc/version) fi - # Ubuntu test (optional) $(grep "[Uu]buntu" /proc/version) fi # Override for Linux Mint, as that is initially detected as Debian or Ubuntu @@ -410,6 +422,8 @@ FIND=$(lsb_release --id | awk -F: '{ print $2 }' | awk '{ print $1 }') if [ "${FIND}" = "LinuxMint" ]; then LINUX_VERSION="Linux Mint" + # LMDE (Linux Mint Debian Edition) should be detected as Debian + LINUX_VERSION_LIKE="Ubuntu" OS_VERSION=$(lsb_release --release | awk '{ print $2 }') OS_FULLNAME="Linux Mint ${OS_VERSION}" fi diff --git a/include/parameters b/include/parameters index 242899e6..90181927 100644 --- a/include/parameters +++ b/include/parameters @@ -6,7 +6,7 @@ # ------------------ # # Copyright 2007-2013, Michael Boelen -# Copyright 2007-2020, CISOfy +# Copyright 2007-2021, CISOfy # # Website : https://cisofy.com # Blog : http://linux-audit.com diff --git a/include/profiles b/include/profiles index e7a25670..6bf7758a 100644 --- a/include/profiles +++ b/include/profiles @@ -6,7 +6,7 @@ # ------------------ # # Copyright 2007-2013, Michael Boelen -# Copyright 2007-2020, CISOfy +# Copyright 2007-2021, CISOfy # # Website : https://cisofy.com # Blog : http://linux-audit.com diff --git a/include/report b/include/report index 3d0c7fdf..ec5f3f66 100644 --- a/include/report +++ b/include/report @@ -6,7 +6,7 @@ # ------------------ # # Copyright 2007-2013, Michael Boelen -# Copyright 2007-2020, CISOfy +# Copyright 2007-2021, CISOfy # # Website : https://cisofy.com # Blog : http://linux-audit.com diff --git a/include/tests_accounting b/include/tests_accounting index dd1ef2a8..666576fb 100644 --- a/include/tests_accounting +++ b/include/tests_accounting @@ -6,7 +6,7 @@ # ------------------ # # Copyright 2007-2013, Michael Boelen -# Copyright 2007-2020, CISOfy +# Copyright 2007-2021, CISOfy # # Website : https://cisofy.com # Blog : http://linux-audit.com @@ -424,4 +424,4 @@ WaitForKeyPress # #================================================================================ -# Lynis - Copyright 2007-2020, Michael Boelen / CISOfy - https://cisofy.com +# Lynis - Copyright 2007-2021, Michael Boelen / CISOfy - https://cisofy.com diff --git a/include/tests_authentication b/include/tests_authentication index 88b95063..3366bb9a 100644 --- a/include/tests_authentication +++ b/include/tests_authentication @@ -6,7 +6,7 @@ # ------------------ # # Copyright 2007-2013, Michael Boelen -# Copyright 2007-2020, CISOfy +# Copyright 2007-2021, CISOfy # # Website : https://cisofy.com # Blog : http://linux-audit.com diff --git a/include/tests_banners b/include/tests_banners index f7e4d7e9..cd148f30 100644 --- a/include/tests_banners +++ b/include/tests_banners @@ -6,7 +6,7 @@ # ------------------ # # Copyright 2007-2013, Michael Boelen -# Copyright 2007-2020, CISOfy +# Copyright 2007-2021, CISOfy # # Website : https://cisofy.com # Blog : http://linux-audit.com diff --git a/include/tests_boot_services b/include/tests_boot_services index 2b30a11a..c3431fbd 100644 --- a/include/tests_boot_services +++ b/include/tests_boot_services @@ -6,7 +6,7 @@ # ------------------ # # Copyright 2007-2013, Michael Boelen -# Copyright 2007-2020, CISOfy +# Copyright 2007-2021, CISOfy # # Website : https://cisofy.com # Blog : http://linux-audit.com @@ -712,7 +712,13 @@ # Test : BOOT-5180 # Description : Check for Linux boot services (Debian style) # Notes : Debian 8+ shows runlevel 5 - if [ "${LINUX_VERSION}" = "Debian" -o "${LINUX_VERSION}" = "Ubuntu" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi + if [ "${LINUX_VERSION}" = "Debian" ] || [ "${LINUX_VERSION}" = "Ubuntu" ] || + [ "${LINUX_VERSION_LIKE}" = "Debian" ] || [ "${LINUX_VERSION_LIKE}" = "Ubuntu" ]; then + PREQS_MET="YES" + else + PREQS_MET="NO" + fi + Register --test-no BOOT-5180 --os Linux --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check for Linux boot services (Debian style)" if [ ${SKIPTEST} -eq 0 ]; then # Runlevel check diff --git a/include/tests_containers b/include/tests_containers index 78c12c50..af10997d 100644 --- a/include/tests_containers +++ b/include/tests_containers @@ -6,7 +6,7 @@ # ------------------ # # Copyright 2007-2013, Michael Boelen -# Copyright 2007-2020, CISOfy +# Copyright 2007-2021, CISOfy # # Website : https://cisofy.com # Blog : http://linux-audit.com @@ -226,4 +226,4 @@ WaitForKeyPress # #================================================================================ -# Lynis - Copyright 2007-2020, CISOfy - https://cisofy.com +# Lynis - Copyright 2007-2021, CISOfy - https://cisofy.com diff --git a/include/tests_crypto b/include/tests_crypto index af63d21a..d41a55ce 100644 --- a/include/tests_crypto +++ b/include/tests_crypto @@ -6,7 +6,7 @@ # ------------------ # # Copyright 2007-2013, Michael Boelen -# Copyright 2007-2020, CISOfy +# Copyright 2007-2021, CISOfy # # Website : https://cisofy.com # Blog : http://linux-audit.com diff --git a/include/tests_databases b/include/tests_databases index 9c8e1de0..5e71ee80 100644 --- a/include/tests_databases +++ b/include/tests_databases @@ -6,7 +6,7 @@ # ------------------ # # Copyright 2007-2013, Michael Boelen -# Copyright 2007-2020, CISOfy +# Copyright 2007-2021, CISOfy # # Website : https://cisofy.com # Blog : http://linux-audit.com @@ -86,7 +86,7 @@ # "-u root --password=" avoids ~/.my.cnf authentication settings # "plugin = 'mysql_native_password' AND authentication_string = ''" avoids false positives when secure plugins are used - FIND=$(${MYSQLCLIENTBINARY} --no-defaults -u root --password= --silent --batch --execute="SELECT count(*) FROM mysql.user WHERE user = 'root' AND plugin = 'mysql_native_password' AND authentication_string = ''" mysql > /dev/null 2>&1; echo $?) + FIND=$(${MYSQLCLIENTBINARY} --default-auth=mysql_native_password --no-defaults -u root --password= --silent --batch --execute="SELECT count(*) FROM mysql.user WHERE user = 'root' AND plugin = 'mysql_native_password' AND authentication_string = ''" mysql > /dev/null 2>&1; echo $?) if [ "${FIND}" = "0" ]; then LogText "Result: Login succeeded, no MySQL root password set!" ReportWarning "${TEST_NO}" "No MySQL root password set" diff --git a/include/tests_dns b/include/tests_dns index 085168d4..5ef5a382 100644 --- a/include/tests_dns +++ b/include/tests_dns @@ -6,7 +6,7 @@ # ------------------ # # Copyright 2007-2013, Michael Boelen -# Copyright 2007-2020, CISOfy +# Copyright 2007-2021, CISOfy # # Website : https://cisofy.com # Blog : http://linux-audit.com diff --git a/include/tests_file_integrity b/include/tests_file_integrity index c06b1703..68d02c5f 100644 --- a/include/tests_file_integrity +++ b/include/tests_file_integrity @@ -6,7 +6,7 @@ # ------------------ # # Copyright 2007-2013, Michael Boelen -# Copyright 2007-2020, CISOfy +# Copyright 2007-2021, CISOfy # # Website : https://cisofy.com # Blog : http://linux-audit.com @@ -441,4 +441,4 @@ WaitForKeyPress # #================================================================================ -# Lynis - Copyright 2007-2020 Michael Boelen, CISOfy - https://cisofy.com +# Lynis - Copyright 2007-2021 Michael Boelen, CISOfy - https://cisofy.com diff --git a/include/tests_file_permissions b/include/tests_file_permissions index 50ccdeee..32598f45 100644 --- a/include/tests_file_permissions +++ b/include/tests_file_permissions @@ -6,7 +6,7 @@ # ------------------ # # Copyright 2007-2013, Michael Boelen -# Copyright 2007-2020, CISOfy +# Copyright 2007-2021, CISOfy # # Website : https://cisofy.com # Blog : http://linux-audit.com @@ -72,4 +72,4 @@ WaitForKeyPress # #================================================================================ -# Lynis - Copyright 2007-2020, CISOfy - https://cisofy.com +# Lynis - Copyright 2007-2021, CISOfy - https://cisofy.com diff --git a/include/tests_filesystems b/include/tests_filesystems index 3c1bc7a4..34f128d0 100644 --- a/include/tests_filesystems +++ b/include/tests_filesystems @@ -6,7 +6,7 @@ # ------------------ # # Copyright 2007-2013, Michael Boelen -# Copyright 2007-2020, CISOfy +# Copyright 2007-2021, CISOfy # # Website : https://cisofy.com # Blog : http://linux-audit.com diff --git a/include/tests_firewalls b/include/tests_firewalls index 685f2452..06798ea7 100644 --- a/include/tests_firewalls +++ b/include/tests_firewalls @@ -6,7 +6,7 @@ # ------------------ # # Copyright 2007-2013, Michael Boelen -# Copyright 2007-2020, CISOfy +# Copyright 2007-2021, CISOfy # # Website : https://cisofy.com # Blog : http://linux-audit.com diff --git a/include/tests_hardening b/include/tests_hardening index 4feff7c6..130a4ddc 100644 --- a/include/tests_hardening +++ b/include/tests_hardening @@ -6,7 +6,7 @@ # ------------------ # # Copyright 2007-2013, Michael Boelen -# Copyright 2007-2020, CISOfy +# Copyright 2007-2021, CISOfy # # Website : https://cisofy.com # Blog : http://linux-audit.com @@ -107,6 +107,27 @@ # ################################################################################# # + # Test : HRDN-7231 + # Description : Check for registered non-native binary formats + Register --test-no HRDN-7231 --os Linux --weight L --network NO --category security --description "Check for registered non-native binary formats" + if [ ${SKIPTEST} -eq 0 ]; then + LogText "Test: Check for registered non-native binary formats" + NFORMATS=0 + if [ -d /proc/sys/fs/binfmt_misc ]; then + NFORMATS=$(${FINDBINARY} /proc/sys/fs/binfmt_misc -type f -not -name register -not -name status | ${WCBINARY} --lines) + fi + if [ ${NFORMATS} -eq 0 ]; then + LogText "Result: no non-native binary formats found" + Display --indent 4 --text "- Non-native binary formats" --result "${STATUS_NOT_FOUND}" --color GREEN + else + FORMATS=$(${FINDBINARY} /proc/sys/fs/binfmt_misc -type f -not -name register -not -name status -printf '%f ') + LogText "Result: found ${NFORMATS} non-native binary formats registered: ${FORMATS}" + Display --indent 4 --text "- Non-native binary formats" --result "${STATUS_FOUND}" --color RED + fi + fi +# +################################################################################# +# # LogText "--------------------------------------------------------------------" # LogText "| System part | Preferred value | Actual value | Points |" # LogText "| [!] Compiler installed | 0 | [${COMPILER_INSTALLED}] | x |" diff --git a/include/tests_homedirs b/include/tests_homedirs index c896bf86..3e5f1b78 100644 --- a/include/tests_homedirs +++ b/include/tests_homedirs @@ -6,7 +6,7 @@ # ------------------ # # Copyright 2007-2013, Michael Boelen -# Copyright 2007-2020, CISOfy +# Copyright 2007-2021, CISOfy # # Website : https://cisofy.com # Blog : http://linux-audit.com diff --git a/include/tests_insecure_services b/include/tests_insecure_services index 2ba308b3..f01966f2 100644 --- a/include/tests_insecure_services +++ b/include/tests_insecure_services @@ -6,7 +6,7 @@ # ------------------ # # Copyright 2007-2013, Michael Boelen -# Copyright 2007-2020, CISOfy +# Copyright 2007-2021, CISOfy # # Website : https://cisofy.com # Blog : http://linux-audit.com diff --git a/include/tests_kernel b/include/tests_kernel index 75f7bffc..19ed4dae 100644 --- a/include/tests_kernel +++ b/include/tests_kernel @@ -6,7 +6,7 @@ # ------------------ # # Copyright 2007-2013, Michael Boelen -# Copyright 2007-2020, CISOfy +# Copyright 2007-2021, CISOfy # # Website : https://cisofy.com # Blog : http://linux-audit.com @@ -81,7 +81,7 @@ fi else LogText "Result: file ${ROOTDIR}etc/inittab not found" - if [ "${LINUX_VERSION}" = "Debian" -o "${LINUX_VERSION}" = "Ubuntu" ]; then + if [ "${LINUX_VERSION}" = "Debian" ] || [ "${LINUX_VERSION}" = "Ubuntu" ] || [ "${LINUX_VERSION_LIKE}" = "Debian" ] || [ "${LINUX_VERSION_LIKE}" = "Ubuntu" ]; then LogText "Test: Checking run level with who -r, for Debian based systems" FIND=$(who -r | ${AWKBINARY} '{ if ($1=="run-level") { print $2 } }') if HasData "${FIND}"; then @@ -368,7 +368,12 @@ # # Test : KRNL-5788 # Description : Checking availability new kernel - if [ "${LINUX_VERSION}" = "Debian" -o "${LINUX_VERSION}" = "Ubuntu" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi + if [ "${LINUX_VERSION}" = "Debian" ] || [ "${LINUX_VERSION}" = "Ubuntu" ] || + [ "${LINUX_VERSION_LIKE}" = "Debian" ] || [ "${LINUX_VERSION_LIKE}" = "Ubuntu" ]; then + PREQS_MET="YES" + else + PREQS_MET="NO" + fi Register --test-no KRNL-5788 --os Linux --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Checking availability new Linux kernel" if [ ${SKIPTEST} -eq 0 ]; then HAS_VMLINUZ=0 @@ -914,4 +919,4 @@ WaitForKeyPress # #================================================================================ -# Lynis - Copyright 2007-2020, CISOfy - https://cisofy.com +# Lynis - Copyright 2007-2021, CISOfy - https://cisofy.com diff --git a/include/tests_kernel_hardening b/include/tests_kernel_hardening index c0887078..630c38d5 100644 --- a/include/tests_kernel_hardening +++ b/include/tests_kernel_hardening @@ -6,7 +6,7 @@ # ------------------ # # Copyright 2007-2013, Michael Boelen -# Copyright 2007-2020, CISOfy +# Copyright 2007-2021, CISOfy # # Website : https://cisofy.com # Blog : http://linux-audit.com diff --git a/include/tests_ldap b/include/tests_ldap index 7558d491..18cdc09c 100644 --- a/include/tests_ldap +++ b/include/tests_ldap @@ -6,7 +6,7 @@ # ------------------ # # Copyright 2007-2013, Michael Boelen -# Copyright 2007-2020, CISOfy +# Copyright 2007-2021, CISOfy # # Website : https://cisofy.com # Blog : http://linux-audit.com diff --git a/include/tests_logging b/include/tests_logging index acbbcf5b..00d592b4 100644 --- a/include/tests_logging +++ b/include/tests_logging @@ -6,7 +6,7 @@ # ------------------ # # Copyright 2007-2013, Michael Boelen -# Copyright 2007-2020, CISOfy +# Copyright 2007-2021, CISOfy # # Website : https://cisofy.com # Blog : http://linux-audit.com @@ -427,7 +427,7 @@ FIND=$(${EGREPBINARY} "@[a-zA-Z0-9]|destination\s.+(udp|tcp).+\sport" ${SYSLOGD_CONF} | ${GREPBINARY} -v "^#" | ${GREPBINARY} -v "[a-zA-Z0-9]@") if [ -n "${FIND}" ]; then FIND2=$(echo "${FIND}" | ${GREPBINARY} -v "@loghost") - if [ SOLARIS_LOGHOST_LOCALHOST -eq 1 ] && [ -z "${FIND2}" ]; then + if [ ${SOLARIS_LOGHOST_LOCALHOST} -eq 1 ] && [ -z "${FIND2}" ]; then LogText "Result: remote logging enabled to loghost, but loghost is localhost" else LogText "Result: remote logging enabled" diff --git a/include/tests_mac_frameworks b/include/tests_mac_frameworks index 5c55e8f5..cda343ad 100644 --- a/include/tests_mac_frameworks +++ b/include/tests_mac_frameworks @@ -6,7 +6,7 @@ # ------------------ # # Copyright 2007-2013, Michael Boelen -# Copyright 2007-2020, CISOfy +# Copyright 2007-2021, CISOfy # # Website : https://cisofy.com # Blog : http://linux-audit.com diff --git a/include/tests_mail_messaging b/include/tests_mail_messaging index cbbde8a0..a8e9ec3b 100644 --- a/include/tests_mail_messaging +++ b/include/tests_mail_messaging @@ -6,7 +6,7 @@ # ------------------ # # Copyright 2007-2013, Michael Boelen -# Copyright 2007-2020, CISOfy +# Copyright 2007-2021, CISOfy # # Website : https://cisofy.com # Blog : http://linux-audit.com diff --git a/include/tests_malware b/include/tests_malware index 3c2cd72d..4f68b9aa 100644 --- a/include/tests_malware +++ b/include/tests_malware @@ -6,7 +6,7 @@ # ------------------ # # Copyright 2007-2013, Michael Boelen -# Copyright 2007-2020, CISOfy +# Copyright 2007-2021, CISOfy # # Website : https://cisofy.com # Blog : http://linux-audit.com diff --git a/include/tests_memory_processes b/include/tests_memory_processes index 2454f320..542400a2 100644 --- a/include/tests_memory_processes +++ b/include/tests_memory_processes @@ -6,7 +6,7 @@ # ------------------ # # Copyright 2007-2013, Michael Boelen -# Copyright 2007-2020, CISOfy +# Copyright 2007-2021, CISOfy # # Website : https://cisofy.com # Blog : http://linux-audit.com diff --git a/include/tests_nameservices b/include/tests_nameservices index 46f4f1fb..aadc0a91 100644 --- a/include/tests_nameservices +++ b/include/tests_nameservices @@ -6,7 +6,7 @@ # ------------------ # # Copyright 2007-2013, Michael Boelen -# Copyright 2007-2020, CISOfy +# Copyright 2007-2021, CISOfy # # Website : https://cisofy.com # Blog : http://linux-audit.com diff --git a/include/tests_networking b/include/tests_networking index 7a04305f..6a33451c 100644 --- a/include/tests_networking +++ b/include/tests_networking @@ -6,7 +6,7 @@ # ------------------ # # Copyright 2007-2013, Michael Boelen -# Copyright 2007-2020, CISOfy +# Copyright 2007-2021, CISOfy # # Website : https://cisofy.com # Blog : http://linux-audit.com diff --git a/include/tests_php b/include/tests_php index 32211f1a..23738198 100644 --- a/include/tests_php +++ b/include/tests_php @@ -6,7 +6,7 @@ # ------------------ # # Copyright 2007-2013, Michael Boelen -# Copyright 2007-2020, CISOfy +# Copyright 2007-2021, CISOfy # # Website : https://cisofy.com # Blog : http://linux-audit.com diff --git a/include/tests_ports_packages b/include/tests_ports_packages index 2e827813..61ccf945 100644 --- a/include/tests_ports_packages +++ b/include/tests_ports_packages @@ -6,7 +6,7 @@ # ------------------ # # Copyright 2007-2013, Michael Boelen -# Copyright 2007-2020, CISOfy +# Copyright 2007-2021, CISOfy # # Website : https://cisofy.com # Blog : http://linux-audit.com @@ -600,8 +600,8 @@ # # Test : PKGS-7366 # Description : Checking if debsecan is installed and enabled on Debian systems - if [ -n "${DEBSECANBINARY}" -a "${OS}" = "Linux" -a "${LINUX_VERSION}" = "Debian" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi - Register --test-no "PKGS-7366" --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Checking for debsecan utility" + if [ -n "${DEBSECANBINARY}" ] && ( [ "${LINUX_VERSION}" = "Debian" ] || [ "${LINUX_VERSION_LIKE}" = "Debian" ] ); then PREQS_MET="YES"; else PREQS_MET="NO"; fi + Register --test-no "PKGS-7366" --preqs-met ${PREQS_MET} --os Linux --weight L --network NO --category security --description "Checking for debsecan utility" if [ ${SKIPTEST} -eq 0 ]; then if [ -n "${DEBSECANBINARY}" ]; then LogText "Result: debsecan utility is installed" @@ -986,7 +986,9 @@ PREQS_MET="NO" if [ -f ${ROOTDIR}etc/apt/sources.list -a -d ${ROOTDIR}etc/apt/sources.list.d ]; then case "${LINUX_VERSION}" in - "Debian" | "Linux Mint" | "Ubuntu") + "Debian" | "Linux Mint" | "Ubuntu" | "Pop!_OS") + # Todo: PureOS (not rolling) has security repositories + # Todo: Debian sid does not have a security repository. PREQS_MET="YES" ;; *) @@ -1042,7 +1044,13 @@ # # Test : PKGS-7390 # Description : Check Ubuntu database consistency - if [ "${LINUX_VERSION}" = "Ubuntu" -a -x ${ROOTDIR}usr/bin/apt-get ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi + if ([ "${LINUX_VERSION}" = "Debian" ] || [ "${LINUX_VERSION}" = "Ubuntu" ] || + [ "${LINUX_VERSION_LIKE}" = "Debian" ] || [ "${LINUX_VERSION_LIKE}" = "Ubuntu" ]) && [ -x "${ROOTDIR}usr/bin/apt-get" ]; then + PREQS_MET="YES" + else + PREQS_MET="NO" + fi + Register --test-no PKGS-7390 --os Linux --preqs-met ${PREQS_MET} --root-only YES --weight L --network NO --category security --description "Check Ubuntu database consistency" if [ ${SKIPTEST} -eq 0 ]; then LogText "Test: Package database consistency by running apt-get check" @@ -1191,7 +1199,13 @@ # # Test : PKGS-7394 # Description : Check Ubuntu upgradeable packages - if [ "${LINUX_VERSION}" = "Ubuntu" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi + if ([ "${LINUX_VERSION}" = "Debian" ] || [ "${LINUX_VERSION}" = "Ubuntu" ] || + [ "${LINUX_VERSION_LIKE}" = "Debian" ] || [ "${LINUX_VERSION_LIKE}" = "Ubuntu" ]) && [ -x "${ROOTDIR}usr/bin/apt-get" ]; then + PREQS_MET="YES" + else + PREQS_MET="NO" + fi + Register --test-no PKGS-7394 --os Linux --preqs-met ${PREQS_MET} --weight L --network YES --category security --description "Check for Ubuntu updates" if [ ${SKIPTEST} -eq 0 ]; then LogText "Test: checking ${ROOTDIR}usr/bin/apt-show-versions" @@ -1329,37 +1343,39 @@ case "${OS}" in "Linux") - case "${LINUX_VERSION}" in - "CentOS" | "Debian" | "Fedora" | "RHEL" | "Ubuntu") - + for DIST in CentOS Debian Fedora RHEL Ubuntu; do + if [ "${LINUX_VERSION}" = "${DIST}" ] || [ "${LINUX_VERSION_LIKE}" = "${DIST}" ]; then UNATTENDED_UPGRADES_OPTION_AVAILABLE=1 - # Test available tools for Linux - if [ -f "${ROOTDIR}bin/auter" ]; then - UNATTENDED_UPGRADES_TOOL="auter" - UNATTENDED_UPGRADES_TOOLKIT=1 - LogText "Result: found ${UNATTENDED_UPGRADES_TOOL}" - Report "unattended_upgrade_tool[]=${UNATTENDED_UPGRADES_TOOL}" - fi - if [ -f "${ROOTDIR}sbin/yum-cron" ]; then - UNATTENDED_UPGRADES_TOOL="yum-cron" - UNATTENDED_UPGRADES_TOOLKIT=1 - LogText "Result: found ${UNATTENDED_UPGRADES_TOOL}" - Report "unattended_upgrade_tool[]=${UNATTENDED_UPGRADES_TOOL}" - fi - if [ -f "${ROOTDIR}usr/bin/dnf-automatic" ]; then - UNATTENDED_UPGRADES_TOOL="dnf-automatic" - UNATTENDED_UPGRADES_TOOLKIT=1 - LogText "Result: found ${UNATTENDED_UPGRADES_TOOL}" - Report "unattended_upgrade_tool[]=${UNATTENDED_UPGRADES_TOOL}" - fi - if [ -f "${ROOTDIR}usr/bin/unattended-upgrade" ]; then - UNATTENDED_UPGRADES_TOOL="unattended-upgrade" - UNATTENDED_UPGRADES_TOOLKIT=1 - LogText "Result: found ${UNATTENDED_UPGRADES_TOOL}" - Report "unattended_upgrade_tool[]=${UNATTENDED_UPGRADES_TOOL}" - fi - ;; - esac + fi + done + + if [ ${UNATTENDED_UPGRADES_OPTION_AVAILABLE} -eq 1 ]; then + # Test available tools for Linux + if [ -f "${ROOTDIR}bin/auter" ]; then + UNATTENDED_UPGRADES_TOOL="auter" + UNATTENDED_UPGRADES_TOOLKIT=1 + LogText "Result: found ${UNATTENDED_UPGRADES_TOOL}" + Report "unattended_upgrade_tool[]=${UNATTENDED_UPGRADES_TOOL}" + fi + if [ -f "${ROOTDIR}sbin/yum-cron" ]; then + UNATTENDED_UPGRADES_TOOL="yum-cron" + UNATTENDED_UPGRADES_TOOLKIT=1 + LogText "Result: found ${UNATTENDED_UPGRADES_TOOL}" + Report "unattended_upgrade_tool[]=${UNATTENDED_UPGRADES_TOOL}" + fi + if [ -f "${ROOTDIR}usr/bin/dnf-automatic" ]; then + UNATTENDED_UPGRADES_TOOL="dnf-automatic" + UNATTENDED_UPGRADES_TOOLKIT=1 + LogText "Result: found ${UNATTENDED_UPGRADES_TOOL}" + Report "unattended_upgrade_tool[]=${UNATTENDED_UPGRADES_TOOL}" + fi + if [ -f "${ROOTDIR}usr/bin/unattended-upgrade" ]; then + UNATTENDED_UPGRADES_TOOL="unattended-upgrade" + UNATTENDED_UPGRADES_TOOLKIT=1 + LogText "Result: found ${UNATTENDED_UPGRADES_TOOL}" + Report "unattended_upgrade_tool[]=${UNATTENDED_UPGRADES_TOOL}" + fi + fi ;; esac diff --git a/include/tests_printers_spoolers b/include/tests_printers_spoolers index 61304f87..18b88c0c 100644 --- a/include/tests_printers_spoolers +++ b/include/tests_printers_spoolers @@ -6,7 +6,7 @@ # ------------------ # # Copyright 2007-2013, Michael Boelen -# Copyright 2007-2020, CISOfy +# Copyright 2007-2021, CISOfy # # Website : https://cisofy.com # Blog : http://linux-audit.com diff --git a/include/tests_scheduling b/include/tests_scheduling index b461ba95..196a2e77 100644 --- a/include/tests_scheduling +++ b/include/tests_scheduling @@ -6,7 +6,7 @@ # ------------------ # # Copyright 2007-2013, Michael Boelen -# Copyright 2007-2020, CISOfy +# Copyright 2007-2021, CISOfy # # Website : https://cisofy.com # Blog : http://linux-audit.com diff --git a/include/tests_shells b/include/tests_shells index 89be9979..9598cfbc 100644 --- a/include/tests_shells +++ b/include/tests_shells @@ -6,7 +6,7 @@ # ------------------ # # Copyright 2007-2013, Michael Boelen -# Copyright 2007-2020, CISOfy +# Copyright 2007-2021, CISOfy # # Website : https://cisofy.com # Blog : http://linux-audit.com @@ -282,4 +282,4 @@ WaitForKeyPress # #================================================================================ -# Lynis - Copyright 2007-2020, CISOfy - http://cisofy.com +# Lynis - Copyright 2007-2021, CISOfy - http://cisofy.com diff --git a/include/tests_snmp b/include/tests_snmp index 0bf785f0..93755e80 100644 --- a/include/tests_snmp +++ b/include/tests_snmp @@ -6,7 +6,7 @@ # ------------------ # # Copyright 2007-2013, Michael Boelen -# Copyright 2007-2020, CISOfy +# Copyright 2007-2021, CISOfy # # Website : https://cisofy.com # Blog : http://linux-audit.com @@ -104,4 +104,4 @@ WaitForKeyPress # #================================================================================ -# Lynis - Copyright 2007-2020 Michael Boelen, CISOfy - https://cisofy.com +# Lynis - Copyright 2007-2021 Michael Boelen, CISOfy - https://cisofy.com diff --git a/include/tests_squid b/include/tests_squid index d62310a3..c6b5174a 100644 --- a/include/tests_squid +++ b/include/tests_squid @@ -6,7 +6,7 @@ # ------------------ # # Copyright 2007-2013, Michael Boelen -# Copyright 2007-2020, CISOfy +# Copyright 2007-2021, CISOfy # # Website : https://cisofy.com # Blog : http://linux-audit.com @@ -325,4 +325,4 @@ WaitForKeyPress # #================================================================================ -# Lynis - Copyright 2007-2020 Michael Boelen, CISOfy - https://cisofy.com +# Lynis - Copyright 2007-2021 Michael Boelen, CISOfy - https://cisofy.com diff --git a/include/tests_ssh b/include/tests_ssh index 43c678b9..7f31c348 100644 --- a/include/tests_ssh +++ b/include/tests_ssh @@ -6,7 +6,7 @@ # ------------------ # # Copyright 2007-2013, Michael Boelen -# Copyright 2007-2020, CISOfy +# Copyright 2007-2021, CISOfy # # Website : https://cisofy.com # Blog : http://linux-audit.com diff --git a/include/tests_storage b/include/tests_storage index 6ee1a78a..ac60502c 100644 --- a/include/tests_storage +++ b/include/tests_storage @@ -6,7 +6,7 @@ # ------------------ # # Copyright 2007-2013, Michael Boelen -# Copyright 2007-2020, CISOfy +# Copyright 2007-2021, CISOfy # # Website : https://cisofy.com # Blog : http://linux-audit.com @@ -77,4 +77,4 @@ WaitForKeyPress # #================================================================================ -# Lynis - Copyright 2007-2020, CISOfy, Michael Boelen - https://cisofy.com +# Lynis - Copyright 2007-2021, CISOfy, Michael Boelen - https://cisofy.com diff --git a/include/tests_storage_nfs b/include/tests_storage_nfs index 6aaafc79..fb236560 100644 --- a/include/tests_storage_nfs +++ b/include/tests_storage_nfs @@ -6,7 +6,7 @@ # ------------------ # # Copyright 2007-2013, Michael Boelen -# Copyright 2007-2020, CISOfy +# Copyright 2007-2021, CISOfy # # Website : https://cisofy.com # Blog : http://linux-audit.com diff --git a/include/tests_system_integrity b/include/tests_system_integrity index 825f3d70..befe09a0 100644 --- a/include/tests_system_integrity +++ b/include/tests_system_integrity @@ -6,7 +6,7 @@ # ------------------ # # Copyright 2007-2013, Michael Boelen -# Copyright 2007-2020, CISOfy +# Copyright 2007-2021, CISOfy # # Website : https://cisofy.com # Blog : http://linux-audit.com @@ -51,4 +51,4 @@ WaitForKeyPress # #================================================================================ -# Lynis - Copyright 2007-2020 Michael Boelen, CISOfy - https://cisofy.com +# Lynis - Copyright 2007-2021 Michael Boelen, CISOfy - https://cisofy.com diff --git a/include/tests_time b/include/tests_time index 0d1d65cb..df9a86b7 100644 --- a/include/tests_time +++ b/include/tests_time @@ -6,7 +6,7 @@ # ------------------ # # Copyright 2007-2013, Michael Boelen -# Copyright 2007-2020, CISOfy +# Copyright 2007-2021, CISOfy # # Website : https://cisofy.com # Blog : http://linux-audit.com @@ -585,6 +585,10 @@ if [ ! -e "${SYNCHRONIZED_FILE}" ]; then SYNCHRONIZED_FILE="/var/lib/private/systemd/timesync/clock" fi + # Fix for debian stretch + if [ ! -e "${SYNCHRONIZED_FILE}" ]; then + SYNCHRONIZED_FILE="/var/lib/systemd/clock" + fi if [ -e "${SYNCHRONIZED_FILE}" ]; then FIND=$(( $(date +%s) - $(${STATBINARY} -L --format %Y "${SYNCHRONIZED_FILE}") )) # Check if last sync was more than 2048 seconds (= the default of systemd) ago diff --git a/include/tests_tooling b/include/tests_tooling index 15475c61..083f5045 100644 --- a/include/tests_tooling +++ b/include/tests_tooling @@ -6,7 +6,7 @@ # ------------------ # # Copyright 2007-2013, Michael Boelen -# Copyright 2007-2020, CISOfy +# Copyright 2007-2021, CISOfy # # Website : https://cisofy.com # Blog : http://linux-audit.com diff --git a/include/tests_virtualization b/include/tests_virtualization index e4df170e..bf985e7c 100644 --- a/include/tests_virtualization +++ b/include/tests_virtualization @@ -6,7 +6,7 @@ # ------------------ # # Copyright 2007-2013, Michael Boelen -# Copyright 2007-2020, CISOfy +# Copyright 2007-2021, CISOfy # # Website : https://cisofy.com # Blog : http://linux-audit.com diff --git a/include/tests_webservers b/include/tests_webservers index 45588492..6e0a3b3d 100644 --- a/include/tests_webservers +++ b/include/tests_webservers @@ -6,7 +6,7 @@ # ------------------ # # Copyright 2007-2013, Michael Boelen -# Copyright 2007-2020, CISOfy +# Copyright 2007-2021, CISOfy # # Website : https://cisofy.com # Blog : http://linux-audit.com diff --git a/include/tool_tips b/include/tool_tips index 6ff7534e..e380a5d5 100644 --- a/include/tool_tips +++ b/include/tool_tips @@ -6,7 +6,7 @@ # ------------------ # # Copyright 2007-2013, Michael Boelen -# Copyright 2007-2020, CISOfy +# Copyright 2007-2021, CISOfy # # Website : https://cisofy.com # Blog : http://linux-audit.com @@ -43,16 +43,16 @@ PROGRAM_WEBSITE="https://cisofy.com/lynis/" # Version details - PROGRAM_RELEASE_DATE="2020-12-26" - PROGRAM_RELEASE_TIMESTAMP=1608801742 - PROGRAM_RELEASE_TYPE="pre-release" # pre-release or release + PROGRAM_RELEASE_DATE="2021-01-07" + PROGRAM_RELEASE_TIMESTAMP=1610029111 + PROGRAM_RELEASE_TYPE="release" # pre-release or release PROGRAM_VERSION="3.0.3" # Source, documentation and license PROGRAM_SOURCE="https://github.com/CISOfy/lynis" PROGRAM_PACKAGE="https://packages.cisofy.com/" PROGRAM_DOCUMENTATION="https://cisofy.com/docs/" - PROGRAM_COPYRIGHT="2007-2020, ${PROGRAM_AUTHOR} - ${PROGRAM_WEBSITE}" + PROGRAM_COPYRIGHT="2007-2021, ${PROGRAM_AUTHOR} - ${PROGRAM_WEBSITE}" PROGRAM_LICENSE="${PROGRAM_NAME} comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under the terms of the GNU General Public License. See the LICENSE file for details about using this software." @@ -1149,4 +1149,4 @@ ${NORMAL} # #================================================================================ -# Lynis - Copyright 2007-2020, Michael Boelen, CISOfy - https://cisofy.com +# Lynis - Copyright 2007-2021, Michael Boelen, CISOfy - https://cisofy.com |