Lynis: Checking package audit tool [ NONE ]

0n0w1c · 11 December 2021 18:05

I have the arch-audit tool installed, not sure what it is looking for here?

0n0w1c · 11 December 2021 20:22

It seems the version of Lynis in the repo does not exactly work on Manjaro, out of the box.
I hacked the following 2 lines:

$ sudo nano /usr/share/lynis/include/tests_ports_packages

-  if [ "${OS_FULLNAME}" = "Arch Linux" ] || [ "${OS_FULLNAME}" = "Arch Linux 32" ]; then PREQS_MET="YES"; SKIPREASON=""; else PREQS_MET="NO"; SKIPREASON="Test only applies to Arch Linux"; fi

+  if [ "${OS_FULLNAME}" = "Manjaro Linux" ] || [ "${OS_FULLNAME}" = "Arch Linux" ] || [ "${OS_FULLNAME}" = "Arch Linux 32" ]; then PREQS_MET="YES"; SKIPREASON=""; else PREQS_MET="NO"; SKIPREASON="Test only applies to Manjaro and Arch Linux"; fi

-  FIND=$(${ARCH_AUDIT_BINARY} | ${SEDBINARY} 's/\.\..*$//' | ${SEDBINARY} 's/, //g' | ${SEDBINARY} 's/\(\["\|"\]\)//g' | ${SEDBINARY} 's/""/,/g' | ${AWKBINARY} '{ if($1=="Package") { print $2"|"$6"|"}}' | ${AWKBINARY} -F'|' 'NF>1{a[$1] = a[$1]","$2}END{for(i in a){print i""a[i]"|"}}' | ${SEDBINARY} 's/,/|cve=/' | ${SORTBINARY})

+  FIND=$(${ARCH_AUDIT_BINARY} -f "%n")

The changes result in this output:

-[ Lynis 3.0.5 Results ]-

  Warnings (2):
  ----------------------------
  ! Vulnerable packages found [PKGS-7322] 
    - Details  : arch-audit has output
    - Solution : Run arch-audit to see the output, and when needed update the packages with pacman -Suy
      https://cisofy.com/lynis/controls/PKGS-7322/

and the following in lynis-report.dat:

vulnerable_package[]=binutils
vulnerable_package[]=bluez
vulnerable_package[]=flac
vulnerable_package[]=giflib
vulnerable_package[]=glibc
vulnerable_package[]=krb5
vulnerable_package[]=libarchive
vulnerable_package[]=libde265
vulnerable_package[]=libheif
vulnerable_package[]=libsndfile
vulnerable_package[]=ncurses
vulnerable_package[]=openjpeg2
vulnerable_package[]=openvpn
vulnerable_package[]=perl
vulnerable_package[]=rsync
vulnerable_package[]=speex
vulnerable_package[]=wget
vulnerable_package[]=wpa_supplicant
vulnerable_package[]=xdg-utils
vulnerable_package[]=avahi
vulnerable_package[]=lua52
vulnerable_package[]=networkmanager
vulnerable_package[]=openssh
vulnerable_package[]=p7zip
warning[]=PKGS-7322|Vulnerable packages found|arch-audit has output|text:Run arch-audit to see the output, and when needed update the packages with pacman -Suy|

So I think the software audit is now properly working.

system · 14 December 2021 10:23

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.