Happy New Year! The first patch of the year... Reviewed-by: Michael Tremer > On 1 Jan 2022, at 16:59, Adolf Belka wrote: > > - Update from 3.0.3 to 3.0.6 > - Communication had with cisofy about the website and github versions of lynis and the > lack of a signature file on github. Following response received from Michael Boelen > of cisofy. > "GitHub releases are different as they (the tarballs) are created by GitHub itself. So > yes, the hashes will differ. In fact, the contents of the files will be different as > well. These files are not signed by GitHub or us. We consider GitHub the work version. > When we release a new version, we tag them on GitHub with a version as well. For the > stable releases, use the version on the website." > - Based on the above the version used in this build is from the website. The signature > file for version 3.0.6 on the website is now available. > - The lynis-3.0.6.tar.gz in the IPFire Source location will probably need to be removed > as it is from the Github location and running ./make.sh uploadsrc will probably not > upload the correct version because the filenames are the same. The tarball used in this > patch was from https://cisofy.com/downloads/lynis/ > - The lfs file modified to take account of the tarball expanding to just lynis without > any version number. Also the rm -rf line has been modified due to the file differences > with the previous Github versions. > - Update rootfile to take account of the plugin_pam_phase1 and plugin_systemd_phase1 > plugins not being included in the cisofy website version of the tarball. If these two > plugins that are available for community users are needed then they have to be > downloaded separately from cisofy via an email subscription to the notification test. > All other plugins are only available for paying customers. > - Changelog > Version 3.0.6 (2021-07-22) > ### Added > - OS detection: Artix Linux, macOS Monterey, NethServer, openSUSE MicroOS > - Check for outdated translation files > ### Changed > - DBS-1826 - Check if PostgreSQL is being used > - DBS-1828 - Test multiple PostgreSQL configuration file(s) > - KRNL-5830 - Sort kernels by version instead of modification date > - PKGS-7410 - Don't show exception for systems using LXC > - GetHostID function: fallback options added for Linux systems > - Fix: macOS Big Sur detection > - Fix: show correct text when egrep is missing > - Fix: variable name for PostgreSQL > - German and Spanish translations extended > Version 3.0.5 (2021-07-02) > ### Added > - OS detection of Arch Linux 32, BunsenLabs Linux, and Rocky Linux > - CRYP-8006 - Check MemoryOverwriteRequest bit to protect against cold-boot attacks (Linux) > ### Changed > - ACCT-9622 - Corrected typo > - HRDN-7231 - When calling wc, use the short -l flag instead of --lines (Busybox compatibility) > - PKGS-7320 - extended to Arch Linux 32 > - Generation of host identifiers (hostid/hostid2) extended > - Linux host identifiers are now using ip as preferred input source > - Improved logging in several areas > Version 3.0.4 (2021-05-11) > ### Added > - ACCT-9670 - Detection of cmd tooling > - ACCT-9672 - Test cmd configuration file > - BOOT-5140 - Check for ELILO boot loader presence > - OS detection of AlmaLinux, Garuda Linux, Manjaro (ARM), and others > ### Changed > - BOOT-5104 - Add service manager detection support for runit > - FILE-6430 - Report suggestion only when at least one kernel module is not in the blacklist > - FIRE-4540 - Corrected nftables empy ruleset test > - LOGG-2138 - Do not check for klogd when metalog is being used > - TIME-3185 - Improved support for Debian stretch > - Corrected issue when Lynis is not executed directly from lynis directory > > Signed-off-by: Adolf Belka > --- > config/rootfiles/packages/lynis | 2 -- > lfs/lynis | 14 +++++++------- > 2 files changed, 7 insertions(+), 9 deletions(-) > > diff --git a/config/rootfiles/packages/lynis b/config/rootfiles/packages/lynis > index 357f9cb3a..922efe5f1 100644 > --- a/config/rootfiles/packages/lynis > +++ b/config/rootfiles/packages/lynis > @@ -117,5 +117,3 @@ var/ipfire/lynis/lynis > #var/ipfire/lynis/plugins > #var/ipfire/lynis/plugins/README > var/ipfire/lynis/plugins/custom_plugin.template > -var/ipfire/lynis/plugins/plugin_pam_phase1 > -var/ipfire/lynis/plugins/plugin_systemd_phase1 > diff --git a/lfs/lynis b/lfs/lynis > index 1ae501603..e6f2007b0 100644 > --- a/lfs/lynis > +++ b/lfs/lynis > @@ -24,7 +24,7 @@ > > include Config > > -VER = 3.0.3 > +VER = 3.0.6 > > THISAPP = lynis-$(VER) > DL_FILE = $(THISAPP).tar.gz > @@ -33,7 +33,7 @@ DIR_APP = $(DIR_SRC)/$(THISAPP) > TARGET = $(DIR_INFO)/$(THISAPP) > > PROG = lynis > -PAK_VER = 9 > +PAK_VER = 10 > DEPS = > > ############################################################################### > @@ -44,7 +44,7 @@ objects = $(DL_FILE) > > $(DL_FILE) = $(DL_FROM)/$(DL_FILE) > > -$(DL_FILE)_MD5 = d5c7cdbab15029449fe5ef4b59ee941d > +$(DL_FILE)_MD5 = 23cc369984d564e4a8232473b1ace137 > > install : $(TARGET) > > @@ -76,8 +76,8 @@ dist: > > $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) > @$(PREBUILD) > - @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) > - cd $(DIR_APP) && rm -rf .git* .travis.yml *.md FAQ INSTALL LICENCE lynis.8 README > - cp -vrf $(DIR_APP) /var/ipfire/lynis > - @rm -rf $(DIR_APP) > + @rm -rf $(DIR_SRC)/$(PROG) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) > + cd $(DIR_SRC)/$(PROG) && rm -rf *.md FAQ INSTALL LICENCE lynis.8 README > + cp -vrf $(DIR_SRC)/$(PROG) /var/ipfire/lynis > + @rm -rf $(DIR_SRC)/$(PROG) > @$(POSTBUILD) > -- > 2.34.1 >