Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/CISOfy/lynis.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/include/binaries
diff options
context:
space:
mode:
Diffstat (limited to 'include/binaries')
-rw-r--r--include/binaries20
1 files changed, 17 insertions, 3 deletions
diff --git a/include/binaries b/include/binaries
index ec633f02..16096fe4 100644
--- a/include/binaries
+++ b/include/binaries
@@ -6,7 +6,7 @@
# ------------------
#
# Copyright 2007-2013, Michael Boelen
-# Copyright 2007-2019, CISOfy
+# Copyright 2007-2020, CISOfy
#
# Website : https://cisofy.com
# Blog : http://linux-audit.com
@@ -154,8 +154,10 @@
docker) DOCKERBINARY="${BINARY}"; LogText " Found known binary: docker (container technology) - ${BINARY}" ;;
domainname) DOMAINNAMEBINARY="${BINARY}"; LogText " Found known binary: domainname (NIS domain) - ${BINARY}" ;;
dpkg) DPKGBINARY="${BINARY}"; LogText " Found known binary: dpkg (package management) - ${BINARY}" ;;
+ xbps-query) XBPSBINARY="${BINARY}"; LogText " Found known binary: xbps (package management) - ${BINARY}" ;;
egrep) EGREPBINARY=${BINARY}; LogText " Found known binary: egrep (text search) - ${BINARY}" ;;
equery) EQUERYBINARY="${BINARY}"; LogText " Found known binary: query (package manager) - ${BINARY}" ;;
+ evmctl) EVMCTLBINARY=${BINARY}; LogText " Found known binary: evmctl (IMA/EVM tool) - ${BINARY}" ;;
exim) EXIMBINARY="${BINARY}"; EXIMVERSION=$(${BINARY} -bV | grep 'Exim version' | awk '{ print $3 }' | xargs); LogText " Found known binary ${BINARY} (version ${EXIMVERSION})" ;;
fail2ban-server) FAIL2BANBINARY="${BINARY}"; LogText " Found known binary: fail2ban (IPS tool) - ${BINARY}" ;;
file) FILEBINARY="${BINARY}"; LogText " Found known binary: file (file type detection) - ${BINARY}" ;;
@@ -174,6 +176,7 @@
httpd2-prefork) HTTPDBINARY=${BINARY}; LogText " Found known binary: apache2 (web server) - ${BINARY}" ;;
initctl) INITCTLBINARY=${BINARY}; SERVICE_MANAGER="upstart"; LogText " Found known binary: initctl (client to upstart init) - ${BINARY}" ;;
ifconfig) IFCONFIGBINARY="${BINARY}"; LogText " Found known binary: ipconfig (IP configuration) - ${BINARY}" ;;
+ integritysetup) INTEGRITYSETUPBINARY="${BINARY}"; LogText " Found known binary: integritysetup (dm-integrity setup tool) - ${BINARY}" ;;
ip) IPBINARY="${BINARY}"; LogText " Found known binary: ip (IP configuration) - ${BINARY}" ;;
ipf) IPFBINARY="${BINARY}"; LogText " Found known binary: ipf (firewall) - ${BINARY}" ;;
iptables) IPTABLESBINARY="${BINARY}"; LogText " Found known binary: iptables (firewall) - ${BINARY}" ;;
@@ -216,7 +219,12 @@
ntpq) NTPQBINARY="${BINARY}"; LogText " Found known binary ntpq (time daemon client) - ${BINARY}" ;;
osiris) OSIRISBINARY="${BINARY}"; LogText " Found known binary: osiris - ${BINARY}" ;;
openssl) OPENSSLBINARY="${BINARY}"; OPENSSLVERSION=$(${BINARY} version 2> /dev/null | head -n 1 | awk '{ print $2 }' | xargs); LogText "Found ${BINARY} (version ${OPENSSLVERSION})" ;;
- pacman) PACMANBINARY="${BINARY}"; LogText " Found known binary: pacman (package manager) - ${BINARY}" ;;
+ pacman)
+ if [ -z "$(echo "${BINARY}" | grep -E "/usr(/local)?/games")" ]; then
+ PACMANBINARY="${BINARY}"
+ LogText " Found known binary: pacman (package manager) - ${BINARY}"
+ fi
+ ;;
perl) PERLBINARY="${BINARY}"; PERLVERSION=$(${BINARY} -V:version | sed 's/^version=//' | sed 's/;//' | xargs); LogText "Found ${BINARY} (version ${PERLVERSION})" ;;
pgrep) PGREPBINARY="${BINARY}"; LogText " Found known binary: pgrep (search in process list) - ${BINARY}" ;;
php) PHPBINARY="${BINARY}"; PHPVERSION=$(${BINARY} -v | awk '{ if ($1=="PHP") { print $2 }}' | head -1); LogText "Found known binary: php (programming language interpreter) - ${BINARY} (version ${PHPVERSION})" ;;
@@ -234,6 +242,7 @@
python3) PYTHON3BINARY="${BINARY}"; PYTHON3VERSION=$(${BINARY} --version 2>&1 | sed 's/^Python //'); LogText "Found known binary: ${FILENAME} (programming language interpreter) - ${BINARY} (version ${PYTHON3VERSION})" ;;
rcctl) RCCTLBINARY="${BINARY}"; LogText " Found known binary: rcctl (services and daemons configuration and control) - ${BINARY}" ;;
readlink) READLINKBINARY="${BINARY}"; LogText " Found known binary: readlink (follows symlinks) - ${BINARY}" ;;
+ resolvectl) RESOLVECTLBINARY="${BINARY}"; LogText " Found known binary: resolvectl (systemd-resolved DNS resolver manager) - ${BINARY}" ;;
rkhunter) RKHUNTERBINARY="${BINARY}"; MALWARE_SCANNER_INSTALLED=1; LogText " Found known binary: rkhunter (malware scanner) - ${BINARY}" ;;
rootsh) ROOTSHBINARY="${BINARY}"; LogText " Found known binary: rootsh (wrapper for shells) - ${BINARY}" ;;
rpcinfo) RPCINFOBINARY="${BINARY}"; LogText " Found known binary: rpcinfo (RPC information) - ${BINARY}" ;;
@@ -244,7 +253,8 @@
samhain) SAMHAINBINARY="${BINARY}"; LogText " Found known binary: samhain (integrity tool) - ${BINARY}" ;;
service) SERVICEBINARY="${BINARY}"; LogText " Found known binary: service (system services) - ${BINARY}" ;;
sed) SEDBINARY="${BINARY}"; LogText " Found known binary: sed (text stream editor) - ${BINARY}" ;;
- sestatus) SESTATUSBINARY="${BINARY}"; LogText " Found known binary: sestatus (SELinux client) - ${BINARY}" ;;
+ semanage) SEMANAGEBINARY="${BINARY}"; LogText " Found known binary: semanage (SELinux policy management tool) - ${BINARY}" ;;
+ sestatus) SESTATUSBINARY="${BINARY}"; LogText " Found known binary: sestatus (SELinux status tool) - ${BINARY}" ;;
slocate) LOCATEBINARY="${BINARY}"; LogText " Found known binary: slocate (file database) - ${BINARY}" ;;
smbd) SMBDBINARY="${BINARY}"; if [ "${OS}" = "macOS" ]; then SMBDVERSION="unknown"; else SMBDVERSION=$(${BINARY} -V | grep "^Version" | awk '{ print $2 }'); fi; LogText "Found ${BINARY} (version ${SMBDVERSION})" ;;
smtpctl) SMTPCTLBINARY="${BINARY}"; LogText " Found known binary: smtpctl (OpenSMTPD client) - ${BINARY}" ;;
@@ -265,15 +275,18 @@
sysctl) SYSCTLBINARY="${BINARY}"; LogText " Found known binary: sysctl (kernel parameters) - ${BINARY}" ;;
syslog-ng) SYSLOGNGBINARY="${BINARY}"; SYSLOGNGVERSION=$(${BINARY} -V 2>&1 | grep "^syslog-ng" | awk '{ print $2 }'); LogText "Found ${BINARY} (version ${SYSLOGNGVERSION})" ;;
systemctl) SYSTEMCTLBINARY="${BINARY}"; LogText " Found known binary: systemctl (client to systemd) - ${BINARY}" ;;
+ systemd-analyze) SYSTEMDANALYZEBINARY="${BINARY}"; LogText " Found known binary: systemd-analyze (systemd service analysis tool) - ${BINARY}" ;;
tail) TAILBINARY="${BINARY}"; LogText " Found known binary: tail (text filter) - ${BINARY}" ;;
timedatectl) TIMEDATECTL="${BINARY}"; LogText " Found known binary: timedatectl (timedate client) - ${BINARY}" ;;
tomoyo-init) TOMOYOINITBINARY=${BINARY}; LogText " Found known binary: tomoyo-init (tomoyo component) - ${BINARY}" ;;
+ tomoyo-pstree) TOMOYOPSTREEBINARY=${BINARY}; LogText " Found known binary: tomoyo-pstree (tomoyo process tree) - ${BINARY}" ;;
tr) TRBINARY="${BINARY}"; LogText " Found known binary: tr (text transformation) - ${BINARY}" ;;
tripwire) TRIPWIREBINARY="${BINARY}"; LogText " Found known binary: tripwire (file integrity) - ${BINARY}" ;;
tune2fs) TUNE2FSBINARY="${BINARY}"; LogText " Found known binary: tune2fs (file system tool) - ${BINARY}" ;;
uname) UNAMEBINARY="${BINARY}"; LogText " Found known binary: uname (operating system details) - ${BINARY}" ;;
uniq) UNIQBINARY="${BINARY}"; LogText " Found known binary: uniq (text manipulation utility) - ${BINARY}";;
usbguard) USBGUARDBINARY="${BINARY}"; LogText " Found known binary: usbguard (USB security tool) - ${BINARY}" ;;
+ veritysetup) VERITYSETUPBINARY="${BINARY}"; LogText " Found known binary: veritysetup (dm-verity setup tool) - ${BINARY}" ;;
vgdisplay) VGDISPLAYBINARY="${BINARY}"; LogText " Found known binary: vgdisplay (LVM tool) - ${BINARY}" ;;
vmtoolsd) VMWARETOOLSDBINARY="${BINARY}"; LogText " Found known binary: vmtoolsd (VMWare tools) - ${BINARY}" ;;
wc) WCBINARY="${BINARY}"; LogText " Found known binary: wc (word count) - ${BINARY}" ;;
@@ -303,6 +316,7 @@
# Test if the basic system tools are defined. These will be used during the audit.
[ "${AWKBINARY:-}" ] || ExitFatal "awk binary not found"
+ [ "${CAT_BINARY:-}" ] || ExitFatal "cat binary not found"
[ "${CUTBINARY:-}" ] || ExitFatal "cut binary not found"
[ "${EGREPBINARY:-}" ] || ExitFatal "grep binary not found"
[ "${FINDBINARY:-}" ] || ExitFatal "find binary not found"
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-11 00:46:49 +0300