Comments (10)
Thanks for reporting. Please share some part of the logfile, or related files.
from lynis.
Trying to determine what would be relevant data to post....
Both /boot/grub/grub.conf
and /boot/grub/menu.lst
exist (menu.lst is a symbolic link to grub.conf).
That said, I think I have this identified. I was skipping the BOOT-5121 test, because bootloader password isn't required for this system (home VM). This also excluded the GRUB existence check.
So, the GRUB existence check needs to be separated from the GRUB password check. This will prevent the exception_event
from firing, if the password test is skipped.
from lynis.
I tried this:
--- include/tests_boot_services.old 2014-09-23 14:55:21.000000000 -0700
+++ include/tests_boot_services 2014-09-23 18:36:28.000000000 -0700
@@ -42,6 +42,8 @@
if [ -f /boot/grub/grub.conf ]; then GRUBCONFFILE="/boot/grub/grub.conf"; else GRUBCONFFILE="/boot/grub/menu.lst"; fi
logtext "Found file ${GRUBCONFFILE}, proceeding with tests."
FileIsReadable ${GRUBCONFFILE}
+ Register --test-no BOOT-5121.1 --weight L --network NO --description "Check for GRUB boot loader pasword protection."
+ if [ ${SKIPTEST} -eq 0 ]; then
if [ ${CANREAD} -eq 1 ]; then
FIND=`cat ${GRUBCONFFILE} | grep 'password --md5' | grep -v '^#'`
FIND2=`cat ${GRUBCONFFILE} | grep 'password --encrypted' | grep -v '^#'`
@@ -63,6 +65,7 @@
logtext "Result: Can not read ${GRUBCONFFILE} (no permission)"
fi
fi
+ fi
# GRUB2 configuration file
if [ -f /boot/grub/grub.cfg ]; then
...which produced some strange behavior.
The warning for no GRUB password went away, but the exception still fires that no boot loader was found. So, it's almost as if the presence check ran, but something wasn't set properly to let the reporting mechanism know.
from lynis.
I get the same issue on Ubuntu when test BOOT-5121 is skipped.
from lynis.
Test BOOT-5121 has been split into BOOT-5121 and BOOT-5122 now.
Can you confirm the patch is working for you?
from lynis.
Checking....
from lynis.
I get the following when running lynis, while /boot/
is not mounted:
- Checking boot loaders
- Checking presence GRUB2 [ FOUND ]
- Checking presence GRUB2 [ POSSIBLE MATCH ]
Then, mounting /boot/
, I get the following:
- Checking boot loaders
- Checking presence GRUB [ OK ]
- Checking presence GRUB2 [ FOUND ]
So, I'd say the detection is there.
from lynis.
Noticed an error in output, so change improved with another round. Since the "possible match" shows up, the detection seems to be accurate. Thanks for checking. Closing this issue.
from lynis.
@mboelen I'm seeing a similar issue on a different Gentoo VM. Similar build, just a (slightly) different package set.
Test BOOT-5122 is skipped via /etc/lynis/custom.prf, but BOOT-5121 is not. Do you want to reopen this issue or should I file a new one?
from lynis.
A new one please. Thanks :)
from lynis.
Related Issues (20)
- fail2ban.configreader prints warning to stderr (allowipv6) HOT 8
- Error message on debian 12 HOT 4
- Exception found! [KRNL-5730] _ReportException_ should have _GREPTOOL_ passed in and not _GREPBINARY_ HOT 1
- Unraid /boot Function/test: [KRNL-5830:2] Can not find any vmlinuz or kernel files in
- SSH daemon is running - Exception Found HOT 3
- Unknown OS found - Neon KDE HOT 1
- Lynis on OpenBSD HOT 9
- Download area cannot be listed anymore HOT 7
- [INSE-8000] The inetd service is not detected HOT 2
- [PKGS-7410] Does not detect the package containing the kernel. HOT 2
- PKGS-7392 - Found one or more vulnerable package right after dist-upgrade HOT 10
- NETW-3200 and FILE-6430 do no longer detect blacklisted modules HOT 4
- Function/test: [SSH-7404:01], Exception found!
- Unknown OS found - gardenlinux
- JBD2 is mistakenly undetected as a missing module in kernel while being built-in to it
- [PKGS-7398] NixOS: Add package audit tool vulnix
- Potential false positive on protocol detections HOT 4
- [DBS-1882] Exception HOT 1
- Potental false positive for DBS-1820 HOT 1
- [HRDN-7222] When checking permissions, permissions of symlinks are checked instead of the binary file (compilers)
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from lynis.