search

personal-server-community / pschecker

Simple security audit script for your personal server
GNU General Public License v3.0
12 stars 3 forks source link

Last update checker #9

Open gelnior opened 6 years ago

gelnior commented 6 years ago

Hello all,

I added a check plugin to test if an update was performed recently. @ZeHiro, @nicofrand, @Phyks and @ldvc could you try it?

It fails if your last OS update occured more than two weeks ago.

nicofrand commented 6 years ago

Hi,

it seems to work fine when the system is uptodate :)!

Last system update was done recently: OK

ldvc commented 6 years ago

Hi!

Got an error while running on Python 3.5.3:

(venv_pschecker) root@server:~# python -V
Python 3.5.3

(venv_pschecker) root@server:~# pschecker
Running the audit of your personal server...

Context:
- Distribution: debian

Your personal server diagnostic is:

Root must not use password: KO
* Your root user should not be able to log in with password, only SSH login should be allowed.
----
Servers should not listen 0.0.0.0: KO
* Some of your servers listen to the 0.0.0.0 host: dovecot (4190), beam.smp (45353), perl (4949), dovecot (4190), miniflux (8080), init (4369)
----
Traceback (most recent call last):
  File "/root/.virtualenvs/venv_pschecker/bin/pschecker", line 11, in <module>
    sys.exit(cli())
  File "/root/.virtualenvs/venv_pschecker/lib/python3.5/site-packages/click/core.py", line 722, in __call__
    return self.main(*args, **kwargs)
  File "/root/.virtualenvs/venv_pschecker/lib/python3.5/site-packages/click/core.py", line 697, in main
    rv = self.invoke(ctx)
  File "/root/.virtualenvs/venv_pschecker/lib/python3.5/site-packages/click/core.py", line 895, in invoke
    return ctx.invoke(self.callback, **ctx.params)
  File "/root/.virtualenvs/venv_pschecker/lib/python3.5/site-packages/click/core.py", line 535, in invoke
    return callback(*args, **kwargs)
  File "/root/.virtualenvs/venv_pschecker/lib/python3.5/site-packages/pschecker/cli.py", line 24, in cli
    run_diagnostic(config)
  File "/root/.virtualenvs/venv_pschecker/lib/python3.5/site-packages/pschecker/cli.py", line 47, in run_diagnostic
    check_runner.run_check(config)
  File "/root/.virtualenvs/venv_pschecker/lib/python3.5/site-packages/pschecker/checks/firewall.py", line 17, in run_check
    is_firewall_up = check_ufw()
  File "/root/.virtualenvs/venv_pschecker/lib/python3.5/site-packages/pschecker/checks/firewall.py", line 33, in check_ufw
    "Status" in lines[0] and \
TypeError: a bytes-like object is required, not 'str'
ZeHiro commented 6 years ago

@gelnior i think i cannot test, on my server i installed apticron

gelnior commented 6 years ago

Thx for the feedback @ZeHiro.

@ldvc I'll publish a new version including your fix tomorrow.

gelnior commented 6 years ago

@ZeHiro What you mean is that apticron is a script that runs daily update on your server, so you are always good. That's why you cannot test it. Am I right?

ZeHiro commented 6 years ago

@gelnior Yes,