Skip to content

Lynis 2.3.2
Compare
Choose a tag to compare
@mboelen mboelen released this 09 Aug 14:53
· 2181 commits to master since this release
2.3.2
ac8c9cf

Lynis 2.3.2 (2016-08-09)

Categories and Groups

Tests are now grouped by their focus area and named 'groups' accordingly.
Besides groups, each test will belong to a category (performance, privacy, or
security).

Commands: lynis show categories, lynis show groups
Options: --tests-from-category, --tests-from-group

Note: You might need to change your scripts if you previously defined the group
of tests to scan.

Development

A new 'strict' option is available in the profiles and by default enabled for
the initialization phases of Lynis. It will perform a strict code check for the
tests, to detect any uninitialized variables, improving code quality.

Helpers

With 'lynis update check' you can now check for updates. This is the preferred
new method.

The command 'lynis show changelog' allows reviewing the changes. Optionally a
release can be specified as additional argument.

Languages

Initial translation for German has been contributed by Kai Raven. The Italian
translation by Stefano Marty (stefanomarty). Hungarian translation by Zoltan
Paldi (paldiz)

Profiles

Parsing of the profiles has been improved, which prevented some settings from
overriding default settings.

Tests

  • AUTH-9212 - Added prerequisite to log
  • AUTH-9216 - Simplified test and make it more efficient
  • AUTH-9218 - Clean ups and improve readability
  • AUTH-9226 - Style, text, and removed warning
  • AUTH-9228 - Provide just a suggestion instead of warning
  • AUTH-9268 - Improve test for readability
  • AUTH-9328 - Test /etc/profile.d for umask setting
  • AUTH-9406 - Readability and code style changes
  • CONT-8102 - Determine if all Docker tests should be performed
  • DBS-1880 - Initial support for Redis server
  • HTTP-6720 - Readability improvement of test
  • KRNL-5830 - Readability and style improvements, ignore rescue images
  • MAIL-8818 - Style and refactoring
  • PHP-2211 - Readability improvement and code style changes
  • PHP-2374 - Changed text and cleanups
  • PHP-2376 - Log result to log file instead of report
  • PKGS-7383 - Simplified test
  • PKGS-7388 - Style and readability improvements
  • TIME-3106 - Corrected string to test for status
  • TOOL-5102 - Split of fail2ban tests
  • TOOL-5104 - Test for enabled fail2ban jails

Languages

Translation of Spanish (es) added
Proper display of text strings when accented characters are used
More text strings added

General

  • Added bold and header as new colors
  • Changed header and footer of screen output
  • Allow atomic tests to be skipped (e.g. SSH-7408)
  • Extended tests database with category (lynis show tests)
  • By default Lynis will now run in 'quick mode' and not break after each
    section. You can get this behavior by adding the --wait option.

Functions

  • RemoveColors - New test to clear colors
  • DisplayError - Display error on screen in uniform format and colors
    Use an optional exit code to quit the program
  • SkipAtomicTest - This function is now properly working with lowercase strings

Website

Several controls on the website are added or updated, including:

  • FILE-6344
  • FINT-4315
  • FINT-4402
  • HTTP-6714
  • MACF-6234
  • NAME-4018
  • NAME-4402
  • PHP-2374
  • PROC-3612
  • TIME-3106
Assets 2