Security Hardening tool

Previously in my other distro I was using Lynis as a security hardening tool. In Manjaro I can find Lynis bit outdated with some bugs.
Can anybody suggest which hardening tool you are using which best suits manjaro.

chomsky@manjaro ~ $ yay lynis
2 aur/lynis-git (+4 0.38) (Out-of-date: 2020-08-31)
Security and system auditing tool to harden Unix/Linux systems
1 community/lynis 2.7.5-2 (215.7 KiB 1.3 MiB)
Security and system auditin

You dont want the AUR one but the one in the community repo.
sudo pacman -Syyu lynis will install the package

1 Like

Community Version is also bit outdated, 3.0.0 is the latest version.

Here you will find the latest version. You can follow the to install the package or just wait until 3.0 drops from upstream.

Lynis is a package Manjaro inherites from Arch Linux and has been flagged out of date since June.

I can see that Arch is also on version 2.7.5-2 but how can you tell it has been flagged out of date? Just curious…

In the Package Actions:


1 Like

I am using my own lynis 3.0.0 package created with this modified PKGBUILD:

# Maintainer: Levente Polyak <anthraxx[at]archlinux[dot]org>
# Contributor: SĂ©bastien Luttringer <>

pkgdesc='Security and system auditing tool to harden Unix/Linux systems'
depends=('sh' 'awk')
optdepends=('net-tools: networking tests'
            'bind-tools: nameserver tests'
            'iptables: firewall tests'
            'bash-completion: completion for bash')
validpgpkeys=('73AC9FC55848E977024D1A61429A566FD5B79251') # CISOfy (Software Signing Key) <>

prepare() {
  cd ${pkgname}
  sed -e 's|/path/to/lynis|/usr/bin/lynis|g' -i extras/systemd/lynis.service

package() {
  cd ${pkgname}

  # application
  install -Dm 755 lynis -t "${pkgdir}/usr/bin"
  install -Dm 644 default.prf -t "${pkgdir}/etc/${pkgname}"
  install -d "${pkgdir}/usr/share/${pkgname}"
  cp -ra db include plugins "${pkgdir}/usr/share/${pkgname}"

  # doc files
  install -Dm 644 README INSTALL FAQ \
    -t "${pkgdir}/usr/share/doc/${pkgname}"
  install -Dm 644 "${pkgname}.8" -t "${pkgdir}/usr/share/man/man8"

  # completion
  install -Dm 644 extras/bash_completion.d/${pkgname} \
    -t "${pkgdir}/usr/share/bash-completion/completions"

  # systemd
  install -Dm 644 extras/systemd/{lynis.service,lynis.timer} \
    -t "${pkgdir}/usr/lib/systemd/system"

I built 3.0.0, Thank you

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.