Lynis 2.3.2
Lynis 2.3.2 (2016-08-09)
Categories and Groups
Tests are now grouped by their focus area and named 'groups' accordingly.
Besides groups, each test will belong to a category (performance, privacy, or
security).
Commands: lynis show categories, lynis show groups
Options: --tests-from-category, --tests-from-group
Note: You might need to change your scripts if you previously defined the group
of tests to scan.
Development
A new 'strict' option is available in the profiles and by default enabled for
the initialization phases of Lynis. It will perform a strict code check for the
tests, to detect any uninitialized variables, improving code quality.
Helpers
With 'lynis update check' you can now check for updates. This is the preferred
new method.
The command 'lynis show changelog' allows reviewing the changes. Optionally a
release can be specified as additional argument.
Languages
Initial translation for German has been contributed by Kai Raven. The Italian
translation by Stefano Marty (stefanomarty). Hungarian translation by Zoltan
Paldi (paldiz)
Profiles
Parsing of the profiles has been improved, which prevented some settings from
overriding default settings.
Tests
- AUTH-9212 - Added prerequisite to log
- AUTH-9216 - Simplified test and make it more efficient
- AUTH-9218 - Clean ups and improve readability
- AUTH-9226 - Style, text, and removed warning
- AUTH-9228 - Provide just a suggestion instead of warning
- AUTH-9268 - Improve test for readability
- AUTH-9328 - Test /etc/profile.d for umask setting
- AUTH-9406 - Readability and code style changes
- CONT-8102 - Determine if all Docker tests should be performed
- DBS-1880 - Initial support for Redis server
- HTTP-6720 - Readability improvement of test
- KRNL-5830 - Readability and style improvements, ignore rescue images
- MAIL-8818 - Style and refactoring
- PHP-2211 - Readability improvement and code style changes
- PHP-2374 - Changed text and cleanups
- PHP-2376 - Log result to log file instead of report
- PKGS-7383 - Simplified test
- PKGS-7388 - Style and readability improvements
- TIME-3106 - Corrected string to test for status
- TOOL-5102 - Split of fail2ban tests
- TOOL-5104 - Test for enabled fail2ban jails
Languages
Translation of Spanish (es) added
Proper display of text strings when accented characters are used
More text strings added
General
- Added bold and header as new colors
- Changed header and footer of screen output
- Allow atomic tests to be skipped (e.g. SSH-7408)
- Extended tests database with category (lynis show tests)
- By default Lynis will now run in 'quick mode' and not break after each
section. You can get this behavior by adding the --wait option.
Functions
- RemoveColors - New test to clear colors
- DisplayError - Display error on screen in uniform format and colors
Use an optional exit code to quit the program - SkipAtomicTest - This function is now properly working with lowercase strings
Website
Several controls on the website are added or updated, including:
- FILE-6344
- FINT-4315
- FINT-4402
- HTTP-6714
- MACF-6234
- NAME-4018
- NAME-4402
- PHP-2374
- PROC-3612
- TIME-3106