Hello community, here is the log from the commit of package lynis for openSUSE:Factory checked in at 2018-09-24 13:12:22 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/lynis (Old) and /work/SRC/openSUSE:Factory/.lynis.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "lynis" Mon Sep 24 13:12:22 2018 rev:29 rq:636894 version:2.6.8 Changes: -------- --- /work/SRC/openSUSE:Factory/lynis/lynis.changes 2018-06-28 15:13:12.155616687 +0200 +++ /work/SRC/openSUSE:Factory/.lynis.new/lynis.changes 2018-09-24 13:12:24.369796768 +0200 @@ -1,0 +2,19 @@ +Thu Sep 20 13:04:11 UTC 2018 - [email protected] + +- update to 2.6.8: + * improved parsing of boot parameters to init process + * test all PHP files for expose_php and improved logging + * Docker check now tests also for CMD, ENTRYPOINT, and USER configuration + * Improved display in Docker output for showing which keys are used for signing +- includes changes from 2.6.7: + * Added busybox as a service manager + * Limit PAE and no-execute test to AMD64 hardware only + * Ignore /dev/zero and /dev/[aio] as deleted files + * Changed classification of SSH root login with keys + * Docker scan uses new format for maintainer value +- includes chagnes from 2.6.6: + * Improved log text about running kernel version + * Under some condition no hostid2 value was reported + * Solved 'extra operand' issue with tr command + +------------------------------------------------------------------- Old: ---- lynis-2.6.5.tar.gz lynis-2.6.5.tar.gz.asc New: ---- lynis-2.6.8.tar.gz lynis-2.6.8.tar.gz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ lynis.spec ++++++ --- /var/tmp/diff_new_pack.XCowLM/_old 2018-09-24 13:12:25.221795270 +0200 +++ /var/tmp/diff_new_pack.XCowLM/_new 2018-09-24 13:12:25.225795263 +0200 @@ -23,7 +23,7 @@ %define _pluginsdir %{_datadir}/lynis/plugins %define _dbdir %{_datadir}/lynis/db Name: lynis -Version: 2.6.5 +Version: 2.6.8 Release: 0 Summary: Security and System auditing tool License: GPL-3.0-only @@ -41,7 +41,7 @@ Source10: prepare_for_suse.sh Source11: dbus-whitelist.db.openSUSE_12.2_x86_64 Source12: fileperms.db.openSUSE_12.2_x86_64 -Source13: https://cisofy.com/files/%{name}-%{version}.tar.gz.asc +Source13: https://downloads.cisofy.com/lynis/%{name}-%{version}.tar.gz.asc Source14: https://cisofy.com/files/cisofy-software.pub#/%{name}.keyring Source15: %{name}-rpmlintrc # PATCH-OPENSUSE-FIX -- [email protected] - modifying for openSUSE ++++++ lynis-2.6.5.tar.gz -> lynis-2.6.8.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lynis/CHANGELOG.md new/lynis/CHANGELOG.md --- old/lynis/CHANGELOG.md 2018-06-26 02:00:00.000000000 +0200 +++ new/lynis/CHANGELOG.md 2018-08-23 02:00:00.000000000 +0200 @@ -1,5 +1,39 @@ -Lynis Changelog -=============== +# Lynis Changelog + +## Lynis 2.6.8 (2018-08-23) + +### Changed +- BOOT-5104 - improved parsing of boot parameters to init process +- PHP-2372 - test all PHP files for expose_php and improved logging +- Alpine Linux detection for Docker audit +- Docker check now tests also for CMD, ENTRYPOINT, and USER configuration +- Improved display in Docker output for showing which keys are used for signing + +--------------------------------------------------------------------------------- + +## Lynis 2.6.7 (2018-08-09) + +### Changed +- BOOT-5104 - Added busybox as a service manager +- KRNL-5677 - Limit PAE and no-execute test to AMD64 hardware only +- LOGG-2190 - Ignore /dev/zero and /dev/[aio] as deleted files +- SSH-7408 - Changed classification of SSH root login with keys +- Docker scan uses new format for maintainer value +- New URL structure on CISOfy website implemented for Lynis controls + +--------------------------------------------------------------------------------- + +## Lynis 2.6.6 (2018-07-06) + +### Changed +* New format of changelog (https://keepachangelog.com/en/1.0.0/) +* KRNL-5830 - Improved log text about running kernel version + +### Fixed +* Under some condition no hostid2 value was reported +* Solved 'extra operand' issue with tr command + +--------------------------------------------------------------------------------- Lynis 2.6.5 (2018-06-26) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lynis/CONTRIBUTORS.md new/lynis/CONTRIBUTORS.md --- old/lynis/CONTRIBUTORS.md 2018-06-26 02:00:00.000000000 +0200 +++ new/lynis/CONTRIBUTORS.md 2018-08-23 02:00:00.000000000 +0200 @@ -25,6 +25,7 @@ * FreeBSD port - Lars Engels * NetBSD - Stephen Borrill * Slackware - Eric Hameleers +* OpenBSD port - Gonzalo Rodriguez ## Special Contributors diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lynis/include/functions new/lynis/include/functions --- old/lynis/include/functions 2018-06-26 02:00:00.000000000 +0200 +++ new/lynis/include/functions 2018-08-23 02:00:00.000000000 +0200 @@ -1104,7 +1104,6 @@ LogText "Hash (hostname): ${HASH_HOSTNAME}" LogText "Hash (ssh or machineid): ${HASH2}" HOSTID2="${HASH2}" - Report "hostid2=${HOSTID2}" fi fi @@ -1553,7 +1552,7 @@ # Check if we caught some string along all tests if [ ! "${SHORT}" = "" ]; then # Lowercase and see if we found a match - SHORT=$(echo ${SHORT} | awk '{ print $1 }' | tr [[:upper:]] [[:lower:]]) + SHORT=$(echo ${SHORT} | awk '{ print $1 }' | tr '[:upper:]' '[:lower:]') case ${SHORT} in amazon-ec2) ISVIRTUALMACHINE=1; VMTYPE="amazon-ec2"; VMFULLTYPE="Amazon AWS EC2 Instance" ;; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lynis/include/helper_audit_dockerfile new/lynis/include/helper_audit_dockerfile --- old/lynis/include/helper_audit_dockerfile 2018-06-26 02:00:00.000000000 +0200 +++ new/lynis/include/helper_audit_dockerfile 2018-08-23 02:00:00.000000000 +0200 @@ -63,17 +63,21 @@ IMAGE=$(echo ${I} | sed 's/:space:/ /g' | awk '{ if ($1=="FROM") { print $2 }}') Display --indent 2 --text "Found image:" --result "${IMAGE}" + IS_DEBIAN=$(echo ${IMAGE} | grep -i debian) + IS_FEDORA=$(echo ${IMAGE} | grep -i fedora) IS_UBUNTU=$(echo ${IMAGE} | grep -i ubuntu) + IS_ALPINE=$(echo ${IMAGE} | grep -i alpine) + if [ ! "${IS_DEBIAN}" = "" ]; then IMAGE="debian"; fi if [ ! "${IS_FEDORA}" = "" ]; then IMAGE="fedora"; fi if [ ! "${IS_UBUNTU}" = "" ]; then IMAGE="ubuntu"; fi + if [ ! "${IS_ALPINE}" = "" ]; then IMAGE="alpine"; fi case ${IMAGE} in "debian") LogText "Image = Debian based" PKGMGR="apt" ;; - "fedora*") LogText " Image = Fedora based" PKGMGR="yum" @@ -82,6 +86,10 @@ LogText " Image = Ubuntu based" PKGMGR="apt" ;; + "alpine") + LogText " Image = Alpine based" + PKGMGR="apk" + ;; *) Display --indent 2 --text "Unknown image" --result "" --color YELLOW ;; @@ -94,13 +102,40 @@ InsertSection "Basics" - FIND=$(egrep "^MAINTAINER" ${AUDIT_FILE} | sed 's/ /:space:/g') + #FIND=$(egrep "^MAINTAINER" ${AUDIT_FILE} | sed 's/ /:space:/g') + FIND=$(egrep -i "*MAINTAINER" ${AUDIT_FILE} | sed 's/=/ /g' | cut -d'"' -f 2) if [ "${FIND}" = "" ]; then ReportWarning "dockerfile" "No maintainer found. Unclear who created this file." else - MAINTAINER=$(echo ${FIND} | sed 's/:space:/ /g' | awk '{ if($1=="MAINTAINER") { print }}') + #MAINTAINER=$(echo ${FIND} | sed 's/:space:/ /g' | awk '{ if($1=="MAINTAINER") { print }}') + MAINTAINER=$(echo ${FIND}) Display --indent 2 --text "Maintainer" --result "${MAINTAINER}" fi + + FIND=$(grep "^ENTRYPOINT" ${AUDIT_FILE} | cut -d' ' -f2 ) + if [ "${FIND}" = "" ]; then + ReportWarning "dockerfile" "No ENTRYPOINT defined in Dockerfile." + else + ENTRYPOINT=$(echo ${FIND}) + Display --indent 2 --text "ENTRYPOINT" --result "${ENTRYPOINT}" + fi + + FIND=$(grep "^CMD" ${AUDIT_FILE} | cut -d' ' -f2 ) + if [ "${FIND}" = "" ]; then + ReportWarning "dockerfile" "No CMD defines in Dockerfile." + else + CMD=$(echo ${FIND}) + Display --indent 2 --text "CMD" --result "${CMD}" + fi + + FIND=$(grep "^USER" ${AUDIT_FILE} | cut -d' ' -f2 ) + if [ "${FIND}" = "" ]; then + ReportWarning "dockerfile" "No user declared in Dockerlfile. Container will execute command as root" + else + USER=$(echo ${FIND}) + Display --indent 2 --text "User" --result "${USER}" + fi + # ################################################################################################## @@ -117,6 +152,14 @@ LogText "No installations found via apt-get" fi ;; + "apk") + FIND=$(egrep "apk(.*) add" ${AUDIT_FILE}) + if [ ! "${FIND}" = "" ]; then + LogText "Found installation via apk" + else + LogText "No installations found via apk" + fi + ;; *) LogText "Unknown package manager" ;; @@ -178,8 +221,8 @@ Display --indent 2 --text "Integrity testing performed" --result "${SSL_USED}" --color ${COLOR} HASHING_USED=$(egrep "(sha1sum|sha256sum|sha512sum)" ${AUDIT_FILE}) Display --indent 2 --text "Hashing" --result "${HASHING_USED}" - KEYS_USED=$(egrep "(apt-key adv)" ${AUDIT_FILE}) - Display --indent 2 --text "Signing keys used" --result ${KEYS_USED} + KEYS_USED=$(egrep "(apt-key adv)" ${AUDIT_FILE}| sed 's/RUN apt-key adv//g'| sed 's/--keyserver/Key Server:/g' | sed 's/--recv/Key Value:/g') + Display --indent 2 --text "Signing keys used" --result "${KEYS_USED}" Display --indent 2 --text "All downloads properly checked" --result "?" else Display --indent 2 --text "No files seems to be downloaded in this Dockerfile" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lynis/include/report new/lynis/include/report --- old/lynis/include/report 2018-06-26 02:00:00.000000000 +0200 +++ new/lynis/include/report 2018-08-23 02:00:00.000000000 +0200 @@ -92,7 +92,7 @@ ################################################################################# # if [ "${CONTROL_URL_PROTOCOL}" = "" ]; then CONTROL_URL_PROTOCOL="https"; fi - if [ "${CONTROL_URL_PREPEND}" = "" ]; then CONTROL_URL_PREPEND="cisofy.com/controls/"; fi + if [ "${CONTROL_URL_PREPEND}" = "" ]; then CONTROL_URL_PREPEND="cisofy.com/lynis/controls/"; fi if [ "${CONTROL_URL_APPEND}" = "" ]; then CONTROL_URL_APPEND="/"; fi if [ "${CUSTOM_URL_PROTOCOL}" = "" ]; then CUSTOM_URL_PROTOCOL="https"; fi if [ "${CUSTOM_URL_PREPEND}" = "" ]; then CUSTOM_URL_PREPEND="your-domain.example.org/controls/"; fi diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lynis/include/tests_boot_services new/lynis/include/tests_boot_services --- old/lynis/include/tests_boot_services 2018-06-26 02:00:00.000000000 +0200 +++ new/lynis/include/tests_boot_services 2018-08-23 02:00:00.000000000 +0200 @@ -71,8 +71,10 @@ case ${OS} in "Linux") if [ -f /proc/1/cmdline ]; then - FILENAME=$(${AWKBINARY} '/(^\/|init)/ { print $1 }' /proc/1/cmdline | tr -d '\0') - LogText "Result: cmdline found = ${FILENAME}" + OUTPUT=$(${AWKBINARY} '/(^\/|init)/ { print $1 }' /proc/1/cmdline | ${TRBINARY} '\0' ' ' | ${SEDBINARY} 's/ $//') + LogText "Result: cmdline found = ${OUTPUT}" + FILENAME=$(echo "${OUTPUT}" | ${AWKBINARY} '{print $1}') + LogText "Result: file on disk = ${FILENAME}" ISFILE=$(echo ${FILENAME} | ${GREPBINARY} "^/") if [ ! -z "${ISFILE}" ]; then if [ -L ${ISFILE} ]; then @@ -89,6 +91,10 @@ LogText "Found: ${SHORTNAME}" if [ "${SERVICE_MANAGER}" = "unknown" ]; then case ${SHORTNAME} in + busybox) + SERVICE_MANAGER="busybox" + ;; + "init" | "initsplash") SERVICE_MANAGER="SysV Init" ;; @@ -100,7 +106,6 @@ ;; *) CONTAINS_SYSTEMD=$(echo ${SHORTNAME} | ${GREPBINARY} "systemd") - if [ ! -z "${CONTAINS_SYSTEMD}" ]; then SERVICE_MANAGER="systemd" else diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lynis/include/tests_kernel new/lynis/include/tests_kernel --- old/lynis/include/tests_kernel 2018-06-26 02:00:00.000000000 +0200 +++ new/lynis/include/tests_kernel 2018-08-23 02:00:00.000000000 +0200 @@ -98,11 +98,12 @@ # ################################################################################# # - # Test : KRNL-5677 # Description : Check CPU options and support (PAE, No eXecute, eXecute Disable) # More info : pae and nx bit are both visible on AMD and Intel CPU's if supported - Register --test-no KRNL-5677 --os Linux --weight L --network NO --category security --description "Check CPU options and support" + + if [ "${HARDWARE}" = "x86_64" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi + Register --test-no KRNL-5677 --preqs-met "${PREQS_MET}" --os Linux --weight L --network NO --category security --description "Check CPU options and support" if [ ${SKIPTEST} -eq 0 ]; then Display --indent 2 --text "- Checking CPU support (NX/PAE)" LogText "Test: Checking /proc/cpuinfo" @@ -584,14 +585,14 @@ for I in ${KERNELS}; do # Check if we already found a kernel and it is not equal to what we run (e.g. double versions may exist) if [ ${FOUND_KERNEL} -eq 1 -a ! "${MYKERNEL}" = "${I}" ]; then - LogText "Result: found a kernel (${I}) later than running one (${MYKERNEL})" + LogText "Result: found a kernel (${I}) later than active kernel (${MYKERNEL})" REBOOT_NEEDED=1 fi if [ "${MYKERNEL}" = "${I}" ]; then FOUND_KERNEL=1 - LogText "Result: Found ${I} (= our kernel)" + LogText "Result: found ${I} (= active kernel)" else - LogText "Result: Found ${I}" + LogText "Result: found ${I}" fi done # Check if we at least found the kernel on disk @@ -600,7 +601,7 @@ else # If we are not sure yet reboot it needed, but we found running kernel as last one on disk, we run latest kernel if [ ${REBOOT_NEEDED} -eq 2 ]; then - LogText "Result: we found our kernel on disk as last entry, so seems to be up-to-date" + LogText "Result: found the running kernel on disk being the last entry, so it looks up-to-date" REBOOT_NEEDED=0 fi fi diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lynis/include/tests_logging new/lynis/include/tests_logging --- old/lynis/include/tests_logging 2018-06-26 02:00:00.000000000 +0200 +++ new/lynis/include/tests_logging 2018-08-23 02:00:00.000000000 +0200 @@ -498,7 +498,7 @@ LSOF_GREP="${LSOF_GREP}|anacron|awk|run-parts" fi - FIND=$(${LSOFBINARY} -n +L 1 2>&1 | ${EGREPBINARY} -vw "${LSOF_GREP}" | ${AWKBINARY} '{ if ($5=="REG") { printf "%s(%s)\n", $10, $1 } }' | ${GREPBINARY} -v "^$" | ${SORTBINARY} -u) + FIND=$(${LSOFBINARY} -n +L 1 2>&1 | ${EGREPBINARY} -vw "${LSOF_GREP}" | ${EGREPBINARY} -v '/dev/zero|/\[aio\]' | ${AWKBINARY} '{ if ($5=="REG") { printf "%s(%s)\n", $10, $1 } }' | ${GREPBINARY} -v "^$" | ${SORTBINARY} -u) if [ ! -z "${FIND}" ]; then LogText "Result: found one or more files which are deleted, but still in use" for I in ${FIND}; do diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lynis/include/tests_php new/lynis/include/tests_php --- old/lynis/include/tests_php 2018-06-26 02:00:00.000000000 +0200 +++ new/lynis/include/tests_php 2018-08-23 02:00:00.000000000 +0200 @@ -223,25 +223,33 @@ ################################################################################# # # Test : PHP-2372 - # Description : Check php expose_php option - # Notes : Extend test to check all PHP files YYY - if [ ! -z "${PHPINIFILE}" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi + # Description : Check PHP expose_php option + # Background : When this option is turned on, PHP will show its version number in the HTTP headers + # Notes : TODO - Extend test to check all PHP files + if [ ! -z "${PHPINI_ALLFILES}" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi Register --test-no PHP-2372 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check PHP expose_php option" if [ ${SKIPTEST} -eq 0 ]; then - LogText "Test: Checking expose_php option" - FIND=$(${EGREPBINARY} -i 'expose_php.*(off|no|0)' ${PHPINIFILE} | ${GREPBINARY} -v '^;') - if [ -z "${FIND}" ]; then + FOUND=0 + for FILE in ${PHPINI_ALLFILES}; do + LogText "Test: Checking file ${FILE}" + FIND=$(${EGREPBINARY} -i 'expose_php.*(on|yes|1)' ${FILE} | ${GREPBINARY} -v '^;') + if HasData "${FIND}"; then + LogText "Result: found a a possible match on expose_php setting" + LogText "Data: ${FIND}" + FOUND=1 + fi + done + + if [ ${FOUND} -eq 1 ]; then Display --indent 4 --text "- Checking expose_php option" --result "${STATUS_ON}" --color RED - ReportWarning ${TEST_NO} "PHP option expose_php is possibly turned on, which can reveal useful information for attackers." - ReportSuggestion ${TEST_NO} "Change the expose_php line to: expose_php = Off" + ReportSuggestion ${TEST_NO} "Turn off PHP information exposure" "expose_php = Off" "-" Report "Result: expose_php option is turned on, which can expose useful information for an attacker" - AddHP 1 2 + AddHP 1 3 else Display --indent 4 --text "- Checking expose_php option" --result "${STATUS_OFF}" --color GREEN LogText "Result: Found 'expose_php' in disabled state (0, no, or off)" AddHP 2 2 fi - # TODO Check through all files fi # ################################################################################# diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lynis/include/tests_shells new/lynis/include/tests_shells --- old/lynis/include/tests_shells 2018-06-26 02:00:00.000000000 +0200 +++ new/lynis/include/tests_shells 2018-08-23 02:00:00.000000000 +0200 @@ -235,9 +235,9 @@ Register --test-no SHLL-6230 --weight H --network NO --category security --description "Perform umask check for shell configurations" if [ ${SKIPTEST} -eq 0 ]; then FOUND=0 - HARDENING_POSSIBLE=0 Display --indent 2 --text "- Checking default umask values" for FILE in ${SHELL_CONFIG_FILES}; do + HARDENING_POSSIBLE=0 FIND="" if [ -f ${FILE} ]; then LogText "Result: file ${FILE} exists" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lynis/include/tests_ssh new/lynis/include/tests_ssh --- old/lynis/include/tests_ssh 2018-06-26 02:00:00.000000000 +0200 +++ new/lynis/include/tests_ssh 2018-08-23 02:00:00.000000000 +0200 @@ -119,7 +119,7 @@ LogLevel:VERBOSE,INFO,:=\ MaxAuthTries:2,4,6:<\ MaxSessions:2,4,8:<\ - PermitRootLogin:NO,(PROHIBIT-PASSWORD|WITHOUT-PASSWORD),YES:=\ + PermitRootLogin:(NO|PROHIBIT-PASSWORD|WITHOUT-PASSWORD),,YES:=\ PermitUserEnvironment:NO,,YES:=\ PermitTunnel:NO,,YES:=\ Port:,,22:!\ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lynis/include/tests_webservers new/lynis/include/tests_webservers --- old/lynis/include/tests_webservers 2018-06-26 02:00:00.000000000 +0200 +++ new/lynis/include/tests_webservers 2018-08-23 02:00:00.000000000 +0200 @@ -29,7 +29,7 @@ # Reset Apache status APACHE_INSTALLED=0 APACHE_MODULES_ENABLED_LOCS="${ROOTDIR}etc/apache2/mods-enabled" - APACHE_MODULES_LOCS="${ROOTDIR}etc/httpd/modules ${ROOTDIR}opt/local/apache2/modules ${ROOTDIR}usr/lib/apache ${ROOTDIR}usr/lib/apache2 ${ROOTDIR}usr/lib/httpd/modules ${ROOTDIR}usr/libexec/apache2 ${ROOTDIR}usr/lib64/apache2 ${ROOTDIR}usr/lib64/apache2/modules ${ROOTDIR}usr/lib64/httpd/modules ${ROOTDIR}usr/local/libexec/apache ${ROOTDIR}usr/local/libexec/apache22" + APACHE_MODULES_LOCS="${ROOTDIR}etc/httpd/modules ${ROOTDIR}opt/local/apache2/modules ${ROOTDIR}usr/lib/apache ${ROOTDIR}usr/lib/apache2 ${ROOTDIR}usr/lib/httpd/modules ${ROOTDIR}usr/libexec/apache2 ${ROOTDIR}usr/lib64/apache2 ${ROOTDIR}usr/lib64/apache2/modules ${ROOTDIR}usr/lib64/httpd/modules ${ROOTDIR}usr/local/libexec/apache ${ROOTDIR}usr/local/libexec/apache22 ${ROOTDIR}usr/local/libexec/apache24" NGINX_RUNNING=0 NGINX_CONF_LOCS="${ROOTDIR}etc/nginx ${ROOTDIR}usr/local/etc/nginx ${ROOTDIR}usr/local/nginx/conf" NGINX_CONF_LOCATION="" @@ -42,7 +42,7 @@ ${ROOTDIR}opt/apache \ ${ROOTDIR}usr/local/apache ${ROOTDIR}usr/local/apache2 \ ${ROOTDIR}usr/local/etc/apache ${ROOTDIR}usr/local/etc/apache2 ${ROOTDIR}usr/local/etc/apache22 \ - ${ROOTDIR}usr/pkg/etc/httpd ${ROOTDIR}etc/sysconfig/apache2" + ${ROOTDIR}usr/pkg/etc/httpd ${ROOTDIR}etc/sysconfig/apache2 ${ROOTDIR}usr/local/etc/apache24" CreateTempFile || ExitFatal TMPFILE="${TEMP_FILE}" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lynis/lynis new/lynis/lynis --- old/lynis/lynis 2018-06-26 02:00:00.000000000 +0200 +++ new/lynis/lynis 2018-08-23 02:00:00.000000000 +0200 @@ -35,10 +35,10 @@ PROGRAM_AUTHOR_CONTACT="[email protected]" # Version details - PROGRAM_RELEASE_DATE="2018-06-26" - PROGRAM_RELEASE_TIMESTAMP=1530018697 + PROGRAM_RELEASE_DATE="2018-08-23" + PROGRAM_RELEASE_TIMESTAMP=1535019859 PROGRAM_RELEASE_TYPE="final" # dev or final - PROGRAM_VERSION="2.6.5" + PROGRAM_VERSION="2.6.8" # Source, documentation and license PROGRAM_SOURCE="https://github.com/CISOfy/lynis"; @@ -907,6 +907,9 @@ else LogText "Info: no HostID found or invalid one" fi + if [ ! "${HOSTID2}" = "" ]; then + Report "hostid2=${HOSTID2}" + fi if [ ! "${MACHINEID}" = "" ]; then LogText "Info: found a machine ID ${MACHINEID}" Report "machineid=${MACHINEID}"
