search

CISOfy / lynis

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
https://cisofy.com/lynis/
GNU General Public License v3.0
13.2k stars 1.47k forks source link

A lot of errors in output with lynis version 2.6.1 #517

Closed tiiiecherle closed 6 years ago

tiiiecherle commented 6 years ago

Hey,

first of all thanks for the work and this great software.

I use archlinux with all packages up-to-date. Lynis worked correctly until version 2.6.0. Version 2.6.1. gives a lot of errors.

In addition there are a few reports I´d like to make regarding issues. Shall I open one issue for all comments or one issue per issue?

Thanks for your help in advance


lynis audit system

[ Lynis 2.6.1 ]

################################################################################
  Lynis comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
  welcome to redistribute it under the terms of the GNU General Public License.
  See the LICENSE file for details about using this software.

  2007-2018, CISOfy - https://cisofy.com/lynis/
  Enterprise support available (compliance, plugins, interface and tools)
################################################################################

[+] Initializing program
------------------------------------
  - Detecting OS...                                           [ DONE ]
  - Checking profiles...                                      [ DONE ]
  - Detecting language and localization                       [ de ]

  ---------------------------------------------------
  Program version:           2.6.1
  Operating system:          Linux
  Operating system name:     Arch Linux
  Operating system version:  Rolling release
  Kernel version:            4.14.15
  Hardware platform:         x86_64
  Hostname:                  archvbox
  ---------------------------------------------------
  Profiles:                  /etc/lynis/default.prf
  Log file:                  /var/log/lynis.log
  Report file:               /var/log/lynis-report.dat
  Report version:            1.0
  Plugin directory:          /usr/share/lynis/plugins
  ---------------------------------------------------
  Auditor:                   [Not Specified]
  Language:                  de
  Test category:             all
  Test group:                all
  ---------------------------------------------------
  - Program update status...                                  [ NO UPDATE ]

[+] System Tools
------------------------------------
  - Scanning available tools...
  - Checking system binaries...

[+] Plugins (Phase 1)
------------------------------------
 Beachte: Plugins beinhalten eingehendere Tests und können mehrere Minuten benötigen, bis sie abgeschlossen sind

  - Plugins aktiviert                                         [ NONE ]

[+] Boot and services
------------------------------------
/usr/share/lynis/include/tests_boot_services: line 74: /(^\/|init)/ { print $1 }: No such file or directory
  - Service Manager                                           [ UNBEKANNT ]
  - Checking UEFI boot                                        [ DEAKTIVIERT ]
  - Checking presence GRUB2                                   [ GEFUNDEN ]
/usr/share/lynis/include/functions: line 770: -c: command not found
/usr/share/lynis/include/functions: line 776: -F : command not found
    - Checking for password protection                        [ OK ]
/usr/share/lynis/include/tests_boot_services: line 643: /etc/rc.d: Is a directory
  - Check startup files (permissions)                         [ OK ]
/usr/share/lynis/include/tests_boot_services: line 726: -d: command not found
/usr/share/lynis/include/tests_boot_services: line 726: -d: command not found
/usr/share/lynis/include/tests_boot_services: line 804: ^ExecStart=-(/bin/sh -c ")?(/usr)?/(s)?bin/sulogin: No such file or directory
  - Checking sulogin in rescue.service                        [ NICHT GEFUNDEN ]

[+] Kernel
------------------------------------
  - Checking CPU support (NX/PAE)
    CPU support: PAE and/or NoeXecute supported               [ GEFUNDEN ]
  - Checking kernel version and release                       [ FERTIG ]
  - Checking Linux kernel configuration file                  [ GEFUNDEN ]
/usr/share/lynis/include/tests_kernel: line 431: { if ($1=="*" && $2=="soft" && $3=="core" && $4=="1") { print "soft core enabled" } }: command not found
/usr/share/lynis/include/tests_kernel: line 432: { if ($1=="*" && $2=="hard" && $3=="core" && $4=="1") { print "hard core enabled" } }: command not found
  - Checking core dumps configuration                         [ DEAKTIVIERT ]
/usr/share/lynis/include/tests_kernel: line 447: { if ($1=="fs.suid_dumpable") { print $3 } }: command not found
    - Checking setuid core dumps configuration                [ DEFAULT ]
  - Check if reboot is needed                                 [ UNBEKANNT ]

[+] Speicher und Prozesse
------------------------------------
  - Checking /proc/meminfo                                    [ GEFUNDEN ]
/usr/share/lynis/include/tests_memory_processes: line 36: /^MemTotal/ { print $2, $3 }: No such file or directory
/usr/share/lynis/include/tests_memory_processes: line 37: { print $1 }: command not found
/usr/share/lynis/include/tests_memory_processes: line 38: { print $2 }: command not found
/usr/share/lynis/include/tests_memory_processes: line 79: { if ($2 ~ /Z|X/) print $1 }: No such file or directory
  - Searching for dead/zombie processes                       [ OK ]
/usr/share/lynis/include/tests_memory_processes: line 103: { if ($2=="D") print $1 }: command not found
  - Searching for IO waiting processes                        [ OK ]

[+] Users, Groups and Authentication
------------------------------------
/usr/share/lynis/include/tests_authentication: line 43: -v: command not found
/usr/share/lynis/include/tests_authentication: line 43: -d: command not found
  - Administrator accounts                                    [ OK ]
/usr/share/lynis/include/tests_authentication: line 77: -d: command not found
  - Unique UIDs                                               [ OK ]
/usr/share/lynis/include/tests_authentication: line 245: -F:: command not found
  - Unique group IDs                                          [ OK ]
/usr/share/lynis/include/tests_authentication: line 269: -F:: command not found
  - Unique group names                                        [ OK ]
  - Password file consistency                                 [ OK ]
/usr/share/lynis/include/tests_authentication: line 350: {print $2}: command not found
/usr/share/lynis/include/tests_authentication: line 355: -v: command not found
    Result: No users found/unknown result
  - Query system users (non daemons)                          [ UNBEKANNT ]
/usr/share/lynis/include/tests_authentication: line 410: ^passwd: command not found
/usr/share/lynis/include/tests_authentication: line 410: compat|nisplus: command not found
  - NIS+ authentication support                               [ NOT ENABLED ]
/usr/share/lynis/include/tests_authentication: line 437: compat|nis: command not found
/usr/share/lynis/include/tests_authentication: line 437: ^passwd: command not found
  - NIS authentication support                                [ NOT ENABLED ]
  - sudoers file                                              [ GEFUNDEN ]
/usr/share/lynis/include/tests_authentication: line 491: -c: command not found
    - Check sudoers file permissions                          [ WARNUNG ]
  - PAM password strength tools                               [ OK ]
  - PAM configuration file (pam.conf)                         [ NICHT GEFUNDEN ]
  - PAM configuration files (pam.d)                           [ GEFUNDEN ]
  - PAM modules                                               [ GEFUNDEN ]
/usr/share/lynis/include/tests_authentication: line 719: { if ($2=="P" && $5=="99999") print $1 }: command not found
/usr/share/lynis/include/tests_authentication: line 720: { if ($2=="NP") print $1 }: command not found
  - Accounts without expire date                              [ OK ]
  - Accounts without password                                 [ OK ]
/usr/share/lynis/include/tests_authentication: line 787: { if ($1=="PASS_MIN_DAYS") { print $2 } }: command not found
  - Checking user password aging (minimum)                    [ DEAKTIVIERT ]
/usr/share/lynis/include/tests_authentication: line 801: { if ($1=="PASS_MAX_DAYS") { print $2 } }: command not found
  - User password aging (maximum)                             [ DEAKTIVIERT ]
/usr/share/lynis/include/functions: line 770: -c: command not found
/usr/share/lynis/include/functions: line 776: -F : command not found
/usr/share/lynis/include/tests_authentication: line 835: -v: command not found
/usr/share/lynis/include/tests_authentication: line 835: -v: command not found
  - Checking expired passwords                                [ OK ]
/usr/share/lynis/include/tests_authentication: line 965: ^ExecStart=: command not found
/usr/share/lynis/include/tests_authentication: line 965: ^ExecStart=: command not found
  - Checking Linux single user mode authentication            [ WARNUNG ]
  - Determining default umask
/usr/share/lynis/include/tests_authentication: line 1016: s/^[ \t]*//: No such file or directory
/usr/share/lynis/include/tests_authentication: line 1016: { print $2 }: command not found
/usr/share/lynis/include/tests_authentication: line 1016: s/^[ \t]*//: No such file or directory
/usr/share/lynis/include/tests_authentication: line 1016: { print $2 }: command not found
/usr/share/lynis/include/tests_authentication: line 1016: s/^[ \t]*//: No such file or directory
/usr/share/lynis/include/tests_authentication: line 1016: { print $2 }: command not found
/usr/share/lynis/include/tests_authentication: line 1016: s/^[ \t]*//: No such file or directory
/usr/share/lynis/include/tests_authentication: line 1016: { print $2 }: command not found
/usr/share/lynis/include/tests_authentication: line 1016: { print $2 }: command not found
/usr/share/lynis/include/tests_authentication: line 1016: s/^[ \t]*//: No such file or directory
/usr/share/lynis/include/tests_authentication: line 1016: s/^[ \t]*//: No such file or directory
/usr/share/lynis/include/tests_authentication: line 1016: { print $2 }: command not found
/usr/share/lynis/include/tests_authentication: line 1016: s/^[ \t]*//: No such file or directory
/usr/share/lynis/include/tests_authentication: line 1016: { print $2 }: command not found
/usr/share/lynis/include/tests_authentication: line 1016: { print $2 }: command not found
/usr/share/lynis/include/tests_authentication: line 1016: s/^[ \t]*//: No such file or directory
/usr/share/lynis/include/tests_authentication: line 1016: s/^[ \t]*//: No such file or directory
/usr/share/lynis/include/tests_authentication: line 1016: { print $2 }: command not found
/usr/share/lynis/include/tests_authentication: line 1016: s/^[ \t]*//: No such file or directory
/usr/share/lynis/include/tests_authentication: line 1016: { print $2 }: command not found
/usr/share/lynis/include/tests_authentication: line 1016: s/^[ \t]*//: No such file or directory
/usr/share/lynis/include/tests_authentication: line 1016: { print $2 }: command not found
/usr/share/lynis/include/tests_authentication: line 1016: s/^[ \t]*//: No such file or directory
/usr/share/lynis/include/tests_authentication: line 1016: { print $2 }: command not found
/usr/share/lynis/include/tests_authentication: line 1016: s/^[ \t]*//: No such file or directory
/usr/share/lynis/include/tests_authentication: line 1016: { print $2 }: command not found
/usr/share/lynis/include/tests_authentication: line 1016: s/^[ \t]*//: No such file or directory
/usr/share/lynis/include/tests_authentication: line 1016: { print $2 }: command not found
/usr/share/lynis/include/tests_authentication: line 1016: s/^[ \t]*//: No such file or directory
/usr/share/lynis/include/tests_authentication: line 1016: { print $2 }: command not found
/usr/share/lynis/include/tests_authentication: line 1016: s/^[ \t]*//: No such file or directory
/usr/share/lynis/include/tests_authentication: line 1016: { print $2 }: command not found
/usr/share/lynis/include/tests_authentication: line 1039: s/^[ \t]*//: No such file or directory
/usr/share/lynis/include/tests_authentication: line 1039: { print $2 }: command not found
/usr/share/lynis/include/tests_authentication: line 1040: s/^[ \t]*//: No such file or directory
/usr/share/lynis/include/tests_authentication: line 1040: { print $2 }: command not found
    - umask (/etc/profile)                                    [ NICHT GEFUNDEN ]
/usr/share/lynis/include/tests_authentication: line 1110: { print $2 }: command not found
    - umask (/etc/login.defs)                                 [ VORSCHLAG ]
/usr/share/lynis/include/tests_authentication: line 1304: ^passwd: command not found
  - LDAP authentication support                               [ NOT ENABLED ]
/usr/share/lynis/include/tests_authentication: line 1353: { if ($1=="FAILLOG_ENAB") { print $2 } }: command not found
  - Logging failed login attempts                             [ DEAKTIVIERT ]

[+] Shells
------------------------------------
  - Checking shells from /etc/shells
    Result: found 3 shells (valid shells: 3).
/usr/share/lynis/include/tests_shells: line 125: -d: command not found
/usr/share/lynis/include/tests_shells: line 125: s/export//: No such file or directory
/usr/share/lynis/include/tests_shells: line 125: -F=: command not found
/usr/share/lynis/include/tests_shells: line 125: s/#.*//: No such file or directory
/usr/share/lynis/include/tests_shells: line 125: -d: command not found
/usr/share/lynis/include/tests_shells: line 127: { print $1 }: command not found
/usr/share/lynis/include/tests_shells: line 127: s/#.*//: No such file or directory
    - Session timeout settings/tools                          [ NICHTS ]
  - Checking default umask values
/usr/share/lynis/include/tests_shells: line 245: { print $2 }: command not found
/usr/share/lynis/include/tests_shells: line 245: s/#.*$//: No such file or directory
/usr/share/lynis/include/tests_shells: line 245: s/^[ \t]*//g: No such file or directory
    - Checking default umask in /etc/bash.bashrc              [ NICHTS ]
/usr/share/lynis/include/tests_shells: line 245: s/^[ \t]*//g: No such file or directory
/usr/share/lynis/include/tests_shells: line 245: s/#.*$//: No such file or directory
/usr/share/lynis/include/tests_shells: line 245: { print $2 }: command not found
    - Checking default umask in /etc/profile                  [ NICHTS ]

[+] File systems
------------------------------------
  - Checking mount points
/usr/share/lynis/include/tests_filesystems: line 51: -v: command not found
    - Checking /home mount point                              [ VORSCHLAG ]
/usr/share/lynis/include/tests_filesystems: line 51: -v: command not found
    - Checking /tmp mount point                               [ VORSCHLAG ]
/usr/share/lynis/include/tests_filesystems: line 51: -v: command not found
    - Checking /var mount point                               [ VORSCHLAG ]
/usr/share/lynis/include/tests_filesystems: line 150: -t: command not found
/usr/share/lynis/include/tests_filesystems: line 150: { print $3","$5 }: command not found
/usr/share/lynis/include/tests_filesystems: line 173: { if ($3 == "ufs" || $3 == "ffs" ) { print $1":"$2":"$3":"$4":" }}: command not found
/usr/share/lynis/include/tests_filesystems: line 239: { if ($2=="swap" || $3=="swap") { print $1 }}: command not found
  - Query swap partitions (fstab)                             [ NICHTS ]
/usr/share/lynis/include/tests_filesystems: line 299: { if ($3=="swap" && ($4!~/sw/ && $4!="defaults")) { print $1 }}: No such file or directory
  - Testing swap partitions                                   [ OK ]
/usr/share/lynis/include/tests_filesystems: line 319: -F.: command not found
/usr/share/lynis/include/tests_filesystems: line 320: -F.: command not found
/usr/share/lynis/include/tests_filesystems: line 358: s/ /!space!/g: No such file or directory
  - Checking for old files in /tmp                            [ OK ]
/usr/share/lynis/include/tests_filesystems: line 387: -ld: command not found
/usr/share/lynis/include/tests_filesystems: line 387: $1 ~ /[tT]/ { print 1 }: No such file or directory
  - Checking /tmp sticky bit                                  [ WARNUNG ]
/usr/share/lynis/include/tests_filesystems: line 410: -ld: command not found
/usr/share/lynis/include/tests_filesystems: line 410: $1 ~ /[tT]/ { print 1 }: No such file or directory
  - Checking /var/tmp sticky bit                              [ WARNUNG ]
/usr/share/lynis/include/tests_filesystems: line 442: { if ($3=="/" && $5~/ext[2-4]/) { print $6 } }: No such file or directory
/usr/share/lynis/include/tests_filesystems: line 456: -t: command not found
/usr/share/lynis/include/tests_filesystems: line 456: { print $1 }: command not found
/usr/share/lynis/include/tests_filesystems: line 475: { if ($3=="/" && $5~/xfs/) { print $6 } }: No such file or directory
/usr/share/lynis/include/tests_filesystems: line 475: no_acl|no_user_xattr: command not found
  - ACL support root file system                              [ AKTIVIERT ]
/usr/share/lynis/include/tests_filesystems: line 502: -f1: command not found
/usr/share/lynis/include/tests_filesystems: line 502: { if ($2=="/") { print $4 }}: No such file or directory
/usr/share/lynis/include/tests_filesystems: line 503: { if ($1 ~ "nodev") { print "YES" } else { print "NO" } }: command not found
/usr/share/lynis/include/tests_filesystems: line 504: { if ($1 ~ "noexec") { print "YES" } else { print "NO" } }: command not found
/usr/share/lynis/include/tests_filesystems: line 505: { if ($1 ~ "nosuid") { print "YES" } else { print "NO" } }: command not found
/usr/share/lynis/include/tests_filesystems: line 547: -d:: command not found
/usr/share/lynis/include/tests_filesystems: line 548: -d:: command not found
/usr/share/lynis/include/tests_filesystems: line 548: s/,/ /g: No such file or directory
/usr/share/lynis/include/tests_filesystems: line 549: -v: command not found
/usr/share/lynis/include/tests_filesystems: line 547: -d:: command not found
/usr/share/lynis/include/tests_filesystems: line 548: -d:: command not found
/usr/share/lynis/include/tests_filesystems: line 548: s/,/ /g: No such file or directory
/usr/share/lynis/include/tests_filesystems: line 549: -v: command not found
/usr/share/lynis/include/tests_filesystems: line 547: -d:: command not found
/usr/share/lynis/include/tests_filesystems: line 548: -d:: command not found
/usr/share/lynis/include/tests_filesystems: line 548: s/,/ /g: No such file or directory
/usr/share/lynis/include/tests_filesystems: line 549: -v: command not found
/usr/share/lynis/include/tests_filesystems: line 547: -d:: command not found
/usr/share/lynis/include/tests_filesystems: line 548: -d:: command not found
/usr/share/lynis/include/tests_filesystems: line 548: s/,/ /g: No such file or directory
/usr/share/lynis/include/tests_filesystems: line 549: -v: command not found
/usr/share/lynis/include/tests_filesystems: line 547: -d:: command not found
/usr/share/lynis/include/tests_filesystems: line 548: -d:: command not found
/usr/share/lynis/include/tests_filesystems: line 548: s/,/ /g: No such file or directory
/usr/share/lynis/include/tests_filesystems: line 549: -v: command not found
/usr/share/lynis/include/tests_filesystems: line 547: -d:: command not found
/usr/share/lynis/include/tests_filesystems: line 548: s/,/ /g: No such file or directory
/usr/share/lynis/include/tests_filesystems: line 548: -d:: command not found
/usr/share/lynis/include/tests_filesystems: line 549: -v: command not found
/usr/share/lynis/include/tests_filesystems: line 547: -d:: command not found
/usr/share/lynis/include/tests_filesystems: line 548: -d:: command not found
/usr/share/lynis/include/tests_filesystems: line 548: s/,/ /g: No such file or directory
/usr/share/lynis/include/tests_filesystems: line 549: -v: command not found
/usr/share/lynis/include/tests_filesystems: line 547: -d:: command not found
/usr/share/lynis/include/tests_filesystems: line 548: -d:: command not found
/usr/share/lynis/include/tests_filesystems: line 548: s/,/ /g: No such file or directory
/usr/share/lynis/include/tests_filesystems: line 549: -v: command not found
/usr/share/lynis/include/tests_filesystems: line 606: { if ($2=="/var/tmp") { print $4 } }: No such file or directory
/usr/share/lynis/include/tests_filesystems: line 607: { if ($1 ~ "bind") { print "YES" } else { print "NO" } }: command not found

[+] USB Devices
------------------------------------
  - Checking usb-storage driver (modprobe config)             [ NOT DISABLED ]
  - Checking USB devices authorization                        [ AKTIVIERT ]
  - Checking USBGuard                                         [ NICHT GEFUNDEN ]

[+] Storage
------------------------------------
  - Checking firewire ohci driver (modprobe config)           [ NOT DISABLED ]

[+] NFS
------------------------------------
  - Check running NFS daemon                                  [ NICHT GEFUNDEN ]

[+] Name services
------------------------------------
/usr/share/lynis/include/tests_nameservices: line 49: /^domain/ { print $2 }: No such file or directory
/usr/share/lynis/include/tests_nameservices: line 74: /^search/ { print $2 }: No such file or directory
/usr/share/lynis/include/tests_nameservices: line 117: { print $2 }: command not found
/usr/share/lynis/include/tests_nameservices: line 196: -F.: command not found
  - Searching DNS domain name                                 [ UNBEKANNT ]
  - Checking /etc/hosts
/usr/share/lynis/include/tests_nameservices: line 576: -v: command not found
/usr/share/lynis/include/tests_nameservices: line 576: -d: command not found
/usr/share/lynis/include/tests_nameservices: line 576: { print $1, $2 }: command not found
    - Checking /etc/hosts (duplicates)                        [ OK ]
/usr/share/lynis/include/tests_nameservices: line 601: -v: command not found
    - Checking /etc/hosts (hostname)                          [ VORSCHLAG ]
/usr/share/lynis/include/tests_nameservices: line 622: -v: command not found
/usr/share/lynis/include/tests_nameservices: line 622: ^(localhost|::1)\s: command not found
    - Checking /etc/hosts (localhost)                         [ OK ]

[+] Ports and packages
------------------------------------
  - Searching package managers
  - Checking package audit tool                               [ NICHTS ]

[+] Networking
------------------------------------
/usr/share/lynis/include/tests_networking: line 49: s/ = /=/: No such file or directory
  - Checking IPv6 configuration                               [ DEAKTIVIERT ]
  - Checking configured nameservers
/usr/share/lynis/include/tests_networking: line 126: s/nameserver*//g: No such file or directory
/usr/share/lynis/include/tests_networking: line 126: -d: command not found
    - Minimal of 2 responsive nameservers                     [ ÜBERSPRUNGEN ]
/usr/share/lynis/include/tests_networking: line 226: { print $2 }: command not found
/usr/share/lynis/include/tests_networking: line 226: s/://g: No such file or directory
/usr/share/lynis/include/tests_networking: line 269: { if ($4=="HWaddr") print $5 }: command not found
/usr/share/lynis/include/tests_networking: line 269: -u: command not found
/usr/share/lynis/include/tests_networking: line 272: { if ($1=="ether") print $2 }: command not found
/usr/share/lynis/include/tests_networking: line 272: -u: command not found
/usr/share/lynis/include/tests_networking: line 324: { if ($1=="inet") print $2 }: command not found
/usr/share/lynis/include/tests_networking: line 324: -d: command not found
/usr/share/lynis/include/tests_networking: line 326: { if ($1=="inet6" && $2=="addr:") { print $3 } else { if ($1=="inet6" && $3=="prefixlen") { print $2 } } }: command not found
  - Getting listening ports (TCP/UDP)                         [ ÜBERSPRUNGEN ]
/usr/share/lynis/include/tests_networking: line 515: -s: command not found
/usr/share/lynis/include/tests_networking: line 515: -d: command not found
  - Checking promiscuous interfaces                           [ OK ]
  - Checking status DHCP client                               [ NOT ACTIVE ]
  - Checking for ARP monitoring software                      [ NICHT GEFUNDEN ]

[+] Printers and Spools
------------------------------------
  - Checking cups daemon                                      [ NICHT GEFUNDEN ]
  - Checking lp daemon                                        [ LÄUFT NICHT ]

[+] Software: e-mail and messaging
------------------------------------

[+] Software: firewalls
------------------------------------
/usr/share/lynis/include/tests_firewalls: line 44: { print $1 }: command not found
  - Checking iptables support                                 [ GEFUNDEN ]
  - Checking host based firewall                              [ ACTIVE ]

[+] Software: webserver
------------------------------------
  - Checking Apache                                           [ NICHT GEFUNDEN ]
  - Checking nginx                                            [ NICHT GEFUNDEN ]

[+] SSH Support
------------------------------------
  - Checking running SSH daemon                               [ NICHT GEFUNDEN ]

[+] SNMP Support
------------------------------------
  - Checking running SNMP daemon                              [ NICHT GEFUNDEN ]

[+] Databases
------------------------------------
/usr/share/lynis/include/tests_databases: line 40: mysqld|mysqld_safe: command not found
/usr/share/lynis/include/tests_databases: line 192: ora_pmon|ora_smon|tnslsnr: command not found
    No database engines found

[+] LDAP Services
------------------------------------
  - Checking OpenLDAP instance                                [ NICHT GEFUNDEN ]

[+] PHP
------------------------------------
  - Checking PHP                                              [ GEFUNDEN ]
    - Checking PHP disabled functions                         [ GEFUNDEN ]
/usr/share/lynis/include/tests_php: line 226: -i: command not found
    - Checking expose_php option                              [ AN ]
/usr/share/lynis/include/tests_php: line 250: -i: command not found
    - Checking enable_dl option                               [ AUS ]
/usr/share/lynis/include/tests_php: line 272: -i: command not found
    - Checking allow_url_fopen option                         [ AN ]
/usr/share/lynis/include/tests_php: line 295: -i: command not found
    - Checking allow_url_include option                       [ AN ]
/usr/share/lynis/include/tests_php: line 318: ^7: command not found
/usr/share/lynis/include/tests_php: line 334: [:upper:]: command not found
/usr/share/lynis/include/tests_php: line 334: -d=: command not found
    - Checking PHP suhosin extension status                   [ WARNUNG ]
      - Suhosin simulation mode status                        [ WARNUNG ]

[+] Squid Support
------------------------------------
/usr/share/lynis/include/tests_squid: line 45: (squid|squid3) : command not found
  - Checking running Squid daemon                             [ NICHT GEFUNDEN ]

[+] Logging and files
------------------------------------
/usr/share/lynis/include/tests_logging: line 46: syslogd|syslog-ng|metalog|systemd-journal: command not found
  - Checking for a running log daemon                         [ WARNUNG ]
    - Checking Syslog-NG status                               [ NICHT GEFUNDEN ]
    - Checking systemd journal status                         [ NICHT GEFUNDEN ]
    - Checking Metalog status                                 [ NICHT GEFUNDEN ]
    - Checking RSyslog status                                 [ NICHT GEFUNDEN ]
    - Checking RFC 3195 daemon status                         [ NICHT GEFUNDEN ]
    - Checking klogd                                          [ NICHT GEFUNDEN ]
    - Checking minilogd instances                             [ NICHT GEFUNDEN ]
  - Checking logrotate presence                               [ OK ]
  - Checking log directories (static list)                    [ FERTIG ]
  - Checking open log files                                   [ ÜBERSPRUNGEN ]

[+] Insecure services
------------------------------------
  - Checking inetd status                                     [ NOT ACTIVE ]

[+] Banners and identification
------------------------------------
  - /etc/issue                                                [ GEFUNDEN ]
    - /etc/issue contents                                     [ WEAK ]
  - /etc/issue.net                                            [ NICHT GEFUNDEN ]

[+] Scheduled tasks
------------------------------------
/usr/share/lynis/include/tests_scheduling: line 38: ( cron$|/cron(d)? ): No such file or directory
/usr/share/lynis/include/functions: line 768: -c: command not found
/usr/share/lynis/include/functions: line 776: -F : command not found
/usr/share/lynis/include/tests_scheduling: line 80: /etc/cron.d: Is a directory
/usr/share/lynis/include/functions: line 768: -c: command not found
/usr/share/lynis/include/functions: line 776: -F : command not found
/usr/share/lynis/include/functions: line 768: -c: command not found
/usr/share/lynis/include/functions: line 776: -F : command not found
/usr/share/lynis/include/functions: line 768: -c: command not found
/usr/share/lynis/include/functions: line 776: -F : command not found
/usr/share/lynis/include/functions: line 768: -c: command not found
/usr/share/lynis/include/functions: line 776: -F : command not found
/usr/share/lynis/include/functions: line 770: -c: command not found
/usr/share/lynis/include/functions: line 776: -F : command not found
/usr/share/lynis/include/tests_scheduling: line 59: \t: command not found
/usr/share/lynis/include/tests_scheduling: line 59:  : command not found
/usr/share/lynis/include/tests_scheduling: line 59: ^([0-9*]): command not found
/usr/share/lynis/include/tests_scheduling: line 59: -s: command not found
/usr/share/lynis/include/tests_scheduling: line 166: \t: command not found
/usr/share/lynis/include/tests_scheduling: line 166: -s: command not found
/usr/share/lynis/include/tests_scheduling: line 166:  : command not found
/usr/share/lynis/include/tests_scheduling: line 166: ^([0-9@]): command not found
  - Checking crontab/cronjob                                  [ FERTIG ]

[+] Accounting
------------------------------------
  - Checking accounting information                           [ NICHT GEFUNDEN ]
  - Checking sysstat accounting data                          [ NICHT GEFUNDEN ]
  - Checking auditd                                           [ NICHT GEFUNDEN ]

[+] Time and Synchronization
------------------------------------
/usr/share/lynis/include/tests_time: line 121: ntpdate|rdate: command not found
/usr/share/lynis/include/functions: line 768: -c: command not found
/usr/share/lynis/include/functions: line 776: -F : command not found
/usr/share/lynis/include/tests_time: line 143: /etc/cron.d: Is a directory
/usr/share/lynis/include/functions: line 768: -c: command not found
/usr/share/lynis/include/functions: line 776: -F : command not found
/usr/share/lynis/include/tests_time: line 143: /etc/cron.hourly: Is a directory
/usr/share/lynis/include/functions: line 768: -c: command not found
/usr/share/lynis/include/functions: line 776: -F : command not found
/usr/share/lynis/include/tests_time: line 143: /etc/cron.daily: Is a directory
/usr/share/lynis/include/functions: line 768: -c: command not found
/usr/share/lynis/include/functions: line 776: -F : command not found
/usr/share/lynis/include/tests_time: line 143: /etc/cron.weekly: Is a directory
/usr/share/lynis/include/functions: line 768: -c: command not found
/usr/share/lynis/include/functions: line 776: -F : command not found
/usr/share/lynis/include/tests_time: line 143: /etc/cron.monthly: Is a directory

[+] Cryptography
------------------------------------
/usr/share/lynis/include/tests_crypto: line 37: s/:/ /g: No such file or directory
/usr/share/lynis/include/tests_crypto: line 38: s/^ //: No such file or directory
/usr/share/lynis/include/tests_crypto: line 38:  : command not found
/usr/share/lynis/include/tests_crypto: line 38: \n: command not found
  - Checking for expired SSL certificates [0/0]               [ NICHTS ]

[+] Virtualization
------------------------------------

[+] Containers
------------------------------------

[+] Security frameworks
------------------------------------
  - Checking presence AppArmor                                [ NICHT GEFUNDEN ]
  - Checking presence SELinux                                 [ NICHT GEFUNDEN ]
  - Checking presence grsecurity                              [ NICHT GEFUNDEN ]
  - Checking for implemented MAC framework                    [ NICHTS ]

[+] Software: file integrity
------------------------------------
  - Checking file integrity tools
  - Checking presence integrity tool                          [ NICHT GEFUNDEN ]

[+] Software: System tooling
------------------------------------
  - Checking automation tooling
  - Automation tooling                                        [ NICHT GEFUNDEN ]
  - Checking for IDS/IPS tooling                              [ NICHTS ]

[+] Software: Malware
------------------------------------

[+] File Permissions
------------------------------------
  - Starting file permissions check
/usr/share/lynis/include/tests_file_permissions: line 37: -d:: command not found
/usr/share/lynis/include/tests_file_permissions: line 37: ^permfile:|^permdir:: command not found

[+] Home directories
------------------------------------
/usr/share/lynis/include/tests_homedirs: line 41: -F:: command not found
/usr/share/lynis/include/tests_homedirs: line 41: -u: command not found
/usr/share/lynis/include/tests_homedirs: line 63: /home: Is a directory
  - Checking shell history files                              [ OK ]
/usr/share/lynis/include/tests_homedirs: line 99: -F=: command not found

[+] Kernel Hardening
------------------------------------
  - Comparing sysctl key pairs with scan profile
/usr/share/lynis/include/tests_kernel_hardening: line 42: -F/: No such file or directory
/usr/share/lynis/include/tests_kernel_hardening: line 44: s/ /-space-/g: No such file or directory
/usr/share/lynis/include/tests_kernel_hardening: line 61: s/ /-space-/g: No such file or directory
/usr/share/lynis/include/tests_kernel_hardening: line 70:  : command not found

[+] Hardening
------------------------------------
    - Installed compiler(s)                                   [ NICHT GEFUNDEN ]
    - Installed malware scanner                               [ NICHT GEFUNDEN ]

[+] Benutzerdefinierte Tests
------------------------------------
  - Running custom tests...                                   [ NONE ]

[+] Plugins (Phase 2)
------------------------------------

================================================================================

  -[ Lynis 2.6.1 Results ]-

  Warnings (3):
  ----------------------------
/usr/share/lynis/include/report: line 111: -F:: command not found
  ! No password set for single mode [AUTH-9308] 
      https://cisofy.com/controls//

/usr/share/lynis/include/report: line 111: -F:: command not found
  ! PHP option expose_php is possibly turned on, which can reveal useful information for attackers. [PHP-2372] 
      https://cisofy.com/controls//

/usr/share/lynis/include/report: line 111: -F:: command not found
  ! klogd is not running, which could lead to missing kernel messages in log files [LOGG-2138] 
      https://cisofy.com/controls//

  Suggestions (30):
  ----------------------------
/usr/share/lynis/include/report: line 144: -F:: command not found
  * Protect rescue.service by using sulogin [BOOT-5260] 
      https://cisofy.com/controls//

/usr/share/lynis/include/report: line 144: -F:: command not found
  * Configure minimum password age in /etc/login.defs [AUTH-9286] 
      https://cisofy.com/controls//

/usr/share/lynis/include/report: line 144: -F:: command not found
  * Configure maximum password age in /etc/login.defs [AUTH-9286] 
      https://cisofy.com/controls//

/usr/share/lynis/include/report: line 144: -F:: command not found
  * Set password for single user mode to minimize physical access attack surface [AUTH-9308] 
      https://cisofy.com/controls//

/usr/share/lynis/include/report: line 144: -F:: command not found
  * Default umask in /etc/login.defs could not be found and defaults usually to 022, which could be more strict like 027 [AUTH-9328] 
      https://cisofy.com/controls//

/usr/share/lynis/include/report: line 144: -F:: command not found
  * To decrease the impact of a full /home file system, place /home on a separated partition [FILE-6310] 
      https://cisofy.com/controls//

/usr/share/lynis/include/report: line 144: -F:: command not found
  * To decrease the impact of a full /tmp file system, place /tmp on a separated partition [FILE-6310] 
      https://cisofy.com/controls//

/usr/share/lynis/include/report: line 144: -F:: command not found
  * To decrease the impact of a full /var file system, place /var on a separated partition [FILE-6310] 
      https://cisofy.com/controls//

/usr/share/lynis/include/report: line 144: -F:: command not found
  * Set the sticky bit on /tmp, to prevent users deleting (by other owned) files in the /tmp directory. [FILE-6362] 
    - Details  : /tmp
    - Solution : Set sticky bit
      https://cisofy.com/controls//

/usr/share/lynis/include/report: line 144: -F:: command not found
  * Set the sticky bit on /var/tmp, to prevent users deleting (by other owned) files in the /var/tmp directory. [FILE-6363] 
    - Details  : /var/tmp
    - Solution : Set sticky bit
      https://cisofy.com/controls//

/usr/share/lynis/include/report: line 144: -F:: command not found
  * Disable drivers like USB storage when not used, to prevent unauthorized storage or data theft [STRG-1840] 
      https://cisofy.com/controls//

/usr/share/lynis/include/report: line 144: -F:: command not found
  * Disable drivers like firewire storage when not used, to prevent unauthorized storage or data theft [STRG-1846] 
      https://cisofy.com/controls//

/usr/share/lynis/include/report: line 144: -F:: command not found
  * Check DNS configuration for the dns domain name [NAME-4028] 
      https://cisofy.com/controls//

/usr/share/lynis/include/report: line 144: -F:: command not found
  * Add the IP name and FQDN to /etc/hosts for proper name resolving [NAME-4404] 
      https://cisofy.com/controls//

/usr/share/lynis/include/report: line 144: -F:: command not found
  * Consider installing arch-audit to determine vulnerable packages [PKGS-7320] 
    - Details  : arch-audit
    - Solution : Install arch-audit
      https://cisofy.com/controls//

/usr/share/lynis/include/report: line 144: -F:: command not found
  * Install a package audit tool to determine vulnerable packages [PKGS-7398] 
      https://cisofy.com/controls//

/usr/share/lynis/include/report: line 144: -F:: command not found
  * Consider running ARP monitoring software (arpwatch,arpon) [NETW-3032] 
      https://cisofy.com/controls//

/usr/share/lynis/include/report: line 144: -F:: command not found
  * Change the expose_php line to: expose_php = Off [PHP-2372] 
      https://cisofy.com/controls//

/usr/share/lynis/include/report: line 144: -F:: command not found
  * Change the allow_url_fopen line to: allow_url_fopen = Off, to disable downloads via PHP [PHP-2376] 
      https://cisofy.com/controls//

/usr/share/lynis/include/report: line 144: -F:: command not found
  * Change the allow_url_include line to: allow_url_include = Off, to disable downloads via PHP [PHP-2378] 
      https://cisofy.com/controls//

/usr/share/lynis/include/report: line 144: -F:: command not found
  * Harden PHP by enabling suhosin extension [PHP-2379] 
      https://cisofy.com/controls//

/usr/share/lynis/include/report: line 144: -F:: command not found
  * Harden PHP by deactivating suhosin simulation mode [PHP-2379] 
      https://cisofy.com/controls//

/usr/share/lynis/include/report: line 144: -F:: command not found
  * Check if any syslog daemon is running and correctly configured. [LOGG-2130] 
      https://cisofy.com/controls//

/usr/share/lynis/include/report: line 144: -F:: command not found
  * Add a legal banner to /etc/issue, to warn unauthorized users [BANN-7126] 
      https://cisofy.com/controls//

/usr/share/lynis/include/report: line 144: -F:: command not found
  * Enable process accounting [ACCT-9622] 
      https://cisofy.com/controls//

/usr/share/lynis/include/report: line 144: -F:: command not found
  * Enable sysstat to collect accounting (no results) [ACCT-9626] 
      https://cisofy.com/controls//

/usr/share/lynis/include/report: line 144: -F:: command not found
  * Enable auditd to collect audit information [ACCT-9628] 
      https://cisofy.com/controls//

/usr/share/lynis/include/report: line 144: -F:: command not found
  * Install a file integrity tool to monitor changes to critical and sensitive files [FINT-4350] 
      https://cisofy.com/controls//

/usr/share/lynis/include/report: line 144: -F:: command not found
  * Determine if automation tools are present for system management [TOOL-5002] 
      https://cisofy.com/controls//

/usr/share/lynis/include/report: line 144: -F:: command not found
  * Harden the system by installing at least one malware scanner, to perform periodic file system scans [HRDN-7230] 
    - Solution : Install a tool like rkhunter, chkrootkit, OSSEC
      https://cisofy.com/controls//

  Follow-up:
  ----------------------------
  - Show details of a test (lynis show details TEST-ID)
  - Check the logfile for all details (less /var/log/lynis.log)
  - Read security controls texts (https://cisofy.com)
  - Use --upload to upload data to central system (Lynis Enterprise users)

================================================================================

  Lynis security scan details:

  Hardening index : 61 [############        ]
  Tests performed : 185
  Plugins enabled : 0

  Components:
  - Firewall               [V]
  - Malware scanner        [X]

  Lynis Modules:
  - Compliance Status      [?]
  - Security Audit         [V]
  - Vulnerability Scan     [V]

  Files:
  - Test and debug information      : /var/log/lynis.log
  - Report data                     : /var/log/lynis-report.dat

================================================================================

  Abweichungen gefunden
  Einige außergewöhnliche Ereignisse oder Informationen wurden gefunden!

  Was zu tun ist:
  Sie können durch Übermittlung Ihrer Logdatei helfen (/var/log/lynis.log).
  Go to https://cisofy.com/contact/ and send your file to the e-mail address listed

================================================================================

  Lynis 2.6.1

  Auditing, system hardening, and compliance for UNIX-based systems
  (Linux, macOS, BSD, and others)

  2007-2018, CISOfy - https://cisofy.com/lynis/
  Enterprise support available (compliance, plugins, interface and tools)

================================================================================

  [TIP]: Enhance Lynis audits by adding your settings to custom.prf (see /etc/lynis/default.prf for all settings)
D54 commented 6 years ago

The same for me, also on Arch Linux (Antergos). Grep, awk, sed seem missing.

  Program version:           2.6.1
  Operating system:          Linux
  Operating system name:     Arch Linux
  Operating system version:  Unknown
  Kernel version:            4.14.15
  Hardware platform:         x86_64
mboelen commented 6 years ago

In which directory are grep/awk/sed installed for you (which awk)?

tiiiecherle commented 6 years ago 
$ which awk
/usr/bin/awk
mboelen commented 6 years ago

Does it discover it? grep awk /var/log/lynis.log

tiiiecherle commented 6 years ago

grep awk /var/log/lynis.log gives an empty output with lynis 2.6.1.

It finds awk with lynis 2.6.0, but not with 2.6.1.

mboelen commented 6 years ago

And what directories did it discover: grep "Discovered directories" /var/log/lynis.log

tiiiecherle commented 6 years ago 
$ grep "Discovered directories" /var/log/lynis.log
2018-02-06 10:27:03 Discovered directories: /usr/bin/core_perl,/usr/bin/vendor_perl,/usr/bin/site_perl,/usr/lib/jvm/default/bin,/usr/local/bin,/usr/local/sbin
mboelen commented 6 years ago

Issue has been solved in the development code. We will release a new version as soon as possible.

Thanks again for reporting

tiiiecherle commented 6 years ago

thanks