From mboxrd@z Thu Jan  1 00:00:00 1970
From: Michael Tremer <michael.tremer@ipfire.org>
To: development@lists.ipfire.org
Subject: Re: [PATCH] lynis: Update to version 3.0.6
Date: Sat, 01 Jan 2022 17:45:25 +0000
Message-ID: <106F1D8F-204D-46EC-8D2F-9970CF0ADB05@ipfire.org>
In-Reply-To: <20220101165920.3480735-1-adolf.belka@ipfire.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============7547120219975841147=="
List-Id: <development.lists.ipfire.org>

--===============7547120219975841147==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

Happy New Year! The first patch of the year...

Reviewed-by: Michael Tremer <michael.tremer(a)ipfire.org>

> On 1 Jan 2022, at 16:59, Adolf Belka <adolf.belka(a)ipfire.org> wrote:
>=20
> - Update from 3.0.3 to 3.0.6
> - Communication had with cisofy about the website and github versions of ly=
nis and the
>   lack of a signature file on github. Following response received from Mich=
ael Boelen
>   of cisofy.
>   "GitHub releases are different as they (the tarballs) are created by GitH=
ub itself. So
>    yes, the hashes will differ. In fact, the contents of the files will be =
different as
>    well. These files are not signed by GitHub or us. We consider GitHub the=
 work version.
>    When we release a new version, we tag them on GitHub with a version as w=
ell. For the
>    stable releases, use the version on the website."
> - Based on the above the version used in this build is from the website. Th=
e signature
>   file for version 3.0.6 on the website is now available.
> - The lynis-3.0.6.tar.gz in the IPFire Source location will probably need t=
o be removed
>   as it is from the Github location and running ./make.sh uploadsrc will pr=
obably not
>   upload the correct version because the filenames are the same. The tarbal=
l used in this
>   patch was from https://cisofy.com/downloads/lynis/
> - The lfs file modified to take account of the tarball expanding to just ly=
nis without
>   any version number. Also the rm -rf line has been modified due to the fil=
e differences
>   with the previous Github versions.
> - Update rootfile to take account of the plugin_pam_phase1 and plugin_syste=
md_phase1
>   plugins not being included in the cisofy website version of the tarball. =
If these two
>   plugins that are available for community users are needed then they have =
to be
>   downloaded separately from cisofy via an email subscription to the notifi=
cation test.
>   All other plugins are only available for paying customers.
> - Changelog
>   Version 3.0.6 (2021-07-22)
>    ### Added
>     - OS detection: Artix Linux, macOS Monterey, NethServer, openSUSE Micro=
OS
>     - Check for outdated translation files
>    ### Changed
>     - DBS-1826 - Check if PostgreSQL is being used
>     - DBS-1828 - Test multiple PostgreSQL configuration file(s)
>     - KRNL-5830 - Sort kernels by version instead of modification date
>     - PKGS-7410 - Don't show exception for systems using LXC
>     - GetHostID function: fallback options added for Linux systems
>     - Fix: macOS Big Sur detection
>     - Fix: show correct text when egrep is missing
>     - Fix: variable name for PostgreSQL
>     - German and Spanish translations extended
>   Version 3.0.5 (2021-07-02)
>    ### Added
>     - OS detection of Arch Linux 32, BunsenLabs Linux, and Rocky Linux
>     - CRYP-8006 - Check MemoryOverwriteRequest bit to protect against cold-=
boot attacks (Linux)
>    ### Changed
>     - ACCT-9622 - Corrected typo
>     - HRDN-7231 - When calling wc, use the short -l flag instead of --lines=
 (Busybox compatibility)
>     - PKGS-7320 - extended to Arch Linux 32
>     - Generation of host identifiers (hostid/hostid2) extended
>     - Linux host identifiers are now using ip as preferred input source
>     - Improved logging in several areas
>   Version 3.0.4 (2021-05-11)
>    ### Added
>     - ACCT-9670 - Detection of cmd tooling
>     - ACCT-9672 - Test cmd configuration file
>     - BOOT-5140 - Check for ELILO boot loader presence
>     - OS detection of AlmaLinux, Garuda Linux, Manjaro (ARM), and others
>    ### Changed
>     - BOOT-5104 - Add service manager detection support for runit
>     - FILE-6430 - Report suggestion only when at least one kernel module is=
 not in the blacklist
>     - FIRE-4540 - Corrected nftables empy ruleset test
>     - LOGG-2138 - Do not check for klogd when metalog is being used
>     - TIME-3185 - Improved support for Debian stretch
>     - Corrected issue when Lynis is not executed directly from lynis direct=
ory
>=20
> Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org>
> ---
> config/rootfiles/packages/lynis |  2 --
> lfs/lynis                       | 14 +++++++-------
> 2 files changed, 7 insertions(+), 9 deletions(-)
>=20
> diff --git a/config/rootfiles/packages/lynis b/config/rootfiles/packages/ly=
nis
> index 357f9cb3a..922efe5f1 100644
> --- a/config/rootfiles/packages/lynis
> +++ b/config/rootfiles/packages/lynis
> @@ -117,5 +117,3 @@ var/ipfire/lynis/lynis
> #var/ipfire/lynis/plugins
> #var/ipfire/lynis/plugins/README
> var/ipfire/lynis/plugins/custom_plugin.template
> -var/ipfire/lynis/plugins/plugin_pam_phase1
> -var/ipfire/lynis/plugins/plugin_systemd_phase1
> diff --git a/lfs/lynis b/lfs/lynis
> index 1ae501603..e6f2007b0 100644
> --- a/lfs/lynis
> +++ b/lfs/lynis
> @@ -24,7 +24,7 @@
>=20
> include Config
>=20
> -VER        =3D 3.0.3
> +VER        =3D 3.0.6
>=20
> THISAPP    =3D lynis-$(VER)
> DL_FILE    =3D $(THISAPP).tar.gz
> @@ -33,7 +33,7 @@ DIR_APP    =3D $(DIR_SRC)/$(THISAPP)
> TARGET     =3D $(DIR_INFO)/$(THISAPP)
>=20
> PROG       =3D lynis
> -PAK_VER    =3D 9
> +PAK_VER    =3D 10
> DEPS       =3D
>=20
> ###########################################################################=
####
> @@ -44,7 +44,7 @@ objects =3D $(DL_FILE)
>=20
> $(DL_FILE) =3D $(DL_FROM)/$(DL_FILE)
>=20
> -$(DL_FILE)_MD5 =3D d5c7cdbab15029449fe5ef4b59ee941d
> +$(DL_FILE)_MD5 =3D 23cc369984d564e4a8232473b1ace137
>=20
> install : $(TARGET)
>=20
> @@ -76,8 +76,8 @@ dist:
>=20
> $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
> 	@$(PREBUILD)
> -	@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
> -	cd $(DIR_APP) && rm -rf .git* .travis.yml *.md FAQ INSTALL LICENCE lynis.=
8 README
> -	cp -vrf $(DIR_APP) /var/ipfire/lynis
> -	@rm -rf $(DIR_APP)
> +	@rm -rf $(DIR_SRC)/$(PROG) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FIL=
E)
> +	cd $(DIR_SRC)/$(PROG) && rm -rf *.md FAQ INSTALL LICENCE lynis.8 README
> +	cp -vrf $(DIR_SRC)/$(PROG) /var/ipfire/lynis
> +	@rm -rf $(DIR_SRC)/$(PROG)
> 	@$(POSTBUILD)
> --=20
> 2.34.1
>=20


--===============7547120219975841147==--