2020-06-02 11:05:05 Starting Lynis 3.0.0 with PID 535, build date 2020-03-20 2020-06-02 11:05:05 ==== 2020-06-02 11:05:05 ### 2007-2020, CISOfy - https://cisofy.com/lynis/ ### 2020-06-02 11:05:05 Checking permissions of /root/blueval/lynis/include/profiles 2020-06-02 11:05:05 File permissions are OK 2020-06-02 11:05:05 Reading profile/configuration /root/blueval/lynis/default.prf 2020-06-02 11:05:05 Action: created temporary file /tmp/lynis.5IWW5sUxjL 2020-06-02 11:05:05 Language set via profile to '' 2020-06-02 11:05:05 Plugin 'authentication' enabled according profile (/root/blueval/lynis/default.prf) 2020-06-02 11:05:05 Plugin 'compliance' enabled according profile (/root/blueval/lynis/default.prf) 2020-06-02 11:05:05 Plugin 'configuration' enabled according profile (/root/blueval/lynis/default.prf) 2020-06-02 11:05:05 Plugin 'control-panels' enabled according profile (/root/blueval/lynis/default.prf) 2020-06-02 11:05:05 Plugin 'crypto' enabled according profile (/root/blueval/lynis/default.prf) 2020-06-02 11:05:05 Plugin 'dns' enabled according profile (/root/blueval/lynis/default.prf) 2020-06-02 11:05:05 Plugin 'docker' enabled according profile (/root/blueval/lynis/default.prf) 2020-06-02 11:05:05 Plugin 'file-integrity' enabled according profile (/root/blueval/lynis/default.prf) 2020-06-02 11:05:05 Plugin 'file-systems' enabled according profile (/root/blueval/lynis/default.prf) 2020-06-02 11:05:05 Plugin 'firewalls' enabled according profile (/root/blueval/lynis/default.prf) 2020-06-02 11:05:05 Plugin 'forensics' enabled according profile (/root/blueval/lynis/default.prf) 2020-06-02 11:05:05 Plugin 'hardware' enabled according profile (/root/blueval/lynis/default.prf) 2020-06-02 11:05:05 Plugin 'intrusion-detection' enabled according profile (/root/blueval/lynis/default.prf) 2020-06-02 11:05:05 Plugin 'intrusion-prevention' enabled according profile (/root/blueval/lynis/default.prf) 2020-06-02 11:05:05 Plugin 'kernel' enabled according profile (/root/blueval/lynis/default.prf) 2020-06-02 11:05:05 Plugin 'malware' enabled according profile (/root/blueval/lynis/default.prf) 2020-06-02 11:05:05 Plugin 'memory' enabled according profile (/root/blueval/lynis/default.prf) 2020-06-02 11:05:05 Plugin 'nginx' enabled according profile (/root/blueval/lynis/default.prf) 2020-06-02 11:05:05 Plugin 'pam' enabled according profile (/root/blueval/lynis/default.prf) 2020-06-02 11:05:05 Plugin 'processes' enabled according profile (/root/blueval/lynis/default.prf) 2020-06-02 11:05:05 Plugin 'security-modules' enabled according profile (/root/blueval/lynis/default.prf) 2020-06-02 11:05:05 Plugin 'software' enabled according profile (/root/blueval/lynis/default.prf) 2020-06-02 11:05:05 Plugin 'system-integrity' enabled according profile (/root/blueval/lynis/default.prf) 2020-06-02 11:05:05 Plugin 'systemd' enabled according profile (/root/blueval/lynis/default.prf) 2020-06-02 11:05:05 Plugin 'users' enabled according profile (/root/blueval/lynis/default.prf) 2020-06-02 11:05:06 Set option to default value: NTPD_ROLE --> client 2020-06-02 11:05:06 ==== 2020-06-02 11:05:06 ==== 2020-06-02 11:05:06 EOL check: 0 2020-06-02 11:05:06 Program version: 3.0.0 2020-06-02 11:05:06 Operating system: Linux 2020-06-02 11:05:06 Operating system name: CentOS Linux 2020-06-02 11:05:06 Operating system version: 7 2020-06-02 11:05:06 Kernel version: 3.10.0 2020-06-02 11:05:06 Kernel version (full): 3.10.0-957.10.1.el7.x86_64 2020-06-02 11:05:06 Hardware platform: x86_64 2020-06-02 11:05:06 ----------------------------------------------------- 2020-06-02 11:05:06 Hostname: marconi 2020-06-02 11:05:06 Auditor: [Not Specified] 2020-06-02 11:05:06 Profiles: /root/blueval/lynis/default.prf 2020-06-02 11:05:06 Work directory: /root/blueval/lynis 2020-06-02 11:05:06 Include directory: /root/blueval/lynis/include 2020-06-02 11:05:06 Plugin directory: ./plugins 2020-06-02 11:05:06 ----------------------------------------------------- 2020-06-02 11:05:06 Log file: /var/log/lynis.log 2020-06-02 11:05:06 Report file: /var/log/lynis-report.dat 2020-06-02 11:05:06 Report version: 1.0 2020-06-02 11:05:06 ----------------------------------------------------- 2020-06-02 11:05:06 Test category: all 2020-06-02 11:05:06 Test group: all 2020-06-02 11:05:06 BusyBox used: 0 2020-06-02 11:05:06 ==== 2020-06-02 11:05:06 Test: Checking for program update... 2020-06-02 11:05:06 Current installed version : 300 2020-06-02 11:05:06 Latest stable version : 275 2020-06-02 11:05:06 No Lynis update available. 2020-06-02 11:05:06 ==== 2020-06-02 11:05:06 Checking permissions of /root/blueval/lynis/include/binaries 2020-06-02 11:05:06 File permissions are OK 2020-06-02 11:05:06 ==== 2020-06-02 11:05:06 Action: Performing tests from category: System Tools 2020-06-02 11:05:06 Start scanning for available audit binaries and tools... 2020-06-02 11:05:06 ==== 2020-06-02 11:05:06 Performing test ID CORE-1000 (Check all system binaries) 2020-06-02 11:05:06 Status: Starting binary scan... 2020-06-02 11:05:06 Test: Checking binaries in directory /usr/local/go/bin 2020-06-02 11:05:06 Directory /usr/local/go/bin exists. Starting directory scanning... 2020-06-02 11:05:06 Test: Checking binaries in directory /root/go/bin 2020-06-02 11:05:06 Result: Directory /root/go/bin does NOT exist 2020-06-02 11:05:06 Test: Checking binaries in directory /usr/local/go/bin 2020-06-02 11:05:06 Result: Skipping this directory as it was already scanned 2020-06-02 11:05:06 Result: Directory /usr/local/go/bin skipped 2020-06-02 11:05:06 Test: Checking binaries in directory /root/go/bin 2020-06-02 11:05:06 Result: Directory /root/go/bin does NOT exist 2020-06-02 11:05:07 Test: Checking binaries in directory /usr/bin 2020-06-02 11:05:07 Directory /usr/bin exists. Starting directory scanning... 2020-06-02 11:05:07 Found known binary: as (compiler) - /usr/bin/as 2020-06-02 11:05:07 Found known binary: awk (string tool) - /usr/bin/awk 2020-06-02 11:05:07 Found known binary: base64 (encoding tool) - /usr/bin/base64 2020-06-02 11:05:07 Found known binary: bootctl (systemd-boot manager utility) - /usr/bin/bootctl 2020-06-02 11:05:07 Found known binary: cat (generic file handling) - /usr/bin/cat 2020-06-02 11:05:07 Found known binary: cc (compiler) - /usr/bin/cc 2020-06-02 11:05:07 Found known binary: comm (file compare) - /usr/bin/comm 2020-06-02 11:05:07 Found known binary: curl (browser, download utility) - /usr/bin/curl 2020-06-02 11:05:07 Found known binary: cut (text stream editor) - /usr/bin/cut 2020-06-02 11:05:07 Found known binary: dig (network/dns tool) - /usr/bin/dig 2020-06-02 11:05:07 Found known binary: dnsdomainname (DNS domain) - /usr/bin/dnsdomainname 2020-06-02 11:05:07 Found known binary: domainname (NIS domain) - /usr/bin/domainname 2020-06-02 11:05:07 Found known binary: egrep (text search) - /usr/bin/egrep 2020-06-02 11:05:07 Found known binary: file (file type detection) - /usr/bin/file 2020-06-02 11:05:07 Found known binary: find (search tool) - /usr/bin/find 2020-06-02 11:05:07 Found known binary: g++ (compiler) - /usr/bin/g++ 2020-06-02 11:05:07 Found known binary: gcc (compiler) - /usr/bin/gcc 2020-06-02 11:05:07 Found known binary: getent (query tool for name service switch libraries) - /usr/bin/getent 2020-06-02 11:05:07 Found known binary: grep (text search) - /usr/bin/grep 2020-06-02 11:05:07 Found known binary: gzip (compressing utility) - /usr/bin/gzip 2020-06-02 11:05:07 Found known binary: head (text filter) - /usr/bin/head 2020-06-02 11:05:07 Found known binary: journalctl (systemd journal) - /usr/bin/journalctl 2020-06-02 11:05:07 Found known binary: locate (file database) - /usr/bin/locate 2020-06-02 11:05:07 Found known binary: ls (file listing) - /usr/bin/ls 2020-06-02 11:05:07 Found known binary: lsattr (file attributes) - /usr/bin/lsattr 2020-06-02 11:05:07 Found known binary: lsblk (block devices) - /usr/bin/lsblk 2020-06-02 11:05:07 Found known binary: md5sum (hash tool) - /usr/bin/md5sum 2020-06-02 11:05:07 Found known binary: mount (disk utility) - /usr/bin/mount 2020-06-02 11:05:07 Found known binary: netstat (network statistics) - /usr/bin/netstat 2020-06-02 11:05:07 Found /usr/bin/openssl (version 1.0.2k-fips) 2020-06-02 11:05:07 Found /usr/bin/perl (version 5.16.3) 2020-06-02 11:05:07 Found known binary: pgrep (search in process list) - /usr/bin/pgrep 2020-06-02 11:05:07 Found known binary: ps (process listing) - /usr/bin/ps 2020-06-02 11:05:07 Found known binary: python (programming language interpreter) - /usr/bin/python (version 2.7.5) 2020-06-02 11:05:07 Found known binary: python2 (programming language interpreter) - /usr/bin/python2 (version 2.7.5) 2020-06-02 11:05:07 Found known binary: python3 (programming language interpreter) - /usr/bin/python3 (version 3.6.8) 2020-06-02 11:05:07 Found known binary: readlink (follows symlinks) - /usr/bin/readlink 2020-06-02 11:05:07 Found known binary: rpm (package manager) - /usr/bin/rpm 2020-06-02 11:05:07 Found known binary: sed (text stream editor) - /usr/bin/sed 2020-06-02 11:05:07 Found known binary: sha1/sha1sum/shasum (crypto hashing) - /usr/bin/sha1sum 2020-06-02 11:05:07 Found known binary: sha256/sha256sum (crypto hashing) - /usr/bin/sha256sum 2020-06-02 11:05:07 Found known binary: sha1/sha1sum/shasum (crypto hashing) - /usr/bin/shasum 2020-06-02 11:05:07 Found known binary: sort (sort data streams) - /usr/bin/sort 2020-06-02 11:05:07 Found known binary: ssh-keyscan (scanner for SSH keys) - /usr/bin/ssh-keyscan 2020-06-02 11:05:07 Found known binary: stat (file information) - /usr/bin/stat 2020-06-02 11:05:07 Found known binary: strings (text strings search) - /usr/bin/strings 2020-06-02 11:05:07 Found known binary: systemctl (client to systemd) - /usr/bin/systemctl 2020-06-02 11:05:07 Found known binary: systemd-analyze (systemd service analysis tool) - /usr/bin/systemd-analyze 2020-06-02 11:05:07 Found known binary: tail (text filter) - /usr/bin/tail 2020-06-02 11:05:07 Found known binary: timedatectl (timedate client) - /usr/bin/timedatectl 2020-06-02 11:05:07 Found known binary: tr (text transformation) - /usr/bin/tr 2020-06-02 11:05:07 Found known binary: uname (operating system details) - /usr/bin/uname 2020-06-02 11:05:07 Found known binary: uniq (text manipulation utility) - /usr/bin/uniq 2020-06-02 11:05:07 Found known binary: wc (word count) - /usr/bin/wc 2020-06-02 11:05:07 Found /usr/bin/wget (version 1.14) 2020-06-02 11:05:07 Found known binary: xargs (command output redirection) - /usr/bin/xargs 2020-06-02 11:05:07 Found known binary: yum (package manager) - /usr/bin/yum 2020-06-02 11:05:07 Found known binary: zgrep (text search for compressed files) - /usr/bin/zgrep 2020-06-02 11:05:07 Test: Checking binaries in directory /usr/sbin 2020-06-02 11:05:07 Directory /usr/sbin exists. Starting directory scanning... 2020-06-02 11:05:07 Found known binary: auditctl (control utility for audit daemon) - /usr/sbin/auditctl 2020-06-02 11:05:07 Found known binary: auditd (audit framework) - /usr/sbin/auditd 2020-06-02 11:05:07 Found known binary: blkid (information about block devices) - /usr/sbin/blkid 2020-06-02 11:05:07 Found known binary: chkconfig (administration tool) - /usr/sbin/chkconfig 2020-06-02 11:05:07 Found known binary: cryptsetup (block device encryption) - /usr/sbin/cryptsetup 2020-06-02 11:05:07 Found known binary: dmidecode (hardware collector tool) - /usr/sbin/dmidecode 2020-06-02 11:05:07 Found known binary: getcap (kernel capabilities) - /usr/sbin/getcap 2020-06-02 11:05:07 Found known binary: grpck (consistency checker) - /usr/sbin/grpck 2020-06-02 11:05:07 Found known binary: grub2-install (installer for boot loader) - /usr/sbin/grub2-install 2020-06-02 11:05:07 Found known binary: ipconfig (IP configuration) - /usr/sbin/ifconfig 2020-06-02 11:05:08 Found known binary: ip (IP configuration) - /usr/sbin/ip 2020-06-02 11:05:08 Found known binary: iptables (firewall) - /usr/sbin/iptables 2020-06-02 11:05:08 Found known binary: iptables-save (firewall) - /usr/sbin/iptables-save 2020-06-02 11:05:08 Found known binary: logrotate (log rotation tool) - /usr/sbin/logrotate 2020-06-02 11:05:08 Found known binary: lsmod (kernel modules) - /usr/sbin/lsmod 2020-06-02 11:05:08 Found known binary: lsof (open files) - /usr/sbin/lsof 2020-06-02 11:05:08 Found known binary: lvdisplay (LVM tool) - /usr/sbin/lvdisplay 2020-06-02 11:05:08 Found known binary: modprobe (kernel modules) - /usr/sbin/modprobe 2020-06-02 11:05:08 Found known binary: postconf (postfix configuration) - /usr/sbin/postconf 2020-06-02 11:05:08 Found known binary: postfix (postfix binary) - /usr/sbin/postfix 2020-06-02 11:05:08 Found known binary: rpcinfo (RPC information) - /usr/sbin/rpcinfo 2020-06-02 11:05:08 Found known binary: runlevel (system utility) - /usr/sbin/runlevel 2020-06-02 11:05:08 Found known binary: semanage (SELinux policy management tool) - /usr/sbin/semanage 2020-06-02 11:05:08 Found known binary: service (system services) - /usr/sbin/service 2020-06-02 11:05:08 Found known binary: sestatus (SELinux status tool) - /usr/sbin/sestatus 2020-06-02 11:05:08 Found known binary: showmount (NFS mounts) - /usr/sbin/showmount 2020-06-02 11:05:08 Found known binary: ss (show sockets) - /usr/sbin/ss 2020-06-02 11:05:08 Found /usr/sbin/sshd (version 7.4) 2020-06-02 11:05:08 Found known binary: swapon (swap device tool) - /usr/sbin/swapon 2020-06-02 11:05:08 Found known binary: sysctl (kernel parameters) - /usr/sbin/sysctl 2020-06-02 11:05:08 Found known binary: tune2fs (file system tool) - /usr/sbin/tune2fs 2020-06-02 11:05:08 Found known binary: vgdisplay (LVM tool) - /usr/sbin/vgdisplay 2020-06-02 11:05:08 Test: Checking binaries in directory /usr/local/bin 2020-06-02 11:05:08 Directory /usr/local/bin exists. Starting directory scanning... 2020-06-02 11:05:08 Test: Checking binaries in directory /usr/local/sbin 2020-06-02 11:05:08 Directory /usr/local/sbin exists. Starting directory scanning... 2020-06-02 11:05:08 Discovered directories: /usr/local/go/bin,/usr/bin,/usr/sbin,/usr/local/bin,/usr/local/sbin 2020-06-02 11:05:08 Result: found 1871 binaries including 27 set-uid and 7 set-gid 2020-06-02 11:05:08 Result: set-uid binaries: /usr/bin/at /usr/bin/atq /usr/bin/atrm /usr/bin/chage /usr/bin/chfn /usr/bin/chsh /usr/bin/crontab /usr/bin/fusermount /usr/bin/gpasswd /usr/bin/mount /usr/bin/newgrp /usr/bin/passwd /usr/bin/pkexec /usr/bin/sg /usr/bin/staprun /usr/bin/su /usr/bin/sudo /usr/bin/sudoedit /usr/bin/umount /usr/sbin/mount.nfs /usr/sbin/mount.nfs4 /usr/sbin/pam_timestamp_check /usr/sbin/umount.nfs /usr/sbin/umount.nfs4 /usr/sbin/unix_chkpwd /usr/sbin/userhelper /usr/sbin/usernetctl 2020-06-02 11:05:08 Result: set-gid binaries: /usr/bin/locate /usr/bin/ssh-agent /usr/bin/wall /usr/bin/write /usr/sbin/netreport /usr/sbin/postdrop /usr/sbin/postqueue 2020-06-02 11:05:08 ==== 2020-06-02 11:05:08 Informational: package manager is used 2020-06-02 11:05:08 Test: Determine if this system is a virtual machine 2020-06-02 11:05:08 Result: facter utility not found 2020-06-02 11:05:08 Test: trying to guess virtualization technology with systemd-detect-virt 2020-06-02 11:05:08 Result: found none 2020-06-02 11:05:08 Result: skipped lscpu test, as we already found machine type 2020-06-02 11:05:08 Result: skipped dmidecode test, as we already found machine type 2020-06-02 11:05:08 Result: skipped processes test, as we already found platform 2020-06-02 11:05:08 Result: skipped Amazon EC2 test, as we already found platform 2020-06-02 11:05:08 Result: skipped sysctl test, as we already found platform 2020-06-02 11:05:08 Result: skipped lshw test, as we already found machine type 2020-06-02 11:05:08 Result: Unknown virtualization type, so most likely system is physical 2020-06-02 11:05:08 Result: unknown if this system is a virtual machine 2020-06-02 11:05:08 Result: Lynis is not running in container 2020-06-02 11:05:08 Result: system is using systemd 2020-06-02 11:05:08 ==== 2020-06-02 11:05:08 Action: Performing plugin tests 2020-06-02 11:05:08 Searching plugins... 2020-06-02 11:05:08 Found plugin file: ./plugins/plugin_pam_phase1 2020-06-02 11:05:08 Action: checking plugin status in profile: /root/blueval/lynis/default.prf 2020-06-02 11:05:08 Result: plugin enabled in profile (/root/blueval/lynis/default.prf) 2020-06-02 11:05:08 Result: plugin pam is enabled 2020-06-02 11:05:08 Checking permissions of ./plugins/plugin_pam_phase1 2020-06-02 11:05:08 File permissions are OK 2020-06-02 11:05:08 Including plugin file: ./plugins/plugin_pam_phase1 (version: 1.0.5) 2020-06-02 11:05:08 ==== 2020-06-02 11:05:08 Performing test ID PLGN-0008 (Check PAM configuration (pwquality.conf)) 2020-06-02 11:05:08 ==== 2020-06-02 11:05:08 Performing test ID PLGN-0010 (Check PAM configuration) 2020-06-02 11:05:08 Result: /etc/pam.d exists 2020-06-02 11:05:08 Now checking PAM file /etc/pam.d/config-util 2020-06-02 11:05:08 Result: using module pam_rootok.so (sufficient) without options configured 2020-06-02 11:05:08 Result: using module pam_timestamp.so (sufficient) without options configured 2020-06-02 11:05:08 Result: using module pam_permit.so (required) without options configured 2020-06-02 11:05:08 Result: using module pam_permit.so (required) without options configured 2020-06-02 11:05:08 Result: using module pam_xauth.so (optional) without options configured 2020-06-02 11:05:08 Result: using module pam_timestamp.so (optional) without options configured 2020-06-02 11:05:08 Now checking PAM file /etc/pam.d/other 2020-06-02 11:05:08 Result: using module pam_deny.so (required) without options configured 2020-06-02 11:05:08 Result: using module pam_deny.so (required) without options configured 2020-06-02 11:05:08 Result: using module pam_deny.so (required) without options configured 2020-06-02 11:05:08 Result: using module pam_deny.so (required) without options configured 2020-06-02 11:05:08 Now checking PAM file /etc/pam.d/passwd 2020-06-02 11:05:08 Unknown control flag found (substack) 2020-06-02 11:05:09 Result: using module system-auth (substack) without options configured 2020-06-02 11:05:09 Result: found pluggable authentication module system-auth, which is unknown 2020-06-02 11:05:09 Result: using module pam_gnome_keyring.so (optional) with options use_authtok 2020-06-02 11:05:09 Result: found pluggable authentication module pam_gnome_keyring.so, which is unknown 2020-06-02 11:05:09 Unknown control flag found (substack) 2020-06-02 11:05:09 Result: using module postlogin (substack) without options configured 2020-06-02 11:05:09 Result: found pluggable authentication module postlogin, which is unknown 2020-06-02 11:05:09 Now checking PAM file /etc/pam.d/chfn 2020-06-02 11:05:09 Result: using module pam_rootok.so (sufficient) without options configured 2020-06-02 11:05:09 Now checking PAM file /etc/pam.d/chsh 2020-06-02 11:05:09 Result: using module pam_rootok.so (sufficient) without options configured 2020-06-02 11:05:09 Now checking PAM file /etc/pam.d/login 2020-06-02 11:05:09 Result: Found brackets in line, indicating multiple options for control flags: user_unknown=ignore success=ok ignore=ignore default=bad 2020-06-02 11:05:09 Result: brackets used, ignoring control flags 2020-06-02 11:05:09 Result: using module pam_securetty.so (other) without options configured 2020-06-02 11:05:09 Unknown control flag found (substack) 2020-06-02 11:05:09 Result: using module system-auth (substack) without options configured 2020-06-02 11:05:09 Result: found pluggable authentication module system-auth, which is unknown 2020-06-02 11:05:09 Result: using module pam_nologin.so (required) without options configured 2020-06-02 11:05:09 Result: using module pam_selinux.so (required) with options close 2020-06-02 11:05:09 Result: using module pam_loginuid.so (required) without options configured 2020-06-02 11:05:09 Result: using module pam_console.so (optional) without options configured 2020-06-02 11:05:09 Result: found pluggable authentication module pam_console.so, which is unknown 2020-06-02 11:05:09 Result: using module pam_selinux.so (required) with options open 2020-06-02 11:05:09 Result: using module pam_namespace.so (required) without options configured 2020-06-02 11:05:09 Result: using module pam_keyinit.so (optional) with options force revoke 2020-06-02 11:05:09 Result: using module pam_ck_connector.so (optional) without options configured 2020-06-02 11:05:09 Result: found pluggable authentication module pam_ck_connector.so, which is unknown 2020-06-02 11:05:09 Now checking PAM file /etc/pam.d/remote 2020-06-02 11:05:09 Result: using module pam_securetty.so (required) without options configured 2020-06-02 11:05:09 Unknown control flag found (substack) 2020-06-02 11:05:09 Result: using module password-auth (substack) without options configured 2020-06-02 11:05:09 Result: found pluggable authentication module password-auth, which is unknown 2020-06-02 11:05:09 Result: using module pam_nologin.so (required) without options configured 2020-06-02 11:05:09 Result: using module pam_selinux.so (required) with options close 2020-06-02 11:05:09 Result: using module pam_loginuid.so (required) without options configured 2020-06-02 11:05:09 Result: using module pam_selinux.so (required) with options open 2020-06-02 11:05:09 Result: using module pam_namespace.so (required) without options configured 2020-06-02 11:05:09 Result: using module pam_keyinit.so (optional) with options force revoke 2020-06-02 11:05:09 Now checking PAM file /etc/pam.d/runuser 2020-06-02 11:05:09 Result: using module pam_rootok.so (sufficient) without options configured 2020-06-02 11:05:09 Result: using module pam_keyinit.so (optional) with options revoke 2020-06-02 11:05:09 Result: using module pam_limits.so (required) without options configured 2020-06-02 11:05:09 Result: using module pam_unix.so (required) without options configured 2020-06-02 11:05:09 Result: found pam_unix.so module (generic) 2020-06-02 11:05:09 Now checking PAM file /etc/pam.d/runuser-l 2020-06-02 11:05:10 Result: using module pam_keyinit.so (optional) with options force revoke 2020-06-02 11:05:10 Result: using module pam_systemd.so (optional) without options configured 2020-06-02 11:05:10 Now checking PAM file /etc/pam.d/su 2020-06-02 11:05:10 Result: using module pam_rootok.so (sufficient) without options configured 2020-06-02 11:05:10 Unknown control flag found (substack) 2020-06-02 11:05:10 Result: using module system-auth (substack) without options configured 2020-06-02 11:05:10 Result: found pluggable authentication module system-auth, which is unknown 2020-06-02 11:05:10 Result: using module pam_succeed_if.so (sufficient) with options uid = 0 use_uid quiet 2020-06-02 11:05:10 Result: using module pam_xauth.so (optional) without options configured 2020-06-02 11:05:10 Now checking PAM file /etc/pam.d/su-l 2020-06-02 11:05:10 Result: using module pam_keyinit.so (optional) with options force revoke 2020-06-02 11:05:10 Now checking PAM file /etc/pam.d/systemd-user 2020-06-02 11:05:10 Now checking PAM file /etc/pam.d/polkit-1 2020-06-02 11:05:10 Now checking PAM file /etc/pam.d/crond 2020-06-02 11:05:10 Result: using module pam_access.so (required) without options configured 2020-06-02 11:05:10 Result: using module pam_loginuid.so (required) without options configured 2020-06-02 11:05:10 Now checking PAM file /etc/pam.d/vlock 2020-06-02 11:05:10 Result: using module pam_permit.so (required) without options configured 2020-06-02 11:05:10 Now checking PAM file /etc/pam.d/setup 2020-06-02 11:05:10 Result: using module pam_rootok.so (sufficient) without options configured 2020-06-02 11:05:10 Result: using module pam_permit.so (required) without options configured 2020-06-02 11:05:10 Result: using module pam_permit.so (required) without options configured 2020-06-02 11:05:10 Now checking PAM file /etc/pam.d/sshd 2020-06-02 11:05:10 Result: using module pam_sepermit.so (required) without options configured 2020-06-02 11:05:10 Result: found pluggable authentication module pam_sepermit.so, which is unknown 2020-06-02 11:05:10 Unknown control flag found (substack) 2020-06-02 11:05:10 Result: using module password-auth (substack) without options configured 2020-06-02 11:05:10 Result: found pluggable authentication module password-auth, which is unknown 2020-06-02 11:05:10 Result: using module pam_reauthorize.so (optional) with options prepare 2020-06-02 11:05:10 Result: found pluggable authentication module pam_reauthorize.so, which is unknown 2020-06-02 11:05:10 Result: using module pam_nologin.so (required) without options configured 2020-06-02 11:05:10 Result: using module pam_selinux.so (required) with options close 2020-06-02 11:05:10 Result: using module pam_loginuid.so (required) without options configured 2020-06-02 11:05:11 Result: using module pam_selinux.so (required) with options open env_params 2020-06-02 11:05:11 Result: using module pam_namespace.so (required) without options configured 2020-06-02 11:05:11 Result: using module pam_keyinit.so (optional) with options force revoke 2020-06-02 11:05:11 Result: using module pam_reauthorize.so (optional) with options prepare 2020-06-02 11:05:11 Result: found pluggable authentication module pam_reauthorize.so, which is unknown 2020-06-02 11:05:11 Now checking PAM file /etc/pam.d/smtp.postfix 2020-06-02 11:05:11 Now checking PAM file /etc/pam.d/atd 2020-06-02 11:05:11 Result: using module pam_env.so (required) without options configured 2020-06-02 11:05:11 Result: using module pam_access.so (required) without options configured 2020-06-02 11:05:11 Result: using module pam_loginuid.so (required) without options configured 2020-06-02 11:05:11 Now checking PAM file /etc/pam.d/sudo 2020-06-02 11:05:11 Result: using module pam_keyinit.so (optional) with options revoke 2020-06-02 11:05:11 Result: using module pam_limits.so (required) without options configured 2020-06-02 11:05:11 Now checking PAM file /etc/pam.d/sudo-i 2020-06-02 11:05:11 Result: using module pam_keyinit.so (optional) with options force revoke 2020-06-02 11:05:11 Result: using module pam_limits.so (required) without options configured 2020-06-02 11:05:11 Now checking PAM file /etc/pam.d/system-auth-ac 2020-06-02 11:05:11 Result: using module pam_env.so (required) without options configured 2020-06-02 11:05:11 Result: using module pam_faildelay.so (required) with options delay=2000000 2020-06-02 11:05:11 Result: using module pam_fprintd.so (sufficient) without options configured 2020-06-02 11:05:11 Result: found pluggable authentication module pam_fprintd.so, which is unknown 2020-06-02 11:05:11 Result: using module pam_unix.so (sufficient) with options nullok try_first_pass 2020-06-02 11:05:11 Result: found pam_unix.so module (generic) 2020-06-02 11:05:11 Result: using module pam_succeed_if.so (requisite) with options uid >= 1000 quiet_success 2020-06-02 11:05:11 Result: using module pam_deny.so (required) without options configured 2020-06-02 11:05:11 Result: using module pam_unix.so (required) without options configured 2020-06-02 11:05:11 Result: found pam_unix.so module (generic) 2020-06-02 11:05:11 Result: using module pam_localuser.so (sufficient) without options configured 2020-06-02 11:05:11 Result: using module pam_succeed_if.so (sufficient) with options uid < 1000 quiet 2020-06-02 11:05:11 Result: using module pam_permit.so (required) without options configured 2020-06-02 11:05:11 Result: using module pam_pwquality.so (requisite) with options try_first_pass local_users_only retry=3 authtok_type= 2020-06-02 11:05:11 Result: found module pam_pwquality.so for password strength testing 2020-06-02 11:05:11 Result: unknown option found: try_first_pass with value 2020-06-02 11:05:11 Result: unknown option found: local_users_only with value 2020-06-02 11:05:11 Result: Max password Retry configured 2020-06-02 11:05:11 Value is now: 3 2020-06-02 11:05:11 Returning value: 3 2020-06-02 11:05:11 Result: unknown option found: authtok_type with value 2020-06-02 11:05:11 Result: using module pam_unix.so (sufficient) with options sha512 shadow nullok try_first_pass use_authtok 2020-06-02 11:05:11 Result: found pam_unix.so module (generic) 2020-06-02 11:05:11 Result: using module pam_deny.so (required) without options configured 2020-06-02 11:05:11 Result: using module pam_keyinit.so (optional) with options revoke 2020-06-02 11:05:11 Result: using module pam_limits.so (required) without options configured 2020-06-02 11:05:12 Result: using module pam_systemd.so (optional) without options configured 2020-06-02 11:05:12 Result: Found brackets in line, indicating multiple options for control flags: success=1 default=ignore 2020-06-02 11:05:12 Result: brackets used, ignoring control flags 2020-06-02 11:05:12 Result: using module pam_succeed_if.so (other) with options service in crond quiet use_uid 2020-06-02 11:05:12 Result: using module pam_unix.so (required) without options configured 2020-06-02 11:05:12 Result: found pam_unix.so module (generic) 2020-06-02 11:05:12 Now checking PAM file /etc/pam.d/postlogin-ac 2020-06-02 11:05:12 Result: Found brackets in line, indicating multiple options for control flags: success=1 default=ignore 2020-06-02 11:05:12 Result: brackets used, ignoring control flags 2020-06-02 11:05:12 Result: using module pam_succeed_if.so (other) with options service !~ gdm* service !~ su* quiet 2020-06-02 11:05:12 Result: Found brackets in line, indicating multiple options for control flags: default=1 2020-06-02 11:05:12 Result: brackets used, ignoring control flags 2020-06-02 11:05:12 Result: using module pam_lastlog.so (other) with options nowtmp showfailed 2020-06-02 11:05:12 Result: using module pam_lastlog.so (optional) with options silent noupdate showfailed 2020-06-02 11:05:12 Now checking PAM file /etc/pam.d/password-auth-ac 2020-06-02 11:05:12 Result: using module pam_env.so (required) without options configured 2020-06-02 11:05:12 Result: using module pam_faildelay.so (required) with options delay=2000000 2020-06-02 11:05:12 Result: using module pam_unix.so (sufficient) with options nullok try_first_pass 2020-06-02 11:05:12 Result: found pam_unix.so module (generic) 2020-06-02 11:05:12 Result: using module pam_succeed_if.so (requisite) with options uid >= 1000 quiet_success 2020-06-02 11:05:12 Result: using module pam_deny.so (required) without options configured 2020-06-02 11:05:12 Result: using module pam_unix.so (required) without options configured 2020-06-02 11:05:12 Result: found pam_unix.so module (generic) 2020-06-02 11:05:12 Result: using module pam_localuser.so (sufficient) without options configured 2020-06-02 11:05:12 Result: using module pam_succeed_if.so (sufficient) with options uid < 1000 quiet 2020-06-02 11:05:12 Result: using module pam_permit.so (required) without options configured 2020-06-02 11:05:12 Result: using module pam_pwquality.so (requisite) with options try_first_pass local_users_only retry=3 authtok_type= 2020-06-02 11:05:12 Result: found module pam_pwquality.so for password strength testing 2020-06-02 11:05:12 Result: unknown option found: try_first_pass with value 2020-06-02 11:05:12 Result: unknown option found: local_users_only with value 2020-06-02 11:05:12 Result: Max password Retry configured 2020-06-02 11:05:12 Value is now: 3 2020-06-02 11:05:12 Returning value: 3 2020-06-02 11:05:12 Result: unknown option found: authtok_type with value 2020-06-02 11:05:12 Result: using module pam_unix.so (sufficient) with options sha512 shadow nullok try_first_pass use_authtok 2020-06-02 11:05:12 Result: found pam_unix.so module (generic) 2020-06-02 11:05:12 Result: using module pam_deny.so (required) without options configured 2020-06-02 11:05:12 Result: using module pam_keyinit.so (optional) with options revoke 2020-06-02 11:05:12 Result: using module pam_limits.so (required) without options configured 2020-06-02 11:05:12 Result: using module pam_systemd.so (optional) without options configured 2020-06-02 11:05:12 Result: Found brackets in line, indicating multiple options for control flags: success=1 default=ignore 2020-06-02 11:05:12 Result: brackets used, ignoring control flags 2020-06-02 11:05:12 Result: using module pam_succeed_if.so (other) with options service in crond quiet use_uid 2020-06-02 11:05:12 Result: using module pam_unix.so (required) without options configured 2020-06-02 11:05:12 Result: found pam_unix.so module (generic) 2020-06-02 11:05:12 Now checking PAM file /etc/pam.d/fingerprint-auth-ac 2020-06-02 11:05:12 Result: using module pam_env.so (required) without options configured 2020-06-02 11:05:12 Result: using module pam_fprintd.so (sufficient) without options configured 2020-06-02 11:05:12 Result: found pluggable authentication module pam_fprintd.so, which is unknown 2020-06-02 11:05:12 Result: using module pam_deny.so (required) without options configured 2020-06-02 11:05:12 Result: using module pam_unix.so (required) without options configured 2020-06-02 11:05:12 Result: found pam_unix.so module (generic) 2020-06-02 11:05:12 Result: using module pam_localuser.so (sufficient) without options configured 2020-06-02 11:05:12 Result: using module pam_succeed_if.so (sufficient) with options uid < 1000 quiet 2020-06-02 11:05:12 Result: using module pam_permit.so (required) without options configured 2020-06-02 11:05:12 Result: using module pam_deny.so (required) without options configured 2020-06-02 11:05:12 Result: using module pam_keyinit.so (optional) with options revoke 2020-06-02 11:05:12 Result: using module pam_limits.so (required) without options configured 2020-06-02 11:05:12 Result: using module pam_systemd.so (optional) without options configured 2020-06-02 11:05:12 Result: Found brackets in line, indicating multiple options for control flags: success=1 default=ignore 2020-06-02 11:05:12 Result: brackets used, ignoring control flags 2020-06-02 11:05:12 Result: using module pam_succeed_if.so (other) with options service in crond quiet use_uid 2020-06-02 11:05:12 Result: using module pam_unix.so (required) without options configured 2020-06-02 11:05:12 Result: found pam_unix.so module (generic) 2020-06-02 11:05:12 Now checking PAM file /etc/pam.d/smartcard-auth-ac 2020-06-02 11:05:13 Result: using module pam_env.so (required) without options configured 2020-06-02 11:05:13 Result: Found brackets in line, indicating multiple options for control flags: success=done ignore=ignore default=die 2020-06-02 11:05:13 Result: brackets used, ignoring control flags 2020-06-02 11:05:13 Result: using module pam_pkcs11.so (other) with options nodebug wait_for_card 2020-06-02 11:05:13 Result: found pluggable authentication module pam_pkcs11.so, which is unknown 2020-06-02 11:05:13 Result: using module pam_deny.so (required) without options configured 2020-06-02 11:05:13 Result: using module pam_unix.so (required) without options configured 2020-06-02 11:05:13 Result: found pam_unix.so module (generic) 2020-06-02 11:05:13 Result: using module pam_localuser.so (sufficient) without options configured 2020-06-02 11:05:13 Result: using module pam_succeed_if.so (sufficient) with options uid < 1000 quiet 2020-06-02 11:05:13 Result: using module pam_permit.so (required) without options configured 2020-06-02 11:05:13 Result: using module pam_pkcs11.so (required) without options configured 2020-06-02 11:05:13 Result: found pluggable authentication module pam_pkcs11.so, which is unknown 2020-06-02 11:05:13 Result: using module pam_keyinit.so (optional) with options revoke 2020-06-02 11:05:13 Result: using module pam_limits.so (required) without options configured 2020-06-02 11:05:13 Result: using module pam_systemd.so (optional) without options configured 2020-06-02 11:05:13 Result: Found brackets in line, indicating multiple options for control flags: success=1 default=ignore 2020-06-02 11:05:13 Result: brackets used, ignoring control flags 2020-06-02 11:05:13 Result: using module pam_succeed_if.so (other) with options service in crond quiet use_uid 2020-06-02 11:05:13 Result: using module pam_unix.so (required) without options configured 2020-06-02 11:05:13 Result: found pam_unix.so module (generic) 2020-06-02 11:05:13 Now checking PAM file /etc/pam.d/cvs 2020-06-02 11:05:13 [PAM] PAM 2F authentication enabled: 0 2020-06-02 11:05:13 [PAM] PAM 2F authentication required: 0 2020-06-02 11:05:13 [PAM] Authentication unlock time: not configured 2020-06-02 11:05:13 [PAM] Password brute force protection: 0 2020-06-02 11:05:13 [PAM] Minimum password length: not configured 2020-06-02 11:05:13 [PAM] Password strength testing enabled: 1 2020-06-02 11:05:13 [PAM] Minimum password class out of 4: 0 2020-06-02 11:05:13 [PAM] Maximum credit for Digital characters: 1 2020-06-02 11:05:13 [PAM] Maximum credit for Lowercase characters: 1 2020-06-02 11:05:13 [PAM] Maximum credit for Other characters: 1 2020-06-02 11:05:13 [PAM] Maximum credit for Uppercase characters: 1 2020-06-02 11:05:13 [PAM] Password maximum retry: 3 2020-06-02 11:05:13 [PAM] Password history with pam_pwhistory IS NOT enabled 2020-06-02 11:05:13 [PAM] Password history with pam_unix IS NOT enabled 2020-06-02 11:05:13 ==== 2020-06-02 11:05:13 Result: pam plugin (phase 1) finished 2020-06-02 11:05:13 -- 2020-06-02 11:05:13 Found plugin file: ./plugins/plugin_systemd_phase1 2020-06-02 11:05:13 Action: checking plugin status in profile: /root/blueval/lynis/default.prf 2020-06-02 11:05:13 Result: plugin enabled in profile (/root/blueval/lynis/default.prf) 2020-06-02 11:05:13 Result: plugin systemd is enabled 2020-06-02 11:05:13 Checking permissions of ./plugins/plugin_systemd_phase1 2020-06-02 11:05:13 File permissions are OK 2020-06-02 11:05:13 Including plugin file: ./plugins/plugin_systemd_phase1 (version: 1.0.4) 2020-06-02 11:05:13 ==== 2020-06-02 11:05:13 Performing test ID PLGN-3800 (Gather systemctl exit code) 2020-06-02 11:05:13 ==== 2020-06-02 11:05:13 Performing test ID PLGN-3802 (Query systemd version and options) 2020-06-02 11:05:13 Result: found systemd version 219 2020-06-02 11:05:13 Result: found builtin components list 2020-06-02 11:05:13 ==== 2020-06-02 11:05:13 Performing test ID PLGN-3804 (Gather systemd unit files and their status) 2020-06-02 11:05:13 Result: found systemd unit files via systemctl list-unit-files 2020-06-02 11:05:13 Output: proc-sys-fs-binfmt_misc.automount|static| 2020-06-02 11:05:13 Output: dev-hugepages.mount|static| 2020-06-02 11:05:13 Output: dev-mqueue.mount|static| 2020-06-02 11:05:13 Output: proc-fs-nfsd.mount|static| 2020-06-02 11:05:13 Output: proc-sys-fs-binfmt_misc.mount|static| 2020-06-02 11:05:13 Output: sys-fs-fuse-connections.mount|static| 2020-06-02 11:05:13 Output: sys-kernel-config.mount|static| 2020-06-02 11:05:13 Output: sys-kernel-debug.mount|static| 2020-06-02 11:05:13 Output: tmp.mount|disabled| 2020-06-02 11:05:13 Output: var-lib-nfs-rpc_pipefs.mount|static| 2020-06-02 11:05:13 Output: brandbot.path|disabled| 2020-06-02 11:05:13 Output: systemd-ask-password-console.path|static| 2020-06-02 11:05:13 Output: systemd-ask-password-plymouth.path|static| 2020-06-02 11:05:13 Output: systemd-ask-password-wall.path|static| 2020-06-02 11:05:13 Output: libpod-19c96926ac803ab8...268e95254b9cadf3722d04c7d0ac739fa4ebe9d.scope|static| 2020-06-02 11:05:13 Output: libpod-809e18964728af7a...a12b7373ff2bc3a6c562b4d7e769365f06ecb24.scope|static| 2020-06-02 11:05:13 Output: libpod-823aec98fc8ce454...544d9fae731c6e406db3f4a55d1b99aeea9d8ba.scope|static| 2020-06-02 11:05:13 Output: libpod-8e8ce7660f8e765f...9c5473dfe94e56aad4c46b90198c83bd55cb236.scope|static| 2020-06-02 11:05:13 Output: libpod-ce3ff2bcc942e4a8...991b30f7830af47436f6c719853628d63ae1e94.scope|static| 2020-06-02 11:05:13 Output: libpod-conmon-19c96926a...268e95254b9cadf3722d04c7d0ac739fa4ebe9d.scope|static| 2020-06-02 11:05:13 Output: libpod-conmon-809e18964...a12b7373ff2bc3a6c562b4d7e769365f06ecb24.scope|static| 2020-06-02 11:05:13 Output: libpod-conmon-823aec98f...544d9fae731c6e406db3f4a55d1b99aeea9d8ba.scope|static| 2020-06-02 11:05:13 Output: libpod-conmon-8e8ce7660...9c5473dfe94e56aad4c46b90198c83bd55cb236.scope|static| 2020-06-02 11:05:13 Output: libpod-conmon-ce3ff2bcc...991b30f7830af47436f6c719853628d63ae1e94.scope|static| 2020-06-02 11:05:13 Output: machine-qemu\x2d2\x2dkni\x2dupi\x2dlab\x2dworker\x2d0.scope|static| 2020-06-02 11:05:13 Output: machine-qemu\x2d3\x2dkni\x2dupi\x2dlab\x2dworker\x2d1.scope|static| 2020-06-02 11:05:13 Output: machine-qemu\x2d4\x2dkni\x2dupi\x2dlab\x2dmaster\x2d0.scope|static| 2020-06-02 11:05:13 Output: session-1.scope|static| 2020-06-02 11:05:13 Output: abrt-ccpp.service|enabled| 2020-06-02 11:05:13 Output: abrt-oops.service|enabled| 2020-06-02 11:05:13 Output: abrt-pstoreoops.service|disabled| 2020-06-02 11:05:13 Output: abrt-vmcore.service|enabled| 2020-06-02 11:05:13 Output: abrt-xorg.service|enabled| 2020-06-02 11:05:13 Output: abrtd.service|enabled| 2020-06-02 11:05:13 Output: arp-ethers.service|disabled| 2020-06-02 11:05:13 Output: atd.service|enabled| 2020-06-02 11:05:13 Output: auditd.service|enabled| 2020-06-02 11:05:13 Output: auth-rpcgss-module.service|static| 2020-06-02 11:05:13 Output: autovt@.service|enabled| 2020-06-02 11:05:13 Output: blk-availability.service|disabled| 2020-06-02 11:05:13 Output: brandbot.service|static| 2020-06-02 11:05:13 Output: chrony-dnssrv@.service|static| 2020-06-02 11:05:13 Output: chrony-wait.service|disabled| 2020-06-02 11:05:13 Output: chronyd.service|enabled| 2020-06-02 11:05:13 Output: console-getty.service|disabled| 2020-06-02 11:05:13 Output: console-shell.service|disabled| 2020-06-02 11:05:13 Output: container-getty@.service|static| 2020-06-02 11:05:13 Output: cpupower.service|disabled| 2020-06-02 11:05:13 Output: crond.service|enabled| 2020-06-02 11:05:13 Output: cvs@.service|static| 2020-06-02 11:05:13 Output: dbus-org.freedesktop.hostname1.service|static| 2020-06-02 11:05:13 Output: dbus-org.freedesktop.import1.service|static| 2020-06-02 11:05:13 Output: dbus-org.freedesktop.locale1.service|static| 2020-06-02 11:05:13 Output: dbus-org.freedesktop.login1.service|static| 2020-06-02 11:05:13 Output: dbus-org.freedesktop.machine1.service|static| 2020-06-02 11:05:13 Output: dbus-org.freedesktop.NetworkManager.service|enabled| 2020-06-02 11:05:13 Output: dbus-org.freedesktop.nm-dispatcher.service|enabled| 2020-06-02 11:05:13 Output: dbus-org.freedesktop.timedate1.service|static| 2020-06-02 11:05:13 Output: dbus.service|static| 2020-06-02 11:05:13 Output: debug-shell.service|disabled| 2020-06-02 11:05:13 Output: dm-event.service|static| 2020-06-02 11:05:13 Output: dmraid-activation.service|enabled| 2020-06-02 11:05:13 Output: dnsmasq.service|enabled| 2020-06-02 11:05:13 Output: dracut-cmdline.service|static| 2020-06-02 11:05:13 Output: dracut-initqueue.service|static| 2020-06-02 11:05:13 Output: dracut-mount.service|static| 2020-06-02 11:05:13 Output: dracut-pre-mount.service|static| 2020-06-02 11:05:13 Output: dracut-pre-pivot.service|static| 2020-06-02 11:05:13 Output: dracut-pre-trigger.service|static| 2020-06-02 11:05:13 Output: dracut-pre-udev.service|static| 2020-06-02 11:05:13 Output: dracut-shutdown.service|static| 2020-06-02 11:05:13 Output: ebtables.service|disabled| 2020-06-02 11:05:13 Output: emergency.service|static| 2020-06-02 11:05:13 Output: firewalld.service|disabled| 2020-06-02 11:05:13 Output: fprintd.service|static| 2020-06-02 11:05:13 Output: fstrim.service|static| 2020-06-02 11:05:13 Output: getty@.service|enabled| 2020-06-02 11:05:13 Output: gssproxy.service|disabled| 2020-06-02 11:05:13 Output: halt-local.service|static| 2020-06-02 11:05:13 Output: haproxy.service|enabled| 2020-06-02 11:05:13 Output: initrd-cleanup.service|static| 2020-06-02 11:05:13 Output: initrd-parse-etc.service|static| 2020-06-02 11:05:13 Output: initrd-switch-root.service|static| 2020-06-02 11:05:13 Output: initrd-udevadm-cleanup-db.service|static| 2020-06-02 11:05:13 Output: ipmi.service|enabled| 2020-06-02 11:05:13 Output: ipmievd.service|enabled| 2020-06-02 11:05:13 Output: iprdump.service|disabled| 2020-06-02 11:05:13 Output: iprinit.service|disabled| 2020-06-02 11:05:13 Output: iprupdate.service|disabled| 2020-06-02 11:05:13 Output: irqbalance.service|enabled| 2020-06-02 11:05:13 Output: iscsi-shutdown.service|static| 2020-06-02 11:05:13 Output: iscsi.service|enabled| 2020-06-02 11:05:13 Output: iscsid.service|disabled| 2020-06-02 11:05:13 Output: iscsiuio.service|disabled| 2020-06-02 11:05:13 Output: kdump.service|enabled| 2020-06-02 11:05:13 Output: kmod-static-nodes.service|static| 2020-06-02 11:05:13 Output: kpatch.service|disabled| 2020-06-02 11:05:13 Output: ksm.service|disabled| 2020-06-02 11:05:13 Output: ksmtuned.service|disabled| 2020-06-02 11:05:13 Output: libstoragemgmt.service|enabled| 2020-06-02 11:05:13 Output: libvirt-guests.service|disabled| 2020-06-02 11:05:13 Output: libvirtd.service|enabled| 2020-06-02 11:05:13 Output: lvm2-lvmetad.service|static| 2020-06-02 11:05:13 Output: lvm2-lvmpolld.service|static| 2020-06-02 11:05:13 Output: lvm2-monitor.service|enabled| 2020-06-02 11:05:13 Output: lvm2-pvscan@.service|static| 2020-06-02 11:05:13 Output: mdadm-grow-continue@.service|static| 2020-06-02 11:05:13 Output: mdadm-last-resort@.service|static| 2020-06-02 11:05:13 Output: mdmon@.service|static| 2020-06-02 11:05:13 Output: mdmonitor.service|enabled| 2020-06-02 11:05:13 Output: messagebus.service|static| 2020-06-02 11:05:13 Output: microcode.service|enabled| 2020-06-02 11:05:13 Output: netcf-transaction.service|disabled| 2020-06-02 11:05:13 Output: NetworkManager-dispatcher.service|enabled| 2020-06-02 11:05:13 Output: NetworkManager-wait-online.service|enabled| 2020-06-02 11:05:13 Output: NetworkManager.service|enabled| 2020-06-02 11:05:13 Output: nfs-blkmap.service|disabled| 2020-06-02 11:05:13 Output: nfs-config.service|static| 2020-06-02 11:05:13 Output: nfs-idmap.service|static| 2020-06-02 11:05:13 Output: nfs-idmapd.service|static| 2020-06-02 11:05:13 Output: nfs-lock.service|static| 2020-06-02 11:05:13 Output: nfs-mountd.service|static| 2020-06-02 11:05:13 Output: nfs-rquotad.service|disabled| 2020-06-02 11:05:13 Output: nfs-secure.service|static| 2020-06-02 11:05:13 Output: nfs-server.service|disabled| 2020-06-02 11:05:13 Output: nfs-utils.service|static| 2020-06-02 11:05:13 Output: nfs.service|disabled| 2020-06-02 11:05:13 Output: nfslock.service|static| 2020-06-02 11:05:13 Output: ntpdate.service|disabled| 2020-06-02 11:05:13 Output: numad.service|disabled| 2020-06-02 11:05:13 Output: plymouth-halt.service|disabled| 2020-06-02 11:05:13 Output: plymouth-kexec.service|disabled| 2020-06-02 11:05:13 Output: plymouth-poweroff.service|disabled| 2020-06-02 11:05:13 Output: plymouth-quit-wait.service|disabled| 2020-06-02 11:05:13 Output: plymouth-quit.service|disabled| 2020-06-02 11:05:13 Output: plymouth-read-write.service|disabled| 2020-06-02 11:05:13 Output: plymouth-reboot.service|disabled| 2020-06-02 11:05:13 Output: plymouth-start.service|disabled| 2020-06-02 11:05:14 Output: plymouth-switch-root.service|static| 2020-06-02 11:05:14 Output: polkit.service|static| 2020-06-02 11:05:14 Output: postfix.service|enabled| 2020-06-02 11:05:14 Output: psacct.service|disabled| 2020-06-02 11:05:14 Output: qemu-pr-helper.service|static| 2020-06-02 11:05:14 Output: quotaon.service|static| 2020-06-02 11:05:14 Output: radvd.service|disabled| 2020-06-02 11:05:14 Output: rc-local.service|static| 2020-06-02 11:05:14 Output: rdisc.service|disabled| 2020-06-02 11:05:14 Output: rdma-load-modules@.service|static| 2020-06-02 11:05:14 Output: rdma-ndd.service|static| 2020-06-02 11:05:14 Output: rdma.service|disabled| 2020-06-02 11:05:14 Output: rescue.service|static| 2020-06-02 11:05:14 Output: rhel-autorelabel-mark.service|disabled| 2020-06-02 11:05:14 Output: rhel-autorelabel.service|enabled| 2020-06-02 11:05:14 Output: rhel-configure.service|enabled| 2020-06-02 11:05:14 Output: rhel-dmesg.service|enabled| 2020-06-02 11:05:14 Output: rhel-domainname.service|enabled| 2020-06-02 11:05:14 Output: rhel-import-state.service|enabled| 2020-06-02 11:05:14 Output: rhel-loadmodules.service|enabled| 2020-06-02 11:05:14 Output: rhel-readonly.service|enabled| 2020-06-02 11:05:14 Output: rngd.service|enabled| 2020-06-02 11:05:14 Output: rpc-gssd.service|static| 2020-06-02 11:05:14 Output: rpc-rquotad.service|disabled| 2020-06-02 11:05:14 Output: rpc-statd-notify.service|static| 2020-06-02 11:05:14 Output: rpc-statd.service|static| 2020-06-02 11:05:14 Output: rpcbind.service|enabled| 2020-06-02 11:05:14 Output: rpcgssd.service|static| 2020-06-02 11:05:14 Output: rpcidmapd.service|static| 2020-06-02 11:05:14 Output: rsyncd.service|disabled| 2020-06-02 11:05:14 Output: rsyncd@.service|static| 2020-06-02 11:05:14 Output: rsyslog.service|enabled| 2020-06-02 11:05:14 Output: saslauthd.service|disabled| 2020-06-02 11:05:14 Output: selinux-policy-migrate-local-changes@.service|static| 2020-06-02 11:05:14 Output: serial-getty@.service|disabled| 2020-06-02 11:05:14 Output: smartd.service|enabled| 2020-06-02 11:05:14 Output: sshd-keygen.service|static| 2020-06-02 11:05:14 Output: sshd.service|enabled| 2020-06-02 11:05:14 Output: sshd@.service|static| 2020-06-02 11:05:14 Output: svnserve.service|disabled| 2020-06-02 11:05:14 Output: sysstat.service|enabled| 2020-06-02 11:05:14 Output: systemd-ask-password-console.service|static| 2020-06-02 11:05:14 Output: systemd-ask-password-plymouth.service|static| 2020-06-02 11:05:14 Output: systemd-ask-password-wall.service|static| 2020-06-02 11:05:14 Output: systemd-backlight@.service|static| 2020-06-02 11:05:14 Output: systemd-binfmt.service|static| 2020-06-02 11:05:14 Output: systemd-bootchart.service|disabled| 2020-06-02 11:05:14 Output: systemd-firstboot.service|static| 2020-06-02 11:05:14 Output: systemd-fsck-root.service|static| 2020-06-02 11:05:14 Output: systemd-fsck@.service|static| 2020-06-02 11:05:14 Output: systemd-halt.service|static| 2020-06-02 11:05:14 Output: systemd-hibernate-resume@.service|static| 2020-06-02 11:05:14 Output: systemd-hibernate.service|static| 2020-06-02 11:05:14 Output: systemd-hostnamed.service|static| 2020-06-02 11:05:14 Output: systemd-hwdb-update.service|static| 2020-06-02 11:05:14 Output: systemd-hybrid-sleep.service|static| 2020-06-02 11:05:14 Output: systemd-importd.service|static| 2020-06-02 11:05:14 Output: systemd-initctl.service|static| 2020-06-02 11:05:14 Output: systemd-journal-catalog-update.service|static| 2020-06-02 11:05:14 Output: systemd-journal-flush.service|static| 2020-06-02 11:05:14 Output: systemd-journald.service|static| 2020-06-02 11:05:14 Output: systemd-kexec.service|static| 2020-06-02 11:05:14 Output: systemd-localed.service|static| 2020-06-02 11:05:14 Output: systemd-logind.service|static| 2020-06-02 11:05:14 Output: systemd-machine-id-commit.service|static| 2020-06-02 11:05:14 Output: systemd-machined.service|static| 2020-06-02 11:05:14 Output: systemd-modules-load.service|static| 2020-06-02 11:05:14 Output: systemd-nspawn@.service|disabled| 2020-06-02 11:05:14 Output: systemd-poweroff.service|static| 2020-06-02 11:05:14 Output: systemd-quotacheck.service|static| 2020-06-02 11:05:14 Output: systemd-random-seed.service|static| 2020-06-02 11:05:14 Output: systemd-readahead-collect.service|enabled| 2020-06-02 11:05:14 Output: systemd-readahead-done.service|indirect| 2020-06-02 11:05:14 Output: systemd-readahead-drop.service|enabled| 2020-06-02 11:05:14 Output: systemd-readahead-replay.service|enabled| 2020-06-02 11:05:14 Output: systemd-reboot.service|static| 2020-06-02 11:05:14 Output: systemd-remount-fs.service|static| 2020-06-02 11:05:14 Output: systemd-rfkill@.service|static| 2020-06-02 11:05:14 Output: systemd-shutdownd.service|static| 2020-06-02 11:05:14 Output: systemd-suspend.service|static| 2020-06-02 11:05:14 Output: systemd-sysctl.service|static| 2020-06-02 11:05:14 Output: systemd-timedated.service|static| 2020-06-02 11:05:14 Output: systemd-tmpfiles-clean.service|static| 2020-06-02 11:05:14 Output: systemd-tmpfiles-setup-dev.service|static| 2020-06-02 11:05:14 Output: systemd-tmpfiles-setup.service|static| 2020-06-02 11:05:14 Output: systemd-udev-settle.service|static| 2020-06-02 11:05:14 Output: systemd-udev-trigger.service|static| 2020-06-02 11:05:14 Output: systemd-udevd.service|static| 2020-06-02 11:05:14 Output: systemd-update-done.service|static| 2020-06-02 11:05:14 Output: systemd-update-utmp-runlevel.service|static| 2020-06-02 11:05:14 Output: systemd-update-utmp.service|static| 2020-06-02 11:05:14 Output: systemd-user-sessions.service|static| 2020-06-02 11:05:14 Output: systemd-vconsole-setup.service|static| 2020-06-02 11:05:14 Output: tcsd.service|disabled| 2020-06-02 11:05:14 Output: teamd@.service|static| 2020-06-02 11:05:14 Output: trace-cmd.service|disabled| 2020-06-02 11:05:14 Output: tuned.service|enabled| 2020-06-02 11:05:14 Output: unbound-anchor.service|static| 2020-06-02 11:05:14 Output: usb_modeswitch@.service|static| 2020-06-02 11:05:14 Output: vbmcd.service|enabled| 2020-06-02 11:05:14 Output: virt-who.service|disabled| 2020-06-02 11:05:14 Output: virtlockd.service|indirect| 2020-06-02 11:05:14 Output: virtlogd.service|indirect| 2020-06-02 11:05:14 Output: wpa_supplicant.service|disabled| 2020-06-02 11:05:14 Output: -.slice|static| 2020-06-02 11:05:14 Output: machine.slice|static| 2020-06-02 11:05:14 Output: system.slice|static| 2020-06-02 11:05:14 Output: user-0.slice|static| 2020-06-02 11:05:14 Output: user.slice|static| 2020-06-02 11:05:14 Output: cvs.socket|disabled| 2020-06-02 11:05:14 Output: dbus.socket|static| 2020-06-02 11:05:14 Output: dm-event.socket|enabled| 2020-06-02 11:05:14 Output: iscsid.socket|enabled| 2020-06-02 11:05:14 Output: iscsiuio.socket|enabled| 2020-06-02 11:05:14 Output: lvm2-lvmetad.socket|enabled| 2020-06-02 11:05:14 Output: lvm2-lvmpolld.socket|enabled| 2020-06-02 11:05:14 Output: qemu-pr-helper.socket|disabled| 2020-06-02 11:05:14 Output: rpcbind.socket|enabled| 2020-06-02 11:05:14 Output: rsyncd.socket|disabled| 2020-06-02 11:05:14 Output: sshd.socket|disabled| 2020-06-02 11:05:14 Output: syslog.socket|static| 2020-06-02 11:05:14 Output: systemd-initctl.socket|static| 2020-06-02 11:05:14 Output: systemd-journald.socket|static| 2020-06-02 11:05:14 Output: systemd-shutdownd.socket|static| 2020-06-02 11:05:14 Output: systemd-udevd-control.socket|static| 2020-06-02 11:05:14 Output: systemd-udevd-kernel.socket|static| 2020-06-02 11:05:14 Output: virtlockd-admin.socket|disabled| 2020-06-02 11:05:14 Output: virtlockd.socket|enabled| 2020-06-02 11:05:14 Output: virtlogd-admin.socket|disabled| 2020-06-02 11:05:14 Output: virtlogd.socket|enabled| 2020-06-02 11:05:14 Output: basic.target|static| 2020-06-02 11:05:14 Output: bluetooth.target|static| 2020-06-02 11:05:14 Output: cryptsetup-pre.target|static| 2020-06-02 11:05:14 Output: cryptsetup.target|static| 2020-06-02 11:05:14 Output: ctrl-alt-del.target|disabled| 2020-06-02 11:05:14 Output: cvs.target|static| 2020-06-02 11:05:14 Output: default.target|enabled| 2020-06-02 11:05:14 Output: emergency.target|static| 2020-06-02 11:05:14 Output: final.target|static| 2020-06-02 11:05:14 Output: getty-pre.target|static| 2020-06-02 11:05:14 Output: getty.target|static| 2020-06-02 11:05:14 Output: graphical.target|static| 2020-06-02 11:05:14 Output: halt.target|disabled| 2020-06-02 11:05:14 Output: hibernate.target|static| 2020-06-02 11:05:14 Output: hybrid-sleep.target|static| 2020-06-02 11:05:14 Output: initrd-fs.target|static| 2020-06-02 11:05:14 Output: initrd-root-fs.target|static| 2020-06-02 11:05:14 Output: initrd-switch-root.target|static| 2020-06-02 11:05:14 Output: initrd.target|static| 2020-06-02 11:05:14 Output: iprutils.target|disabled| 2020-06-02 11:05:14 Output: kexec.target|disabled| 2020-06-02 11:05:14 Output: local-fs-pre.target|static| 2020-06-02 11:05:14 Output: local-fs.target|static| 2020-06-02 11:05:14 Output: machines.target|disabled| 2020-06-02 11:05:14 Output: multi-user.target|enabled| 2020-06-02 11:05:14 Output: network-online.target|static| 2020-06-02 11:05:14 Output: network-pre.target|static| 2020-06-02 11:05:14 Output: network.target|static| 2020-06-02 11:05:14 Output: nfs-client.target|enabled| 2020-06-02 11:05:14 Output: nss-lookup.target|static| 2020-06-02 11:05:14 Output: nss-user-lookup.target|static| 2020-06-02 11:05:14 Output: paths.target|static| 2020-06-02 11:05:14 Output: poweroff.target|disabled| 2020-06-02 11:05:14 Output: printer.target|static| 2020-06-02 11:05:14 Output: rdma-hw.target|static| 2020-06-02 11:05:14 Output: reboot.target|disabled| 2020-06-02 11:05:14 Output: remote-cryptsetup.target|disabled| 2020-06-02 11:05:14 Output: remote-fs-pre.target|static| 2020-06-02 11:05:14 Output: remote-fs.target|enabled| 2020-06-02 11:05:14 Output: rescue.target|disabled| 2020-06-02 11:05:14 Output: rpc_pipefs.target|static| 2020-06-02 11:05:14 Output: rpcbind.target|static| 2020-06-02 11:05:14 Output: runlevel0.target|disabled| 2020-06-02 11:05:14 Output: runlevel1.target|disabled| 2020-06-02 11:05:14 Output: runlevel2.target|enabled| 2020-06-02 11:05:14 Output: runlevel3.target|enabled| 2020-06-02 11:05:14 Output: runlevel4.target|enabled| 2020-06-02 11:05:14 Output: runlevel5.target|static| 2020-06-02 11:05:14 Output: runlevel6.target|disabled| 2020-06-02 11:05:14 Output: shutdown.target|static| 2020-06-02 11:05:14 Output: sigpwr.target|static| 2020-06-02 11:05:14 Output: sleep.target|static| 2020-06-02 11:05:14 Output: slices.target|static| 2020-06-02 11:05:14 Output: smartcard.target|static| 2020-06-02 11:05:14 Output: sockets.target|static| 2020-06-02 11:05:14 Output: sound.target|static| 2020-06-02 11:05:14 Output: suspend.target|static| 2020-06-02 11:05:14 Output: swap.target|static| 2020-06-02 11:05:14 Output: sysinit.target|static| 2020-06-02 11:05:14 Output: system-update.target|static| 2020-06-02 11:05:14 Output: time-sync.target|static| 2020-06-02 11:05:14 Output: timers.target|static| 2020-06-02 11:05:14 Output: umount.target|static| 2020-06-02 11:05:14 Output: virt-guest-shutdown.target|static| 2020-06-02 11:05:14 Output: chrony-dnssrv@.timer|disabled| 2020-06-02 11:05:14 Output: fstrim.timer|disabled| 2020-06-02 11:05:14 Output: mdadm-last-resort@.timer|static| 2020-06-02 11:05:14 Output: systemd-readahead-done.timer|indirect| 2020-06-02 11:05:14 Output: systemd-tmpfiles-clean.timer|static| 2020-06-02 11:05:14 Output: unbound-anchor.timer|enabled| 2020-06-02 11:05:14 ==== 2020-06-02 11:05:14 Performing test ID PLGN-3806 (Gather failed systemd units) 2020-06-02 11:05:14 ==== 2020-06-02 11:05:14 Performing test ID PLGN-3808 (Gather systemd machine ID) 2020-06-02 11:05:14 Result: found machine ID: 9fe0a26cbda6407bab883d439fceb8f4 2020-06-02 11:05:14 ==== 2020-06-02 11:05:14 Performing test ID PLGN-3810 (Query main systemd binaries) 2020-06-02 11:05:14 Result: found systemd binaries in /usr/lib/systemd 2020-06-02 11:05:14 ==== 2020-06-02 11:05:14 Performing test ID PLGN-3812 (Query journal for boot related information) 2020-06-02 11:05:14 Output: number of boots listed in journal is 1 2020-06-02 11:05:14 Output: oldest boot date in journal is 2020-06-02 2020-06-02 11:05:14 ==== 2020-06-02 11:05:14 Performing test ID PLGN-3814 (Verify journal integrity) 2020-06-02 11:05:14 Result: systemd journal has no errors 2020-06-02 11:05:14 ==== 2020-06-02 11:05:14 Performing test ID PLGN-3816 (Query journal for boot related information) 2020-06-02 11:05:14 Result: journals are 8.0M in size 2020-06-02 11:05:14 ==== 2020-06-02 11:05:14 Performing test ID PLGN-3818 (Query journal meta data) 2020-06-02 11:05:14 ==== 2020-06-02 11:05:14 Performing test ID PLGN-3820 (Check for journal FSS configuration) 2020-06-02 11:05:14 ==== 2020-06-02 11:05:14 Performing test ID PLGN-3830 (Query systemd status) 2020-06-02 11:05:14 Result: found systemd status = degraded 2020-06-02 11:05:14 ==== 2020-06-02 11:05:14 Performing test ID PLGN-3832 (Query systemd status for processes which can not be found) 2020-06-02 11:05:14 ==== 2020-06-02 11:05:14 Performing test ID PLGN-3834 (Collect service units which can not be found in systemd) 2020-06-02 11:05:14 Result: found one or more services with faulty state 2020-06-02 11:05:14 Result: service seems to be faulty (not-found) apparmor.service 2020-06-02 11:05:14 Result: service seems to be faulty (not-found) display-manager.service 2020-06-02 11:05:14 Result: service seems to be faulty (not-found) exim.service 2020-06-02 11:05:14 Result: service seems to be faulty (not-found) ip6tables.service 2020-06-02 11:05:14 Result: service seems to be faulty (not-found) iptables.service 2020-06-02 11:05:14 Result: service seems to be faulty (not-found) livesys.service 2020-06-02 11:05:14 Result: service seems to be faulty (not-found) lvm2-activation-early.service 2020-06-02 11:05:14 Result: service seems to be faulty (not-found) lvm2-activation.service 2020-06-02 11:05:14 Result: service seems to be faulty (not-found) nfs-secure-server.service 2020-06-02 11:05:14 Result: service seems to be faulty (not-found) ntpd.service 2020-06-02 11:05:14 Result: service seems to be faulty (not-found) sendmail.service 2020-06-02 11:05:14 Result: service seems to be faulty (not-found) sntp.service 2020-06-02 11:05:14 Result: service seems to be faulty (not-found) syslog.service 2020-06-02 11:05:14 Result: service seems to be faulty (not-found) systemd-sysusers.service 2020-06-02 11:05:14 Result: service seems to be faulty (not-found) systemd-timesyncd.service 2020-06-02 11:05:14 Result: service seems to be faulty (not-found) ypbind.service 2020-06-02 11:05:14 Result: service seems to be faulty (not-found) yppasswdd.service 2020-06-02 11:05:14 Result: service seems to be faulty (not-found) ypserv.service 2020-06-02 11:05:14 Result: service seems to be faulty (not-found) ypxfrd.service 2020-06-02 11:05:14 ==== 2020-06-02 11:05:14 Performing test ID PLGN-3856 (Check if systemd-coredump is used) 2020-06-02 11:05:14 ==== 2020-06-02 11:05:14 Performing test ID PLGN-3860 (Query coredumps from journals since Yesterday) 2020-06-02 11:05:14 Result: found no coredumps 2020-06-02 11:05:14 ==== 2020-06-02 11:05:14 Result: systemd plugin (phase 1) finished 2020-06-02 11:05:14 -- 2020-06-02 11:05:14 Result: Found 2 plugins of which 2 are enabled 2020-06-02 11:05:14 Result: Plugins phase 1 finished 2020-06-02 11:05:14 ==== 2020-06-02 11:05:14 Result: No eth0 found (ether found), using first network interface to determine hostid (with ifconfig) 2020-06-02 11:05:14 Info: using hardware address ac:1f:6b:7b:ea:31 to create ID 2020-06-02 11:05:14 Result: Found HostID: 8fc2876dd95493f695d6b7ad19366901cdb59dc2 2020-06-02 11:05:14 Info: creating a HostID (version 2) 2020-06-02 11:05:14 Result: found file ssh_host_ed25519_key.pub in /etc/ssh, using that to create host identifier 2020-06-02 11:05:14 Using SSH public key to create the second host identifier 2020-06-02 11:05:14 Hash (hostname): 9e20ea6a5e6ea4c4b15f3ae58bc7f45c60ea1c5087b8b574510091191fd0a8a5 2020-06-02 11:05:14 Hash (ssh or machineid): 8b0831ca5c4895fb6d46438186b5c4aa93d52574924901abaf9a7710bdbca159 2020-06-02 11:05:14 Info: found valid HostID 8fc2876dd95493f695d6b7ad19366901cdb59dc2 2020-06-02 11:05:14 Info: no machine ID found 2020-06-02 11:05:14 ==== 2020-06-02 11:05:14 Info: perform tests from all categories 2020-06-02 11:05:14 Security check: file is normal 2020-06-02 11:05:14 Checking permissions of /root/blueval/lynis/include/tests_boot_services 2020-06-02 11:05:14 File permissions are OK 2020-06-02 11:05:14 ==== 2020-06-02 11:05:14 Action: Performing tests from category: Boot and services 2020-06-02 11:05:14 ==== 2020-06-02 11:05:14 Skipped test BOOT-5102 (Check for AIX boot device) 2020-06-02 11:05:14 Reason to skip: Incorrect guest OS (AIX only) 2020-06-02 11:05:14 ==== 2020-06-02 11:05:15 Performing test ID BOOT-5104 (Determine service manager) 2020-06-02 11:05:15 Result: cmdline found = /usr/lib/systemd/systemd --switched-root --system --deserialize 22 2020-06-02 11:05:15 Result: file on disk = /usr/lib/systemd/systemd 2020-06-02 11:05:15 Found: systemd 2020-06-02 11:05:15 Result: service manager found = systemd 2020-06-02 11:05:15 ==== 2020-06-02 11:05:15 Skipped test BOOT-5106 (Check EFI boot file on Mac OS X/macOS) 2020-06-02 11:05:15 Reason to skip: Incorrect guest OS (macOS only) 2020-06-02 11:05:15 ==== 2020-06-02 11:05:15 Performing test ID BOOT-5108 (Check Syslinux as bootloader) 2020-06-02 11:05:15 Test: checking if file /boot/syslinux/syslinux.cfg exists 2020-06-02 11:05:15 Result: file /boot/syslinux/syslinux.cfg NOT found 2020-06-02 11:05:15 ==== 2020-06-02 11:05:15 Performing test ID BOOT-5109 (Check rEFInd as bootloader) 2020-06-02 11:05:15 Test: checking if file /boot/refind_linux.conf exists 2020-06-02 11:05:15 Result: file /boot/refind_linux.conf NOT found 2020-06-02 11:05:15 ==== 2020-06-02 11:05:15 Performing test ID BOOT-5116 (Check if system is booted in UEFI mode) 2020-06-02 11:05:15 Test: checking if UEFI is used 2020-06-02 11:05:15 Result: UEFI not used, can't find /sys/firmware/efi directory 2020-06-02 11:05:15 Test: determine if Secure Boot is used 2020-06-02 11:05:15 Result: system not booted with Secure Boot (no SecureBoot file found) 2020-06-02 11:05:15 ==== 2020-06-02 11:05:15 Skipped test BOOT-5117 (Check for systemd-boot bootloader presence) 2020-06-02 11:05:15 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:15 ==== 2020-06-02 11:05:15 Performing test ID BOOT-5121 (Check for GRUB boot loader presence) 2020-06-02 11:05:15 Test: Checking for presence GRUB conf file (/boot/grub/grub.conf or /boot/grub/menu.lst) 2020-06-02 11:05:15 Result: found GRUB2 configuration file (/boot/grub2/grub.cfg) 2020-06-02 11:05:15 ==== 2020-06-02 11:05:15 Performing test ID BOOT-5122 (Check for GRUB boot password) 2020-06-02 11:05:15 Found file /boot/grub2/grub.cfg, proceeding with tests. 2020-06-02 11:05:15 Test: check if we can access /boot/grub2/grub.cfg (escaped: /boot/grub2/grub.cfg) 2020-06-02 11:05:15 Result: file is owned by our current user ID (0), checking if it is readable 2020-06-02 11:05:15 Result: file /boot/grub2/grub.cfg is readable (or directory accessible). 2020-06-02 11:05:15 Result: File '/boot/grub/custom.cfg' does not exist 2020-06-02 11:05:15 Found file /etc/grub.d/00_header, proceeding with tests. 2020-06-02 11:05:15 Test: check if we can access /etc/grub.d/00_header (escaped: /etc/grub.d/00_header) 2020-06-02 11:05:15 Result: file is owned by our current user ID (0), checking if it is readable 2020-06-02 11:05:15 Result: file /etc/grub.d/00_header is readable (or directory accessible). 2020-06-02 11:05:15 Result: did not find hashed password line in this file 2020-06-02 11:05:15 Found file /etc/grub.d/01_users, proceeding with tests. 2020-06-02 11:05:15 Test: check if we can access /etc/grub.d/01_users (escaped: /etc/grub.d/01_users) 2020-06-02 11:05:15 Result: file is owned by our current user ID (0), checking if it is readable 2020-06-02 11:05:15 Result: file /etc/grub.d/01_users is readable (or directory accessible). 2020-06-02 11:05:15 Found file /etc/grub.d/10_linux, proceeding with tests. 2020-06-02 11:05:15 Test: check if we can access /etc/grub.d/10_linux (escaped: /etc/grub.d/10_linux) 2020-06-02 11:05:15 Result: file is owned by our current user ID (0), checking if it is readable 2020-06-02 11:05:15 Result: file /etc/grub.d/10_linux is readable (or directory accessible). 2020-06-02 11:05:15 Result: did not find hashed password line in this file 2020-06-02 11:05:15 Found file /etc/grub.d/20_linux_xen, proceeding with tests. 2020-06-02 11:05:15 Test: check if we can access /etc/grub.d/20_linux_xen (escaped: /etc/grub.d/20_linux_xen) 2020-06-02 11:05:15 Result: file is owned by our current user ID (0), checking if it is readable 2020-06-02 11:05:15 Result: file /etc/grub.d/20_linux_xen is readable (or directory accessible). 2020-06-02 11:05:15 Result: did not find hashed password line in this file 2020-06-02 11:05:15 Found file /etc/grub.d/20_ppc_terminfo, proceeding with tests. 2020-06-02 11:05:15 Test: check if we can access /etc/grub.d/20_ppc_terminfo (escaped: /etc/grub.d/20_ppc_terminfo) 2020-06-02 11:05:15 Result: file is owned by our current user ID (0), checking if it is readable 2020-06-02 11:05:15 Result: file /etc/grub.d/20_ppc_terminfo is readable (or directory accessible). 2020-06-02 11:05:15 Result: did not find hashed password line in this file 2020-06-02 11:05:15 Found file /etc/grub.d/30_os-prober, proceeding with tests. 2020-06-02 11:05:15 Test: check if we can access /etc/grub.d/30_os-prober (escaped: /etc/grub.d/30_os-prober) 2020-06-02 11:05:15 Result: file is owned by our current user ID (0), checking if it is readable 2020-06-02 11:05:15 Result: file /etc/grub.d/30_os-prober is readable (or directory accessible). 2020-06-02 11:05:15 Result: did not find hashed password line in this file 2020-06-02 11:05:15 Found file /etc/grub.d/40_custom, proceeding with tests. 2020-06-02 11:05:15 Test: check if we can access /etc/grub.d/40_custom (escaped: /etc/grub.d/40_custom) 2020-06-02 11:05:15 Result: file is owned by our current user ID (0), checking if it is readable 2020-06-02 11:05:15 Result: file /etc/grub.d/40_custom is readable (or directory accessible). 2020-06-02 11:05:15 Result: did not find hashed password line in this file 2020-06-02 11:05:15 Found file /etc/grub.d/41_custom, proceeding with tests. 2020-06-02 11:05:15 Test: check if we can access /etc/grub.d/41_custom (escaped: /etc/grub.d/41_custom) 2020-06-02 11:05:15 Result: file is owned by our current user ID (0), checking if it is readable 2020-06-02 11:05:15 Result: file /etc/grub.d/41_custom is readable (or directory accessible). 2020-06-02 11:05:15 Result: did not find hashed password line in this file 2020-06-02 11:05:15 Found file /etc/grub.d/00_tuned, proceeding with tests. 2020-06-02 11:05:15 Test: check if we can access /etc/grub.d/00_tuned (escaped: /etc/grub.d/00_tuned) 2020-06-02 11:05:15 Result: file is owned by our current user ID (0), checking if it is readable 2020-06-02 11:05:15 Result: file /etc/grub.d/00_tuned is readable (or directory accessible). 2020-06-02 11:05:15 Result: did not find hashed password line in this file 2020-06-02 11:05:15 Result: GRUB has password protection. 2020-06-02 11:05:15 Hardening: assigned maximum number of hardening points for this item (4). Currently having 4 points (out of 4) 2020-06-02 11:05:15 ==== 2020-06-02 11:05:15 Skipped test BOOT-5124 (Check for FreeBSD boot loader presence) 2020-06-02 11:05:15 Reason to skip: Incorrect guest OS (FreeBSD only) 2020-06-02 11:05:15 ==== 2020-06-02 11:05:15 Skipped test BOOT-5261 (Check for DragonFly boot loader presence) 2020-06-02 11:05:15 Reason to skip: Incorrect guest OS (DragonFly only) 2020-06-02 11:05:15 ==== 2020-06-02 11:05:15 Skipped test BOOT-5126 (Check for NetBSD boot loader presence) 2020-06-02 11:05:15 Reason to skip: Incorrect guest OS (NetBSD only) 2020-06-02 11:05:15 ==== 2020-06-02 11:05:15 Performing test ID BOOT-5139 (Check for LILO boot loader presence) 2020-06-02 11:05:15 Test: checking for presence LILO configuration file 2020-06-02 11:05:15 Result: LILO configuration file not found 2020-06-02 11:05:15 ==== 2020-06-02 11:05:15 Performing test ID BOOT-5142 (Check SPARC Improved boot loader (SILO)) 2020-06-02 11:05:15 Result: no SILO configuration file found. 2020-06-02 11:05:15 ==== 2020-06-02 11:05:15 Performing test ID BOOT-5155 (Check for YABOOT boot loader configuration file) 2020-06-02 11:05:15 Test: Check for /etc/yaboot.conf 2020-06-02 11:05:15 Result: no YABOOT configuration file found. 2020-06-02 11:05:15 ==== 2020-06-02 11:05:15 Skipped test BOOT-5159 (Check for OpenBSD boot loader presence) 2020-06-02 11:05:15 Reason to skip: Incorrect guest OS (OpenBSD only) 2020-06-02 11:05:15 ==== 2020-06-02 11:05:15 Skipped test BOOT-5165 (Check for FreeBSD boot services) 2020-06-02 11:05:15 Reason to skip: Incorrect guest OS (FreeBSD only) 2020-06-02 11:05:15 ==== 2020-06-02 11:05:15 Performing test ID BOOT-5177 (Check for Linux boot and running services) 2020-06-02 11:05:15 Test: checking presence systemctl binary 2020-06-02 11:05:15 Result: systemctl binary found, trying that to discover information 2020-06-02 11:05:15 Searching for running services (systemctl services only) 2020-06-02 11:05:15 Found running service: abrt-oops 2020-06-02 11:05:15 Found running service: abrtd 2020-06-02 11:05:15 Found running service: atd 2020-06-02 11:05:15 Found running service: auditd 2020-06-02 11:05:15 Found running service: chronyd 2020-06-02 11:05:15 Found running service: crond 2020-06-02 11:05:15 Found running service: dbus 2020-06-02 11:05:15 Found running service: dnsmasq 2020-06-02 11:05:15 Found running service: getty@tty1 2020-06-02 11:05:15 Found running service: gssproxy 2020-06-02 11:05:15 Found running service: ipmievd 2020-06-02 11:05:15 Found running service: irqbalance 2020-06-02 11:05:15 Found running service: libstoragemgmt 2020-06-02 11:05:15 Found running service: libvirtd 2020-06-02 11:05:15 Found running service: lvm2-lvmetad 2020-06-02 11:05:15 Found running service: NetworkManager 2020-06-02 11:05:15 Found running service: polkit 2020-06-02 11:05:15 Found running service: postfix 2020-06-02 11:05:15 Found running service: rngd 2020-06-02 11:05:15 Found running service: rpcbind 2020-06-02 11:05:15 Found running service: rsyslog 2020-06-02 11:05:15 Found running service: smartd 2020-06-02 11:05:15 Found running service: sshd 2020-06-02 11:05:15 Found running service: systemd-journald 2020-06-02 11:05:15 Found running service: systemd-logind 2020-06-02 11:05:15 Found running service: systemd-machined 2020-06-02 11:05:15 Found running service: systemd-udevd 2020-06-02 11:05:15 Found running service: tuned 2020-06-02 11:05:15 Found running service: vbmcd 2020-06-02 11:05:15 Found running service: virtlogd 2020-06-02 11:05:15 Hint: Run systemctl --full --type=service to see all services 2020-06-02 11:05:15 Result: Found 30 running services 2020-06-02 11:05:15 Searching for enabled services (systemctl services only) 2020-06-02 11:05:15 Found enabled service at boot: abrt-ccpp 2020-06-02 11:05:15 Found enabled service at boot: abrtd 2020-06-02 11:05:15 Found enabled service at boot: abrt-oops 2020-06-02 11:05:15 Found enabled service at boot: abrt-vmcore 2020-06-02 11:05:15 Found enabled service at boot: abrt-xorg 2020-06-02 11:05:15 Found enabled service at boot: atd 2020-06-02 11:05:15 Found enabled service at boot: auditd 2020-06-02 11:05:15 Found enabled service at boot: autovt@ 2020-06-02 11:05:15 Found enabled service at boot: chronyd 2020-06-02 11:05:15 Found enabled service at boot: crond 2020-06-02 11:05:15 Found enabled service at boot: dbus-org.freedesktop.NetworkManager 2020-06-02 11:05:15 Found enabled service at boot: dbus-org.freedesktop.nm-dispatcher 2020-06-02 11:05:15 Found enabled service at boot: dmraid-activation 2020-06-02 11:05:15 Found enabled service at boot: dnsmasq 2020-06-02 11:05:15 Found enabled service at boot: getty@ 2020-06-02 11:05:15 Found enabled service at boot: haproxy 2020-06-02 11:05:15 Found enabled service at boot: ipmievd 2020-06-02 11:05:15 Found enabled service at boot: ipmi 2020-06-02 11:05:15 Found enabled service at boot: irqbalance 2020-06-02 11:05:15 Found enabled service at boot: iscsi 2020-06-02 11:05:15 Found enabled service at boot: kdump 2020-06-02 11:05:15 Found enabled service at boot: libstoragemgmt 2020-06-02 11:05:15 Found enabled service at boot: libvirtd 2020-06-02 11:05:15 Found enabled service at boot: lvm2-monitor 2020-06-02 11:05:15 Found enabled service at boot: mdmonitor 2020-06-02 11:05:15 Found enabled service at boot: microcode 2020-06-02 11:05:15 Found enabled service at boot: NetworkManager-dispatcher 2020-06-02 11:05:15 Found enabled service at boot: NetworkManager 2020-06-02 11:05:15 Found enabled service at boot: NetworkManager-wait-online 2020-06-02 11:05:15 Found enabled service at boot: postfix 2020-06-02 11:05:15 Found enabled service at boot: rhel-autorelabel 2020-06-02 11:05:15 Found enabled service at boot: rhel-configure 2020-06-02 11:05:15 Found enabled service at boot: rhel-dmesg 2020-06-02 11:05:15 Found enabled service at boot: rhel-domainname 2020-06-02 11:05:15 Found enabled service at boot: rhel-import-state 2020-06-02 11:05:15 Found enabled service at boot: rhel-loadmodules 2020-06-02 11:05:15 Found enabled service at boot: rhel-readonly 2020-06-02 11:05:15 Found enabled service at boot: rngd 2020-06-02 11:05:15 Found enabled service at boot: rpcbind 2020-06-02 11:05:15 Found enabled service at boot: rsyslog 2020-06-02 11:05:15 Found enabled service at boot: smartd 2020-06-02 11:05:15 Found enabled service at boot: sshd 2020-06-02 11:05:15 Found enabled service at boot: sysstat 2020-06-02 11:05:15 Found enabled service at boot: systemd-readahead-collect 2020-06-02 11:05:15 Found enabled service at boot: systemd-readahead-drop 2020-06-02 11:05:15 Found enabled service at boot: systemd-readahead-replay 2020-06-02 11:05:15 Found enabled service at boot: tuned 2020-06-02 11:05:15 Found enabled service at boot: vbmcd 2020-06-02 11:05:15 Hint: Run systemctl list-unit-files --type=service to see all services 2020-06-02 11:05:15 Result: Found 48 enabled services 2020-06-02 11:05:15 ==== 2020-06-02 11:05:15 Skipped test BOOT-5180 (Check for Linux boot services (Debian style)) 2020-06-02 11:05:15 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:15 ==== 2020-06-02 11:05:15 Performing test ID BOOT-5184 (Check permissions for boot files/scripts) 2020-06-02 11:05:15 Result: checking /etc/init.d scripts for writable bit 2020-06-02 11:05:15 Test: checking if directory /etc/init.d exists 2020-06-02 11:05:15 Result: directory /etc/init.d found 2020-06-02 11:05:15 Test: checking for available files in directory 2020-06-02 11:05:15 Result: found no files in directory. 2020-06-02 11:05:15 Test: checking if directory /etc/rc.d exists 2020-06-02 11:05:15 Result: directory /etc/rc.d found 2020-06-02 11:05:15 Test: checking for available files in directory 2020-06-02 11:05:15 Result: found files in directory, checking permissions now 2020-06-02 11:05:15 Test: checking permissions of file /etc/rc.d/init.d/functions 2020-06-02 11:05:15 Result: good, file /etc/rc.d/init.d/functions not world writable 2020-06-02 11:05:15 Test: checking permissions of file /etc/rc.d/init.d/netconsole 2020-06-02 11:05:16 Result: good, file /etc/rc.d/init.d/netconsole not world writable 2020-06-02 11:05:16 Test: checking permissions of file /etc/rc.d/init.d/network 2020-06-02 11:05:16 Result: good, file /etc/rc.d/init.d/network not world writable 2020-06-02 11:05:16 Test: checking permissions of file /etc/rc.d/init.d/README 2020-06-02 11:05:16 Result: good, file /etc/rc.d/init.d/README not world writable 2020-06-02 11:05:16 Test: checking permissions of file /etc/rc.d/rc.local 2020-06-02 11:05:16 Result: good, file /etc/rc.d/rc.local not world writable 2020-06-02 11:05:16 Test: checking if directory /etc/rcS.d exists 2020-06-02 11:05:16 Result: directory /etc/rcS.d not found. Skipping.. 2020-06-02 11:05:16 Test: Checking /etc/rc0.d scripts for writable bit 2020-06-02 11:05:16 Test: Checking /etc/rc1.d scripts for writable bit 2020-06-02 11:05:16 Test: Checking /etc/rc2.d scripts for writable bit 2020-06-02 11:05:16 Test: Checking /etc/rc3.d scripts for writable bit 2020-06-02 11:05:16 Test: Checking /etc/rc4.d scripts for writable bit 2020-06-02 11:05:16 Test: Checking /etc/rc5.d scripts for writable bit 2020-06-02 11:05:16 Test: Checking /etc/rc6.d scripts for writable bit 2020-06-02 11:05:16 Action: checking symlink for file /etc/rc.local 2020-06-02 11:05:16 Note: Using real readlink binary to determine symlink on /etc/rc.local 2020-06-02 11:05:16 Result: readlink shows /etc/rc.d/rc.local as output 2020-06-02 11:05:16 Result: symlink found, pointing to file /etc/rc.d/rc.local 2020-06-02 11:05:16 Result: found the path behind this symlink (/etc/rc.d/rc.local --> /etc/rc.local) 2020-06-02 11:05:16 Test: Checking /etc/rc.d/rc.local file for writable bit 2020-06-02 11:05:16 Result: good, file /etc/rc.d/rc.local not world writable 2020-06-02 11:05:16 Hardening: assigned maximum number of hardening points for this item (3). Currently having 7 points (out of 7) 2020-06-02 11:05:16 ==== 2020-06-02 11:05:16 Performing test ID BOOT-5202 (Check uptime of system) 2020-06-02 11:05:16 Uptime (in seconds): 6613 2020-06-02 11:05:16 Uptime (in days): 0 2020-06-02 11:05:16 ==== 2020-06-02 11:05:16 Performing test ID BOOT-5260 (Check single user mode for systemd) 2020-06-02 11:05:16 Test: Searching /usr/lib/systemd/system/rescue.service 2020-06-02 11:05:16 Result: file /usr/lib/systemd/system/rescue.service 2020-06-02 11:05:16 Test: checking presence sulogin for single user mode 2020-06-02 11:05:16 Result: found sulogin, so single user is protected 2020-06-02 11:05:16 Hardening: assigned maximum number of hardening points for this item (3). Currently having 10 points (out of 10) 2020-06-02 11:05:16 ==== 2020-06-02 11:05:16 Skipped test BOOT-5262 (Check for OpenBSD boot daemons) 2020-06-02 11:05:16 Reason to skip: Incorrect guest OS (OpenBSD only) 2020-06-02 11:05:16 ==== 2020-06-02 11:05:16 Skipped test BOOT-5263 (Check permissions for boot files/scripts) 2020-06-02 11:05:16 Reason to skip: Incorrect guest OS (OpenBSD only) 2020-06-02 11:05:16 ==== 2020-06-02 11:05:16 Skipped test BOOT-5264 (Run systemd-analyze security) 2020-06-02 11:05:16 Reason to skip: systemd-analyze too old (v219), need at least v240 2020-06-02 11:05:16 Security check: file is normal 2020-06-02 11:05:16 Checking permissions of /root/blueval/lynis/include/tests_kernel 2020-06-02 11:05:16 File permissions are OK 2020-06-02 11:05:16 ==== 2020-06-02 11:05:16 Action: Performing tests from category: Kernel 2020-06-02 11:05:16 ==== 2020-06-02 11:05:16 Performing test ID KRNL-5622 (Determine Linux default run level) 2020-06-02 11:05:16 Test: Checking for systemd default.target 2020-06-02 11:05:16 Result: symlink found 2020-06-02 11:05:16 Result: No match found on runlevel, defaulting to runlevel 3 2020-06-02 11:05:16 ==== 2020-06-02 11:05:16 Performing test ID KRNL-5677 (Check CPU options and support) 2020-06-02 11:05:16 Test: Checking /proc/cpuinfo 2020-06-02 11:05:16 Result: found /proc/cpuinfo 2020-06-02 11:05:16 Test: Checking CPU options (XD/NX/PAE) 2020-06-02 11:05:16 PAE: Yes 2020-06-02 11:05:16 NX: Yes 2020-06-02 11:05:16 Result: PAE or No eXecute option(s) both found 2020-06-02 11:05:16 ==== 2020-06-02 11:05:16 Performing test ID KRNL-5695 (Determine Linux kernel version and release number) 2020-06-02 11:05:16 Result: found kernel release 3.10.0-957.10.1.el7.x86_64 2020-06-02 11:05:16 Result: found kernel version #1 SMP Mon Mar 18 15:06:45 UTC 2019 2020-06-02 11:05:16 ==== 2020-06-02 11:05:16 Performing test ID KRNL-5723 (Determining if Linux kernel is monolithic) 2020-06-02 11:05:16 Test: checking if kernel is monolithic or modular 2020-06-02 11:05:16 Result: Found modular kernel 2020-06-02 11:05:16 ==== 2020-06-02 11:05:16 Performing test ID KRNL-5726 (Checking Linux loaded kernel modules) 2020-06-02 11:05:16 Loaded modules according lsmod: 2020-06-02 11:05:16 Loaded module: ablk_helper 2020-06-02 11:05:16 Loaded module: acpi_pad 2020-06-02 11:05:16 Loaded module: aesni_intel 2020-06-02 11:05:16 Loaded module: ahci 2020-06-02 11:05:16 Loaded module: ast 2020-06-02 11:05:16 Loaded module: bridge 2020-06-02 11:05:16 Loaded module: coretemp 2020-06-02 11:05:16 Loaded module: crc32c_intel 2020-06-02 11:05:16 Loaded module: crc32_pclmul 2020-06-02 11:05:16 Loaded module: crc_t10dif 2020-06-02 11:05:16 Loaded module: crct10dif_common 2020-06-02 11:05:16 Loaded module: crct10dif_generic 2020-06-02 11:05:16 Loaded module: crct10dif_pclmul 2020-06-02 11:05:16 Loaded module: cryptd 2020-06-02 11:05:16 Loaded module: dca 2020-06-02 11:05:16 Loaded module: devlink 2020-06-02 11:05:16 Loaded module: dm_log 2020-06-02 11:05:16 Loaded module: dm_mirror 2020-06-02 11:05:16 Loaded module: dm_mod 2020-06-02 11:05:16 Loaded module: dm_region_hash 2020-06-02 11:05:16 Loaded module: drm 2020-06-02 11:05:16 Loaded module: drm_kms_helper 2020-06-02 11:05:16 Loaded module: drm_panel_orientation_quirks 2020-06-02 11:05:16 Loaded module: ebtable_filter 2020-06-02 11:05:16 Loaded module: ebtables 2020-06-02 11:05:16 Loaded module: fb_sys_fops 2020-06-02 11:05:16 Loaded module: gf128mul 2020-06-02 11:05:16 Loaded module: ghash_clmulni_intel 2020-06-02 11:05:16 Loaded module: glue_helper 2020-06-02 11:05:16 Loaded module: i2c_algo_bit 2020-06-02 11:05:16 Loaded module: i2c_i801 2020-06-02 11:05:16 Loaded module: igb 2020-06-02 11:05:16 Loaded module: intel_powerclamp 2020-06-02 11:05:16 Loaded module: intel_rapl 2020-06-02 11:05:16 Loaded module: iosf_mbi 2020-06-02 11:05:16 Loaded module: ip6table_filter 2020-06-02 11:05:16 Loaded module: ip6table_nat 2020-06-02 11:05:16 Loaded module: ip6_tables 2020-06-02 11:05:16 Loaded module: ipmi_devintf 2020-06-02 11:05:16 Loaded module: ipmi_msghandler 2020-06-02 11:05:16 Loaded module: ipmi_si 2020-06-02 11:05:16 Loaded module: iptable_filter 2020-06-02 11:05:16 Loaded module: iptable_mangle 2020-06-02 11:05:16 Loaded module: iptable_nat 2020-06-02 11:05:16 Loaded module: ip_tables 2020-06-02 11:05:16 Loaded module: ipt_MASQUERADE 2020-06-02 11:05:16 Loaded module: ipt_REJECT 2020-06-02 11:05:16 Loaded module: irqbypass 2020-06-02 11:05:16 Loaded module: iTCO_vendor_support 2020-06-02 11:05:16 Loaded module: iTCO_wdt 2020-06-02 11:05:16 Loaded module: ixgbe 2020-06-02 11:05:16 Loaded module: joydev 2020-06-02 11:05:16 Loaded module: kvm 2020-06-02 11:05:16 Loaded module: kvm_intel 2020-06-02 11:05:16 Loaded module: libahci 2020-06-02 11:05:16 Loaded module: libata 2020-06-02 11:05:16 Loaded module: libcrc32c 2020-06-02 11:05:16 Loaded module: llc 2020-06-02 11:05:16 Loaded module: lpc_ich 2020-06-02 11:05:16 Loaded module: lrw 2020-06-02 11:05:16 Loaded module: macvlan 2020-06-02 11:05:16 Loaded module: macvtap 2020-06-02 11:05:16 Loaded module: mdio 2020-06-02 11:05:16 Loaded module: mei 2020-06-02 11:05:16 Loaded module: mei_me 2020-06-02 11:05:16 Loaded module: mxm_wmi 2020-06-02 11:05:16 Loaded module: nf_conntrack 2020-06-02 11:05:16 Loaded module: nf_conntrack_ipv4 2020-06-02 11:05:16 Loaded module: nf_conntrack_ipv6 2020-06-02 11:05:16 Loaded module: nf_defrag_ipv4 2020-06-02 11:05:16 Loaded module: nf_defrag_ipv6 2020-06-02 11:05:16 Loaded module: nf_nat 2020-06-02 11:05:16 Loaded module: nf_nat_ipv4 2020-06-02 11:05:16 Loaded module: nf_nat_ipv6 2020-06-02 11:05:16 Loaded module: nf_nat_masquerade_ipv4 2020-06-02 11:05:16 Loaded module: nf_reject_ipv4 2020-06-02 11:05:16 Loaded module: overlay 2020-06-02 11:05:16 Loaded module: pcspkr 2020-06-02 11:05:16 Loaded module: pps_core 2020-06-02 11:05:16 Loaded module: ptp 2020-06-02 11:05:16 Loaded module: sb_edac 2020-06-02 11:05:16 Loaded module: sd_mod 2020-06-02 11:05:16 Loaded module: sg 2020-06-02 11:05:16 Loaded module: stp 2020-06-02 11:05:16 Loaded module: sunrpc 2020-06-02 11:05:16 Loaded module: syscopyarea 2020-06-02 11:05:16 Loaded module: sysfillrect 2020-06-02 11:05:16 Loaded module: sysimgblt 2020-06-02 11:05:16 Loaded module: ttm 2020-06-02 11:05:16 Loaded module: tun 2020-06-02 11:05:16 Loaded module: veth 2020-06-02 11:05:16 Loaded module: vhost 2020-06-02 11:05:16 Loaded module: vhost_net 2020-06-02 11:05:16 Loaded module: wmi 2020-06-02 11:05:16 Loaded module: xfs 2020-06-02 11:05:16 Loaded module: xt_addrtype 2020-06-02 11:05:16 Loaded module: xt_CHECKSUM 2020-06-02 11:05:16 Loaded module: xt_comment 2020-06-02 11:05:16 Loaded module: xt_conntrack 2020-06-02 11:05:16 Loaded module: xt_mark 2020-06-02 11:05:16 Loaded module: xt_multiport 2020-06-02 11:05:16 Loaded module: xt_nat 2020-06-02 11:05:16 ==== 2020-06-02 11:05:16 Performing test ID KRNL-5728 (Checking Linux kernel config) 2020-06-02 11:05:16 Result: found config (/boot/config-3.10.0-957.10.1.el7.x86_64) 2020-06-02 11:05:16 ==== 2020-06-02 11:05:16 Performing test ID KRNL-5730 (Checking disk I/O kernel scheduler) 2020-06-02 11:05:16 Test: Checking the default I/O kernel scheduler 2020-06-02 11:05:16 Result: found IO scheduler 'deadline' 2020-06-02 11:05:16 ==== 2020-06-02 11:05:16 Skipped test KRNL-5745 (Checking FreeBSD loaded kernel modules) 2020-06-02 11:05:16 Reason to skip: Incorrect guest OS (FreeBSD only) 2020-06-02 11:05:16 ==== 2020-06-02 11:05:16 Skipped test KRNL-5831 (Checking DragonFly loaded kernel modules) 2020-06-02 11:05:16 Reason to skip: Incorrect guest OS (DragonFly only) 2020-06-02 11:05:16 ==== 2020-06-02 11:05:16 Skipped test KRNL-5770 (Checking active kernel modules) 2020-06-02 11:05:16 Reason to skip: Incorrect guest OS (Solaris only) 2020-06-02 11:05:16 ==== 2020-06-02 11:05:16 Skipped test KRNL-5788 (Checking availability new Linux kernel) 2020-06-02 11:05:16 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:16 ==== 2020-06-02 11:05:16 Performing test ID KRNL-5820 (Checking core dumps configuration) 2020-06-02 11:05:16 Test: Checking presence of systemd 2020-06-02 11:05:16 Result: systemd is present on this system 2020-06-02 11:05:16 Test: Checking if core dumps are disabled in /etc/systemd/coredump.conf and /etc/systemd/coredump.conf.d/*.conf 2020-06-02 11:05:16 Result: core dumps are not disabled in systemd configuration. Didn't find settings 'ProcessSizeMax=0' and 'Storage=none' 2020-06-02 11:05:16 Hardening: assigned partial number of hardening points (0 of 1). Currently having 10 points (out of 11) 2020-06-02 11:05:16 Test: Checking presence /etc/profile 2020-06-02 11:05:16 Test: Checking if 'ulimit -c 0' exists in /etc/profile or /etc/profile.d/*.sh 2020-06-02 11:05:16 Result: core dumps are not disabled in /etc/profile or /etc/profile.d/*.sh config files. Didn't find setting 'ulimit -c 0' 2020-06-02 11:05:16 Hardening: assigned partial number of hardening points (0 of 1). Currently having 10 points (out of 12) 2020-06-02 11:05:16 Test: Checking presence /etc/security/limits.conf 2020-06-02 11:05:16 Result: file /etc/security/limits.conf exists 2020-06-02 11:05:16 Test: Checking if core dumps are disabled in /etc/security/limits.conf and /etc/security/limits.d/* 2020-06-02 11:05:16 Result: core dumps are not explicitly disabled 2020-06-02 11:05:16 Suggestion: If not required, consider explicit disabling of core dump in /etc/security/limits.conf file [test:KRNL-5820] [details:-] [solution:-] 2020-06-02 11:05:16 Hardening: assigned partial number of hardening points (1 of 3). Currently having 11 points (out of 15) 2020-06-02 11:05:16 Test: Checking sysctl value of fs.suid_dumpable 2020-06-02 11:05:16 Result: value 0 found 2020-06-02 11:05:16 Result: found default option (0), no execute only program or program with changed privilege levels can dump 2020-06-02 11:05:16 Hardening: assigned maximum number of hardening points for this item (1). Currently having 12 points (out of 16) 2020-06-02 11:05:16 ==== 2020-06-02 11:05:16 Performing test ID KRNL-5830 (Checking if system is running on the latest installed kernel) 2020-06-02 11:05:16 Test: Checking presence /var/run/reboot-required.pkgs 2020-06-02 11:05:16 Result: file /var/run/reboot-required.pkgs not found 2020-06-02 11:05:16 Result: /boot exists, performing more tests from here 2020-06-02 11:05:16 Result: found /boot/vmlinuz-0-rescue-9fe0a26cbda6407bab883d439fceb8f4 2020-06-02 11:05:16 Test: checking kernel version on disk 2020-06-02 11:05:16 Result: found version 3.10.0-957.el7.x86_64 2020-06-02 11:05:16 Result: active kernel version 3.10.0-957.10.1.el7.x86_64 2020-06-02 11:05:16 Result: reboot needed, as there is a difference between active kernel and the one on disk 2020-06-02 11:05:16 Result: /var/cache/apt/archives/ does not exist 2020-06-02 11:05:16 Warning: Reboot of system is most likely needed [test:KRNL-5830] [details:] [solution:text:reboot] 2020-06-02 11:05:16 Hardening: assigned partial number of hardening points (0 of 5). Currently having 12 points (out of 21) 2020-06-02 11:05:16 Security check: file is normal 2020-06-02 11:05:16 Checking permissions of /root/blueval/lynis/include/tests_memory_processes 2020-06-02 11:05:16 File permissions are OK 2020-06-02 11:05:16 ==== 2020-06-02 11:05:16 Action: Performing tests from category: Memory and Processes 2020-06-02 11:05:16 ==== 2020-06-02 11:05:16 Performing test ID PROC-3602 (Checking /proc/meminfo for memory details) 2020-06-02 11:05:16 Result: found /proc/meminfo 2020-06-02 11:05:16 Result: Found 65702752 kB memory 2020-06-02 11:05:16 ==== 2020-06-02 11:05:16 Skipped test PROC-3604 (Query prtconf for memory details) 2020-06-02 11:05:16 Reason to skip: Incorrect guest OS (Solaris only) 2020-06-02 11:05:16 ==== 2020-06-02 11:05:16 Performing test ID PROC-3612 (Check dead or zombie processes) 2020-06-02 11:05:17 Result: no zombie processes found 2020-06-02 11:05:17 ==== 2020-06-02 11:05:17 Performing test ID PROC-3614 (Check heavy IO waiting based processes) 2020-06-02 11:05:17 Result: No processes were waiting for IO requests to be handled first 2020-06-02 11:05:17 ==== 2020-06-02 11:05:17 Performing test ID PROC-3802 (Check presence of prelink tooling) 2020-06-02 11:05:17 Result: prelink package is NOT installed 2020-06-02 11:05:17 Hardening: assigned maximum number of hardening points for this item (3). Currently having 15 points (out of 24) 2020-06-02 11:05:17 Security check: file is normal 2020-06-02 11:05:17 Checking permissions of /root/blueval/lynis/include/tests_authentication 2020-06-02 11:05:17 File permissions are OK 2020-06-02 11:05:17 ==== 2020-06-02 11:05:17 Action: Performing tests from category: Users, Groups and Authentication 2020-06-02 11:05:17 ==== 2020-06-02 11:05:17 Performing test ID AUTH-9204 (Check users with an UID of zero) 2020-06-02 11:05:17 Test: Searching accounts with UID 0 2020-06-02 11:05:17 Result: No accounts found with UID 0 other than root. 2020-06-02 11:05:17 ==== 2020-06-02 11:05:17 Performing test ID AUTH-9208 (Check non-unique accounts in passwd file) 2020-06-02 11:05:17 Test: Checking for non-unique accounts 2020-06-02 11:05:17 Result: all accounts found in /etc/passwd are unique 2020-06-02 11:05:17 Remarks: Non unique UIDs can be a risk for the system or part of a configuration mistake 2020-06-02 11:05:17 Prerequisite test: /usr/sbin/chkgrp 2020-06-02 11:05:17 ==== 2020-06-02 11:05:17 Skipped test AUTH-9212 (Test group file) 2020-06-02 11:05:17 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:17 ==== 2020-06-02 11:05:17 Performing test ID AUTH-9216 (Check group and shadow group files) 2020-06-02 11:05:17 Test: Checking for grpck binary output 2020-06-02 11:05:17 Result: grpck binary didn't find any errors in the group files 2020-06-02 11:05:17 ==== 2020-06-02 11:05:17 Skipped test AUTH-9218 (Check login shells for passwordless accounts) 2020-06-02 11:05:17 Reason to skip: Incorrect guest OS (DragonFly FreeBSD NetBSD OpenBSD only) 2020-06-02 11:05:17 ==== 2020-06-02 11:05:17 Performing test ID AUTH-9222 (Check unique groups (IDs)) 2020-06-02 11:05:17 Test: Checking for non unique group ID's in /etc/group 2020-06-02 11:05:17 Result: All group ID's are unique 2020-06-02 11:05:17 ==== 2020-06-02 11:05:17 Performing test ID AUTH-9226 (Check unique group names) 2020-06-02 11:05:17 Test: Checking for non unique group names in /etc/group 2020-06-02 11:05:17 Result: All group names are unique 2020-06-02 11:05:17 ==== 2020-06-02 11:05:17 Performing test ID AUTH-9228 (Check password file consistency with pwck) 2020-06-02 11:05:17 Test: Checking password file consistency (pwck) 2020-06-02 11:05:17 Result: pwck check didn't find any problems 2020-06-02 11:05:17 Hardening: assigned maximum number of hardening points for this item (2). Currently having 17 points (out of 26) 2020-06-02 11:05:17 ==== 2020-06-02 11:05:17 Performing test ID AUTH-9229 (Check password hashing methods) 2020-06-02 11:05:17 Test: Checking password hashing methods 2020-06-02 11:05:17 Result: poor password hashing methods found: sha256crypt/sha512crypt(default<=5000rounds) 2020-06-02 11:05:17 Suggestion: Check PAM configuration, add rounds if applicable and expire passwords to encrypt with new values [test:AUTH-9229] [details:-] [solution:-] 2020-06-02 11:05:17 Hardening: assigned partial number of hardening points (0 of 2). Currently having 17 points (out of 28) 2020-06-02 11:05:17 ==== 2020-06-02 11:05:17 Performing test ID AUTH-9230 (Check group password hashing rounds) 2020-06-02 11:05:17 Test: Checking SHA_CRYPT_MIN_ROUNDS option in /etc/login.defs 2020-06-02 11:05:17 Result: number of minimum rounds used by the encryption algorithm is not configured 2020-06-02 11:05:17 Suggestion: Configure minimum encryption algorithm rounds in /etc/login.defs [test:AUTH-9230] [details:-] [solution:-] 2020-06-02 11:05:17 Hardening: assigned partial number of hardening points (0 of 2). Currently having 17 points (out of 30) 2020-06-02 11:05:17 Test: Checking SHA_CRYPT_MAX_ROUNDS option in /etc/login.defs 2020-06-02 11:05:17 Result: number of maximum rounds used by the encryption algorithm is not configured 2020-06-02 11:05:17 Suggestion: Configure maximum encryption algorithm rounds in /etc/login.defs [test:AUTH-9230] [details:-] [solution:-] 2020-06-02 11:05:17 Hardening: assigned partial number of hardening points (0 of 2). Currently having 17 points (out of 32) 2020-06-02 11:05:17 ==== 2020-06-02 11:05:17 Performing test ID AUTH-9234 (Query user accounts) 2020-06-02 11:05:17 Test: Read system users (including root user) from password database (e.g. /etc/passwd) 2020-06-02 11:05:17 Result: found minimal user id specified: 1000 2020-06-02 11:05:17 Linux real users output (ID = 0, or 1000+, but not 65534): 2020-06-02 11:05:17 Real user: root,0 2020-06-02 11:05:17 Real user: rnoriega,1000 2020-06-02 11:05:17 ==== 2020-06-02 11:05:17 Performing test ID AUTH-9240 (Query NIS+ authentication support) 2020-06-02 11:05:17 Result: NIS+ authentication not enabled 2020-06-02 11:05:17 ==== 2020-06-02 11:05:17 Performing test ID AUTH-9242 (Query NIS authentication support) 2020-06-02 11:05:17 Result: NIS authentication not enabled 2020-06-02 11:05:17 ==== 2020-06-02 11:05:17 Performing test ID AUTH-9250 (Checking sudoers file) 2020-06-02 11:05:17 Test: checking presence /etc/sudoers 2020-06-02 11:05:17 Result: found file (/etc/sudoers) 2020-06-02 11:05:17 Test: checking presence /usr/local/etc/sudoers 2020-06-02 11:05:17 Result: file /usr/local/etc/sudoers not found 2020-06-02 11:05:17 Test: checking presence /usr/pkg/etc/sudoers 2020-06-02 11:05:17 Result: file /usr/pkg/etc/sudoers not found 2020-06-02 11:05:17 Result: sudoers file found (/etc/sudoers) 2020-06-02 11:05:17 ==== 2020-06-02 11:05:17 Performing test ID AUTH-9252 (Check ownership and permissions for sudo configuration files) 2020-06-02 11:05:17 Test: checking drop-in directory (/etc/sudoers.d) 2020-06-02 11:05:17 Result: Found directory permissions: rwxr-x--- and owner UID GID: 00 2020-06-02 11:05:17 Result: directory /etc/sudoers.d permissions OK 2020-06-02 11:05:17 Result: directory /etc/sudoers.d ownership OK 2020-06-02 11:05:17 Test: checking file (/etc/sudoers) 2020-06-02 11:05:17 Result: Found file permissions: r--r----- and owner UID GID: 00 2020-06-02 11:05:17 Result: file /etc/sudoers permissions OK 2020-06-02 11:05:17 Result: file /etc/sudoers ownership OK 2020-06-02 11:05:17 ==== 2020-06-02 11:05:17 Skipped test AUTH-9254 (Solaris passwordless accounts) 2020-06-02 11:05:17 Reason to skip: Incorrect guest OS (Solaris only) 2020-06-02 11:05:17 ==== 2020-06-02 11:05:17 Performing test ID AUTH-9262 (Checking presence password strength testing tools (PAM)) 2020-06-02 11:05:17 Searching PAM password testing modules (cracklib, passwdqc, pwquality) 2020-06-02 11:05:17 Result: found pam_cracklib.so (crack library PAM) in /lib64/security 2020-06-02 11:05:17 Result: found pam_pwquality.so (password quality control PAM) in /lib64/security 2020-06-02 11:05:17 Result: pam_cracklib.so found 2020-06-02 11:05:17 Result: pam_passwdqc.so NOT found (passwd quality control PAM) 2020-06-02 11:05:17 Result: pam_pwquality.so found 2020-06-02 11:05:17 Result: found at least one PAM module for password strength testing 2020-06-02 11:05:17 Hardening: assigned maximum number of hardening points for this item (3). Currently having 20 points (out of 35) 2020-06-02 11:05:17 ==== 2020-06-02 11:05:17 Performing test ID AUTH-9264 (Checking presence pam.conf) 2020-06-02 11:05:17 Test: Checking file /etc/pam.conf 2020-06-02 11:05:17 Result: file /etc/pam.conf could not be found 2020-06-02 11:05:17 ==== 2020-06-02 11:05:17 Performing test ID AUTH-9266 (Checking presence pam.d files) 2020-06-02 11:05:17 Test: Checking directory /etc/pam.d 2020-06-02 11:05:17 Result: directory /etc/pam.d exists 2020-06-02 11:05:17 Test: searching PAM configuration files 2020-06-02 11:05:17 Found file: /etc/pam.d/atd 2020-06-02 11:05:17 Found file: /etc/pam.d/chfn 2020-06-02 11:05:17 Found file: /etc/pam.d/chsh 2020-06-02 11:05:17 Found file: /etc/pam.d/config-util 2020-06-02 11:05:17 Found file: /etc/pam.d/crond 2020-06-02 11:05:17 Found file: /etc/pam.d/cvs 2020-06-02 11:05:17 Found file: /etc/pam.d/fingerprint-auth-ac 2020-06-02 11:05:17 Found file: /etc/pam.d/login 2020-06-02 11:05:17 Found file: /etc/pam.d/other 2020-06-02 11:05:17 Found file: /etc/pam.d/passwd 2020-06-02 11:05:17 Found file: /etc/pam.d/password-auth-ac 2020-06-02 11:05:17 Found file: /etc/pam.d/polkit-1 2020-06-02 11:05:17 Found file: /etc/pam.d/postlogin-ac 2020-06-02 11:05:17 Found file: /etc/pam.d/remote 2020-06-02 11:05:17 Found file: /etc/pam.d/runuser 2020-06-02 11:05:17 Found file: /etc/pam.d/runuser-l 2020-06-02 11:05:17 Found file: /etc/pam.d/setup 2020-06-02 11:05:17 Found file: /etc/pam.d/smartcard-auth-ac 2020-06-02 11:05:17 Found file: /etc/pam.d/smtp.postfix 2020-06-02 11:05:17 Found file: /etc/pam.d/sshd 2020-06-02 11:05:17 Found file: /etc/pam.d/su 2020-06-02 11:05:17 Found file: /etc/pam.d/sudo 2020-06-02 11:05:17 Found file: /etc/pam.d/sudo-i 2020-06-02 11:05:17 Found file: /etc/pam.d/su-l 2020-06-02 11:05:17 Found file: /etc/pam.d/system-auth-ac 2020-06-02 11:05:17 Found file: /etc/pam.d/systemd-user 2020-06-02 11:05:17 Found file: /etc/pam.d/vlock 2020-06-02 11:05:17 ==== 2020-06-02 11:05:17 Performing test ID AUTH-9268 (Checking presence pam.d files) 2020-06-02 11:05:17 Test: Searching pam modules 2020-06-02 11:05:17 Test: Checking /lib/arm-linux-gnueabihf/security 2020-06-02 11:05:17 Result: directory /lib/arm-linux-gnueabihf/security could not be found or is a symlink to another directory 2020-06-02 11:05:17 Test: Checking /lib/i386-linux-gnu/security 2020-06-02 11:05:17 Result: directory /lib/i386-linux-gnu/security could not be found or is a symlink to another directory 2020-06-02 11:05:17 Test: Checking /lib/security 2020-06-02 11:05:17 Result: directory /lib/security could not be found or is a symlink to another directory 2020-06-02 11:05:17 Test: Checking /lib/x86_64-linux-gnu/security 2020-06-02 11:05:17 Result: directory /lib/x86_64-linux-gnu/security could not be found or is a symlink to another directory 2020-06-02 11:05:17 Test: Checking /lib64/security 2020-06-02 11:05:17 Result: directory /lib64/security exists 2020-06-02 11:05:17 Found file: /lib64/security/pam_access.so 2020-06-02 11:05:17 Found file: /lib64/security/pam_cap.so 2020-06-02 11:05:17 Found file: /lib64/security/pam_chroot.so 2020-06-02 11:05:17 Found file: /lib64/security/pam_console.so 2020-06-02 11:05:17 Found file: /lib64/security/pam_cracklib.so 2020-06-02 11:05:17 Found file: /lib64/security/pam_debug.so 2020-06-02 11:05:17 Found file: /lib64/security/pam_deny.so 2020-06-02 11:05:17 Found file: /lib64/security/pam_echo.so 2020-06-02 11:05:17 Found file: /lib64/security/pam_env.so 2020-06-02 11:05:17 Found file: /lib64/security/pam_exec.so 2020-06-02 11:05:17 Found file: /lib64/security/pam_faildelay.so 2020-06-02 11:05:17 Found file: /lib64/security/pam_faillock.so 2020-06-02 11:05:17 Found file: /lib64/security/pam_filter.so 2020-06-02 11:05:17 Found file: /lib64/security/pam_fprintd.so 2020-06-02 11:05:17 Found file: /lib64/security/pam_ftp.so 2020-06-02 11:05:17 Found file: /lib64/security/pam_group.so 2020-06-02 11:05:17 Found file: /lib64/security/pam_issue.so 2020-06-02 11:05:17 Found file: /lib64/security/pam_keyinit.so 2020-06-02 11:05:17 Found file: /lib64/security/pam_lastlog.so 2020-06-02 11:05:17 Found file: /lib64/security/pam_limits.so 2020-06-02 11:05:17 Found file: /lib64/security/pam_listfile.so 2020-06-02 11:05:17 Found file: /lib64/security/pam_localuser.so 2020-06-02 11:05:17 Found file: /lib64/security/pam_loginuid.so 2020-06-02 11:05:17 Found file: /lib64/security/pam_mail.so 2020-06-02 11:05:17 Found file: /lib64/security/pam_mkhomedir.so 2020-06-02 11:05:17 Found file: /lib64/security/pam_motd.so 2020-06-02 11:05:17 Found file: /lib64/security/pam_namespace.so 2020-06-02 11:05:17 Found file: /lib64/security/pam_nologin.so 2020-06-02 11:05:17 Found file: /lib64/security/pam_permit.so 2020-06-02 11:05:17 Found file: /lib64/security/pam_postgresok.so 2020-06-02 11:05:17 Found file: /lib64/security/pam_pwhistory.so 2020-06-02 11:05:17 Found file: /lib64/security/pam_pwquality.so 2020-06-02 11:05:17 Found file: /lib64/security/pam_rhosts.so 2020-06-02 11:05:17 Found file: /lib64/security/pam_rootok.so 2020-06-02 11:05:17 Found file: /lib64/security/pam_securetty.so 2020-06-02 11:05:17 Found file: /lib64/security/pam_selinux.so 2020-06-02 11:05:17 Found file: /lib64/security/pam_sepermit.so 2020-06-02 11:05:17 Found file: /lib64/security/pam_shells.so 2020-06-02 11:05:17 Found file: /lib64/security/pam_sss.so 2020-06-02 11:05:17 Found file: /lib64/security/pam_stress.so 2020-06-02 11:05:17 Found file: /lib64/security/pam_succeed_if.so 2020-06-02 11:05:17 Found file: /lib64/security/pam_systemd.so 2020-06-02 11:05:17 Found file: /lib64/security/pam_tally2.so 2020-06-02 11:05:17 Found file: /lib64/security/pam_time.so 2020-06-02 11:05:17 Found file: /lib64/security/pam_timestamp.so 2020-06-02 11:05:17 Found file: /lib64/security/pam_tty_audit.so 2020-06-02 11:05:17 Found file: /lib64/security/pam_umask.so 2020-06-02 11:05:17 Found file: /lib64/security/pam_unix.so 2020-06-02 11:05:17 Found file: /lib64/security/pam_userdb.so 2020-06-02 11:05:17 Found file: /lib64/security/pam_warn.so 2020-06-02 11:05:17 Found file: /lib64/security/pam_wheel.so 2020-06-02 11:05:17 Found file: /lib64/security/pam_xauth.so 2020-06-02 11:05:17 Test: Checking /usr/lib 2020-06-02 11:05:17 Result: directory /usr/lib exists 2020-06-02 11:05:17 Test: Checking /usr/lib/security 2020-06-02 11:05:17 Result: directory /usr/lib/security could not be found or is a symlink to another directory 2020-06-02 11:05:17 ==== 2020-06-02 11:05:17 Performing test ID AUTH-9278 (Determine LDAP support in PAM files) 2020-06-02 11:05:17 Test: checking presence /etc/pam.d/common-auth 2020-06-02 11:05:17 Result: file /etc/pam.d/common-auth not found, skipping test 2020-06-02 11:05:17 Test: checking presence /etc/pam.d/system-auth 2020-06-02 11:05:17 Result: file /etc/pam.d/system-auth exists 2020-06-02 11:05:17 Test: checking presence LDAP module 2020-06-02 11:05:17 Result: LDAP module not found 2020-06-02 11:05:18 ==== 2020-06-02 11:05:18 Performing test ID AUTH-9282 (Checking password protected account without expire date) 2020-06-02 11:05:18 Test: Checking Linux version and password expire date status 2020-06-02 11:05:18 Result: found one or more accounts without expire date set 2020-06-02 11:05:18 Account without expire date: root 2020-06-02 11:05:18 Account without expire date: rnoriega 2020-06-02 11:05:18 Suggestion: When possible set expire dates for all password protected accounts [test:AUTH-9282] [details:-] [solution:-] 2020-06-02 11:05:18 ==== 2020-06-02 11:05:18 Performing test ID AUTH-9283 (Checking accounts without password) 2020-06-02 11:05:18 Test: Checking passwordless accounts 2020-06-02 11:05:18 Result: all accounts seem to have a password 2020-06-02 11:05:18 ==== 2020-06-02 11:05:18 Performing test ID AUTH-9286 (Checking user password aging) 2020-06-02 11:05:18 Test: Checking PASS_MIN_DAYS option in /etc/login.defs 2020-06-02 11:05:18 Result: password minimum age is not configured 2020-06-02 11:05:18 Suggestion: Configure minimum password age in /etc/login.defs [test:AUTH-9286] [details:-] [solution:-] 2020-06-02 11:05:18 Hardening: assigned partial number of hardening points (0 of 1). Currently having 20 points (out of 36) 2020-06-02 11:05:18 Test: Checking PASS_MAX_DAYS option in /etc/login.defs 2020-06-02 11:05:18 Result: password aging limits are not configured 2020-06-02 11:05:18 Suggestion: Configure maximum password age in /etc/login.defs [test:AUTH-9286] [details:-] [solution:-] 2020-06-02 11:05:18 Hardening: assigned partial number of hardening points (0 of 1). Currently having 20 points (out of 37) 2020-06-02 11:05:18 ==== 2020-06-02 11:05:18 Performing test ID AUTH-9288 (Checking for expired passwords) 2020-06-02 11:05:18 Test: check if we can access /etc/shadow (escaped: /etc/shadow) 2020-06-02 11:05:18 Result: file is owned by our current user ID (0), checking if it is readable 2020-06-02 11:05:18 Result: file /etc/shadow is readable (or directory accessible). 2020-06-02 11:05:18 Data: Days since epoch is 18415 2020-06-02 11:05:18 Test: collecting accounts which have an expired password (last day changed + maximum change time) 2020-06-02 11:05:18 Result: good, no passwords have been expired 2020-06-02 11:05:18 Hardening: assigned maximum number of hardening points for this item (10). Currently having 30 points (out of 47) 2020-06-02 11:05:18 ==== 2020-06-02 11:05:18 Skipped test AUTH-9304 (Check single user login configuration) 2020-06-02 11:05:18 Reason to skip: Incorrect guest OS (Solaris only) 2020-06-02 11:05:18 ==== 2020-06-02 11:05:18 Skipped test AUTH-9306 (Check single boot authentication) 2020-06-02 11:05:18 Reason to skip: Incorrect guest OS (HP-UX only) 2020-06-02 11:05:18 ==== 2020-06-02 11:05:18 Performing test ID AUTH-9308 (Check single user login configuration) 2020-06-02 11:05:18 Test: going to check several systemd targets now 2020-06-02 11:05:18 Test: checking if target console-shell.service is available (/lib/systemd/system/console-shell.service) 2020-06-02 11:05:18 Result: found target console-shell.service 2020-06-02 11:05:18 Result: sulogin was found, which is a good measure to protect single user mode 2020-06-02 11:05:18 Test: checking if target emergency.service is available (/lib/systemd/system/emergency.service) 2020-06-02 11:05:18 Result: found target emergency.service 2020-06-02 11:05:18 Result: sulogin was found, which is a good measure to protect single user mode 2020-06-02 11:05:18 Test: checking if target rescue.service is available (/lib/systemd/system/rescue.service) 2020-06-02 11:05:18 Result: found target rescue.service 2020-06-02 11:05:18 Result: sulogin was found, which is a good measure to protect single user mode 2020-06-02 11:05:18 Result: option set, password is needed at single user mode boot 2020-06-02 11:05:18 Hardening: assigned maximum number of hardening points for this item (2). Currently having 32 points (out of 49) 2020-06-02 11:05:18 ==== 2020-06-02 11:05:18 Performing test ID AUTH-9328 (Default umask values) 2020-06-02 11:05:18 Test: Checking /etc/profile.d directory 2020-06-02 11:05:18 Result: found /etc/profile.d, with one or more files in it 2020-06-02 11:05:18 Test: Checking /etc/profile 2020-06-02 11:05:18 Result: file /etc/profile exists 2020-06-02 11:05:18 Test: Checking umask value in /etc/profile 2020-06-02 11:05:18 Result: found multiple umask values configured in /etc/profile 2020-06-02 11:05:18 Result: umask 002 could be more strict 2020-06-02 11:05:18 Hardening: assigned partial number of hardening points (1 of 2). Currently having 33 points (out of 51) 2020-06-02 11:05:18 Result: umask 022 could be more strict 2020-06-02 11:05:18 Hardening: assigned partial number of hardening points (1 of 2). Currently having 34 points (out of 53) 2020-06-02 11:05:18 Suggestion: Default umask in /etc/profile or /etc/profile.d/custom.sh could be more strict (e.g. 027) [test:AUTH-9328] [details:-] [solution:-] 2020-06-02 11:05:18 Hardening: assigned partial number of hardening points (0 of 2). Currently having 34 points (out of 55) 2020-06-02 11:05:18 Test: Checking umask entries in /etc/passwd (pam_umask) 2020-06-02 11:05:18 Result: file /etc/passwd exists 2020-06-02 11:05:18 Test: Checking umask value in /etc/passwd 2020-06-02 11:05:18 Manual: one or more manual actions are required for further testing of this control/plugin 2020-06-02 11:05:18 Test: Checking /etc/login.defs 2020-06-02 11:05:18 Result: file /etc/login.defs exists 2020-06-02 11:05:18 Test: Checking umask value in /etc/login.defs 2020-06-02 11:05:18 Result: umask is 077, which is fine 2020-06-02 11:05:18 Hardening: assigned maximum number of hardening points for this item (2). Currently having 36 points (out of 57) 2020-06-02 11:05:18 Test: Checking /etc/init.d/functions 2020-06-02 11:05:18 Result: file /etc/init.d/functions exists 2020-06-02 11:05:18 Test: Checking umask value in /etc/init.d/functions 2020-06-02 11:05:18 Result: found umask 022, which could be improved 2020-06-02 11:05:18 Hardening: assigned partial number of hardening points (0 of 2). Currently having 36 points (out of 59) 2020-06-02 11:05:18 Test: Checking /etc/init.d/rc 2020-06-02 11:05:18 Result: file /etc/init.d/rc does not exist 2020-06-02 11:05:18 Test: Checking /etc/init.d/rcS 2020-06-02 11:05:18 Result: file /etc/init.d/rcS does not exist 2020-06-02 11:05:18 ==== 2020-06-02 11:05:18 Skipped test AUTH-9340 (Solaris account locking) 2020-06-02 11:05:18 Reason to skip: Incorrect guest OS (Solaris only) 2020-06-02 11:05:18 ==== 2020-06-02 11:05:18 Performing test ID AUTH-9402 (Query LDAP authentication support) 2020-06-02 11:05:18 Result: LDAP authentication not enabled 2020-06-02 11:05:18 ==== 2020-06-02 11:05:18 Skipped test AUTH-9406 (Query LDAP servers in client configuration) 2020-06-02 11:05:18 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:18 ==== 2020-06-02 11:05:18 Performing test ID AUTH-9408 (Logging of failed login attempts) 2020-06-02 11:05:18 Test: Checking FAILLOG_ENAB option in /etc/login.defs 2020-06-02 11:05:18 Result: failed login attempts may not logged 2020-06-02 11:05:18 Hardening: assigned partial number of hardening points (0 of 1). Currently having 36 points (out of 60) 2020-06-02 11:05:18 ==== 2020-06-02 11:05:18 Skipped test AUTH-9409 (Checking /etc/doas.conf file) 2020-06-02 11:05:18 Reason to skip: Incorrect guest OS (OpenBSD only) 2020-06-02 11:05:18 ==== 2020-06-02 11:05:18 Skipped test AUTH-9410 (Check /etc/doas.conf file permissions) 2020-06-02 11:05:18 Reason to skip: Incorrect guest OS (OpenBSD only) 2020-06-02 11:05:18 Security check: file is normal 2020-06-02 11:05:18 Checking permissions of /root/blueval/lynis/include/tests_shells 2020-06-02 11:05:18 File permissions are OK 2020-06-02 11:05:18 ==== 2020-06-02 11:05:18 Action: Performing tests from category: Shells 2020-06-02 11:05:18 ==== 2020-06-02 11:05:18 Skipped test SHLL-6202 (Check console TTYs) 2020-06-02 11:05:18 Reason to skip: Incorrect guest OS (FreeBSD only) 2020-06-02 11:05:18 ==== 2020-06-02 11:05:18 Performing test ID SHLL-6211 (Available and valid shells) 2020-06-02 11:05:18 Test: Searching for /etc/shells 2020-06-02 11:05:18 Result: Found /etc/shells file 2020-06-02 11:05:18 Test: Reading available shells from /etc/shells 2020-06-02 11:05:18 Found installed shell: /bin/sh 2020-06-02 11:05:18 Found installed shell: /bin/bash 2020-06-02 11:05:18 Found installed shell: /usr/bin/sh 2020-06-02 11:05:18 Found installed shell: /usr/bin/bash 2020-06-02 11:05:18 Found installed shell: /bin/tcsh 2020-06-02 11:05:18 Found installed shell: /bin/csh 2020-06-02 11:05:18 Found installed shell: /usr/bin/tmux 2020-06-02 11:05:18 ==== 2020-06-02 11:05:18 Performing test ID SHLL-6220 (Idle session killing tools or settings) 2020-06-02 11:05:18 Test: Search for session timeout tools or settings in shell 2020-06-02 11:05:18 Performing pgrep scan without uid 2020-06-02 11:05:18 IsRunning: process 'timeoutd' not found 2020-06-02 11:05:18 Performing pgrep scan without uid 2020-06-02 11:05:18 IsRunning: process 'autolog' not found 2020-06-02 11:05:18 Result: could not find TMOUT setting in /etc/profile 2020-06-02 11:05:18 Result: could not find export, readonly or typeset -r in /etc/profile 2020-06-02 11:05:18 Result: could not find TMOUT setting in /etc/profile.d/*.sh 2020-06-02 11:05:18 Result: could not find export, readonly or typeset -r in /etc/profile 2020-06-02 11:05:18 Hardening: assigned partial number of hardening points (1 of 3). Currently having 37 points (out of 63) 2020-06-02 11:05:18 ==== 2020-06-02 11:05:18 Performing test ID SHLL-6230 (Perform umask check for shell configurations) 2020-06-02 11:05:18 Result: file /etc/bashrc exists 2020-06-02 11:05:18 Result: found umask 002 in /etc/bashrc 2020-06-02 11:05:18 Result: umask 002 can be hardened 2020-06-02 11:05:18 Result: found umask 022 in /etc/bashrc 2020-06-02 11:05:18 Result: umask 022 can be hardened 2020-06-02 11:05:18 Hardening: assigned partial number of hardening points (1 of 3). Currently having 38 points (out of 66) 2020-06-02 11:05:18 Result: file /etc/bash.bashrc not found 2020-06-02 11:05:18 Result: file /etc/bash.bashrc.local not found 2020-06-02 11:05:18 Result: file /etc/csh.cshrc exists 2020-06-02 11:05:18 Result: found umask 002 in /etc/csh.cshrc 2020-06-02 11:05:18 Result: umask 002 can be hardened 2020-06-02 11:05:18 Result: found umask 022 in /etc/csh.cshrc 2020-06-02 11:05:18 Result: umask 022 can be hardened 2020-06-02 11:05:18 Hardening: assigned partial number of hardening points (1 of 3). Currently having 39 points (out of 69) 2020-06-02 11:05:18 Result: file /etc/profile exists 2020-06-02 11:05:18 Result: found umask 002 in /etc/profile 2020-06-02 11:05:18 Result: umask 002 can be hardened 2020-06-02 11:05:18 Result: found umask 022 in /etc/profile 2020-06-02 11:05:18 Result: umask 022 can be hardened 2020-06-02 11:05:18 Hardening: assigned partial number of hardening points (1 of 3). Currently having 40 points (out of 72) 2020-06-02 11:05:18 Security check: file is normal 2020-06-02 11:05:18 Checking permissions of /root/blueval/lynis/include/tests_filesystems 2020-06-02 11:05:19 File permissions are OK 2020-06-02 11:05:19 ==== 2020-06-02 11:05:19 Action: Performing tests from category: File systems 2020-06-02 11:05:19 ==== 2020-06-02 11:05:19 Performing test ID FILE-6310 (Checking /tmp, /home and /var directory) 2020-06-02 11:05:19 Test: Checking if /home is mounted separately or mounted on / file system 2020-06-02 11:05:19 Result: directory /home exists 2020-06-02 11:05:19 Result: /home not found in mount list. Directory most likely stored on / file system 2020-06-02 11:05:19 Suggestion: To decrease the impact of a full /home file system, place /home on a separate partition [test:FILE-6310] [details:-] [solution:-] 2020-06-02 11:05:19 Hardening: assigned partial number of hardening points (9 of 10). Currently having 49 points (out of 82) 2020-06-02 11:05:19 Test: Checking if /tmp is mounted separately or mounted on / file system 2020-06-02 11:05:19 Result: directory /tmp exists 2020-06-02 11:05:19 Result: /tmp not found in mount list. Directory most likely stored on / file system 2020-06-02 11:05:19 Suggestion: To decrease the impact of a full /tmp file system, place /tmp on a separate partition [test:FILE-6310] [details:-] [solution:-] 2020-06-02 11:05:19 Hardening: assigned partial number of hardening points (9 of 10). Currently having 58 points (out of 92) 2020-06-02 11:05:19 Test: Checking if /var is mounted separately or mounted on / file system 2020-06-02 11:05:19 Result: directory /var exists 2020-06-02 11:05:19 Result: /var not found in mount list. Directory most likely stored on / file system 2020-06-02 11:05:19 Suggestion: To decrease the impact of a full /var file system, place /var on a separate partition [test:FILE-6310] [details:-] [solution:-] 2020-06-02 11:05:19 Hardening: assigned partial number of hardening points (9 of 10). Currently having 67 points (out of 102) 2020-06-02 11:05:19 ==== 2020-06-02 11:05:19 Performing test ID FILE-6311 (Checking LVM volume groups) 2020-06-02 11:05:19 Test: Checking for LVM volume groups 2020-06-02 11:05:19 Result: no LVM volume groups found 2020-06-02 11:05:19 ==== 2020-06-02 11:05:19 Skipped test FILE-6312 (Checking LVM volumes) 2020-06-02 11:05:19 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:19 ==== 2020-06-02 11:05:19 Performing test ID FILE-6323 (Checking EXT file systems) 2020-06-02 11:05:19 Test: Checking for Linux EXT file systems 2020-06-02 11:05:19 Result: no EXT file systems found 2020-06-02 11:05:19 ==== 2020-06-02 11:05:19 Performing test ID FILE-6324 (Checking XFS file systems) 2020-06-02 11:05:19 Test: Checking for Linux XFS file systems 2020-06-02 11:05:19 Result: found one or more XFS file systems 2020-06-02 11:05:19 File system: / (type: xfs) 2020-06-02 11:05:19 File system: /boot (type: xfs) 2020-06-02 11:05:19 File system: /var/lib/containers/storage/overlay (type: xfs) 2020-06-02 11:05:19 ==== 2020-06-02 11:05:19 Performing test ID FILE-6329 (Checking FFS/UFS file systems) 2020-06-02 11:05:19 Test: Query /etc/fstab for available FFS/UFS mount points 2020-06-02 11:05:19 Result: unable to find any single mount point (FFS/UFS) 2020-06-02 11:05:19 ==== 2020-06-02 11:05:19 Skipped test FILE-6330 (Checking ZFS file systems) 2020-06-02 11:05:19 Reason to skip: Incorrect guest OS (FreeBSD only) 2020-06-02 11:05:19 ==== 2020-06-02 11:05:19 Skipped test FILE-6439 (Checking HAMMER PFS mounts) 2020-06-02 11:05:19 Reason to skip: Incorrect guest OS (DragonFly only) 2020-06-02 11:05:19 ==== 2020-06-02 11:05:19 Performing test ID FILE-6332 (Checking swap partitions) 2020-06-02 11:05:19 Test: query swap partitions from /etc/fstab file 2020-06-02 11:05:19 Swap partition found: UUID=0c059c83-2836-4177-9500-84126c5794a4 2020-06-02 11:05:19 Result: Using 0c059c83-2836-4177-9500-84126c5794a4 as UUID 2020-06-02 11:05:19 ==== 2020-06-02 11:05:19 Performing test ID FILE-6336 (Checking swap mount options) 2020-06-02 11:05:19 Test: check swap partitions with incorrect mount options 2020-06-02 11:05:19 Result: all swap partitions have correct options (sw or swap) 2020-06-02 11:05:19 ==== 2020-06-02 11:05:19 Performing test ID FILE-6344 (Checking proc mount options) 2020-06-02 11:05:19 Test: check proc mount with incorrect mount options 2020-06-02 11:05:19 Hardening: assigned partial number of hardening points (0 of 3). Currently having 67 points (out of 105) 2020-06-02 11:05:19 Result: /proc filesystem is not mounted with option hidepid=1 or hidepid=2 2020-06-02 11:05:19 ==== 2020-06-02 11:05:19 Performing test ID FILE-6354 (Searching for old files in /tmp) 2020-06-02 11:05:19 Test: Searching for old files in /tmp 2020-06-02 11:05:19 Old temporary file: /tmp/terraform-provider-matchbox/.git/objects/pack/pack-b2fc28e1d9709e27fba9c839fb7be208e2f63516.pack 2020-06-02 11:05:19 Old temporary file: /tmp/terraform-provider-matchbox/.git/objects/pack/pack-b2fc28e1d9709e27fba9c839fb7be208e2f63516.idx 2020-06-02 11:05:19 Result: found old files in /tmp, which were not modified in the last 90 days 2020-06-02 11:05:19 Advice: check and clean up unused files in /tmp. Old files can fill up a disk or contain 2020-06-02 11:05:19 private information and should be deleted it not being used actively. Use a tool like lsof to 2020-06-02 11:05:19 see which programs possibly are using a particular file. Some systems can cleanup temporary 2020-06-02 11:05:19 directories by setting a boot option. 2020-06-02 11:05:19 Suggestion: Check 2 files in /tmp which are older than 90 days [test:FILE-6354] [details:-] [solution:-] 2020-06-02 11:05:19 ==== 2020-06-02 11:05:19 Performing test ID FILE-6362 (Checking /tmp sticky bit) 2020-06-02 11:05:19 Result: sticky bit found on /tmp directory 2020-06-02 11:05:19 Hardening: assigned maximum number of hardening points for this item (3). Currently having 70 points (out of 108) 2020-06-02 11:05:19 ==== 2020-06-02 11:05:19 Performing test ID FILE-6363 (Checking /var/tmp sticky bit) 2020-06-02 11:05:19 Result: sticky bit found on /var/tmp directory 2020-06-02 11:05:19 Hardening: assigned maximum number of hardening points for this item (3). Currently having 73 points (out of 111) 2020-06-02 11:05:19 ==== 2020-06-02 11:05:19 Performing test ID FILE-6368 (Checking ACL support on root file system) 2020-06-02 11:05:19 Test: Checking acl option on ext[2-4] root file system 2020-06-02 11:05:19 Result: mount point probably mounted with defaults 2020-06-02 11:05:19 Test: Checking device which holds root file system 2020-06-02 11:05:19 Result: No file system found with root file system 2020-06-02 11:05:19 Test: Checking acl option on xfs root file system 2020-06-02 11:05:19 Result: ACL option enabled on root file system 2020-06-02 11:05:19 Hardening: assigned maximum number of hardening points for this item (3). Currently having 76 points (out of 114) 2020-06-02 11:05:19 ==== 2020-06-02 11:05:19 Performing test ID FILE-6372 (Checking / mount options) 2020-06-02 11:05:19 Result: mount system / is configured with options: defaults 2020-06-02 11:05:19 ==== 2020-06-02 11:05:19 Performing test ID FILE-6374 (Linux mount options) 2020-06-02 11:05:19 File system: /boot 2020-06-02 11:05:19 Expected flags: nodev noexec nosuid 2020-06-02 11:05:19 Found flags: defaults 2020-06-02 11:05:19 Result: Could not find mount option nodev on file system /boot 2020-06-02 11:05:19 Result: Could not find mount option noexec on file system /boot 2020-06-02 11:05:19 Result: Could not find mount option nosuid on file system /boot 2020-06-02 11:05:19 Result: marked /boot options as default (not hardened) 2020-06-02 11:05:19 Hardening: assigned partial number of hardening points (3 of 5). Currently having 79 points (out of 119) 2020-06-02 11:05:19 File system: /dev 2020-06-02 11:05:19 Expected flags: noexec nosuid 2020-06-02 11:05:19 Found flags: (rw nosuid seclabel size=32840568k nr_inodes=8210142 mode=755) 2020-06-02 11:05:19 Result: Could not find mount option noexec on file system /dev 2020-06-02 11:05:19 Result: GOOD, found mount option nosuid on file system /dev 2020-06-02 11:05:19 Result: marked /dev as partially hardened 2020-06-02 11:05:19 Hardening: assigned partial number of hardening points (4 of 5). Currently having 83 points (out of 124) 2020-06-02 11:05:19 File system: /dev/shm 2020-06-02 11:05:19 Expected flags: nosuid nodev noexec 2020-06-02 11:05:19 Found flags: (rw nosuid nodev seclabel) 2020-06-02 11:05:19 Result: GOOD, found mount option nosuid on file system /dev/shm 2020-06-02 11:05:19 Result: GOOD, found mount option nodev on file system /dev/shm 2020-06-02 11:05:19 Result: Could not find mount option noexec on file system /dev/shm 2020-06-02 11:05:19 Result: marked /dev/shm as partially hardened 2020-06-02 11:05:19 Hardening: assigned partial number of hardening points (4 of 5). Currently having 87 points (out of 129) 2020-06-02 11:05:19 Result: file system /home not found in /etc/fstab 2020-06-02 11:05:19 File system: /run 2020-06-02 11:05:19 Expected flags: nodev nosuid 2020-06-02 11:05:19 Found flags: (rw nosuid nodev seclabel mode=755) 2020-06-02 11:05:19 Result: GOOD, found mount option nodev on file system /run 2020-06-02 11:05:19 Result: GOOD, found mount option nosuid on file system /run 2020-06-02 11:05:19 Result: marked /run as fully hardened 2020-06-02 11:05:19 Hardening: assigned maximum number of hardening points for this item (5). Currently having 92 points (out of 134) 2020-06-02 11:05:19 Result: file system /tmp not found in /etc/fstab 2020-06-02 11:05:19 Result: file system /var not found in /etc/fstab 2020-06-02 11:05:19 Result: file system /var/log not found in /etc/fstab 2020-06-02 11:05:19 Result: file system /var/log/audit not found in /etc/fstab 2020-06-02 11:05:19 Result: file system /var/tmp not found in /etc/fstab 2020-06-02 11:05:19 Result: Total without nodev:18 noexec:21 nosuid:16 ro or noexec (W^X): 21, of total 48 2020-06-02 11:05:19 ==== 2020-06-02 11:05:19 Performing test ID FILE-6376 (Determine if /var/tmp is bound to /tmp) 2020-06-02 11:05:19 Result: no mount point /var/tmp or expected options found 2020-06-02 11:05:19 ==== 2020-06-02 11:05:19 Performing test ID FILE-6394 (Determine level of swappiness.) 2020-06-02 11:05:19 Test: checking level of vm.swappiness: 60 2020-06-02 11:05:19 Result: vm.swappiness=60 which is the standard level of swappiness and works well for desktop systems. 2020-06-02 11:05:19 ==== 2020-06-02 11:05:19 Performing test ID FILE-6410 (Checking Locate database) 2020-06-02 11:05:19 Test: Checking locate database 2020-06-02 11:05:19 Result: locate database found (/var/lib/mlocate/mlocate.db) 2020-06-02 11:05:19 Result: file /var/lib/locate/locatedb not found 2020-06-02 11:05:19 Result: file /var/lib/locatedb not found 2020-06-02 11:05:19 Result: file /var/lib/slocate/slocate.db not found 2020-06-02 11:05:19 Result: file /var/cache/locate/locatedb not found 2020-06-02 11:05:19 Result: file /var/db/locate.database not found 2020-06-02 11:05:19 ==== 2020-06-02 11:05:19 Performing test ID FILE-6430 (Disable mounting of some filesystems) 2020-06-02 11:05:19 Result: found cramfs support in the kernel (output = insmod /lib/modules/3.10.0-957.10.1.el7.x86_64/kernel/fs/cramfs/cramfs.ko.xz ) 2020-06-02 11:05:19 Test: Checking if cramfs is active 2020-06-02 11:05:19 Result: module cramfs is currently not loaded in the kernel. 2020-06-02 11:05:19 Hardening: assigned partial number of hardening points (2 of 3). Currently having 94 points (out of 137) 2020-06-02 11:05:19 Hardening: assigned maximum number of hardening points for this item (3). Currently having 97 points (out of 140) 2020-06-02 11:05:19 Hardening: assigned maximum number of hardening points for this item (3). Currently having 100 points (out of 143) 2020-06-02 11:05:19 Hardening: assigned maximum number of hardening points for this item (3). Currently having 103 points (out of 146) 2020-06-02 11:05:19 Hardening: assigned maximum number of hardening points for this item (3). Currently having 106 points (out of 149) 2020-06-02 11:05:19 Result: found squashfs support in the kernel (output = insmod /lib/modules/3.10.0-957.10.1.el7.x86_64/kernel/fs/squashfs/squashfs.ko.xz ) 2020-06-02 11:05:19 Test: Checking if squashfs is active 2020-06-02 11:05:19 Result: module squashfs is currently not loaded in the kernel. 2020-06-02 11:05:19 Hardening: assigned partial number of hardening points (2 of 3). Currently having 108 points (out of 152) 2020-06-02 11:05:19 Result: found udf support in the kernel (output = insmod /lib/modules/3.10.0-957.10.1.el7.x86_64/kernel/fs/udf/udf.ko.xz ) 2020-06-02 11:05:19 Test: Checking if udf is active 2020-06-02 11:05:19 Result: module udf is currently not loaded in the kernel. 2020-06-02 11:05:19 Hardening: assigned partial number of hardening points (2 of 3). Currently having 110 points (out of 155) 2020-06-02 11:05:20 Suggestion: Consider disabling unused kernel modules [test:FILE-6430] [details:/etc/modprobe.d/blacklist.conf] [solution:Add 'install MODULENAME /bin/true' (without quotes)] 2020-06-02 11:05:20 Security check: file is normal 2020-06-02 11:05:20 Checking permissions of /root/blueval/lynis/include/tests_usb 2020-06-02 11:05:20 File permissions are OK 2020-06-02 11:05:20 ==== 2020-06-02 11:05:20 Action: Performing tests from category: USB Devices 2020-06-02 11:05:20 ==== 2020-06-02 11:05:20 Performing test ID USB-1000 (Check if USB storage is disabled) 2020-06-02 11:05:20 Test: Checking USB storage driver in directory /etc/modprobe.d and configuration file /etc/modprobe.conf 2020-06-02 11:05:20 Result: usb-storage driver is not explicitly disabled 2020-06-02 11:05:20 Suggestion: Disable drivers like USB storage when not used, to prevent unauthorized storage or data theft [test:USB-1000] [details:-] [solution:-] 2020-06-02 11:05:20 Hardening: assigned partial number of hardening points (2 of 3). Currently having 112 points (out of 158) 2020-06-02 11:05:20 ==== 2020-06-02 11:05:20 Performing test ID USB-2000 (Check USB authorizations) 2020-06-02 11:05:20 Test: checking presence of USB devices path (/sys/bus/usb/devices) 2020-06-02 11:05:20 Test: Checking USB devices authorization to connect to the system 2020-06-02 11:05:20 Test: /sys/bus/usb/devices/usb1 is authorized by default (authorized_default=1) 2020-06-02 11:05:20 Test: /sys/bus/usb/devices/usb1 is authorized currently (authorized=1) 2020-06-02 11:05:20 Test: /sys/bus/usb/devices/usb2 is authorized by default (authorized_default=1) 2020-06-02 11:05:20 Test: /sys/bus/usb/devices/usb2 is authorized currently (authorized=1) 2020-06-02 11:05:20 Test: /sys/bus/usb/devices/usb3 is authorized by default (authorized_default=1) 2020-06-02 11:05:20 Test: /sys/bus/usb/devices/usb3 is authorized currently (authorized=1) 2020-06-02 11:05:20 Test: /sys/bus/usb/devices/usb4 is authorized by default (authorized_default=1) 2020-06-02 11:05:20 Test: /sys/bus/usb/devices/usb4 is authorized currently (authorized=1) 2020-06-02 11:05:20 Result: Some USB devices are authorized by default (or temporary) to connect to the system 2020-06-02 11:05:20 Hardening: assigned partial number of hardening points (0 of 3). Currently having 112 points (out of 161) 2020-06-02 11:05:20 ==== 2020-06-02 11:05:20 Performing test ID USB-3000 (Check for presence of USBGuard) 2020-06-02 11:05:20 Result: USBGuard not found 2020-06-02 11:05:20 Hardening: assigned partial number of hardening points (0 of 8). Currently having 112 points (out of 169) 2020-06-02 11:05:20 Security check: file is normal 2020-06-02 11:05:20 Checking permissions of /root/blueval/lynis/include/tests_storage 2020-06-02 11:05:20 File permissions are OK 2020-06-02 11:05:20 ==== 2020-06-02 11:05:20 Action: Performing tests from category: Storage 2020-06-02 11:05:20 ==== 2020-06-02 11:05:20 Performing test ID STRG-1846 (Check if firewire storage is disabled) 2020-06-02 11:05:20 Test: Checking firewire storage driver in directory /etc/modprobe.d and configuration file /etc/modprobe.conf 2020-06-02 11:05:20 Result: firewire ohci driver is not explicitly disabled 2020-06-02 11:05:20 Suggestion: Disable drivers like firewire storage when not used, to prevent unauthorized storage or data theft [test:STRG-1846] [details:-] [solution:-] 2020-06-02 11:05:20 Hardening: assigned partial number of hardening points (2 of 3). Currently having 114 points (out of 172) 2020-06-02 11:05:20 Security check: file is normal 2020-06-02 11:05:20 Checking permissions of /root/blueval/lynis/include/tests_storage_nfs 2020-06-02 11:05:20 File permissions are OK 2020-06-02 11:05:20 ==== 2020-06-02 11:05:20 Action: Performing tests from category: NFS 2020-06-02 11:05:20 ==== 2020-06-02 11:05:20 Performing test ID STRG-1902 (Check rpcinfo registered programs) 2020-06-02 11:05:20 Test: Checking rpcinfo registered programs 2020-06-02 11:05:20 rpcinfo: ,program,vers,proto,port,service 2020-06-02 11:05:20 rpcinfo: ,100000,4,tcp,111,portmapper 2020-06-02 11:05:20 rpcinfo: ,100000,3,tcp,111,portmapper 2020-06-02 11:05:20 rpcinfo: ,100000,2,tcp,111,portmapper 2020-06-02 11:05:20 rpcinfo: ,100000,4,udp,111,portmapper 2020-06-02 11:05:20 rpcinfo: ,100000,3,udp,111,portmapper 2020-06-02 11:05:20 rpcinfo: ,100000,2,udp,111,portmapper 2020-06-02 11:05:20 ==== 2020-06-02 11:05:20 Performing test ID STRG-1904 (Check nfs rpc) 2020-06-02 11:05:20 Test: Checking NFS registered versions 2020-06-02 11:05:20 ==== 2020-06-02 11:05:20 Performing test ID STRG-1906 (Check nfs rpc) 2020-06-02 11:05:20 Test: Checking NFS registered protocols 2020-06-02 11:05:20 Output: no NFS protocols found 2020-06-02 11:05:20 Test: Checking NFS registered ports 2020-06-02 11:05:20 Output: no NFS port number found 2020-06-02 11:05:20 ==== 2020-06-02 11:05:20 Performing test ID STRG-1920 (Checking NFS daemon) 2020-06-02 11:05:20 Test: Checking running NFS daemon 2020-06-02 11:05:20 Output: NFS daemon is not running 2020-06-02 11:05:20 ==== 2020-06-02 11:05:20 Skipped test STRG-1926 (Checking NFS exports) 2020-06-02 11:05:20 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:20 ==== 2020-06-02 11:05:20 Skipped test STRG-1928 (Checking empty /etc/exports) 2020-06-02 11:05:20 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:20 ==== 2020-06-02 11:05:20 Skipped test STRG-1930 (Check client access to nfs share) 2020-06-02 11:05:20 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:20 Security check: file is normal 2020-06-02 11:05:20 Checking permissions of /root/blueval/lynis/include/tests_nameservices 2020-06-02 11:05:20 File permissions are OK 2020-06-02 11:05:20 ==== 2020-06-02 11:05:20 Action: Performing tests from category: Name services 2020-06-02 11:05:20 ==== 2020-06-02 11:05:20 Performing test ID NAME-4016 (Check /etc/resolv.conf default domain) 2020-06-02 11:05:20 Test: check /etc/resolv.conf for default domain 2020-06-02 11:05:20 Result: /etc/resolv.conf found 2020-06-02 11:05:20 Result: no default domain found 2020-06-02 11:05:20 ==== 2020-06-02 11:05:20 Performing test ID NAME-4018 (Check /etc/resolv.conf search domains) 2020-06-02 11:05:20 Test: check /etc/resolv.conf for search domains 2020-06-02 11:05:20 Result: /etc/resolv.conf found 2020-06-02 11:05:20 Found search domain: oglok.com 2020-06-02 11:05:20 Result: Found 1 search domains 2020-06-02 11:05:20 Result: found 1 line(s) with a search statement (expecting less than 2 lines) 2020-06-02 11:05:20 ==== 2020-06-02 11:05:20 Performing test ID NAME-4020 (Check non default options) 2020-06-02 11:05:20 Test: check /etc/resolv.conf for non default options 2020-06-02 11:05:20 Result: /etc/resolv.conf found 2020-06-02 11:05:20 Result: no specific other options configured in /etc/resolv.conf 2020-06-02 11:05:20 ==== 2020-06-02 11:05:20 Skipped test NAME-4024 (Solaris uname -n output) 2020-06-02 11:05:20 Reason to skip: Incorrect guest OS (Solaris only) 2020-06-02 11:05:20 ==== 2020-06-02 11:05:20 Skipped test NAME-4026 (Check /etc/nodename) 2020-06-02 11:05:20 Reason to skip: Incorrect guest OS (Solaris only) 2020-06-02 11:05:20 ==== 2020-06-02 11:05:20 Performing test ID NAME-4028 (Check domain name) 2020-06-02 11:05:20 Test: Checking if dnsdomainname command is available 2020-06-02 11:05:20 Result: dnsdomainname command returned a value 2020-06-02 11:05:20 Found domain name: oglok.com 2020-06-02 11:05:20 Result: found domain name 2020-06-02 11:05:20 ==== 2020-06-02 11:05:20 Performing test ID NAME-4032 (Check nscd status) 2020-06-02 11:05:20 Test: checking nscd status 2020-06-02 11:05:20 Performing pgrep scan without uid 2020-06-02 11:05:20 IsRunning: process 'nscd' not found 2020-06-02 11:05:20 Result: nscd is not running 2020-06-02 11:05:20 ==== 2020-06-02 11:05:20 Performing test ID NAME-4034 (Check Unbound status) 2020-06-02 11:05:20 Test: checking Unbound (unbound) status 2020-06-02 11:05:20 Performing pgrep scan without uid 2020-06-02 11:05:20 IsRunning: process 'unbound' not found 2020-06-02 11:05:20 Result: Unbound daemon is not running 2020-06-02 11:05:20 ==== 2020-06-02 11:05:20 Skipped test NAME-4036 (Check Unbound configuration file) 2020-06-02 11:05:20 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:20 ==== 2020-06-02 11:05:20 Performing test ID NAME-4202 (Check BIND status) 2020-06-02 11:05:20 Test: Checking for running BIND instance 2020-06-02 11:05:20 Performing pgrep scan without uid 2020-06-02 11:05:21 IsRunning: process 'named' not found 2020-06-02 11:05:21 Result: BIND not running 2020-06-02 11:05:21 ==== 2020-06-02 11:05:21 Skipped test NAME-4204 (Search BIND configuration file) 2020-06-02 11:05:21 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:21 ==== 2020-06-02 11:05:21 Skipped test NAME-4206 (Check BIND configuration consistency) 2020-06-02 11:05:21 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:21 ==== 2020-06-02 11:05:21 Skipped test NAME-4210 (Check DNS banner) 2020-06-02 11:05:21 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:21 ==== 2020-06-02 11:05:21 Performing test ID NAME-4230 (Check PowerDNS status) 2020-06-02 11:05:21 Test: Checking for running PowerDNS instance 2020-06-02 11:05:21 Performing pgrep scan without uid 2020-06-02 11:05:21 IsRunning: process 'pdns_server' not found 2020-06-02 11:05:21 Result: PowerDNS not running 2020-06-02 11:05:21 ==== 2020-06-02 11:05:21 Skipped test NAME-4232 (Search PowerDNS configuration file) 2020-06-02 11:05:21 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:21 ==== 2020-06-02 11:05:21 Skipped test NAME-4236 (Check PowerDNS backends) 2020-06-02 11:05:21 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:21 ==== 2020-06-02 11:05:21 Skipped test NAME-4238 (Check PowerDNS authoritative status) 2020-06-02 11:05:21 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:21 ==== 2020-06-02 11:05:21 Performing test ID NAME-4304 (Check NIS ypbind status) 2020-06-02 11:05:21 Test: Checking status of ypbind daemon 2020-06-02 11:05:21 Performing pgrep scan without uid 2020-06-02 11:05:21 IsRunning: process 'ypbind' not found 2020-06-02 11:05:21 Result: ypbind is not active 2020-06-02 11:05:21 ==== 2020-06-02 11:05:21 Skipped test NAME-4306 (Check NIS domain) 2020-06-02 11:05:21 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:21 ==== 2020-06-02 11:05:21 Performing test ID NAME-4402 (Check duplicate line in /etc/hosts) 2020-06-02 11:05:21 Test: check duplicate line in /etc/hosts 2020-06-02 11:05:21 Result: OK, no duplicate lines found 2020-06-02 11:05:21 ==== 2020-06-02 11:05:21 Performing test ID NAME-4404 (Check /etc/hosts contains an entry for this server name) 2020-06-02 11:05:21 Test: Check /etc/hosts contains an entry for this server name 2020-06-02 11:05:21 Result: No entry found for marconi in /etc/hosts 2020-06-02 11:05:21 Suggestion: Add the IP name and FQDN to /etc/hosts for proper name resolving [test:NAME-4404] [details:-] [solution:-] 2020-06-02 11:05:21 Risk: No entry for the server name [hostname] in /etc/hosts may cause unexpected performance problems for local connections 2020-06-02 11:05:21 ==== 2020-06-02 11:05:21 Performing test ID NAME-4406 (Check server hostname mapping) 2020-06-02 11:05:21 Test: Check server hostname not locally mapped in /etc/hosts 2020-06-02 11:05:21 Result: this server hostname is not mapped to a local address 2020-06-02 11:05:21 ==== 2020-06-02 11:05:21 Performing test ID NAME-4408 (Check localhost entry) 2020-06-02 11:05:21 Test: Check server hostname not locally mapped in /etc/hosts 2020-06-02 11:05:21 Result: localhost mapped to ::1 2020-06-02 11:05:21 Security check: file is normal 2020-06-02 11:05:21 Checking permissions of /root/blueval/lynis/include/tests_dns 2020-06-02 11:05:21 File permissions are OK 2020-06-02 11:05:21 Security check: file is normal 2020-06-02 11:05:21 Checking permissions of /root/blueval/lynis/include/tests_ports_packages 2020-06-02 11:05:21 File permissions are OK 2020-06-02 11:05:21 ==== 2020-06-02 11:05:21 Action: Performing tests from category: Ports and packages 2020-06-02 11:05:21 ==== 2020-06-02 11:05:21 Skipped test PKGS-7301 (Query FreeBSD pkg) 2020-06-02 11:05:21 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:21 ==== 2020-06-02 11:05:21 Skipped test PKGS-7302 (Query FreeBSD/NetBSD pkg_info) 2020-06-02 11:05:21 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:21 ==== 2020-06-02 11:05:21 Skipped test PKGS-7303 (Query brew package manager) 2020-06-02 11:05:21 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:21 Result: brew can NOT be found on this system 2020-06-02 11:05:21 ==== 2020-06-02 11:05:21 Skipped test PKGS-7304 (Querying Gentoo packages) 2020-06-02 11:05:21 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:21 Result: emerge can NOT be found on this system 2020-06-02 11:05:21 ==== 2020-06-02 11:05:21 Skipped test PKGS-7306 (Querying Solaris packages) 2020-06-02 11:05:21 Reason to skip: Incorrect guest OS (Solaris only) 2020-06-02 11:05:21 Result: pkginfo can NOT be found on this system 2020-06-02 11:05:21 ==== 2020-06-02 11:05:21 Performing test ID PKGS-7308 (Checking package list with RPM) 2020-06-02 11:05:21 Result: Found rpm binary (/usr/bin/rpm) 2020-06-02 11:05:21 Test: Querying 'rpm -qa' to get package list 2020-06-02 11:05:21 Output: 2020-06-02 11:05:21 -------- 2020-06-02 11:05:22 Found package: abrt,2.1.11-52.el7.centos.x86_64 2020-06-02 11:05:22 Found package: abrt-addon-ccpp,2.1.11-52.el7.centos.x86_64 2020-06-02 11:05:22 Found package: abrt-addon-kerneloops,2.1.11-52.el7.centos.x86_64 2020-06-02 11:05:22 Found package: abrt-addon-pstoreoops,2.1.11-52.el7.centos.x86_64 2020-06-02 11:05:22 Found package: abrt-addon-python,2.1.11-52.el7.centos.x86_64 2020-06-02 11:05:22 Found package: abrt-addon-vmcore,2.1.11-52.el7.centos.x86_64 2020-06-02 11:05:22 Found package: abrt-addon-xorg,2.1.11-52.el7.centos.x86_64 2020-06-02 11:05:22 Found package: abrt-cli,2.1.11-52.el7.centos.x86_64 2020-06-02 11:05:22 Found package: abrt-console-notification,2.1.11-52.el7.centos.x86_64 2020-06-02 11:05:22 Found package: abrt-dbus,2.1.11-52.el7.centos.x86_64 2020-06-02 11:05:22 Found package: abrt-libs,2.1.11-52.el7.centos.x86_64 2020-06-02 11:05:22 Found package: abrt-python,2.1.11-52.el7.centos.x86_64 2020-06-02 11:05:22 Found package: abrt-retrace-client,2.1.11-52.el7.centos.x86_64 2020-06-02 11:05:22 Found package: abrt-tui,2.1.11-52.el7.centos.x86_64 2020-06-02 11:05:22 Found package: acl,2.2.51-14.el7.x86_64 2020-06-02 11:05:22 Found package: aic94xx-firmware,30-6.el7.noarch 2020-06-02 11:05:22 Found package: alsa-firmware,1.0.28-2.el7.noarch 2020-06-02 11:05:22 Found package: alsa-lib,1.1.6-2.el7.x86_64 2020-06-02 11:05:22 Found package: alsa-tools-firmware,1.1.0-1.el7.x86_64 2020-06-02 11:05:22 Found package: apr,1.4.8-3.el7_4.1.x86_64 2020-06-02 11:05:22 Found package: apr-util,1.5.2-6.el7.x86_64 2020-06-02 11:05:22 Found package: at,3.1.13-24.el7.x86_64 2020-06-02 11:05:22 Found package: attr,2.4.46-13.el7.x86_64 2020-06-02 11:05:22 Found package: audit,2.8.4-4.el7.x86_64 2020-06-02 11:05:22 Found package: audit-libs,2.8.4-4.el7.x86_64 2020-06-02 11:05:22 Found package: audit-libs-python,2.8.4-4.el7.x86_64 2020-06-02 11:05:22 Found package: augeas-libs,1.4.0-6.el7_6.1.x86_64 2020-06-02 11:05:22 Found package: authconfig,6.2.8-30.el7.x86_64 2020-06-02 11:05:22 Found package: autoconf,2.69-11.el7.noarch 2020-06-02 11:05:22 Found package: autogen-libopts,5.18-5.el7.x86_64 2020-06-02 11:05:22 Found package: automake,1.13.4-3.el7.noarch 2020-06-02 11:05:22 Found package: avahi-libs,0.6.31-19.el7.x86_64 2020-06-02 11:05:22 Found package: basesystem,10.0-7.el7.centos.noarch 2020-06-02 11:05:22 Found package: bash,4.2.46-31.el7.x86_64 2020-06-02 11:05:22 Found package: bash-completion,2.1-6.el7.noarch 2020-06-02 11:05:22 Found package: bc,1.06.95-13.el7.x86_64 2020-06-02 11:05:22 Found package: bind-libs,9.9.4-73.el7_6.x86_64 2020-06-02 11:05:22 Found package: bind-libs-lite,9.9.4-73.el7_6.x86_64 2020-06-02 11:05:22 Found package: bind-license,9.9.4-73.el7_6.noarch 2020-06-02 11:05:22 Found package: bind-utils,9.9.4-73.el7_6.x86_64 2020-06-02 11:05:22 Found package: binutils,2.27-34.base.el7.x86_64 2020-06-02 11:05:22 Found package: biosdevname,0.7.3-1.el7.x86_64 2020-06-02 11:05:22 Found package: bison,3.0.4-2.el7.x86_64 2020-06-02 11:05:22 Found package: blktrace,1.0.5-8.el7.x86_64 2020-06-02 11:05:22 Found package: boost-date-time,1.53.0-27.el7.x86_64 2020-06-02 11:05:22 Found package: boost-iostreams,1.53.0-27.el7.x86_64 2020-06-02 11:05:22 Found package: boost-random,1.53.0-27.el7.x86_64 2020-06-02 11:05:22 Found package: boost-system,1.53.0-27.el7.x86_64 2020-06-02 11:05:22 Found package: boost-thread,1.53.0-27.el7.x86_64 2020-06-02 11:05:22 Found package: bpftool,3.10.0-957.10.1.el7.x86_64 2020-06-02 11:05:23 Found package: bridge-utils,1.5-9.el7.x86_64 2020-06-02 11:05:23 Found package: btrfs-progs,4.9.1-1.el7.x86_64 2020-06-02 11:05:23 Found package: byacc,1.9.20130304-3.el7.x86_64 2020-06-02 11:05:23 Found package: bzip2,1.0.6-13.el7.x86_64 2020-06-02 11:05:23 Found package: bzip2-libs,1.0.6-13.el7.x86_64 2020-06-02 11:05:23 Found package: ca-certificates,2018.2.22-70.0.el7_5.noarch 2020-06-02 11:05:23 Found package: celt051,0.5.1.3-8.el7.x86_64 2020-06-02 11:05:23 Found package: centos-indexhtml,7-9.el7.centos.noarch 2020-06-02 11:05:23 Found package: centos-logos,70.0.6-3.el7.centos.noarch 2020-06-02 11:05:23 Found package: centos-release,7-6.1810.2.el7.centos.x86_64 2020-06-02 11:05:23 Found package: centos-release-qemu-ev,1.0-4.el7.centos.noarch 2020-06-02 11:05:23 Found package: centos-release-virt-common,1-1.el7.centos.noarch 2020-06-02 11:05:23 Found package: checkpolicy,2.5-8.el7.x86_64 2020-06-02 11:05:23 Found package: chkconfig,1.7.4-1.el7.x86_64 2020-06-02 11:05:23 Found package: chrony,3.2-2.el7.x86_64 2020-06-02 11:05:23 Found package: compat-db47,4.7.25-28.el7.x86_64 2020-06-02 11:05:23 Found package: compat-db-headers,4.7.25-28.el7.noarch 2020-06-02 11:05:23 Found package: compat-exiv2-023,0.23-2.el7.x86_64 2020-06-02 11:05:23 Found package: compat-glibc,2.12-4.el7.centos.x86_64 2020-06-02 11:05:23 Found package: compat-glibc-headers,2.12-4.el7.centos.x86_64 2020-06-02 11:05:23 Found package: compat-libcap1,1.10-7.el7.x86_64 2020-06-02 11:05:23 Found package: compat-libf2c-34,3.4.6-32.el7.x86_64 2020-06-02 11:05:23 Found package: compat-libgfortran-41,4.1.2-44.el7.x86_64 2020-06-02 11:05:23 Found package: compat-libtiff3,3.9.4-11.el7.x86_64 2020-06-02 11:05:23 Found package: compat-openldap,2.3.43-5.el7.x86_64 2020-06-02 11:05:23 Found package: containernetworking-plugins,0.8.1-2.el7.centos.x86_64 2020-06-02 11:05:23 Found package: containers-common,0.1.35-2.git404c5bd.el7.centos.x86_64 2020-06-02 11:05:23 Found package: container-selinux,2.95-2.el7_6.noarch 2020-06-02 11:05:23 Found package: coreutils,8.22-23.el7.x86_64 2020-06-02 11:05:23 Found package: cpio,2.11-27.el7.x86_64 2020-06-02 11:05:23 Found package: cpp,4.8.5-36.el7_6.1.x86_64 2020-06-02 11:05:23 Found package: cracklib,2.9.0-11.el7.x86_64 2020-06-02 11:05:23 Found package: cracklib-dicts,2.9.0-11.el7.x86_64 2020-06-02 11:05:23 Found package: crash,7.2.3-8.el7.x86_64 2020-06-02 11:05:23 Found package: crash-gcore-command,1.3.1-0.el7.x86_64 2020-06-02 11:05:23 Found package: crash-ptdump-command,1.0.3-2.el7.x86_64 2020-06-02 11:05:23 Found package: crash-trace-command,2.0-14.el7.x86_64 2020-06-02 11:05:23 Found package: crda,3.18_2018.05.31-4.el7.x86_64 2020-06-02 11:05:23 Found package: criu,3.9-5.el7.x86_64 2020-06-02 11:05:23 Found package: cronie,1.4.11-20.el7_6.x86_64 2020-06-02 11:05:23 Found package: cronie-anacron,1.4.11-20.el7_6.x86_64 2020-06-02 11:05:23 Found package: crontabs,1.11-6.20121102git.el7.noarch 2020-06-02 11:05:23 Found package: cryptsetup,2.0.3-3.el7.x86_64 2020-06-02 11:05:23 Found package: cryptsetup-libs,2.0.3-3.el7.x86_64 2020-06-02 11:05:23 Found package: cscope,15.8-10.el7.x86_64 2020-06-02 11:05:23 Found package: ctags,5.8-13.el7.x86_64 2020-06-02 11:05:23 Found package: curl,7.29.0-51.el7.x86_64 2020-06-02 11:05:23 Found package: cvs,1.11.23-35.el7.x86_64 2020-06-02 11:05:23 Found package: cvsps,2.2-0.14.b1.el7.x86_64 2020-06-02 11:05:23 Found package: cyrus-sasl,2.1.26-23.el7.x86_64 2020-06-02 11:05:23 Found package: cyrus-sasl-gssapi,2.1.26-23.el7.x86_64 2020-06-02 11:05:23 Found package: cyrus-sasl-lib,2.1.26-23.el7.x86_64 2020-06-02 11:05:23 Found package: cyrus-sasl-plain,2.1.26-23.el7.x86_64 2020-06-02 11:05:23 Found package: dbus,1.10.24-13.el7_6.x86_64 2020-06-02 11:05:23 Found package: dbus-glib,0.100-7.el7.x86_64 2020-06-02 11:05:23 Found package: dbus-libs,1.10.24-13.el7_6.x86_64 2020-06-02 11:05:23 Found package: dbus-python,1.1.1-9.el7.x86_64 2020-06-02 11:05:23 Found package: dejavu-fonts-common,2.33-6.el7.noarch 2020-06-02 11:05:23 Found package: dejavu-sans-fonts,2.33-6.el7.noarch 2020-06-02 11:05:23 Found package: desktop-file-utils,0.23-1.el7.x86_64 2020-06-02 11:05:23 Found package: device-mapper,1.02.149-10.el7_6.3.x86_64 2020-06-02 11:05:23 Found package: device-mapper-event,1.02.149-10.el7_6.3.x86_64 2020-06-02 11:05:23 Found package: device-mapper-event-libs,1.02.149-10.el7_6.3.x86_64 2020-06-02 11:05:23 Found package: device-mapper-libs,1.02.149-10.el7_6.3.x86_64 2020-06-02 11:05:23 Found package: device-mapper-multipath-libs,0.4.9-123.el7.x86_64 2020-06-02 11:05:23 Found package: device-mapper-persistent-data,0.7.3-3.el7.x86_64 2020-06-02 11:05:23 Found package: dhclient,4.2.5-68.el7.centos.1.x86_64 2020-06-02 11:05:23 Found package: dhcp-common,4.2.5-68.el7.centos.1.x86_64 2020-06-02 11:05:23 Found package: dhcp-libs,4.2.5-68.el7.centos.1.x86_64 2020-06-02 11:05:23 Found package: diffstat,1.57-4.el7.x86_64 2020-06-02 11:05:23 Found package: diffutils,3.3-4.el7.x86_64 2020-06-02 11:05:23 Found package: dmidecode,3.1-2.el7.x86_64 2020-06-02 11:05:23 Found package: dmraid,1.0.0.rc16-28.el7.x86_64 2020-06-02 11:05:23 Found package: dmraid-events,1.0.0.rc16-28.el7.x86_64 2020-06-02 11:05:23 Found package: dnsmasq,2.76-7.el7.x86_64 2020-06-02 11:05:23 Found package: dosfstools,3.0.20-10.el7.x86_64 2020-06-02 11:05:23 Found package: doxygen,1.8.5-3.el7.x86_64 2020-06-02 11:05:23 Found package: dracut,033-554.el7.x86_64 2020-06-02 11:05:23 Found package: dracut-config-rescue,033-554.el7.x86_64 2020-06-02 11:05:23 Found package: dracut-network,033-554.el7.x86_64 2020-06-02 11:05:23 Found package: dwz,0.11-3.el7.x86_64 2020-06-02 11:05:23 Found package: dyninst,9.3.1-2.el7.x86_64 2020-06-02 11:05:23 Found package: e2fsprogs,1.42.9-13.el7.x86_64 2020-06-02 11:05:23 Found package: e2fsprogs-libs,1.42.9-13.el7.x86_64 2020-06-02 11:05:23 Found package: ebtables,2.0.10-16.el7.x86_64 2020-06-02 11:05:23 Found package: ed,1.9-4.el7.x86_64 2020-06-02 11:05:23 Found package: efivar-libs,36-11.el7_6.1.x86_64 2020-06-02 11:05:23 Found package: elfutils,0.172-2.el7.x86_64 2020-06-02 11:05:23 Found package: elfutils-default-yama-scope,0.172-2.el7.noarch 2020-06-02 11:05:23 Found package: elfutils-libelf,0.172-2.el7.x86_64 2020-06-02 11:05:23 Found package: elfutils-libs,0.172-2.el7.x86_64 2020-06-02 11:05:23 Found package: emacs-common,24.3-22.el7.x86_64 2020-06-02 11:05:23 Found package: emacs-filesystem,24.3-22.el7.noarch 2020-06-02 11:05:23 Found package: emacs-nox,24.3-22.el7.x86_64 2020-06-02 11:05:23 Found package: epel-release,7-12.noarch 2020-06-02 11:05:23 Found package: ethtool,4.8-9.el7.x86_64 2020-06-02 11:05:23 Found package: expat,2.1.0-10.el7_3.x86_64 2020-06-02 11:05:23 Found package: file,5.11-35.el7.x86_64 2020-06-02 11:05:23 Found package: file-libs,5.11-35.el7.x86_64 2020-06-02 11:05:23 Found package: filesystem,3.2-25.el7.x86_64 2020-06-02 11:05:23 Found package: findutils,4.5.11-6.el7.x86_64 2020-06-02 11:05:23 Found package: fipscheck,1.4.1-6.el7.x86_64 2020-06-02 11:05:23 Found package: fipscheck-lib,1.4.1-6.el7.x86_64 2020-06-02 11:05:23 Found package: firewalld,0.5.3-5.el7.noarch 2020-06-02 11:05:23 Found package: firewalld-filesystem,0.5.3-5.el7.noarch 2020-06-02 11:05:23 Found package: flac-libs,1.3.0-5.el7_1.x86_64 2020-06-02 11:05:23 Found package: flex,2.5.37-6.el7.x86_64 2020-06-02 11:05:23 Found package: fontconfig,2.13.0-4.3.el7.x86_64 2020-06-02 11:05:23 Found package: fontpackages-filesystem,1.44-8.el7.noarch 2020-06-02 11:05:23 Found package: fprintd,0.8.1-2.el7.x86_64 2020-06-02 11:05:23 Found package: fprintd-pam,0.8.1-2.el7.x86_64 2020-06-02 11:05:23 Found package: freetype,2.8-12.el7_6.1.x86_64 2020-06-02 11:05:23 Found package: fuse,2.9.2-11.el7.x86_64 2020-06-02 11:05:23 Found package: fuse-libs,2.9.2-11.el7.x86_64 2020-06-02 11:05:23 Found package: fxload,2002_04_11-16.el7.x86_64 2020-06-02 11:05:23 Found package: gawk,4.0.2-4.el7_3.1.x86_64 2020-06-02 11:05:23 Found package: gcc,4.8.5-36.el7_6.1.x86_64 2020-06-02 11:05:23 Found package: gcc-c++,4.8.5-36.el7_6.1.x86_64 2020-06-02 11:05:23 Found package: gcc-gfortran,4.8.5-36.el7_6.1.x86_64 2020-06-02 11:05:23 Found package: gdb,7.6.1-114.el7.x86_64 2020-06-02 11:05:23 Found package: gdbm,1.10-8.el7.x86_64 2020-06-02 11:05:23 Found package: gdisk,0.8.10-2.el7.x86_64 2020-06-02 11:05:23 Found package: genisoimage,1.1.11-25.el7.x86_64 2020-06-02 11:05:23 Found package: GeoIP,1.5.0-13.el7.x86_64 2020-06-02 11:05:23 Found package: gettext,0.19.8.1-2.el7.x86_64 2020-06-02 11:05:23 Found package: gettext-common-devel,0.19.8.1-2.el7.noarch 2020-06-02 11:05:23 Found package: gettext-libs,0.19.8.1-2.el7.x86_64 2020-06-02 11:05:23 Found package: git2u-core,2.16.5-1.ius.centos7.x86_64 2020-06-02 11:05:23 Found package: git2u-core-doc,2.16.5-1.ius.centos7.noarch 2020-06-02 11:05:23 Found package: git2u-subtree,2.16.5-1.ius.centos7.x86_64 2020-06-02 11:05:23 Found package: glib2,2.56.1-2.el7.x86_64 2020-06-02 11:05:23 Found package: glibc,2.17-260.el7_6.4.x86_64 2020-06-02 11:05:23 Found package: glibc-common,2.17-260.el7_6.4.x86_64 2020-06-02 11:05:23 Found package: glibc-devel,2.17-260.el7_6.4.x86_64 2020-06-02 11:05:23 Found package: glibc-headers,2.17-260.el7_6.4.x86_64 2020-06-02 11:05:23 Found package: glusterfs,6.0-29.el7.x86_64 2020-06-02 11:05:23 Found package: glusterfs-api,6.0-29.el7.x86_64 2020-06-02 11:05:23 Found package: glusterfs-cli,6.0-29.el7.x86_64 2020-06-02 11:05:23 Found package: glusterfs-client-xlators,6.0-29.el7.x86_64 2020-06-02 11:05:23 Found package: glusterfs-libs,6.0-29.el7.x86_64 2020-06-02 11:05:23 Found package: gmp,6.0.0-15.el7.x86_64 2020-06-02 11:05:23 Found package: gnupg2,2.0.22-5.el7_5.x86_64 2020-06-02 11:05:23 Found package: gnutls,3.3.29-9.el7_6.x86_64 2020-06-02 11:05:24 Found package: gnutls-dane,3.3.29-9.el7_6.x86_64 2020-06-02 11:05:24 Found package: gnutls-utils,3.3.29-9.el7_6.x86_64 2020-06-02 11:05:24 Found package: gobject-introspection,1.56.1-1.el7.x86_64 2020-06-02 11:05:24 Found package: golang,1.14.3-0.el7.x86_64 2020-06-02 11:05:24 Found package: golang-bin,1.14.3-0.el7.x86_64 2020-06-02 11:05:24 Found package: golang-src,1.14.3-0.el7.noarch 2020-06-02 11:05:24 Found package: gperftools-libs,2.6.1-1.el7.x86_64 2020-06-02 11:05:24 Found package: gpgme,1.3.2-5.el7.x86_64 2020-06-02 11:05:24 Found package: gpg-pubkey,352c64e5-52ae6884.(none) 2020-06-02 11:05:24 Found package: gpg-pubkey,61e8806c-5581df56.(none) 2020-06-02 11:05:24 Found package: gpg-pubkey,92735f2f-579a4bc1.(none) 2020-06-02 11:05:24 Found package: gpg-pubkey,9cd4953f-4a9da118.(none) 2020-06-02 11:05:24 Found package: gpg-pubkey,f4a80eb5-53a7ff4b.(none) 2020-06-02 11:05:24 Found package: gpm-libs,1.20.7-5.el7.x86_64 2020-06-02 11:05:24 Found package: grep,2.20-3.el7.x86_64 2020-06-02 11:05:24 Found package: groff-base,1.22.2-8.el7.x86_64 2020-06-02 11:05:24 Found package: grub2,2.02-0.76.el7.centos.1.x86_64 2020-06-02 11:05:24 Found package: grub2-common,2.02-0.76.el7.centos.1.noarch 2020-06-02 11:05:24 Found package: grub2-pc,2.02-0.76.el7.centos.1.x86_64 2020-06-02 11:05:24 Found package: grub2-pc-modules,2.02-0.76.el7.centos.1.noarch 2020-06-02 11:05:24 Found package: grub2-tools,2.02-0.76.el7.centos.1.x86_64 2020-06-02 11:05:24 Found package: grub2-tools-extra,2.02-0.76.el7.centos.1.x86_64 2020-06-02 11:05:24 Found package: grub2-tools-minimal,2.02-0.76.el7.centos.1.x86_64 2020-06-02 11:05:24 Found package: grubby,8.28-25.el7.x86_64 2020-06-02 11:05:24 Found package: gsm,1.0.13-11.el7.x86_64 2020-06-02 11:05:24 Found package: gssproxy,0.7.0-21.el7.x86_64 2020-06-02 11:05:24 Found package: gzip,1.5-10.el7.x86_64 2020-06-02 11:05:24 Found package: haproxy,1.5.18-8.el7.x86_64 2020-06-02 11:05:24 Found package: hardlink,1.0-19.el7.x86_64 2020-06-02 11:05:24 Found package: hivex,1.3.10-6.9.el7.x86_64 2020-06-02 11:05:24 Found package: hostname,3.13-3.el7.x86_64 2020-06-02 11:05:24 Found package: hunspell,1.3.2-15.el7.x86_64 2020-06-02 11:05:24 Found package: hunspell-en,0.20121024-6.el7.noarch 2020-06-02 11:05:24 Found package: hunspell-en-GB,0.20121024-6.el7.noarch 2020-06-02 11:05:24 Found package: hunspell-en-US,0.20121024-6.el7.noarch 2020-06-02 11:05:24 Found package: hwdata,0.252-9.1.el7.x86_64 2020-06-02 11:05:24 Found package: indent,2.2.11-13.el7.x86_64 2020-06-02 11:05:24 Found package: info,5.1-5.el7.x86_64 2020-06-02 11:05:24 Found package: initscripts,9.49.46-1.el7.x86_64 2020-06-02 11:05:24 Found package: ipmitool,1.8.18-7.el7.x86_64 2020-06-02 11:05:24 Found package: iproute,4.11.0-14.el7.x86_64 2020-06-02 11:05:24 Found package: iprutils,2.4.16.1-1.el7.x86_64 2020-06-02 11:05:24 Found package: ipset,6.38-3.el7_6.x86_64 2020-06-02 11:05:24 Found package: ipset-libs,6.38-3.el7_6.x86_64 2020-06-02 11:05:24 Found package: iptables,1.4.21-28.el7.x86_64 2020-06-02 11:05:24 Found package: iputils,20160308-10.el7.x86_64 2020-06-02 11:05:24 Found package: ipxe-roms-qemu,20170123-1.git4e85b27.el7_4.1.noarch 2020-06-02 11:05:24 Found package: irqbalance,1.0.7-11.el7.x86_64 2020-06-02 11:05:24 Found package: iscsi-initiator-utils,6.2.0.874-10.el7.x86_64 2020-06-02 11:05:24 Found package: iscsi-initiator-utils-iscsiuio,6.2.0.874-10.el7.x86_64 2020-06-02 11:05:24 Found package: ius-release,1.0-15.ius.centos7.noarch 2020-06-02 11:05:24 Found package: ivtv-firmware,20080701-26.el7.noarch 2020-06-02 11:05:24 Found package: iw,4.3-2.el7.x86_64 2020-06-02 11:05:24 Found package: iwl1000-firmware,39.31.5.1-69.el7.noarch 2020-06-02 11:05:24 Found package: iwl100-firmware,39.31.5.1-69.el7.noarch 2020-06-02 11:05:24 Found package: iwl105-firmware,18.168.6.1-69.el7.noarch 2020-06-02 11:05:24 Found package: iwl135-firmware,18.168.6.1-69.el7.noarch 2020-06-02 11:05:24 Found package: iwl2000-firmware,18.168.6.1-69.el7.noarch 2020-06-02 11:05:24 Found package: iwl2030-firmware,18.168.6.1-69.el7.noarch 2020-06-02 11:05:24 Found package: iwl3160-firmware,22.0.7.0-69.el7.noarch 2020-06-02 11:05:24 Found package: iwl3945-firmware,15.32.2.9-69.el7.noarch 2020-06-02 11:05:24 Found package: iwl4965-firmware,228.61.2.24-69.el7.noarch 2020-06-02 11:05:24 Found package: iwl5000-firmware,8.83.5.1_1-69.el7.noarch 2020-06-02 11:05:24 Found package: iwl5150-firmware,8.24.2.2-69.el7.noarch 2020-06-02 11:05:24 Found package: iwl6000-firmware,9.221.4.1-69.el7.noarch 2020-06-02 11:05:24 Found package: iwl6000g2a-firmware,17.168.5.3-69.el7.noarch 2020-06-02 11:05:24 Found package: iwl6000g2b-firmware,17.168.5.2-69.el7.noarch 2020-06-02 11:05:24 Found package: iwl6050-firmware,41.28.5.1-69.el7.noarch 2020-06-02 11:05:24 Found package: iwl7260-firmware,22.0.7.0-69.el7.noarch 2020-06-02 11:05:24 Found package: iwl7265-firmware,22.0.7.0-69.el7.noarch 2020-06-02 11:05:24 Found package: jansson,2.10-1.el7.x86_64 2020-06-02 11:05:24 Found package: jq,1.5-1.el7.x86_64 2020-06-02 11:05:24 Found package: json-c,0.11-4.el7_0.x86_64 2020-06-02 11:05:24 Found package: kbd,1.15.5-15.el7.x86_64 2020-06-02 11:05:24 Found package: kbd-legacy,1.15.5-15.el7.noarch 2020-06-02 11:05:24 Found package: kbd-misc,1.15.5-15.el7.noarch 2020-06-02 11:05:24 Found package: kernel,3.10.0-957.10.1.el7.x86_64 2020-06-02 11:05:24 Found package: kernel,3.10.0-957.el7.x86_64 2020-06-02 11:05:24 Found package: kernel-devel,3.10.0-957.10.1.el7.x86_64 2020-06-02 11:05:24 Found package: kernel-devel,3.10.0-957.el7.x86_64 2020-06-02 11:05:24 Found package: kernel-headers,3.10.0-957.10.1.el7.x86_64 2020-06-02 11:05:24 Found package: kernel-tools,3.10.0-957.10.1.el7.x86_64 2020-06-02 11:05:24 Found package: kernel-tools-libs,3.10.0-957.10.1.el7.x86_64 2020-06-02 11:05:24 Found package: kexec-tools,2.0.15-21.el7.x86_64 2020-06-02 11:05:24 Found package: keyutils,1.5.8-3.el7.x86_64 2020-06-02 11:05:24 Found package: keyutils-libs,1.5.8-3.el7.x86_64 2020-06-02 11:05:24 Found package: kmod,20-23.el7.x86_64 2020-06-02 11:05:24 Found package: kmod-kvdo,6.1.1.125-5.el7.x86_64 2020-06-02 11:05:24 Found package: kmod-libs,20-23.el7.x86_64 2020-06-02 11:05:24 Found package: kpartx,0.4.9-123.el7.x86_64 2020-06-02 11:05:24 Found package: kpatch,0.6.1-1.el7.noarch 2020-06-02 11:05:24 Found package: krb5-libs,1.15.1-37.el7_6.x86_64 2020-06-02 11:05:24 Found package: langtable,0.0.31-3.el7.noarch 2020-06-02 11:05:24 Found package: langtable-data,0.0.31-3.el7.noarch 2020-06-02 11:05:24 Found package: langtable-python,0.0.31-3.el7.noarch 2020-06-02 11:05:24 Found package: latrace,0.5.11-6.1.el7.x86_64 2020-06-02 11:05:24 Found package: ledmon,0.90-1.el7.x86_64 2020-06-02 11:05:24 Found package: less,458-9.el7.x86_64 2020-06-02 11:05:24 Found package: libacl,2.2.51-14.el7.x86_64 2020-06-02 11:05:24 Found package: libaio,0.3.109-13.el7.x86_64 2020-06-02 11:05:24 Found package: libarchive,3.1.2-14.el7_7.x86_64 2020-06-02 11:05:24 Found package: libassuan,2.1.0-3.el7.x86_64 2020-06-02 11:05:24 Found package: libasyncns,0.8-7.el7.x86_64 2020-06-02 11:05:24 Found package: libattr,2.4.46-13.el7.x86_64 2020-06-02 11:05:24 Found package: libbasicobjects,0.1.1-32.el7.x86_64 2020-06-02 11:05:24 Found package: libblkid,2.23.2-59.el7_6.1.x86_64 2020-06-02 11:05:24 Found package: libcacard,2.5.2-2.1.el7.x86_64 2020-06-02 11:05:24 Found package: libcap,2.22-9.el7.x86_64 2020-06-02 11:05:24 Found package: libcap-ng,0.7.5-4.el7.x86_64 2020-06-02 11:05:24 Found package: libcgroup,0.41-20.el7.x86_64 2020-06-02 11:05:24 Found package: libcollection,0.7.0-32.el7.x86_64 2020-06-02 11:05:24 Found package: libcom_err,1.42.9-13.el7.x86_64 2020-06-02 11:05:24 Found package: libconfig,1.4.9-5.el7.x86_64 2020-06-02 11:05:24 Found package: libcroco,0.6.12-4.el7.x86_64 2020-06-02 11:05:24 Found package: libcurl,7.29.0-51.el7.x86_64 2020-06-02 11:05:24 Found package: libdaemon,0.14-7.el7.x86_64 2020-06-02 11:05:24 Found package: libdb,5.3.21-24.el7.x86_64 2020-06-02 11:05:24 Found package: libdb-utils,5.3.21-24.el7.x86_64 2020-06-02 11:05:24 Found package: libdrm,2.4.91-3.el7.x86_64 2020-06-02 11:05:24 Found package: libdwarf,20130207-4.el7.x86_64 2020-06-02 11:05:24 Found package: libedit,3.0-12.20121213cvs.el7.x86_64 2020-06-02 11:05:24 Found package: libepoxy,1.5.2-1.el7.x86_64 2020-06-02 11:05:24 Found package: libestr,0.1.9-2.el7.x86_64 2020-06-02 11:05:24 Found package: libevent,2.0.21-4.el7.x86_64 2020-06-02 11:05:24 Found package: libfastjson,0.99.4-3.el7.x86_64 2020-06-02 11:05:24 Found package: libffi,3.0.13-18.el7.x86_64 2020-06-02 11:05:24 Found package: libfprint,0.8.2-1.el7.x86_64 2020-06-02 11:05:24 Found package: libgcc,4.8.5-36.el7_6.1.x86_64 2020-06-02 11:05:24 Found package: libgcrypt,1.5.3-14.el7.x86_64 2020-06-02 11:05:24 Found package: libgfortran,4.8.5-36.el7_6.1.x86_64 2020-06-02 11:05:24 Found package: libglvnd,1.0.1-0.8.git5baa1e5.el7.x86_64 2020-06-02 11:05:24 Found package: libglvnd-egl,1.0.1-0.8.git5baa1e5.el7.x86_64 2020-06-02 11:05:24 Found package: libglvnd-glx,1.0.1-0.8.git5baa1e5.el7.x86_64 2020-06-02 11:05:24 Found package: libgomp,4.8.5-36.el7_6.1.x86_64 2020-06-02 11:05:24 Found package: libgpg-error,1.12-3.el7.x86_64 2020-06-02 11:05:24 Found package: libguestfs,1.38.2-12.el7_6.2.x86_64 2020-06-02 11:05:24 Found package: libibumad,17.2-3.el7.x86_64 2020-06-02 11:05:24 Found package: libibverbs,17.2-3.el7.x86_64 2020-06-02 11:05:24 Found package: libICE,1.0.9-9.el7.x86_64 2020-06-02 11:05:24 Found package: libidn,1.28-4.el7.x86_64 2020-06-02 11:05:24 Found package: libini_config,1.3.1-32.el7.x86_64 2020-06-02 11:05:24 Found package: libiscsi,1.9.0-7.el7.x86_64 2020-06-02 11:05:24 Found package: libjpeg-turbo,1.2.90-6.el7.x86_64 2020-06-02 11:05:24 Found package: liblockfile,1.08-17.el7.x86_64 2020-06-02 11:05:24 Found package: libmnl,1.0.3-7.el7.x86_64 2020-06-02 11:05:24 Found package: libmodman,2.0.1-8.el7.x86_64 2020-06-02 11:05:24 Found package: libmount,2.23.2-59.el7_6.1.x86_64 2020-06-02 11:05:24 Found package: libmpc,1.0.1-3.el7.x86_64 2020-06-02 11:05:25 Found package: libndp,1.2-7.el7.x86_64 2020-06-02 11:05:25 Found package: libnet,1.1.6-7.el7.x86_64 2020-06-02 11:05:25 Found package: libnetfilter_conntrack,1.0.6-1.el7_3.x86_64 2020-06-02 11:05:25 Found package: libnfnetlink,1.0.1-4.el7.x86_64 2020-06-02 11:05:25 Found package: libnfsidmap,0.25-19.el7.x86_64 2020-06-02 11:05:25 Found package: libnl,1.1.4-3.el7.x86_64 2020-06-02 11:05:25 Found package: libnl3,3.2.28-4.el7.x86_64 2020-06-02 11:05:25 Found package: libnl3-cli,3.2.28-4.el7.x86_64 2020-06-02 11:05:25 Found package: libogg,1.3.0-7.el7.x86_64 2020-06-02 11:05:25 Found package: libosinfo,1.1.0-5.el7.x86_64 2020-06-02 11:05:25 Found package: libpath_utils,0.2.1-32.el7.x86_64 2020-06-02 11:05:25 Found package: libpcap,1.5.3-11.el7.x86_64 2020-06-02 11:05:25 Found package: libpciaccess,0.14-1.el7.x86_64 2020-06-02 11:05:25 Found package: libpipeline,1.2.3-3.el7.x86_64 2020-06-02 11:05:25 Found package: libpng12,1.2.50-10.el7.x86_64 2020-06-02 11:05:25 Found package: libpng,1.5.13-7.el7_2.x86_64 2020-06-02 11:05:25 Found package: libproxy,0.4.11-11.el7.x86_64 2020-06-02 11:05:25 Found package: libpwquality,1.2.3-5.el7.x86_64 2020-06-02 11:05:25 Found package: libquadmath,4.8.5-36.el7_6.1.x86_64 2020-06-02 11:05:25 Found package: libquadmath-devel,4.8.5-36.el7_6.1.x86_64 2020-06-02 11:05:25 Found package: librados2,10.2.5-4.el7.x86_64 2020-06-02 11:05:25 Found package: librbd1,10.2.5-4.el7.x86_64 2020-06-02 11:05:25 Found package: librdmacm,17.2-3.el7.x86_64 2020-06-02 11:05:25 Found package: libref_array,0.1.5-32.el7.x86_64 2020-06-02 11:05:25 Found package: libreport,2.1.11-42.el7.centos.x86_64 2020-06-02 11:05:25 Found package: libreport-centos,2.1.11-42.el7.centos.x86_64 2020-06-02 11:05:25 Found package: libreport-cli,2.1.11-42.el7.centos.x86_64 2020-06-02 11:05:25 Found package: libreport-filesystem,2.1.11-42.el7.centos.x86_64 2020-06-02 11:05:25 Found package: libreport-plugin-mailx,2.1.11-42.el7.centos.x86_64 2020-06-02 11:05:25 Found package: libreport-plugin-mantisbt,2.1.11-42.el7.centos.x86_64 2020-06-02 11:05:25 Found package: libreport-plugin-rhtsupport,2.1.11-42.el7.centos.x86_64 2020-06-02 11:05:25 Found package: libreport-plugin-ureport,2.1.11-42.el7.centos.x86_64 2020-06-02 11:05:25 Found package: libreport-python,2.1.11-42.el7.centos.x86_64 2020-06-02 11:05:25 Found package: libreport-web,2.1.11-42.el7.centos.x86_64 2020-06-02 11:05:25 Found package: libseccomp,2.3.1-3.el7.x86_64 2020-06-02 11:05:25 Found package: libsecret,0.18.6-1.el7.x86_64 2020-06-02 11:05:25 Found package: libselinux,2.5-14.1.el7.x86_64 2020-06-02 11:05:25 Found package: libselinux-python,2.5-14.1.el7.x86_64 2020-06-02 11:05:25 Found package: libselinux-utils,2.5-14.1.el7.x86_64 2020-06-02 11:05:25 Found package: libsemanage,2.5-14.el7.x86_64 2020-06-02 11:05:25 Found package: libsemanage-python,2.5-14.el7.x86_64 2020-06-02 11:05:25 Found package: libsepol,2.5-10.el7.x86_64 2020-06-02 11:05:25 Found package: libSM,1.2.2-2.el7.x86_64 2020-06-02 11:05:25 Found package: libsmartcols,2.23.2-59.el7_6.1.x86_64 2020-06-02 11:05:25 Found package: libsndfile,1.0.25-10.el7.x86_64 2020-06-02 11:05:25 Found package: libss,1.42.9-13.el7.x86_64 2020-06-02 11:05:25 Found package: libssh,0.7.1-7.el7.x86_64 2020-06-02 11:05:25 Found package: libssh2,1.4.3-12.el7_6.2.x86_64 2020-06-02 11:05:25 Found package: libsss_idmap,1.16.2-13.el7_6.5.x86_64 2020-06-02 11:05:25 Found package: libsss_nss_idmap,1.16.2-13.el7_6.5.x86_64 2020-06-02 11:05:25 Found package: libstdc++,4.8.5-36.el7_6.1.x86_64 2020-06-02 11:05:25 Found package: libstdc++-devel,4.8.5-36.el7_6.1.x86_64 2020-06-02 11:05:25 Found package: libstoragemgmt,1.6.2-4.el7.x86_64 2020-06-02 11:05:25 Found package: libstoragemgmt-python,1.6.2-4.el7.noarch 2020-06-02 11:05:25 Found package: libstoragemgmt-python-clibs,1.6.2-4.el7.x86_64 2020-06-02 11:05:25 Found package: libsysfs,2.1.0-16.el7.x86_64 2020-06-02 11:05:25 Found package: libtar,1.2.11-29.el7.x86_64 2020-06-02 11:05:25 Found package: libtasn1,4.10-1.el7.x86_64 2020-06-02 11:05:25 Found package: libteam,1.27-5.el7.x86_64 2020-06-02 11:05:25 Found package: libtirpc,0.2.4-0.15.el7.x86_64 2020-06-02 11:05:25 Found package: libtool,2.4.2-22.el7_3.x86_64 2020-06-02 11:05:25 Found package: libunistring,0.9.3-9.el7.x86_64 2020-06-02 11:05:25 Found package: libusal,1.1.11-25.el7.x86_64 2020-06-02 11:05:25 Found package: libusbx,1.0.21-1.el7.x86_64 2020-06-02 11:05:25 Found package: libuser,0.60-9.el7.x86_64 2020-06-02 11:05:25 Found package: libutempter,1.1.6-4.el7.x86_64 2020-06-02 11:05:25 Found package: libuuid,2.23.2-59.el7_6.1.x86_64 2020-06-02 11:05:25 Found package: libverto,0.2.5-4.el7.x86_64 2020-06-02 11:05:25 Found package: libverto-libevent,0.2.5-4.el7.x86_64 2020-06-02 11:05:25 Found package: libvirt,5.0.0-1.el7.x86_64 2020-06-02 11:05:25 Found package: libvirt-bash-completion,5.0.0-1.el7.x86_64 2020-06-02 11:05:25 Found package: libvirt-client,5.0.0-1.el7.x86_64 2020-06-02 11:05:25 Found package: libvirt-daemon,5.0.0-1.el7.x86_64 2020-06-02 11:05:25 Found package: libvirt-daemon-config-network,5.0.0-1.el7.x86_64 2020-06-02 11:05:25 Found package: libvirt-daemon-config-nwfilter,5.0.0-1.el7.x86_64 2020-06-02 11:05:25 Found package: libvirt-daemon-driver-interface,5.0.0-1.el7.x86_64 2020-06-02 11:05:25 Found package: libvirt-daemon-driver-lxc,5.0.0-1.el7.x86_64 2020-06-02 11:05:25 Found package: libvirt-daemon-driver-network,5.0.0-1.el7.x86_64 2020-06-02 11:05:25 Found package: libvirt-daemon-driver-nodedev,5.0.0-1.el7.x86_64 2020-06-02 11:05:25 Found package: libvirt-daemon-driver-nwfilter,5.0.0-1.el7.x86_64 2020-06-02 11:05:25 Found package: libvirt-daemon-driver-qemu,5.0.0-1.el7.x86_64 2020-06-02 11:05:25 Found package: libvirt-daemon-driver-secret,5.0.0-1.el7.x86_64 2020-06-02 11:05:25 Found package: libvirt-daemon-driver-storage,5.0.0-1.el7.x86_64 2020-06-02 11:05:25 Found package: libvirt-daemon-driver-storage-core,5.0.0-1.el7.x86_64 2020-06-02 11:05:25 Found package: libvirt-daemon-driver-storage-disk,5.0.0-1.el7.x86_64 2020-06-02 11:05:25 Found package: libvirt-daemon-driver-storage-gluster,5.0.0-1.el7.x86_64 2020-06-02 11:05:25 Found package: libvirt-daemon-driver-storage-iscsi,5.0.0-1.el7.x86_64 2020-06-02 11:05:25 Found package: libvirt-daemon-driver-storage-logical,5.0.0-1.el7.x86_64 2020-06-02 11:05:25 Found package: libvirt-daemon-driver-storage-mpath,5.0.0-1.el7.x86_64 2020-06-02 11:05:25 Found package: libvirt-daemon-driver-storage-rbd,5.0.0-1.el7.x86_64 2020-06-02 11:05:25 Found package: libvirt-daemon-driver-storage-scsi,5.0.0-1.el7.x86_64 2020-06-02 11:05:25 Found package: libvirt-daemon-kvm,5.0.0-1.el7.x86_64 2020-06-02 11:05:25 Found package: libvirt-devel,5.0.0-1.el7.x86_64 2020-06-02 11:05:25 Found package: libvirt-libs,5.0.0-1.el7.x86_64 2020-06-02 11:05:25 Found package: libvirt-python,4.5.0-1.el7.x86_64 2020-06-02 11:05:25 Found package: libvorbis,1.3.3-8.el7.1.x86_64 2020-06-02 11:05:25 Found package: libwayland-client,1.15.0-1.el7.x86_64 2020-06-02 11:05:25 Found package: libwayland-server,1.15.0-1.el7.x86_64 2020-06-02 11:05:25 Found package: libX11,1.6.5-2.el7.x86_64 2020-06-02 11:05:25 Found package: libX11-common,1.6.5-2.el7.noarch 2020-06-02 11:05:25 Found package: libXau,1.0.8-2.1.el7.x86_64 2020-06-02 11:05:25 Found package: libxcb,1.13-1.el7.x86_64 2020-06-02 11:05:25 Found package: libXdamage,1.1.4-4.1.el7.x86_64 2020-06-02 11:05:25 Found package: libXext,1.3.3-3.el7.x86_64 2020-06-02 11:05:25 Found package: libXfixes,5.0.3-1.el7.x86_64 2020-06-02 11:05:25 Found package: libXft,2.3.2-2.el7.x86_64 2020-06-02 11:05:25 Found package: libXi,1.7.9-1.el7.x86_64 2020-06-02 11:05:25 Found package: libxml2,2.9.1-6.el7_2.3.x86_64 2020-06-02 11:05:25 Found package: libxml2-python,2.9.1-6.el7_2.3.x86_64 2020-06-02 11:05:25 Found package: libXrender,0.9.10-1.el7.x86_64 2020-06-02 11:05:25 Found package: libxshmfence,1.2-1.el7.x86_64 2020-06-02 11:05:25 Found package: libxslt,1.1.28-5.el7.x86_64 2020-06-02 11:05:25 Found package: libXtst,1.2.3-1.el7.x86_64 2020-06-02 11:05:25 Found package: libXxf86vm,1.1.4-1.el7.x86_64 2020-06-02 11:05:25 Found package: linux-firmware,20180911-69.git85c5d90.el7.noarch 2020-06-02 11:05:25 Found package: llvm-private,7.0.1-1.el7.x86_64 2020-06-02 11:05:25 Found package: lm_sensors-libs,3.4.0-6.20160601gitf9185e5.el7.x86_64 2020-06-02 11:05:25 Found package: logrotate,3.8.6-17.el7.x86_64 2020-06-02 11:05:25 Found package: lshw,B.02.18-12.el7.x86_64 2020-06-02 11:05:25 Found package: lsof,4.87-6.el7.x86_64 2020-06-02 11:05:25 Found package: lsscsi,0.27-6.el7.x86_64 2020-06-02 11:05:25 Found package: ltrace,0.7.91-15.el7.x86_64 2020-06-02 11:05:25 Found package: lua,5.1.4-15.el7.x86_64 2020-06-02 11:05:25 Found package: lvm2,2.02.180-10.el7_6.3.x86_64 2020-06-02 11:05:25 Found package: lvm2-libs,2.02.180-10.el7_6.3.x86_64 2020-06-02 11:05:25 Found package: lz4,1.7.5-2.el7.x86_64 2020-06-02 11:05:25 Found package: lzo,2.06-8.el7.x86_64 2020-06-02 11:05:25 Found package: lzop,1.03-10.el7.x86_64 2020-06-02 11:05:25 Found package: m2crypto,0.21.1-17.el7.x86_64 2020-06-02 11:05:25 Found package: m4,1.4.16-10.el7.x86_64 2020-06-02 11:05:25 Found package: mailx,12.5-19.el7.x86_64 2020-06-02 11:05:25 Found package: make,3.82-23.el7.x86_64 2020-06-02 11:05:25 Found package: man-db,2.6.3-11.el7.x86_64 2020-06-02 11:05:25 Found package: man-pages,3.53-5.el7.noarch 2020-06-02 11:05:25 Found package: man-pages-overrides,7.6.2-1.el7.x86_64 2020-06-02 11:05:25 Found package: mariadb-libs,5.5.60-1.el7_5.x86_64 2020-06-02 11:05:25 Found package: mdadm,4.1-rc1_2.el7.x86_64 2020-06-02 11:05:25 Found package: memstomp,0.1.4-11.el7.x86_64 2020-06-02 11:05:25 Found package: mesa-dri-drivers,18.3.4-5.el7.x86_64 2020-06-02 11:05:25 Found package: mesa-filesystem,18.3.4-5.el7.x86_64 2020-06-02 11:05:25 Found package: mesa-libEGL,18.3.4-5.el7.x86_64 2020-06-02 11:05:25 Found package: mesa-libgbm,18.3.4-5.el7.x86_64 2020-06-02 11:05:25 Found package: mesa-libGL,18.3.4-5.el7.x86_64 2020-06-02 11:05:25 Found package: mesa-libglapi,18.3.4-5.el7.x86_64 2020-06-02 11:05:26 Found package: microcode_ctl,2.1-47.el7.x86_64 2020-06-02 11:05:26 Found package: mlocate,0.26-8.el7.x86_64 2020-06-02 11:05:26 Found package: mokutil,15-2.el7.centos.x86_64 2020-06-02 11:05:26 Found package: mozjs17,17.0.0-20.el7.x86_64 2020-06-02 11:05:26 Found package: mpfr,3.1.1-4.el7.x86_64 2020-06-02 11:05:26 Found package: msgpack,1.4.1-1.el7.x86_64 2020-06-02 11:05:26 Found package: mtools,4.0.18-5.el7.x86_64 2020-06-02 11:05:26 Found package: mtr,0.85-7.el7.x86_64 2020-06-02 11:05:26 Found package: nano,2.3.1-10.el7.x86_64 2020-06-02 11:05:26 Found package: ncurses,5.9-14.20130511.el7_4.x86_64 2020-06-02 11:05:26 Found package: ncurses-base,5.9-14.20130511.el7_4.noarch 2020-06-02 11:05:26 Found package: ncurses-libs,5.9-14.20130511.el7_4.x86_64 2020-06-02 11:05:26 Found package: neon,0.30.0-3.el7.x86_64 2020-06-02 11:05:26 Found package: netcf-libs,0.2.8-4.el7.x86_64 2020-06-02 11:05:26 Found package: net-snmp-libs,5.7.2-37.el7.x86_64 2020-06-02 11:05:26 Found package: nettle,2.7.1-8.el7.x86_64 2020-06-02 11:05:26 Found package: net-tools,2.0-0.24.20131004git.el7.x86_64 2020-06-02 11:05:26 Found package: NetworkManager,1.12.0-10.el7_6.x86_64 2020-06-02 11:05:26 Found package: NetworkManager-libnm,1.12.0-10.el7_6.x86_64 2020-06-02 11:05:26 Found package: NetworkManager-team,1.12.0-10.el7_6.x86_64 2020-06-02 11:05:26 Found package: NetworkManager-tui,1.12.0-10.el7_6.x86_64 2020-06-02 11:05:26 Found package: newt,0.52.15-4.el7.x86_64 2020-06-02 11:05:26 Found package: newt-python,0.52.15-4.el7.x86_64 2020-06-02 11:05:26 Found package: nfs-utils,1.3.0-0.61.el7.x86_64 2020-06-02 11:05:26 Found package: nmap-ncat,6.40-16.el7.x86_64 2020-06-02 11:05:26 Found package: nspr,4.19.0-1.el7_5.x86_64 2020-06-02 11:05:26 Found package: nss,3.36.0-7.1.el7_6.x86_64 2020-06-02 11:05:26 Found package: nss-pem,1.0.3-5.el7_6.1.x86_64 2020-06-02 11:05:26 Found package: nss-softokn,3.36.0-5.el7_5.x86_64 2020-06-02 11:05:26 Found package: nss-softokn-freebl,3.36.0-5.el7_5.x86_64 2020-06-02 11:05:26 Found package: nss-sysinit,3.36.0-7.1.el7_6.x86_64 2020-06-02 11:05:26 Found package: nss-tools,3.36.0-7.1.el7_6.x86_64 2020-06-02 11:05:26 Found package: nss-util,3.36.0-1.1.el7_6.x86_64 2020-06-02 11:05:26 Found package: ntpdate,4.2.6p5-28.el7.centos.x86_64 2020-06-02 11:05:26 Found package: ntsysv,1.7.4-1.el7.x86_64 2020-06-02 11:05:26 Found package: numactl-libs,2.0.9-7.el7.x86_64 2020-06-02 11:05:26 Found package: numad,0.5-18.20150602git.el7.x86_64 2020-06-02 11:05:26 Found package: oniguruma,5.9.5-3.el7.x86_64 2020-06-02 11:05:26 Found package: OpenIPMI,2.0.23-2.el7.x86_64 2020-06-02 11:05:26 Found package: OpenIPMI-libs,2.0.23-2.el7.x86_64 2020-06-02 11:05:26 Found package: OpenIPMI-modalias,2.0.23-2.el7.x86_64 2020-06-02 11:05:26 Found package: openldap,2.4.44-21.el7_6.x86_64 2020-06-02 11:05:26 Found package: openssh,7.4p1-16.el7.x86_64 2020-06-02 11:05:26 Found package: openssh-clients,7.4p1-16.el7.x86_64 2020-06-02 11:05:26 Found package: openssh-server,7.4p1-16.el7.x86_64 2020-06-02 11:05:26 Found package: openssl098e,0.9.8e-29.el7.centos.3.x86_64 2020-06-02 11:05:26 Found package: openssl,1.0.2k-16.el7_6.1.x86_64 2020-06-02 11:05:26 Found package: openssl-libs,1.0.2k-16.el7_6.1.x86_64 2020-06-02 11:05:26 Found package: opus,1.0.2-6.el7.x86_64 2020-06-02 11:05:26 Found package: origin-clients,3.11.0-1.el7.git.0.62803d0.x86_64 2020-06-02 11:05:26 Found package: osinfo-db,20190805-2.el7.noarch 2020-06-02 11:05:26 Found package: osinfo-db-tools,1.1.0-1.el7.x86_64 2020-06-02 11:05:26 Found package: os-prober,1.58-9.el7.x86_64 2020-06-02 11:05:26 Found package: p11-kit,0.23.5-3.el7.x86_64 2020-06-02 11:05:26 Found package: p11-kit-trust,0.23.5-3.el7.x86_64 2020-06-02 11:05:26 Found package: pakchois,0.4-10.el7.x86_64 2020-06-02 11:05:26 Found package: pam,1.1.8-22.el7.x86_64 2020-06-02 11:05:26 Found package: parted,3.1-29.el7.x86_64 2020-06-02 11:05:26 Found package: passwd,0.79-4.el7.x86_64 2020-06-02 11:05:26 Found package: patch,2.7.1-10.el7_5.x86_64 2020-06-02 11:05:26 Found package: patchutils,0.3.3-4.el7.x86_64 2020-06-02 11:05:26 Found package: pciutils,3.5.1-3.el7.x86_64 2020-06-02 11:05:26 Found package: pciutils-libs,3.5.1-3.el7.x86_64 2020-06-02 11:05:26 Found package: pcre,8.32-17.el7.x86_64 2020-06-02 11:05:26 Found package: perl,5.16.3-294.el7_6.x86_64 2020-06-02 11:05:26 Found package: perl-Authen-SASL,2.15-10.el7.noarch 2020-06-02 11:05:26 Found package: perl-Carp,1.26-244.el7.noarch 2020-06-02 11:05:26 Found package: perl-Compress-Raw-Bzip2,2.061-3.el7.x86_64 2020-06-02 11:05:26 Found package: perl-Compress-Raw-Zlib,2.061-4.el7.x86_64 2020-06-02 11:05:26 Found package: perl-constant,1.27-2.el7.noarch 2020-06-02 11:05:26 Found package: perl-Data-Dumper,2.145-3.el7.x86_64 2020-06-02 11:05:26 Found package: perl-DBD-SQLite,1.39-3.el7.x86_64 2020-06-02 11:05:26 Found package: perl-DBI,1.627-4.el7.x86_64 2020-06-02 11:05:26 Found package: perl-Digest,1.17-245.el7.noarch 2020-06-02 11:05:26 Found package: perl-Digest-HMAC,1.03-5.el7.noarch 2020-06-02 11:05:26 Found package: perl-Digest-MD5,2.52-3.el7.x86_64 2020-06-02 11:05:26 Found package: perl-Digest-SHA,5.85-4.el7.x86_64 2020-06-02 11:05:26 Found package: perl-Encode,2.51-7.el7.x86_64 2020-06-02 11:05:26 Found package: perl-Error,0.17020-2.el7.noarch 2020-06-02 11:05:26 Found package: perl-Exporter,5.68-3.el7.noarch 2020-06-02 11:05:26 Found package: perl-File-Path,2.09-2.el7.noarch 2020-06-02 11:05:26 Found package: perl-File-Temp,0.23.01-3.el7.noarch 2020-06-02 11:05:26 Found package: perl-Filter,1.49-3.el7.x86_64 2020-06-02 11:05:26 Found package: perl-Getopt-Long,2.40-3.el7.noarch 2020-06-02 11:05:26 Found package: perl-GSSAPI,0.28-9.el7.x86_64 2020-06-02 11:05:26 Found package: perl-hivex,1.3.10-6.9.el7.x86_64 2020-06-02 11:05:26 Found package: perl-HTTP-Tiny,0.033-3.el7.noarch 2020-06-02 11:05:26 Found package: perl-IO-Compress,2.061-2.el7.noarch 2020-06-02 11:05:26 Found package: perl-IO-Socket-IP,0.21-5.el7.noarch 2020-06-02 11:05:26 Found package: perl-IO-Socket-SSL,1.94-7.el7.noarch 2020-06-02 11:05:26 Found package: perl-libs,5.16.3-294.el7_6.x86_64 2020-06-02 11:05:26 Found package: perl-macros,5.16.3-294.el7_6.x86_64 2020-06-02 11:05:26 Found package: perl-Mozilla-CA,20130114-5.el7.noarch 2020-06-02 11:05:26 Found package: perl-Net-Daemon,0.48-5.el7.noarch 2020-06-02 11:05:26 Found package: perl-Net-LibIDN,0.12-15.el7.x86_64 2020-06-02 11:05:26 Found package: perl-Net-SMTP-SSL,1.01-13.el7.noarch 2020-06-02 11:05:26 Found package: perl-Net-SSLeay,1.55-6.el7.x86_64 2020-06-02 11:05:26 Found package: perl-parent,0.225-244.el7.noarch 2020-06-02 11:05:26 Found package: perl-PathTools,3.40-5.el7.x86_64 2020-06-02 11:05:26 Found package: perl-PlRPC,0.2020-14.el7.noarch 2020-06-02 11:05:26 Found package: perl-Pod-Escapes,1.04-294.el7_6.noarch 2020-06-02 11:05:26 Found package: perl-podlators,2.5.1-3.el7.noarch 2020-06-02 11:05:26 Found package: perl-Pod-Perldoc,3.20-4.el7.noarch 2020-06-02 11:05:26 Found package: perl-Pod-Simple,3.28-4.el7.noarch 2020-06-02 11:05:26 Found package: perl-Pod-Usage,1.63-3.el7.noarch 2020-06-02 11:05:26 Found package: perl-Scalar-List-Utils,1.27-248.el7.x86_64 2020-06-02 11:05:26 Found package: perl-Socket,2.010-4.el7.x86_64 2020-06-02 11:05:26 Found package: perl-srpm-macros,1-8.el7.noarch 2020-06-02 11:05:26 Found package: perl-Storable,2.45-3.el7.x86_64 2020-06-02 11:05:26 Found package: perl-TermReadKey,2.30-20.el7.x86_64 2020-06-02 11:05:26 Found package: perl-Test-Harness,3.28-3.el7.noarch 2020-06-02 11:05:26 Found package: perl-Text-ParseWords,3.29-4.el7.noarch 2020-06-02 11:05:26 Found package: perl-Thread-Queue,3.02-2.el7.noarch 2020-06-02 11:05:26 Found package: perl-threads,1.87-4.el7.x86_64 2020-06-02 11:05:26 Found package: perl-threads-shared,1.43-6.el7.x86_64 2020-06-02 11:05:26 Found package: perl-Time-HiRes,1.9725-3.el7.x86_64 2020-06-02 11:05:26 Found package: perl-Time-Local,1.2300-2.el7.noarch 2020-06-02 11:05:26 Found package: perl-XML-Parser,2.41-10.el7.x86_64 2020-06-02 11:05:26 Found package: perl-YAML,0.84-5.el7.noarch 2020-06-02 11:05:26 Found package: pinentry,0.8.1-17.el7.x86_64 2020-06-02 11:05:26 Found package: pinfo,0.6.10-9.el7.x86_64 2020-06-02 11:05:26 Found package: pixman,0.34.0-1.el7.x86_64 2020-06-02 11:05:26 Found package: pkgconfig,0.27.1-4.el7.x86_64 2020-06-02 11:05:26 Found package: plymouth,0.8.9-0.31.20140113.el7.centos.x86_64 2020-06-02 11:05:26 Found package: plymouth-core-libs,0.8.9-0.31.20140113.el7.centos.x86_64 2020-06-02 11:05:26 Found package: plymouth-scripts,0.8.9-0.31.20140113.el7.centos.x86_64 2020-06-02 11:05:26 Found package: pm-utils,1.4.1-27.el7.x86_64 2020-06-02 11:05:26 Found package: podman,1.4.4-4.el7.centos.x86_64 2020-06-02 11:05:26 Found package: policycoreutils,2.5-29.el7_6.1.x86_64 2020-06-02 11:05:26 Found package: policycoreutils-python,2.5-29.el7_6.1.x86_64 2020-06-02 11:05:26 Found package: polkit,0.112-18.el7_6.1.x86_64 2020-06-02 11:05:26 Found package: polkit-pkla-compat,0.1-4.el7.x86_64 2020-06-02 11:05:26 Found package: popt,1.13-16.el7.x86_64 2020-06-02 11:05:26 Found package: postfix,2.10.1-7.el7.x86_64 2020-06-02 11:05:26 Found package: procps-ng,3.3.10-23.el7.x86_64 2020-06-02 11:05:26 Found package: protobuf-c,1.0.2-3.el7.x86_64 2020-06-02 11:05:26 Found package: psacct,6.6.1-13.el7.x86_64 2020-06-02 11:05:26 Found package: ps_mem,3.1-7.el7.noarch 2020-06-02 11:05:26 Found package: psmisc,22.20-15.el7.x86_64 2020-06-02 11:05:26 Found package: pth,2.0.7-23.el7.x86_64 2020-06-02 11:05:26 Found package: pulseaudio-libs,10.0-5.el7.x86_64 2020-06-02 11:05:27 Found package: pygobject2,2.28.6-11.el7.x86_64 2020-06-02 11:05:27 Found package: pygpgme,0.3-9.el7.x86_64 2020-06-02 11:05:27 Found package: pyliblzma,0.5.3-11.el7.x86_64 2020-06-02 11:05:27 Found package: python,2.7.5-88.el7.x86_64 2020-06-02 11:05:27 Found package: python2-futures,3.1.1-5.el7.noarch 2020-06-02 11:05:27 Found package: python2-rpm-macros,3-32.el7.noarch 2020-06-02 11:05:27 Found package: python3,3.6.8-13.el7.x86_64 2020-06-02 11:05:27 Found package: python3-devel,3.6.8-13.el7.x86_64 2020-06-02 11:05:27 Found package: python3-libs,3.6.8-13.el7.x86_64 2020-06-02 11:05:27 Found package: python3-pip,9.0.3-7.el7_7.noarch 2020-06-02 11:05:27 Found package: python3-rpm-generators,6-2.el7.noarch 2020-06-02 11:05:27 Found package: python3-rpm-macros,3-32.el7.noarch 2020-06-02 11:05:27 Found package: python3-setuptools,39.2.0-10.el7.noarch 2020-06-02 11:05:27 Found package: python-augeas,0.5.0-2.el7.noarch 2020-06-02 11:05:27 Found package: python-backports,1.0-8.el7.x86_64 2020-06-02 11:05:27 Found package: python-backports-ssl_match_hostname,3.5.0.1-1.el7.noarch 2020-06-02 11:05:27 Found package: python-chardet,2.2.1-1.el7_1.noarch 2020-06-02 11:05:27 Found package: python-configobj,4.7.2-7.el7.noarch 2020-06-02 11:05:27 Found package: python-dateutil,1.5-7.el7.noarch 2020-06-02 11:05:27 Found package: python-decorator,3.4.0-3.el7.noarch 2020-06-02 11:05:27 Found package: python-devel,2.7.5-88.el7.x86_64 2020-06-02 11:05:27 Found package: python-firewall,0.5.3-5.el7.noarch 2020-06-02 11:05:27 Found package: python-gobject-base,3.22.0-1.el7_4.1.x86_64 2020-06-02 11:05:27 Found package: python-iniparse,0.4-9.el7.noarch 2020-06-02 11:05:27 Found package: python-ipaddr,2.1.11-2.el7.noarch 2020-06-02 11:05:27 Found package: python-ipaddress,1.0.16-2.el7.noarch 2020-06-02 11:05:27 Found package: python-IPy,0.75-6.el7.noarch 2020-06-02 11:05:27 Found package: python-kitchen,1.1.1-5.el7.noarch 2020-06-02 11:05:27 Found package: python-libs,2.7.5-88.el7.x86_64 2020-06-02 11:05:27 Found package: python-linux-procfs,0.4.9-4.el7.noarch 2020-06-02 11:05:27 Found package: python-perf,3.10.0-957.10.1.el7.x86_64 2020-06-02 11:05:27 Found package: python-pycurl,7.19.0-19.el7.x86_64 2020-06-02 11:05:27 Found package: python-pytoml,0.1.14-1.git7dea353.el7.noarch 2020-06-02 11:05:27 Found package: python-pyudev,0.15-9.el7.noarch 2020-06-02 11:05:27 Found package: python-requests,2.6.0-1.el7_1.noarch 2020-06-02 11:05:27 Found package: python-rpm-macros,3-32.el7.noarch 2020-06-02 11:05:27 Found package: python-schedutils,0.4-6.el7.x86_64 2020-06-02 11:05:27 Found package: python-setuptools,0.9.8-7.el7.noarch 2020-06-02 11:05:27 Found package: python-six,1.9.0-2.el7.noarch 2020-06-02 11:05:27 Found package: python-slip,0.4.0-4.el7.noarch 2020-06-02 11:05:27 Found package: python-slip-dbus,0.4.0-4.el7.noarch 2020-06-02 11:05:27 Found package: python-srpm-macros,3-32.el7.noarch 2020-06-02 11:05:27 Found package: python-suds,0.4.1-5.el7.noarch 2020-06-02 11:05:27 Found package: python-urlgrabber,3.10-9.el7.noarch 2020-06-02 11:05:27 Found package: python-urllib3,1.10.2-5.el7.noarch 2020-06-02 11:05:27 Found package: pyxattr,0.5.1-5.el7.x86_64 2020-06-02 11:05:27 Found package: qemu-img-ev,2.12.0-44.1.el7_8.1.x86_64 2020-06-02 11:05:27 Found package: qemu-kvm-common-ev,2.12.0-44.1.el7_8.1.x86_64 2020-06-02 11:05:27 Found package: qemu-kvm-ev,2.12.0-44.1.el7_8.1.x86_64 2020-06-02 11:05:27 Found package: qrencode-libs,3.4.1-3.el7.x86_64 2020-06-02 11:05:27 Found package: quota,4.01-17.el7.x86_64 2020-06-02 11:05:27 Found package: quota-nls,4.01-17.el7.noarch 2020-06-02 11:05:27 Found package: radvd,2.17-3.el7.x86_64 2020-06-02 11:05:27 Found package: rcs,5.9.0-5.el7.x86_64 2020-06-02 11:05:27 Found package: rdate,1.4-25.el7.x86_64 2020-06-02 11:05:27 Found package: rdma-core,17.2-3.el7.x86_64 2020-06-02 11:05:27 Found package: readline,6.2-10.el7.x86_64 2020-06-02 11:05:27 Found package: redhat-rpm-config,9.1.0-87.el7.centos.noarch 2020-06-02 11:05:27 Found package: rfkill,0.4-10.el7.x86_64 2020-06-02 11:05:27 Found package: rng-tools,6.3.1-3.el7.x86_64 2020-06-02 11:05:27 Found package: rootfiles,8.1-11.el7.noarch 2020-06-02 11:05:27 Found package: rpcbind,0.2.0-47.el7.x86_64 2020-06-02 11:05:27 Found package: rpm,4.11.3-35.el7.x86_64 2020-06-02 11:05:27 Found package: rpm-build,4.11.3-35.el7.x86_64 2020-06-02 11:05:27 Found package: rpm-build-libs,4.11.3-35.el7.x86_64 2020-06-02 11:05:27 Found package: rpm-libs,4.11.3-35.el7.x86_64 2020-06-02 11:05:27 Found package: rpm-python,4.11.3-35.el7.x86_64 2020-06-02 11:05:27 Found package: rpm-sign,4.11.3-35.el7.x86_64 2020-06-02 11:05:27 Found package: rsync,3.1.2-4.el7.x86_64 2020-06-02 11:05:27 Found package: rsyslog,8.24.0-34.el7.x86_64 2020-06-02 11:05:27 Found package: runc,1.0.0-59.dev.git2abd837.el7.centos.x86_64 2020-06-02 11:05:27 Found package: satyr,0.13-15.el7.x86_64 2020-06-02 11:05:27 Found package: scl-utils,20130529-19.el7.x86_64 2020-06-02 11:05:27 Found package: scrub,2.5.2-7.el7.x86_64 2020-06-02 11:05:27 Found package: seabios-bin,1.11.0-2.el7.noarch 2020-06-02 11:05:27 Found package: seavgabios-bin,1.11.0-2.el7.noarch 2020-06-02 11:05:27 Found package: sed,4.2.2-5.el7.x86_64 2020-06-02 11:05:27 Found package: selinux-policy,3.13.1-229.el7_6.9.noarch 2020-06-02 11:05:27 Found package: selinux-policy-targeted,3.13.1-229.el7_6.9.noarch 2020-06-02 11:05:27 Found package: setools-libs,3.3.8-4.el7.x86_64 2020-06-02 11:05:27 Found package: setserial,2.17-33.el7.x86_64 2020-06-02 11:05:27 Found package: setup,2.8.71-10.el7.noarch 2020-06-02 11:05:27 Found package: setuptool,1.19.11-8.el7.x86_64 2020-06-02 11:05:27 Found package: sg3_utils,1.37-17.el7.x86_64 2020-06-02 11:05:27 Found package: sg3_utils-libs,1.37-17.el7.x86_64 2020-06-02 11:05:27 Found package: sgabios-bin,0.20110622svn-4.el7.noarch 2020-06-02 11:05:27 Found package: sgpio,1.2.0.10-13.el7.x86_64 2020-06-02 11:05:27 Found package: shadow-utils,4.1.5.1-25.el7_6.1.x86_64 2020-06-02 11:05:27 Found package: shared-mime-info,1.8-4.el7.x86_64 2020-06-02 11:05:27 Found package: slang,2.2.4-11.el7.x86_64 2020-06-02 11:05:27 Found package: smartmontools,6.5-1.el7.x86_64 2020-06-02 11:05:27 Found package: snappy,1.1.0-3.el7.x86_64 2020-06-02 11:05:27 Found package: sos,3.6-16.el7.centos.noarch 2020-06-02 11:05:27 Found package: spice-server,0.14.0-6.el7_6.1.x86_64 2020-06-02 11:05:27 Found package: sqlite,3.7.17-8.el7.x86_64 2020-06-02 11:05:27 Found package: squashfs-tools,4.3-0.21.gitaae0aff4.el7.x86_64 2020-06-02 11:05:27 Found package: sssd-client,1.16.2-13.el7_6.5.x86_64 2020-06-02 11:05:27 Found package: strace,4.12-9.el7.x86_64 2020-06-02 11:05:27 Found package: subscription-manager-rhsm,1.21.10-3.el7.centos.x86_64 2020-06-02 11:05:27 Found package: subscription-manager-rhsm-certificates,1.21.10-3.el7.centos.x86_64 2020-06-02 11:05:27 Found package: subversion,1.7.14-14.el7.x86_64 2020-06-02 11:05:27 Found package: subversion-libs,1.7.14-14.el7.x86_64 2020-06-02 11:05:27 Found package: subversion-perl,1.7.14-14.el7.x86_64 2020-06-02 11:05:27 Found package: sudo,1.8.23-3.el7.x86_64 2020-06-02 11:05:27 Found package: supermin5,5.1.19-1.el7.x86_64 2020-06-02 11:05:27 Found package: swig,2.0.10-5.el7.x86_64 2020-06-02 11:05:27 Found package: syslinux,4.05-15.el7.x86_64 2020-06-02 11:05:27 Found package: syslinux-extlinux,4.05-15.el7.x86_64 2020-06-02 11:05:27 Found package: sysstat,10.1.5-17.el7.x86_64 2020-06-02 11:05:27 Found package: systemd,219-62.el7_6.5.x86_64 2020-06-02 11:05:27 Found package: systemd-libs,219-62.el7_6.5.x86_64 2020-06-02 11:05:27 Found package: systemd-python,219-62.el7_6.5.x86_64 2020-06-02 11:05:27 Found package: systemd-sysv,219-62.el7_6.5.x86_64 2020-06-02 11:05:27 Found package: systemtap,3.3-3.el7.x86_64 2020-06-02 11:05:27 Found package: systemtap-client,3.3-3.el7.x86_64 2020-06-02 11:05:27 Found package: systemtap-devel,3.3-3.el7.x86_64 2020-06-02 11:05:27 Found package: systemtap-runtime,3.3-3.el7.x86_64 2020-06-02 11:05:27 Found package: sysvinit-tools,2.88-14.dsf.el7.x86_64 2020-06-02 11:05:27 Found package: tar,1.26-35.el7.x86_64 2020-06-02 11:05:27 Found package: tcl,8.5.13-8.el7.x86_64 2020-06-02 11:05:27 Found package: tcpdump,4.9.2-3.el7.x86_64 2020-06-02 11:05:27 Found package: tcp_wrappers,7.6-77.el7.x86_64 2020-06-02 11:05:27 Found package: tcp_wrappers-libs,7.6-77.el7.x86_64 2020-06-02 11:05:27 Found package: tcsh,6.18.01-15.el7.x86_64 2020-06-02 11:05:27 Found package: teamd,1.27-5.el7.x86_64 2020-06-02 11:05:27 Found package: telnet,0.17-65.el7_8.x86_64 2020-06-02 11:05:27 Found package: time,1.7-45.el7.x86_64 2020-06-02 11:05:27 Found package: tk,8.5.13-6.el7.x86_64 2020-06-02 11:05:27 Found package: tmate,2.2.1-8.el7.x86_64 2020-06-02 11:05:27 Found package: tmux,1.8-4.el7.x86_64 2020-06-02 11:05:27 Found package: trace-cmd,2.6.0-10.el7.x86_64 2020-06-02 11:05:27 Found package: traceroute,2.0.22-2.el7.x86_64 2020-06-02 11:05:27 Found package: trousers,0.3.14-2.el7.x86_64 2020-06-02 11:05:27 Found package: tuned,2.10.0-6.el7_6.3.noarch 2020-06-02 11:05:27 Found package: tzdata,2019a-1.el7.noarch 2020-06-02 11:05:27 Found package: unbound-libs,1.6.6-1.el7.x86_64 2020-06-02 11:05:27 Found package: unzip,6.0-19.el7.x86_64 2020-06-02 11:05:28 Found package: usb_modeswitch,2.5.1-1.el7.x86_64 2020-06-02 11:05:28 Found package: usb_modeswitch-data,20170806-1.el7.noarch 2020-06-02 11:05:28 Found package: usbredir,0.7.1-3.el7.x86_64 2020-06-02 11:05:28 Found package: usbutils,007-5.el7.x86_64 2020-06-02 11:05:28 Found package: usermode,1.111-5.el7.x86_64 2020-06-02 11:05:28 Found package: ustr,1.0.4-16.el7.x86_64 2020-06-02 11:05:28 Found package: util-linux,2.23.2-59.el7_6.1.x86_64 2020-06-02 11:05:28 Found package: valgrind,3.13.0-13.el7.x86_64 2020-06-02 11:05:28 Found package: vim-common,7.4.160-5.el7.x86_64 2020-06-02 11:05:28 Found package: vim-enhanced,7.4.160-5.el7.x86_64 2020-06-02 11:05:28 Found package: vim-filesystem,7.4.160-5.el7.x86_64 2020-06-02 11:05:28 Found package: vim-minimal,7.4.160-5.el7.x86_64 2020-06-02 11:05:28 Found package: virt-install,1.5.0-7.el7.noarch 2020-06-02 11:05:28 Found package: virt-manager-common,1.5.0-7.el7.noarch 2020-06-02 11:05:28 Found package: virt-what,1.18-4.el7.x86_64 2020-06-02 11:05:28 Found package: virt-who,0.22.5-1.el7.noarch 2020-06-02 11:05:28 Found package: wget,1.14-18.el7.x86_64 2020-06-02 11:05:28 Found package: which,2.20-7.el7.x86_64 2020-06-02 11:05:28 Found package: words,3.0-22.el7.noarch 2020-06-02 11:05:28 Found package: wpa_supplicant,2.6-12.el7.x86_64 2020-06-02 11:05:28 Found package: xdg-utils,1.1.0-0.17.20120809git.el7.noarch 2020-06-02 11:05:28 Found package: xfsdump,3.1.7-1.el7.x86_64 2020-06-02 11:05:28 Found package: xfsprogs,4.5.0-19.el7_6.x86_64 2020-06-02 11:05:28 Found package: xmlrpc-c,1.32.5-1905.svn2451.el7.x86_64 2020-06-02 11:05:28 Found package: xmlrpc-c-client,1.32.5-1905.svn2451.el7.x86_64 2020-06-02 11:05:28 Found package: xz,5.2.2-1.el7.x86_64 2020-06-02 11:05:28 Found package: xz-libs,5.2.2-1.el7.x86_64 2020-06-02 11:05:28 Found package: yajl,2.0.4-4.el7.x86_64 2020-06-02 11:05:28 Found package: yum,3.4.3-161.el7.centos.noarch 2020-06-02 11:05:28 Found package: yum-langpacks,0.4.2-7.el7.noarch 2020-06-02 11:05:28 Found package: yum-metadata-parser,1.1.4-10.el7.x86_64 2020-06-02 11:05:28 Found package: yum-plugin-fastestmirror,1.1.31-50.el7.noarch 2020-06-02 11:05:28 Found package: yum-utils,1.1.31-50.el7.noarch 2020-06-02 11:05:28 Found package: zip,3.0-11.el7.x86_64 2020-06-02 11:05:28 Found package: zlib,1.2.7-18.el7.x86_64 2020-06-02 11:05:28 ==== 2020-06-02 11:05:28 Skipped test PKGS-7310 (Checking package list with pacman) 2020-06-02 11:05:28 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:28 ==== 2020-06-02 11:05:28 Skipped test PKGS-7312 (Checking available updates for pacman based system) 2020-06-02 11:05:28 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:28 Result: pacman binary NOT found on this system, test skipped 2020-06-02 11:05:28 ==== 2020-06-02 11:05:28 Skipped test PKGS-7314 (Checking pacman configuration options) 2020-06-02 11:05:28 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:28 ==== 2020-06-02 11:05:28 Skipped test PKGS-7320 (Checking for arch-audit tooling) 2020-06-02 11:05:28 Reason to skip: Test only applies to Arch Linux 2020-06-02 11:05:28 ==== 2020-06-02 11:05:28 Skipped test PKGS-7322 (Discover vulnerable packages with arch-audit) 2020-06-02 11:05:28 Reason to skip: arch-audit not found 2020-06-02 11:05:28 ==== 2020-06-02 11:05:28 Skipped test PKGS-7328 (Querying Zypper for installed packages) 2020-06-02 11:05:28 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:28 ==== 2020-06-02 11:05:28 Skipped test PKGS-7330 (Querying Zypper for vulnerable packages) 2020-06-02 11:05:28 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:28 ==== 2020-06-02 11:05:28 Skipped test PKGS-7332 (Query macOS ports) 2020-06-02 11:05:28 Reason to skip: Incorrect guest OS (macOS only) 2020-06-02 11:05:28 ==== 2020-06-02 11:05:28 Skipped test PKGS-7334 (Query port for port upgrades) 2020-06-02 11:05:28 Reason to skip: Incorrect guest OS (macOS only) 2020-06-02 11:05:28 ==== 2020-06-02 11:05:28 Skipped test PKGS-7345 (Querying dpkg) 2020-06-02 11:05:28 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:28 Result: dpkg can NOT be found on this system, test skipped 2020-06-02 11:05:28 ==== 2020-06-02 11:05:28 Skipped test PKGS-7346 (Search unpurged packages on system) 2020-06-02 11:05:28 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:28 Result: dpkg can NOT be found on this system, test skipped 2020-06-02 11:05:28 ==== 2020-06-02 11:05:28 Skipped test PKGS-7348 (Check for old distfiles) 2020-06-02 11:05:28 Reason to skip: Incorrect guest OS (FreeBSD only) 2020-06-02 11:05:28 ==== 2020-06-02 11:05:28 Skipped test PKGS-7350 (Checking for installed packages with DNF utility) 2020-06-02 11:05:28 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:28 ==== 2020-06-02 11:05:28 Skipped test PKGS-7352 (Checking for security updates with DNF utility) 2020-06-02 11:05:28 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:28 ==== 2020-06-02 11:05:28 Skipped test PKGS-7354 (Checking package database integrity) 2020-06-02 11:05:28 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:28 ==== 2020-06-02 11:05:28 Skipped test PKGS-7366 (Checking for debsecan utility) 2020-06-02 11:05:28 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:28 ==== 2020-06-02 11:05:28 Skipped test PKGS-7370 (Checking for debsums utility) 2020-06-02 11:05:28 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:28 ==== 2020-06-02 11:05:28 Skipped test PKGS-7378 (Query portmaster for port upgrades) 2020-06-02 11:05:28 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:28 ==== 2020-06-02 11:05:28 Skipped test PKGS-7380 (Check for vulnerable NetBSD packages) 2020-06-02 11:05:28 Reason to skip: Incorrect guest OS (NetBSD only) 2020-06-02 11:05:28 ==== 2020-06-02 11:05:28 Skipped test PKGS-7381 (Check for vulnerable FreeBSD packages with pkg) 2020-06-02 11:05:28 Reason to skip: pkg tool not available 2020-06-02 11:05:28 ==== 2020-06-02 11:05:28 Skipped test PKGS-7382 (Check for vulnerable FreeBSD packages with portaudit) 2020-06-02 11:05:28 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:28 ==== 2020-06-02 11:05:28 Performing test ID PKGS-7383 (Check for YUM package update management) 2020-06-02 11:05:28 Test: YUM package update management 2020-06-02 11:05:29 Result: YUM repository available (26481) 2020-06-02 11:05:29 ==== 2020-06-02 11:05:29 Performing test ID PKGS-7384 (Check for YUM utils package) 2020-06-02 11:05:29 Result: found YUM utils package (package-cleanup) 2020-06-02 11:05:29 Test: Checking for duplicate packages 2020-06-02 11:05:30 Result: No duplicate packages found 2020-06-02 11:05:30 Test: Checking for database problems 2020-06-02 11:05:40 Result: No package database problems found 2020-06-02 11:05:40 ==== 2020-06-02 11:05:40 Performing test ID PKGS-7386 (Check for YUM security package) 2020-06-02 11:05:41 Test: Determining if yum-security package installed 2020-06-02 11:05:41 Test: checking if file /usr/share/yum-cli/cli.py exists 2020-06-02 11:05:41 Result: file /usr/share/yum-cli/cli.py exists 2020-06-02 11:05:41 Test: search string \-\-security in file /usr/share/yum-cli/cli.py 2020-06-02 11:05:41 Result: found search string '\-\-security' 2020-06-02 11:05:41 Full string returned: group.add_option("--security", action="store_true", 2020-06-02 11:05:41 Result: found built-in security in yum 2020-06-02 11:05:41 Test: Checking for vulnerable packages 2020-06-02 11:05:43 Result: no vulnerable packages found 2020-06-02 11:05:43 ==== 2020-06-02 11:05:43 Performing test ID PKGS-7387 (Check for GPG signing in YUM security package) 2020-06-02 11:05:43 Test: checking enabled repositories 2020-06-02 11:05:44 Result: software repository 'base' is signed 2020-06-02 11:05:44 Hardening: assigned maximum number of hardening points for this item (4). Currently having 118 points (out of 176) 2020-06-02 11:05:44 Result: software repository 'centos-openshift-origin' is NOT signed 2020-06-02 11:05:44 Hardening: assigned partial number of hardening points (3 of 4). Currently having 121 points (out of 180) 2020-06-02 11:05:44 Result: software repository 'centos-qemu-ev' is signed 2020-06-02 11:05:44 Hardening: assigned maximum number of hardening points for this item (4). Currently having 125 points (out of 184) 2020-06-02 11:05:44 Result: software repository 'epel' is signed 2020-06-02 11:05:44 Hardening: assigned maximum number of hardening points for this item (4). Currently having 129 points (out of 188) 2020-06-02 11:05:44 Result: software repository 'extras' is signed 2020-06-02 11:05:44 Hardening: assigned maximum number of hardening points for this item (4). Currently having 133 points (out of 192) 2020-06-02 11:05:44 Result: software repository 'go-repo' is signed 2020-06-02 11:05:44 Hardening: assigned maximum number of hardening points for this item (4). Currently having 137 points (out of 196) 2020-06-02 11:05:44 Result: software repository 'ius' is signed 2020-06-02 11:05:44 Hardening: assigned maximum number of hardening points for this item (4). Currently having 141 points (out of 200) 2020-06-02 11:05:44 Result: software repository 'updates' is signed 2020-06-02 11:05:44 Hardening: assigned maximum number of hardening points for this item (4). Currently having 145 points (out of 204) 2020-06-02 11:05:44 Result: software repository 'virt' is NOT signed 2020-06-02 11:05:44 Hardening: assigned partial number of hardening points (3 of 4). Currently having 148 points (out of 208) 2020-06-02 11:05:44 Test: checking if file /etc/yum.conf exists 2020-06-02 11:05:44 Result: file /etc/yum.conf exists 2020-06-02 11:05:44 Test: search string ^gpgenabled\s*=\s*1$ in file /etc/yum.conf 2020-06-02 11:05:44 Result: search search string '^gpgenabled\s*=\s*1$' NOT found 2020-06-02 11:05:44 Test: search string ^gpgcheck\s*=\s*1$ in file /etc/yum.conf 2020-06-02 11:05:44 Result: found search string '^gpgcheck\s*=\s*1$' 2020-06-02 11:05:44 Full string returned: gpgcheck=1 2020-06-02 11:05:44 Result: GPG check is enabled 2020-06-02 11:05:44 Hardening: assigned maximum number of hardening points for this item (3). Currently having 151 points (out of 211) 2020-06-02 11:05:44 ==== 2020-06-02 11:05:44 Skipped test PKGS-7388 (Check security repository in apt sources.list file) 2020-06-02 11:05:44 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:44 ==== 2020-06-02 11:05:44 Skipped test PKGS-7390 (Check Ubuntu database consistency) 2020-06-02 11:05:44 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:44 ==== 2020-06-02 11:05:44 Skipped test PKGS-7392 (Check for Debian/Ubuntu security updates) 2020-06-02 11:05:44 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:44 ==== 2020-06-02 11:05:44 Skipped test PKGS-7393 (Check for Gentoo vulnerable packages) 2020-06-02 11:05:44 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:44 ==== 2020-06-02 11:05:44 Skipped test PKGS-7394 (Check for Ubuntu updates) 2020-06-02 11:05:44 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:44 ==== 2020-06-02 11:05:44 Performing test ID PKGS-7398 (Check for package audit tool) 2020-06-02 11:05:44 Test: checking for package audit tool 2020-06-02 11:05:44 Result: found package audit tool: yum-security 2020-06-02 11:05:44 ==== 2020-06-02 11:05:44 Performing test ID PKGS-7410 (Count installed kernel packages) 2020-06-02 11:05:44 Test: Checking how many kernel packages are installed 2020-06-02 11:05:44 Result: found 2 kernel packages on the system, which is fine 2020-06-02 11:05:44 ==== 2020-06-02 11:05:44 Performing test ID PKGS-7420 (Detect toolkit to automatically download and apply upgrades) 2020-06-02 11:05:44 Hardening: assigned partial number of hardening points (1 of 5). Currently having 152 points (out of 216) 2020-06-02 11:05:44 Result: no toolkit for automatic updates discovered 2020-06-02 11:05:44 Suggestion: Consider using a tool to automatically apply upgrades [test:PKGS-7420] [details:-] [solution:-] 2020-06-02 11:05:44 Security check: file is normal 2020-06-02 11:05:44 Checking permissions of /root/blueval/lynis/include/tests_networking 2020-06-02 11:05:44 File permissions are OK 2020-06-02 11:05:44 ==== 2020-06-02 11:05:44 Action: Performing tests from category: Networking 2020-06-02 11:05:44 ==== 2020-06-02 11:05:44 Performing test ID NETW-2400 (Hostname length and value check) 2020-06-02 11:05:44 Result: FQDN is defined and not longer than 253 characters (17 characters) 2020-06-02 11:05:44 Result: hostnamed is defined and not longer than 63 characters 2020-06-02 11:05:44 Result: good, no unexpected characters discovered in hostname 2020-06-02 11:05:44 ==== 2020-06-02 11:05:44 Performing test ID NETW-2600 (Checking IPv6 configuration) 2020-06-02 11:05:49 Result: IPV6 mode is auto 2020-06-02 11:05:49 Result: IPv6 only configuration: NO 2020-06-02 11:05:49 ==== 2020-06-02 11:05:49 Performing test ID NETW-2704 (Basic nameserver configuration tests) 2020-06-02 11:05:49 Test: Checking /etc/resolv.conf file 2020-06-02 11:05:49 Result: Found /etc/resolv.conf file 2020-06-02 11:05:49 Test: Querying nameservers 2020-06-02 11:05:49 Found nameserver: 127.0.0.1 2020-06-02 11:05:49 Nameserver 127.0.0.1 seems to respond to queries from this host. 2020-06-02 11:05:49 ==== 2020-06-02 11:05:49 Skipped test NETW-2705 (Check availability two nameservers) 2020-06-02 11:05:49 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:49 Result: Test most likely skipped due having local resolver in /etc/resolv.conf 2020-06-02 11:05:49 ==== 2020-06-02 11:05:49 Skipped test NETW-2706 (Check systemd-resolved and upstream DNSSEC status) 2020-06-02 11:05:49 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:49 Result: Test most likely skipped due to not having resolvectl 2020-06-02 11:05:49 ==== 2020-06-02 11:05:49 Performing test ID NETW-3001 (Find default gateway (route)) 2020-06-02 11:05:49 Test: Searching default gateway(s) 2020-06-02 11:05:49 Result: Found default gateway 192.168.0.1 2020-06-02 11:05:49 ==== 2020-06-02 11:05:49 Performing test ID NETW-3004 (Search for available network interfaces) 2020-06-02 11:05:49 Found network interface: lo 2020-06-02 11:05:49 Found network interface: eno1 2020-06-02 11:05:49 Found network interface: eno2 2020-06-02 11:05:49 Found network interface: eno3 2020-06-02 11:05:49 Found network interface: eno4 2020-06-02 11:05:49 Found network interface: provisioning 2020-06-02 11:05:49 Found network interface: baremetal 2020-06-02 11:05:49 Found network interface: virbr0 2020-06-02 11:05:49 Found network interface: virbr0-nic 2020-06-02 11:05:49 Found network interface: vnet2 2020-06-02 11:05:49 Found network interface: vnet3 2020-06-02 11:05:49 Found network interface: vnet4 2020-06-02 11:05:49 Found network interface: vnet5 2020-06-02 11:05:49 Found network interface: cni0 2020-06-02 11:05:49 Found network interface: veth0dbd213a@if3 2020-06-02 11:05:49 Found network interface: vnet0 2020-06-02 11:05:49 Found network interface: vnet1 2020-06-02 11:05:49 Found network interface: vethc7d9be0e@if3 2020-06-02 11:05:49 ==== 2020-06-02 11:05:49 Performing test ID NETW-3006 (Get network MAC addresses) 2020-06-02 11:05:49 Found MAC address: 12:a5:03:4c:db:1a 2020-06-02 11:05:49 Found MAC address: 26:85:a7:c5:41:75 2020-06-02 11:05:49 Found MAC address: 52:54:00:71:e7:35 2020-06-02 11:05:49 Found MAC address: aa:01:c4:a8:7b:95 2020-06-02 11:05:49 Found MAC address: ac:1f:6b:7b:ea:30 2020-06-02 11:05:49 Found MAC address: ac:1f:6b:7b:ea:31 2020-06-02 11:05:49 Found MAC address: ac:1f:6b:7b:ea:8a 2020-06-02 11:05:49 Found MAC address: ac:1f:6b:7b:ea:8b 2020-06-02 11:05:49 Found MAC address: fe:54:00:82:68:40 2020-06-02 11:05:49 Found MAC address: fe:54:00:82:68:50 2020-06-02 11:05:49 Found MAC address: fe:54:00:82:68:51 2020-06-02 11:05:49 Found MAC address: fe:54:00:82:69:40 2020-06-02 11:05:49 Found MAC address: fe:54:00:82:69:50 2020-06-02 11:05:49 Found MAC address: fe:54:00:82:69:51 2020-06-02 11:05:49 ==== 2020-06-02 11:05:49 Performing test ID NETW-3008 (Get network IP addresses) 2020-06-02 11:05:49 Found IPv4 address: 192.168.111.199 2020-06-02 11:05:49 Found IPv4 address: 192.168.111.3 2020-06-02 11:05:49 Found IPv4 address: 192.168.111.4 2020-06-02 11:05:49 Found IPv4 address: 10.88.0.1 2020-06-02 11:05:49 Found IPv4 address: 192.168.0.20 2020-06-02 11:05:49 Found IPv4 address: 127.0.0.1 2020-06-02 11:05:49 Found IPv4 address: 172.22.0.1 2020-06-02 11:05:49 Found IPv4 address: 192.168.122.1 2020-06-02 11:05:49 Found IPv6 address: fe80::ae1f:6bff:fe7b:ea31 2020-06-02 11:05:49 Found IPv6 address: fe80::10a5:3ff:fe4c:db1a 2020-06-02 11:05:49 Found IPv6 address: fd1c:7f2c:6fca:600:ae1f:6bff:fe7b:ea30 2020-06-02 11:05:49 Found IPv6 address: fe80::ae1f:6bff:fe7b:ea30 2020-06-02 11:05:49 Found IPv6 address: fe80::ae1f:6bff:fe7b:ea31 2020-06-02 11:05:49 Found IPv6 address: ::1 2020-06-02 11:05:49 Found IPv6 address: fe80::ae1f:6bff:fe7b:ea8a 2020-06-02 11:05:49 Found IPv6 address: fe80::2485:a7ff:fec5:4175 2020-06-02 11:05:49 Found IPv6 address: fe80::a801:c4ff:fea8:7b95 2020-06-02 11:05:49 Found IPv6 address: fe80::fc54:ff:fe82:6840 2020-06-02 11:05:49 Found IPv6 address: fe80::fc54:ff:fe82:6940 2020-06-02 11:05:49 Found IPv6 address: fe80::fc54:ff:fe82:6850 2020-06-02 11:05:49 Found IPv6 address: fe80::fc54:ff:fe82:6950 2020-06-02 11:05:49 Found IPv6 address: fe80::fc54:ff:fe82:6851 2020-06-02 11:05:49 Found IPv6 address: fe80::fc54:ff:fe82:6951 2020-06-02 11:05:49 ==== 2020-06-02 11:05:49 Performing test ID NETW-3012 (Check listening ports) 2020-06-02 11:05:49 Test: Retrieving ss information to find listening ports 2020-06-02 11:05:49 ==== 2020-06-02 11:05:49 Skipped test NETW-3014 (Checking promiscuous interfaces (BSD)) 2020-06-02 11:05:49 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:49 ==== 2020-06-02 11:05:49 Performing test ID NETW-3015 (Checking promiscuous interfaces (Linux)) 2020-06-02 11:05:49 Test: Using ip binary to retrieve network interfaces 2020-06-02 11:05:49 Test: Checking all interfaces to discover any with promiscuous mode enabled 2020-06-02 11:05:49 Result: Promiscuous interface: eno2 2020-06-02 11:05:49 Warning: Found promiscuous interface [test:NETW-3015] [details:eno2] [solution:text:Determine if this mode is required or whitelist interface in profile] 2020-06-02 11:05:49 Note: some tools put an interface into promiscuous mode, to capture/log network traffic 2020-06-02 11:05:49 Result: Promiscuous interface: eno3 2020-06-02 11:05:49 Warning: Found promiscuous interface [test:NETW-3015] [details:eno3] [solution:text:Determine if this mode is required or whitelist interface in profile] 2020-06-02 11:05:49 Note: some tools put an interface into promiscuous mode, to capture/log network traffic 2020-06-02 11:05:49 Result: Promiscuous interface: virbr0-nic 2020-06-02 11:05:49 Warning: Found promiscuous interface [test:NETW-3015] [details:virbr0-nic] [solution:text:Determine if this mode is required or whitelist interface in profile] 2020-06-02 11:05:49 Note: some tools put an interface into promiscuous mode, to capture/log network traffic 2020-06-02 11:05:49 Result: Promiscuous interface: vnet2 2020-06-02 11:05:49 Warning: Found promiscuous interface [test:NETW-3015] [details:vnet2] [solution:text:Determine if this mode is required or whitelist interface in profile] 2020-06-02 11:05:49 Note: some tools put an interface into promiscuous mode, to capture/log network traffic 2020-06-02 11:05:49 Result: Promiscuous interface: vnet3 2020-06-02 11:05:49 Warning: Found promiscuous interface [test:NETW-3015] [details:vnet3] [solution:text:Determine if this mode is required or whitelist interface in profile] 2020-06-02 11:05:49 Note: some tools put an interface into promiscuous mode, to capture/log network traffic 2020-06-02 11:05:49 Result: Promiscuous interface: vnet4 2020-06-02 11:05:49 Warning: Found promiscuous interface [test:NETW-3015] [details:vnet4] [solution:text:Determine if this mode is required or whitelist interface in profile] 2020-06-02 11:05:49 Note: some tools put an interface into promiscuous mode, to capture/log network traffic 2020-06-02 11:05:49 Result: Promiscuous interface: vnet5 2020-06-02 11:05:49 Warning: Found promiscuous interface [test:NETW-3015] [details:vnet5] [solution:text:Determine if this mode is required or whitelist interface in profile] 2020-06-02 11:05:49 Note: some tools put an interface into promiscuous mode, to capture/log network traffic 2020-06-02 11:05:49 Result: Promiscuous interface: vnet0 2020-06-02 11:05:49 Warning: Found promiscuous interface [test:NETW-3015] [details:vnet0] [solution:text:Determine if this mode is required or whitelist interface in profile] 2020-06-02 11:05:49 Note: some tools put an interface into promiscuous mode, to capture/log network traffic 2020-06-02 11:05:49 Result: Promiscuous interface: vnet1 2020-06-02 11:05:49 Warning: Found promiscuous interface [test:NETW-3015] [details:vnet1] [solution:text:Determine if this mode is required or whitelist interface in profile] 2020-06-02 11:05:49 Note: some tools put an interface into promiscuous mode, to capture/log network traffic 2020-06-02 11:05:49 ==== 2020-06-02 11:05:49 Performing test ID NETW-3028 (Checking connections in WAIT state) 2020-06-02 11:05:49 Test: Using netstat for check for connections in WAIT state 2020-06-02 11:05:49 Result: currently 39 connections are in a waiting state (max configured: 5000). 2020-06-02 11:05:49 Result: 39 connections are in WAIT state 2020-06-02 11:05:49 ==== 2020-06-02 11:05:49 Performing test ID NETW-3030 (Checking DHCP client status) 2020-06-02 11:05:49 Performing pgrep scan without uid 2020-06-02 11:05:49 IsRunning: process 'dhclient' not found 2020-06-02 11:05:49 Performing pgrep scan without uid 2020-06-02 11:05:49 IsRunning: process 'dhcpcd' not found 2020-06-02 11:05:49 Performing pgrep scan without uid 2020-06-02 11:05:49 IsRunning: process 'udhcpc' not found 2020-06-02 11:05:49 ==== 2020-06-02 11:05:49 Performing test ID NETW-3032 (Checking for ARP monitoring software) 2020-06-02 11:05:49 Performing pgrep scan without uid 2020-06-02 11:05:49 IsRunning: process 'addrwatch' not found 2020-06-02 11:05:49 Performing pgrep scan without uid 2020-06-02 11:05:49 IsRunning: process 'arpwatch' not found 2020-06-02 11:05:49 Performing pgrep scan without uid 2020-06-02 11:05:49 IsRunning: process 'arpon' not found 2020-06-02 11:05:49 ==== 2020-06-02 11:05:49 Performing test ID NETW-3200 (Determine available network protocols) 2020-06-02 11:05:49 Test: checking the status of some network protocols that typically are not used 2020-06-02 11:05:49 Test: now checking module 'dccp' 2020-06-02 11:05:49 Suggestion: Determine if protocol 'dccp' is really needed on this system [test:NETW-3200] [details:-] [solution:-] 2020-06-02 11:05:49 Test: now checking module 'sctp' 2020-06-02 11:05:49 Suggestion: Determine if protocol 'sctp' is really needed on this system [test:NETW-3200] [details:-] [solution:-] 2020-06-02 11:05:49 Test: now checking module 'rds' 2020-06-02 11:05:49 Suggestion: Determine if protocol 'rds' is really needed on this system [test:NETW-3200] [details:-] [solution:-] 2020-06-02 11:05:49 Test: now checking module 'tipc' 2020-06-02 11:05:49 Suggestion: Determine if protocol 'tipc' is really needed on this system [test:NETW-3200] [details:-] [solution:-] 2020-06-02 11:05:49 Security check: file is normal 2020-06-02 11:05:49 Checking permissions of /root/blueval/lynis/include/tests_printers_spoolers 2020-06-02 11:05:49 File permissions are OK 2020-06-02 11:05:49 ==== 2020-06-02 11:05:49 Action: Performing tests from category: Printers and Spools 2020-06-02 11:05:49 ==== 2020-06-02 11:05:49 Skipped test PRNT-2302 (Check for printcap consistency) 2020-06-02 11:05:49 Reason to skip: Incorrect guest OS (FreeBSD only) 2020-06-02 11:05:49 ==== 2020-06-02 11:05:50 Performing test ID PRNT-2304 (Check cupsd status) 2020-06-02 11:05:50 Test: Checking cupsd status 2020-06-02 11:05:50 Performing pgrep scan without uid 2020-06-02 11:05:50 IsRunning: process 'cupsd' not found 2020-06-02 11:05:50 Result: cups daemon not running, cups daemon tests skipped 2020-06-02 11:05:50 ==== 2020-06-02 11:05:50 Skipped test PRNT-2306 (Check CUPSd configuration file) 2020-06-02 11:05:50 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:50 ==== 2020-06-02 11:05:50 Skipped test PRNT-2307 (Check CUPSd configuration file permissions) 2020-06-02 11:05:50 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:50 ==== 2020-06-02 11:05:50 Skipped test PRNT-2308 (Check CUPSd network configuration) 2020-06-02 11:05:50 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:50 ==== 2020-06-02 11:05:50 Performing test ID PRNT-2314 (Check lpd status) 2020-06-02 11:05:50 Test: Checking lpd status 2020-06-02 11:05:50 Performing pgrep scan without uid 2020-06-02 11:05:50 IsRunning: process 'lpd' not found 2020-06-02 11:05:50 Result: lp daemon not running 2020-06-02 11:05:50 Hardening: assigned maximum number of hardening points for this item (4). Currently having 156 points (out of 220) 2020-06-02 11:05:50 ==== 2020-06-02 11:05:50 Skipped test PRNT-2316 (Checking /etc/qconfig file) 2020-06-02 11:05:50 Reason to skip: Incorrect guest OS (AIX only) 2020-06-02 11:05:50 ==== 2020-06-02 11:05:50 Skipped test PRNT-2418 (Checking qdaemon printer spooler status) 2020-06-02 11:05:50 Reason to skip: Incorrect guest OS (AIX only) 2020-06-02 11:05:50 ==== 2020-06-02 11:05:50 Skipped test PRNT-2420 (Checking old print jobs) 2020-06-02 11:05:50 Reason to skip: Incorrect guest OS (AIX only) 2020-06-02 11:05:50 Security check: file is normal 2020-06-02 11:05:50 Checking permissions of /root/blueval/lynis/include/tests_mail_messaging 2020-06-02 11:05:50 File permissions are OK 2020-06-02 11:05:50 ==== 2020-06-02 11:05:50 Action: Performing tests from category: Software: e-mail and messaging 2020-06-02 11:05:50 ==== 2020-06-02 11:05:50 Performing test ID MAIL-8802 (Check Exim status) 2020-06-02 11:05:50 Test: check Exim status 2020-06-02 11:05:50 Performing pgrep scan without uid 2020-06-02 11:05:50 IsRunning: process 'exim4' not found 2020-06-02 11:05:50 Performing pgrep scan without uid 2020-06-02 11:05:50 IsRunning: process 'exim' not found 2020-06-02 11:05:50 Result: no running Exim processes found 2020-06-02 11:05:50 ==== 2020-06-02 11:05:50 Skipped test MAIL-8804 (Exim configuration options) 2020-06-02 11:05:50 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:50 ==== 2020-06-02 11:05:50 Performing test ID MAIL-8814 (Check postfix process status) 2020-06-02 11:05:50 Test: check Postfix status 2020-06-02 11:05:50 Result: found running Postfix process 2020-06-02 11:05:50 ==== 2020-06-02 11:05:50 Performing test ID MAIL-8816 (Check Postfix configuration) 2020-06-02 11:05:50 Postfix configuration directory: /etc/postfix 2020-06-02 11:05:50 Postfix configuration file: /etc/postfix/main.cf 2020-06-02 11:05:50 ==== 2020-06-02 11:05:50 Performing test ID MAIL-8817 (Check Postfix configuration errors) 2020-06-02 11:05:50 Test: using postconf to see if Postfix configuration has errors 2020-06-02 11:05:50 Result: all looks to be fine with Postfix configuration 2020-06-02 11:05:50 ==== 2020-06-02 11:05:50 Performing test ID MAIL-8818 (Check Postfix configuration: banner) 2020-06-02 11:05:50 Test: Checking Postfix banner 2020-06-02 11:05:50 Result: found OS, or mail_name in SMTP banner, and/or mail_name contains 'Postfix'. 2020-06-02 11:05:50 Warning: Found some information disclosure in SMTP banner (OS or software name) [test:MAIL-8818] [details:-] [solution:-] 2020-06-02 11:05:50 Suggestion: You are advised to hide the mail_name (option: smtpd_banner) from your postfix configuration. Use postconf -e or change your main.cf file (/etc/postfix/main.cf) [test:MAIL-8818] [details:-] [solution:-] 2020-06-02 11:05:50 ==== 2020-06-02 11:05:50 Performing test ID MAIL-8820 (Postfix configuration scan) 2020-06-02 11:05:50 ==== 2020-06-02 11:05:50 Performing test ID MAIL-8838 (Check dovecot process) 2020-06-02 11:05:50 Test: check dovecot status 2020-06-02 11:05:50 Performing pgrep scan without uid 2020-06-02 11:05:50 IsRunning: process 'dovecot' not found 2020-06-02 11:05:50 Result: dovecot not found 2020-06-02 11:05:50 ==== 2020-06-02 11:05:50 Performing test ID MAIL-8860 (Check Qmail status) 2020-06-02 11:05:50 Test: check Qmail status 2020-06-02 11:05:50 Performing pgrep scan without uid 2020-06-02 11:05:50 IsRunning: process 'qmail-smtpd' not found 2020-06-02 11:05:50 Result: no running Qmail processes found 2020-06-02 11:05:50 ==== 2020-06-02 11:05:50 Performing test ID MAIL-8880 (Check Sendmail status) 2020-06-02 11:05:50 Test: check sendmail status 2020-06-02 11:05:50 Performing pgrep scan without uid 2020-06-02 11:05:50 IsRunning: process 'sendmail' not found 2020-06-02 11:05:50 Result: no running Sendmail processes found 2020-06-02 11:05:50 ==== 2020-06-02 11:05:50 Skipped test MAIL-8920 (Check OpenSMTPD status) 2020-06-02 11:05:50 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:50 Security check: file is normal 2020-06-02 11:05:50 Checking permissions of /root/blueval/lynis/include/tests_firewalls 2020-06-02 11:05:50 File permissions are OK 2020-06-02 11:05:50 ==== 2020-06-02 11:05:50 Action: Performing tests from category: Software: firewalls 2020-06-02 11:05:50 ==== 2020-06-02 11:05:50 Performing test ID FIRE-4502 (Check iptables kernel module) 2020-06-02 11:05:50 Result: Found iptables in loaded kernel modules 2020-06-02 11:05:50 Found module: ip_tables 2020-06-02 11:05:50 ==== 2020-06-02 11:05:50 Performing test ID FIRE-4508 (Check used policies of iptables chains) 2020-06-02 11:05:50 Test: gathering information from table filter 2020-06-02 11:05:50 Result: iptables \nfilter -- INPUT policy is ACCEPT. 2020-06-02 11:05:50 Result: ACCEPT 2020-06-02 11:05:50 Result: Found ACCEPT for INPUT (table: \nfilter) 2020-06-02 11:05:50 Hardening: assigned partial number of hardening points (1 of 3). Currently having 157 points (out of 223) 2020-06-02 11:05:50 Result: iptables filter -- ACCEPT policy is ACCEPT. 2020-06-02 11:05:50 Result: ACCEPT 2020-06-02 11:05:50 Result: iptables filter -- ACCEPT policy is ACCEPT. 2020-06-02 11:05:50 Result: ACCEPT 2020-06-02 11:05:50 Result: iptables filter -- FORWARD policy is ACCEPT. 2020-06-02 11:05:50 Result: ACCEPT 2020-06-02 11:05:50 Result: iptables filter -- CNI policy is FORWARD. 2020-06-02 11:05:50 Result: FORWARD 2020-06-02 11:05:50 Result: iptables filter -- CNI policy is ACCEPT. 2020-06-02 11:05:50 Result: ACCEPT 2020-06-02 11:05:50 Result: iptables filter -- RELATED policy is ESTABLISHED. 2020-06-02 11:05:50 Result: ESTABLISHED 2020-06-02 11:05:50 Result: iptables filter -- ACCEPT policy is ACCEPT. 2020-06-02 11:05:50 Result: ACCEPT 2020-06-02 11:05:50 Result: iptables filter -- REJECT policy is REJECT. 2020-06-02 11:05:50 Result: REJECT 2020-06-02 11:05:50 Result: iptables filter -- OUTPUT policy is ACCEPT. 2020-06-02 11:05:50 Result: ACCEPT 2020-06-02 11:05:50 Result: iptables filter -- ACCEPT policy is CNI. 2020-06-02 11:05:50 Result: CNI 2020-06-02 11:05:50 Result: iptables filter -- ADMIN policy is CNI. 2020-06-02 11:05:50 Result: CNI 2020-06-02 11:05:50 Result: iptables filter -- FORWARD policy is CNI. 2020-06-02 11:05:50 Result: CNI 2020-06-02 11:05:50 Result: iptables filter -- ADMIN policy is CNI. 2020-06-02 11:05:50 Result: CNI 2020-06-02 11:05:50 Result: iptables filter -- ACCEPT policy is RELATED. 2020-06-02 11:05:50 Result: RELATED 2020-06-02 11:05:50 Result: iptables filter -- ESTABLISHED policy is ACCEPT. 2020-06-02 11:05:50 Result: ACCEPT 2020-06-02 11:05:50 ==== 2020-06-02 11:05:50 Performing test ID FIRE-4512 (Check iptables for empty ruleset) 2020-06-02 11:05:50 Result: one or more rules are available (14 rules) 2020-06-02 11:05:50 ==== 2020-06-02 11:05:50 Performing test ID FIRE-4513 (Check iptables for unused rules) 2020-06-02 11:05:50 Result: Found one or more possible unused rules 2020-06-02 11:05:50 Description: Unused rules can be a sign that the firewall rules aren't optimized or up-to-date 2020-06-02 11:05:50 Note: Sometimes rules aren't triggered but still in use. Keep this in mind before cleaning up rules. 2020-06-02 11:05:50 Output: iptables rule numbers: 1 2 3 4 2 3 4 5 6 1 2020-06-02 11:05:50 Suggestion: Check iptables rules to see which rules are currently not used [test:FIRE-4513] [details:-] [solution:-] 2020-06-02 11:05:50 Tip: iptables --list --numeric --line-numbers --verbose 2020-06-02 11:05:50 ==== 2020-06-02 11:05:50 Skipped test FIRE-4518 (Check pf firewall components) 2020-06-02 11:05:50 Reason to skip: No /dev/pf device 2020-06-02 11:05:50 ==== 2020-06-02 11:05:50 Skipped test FIRE-4520 (Check pf configuration consistency) 2020-06-02 11:05:50 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:50 ==== 2020-06-02 11:05:50 Performing test ID FIRE-4524 (Check for CSF presence) 2020-06-02 11:05:50 Test: check /etc/csf/csf.conf 2020-06-02 11:05:50 Result: /etc/csf/csf.conf does NOT exist 2020-06-02 11:05:50 ==== 2020-06-02 11:05:50 Skipped test FIRE-4526 (Check ipf status) 2020-06-02 11:05:50 Reason to skip: Incorrect guest OS (Solaris only) 2020-06-02 11:05:50 ==== 2020-06-02 11:05:50 Skipped test FIRE-4530 (Check IPFW status) 2020-06-02 11:05:50 Reason to skip: Incorrect guest OS (FreeBSD only) 2020-06-02 11:05:50 ==== 2020-06-02 11:05:50 Skipped test FIRE-4532 (Check macOS application firewall) 2020-06-02 11:05:50 Reason to skip: Incorrect guest OS (macOS only) 2020-06-02 11:05:50 ==== 2020-06-02 11:05:50 Skipped test FIRE-4534 (Check for presence of outbound firewalls on macOS) 2020-06-02 11:05:50 Reason to skip: Incorrect guest OS (macOS only) 2020-06-02 11:05:50 ==== 2020-06-02 11:05:50 Skipped test FIRE-4536 (Check nftables status) 2020-06-02 11:05:50 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:51 ==== 2020-06-02 11:05:51 Skipped test FIRE-4538 (Check nftables basic configuration) 2020-06-02 11:05:51 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:51 ==== 2020-06-02 11:05:51 Skipped test FIRE-4540 (Check for empty nftables configuration) 2020-06-02 11:05:51 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:51 ==== 2020-06-02 11:05:51 Performing test ID FIRE-4586 (Check firewall logging) 2020-06-02 11:05:51 ==== 2020-06-02 11:05:51 Performing test ID FIRE-4590 (Check firewall status) 2020-06-02 11:05:51 Result: host based firewall or packet filter is active 2020-06-02 11:05:51 Hardening: assigned maximum number of hardening points for this item (5). Currently having 161 points (out of 225) 2020-06-02 11:05:51 ==== 2020-06-02 11:05:51 Performing test ID FIRE-4594 (Check for APF presence) 2020-06-02 11:05:51 Test: check /etc/apf/conf.apf 2020-06-02 11:05:51 Result: /etc/apf/conf.apf does NOT exist 2020-06-02 11:05:51 Security check: file is normal 2020-06-02 11:05:51 Checking permissions of /root/blueval/lynis/include/tests_webservers 2020-06-02 11:05:51 File permissions are OK 2020-06-02 11:05:51 ==== 2020-06-02 11:05:51 Action: Performing tests from category: Software: webserver 2020-06-02 11:05:51 Action: created temporary file /tmp/lynis.rW4mhzbnR2 2020-06-02 11:05:51 Action: created temporary file /tmp/lynis.FrRcG2ks6F 2020-06-02 11:05:51 ==== 2020-06-02 11:05:51 Performing test ID HTTP-6622 (Checking Apache presence) 2020-06-02 11:05:51 ==== 2020-06-02 11:05:51 Skipped test HTTP-6624 (Testing main Apache configuration file) 2020-06-02 11:05:51 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:51 ==== 2020-06-02 11:05:51 Skipped test HTTP-6626 (Testing other Apache configuration file) 2020-06-02 11:05:51 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:51 ==== 2020-06-02 11:05:51 Skipped test HTTP-6632 (Determining all available Apache modules) 2020-06-02 11:05:51 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:51 ==== 2020-06-02 11:05:51 Skipped test HTTP-6640 (Determining existence of specific Apache modules) 2020-06-02 11:05:51 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:51 ==== 2020-06-02 11:05:51 Skipped test HTTP-6641 (Determining existence of specific Apache modules) 2020-06-02 11:05:51 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:51 ==== 2020-06-02 11:05:51 Skipped test HTTP-6643 (Determining existence of specific Apache modules) 2020-06-02 11:05:51 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:51 ==== 2020-06-02 11:05:51 Performing test ID HTTP-6702 (Check nginx process) 2020-06-02 11:05:51 Test: searching running nginx process 2020-06-02 11:05:51 Performing pgrep scan without uid 2020-06-02 11:05:51 IsRunning: process 'nginx' not found 2020-06-02 11:05:51 Result: no running nginx process found 2020-06-02 11:05:51 ==== 2020-06-02 11:05:51 Skipped test HTTP-6704 (Check nginx configuration file) 2020-06-02 11:05:51 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:51 ==== 2020-06-02 11:05:51 Skipped test HTTP-6706 (Check for additional nginx configuration files) 2020-06-02 11:05:51 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:51 ==== 2020-06-02 11:05:51 Skipped test HTTP-6708 (Check discovered nginx configuration settings) 2020-06-02 11:05:51 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:51 ==== 2020-06-02 11:05:51 Skipped test HTTP-6710 (Check nginx SSL configuration settings) 2020-06-02 11:05:51 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:51 ==== 2020-06-02 11:05:51 Skipped test HTTP-6712 (Check nginx access logging) 2020-06-02 11:05:51 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:51 ==== 2020-06-02 11:05:51 Skipped test HTTP-6714 (Check for missing error logs in nginx) 2020-06-02 11:05:51 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:51 ==== 2020-06-02 11:05:51 Skipped test HTTP-6716 (Check for debug mode on error log in nginx) 2020-06-02 11:05:51 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:51 ==== 2020-06-02 11:05:51 Skipped test HTTP-6720 (Check Nginx log files) 2020-06-02 11:05:51 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:51 Security check: file is normal 2020-06-02 11:05:51 Checking permissions of /root/blueval/lynis/include/tests_ssh 2020-06-02 11:05:51 File permissions are OK 2020-06-02 11:05:51 ==== 2020-06-02 11:05:51 Action: Performing tests from category: SSH Support 2020-06-02 11:05:51 ==== 2020-06-02 11:05:51 Performing test ID SSH-7402 (Check for running SSH daemon) 2020-06-02 11:05:51 Test: Searching for a SSH daemon 2020-06-02 11:05:51 Performing pgrep scan without uid 2020-06-02 11:05:51 IsRunning: process 'sshd' found (8466 9283 ) 2020-06-02 11:05:51 Action: created temporary file /tmp/lynis.XCTSwHqTnu 2020-06-02 11:05:51 ==== 2020-06-02 11:05:51 Performing test ID SSH-7404 (Check SSH daemon file location) 2020-06-02 11:05:51 Test: searching for sshd_config file 2020-06-02 11:05:51 Result: /etc/ssh/sshd_config exists 2020-06-02 11:05:51 Test: check if we can access /etc/ssh/sshd_config (escaped: /etc/ssh/sshd_config) 2020-06-02 11:05:51 Result: file is owned by our current user ID (0), checking if it is readable 2020-06-02 11:05:51 Result: file /etc/ssh/sshd_config is readable (or directory accessible). 2020-06-02 11:05:51 Result: using last found configuration file: /etc/ssh/sshd_config 2020-06-02 11:05:51 ==== 2020-06-02 11:05:51 Performing test ID SSH-7406 (Determine OpenSSH version) 2020-06-02 11:05:51 Result: discovered OpenSSH version is 7.4 2020-06-02 11:05:51 Result: OpenSSH major version: 7 2020-06-02 11:05:51 Result: OpenSSH minor version: 4 2020-06-02 11:05:51 ==== 2020-06-02 11:05:51 Performing test ID SSH-7408 (Check SSH specific defined options) 2020-06-02 11:05:51 Test: Checking specific defined options in /tmp/lynis.XCTSwHqTnu 2020-06-02 11:05:51 Result: added additional options for OpenSSH < 7.5 2020-06-02 11:05:51 Test: Checking AllowTcpForwarding in /tmp/lynis.XCTSwHqTnu 2020-06-02 11:05:51 Result: Option AllowTcpForwarding found 2020-06-02 11:05:51 Result: Option AllowTcpForwarding value is YES 2020-06-02 11:05:51 Result: OpenSSH option AllowTcpForwarding is in a weak configuration state and should be fixed 2020-06-02 11:05:51 Suggestion: Consider hardening SSH configuration [test:SSH-7408] [details:AllowTcpForwarding (set YES to NO)] [solution:-] 2020-06-02 11:05:51 Hardening: assigned partial number of hardening points (0 of 3). Currently having 161 points (out of 228) 2020-06-02 11:05:51 Test: Checking ClientAliveCountMax in /tmp/lynis.XCTSwHqTnu 2020-06-02 11:05:51 Result: Option ClientAliveCountMax found 2020-06-02 11:05:51 Result: Option ClientAliveCountMax value is 3 2020-06-02 11:05:51 Result: OpenSSH option ClientAliveCountMax is configured reasonably 2020-06-02 11:05:51 Suggestion: Consider hardening SSH configuration [test:SSH-7408] [details:ClientAliveCountMax (set 3 to 2)] [solution:-] 2020-06-02 11:05:51 Hardening: assigned partial number of hardening points (1 of 3). Currently having 162 points (out of 231) 2020-06-02 11:05:51 Test: Checking ClientAliveInterval in /tmp/lynis.XCTSwHqTnu 2020-06-02 11:05:51 Result: Option ClientAliveInterval found 2020-06-02 11:05:51 Result: Option ClientAliveInterval value is 0 2020-06-02 11:05:51 Result: OpenSSH option ClientAliveInterval is configured very well 2020-06-02 11:05:51 Hardening: assigned maximum number of hardening points for this item (3). Currently having 165 points (out of 234) 2020-06-02 11:05:51 Test: Checking Compression in /tmp/lynis.XCTSwHqTnu 2020-06-02 11:05:51 Result: Option Compression found 2020-06-02 11:05:51 Result: Option Compression value is YES 2020-06-02 11:05:51 Result: OpenSSH option Compression is in a weak configuration state and should be fixed 2020-06-02 11:05:51 Suggestion: Consider hardening SSH configuration [test:SSH-7408] [details:Compression (set YES to NO)] [solution:-] 2020-06-02 11:05:51 Hardening: assigned partial number of hardening points (0 of 3). Currently having 165 points (out of 237) 2020-06-02 11:05:51 Test: Checking FingerprintHash in /tmp/lynis.XCTSwHqTnu 2020-06-02 11:05:51 Result: Option FingerprintHash found 2020-06-02 11:05:51 Result: Option FingerprintHash value is SHA256 2020-06-02 11:05:51 Result: OpenSSH option FingerprintHash is configured very well 2020-06-02 11:05:51 Hardening: assigned maximum number of hardening points for this item (3). Currently having 168 points (out of 240) 2020-06-02 11:05:51 Test: Checking GatewayPorts in /tmp/lynis.XCTSwHqTnu 2020-06-02 11:05:51 Result: Option GatewayPorts found 2020-06-02 11:05:51 Result: Option GatewayPorts value is NO 2020-06-02 11:05:51 Result: OpenSSH option GatewayPorts is configured very well 2020-06-02 11:05:51 Hardening: assigned maximum number of hardening points for this item (3). Currently having 171 points (out of 243) 2020-06-02 11:05:51 Test: Checking IgnoreRhosts in /tmp/lynis.XCTSwHqTnu 2020-06-02 11:05:51 Result: Option IgnoreRhosts found 2020-06-02 11:05:51 Result: Option IgnoreRhosts value is YES 2020-06-02 11:05:51 Result: OpenSSH option IgnoreRhosts is configured very well 2020-06-02 11:05:51 Hardening: assigned maximum number of hardening points for this item (3). Currently having 174 points (out of 246) 2020-06-02 11:05:51 Test: Checking LoginGraceTime in /tmp/lynis.XCTSwHqTnu 2020-06-02 11:05:51 Result: Option LoginGraceTime found 2020-06-02 11:05:51 Result: Option LoginGraceTime value is 120 2020-06-02 11:05:51 Result: OpenSSH option LoginGraceTime is configured very well 2020-06-02 11:05:51 Hardening: assigned maximum number of hardening points for this item (3). Currently having 177 points (out of 249) 2020-06-02 11:05:51 Test: Checking LogLevel in /tmp/lynis.XCTSwHqTnu 2020-06-02 11:05:51 Result: Option LogLevel found 2020-06-02 11:05:51 Result: Option LogLevel value is INFO 2020-06-02 11:05:51 Result: OpenSSH option LogLevel is configured reasonably 2020-06-02 11:05:51 Suggestion: Consider hardening SSH configuration [test:SSH-7408] [details:LogLevel (set INFO to VERBOSE)] [solution:-] 2020-06-02 11:05:51 Hardening: assigned partial number of hardening points (1 of 3). Currently having 178 points (out of 252) 2020-06-02 11:05:51 Test: Checking MaxAuthTries in /tmp/lynis.XCTSwHqTnu 2020-06-02 11:05:51 Result: Option MaxAuthTries found 2020-06-02 11:05:51 Result: Option MaxAuthTries value is 6 2020-06-02 11:05:51 Result: OpenSSH option MaxAuthTries is configured reasonably 2020-06-02 11:05:51 Suggestion: Consider hardening SSH configuration [test:SSH-7408] [details:MaxAuthTries (set 6 to 3)] [solution:-] 2020-06-02 11:05:51 Hardening: assigned partial number of hardening points (1 of 3). Currently having 179 points (out of 255) 2020-06-02 11:05:51 Test: Checking MaxSessions in /tmp/lynis.XCTSwHqTnu 2020-06-02 11:05:51 Result: Option MaxSessions found 2020-06-02 11:05:51 Result: Option MaxSessions value is 10 2020-06-02 11:05:51 Result: OpenSSH option MaxSessions is in a weak configuration state and should be fixed 2020-06-02 11:05:51 Suggestion: Consider hardening SSH configuration [test:SSH-7408] [details:MaxSessions (set 10 to 2)] [solution:-] 2020-06-02 11:05:51 Hardening: assigned partial number of hardening points (0 of 3). Currently having 179 points (out of 258) 2020-06-02 11:05:51 Test: Checking PermitRootLogin in /tmp/lynis.XCTSwHqTnu 2020-06-02 11:05:51 Result: Option PermitRootLogin found 2020-06-02 11:05:51 Result: Option PermitRootLogin value is YES 2020-06-02 11:05:51 Result: OpenSSH option PermitRootLogin is in a weak configuration state and should be fixed 2020-06-02 11:05:51 Suggestion: Consider hardening SSH configuration [test:SSH-7408] [details:PermitRootLogin (set YES to (FORCED-COMMANDS-ONLY|NO|PROHIBIT-PASSWORD|WITHOUT-PASSWORD))] [solution:-] 2020-06-02 11:05:51 Hardening: assigned partial number of hardening points (0 of 3). Currently having 179 points (out of 261) 2020-06-02 11:05:51 Test: Checking PermitUserEnvironment in /tmp/lynis.XCTSwHqTnu 2020-06-02 11:05:51 Result: Option PermitUserEnvironment found 2020-06-02 11:05:51 Result: Option PermitUserEnvironment value is NO 2020-06-02 11:05:51 Result: OpenSSH option PermitUserEnvironment is configured very well 2020-06-02 11:05:51 Hardening: assigned maximum number of hardening points for this item (3). Currently having 182 points (out of 264) 2020-06-02 11:05:51 Test: Checking PermitTunnel in /tmp/lynis.XCTSwHqTnu 2020-06-02 11:05:51 Result: Option PermitTunnel found 2020-06-02 11:05:51 Result: Option PermitTunnel value is NO 2020-06-02 11:05:51 Result: OpenSSH option PermitTunnel is configured very well 2020-06-02 11:05:51 Hardening: assigned maximum number of hardening points for this item (3). Currently having 185 points (out of 267) 2020-06-02 11:05:51 Test: Checking Port in /tmp/lynis.XCTSwHqTnu 2020-06-02 11:05:51 Result: Option Port found 2020-06-02 11:05:51 Result: Option Port value is 22 2020-06-02 11:05:51 Result: OpenSSH option Port is in a weak configuration state and should be fixed 2020-06-02 11:05:51 Suggestion: Consider hardening SSH configuration [test:SSH-7408] [details:Port (set 22 to )] [solution:-] 2020-06-02 11:05:52 Hardening: assigned partial number of hardening points (0 of 3). Currently having 185 points (out of 270) 2020-06-02 11:05:52 Test: Checking PrintLastLog in /tmp/lynis.XCTSwHqTnu 2020-06-02 11:05:52 Result: Option PrintLastLog found 2020-06-02 11:05:52 Result: Option PrintLastLog value is YES 2020-06-02 11:05:52 Result: OpenSSH option PrintLastLog is configured very well 2020-06-02 11:05:52 Hardening: assigned maximum number of hardening points for this item (3). Currently having 188 points (out of 273) 2020-06-02 11:05:52 Test: Checking StrictModes in /tmp/lynis.XCTSwHqTnu 2020-06-02 11:05:52 Result: Option StrictModes found 2020-06-02 11:05:52 Result: Option StrictModes value is YES 2020-06-02 11:05:52 Result: OpenSSH option StrictModes is configured very well 2020-06-02 11:05:52 Hardening: assigned maximum number of hardening points for this item (3). Currently having 191 points (out of 276) 2020-06-02 11:05:52 Test: Checking TCPKeepAlive in /tmp/lynis.XCTSwHqTnu 2020-06-02 11:05:52 Result: Option TCPKeepAlive found 2020-06-02 11:05:52 Result: Option TCPKeepAlive value is YES 2020-06-02 11:05:52 Result: OpenSSH option TCPKeepAlive is in a weak configuration state and should be fixed 2020-06-02 11:05:52 Suggestion: Consider hardening SSH configuration [test:SSH-7408] [details:TCPKeepAlive (set YES to NO)] [solution:-] 2020-06-02 11:05:52 Hardening: assigned partial number of hardening points (0 of 3). Currently having 191 points (out of 279) 2020-06-02 11:05:52 Test: Checking UseDNS in /tmp/lynis.XCTSwHqTnu 2020-06-02 11:05:52 Result: Option UseDNS found 2020-06-02 11:05:52 Result: Option UseDNS value is YES 2020-06-02 11:05:52 Result: OpenSSH option UseDNS is in a weak configuration state and should be fixed 2020-06-02 11:05:52 Suggestion: Consider hardening SSH configuration [test:SSH-7408] [details:UseDNS (set YES to NO)] [solution:-] 2020-06-02 11:05:52 Hardening: assigned partial number of hardening points (0 of 3). Currently having 191 points (out of 282) 2020-06-02 11:05:52 Test: Checking X11Forwarding in /tmp/lynis.XCTSwHqTnu 2020-06-02 11:05:52 Result: Option X11Forwarding found 2020-06-02 11:05:52 Result: Option X11Forwarding value is YES 2020-06-02 11:05:52 Result: OpenSSH option X11Forwarding is in a weak configuration state and should be fixed 2020-06-02 11:05:52 Suggestion: Consider hardening SSH configuration [test:SSH-7408] [details:X11Forwarding (set YES to NO)] [solution:-] 2020-06-02 11:05:52 Hardening: assigned partial number of hardening points (0 of 3). Currently having 191 points (out of 285) 2020-06-02 11:05:52 Test: Checking AllowAgentForwarding in /tmp/lynis.XCTSwHqTnu 2020-06-02 11:05:52 Result: Option AllowAgentForwarding found 2020-06-02 11:05:52 Result: Option AllowAgentForwarding value is YES 2020-06-02 11:05:52 Result: OpenSSH option AllowAgentForwarding is in a weak configuration state and should be fixed 2020-06-02 11:05:52 Suggestion: Consider hardening SSH configuration [test:SSH-7408] [details:AllowAgentForwarding (set YES to NO)] [solution:-] 2020-06-02 11:05:52 Hardening: assigned partial number of hardening points (0 of 3). Currently having 191 points (out of 288) 2020-06-02 11:05:52 Test: Checking UsePrivilegeSeparation in /tmp/lynis.XCTSwHqTnu 2020-06-02 11:05:52 Result: Option UsePrivilegeSeparation found 2020-06-02 11:05:52 Result: Option UsePrivilegeSeparation value is SANDBOX 2020-06-02 11:05:52 Result: OpenSSH option UsePrivilegeSeparation is configured very well 2020-06-02 11:05:52 Hardening: assigned maximum number of hardening points for this item (3). Currently having 194 points (out of 291) 2020-06-02 11:05:52 ==== 2020-06-02 11:05:52 Performing test ID SSH-7440 (Check OpenSSH option: AllowUsers and AllowGroups) 2020-06-02 11:05:52 Result: AllowUsers is not set 2020-06-02 11:05:52 Result: AllowGroups is not set 2020-06-02 11:05:52 Result: SSH has no specific user or group limitation. Most likely all valid users can SSH to this machine. 2020-06-02 11:05:52 Hardening: assigned partial number of hardening points (0 of 1). Currently having 194 points (out of 292) 2020-06-02 11:05:52 Security check: file is normal 2020-06-02 11:05:52 Checking permissions of /root/blueval/lynis/include/tests_snmp 2020-06-02 11:05:52 File permissions are OK 2020-06-02 11:05:52 ==== 2020-06-02 11:05:52 Action: Performing tests from category: SNMP Support 2020-06-02 11:05:52 ==== 2020-06-02 11:05:52 Performing test ID SNMP-3302 (Check for running SNMP daemon) 2020-06-02 11:05:52 Test: Searching for a SNMP daemon 2020-06-02 11:05:52 Performing pgrep scan without uid 2020-06-02 11:05:52 IsRunning: process 'snmpd' not found 2020-06-02 11:05:52 Result: No running SNMP daemon found 2020-06-02 11:05:52 ==== 2020-06-02 11:05:52 Skipped test SNMP-3304 (Check SNMP daemon file location) 2020-06-02 11:05:52 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:52 ==== 2020-06-02 11:05:52 Skipped test SNMP-3306 (Check SNMP communities) 2020-06-02 11:05:52 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:52 Security check: file is normal 2020-06-02 11:05:52 Checking permissions of /root/blueval/lynis/include/tests_databases 2020-06-02 11:05:52 File permissions are OK 2020-06-02 11:05:52 ==== 2020-06-02 11:05:52 Action: Performing tests from category: Databases 2020-06-02 11:05:52 ==== 2020-06-02 11:05:52 Performing test ID DBS-1804 (Checking active MySQL process) 2020-06-02 11:05:52 Result: MySQL process not active 2020-06-02 11:05:52 ==== 2020-06-02 11:05:52 Skipped test DBS-1816 (Checking MySQL root password) 2020-06-02 11:05:52 Reason to skip: MySQL not installed, or not running 2020-06-02 11:05:52 Test skipped, MySQL daemon not running or no MySQL client available 2020-06-02 11:05:52 ==== 2020-06-02 11:05:52 Performing test ID DBS-1818 (Check status of MongoDB server) 2020-06-02 11:05:52 Performing pgrep scan without uid 2020-06-02 11:05:52 IsRunning: process 'mongod' not found 2020-06-02 11:05:52 ==== 2020-06-02 11:05:52 Performing test ID DBS-1820 (Check for authorization in MongoDB) 2020-06-02 11:05:52 ==== 2020-06-02 11:05:52 Performing test ID DBS-1826 (Checking active PostgreSQL processes) 2020-06-02 11:05:52 Performing pgrep scan without uid 2020-06-02 11:05:52 IsRunning: process 'postgres:' not found 2020-06-02 11:05:52 Result: PostgreSQL process not active 2020-06-02 11:05:52 ==== 2020-06-02 11:05:52 Skipped test DBS-1828 (Test PostgreSQL configuration) 2020-06-02 11:05:52 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:52 ==== 2020-06-02 11:05:52 Performing test ID DBS-1840 (Checking active Oracle processes) 2020-06-02 11:05:52 Result: Oracle process(es) not active 2020-06-02 11:05:52 ==== 2020-06-02 11:05:52 Performing test ID DBS-1860 (Checking active DB2 instances) 2020-06-02 11:05:52 Performing pgrep scan without uid 2020-06-02 11:05:52 IsRunning: process 'db2sysc' not found 2020-06-02 11:05:52 Result: No DB2 instances are running 2020-06-02 11:05:52 ==== 2020-06-02 11:05:52 Performing test ID DBS-1880 (Check for active Redis server) 2020-06-02 11:05:52 Performing pgrep scan without uid 2020-06-02 11:05:52 IsRunning: process 'redis-server' not found 2020-06-02 11:05:52 Result: No Redis processes are running 2020-06-02 11:05:52 ==== 2020-06-02 11:05:52 Skipped test DBS-1882 (Redis configuration file) 2020-06-02 11:05:52 Reason to skip: Redis not running 2020-06-02 11:05:52 ==== 2020-06-02 11:05:52 Skipped test DBS-1884 (Redis: requirepass option configured) 2020-06-02 11:05:52 Reason to skip: Redis not running, or no configuration file found 2020-06-02 11:05:52 ==== 2020-06-02 11:05:52 Skipped test DBS-1886 (Redis: rename-command CONFIG used) 2020-06-02 11:05:52 Reason to skip: Redis not running, or no configuration found 2020-06-02 11:05:52 ==== 2020-06-02 11:05:52 Skipped test DBS-1888 (Redis: bind on localhost) 2020-06-02 11:05:52 Reason to skip: Redis not running, or no configuration found 2020-06-02 11:05:52 Security check: file is normal 2020-06-02 11:05:52 Checking permissions of /root/blueval/lynis/include/tests_ldap 2020-06-02 11:05:52 File permissions are OK 2020-06-02 11:05:52 ==== 2020-06-02 11:05:52 Action: Performing tests from category: LDAP Services 2020-06-02 11:05:52 ==== 2020-06-02 11:05:52 Performing test ID LDAP-2219 (Check running OpenLDAP instance) 2020-06-02 11:05:52 Performing pgrep scan without uid 2020-06-02 11:05:52 IsRunning: process 'slapd' not found 2020-06-02 11:05:52 Result: No running slapd process found. 2020-06-02 11:05:52 ==== 2020-06-02 11:05:52 Skipped test LDAP-2224 (Check presence slapd.conf) 2020-06-02 11:05:52 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:52 Security check: file is normal 2020-06-02 11:05:52 Checking permissions of /root/blueval/lynis/include/tests_php 2020-06-02 11:05:52 File permissions are OK 2020-06-02 11:05:52 ==== 2020-06-02 11:05:52 Action: Performing tests from category: PHP 2020-06-02 11:05:52 ==== 2020-06-02 11:05:52 Performing test ID PHP-2211 (Check php.ini presence) 2020-06-02 11:05:52 Test: Checking for presence php.ini 2020-06-02 11:05:52 Test: checking presence /etc/php.ini 2020-06-02 11:05:52 Result: file /etc/php.ini not found 2020-06-02 11:05:52 Test: checking presence /etc/php.ini.default 2020-06-02 11:05:52 Result: file /etc/php.ini.default not found 2020-06-02 11:05:52 Test: checking presence /etc/php/php.ini 2020-06-02 11:05:52 Result: file /etc/php/php.ini not found 2020-06-02 11:05:52 Test: checking presence /etc/php5.5/php.ini 2020-06-02 11:05:52 Result: file /etc/php5.5/php.ini not found 2020-06-02 11:05:52 Test: checking presence /etc/php5.6/php.ini 2020-06-02 11:05:52 Result: file /etc/php5.6/php.ini not found 2020-06-02 11:05:52 Test: checking presence /etc/php7.0/php.ini 2020-06-02 11:05:52 Result: file /etc/php7.0/php.ini not found 2020-06-02 11:05:52 Test: checking presence /etc/php7.1/php.ini 2020-06-02 11:05:52 Result: file /etc/php7.1/php.ini not found 2020-06-02 11:05:52 Test: checking presence /etc/php7.2/php.ini 2020-06-02 11:05:52 Result: file /etc/php7.2/php.ini not found 2020-06-02 11:05:52 Test: checking presence /etc/php7.3/php.ini 2020-06-02 11:05:52 Result: file /etc/php7.3/php.ini not found 2020-06-02 11:05:52 Test: checking presence /etc/php/cgi-php5/php.ini 2020-06-02 11:05:52 Result: file /etc/php/cgi-php5/php.ini not found 2020-06-02 11:05:52 Test: checking presence /etc/php/cli-php5/php.ini 2020-06-02 11:05:52 Result: file /etc/php/cli-php5/php.ini not found 2020-06-02 11:05:52 Test: checking presence /etc/php/apache2-php5/php.ini 2020-06-02 11:05:52 Result: file /etc/php/apache2-php5/php.ini not found 2020-06-02 11:05:52 Test: checking presence /etc/php/apache2-php5.5/php.ini 2020-06-02 11:05:52 Result: file /etc/php/apache2-php5.5/php.ini not found 2020-06-02 11:05:52 Test: checking presence /etc/php/apache2-php5.6/php.ini 2020-06-02 11:05:52 Result: file /etc/php/apache2-php5.6/php.ini not found 2020-06-02 11:05:52 Test: checking presence /etc/php/apache2-php7.0/php.ini 2020-06-02 11:05:52 Result: file /etc/php/apache2-php7.0/php.ini not found 2020-06-02 11:05:52 Test: checking presence /etc/php/apache2-php7.1/php.ini 2020-06-02 11:05:52 Result: file /etc/php/apache2-php7.1/php.ini not found 2020-06-02 11:05:52 Test: checking presence /etc/php/apache2-php7.2/php.ini 2020-06-02 11:05:52 Result: file /etc/php/apache2-php7.2/php.ini not found 2020-06-02 11:05:52 Test: checking presence /etc/php/apache2-php7.3/php.ini 2020-06-02 11:05:52 Result: file /etc/php/apache2-php7.3/php.ini not found 2020-06-02 11:05:52 Test: checking presence /etc/php/cgi-php5.5/php.ini 2020-06-02 11:05:52 Result: file /etc/php/cgi-php5.5/php.ini not found 2020-06-02 11:05:52 Test: checking presence /etc/php/cgi-php5.6/php.ini 2020-06-02 11:05:52 Result: file /etc/php/cgi-php5.6/php.ini not found 2020-06-02 11:05:52 Test: checking presence /etc/php/cgi-php7.0/php.ini 2020-06-02 11:05:52 Result: file /etc/php/cgi-php7.0/php.ini not found 2020-06-02 11:05:52 Test: checking presence /etc/php/cgi-php7.1/php.ini 2020-06-02 11:05:52 Result: file /etc/php/cgi-php7.1/php.ini not found 2020-06-02 11:05:52 Test: checking presence /etc/php/cgi-php7.2/php.ini 2020-06-02 11:05:52 Result: file /etc/php/cgi-php7.2/php.ini not found 2020-06-02 11:05:52 Test: checking presence /etc/php/cgi-php7.3/php.ini 2020-06-02 11:05:52 Result: file /etc/php/cgi-php7.3/php.ini not found 2020-06-02 11:05:52 Test: checking presence /etc/php/cli-php5.5/php.ini 2020-06-02 11:05:52 Result: file /etc/php/cli-php5.5/php.ini not found 2020-06-02 11:05:52 Test: checking presence /etc/php/cli-php5.6/php.ini 2020-06-02 11:05:52 Result: file /etc/php/cli-php5.6/php.ini not found 2020-06-02 11:05:52 Test: checking presence /etc/php/cli-php7.0/php.ini 2020-06-02 11:05:52 Result: file /etc/php/cli-php7.0/php.ini not found 2020-06-02 11:05:52 Test: checking presence /etc/php/cli-php7.1/php.ini 2020-06-02 11:05:52 Result: file /etc/php/cli-php7.1/php.ini not found 2020-06-02 11:05:52 Test: checking presence /etc/php/cli-php7.2/php.ini 2020-06-02 11:05:52 Result: file /etc/php/cli-php7.2/php.ini not found 2020-06-02 11:05:52 Test: checking presence /etc/php/cli-php7.3/php.ini 2020-06-02 11:05:52 Result: file /etc/php/cli-php7.3/php.ini not found 2020-06-02 11:05:52 Test: checking presence /etc/php/embed-php5.5/php.ini 2020-06-02 11:05:52 Result: file /etc/php/embed-php5.5/php.ini not found 2020-06-02 11:05:52 Test: checking presence /etc/php/embed-php5.6/php.ini 2020-06-02 11:05:52 Result: file /etc/php/embed-php5.6/php.ini not found 2020-06-02 11:05:52 Test: checking presence /etc/php/embed-php7.0/php.ini 2020-06-02 11:05:52 Result: file /etc/php/embed-php7.0/php.ini not found 2020-06-02 11:05:52 Test: checking presence /etc/php/embed-php7.1/php.ini 2020-06-02 11:05:52 Result: file /etc/php/embed-php7.1/php.ini not found 2020-06-02 11:05:52 Test: checking presence /etc/php/embed-php7.2/php.ini 2020-06-02 11:05:52 Result: file /etc/php/embed-php7.2/php.ini not found 2020-06-02 11:05:52 Test: checking presence /etc/php/embed-php7.3/php.ini 2020-06-02 11:05:52 Result: file /etc/php/embed-php7.3/php.ini not found 2020-06-02 11:05:52 Test: checking presence /etc/php/fpm-php7.3/php.ini 2020-06-02 11:05:52 Result: file /etc/php/fpm-php7.3/php.ini not found 2020-06-02 11:05:52 Test: checking presence /etc/php/fpm-php7.2/php.ini 2020-06-02 11:05:52 Result: file /etc/php/fpm-php7.2/php.ini not found 2020-06-02 11:05:52 Test: checking presence /etc/php/fpm-php7.1/php.ini 2020-06-02 11:05:52 Result: file /etc/php/fpm-php7.1/php.ini not found 2020-06-02 11:05:52 Test: checking presence /etc/php/fpm-php7.0/php.ini 2020-06-02 11:05:52 Result: file /etc/php/fpm-php7.0/php.ini not found 2020-06-02 11:05:52 Test: checking presence /etc/php/fpm-php5.5/php.ini 2020-06-02 11:05:52 Result: file /etc/php/fpm-php5.5/php.ini not found 2020-06-02 11:05:52 Test: checking presence /etc/php/fpm-php5.6/php.ini 2020-06-02 11:05:52 Result: file /etc/php/fpm-php5.6/php.ini not found 2020-06-02 11:05:52 Test: checking presence /etc/php5/cgi/php.ini 2020-06-02 11:05:52 Result: file /etc/php5/cgi/php.ini not found 2020-06-02 11:05:52 Test: checking presence /etc/php5/cli/php.ini 2020-06-02 11:05:52 Result: file /etc/php5/cli/php.ini not found 2020-06-02 11:05:52 Test: checking presence /etc/php5/cli-php5.4/php.ini 2020-06-02 11:05:52 Result: file /etc/php5/cli-php5.4/php.ini not found 2020-06-02 11:05:52 Test: checking presence /etc/php5/cli-php5.5/php.ini 2020-06-02 11:05:52 Result: file /etc/php5/cli-php5.5/php.ini not found 2020-06-02 11:05:52 Test: checking presence /etc/php5/cli-php5.6/php.ini 2020-06-02 11:05:52 Result: file /etc/php5/cli-php5.6/php.ini not found 2020-06-02 11:05:52 Test: checking presence /etc/php5/apache2/php.ini 2020-06-02 11:05:52 Result: file /etc/php5/apache2/php.ini not found 2020-06-02 11:05:52 Test: checking presence /etc/php5/fpm/php.ini 2020-06-02 11:05:52 Result: file /etc/php5/fpm/php.ini not found 2020-06-02 11:05:52 Test: checking presence /private/etc/php.ini 2020-06-02 11:05:52 Result: file /private/etc/php.ini not found 2020-06-02 11:05:52 Test: checking presence /etc/php/7.0/apache2/php.ini 2020-06-02 11:05:52 Result: file /etc/php/7.0/apache2/php.ini not found 2020-06-02 11:05:52 Test: checking presence /etc/php/7.1/apache2/php.ini 2020-06-02 11:05:52 Result: file /etc/php/7.1/apache2/php.ini not found 2020-06-02 11:05:52 Test: checking presence /etc/php/7.2/apache2/php.ini 2020-06-02 11:05:52 Result: file /etc/php/7.2/apache2/php.ini not found 2020-06-02 11:05:52 Test: checking presence /etc/php/7.3/apache2/php.ini 2020-06-02 11:05:53 Result: file /etc/php/7.3/apache2/php.ini not found 2020-06-02 11:05:53 Test: checking presence /etc/php/7.0/cli/php.ini 2020-06-02 11:05:53 Result: file /etc/php/7.0/cli/php.ini not found 2020-06-02 11:05:53 Test: checking presence /etc/php/7.0/fpm/php.ini 2020-06-02 11:05:53 Result: file /etc/php/7.0/fpm/php.ini not found 2020-06-02 11:05:53 Test: checking presence /etc/php/7.1/cli/php.ini 2020-06-02 11:05:53 Result: file /etc/php/7.1/cli/php.ini not found 2020-06-02 11:05:53 Test: checking presence /etc/php/7.1/fpm/php.ini 2020-06-02 11:05:53 Result: file /etc/php/7.1/fpm/php.ini not found 2020-06-02 11:05:53 Test: checking presence /etc/php/7.2/cli/php.ini 2020-06-02 11:05:53 Result: file /etc/php/7.2/cli/php.ini not found 2020-06-02 11:05:53 Test: checking presence /etc/php/7.2/fpm/php.ini 2020-06-02 11:05:53 Result: file /etc/php/7.2/fpm/php.ini not found 2020-06-02 11:05:53 Test: checking presence /etc/php/7.3/cli/php.ini 2020-06-02 11:05:53 Result: file /etc/php/7.3/cli/php.ini not found 2020-06-02 11:05:53 Test: checking presence /etc/php/7.3/fpm/php.ini 2020-06-02 11:05:53 Result: file /etc/php/7.3/fpm/php.ini not found 2020-06-02 11:05:53 Test: checking presence /var/www/conf/php.ini 2020-06-02 11:05:53 Result: file /var/www/conf/php.ini not found 2020-06-02 11:05:53 Test: checking presence /usr/local/etc/php.ini 2020-06-02 11:05:53 Result: file /usr/local/etc/php.ini not found 2020-06-02 11:05:53 Test: checking presence /usr/local/lib/php.ini 2020-06-02 11:05:53 Result: file /usr/local/lib/php.ini not found 2020-06-02 11:05:53 Test: checking presence /usr/local/etc/php5/cgi/php.ini 2020-06-02 11:05:53 Result: file /usr/local/etc/php5/cgi/php.ini not found 2020-06-02 11:05:53 Test: checking presence /usr/local/php54/lib/php.ini 2020-06-02 11:05:53 Result: file /usr/local/php54/lib/php.ini not found 2020-06-02 11:05:53 Test: checking presence /usr/local/php56/lib/php.ini 2020-06-02 11:05:53 Result: file /usr/local/php56/lib/php.ini not found 2020-06-02 11:05:53 Test: checking presence /usr/local/php70/lib/php.ini 2020-06-02 11:05:53 Result: file /usr/local/php70/lib/php.ini not found 2020-06-02 11:05:53 Test: checking presence /usr/local/php71/lib/php.ini 2020-06-02 11:05:53 Result: file /usr/local/php71/lib/php.ini not found 2020-06-02 11:05:53 Test: checking presence /usr/local/php72/lib/php.ini 2020-06-02 11:05:53 Result: file /usr/local/php72/lib/php.ini not found 2020-06-02 11:05:53 Test: checking presence /usr/local/php73/lib/php.ini 2020-06-02 11:05:53 Result: file /usr/local/php73/lib/php.ini not found 2020-06-02 11:05:53 Test: checking presence /usr/local/zend/etc/php.ini 2020-06-02 11:05:53 Result: file /usr/local/zend/etc/php.ini not found 2020-06-02 11:05:53 Test: checking presence /usr/pkg/etc/php.ini 2020-06-02 11:05:53 Result: file /usr/pkg/etc/php.ini not found 2020-06-02 11:05:53 Test: checking presence /opt/cpanel/ea-php54/root/etc/php.ini 2020-06-02 11:05:53 Result: file /opt/cpanel/ea-php54/root/etc/php.ini not found 2020-06-02 11:05:53 Test: checking presence /opt/cpanel/ea-php55/root/etc/php.ini 2020-06-02 11:05:53 Result: file /opt/cpanel/ea-php55/root/etc/php.ini not found 2020-06-02 11:05:53 Test: checking presence /opt/cpanel/ea-php56/root/etc/php.ini 2020-06-02 11:05:53 Result: file /opt/cpanel/ea-php56/root/etc/php.ini not found 2020-06-02 11:05:53 Test: checking presence /opt/cpanel/ea-php70/root/etc/php.ini 2020-06-02 11:05:53 Result: file /opt/cpanel/ea-php70/root/etc/php.ini not found 2020-06-02 11:05:53 Test: checking presence /opt/cpanel/ea-php71/root/etc/php.ini 2020-06-02 11:05:53 Result: file /opt/cpanel/ea-php71/root/etc/php.ini not found 2020-06-02 11:05:53 Test: checking presence /opt/cpanel/ea-php72/root/etc/php.ini 2020-06-02 11:05:53 Result: file /opt/cpanel/ea-php72/root/etc/php.ini not found 2020-06-02 11:05:53 Test: checking presence /opt/cpanel/ea-php73/root/etc/php.ini 2020-06-02 11:05:53 Result: file /opt/cpanel/ea-php73/root/etc/php.ini not found 2020-06-02 11:05:53 Test: checking presence /opt/alt/php44/etc/php.ini 2020-06-02 11:05:53 Result: file /opt/alt/php44/etc/php.ini not found 2020-06-02 11:05:53 Test: checking presence /opt/alt/php51/etc/php.ini 2020-06-02 11:05:53 Result: file /opt/alt/php51/etc/php.ini not found 2020-06-02 11:05:53 Test: checking presence /opt/alt/php52/etc/php.ini 2020-06-02 11:05:53 Result: file /opt/alt/php52/etc/php.ini not found 2020-06-02 11:05:53 Test: checking presence /opt/alt/php53/etc/php.ini 2020-06-02 11:05:53 Result: file /opt/alt/php53/etc/php.ini not found 2020-06-02 11:05:53 Test: checking presence /opt/alt/php54/etc/php.ini 2020-06-02 11:05:53 Result: file /opt/alt/php54/etc/php.ini not found 2020-06-02 11:05:53 Test: checking presence /opt/alt/php55/etc/php.ini 2020-06-02 11:05:53 Result: file /opt/alt/php55/etc/php.ini not found 2020-06-02 11:05:53 Test: checking presence /opt/alt/php56/etc/php.ini 2020-06-02 11:05:53 Result: file /opt/alt/php56/etc/php.ini not found 2020-06-02 11:05:53 Test: checking presence /opt/alt/php70/etc/php.ini 2020-06-02 11:05:53 Result: file /opt/alt/php70/etc/php.ini not found 2020-06-02 11:05:53 Test: checking presence /opt/alt/php71/etc/php.ini 2020-06-02 11:05:53 Result: file /opt/alt/php71/etc/php.ini not found 2020-06-02 11:05:53 Test: checking presence /opt/alt/php72/etc/php.ini 2020-06-02 11:05:53 Result: file /opt/alt/php72/etc/php.ini not found 2020-06-02 11:05:53 Test: checking presence /opt/alt/php73/etc/php.ini 2020-06-02 11:05:53 Result: file /opt/alt/php73/etc/php.ini not found 2020-06-02 11:05:53 Test: checking presence /etc/opt/remi/php56/php.ini 2020-06-02 11:05:53 Result: file /etc/opt/remi/php56/php.ini not found 2020-06-02 11:05:53 Test: checking presence /etc/opt/remi/php70/php.ini 2020-06-02 11:05:53 Result: file /etc/opt/remi/php70/php.ini not found 2020-06-02 11:05:53 Test: checking presence /etc/opt/remi/php71/php.ini 2020-06-02 11:05:53 Result: file /etc/opt/remi/php71/php.ini not found 2020-06-02 11:05:53 Test: checking presence /etc/opt/remi/php72/php.ini 2020-06-02 11:05:53 Result: file /etc/opt/remi/php72/php.ini not found 2020-06-02 11:05:53 Test: checking presence /etc/opt/remi/php73/php.ini 2020-06-02 11:05:53 Result: file /etc/opt/remi/php73/php.ini not found 2020-06-02 11:05:53 Test: checking presence /etc/php-5.6.ini 2020-06-02 11:05:53 Result: file /etc/php-5.6.ini not found 2020-06-02 11:05:53 Test: checking presence /etc/php-7.0.ini 2020-06-02 11:05:53 Result: file /etc/php-7.0.ini not found 2020-06-02 11:05:53 Test: checking presence /etc/php-7.1.ini 2020-06-02 11:05:53 Result: file /etc/php-7.1.ini not found 2020-06-02 11:05:53 Test: checking presence /etc/php-7.2.ini 2020-06-02 11:05:53 Result: file /etc/php-7.2.ini not found 2020-06-02 11:05:53 Test: checking presence /etc/php-7.3.ini 2020-06-02 11:05:53 Result: file /etc/php-7.3.ini not found 2020-06-02 11:05:53 Result: no files found for /etc/php5/conf.d 2020-06-02 11:05:53 Result: no files found for /etc/php/7.0/cli/conf.d 2020-06-02 11:05:53 Result: no files found for /etc/php/7.1/cli/conf.d 2020-06-02 11:05:53 Result: no files found for /etc/php/7.2/cli/conf.d 2020-06-02 11:05:53 Result: no files found for /etc/php/7.3/cli/conf.d 2020-06-02 11:05:53 Result: no files found for /etc/php/7.0/fpm/conf.d 2020-06-02 11:05:53 Result: no files found for /etc/php/7.1/fpm/conf.d 2020-06-02 11:05:53 Result: no files found for /etc/php/7.2/fpm/conf.d 2020-06-02 11:05:53 Result: no files found for /etc/php/7.3/fpm/conf.d 2020-06-02 11:05:53 Result: no files found for /etc/php.d 2020-06-02 11:05:53 Result: no files found for /opt/cpanel/ea-php54/root/etc/php.d 2020-06-02 11:05:53 Result: no files found for /opt/cpanel/ea-php55/root/etc/php.d 2020-06-02 11:05:53 Result: no files found for /opt/cpanel/ea-php56/root/etc/php.d 2020-06-02 11:05:53 Result: no files found for /opt/cpanel/ea-php70/root/etc/php.d 2020-06-02 11:05:53 Result: no files found for /opt/cpanel/ea-php71/root/etc/php.d 2020-06-02 11:05:53 Result: no files found for /opt/cpanel/ea-php72/root/etc/php.d 2020-06-02 11:05:53 Result: no files found for /opt/cpanel/ea-php73/root/etc/php.d 2020-06-02 11:05:53 Result: no files found for /opt/alt/php44/etc/php.d.all 2020-06-02 11:05:53 Result: no files found for /opt/alt/php51/etc/php.d.all 2020-06-02 11:05:53 Result: no files found for /opt/alt/php52/etc/php.d.all 2020-06-02 11:05:53 Result: no files found for /opt/alt/php53/etc/php.d.all 2020-06-02 11:05:53 Result: no files found for /opt/alt/php54/etc/php.d.all 2020-06-02 11:05:53 Result: no files found for /opt/alt/php55/etc/php.d.all 2020-06-02 11:05:53 Result: no files found for /opt/alt/php56/etc/php.d.all 2020-06-02 11:05:53 Result: no files found for /opt/alt/php70/etc/php.d.all 2020-06-02 11:05:53 Result: no files found for /opt/alt/php71/etc/php.d.all 2020-06-02 11:05:53 Result: no files found for /opt/alt/php72/etc/php.d.all 2020-06-02 11:05:53 Result: no files found for /opt/alt/php73/etc/php.d.all 2020-06-02 11:05:53 Result: no files found for /usr/local/lib/php.conf.d 2020-06-02 11:05:53 Result: no files found for /usr/local/php70/lib/php.conf.d 2020-06-02 11:05:53 Result: no files found for /usr/local/php71/lib/php.conf.d 2020-06-02 11:05:53 Result: no files found for /usr/local/php72/lib/php.conf.d 2020-06-02 11:05:53 Result: no files found for /usr/local/php73/lib/php.conf.d 2020-06-02 11:05:53 Result: no files found for /etc/php-5.6 2020-06-02 11:05:53 Result: no files found for /etc/php-7.0 2020-06-02 11:05:53 Result: no files found for /etc/php-7.1 2020-06-02 11:05:53 Result: no files found for /etc/php-7.2 2020-06-02 11:05:53 Result: no files found for /etc/php-7.3 2020-06-02 11:05:53 Result: no php.ini file found 2020-06-02 11:05:53 ==== 2020-06-02 11:05:53 Skipped test PHP-2320 (Check PHP disabled functions) 2020-06-02 11:05:53 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:53 ==== 2020-06-02 11:05:53 Skipped test PHP-2368 (Check PHP register_globals option) 2020-06-02 11:05:53 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:53 ==== 2020-06-02 11:05:53 Skipped test PHP-2372 (Check PHP expose_php option) 2020-06-02 11:05:53 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:53 ==== 2020-06-02 11:05:53 Skipped test PHP-2374 (Check PHP enable_dl option) 2020-06-02 11:05:53 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:53 ==== 2020-06-02 11:05:53 Skipped test PHP-2376 (Check PHP allow_url_fopen option) 2020-06-02 11:05:53 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:53 ==== 2020-06-02 11:05:53 Skipped test PHP-2378 (Check PHP allow_url_include option) 2020-06-02 11:05:53 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:53 ==== 2020-06-02 11:05:53 Skipped test PHP-2382 (Check PHP expose_php option) 2020-06-02 11:05:53 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:53 Security check: file is normal 2020-06-02 11:05:53 Checking permissions of /root/blueval/lynis/include/tests_squid 2020-06-02 11:05:53 File permissions are OK 2020-06-02 11:05:53 ==== 2020-06-02 11:05:53 Action: Performing tests from category: Squid Support 2020-06-02 11:05:53 ==== 2020-06-02 11:05:53 Performing test ID SQD-3602 (Check for running Squid daemon) 2020-06-02 11:05:53 Test: Searching for a Squid daemon 2020-06-02 11:05:53 Result: No running Squid daemon found 2020-06-02 11:05:53 ==== 2020-06-02 11:05:53 Skipped test SQD-3604 (Check Squid daemon file location) 2020-06-02 11:05:53 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:53 ==== 2020-06-02 11:05:53 Skipped test SQD-3606 (Check Squid version) 2020-06-02 11:05:53 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:53 ==== 2020-06-02 11:05:53 Skipped test SQD-3610 (Gather Squid settings) 2020-06-02 11:05:53 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:53 ==== 2020-06-02 11:05:53 Skipped test SQD-3613 (Check Squid file permissions) 2020-06-02 11:05:53 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:53 ==== 2020-06-02 11:05:53 Skipped test SQD-3614 (Check Squid authentication methods) 2020-06-02 11:05:53 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:53 ==== 2020-06-02 11:05:53 Skipped test SQD-3616 (Check external Squid authentication) 2020-06-02 11:05:53 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:53 ==== 2020-06-02 11:05:53 Skipped test SQD-3620 (Check Squid access control lists) 2020-06-02 11:05:53 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:53 ==== 2020-06-02 11:05:53 Skipped test SQD-3624 (Check Squid safe ports) 2020-06-02 11:05:53 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:53 ==== 2020-06-02 11:05:53 Skipped test SQD-3630 (Check Squid reply_body_max_size option) 2020-06-02 11:05:53 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:53 ==== 2020-06-02 11:05:53 Skipped test SQD-3680 (Check Squid version suppression) 2020-06-02 11:05:53 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:53 Security check: file is normal 2020-06-02 11:05:53 Checking permissions of /root/blueval/lynis/include/tests_logging 2020-06-02 11:05:53 File permissions are OK 2020-06-02 11:05:53 ==== 2020-06-02 11:05:53 Action: Performing tests from category: Logging and files 2020-06-02 11:05:53 ==== 2020-06-02 11:05:53 Performing test ID LOGG-2130 (Check for running syslog daemon) 2020-06-02 11:05:53 Test: Searching for a logging daemon 2020-06-02 11:05:53 Result: Found a logging daemon 2020-06-02 11:05:53 Hardening: assigned maximum number of hardening points for this item (3). Currently having 197 points (out of 295) 2020-06-02 11:05:53 ==== 2020-06-02 11:05:53 Performing test ID LOGG-2132 (Check for running syslog-ng daemon) 2020-06-02 11:05:53 Test: Searching for syslog-ng daemon in process list 2020-06-02 11:05:53 Performing pgrep scan without uid 2020-06-02 11:05:53 IsRunning: process 'syslog-ng' not found 2020-06-02 11:05:53 Result: Syslog-ng NOT found in process list 2020-06-02 11:05:53 ==== 2020-06-02 11:05:53 Skipped test LOGG-2134 (Checking Syslog-NG configuration file consistency) 2020-06-02 11:05:53 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:53 ==== 2020-06-02 11:05:53 Performing test ID LOGG-2136 (Check for running systemd journal daemon) 2020-06-02 11:05:53 Test: Searching for systemd journal daemon in process list 2020-06-02 11:05:53 Performing pgrep scan without uid 2020-06-02 11:05:53 IsRunning: process 'systemd-journal' found (4124 ) 2020-06-02 11:05:53 ==== 2020-06-02 11:05:53 Performing test ID LOGG-2210 (Check for running metalog daemon) 2020-06-02 11:05:53 Test: Searching for metalog daemon in process list 2020-06-02 11:05:53 Performing pgrep scan without uid 2020-06-02 11:05:53 IsRunning: process 'metalog' not found 2020-06-02 11:05:53 Result: metalog NOT found in process list 2020-06-02 11:05:53 ==== 2020-06-02 11:05:53 Performing test ID LOGG-2230 (Check for running RSyslog daemon) 2020-06-02 11:05:53 Test: Searching for RSyslog daemon in process list 2020-06-02 11:05:53 Performing pgrep scan without uid 2020-06-02 11:05:53 IsRunning: process 'rsyslogd' found (8470 ) 2020-06-02 11:05:53 Result: Found rsyslogd in process list 2020-06-02 11:05:53 ==== 2020-06-02 11:05:53 Performing test ID LOGG-2240 (Check for running RFC 3195 compliant daemon) 2020-06-02 11:05:53 Test: Searching for RFC 3195 daemon (alias syslog reliable) in process list 2020-06-02 11:05:53 Performing pgrep scan without uid 2020-06-02 11:05:53 IsRunning: process 'rfc3195d' not found 2020-06-02 11:05:53 Result: rfc3195d NOT found in process list 2020-06-02 11:05:53 ==== 2020-06-02 11:05:53 Performing test ID LOGG-2138 (Checking kernel logger daemon on Linux) 2020-06-02 11:05:53 Test: Searching kernel logger daemon (klogd) 2020-06-02 11:05:53 Result: test skipped, because other facility is being used to log kernel messages 2020-06-02 11:05:53 ==== 2020-06-02 11:05:53 Performing test ID LOGG-2142 (Checking minilog daemon) 2020-06-02 11:05:53 Result: Checking for unkilled minilogd instances 2020-06-02 11:05:53 Performing pgrep scan without uid 2020-06-02 11:05:53 IsRunning: process 'minilogd' not found 2020-06-02 11:05:53 Result: No minilogd is running 2020-06-02 11:05:53 ==== 2020-06-02 11:05:54 Performing test ID LOGG-2146 (Checking logrotate.conf and logrotate.d) 2020-06-02 11:05:54 Test: Checking for /etc/logrotate.conf 2020-06-02 11:05:54 Result: /etc/logrotate.conf found (file) 2020-06-02 11:05:54 Test: Checking for /etc/logrotate.d (directory) 2020-06-02 11:05:54 Result: /etc/logrotate.d found 2020-06-02 11:05:54 Result: logrotate configuration found 2020-06-02 11:05:54 ==== 2020-06-02 11:05:54 Performing test ID LOGG-2148 (Checking logrotated files) 2020-06-02 11:05:54 Test: Checking which files are rotated with logrotate and if they exist 2020-06-02 11:05:54 Result: found one or more files which are rotated via logrotate 2020-06-02 11:05:54 Output: File:/var/account/pacct:exists 2020-06-02 11:05:54 Output: File:/var/log/boot.log:exists 2020-06-02 11:05:54 Output: File:/var/log/btmp:exists 2020-06-02 11:05:54 Output: File:/var/log/cron:exists 2020-06-02 11:05:54 Output: File:/var/log/haproxy.log:exists 2020-06-02 11:05:54 Output: File:/var/log/iscsiuio.log:exists 2020-06-02 11:05:54 Output: File:/var/log/libvirt/libvirtd.log:exists 2020-06-02 11:05:54 Output: File:/var/log/libvirt/qemu/kni-upi-lab-master-0.log:exists 2020-06-02 11:05:54 Output: File:/var/log/libvirt/qemu/kni-upi-lab-worker-0.log:exists 2020-06-02 11:05:54 Output: File:/var/log/libvirt/qemu/kni-upi-lab-worker-1.log:exists 2020-06-02 11:05:54 Output: File:/var/log/libvirt/qemu/test-29drh-bootstrap.log:exists 2020-06-02 11:05:54 Output: File:/var/log/libvirt/qemu/test-29drh-master-0.log:exists 2020-06-02 11:05:54 Output: File:/var/log/libvirt/qemu/test-4gxcc-bootstrap.log:exists 2020-06-02 11:05:54 Output: File:/var/log/libvirt/qemu/test-4gxcc-master-0.log:exists 2020-06-02 11:05:54 Output: File:/var/log/libvirt/qemu/test-99k2d-bootstrap.log:exists 2020-06-02 11:05:54 Output: File:/var/log/libvirt/qemu/test-99k2d-master-0.log:exists 2020-06-02 11:05:54 Output: File:/var/log/libvirt/qemu/test-cv2ch-bootstrap.log:exists 2020-06-02 11:05:54 Output: File:/var/log/libvirt/qemu/test-cv2ch-master-0.log:exists 2020-06-02 11:05:54 Output: File:/var/log/libvirt/qemu/test-cv2ch-worker-0-9cgpk.log:exists 2020-06-02 11:05:54 Output: File:/var/log/libvirt/qemu/testing-bootstrap.log:exists 2020-06-02 11:05:54 Output: File:/var/log/libvirt/qemu/test-jk9tq-bootstrap.log:exists 2020-06-02 11:05:54 Output: File:/var/log/libvirt/qemu/test-jk9tq-master-0.log:exists 2020-06-02 11:05:54 Output: File:/var/log/libvirt/qemu/test-l4r55-bootstrap.log:exists 2020-06-02 11:05:54 Output: File:/var/log/libvirt/qemu/test-l4r55-master-0.log:exists 2020-06-02 11:05:54 Output: File:/var/log/libvirt/qemu/test-l4r55-worker-0-6jrnv.log:exists 2020-06-02 11:05:54 Output: File:/var/log/libvirt/qemu/test-r66q8-bootstrap.log:exists 2020-06-02 11:05:54 Output: File:/var/log/libvirt/qemu/test-r66q8-master-0.log:exists 2020-06-02 11:05:54 Output: File:/var/log/libvirt/qemu/test-r66q8-worker-0-b4dv7.log:exists 2020-06-02 11:05:54 Output: File:/var/log/libvirt/qemu/test-rnp8v-bootstrap.log:exists 2020-06-02 11:05:54 Output: File:/var/log/libvirt/qemu/test-rnp8v-master-0.log:exists 2020-06-02 11:05:54 Output: File:/var/log/libvirt/qemu/test-rzz8m-bootstrap.log:exists 2020-06-02 11:05:54 Output: File:/var/log/libvirt/qemu/test-rzz8m-master-0.log:exists 2020-06-02 11:05:54 Output: File:/var/log/libvirt/qemu/test-t5dzr-bootstrap.log:exists 2020-06-02 11:05:54 Output: File:/var/log/libvirt/qemu/test-t5dzr-master-0.log:exists 2020-06-02 11:05:54 Output: File:/var/log/libvirt/qemu/test-t5dzr-worker-0-klwwn.log:exists 2020-06-02 11:05:54 Output: File:/var/log/libvirt/qemu/test-vdkh5-bootstrap.log:exists 2020-06-02 11:05:54 Output: File:/var/log/libvirt/qemu/test-vdkh5-master-0.log:exists 2020-06-02 11:05:54 Output: File:/var/log/libvirt/qemu/test-x8tw5-bootstrap.log:exists 2020-06-02 11:05:54 Output: File:/var/log/libvirt/qemu/test-x8tw5-master-0.log:exists 2020-06-02 11:05:54 Output: File:/var/log/libvirt/qemu/test-x8v4t-bootstrap.log:exists 2020-06-02 11:05:54 Output: File:/var/log/libvirt/qemu/test-x8v4t-master-0.log:exists 2020-06-02 11:05:54 Output: File:/var/log/libvirt/qemu/test-xkpjr-bootstrap.log:exists 2020-06-02 11:05:54 Output: File:/var/log/libvirt/qemu/test-xkpjr-master-0.log:exists 2020-06-02 11:05:54 Output: File:/var/log/libvirt/qemu/test-zpxg2-bootstrap.log:exists 2020-06-02 11:05:54 Output: File:/var/log/libvirt/qemu/test-zpxg2-master-0.log:exists 2020-06-02 11:05:54 Output: File:/var/log/libvirt/qemu/test-zzxzt-bootstrap.log:exists 2020-06-02 11:05:54 Output: File:/var/log/libvirt/qemu/test-zzxzt-master-0.log:exists 2020-06-02 11:05:54 Output: File:/var/log/libvirt/qemu/test-zzxzt-worker-0-hvwxg.log:exists 2020-06-02 11:05:54 Output: File:/var/log/maillog:exists 2020-06-02 11:05:54 Output: File:/var/log/messages:exists 2020-06-02 11:05:54 Output: File:/var/log/numad.log:exists 2020-06-02 11:05:54 Output: File:/var/log/secure:exists 2020-06-02 11:05:54 Output: File:/var/log/spooler:exists 2020-06-02 11:05:54 Output: File:/var/log/wpa_supplicant.log:exists 2020-06-02 11:05:54 Output: File:/var/log/wtmp:exists 2020-06-02 11:05:54 Output: File:/var/log/yum.log:exists 2020-06-02 11:05:54 Output: File:/var/log/haproxy.log:does_not_exist 2020-06-02 11:05:54 Output: File:/var/log/iscsiuio.log:does_not_exist 2020-06-02 11:05:54 Output: File:/var/log/libvirt/libvirtd.log:does_not_exist 2020-06-02 11:05:54 Output: File:/var/log/numad.log:does_not_exist 2020-06-02 11:05:54 Output: File:/var/log/wpa_supplicant.log:does_not_exist 2020-06-02 11:05:54 ==== 2020-06-02 11:05:54 Performing test ID LOGG-2150 (Checking directories in logrotate configuration) 2020-06-02 11:05:54 Test: Checking which directories can be found in logrotate configuration 2020-06-02 11:05:54 Result: found one or more directories (via logrotate configuration) 2020-06-02 11:05:54 Directory found: /var/account 2020-06-02 11:05:54 Directory found: /var/log 2020-06-02 11:05:54 Directory found: /var/log/libvirt 2020-06-02 11:05:54 Directory found: /var/log/libvirt/qemu 2020-06-02 11:05:54 ==== 2020-06-02 11:05:54 Skipped test LOGG-2152 (Checking loghost) 2020-06-02 11:05:54 Reason to skip: Incorrect guest OS (Solaris only) 2020-06-02 11:05:54 ==== 2020-06-02 11:05:54 Performing test ID LOGG-2154 (Checking syslog configuration file) 2020-06-02 11:05:54 Test: analyzing file /etc/rsyslog.conf for remote target 2020-06-02 11:05:54 Result: no remote target found 2020-06-02 11:05:54 Test: analyzing file /etc/rsyslog.d/listen.conf for remote target 2020-06-02 11:05:54 Result: no remote target found 2020-06-02 11:05:54 Result: no remote logging found 2020-06-02 11:05:54 Suggestion: Enable logging to an external logging host for archiving purposes and additional protection [test:LOGG-2154] [details:-] [solution:-] 2020-06-02 11:05:54 Hardening: assigned partial number of hardening points (1 of 3). Currently having 198 points (out of 298) 2020-06-02 11:05:54 ==== 2020-06-02 11:05:54 Skipped test LOGG-2160 (Checking /etc/newsyslog.conf) 2020-06-02 11:05:54 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:54 ==== 2020-06-02 11:05:54 Skipped test LOGG-2162 (Checking directories in /etc/newsyslog.conf) 2020-06-02 11:05:54 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:54 ==== 2020-06-02 11:05:54 Skipped test LOGG-2164 (Checking files specified /etc/newsyslog.conf) 2020-06-02 11:05:54 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:54 ==== 2020-06-02 11:05:54 Performing test ID LOGG-2170 (Checking log paths) 2020-06-02 11:05:54 Test: Searching log paths 2020-06-02 11:05:54 Result: directory /var/log exists 2020-06-02 11:05:54 Result: directory /var/adm exists 2020-06-02 11:05:54 ==== 2020-06-02 11:05:54 Performing test ID LOGG-2180 (Checking open log files) 2020-06-02 11:05:54 Test: checking open log files with lsof 2020-06-02 11:05:55 Found logfile: /run/dnsmasq/dnsmasq.log 2020-06-02 11:05:55 Found logfile: /usr/bin/abrt-watch-log 2020-06-02 11:05:55 Found logfile: /var/lib/containers/storage/overlay-containers/19c96926ac803ab88db2985b0268e95254b9cadf3722d04c7d0ac739fa4ebe9d/userdata/ctr.log 2020-06-02 11:05:55 Found logfile: /var/lib/containers/storage/overlay-containers/809e18964728af7a83585d2c3a12b7373ff2bc3a6c562b4d7e769365f06ecb24/userdata/ctr.log 2020-06-02 11:05:55 Found logfile: /var/lib/containers/storage/overlay-containers/823aec98fc8ce454e3359c75d544d9fae731c6e406db3f4a55d1b99aeea9d8ba/userdata/ctr.log 2020-06-02 11:05:55 Found logfile: /var/lib/containers/storage/overlay-containers/8e8ce7660f8e765ff52c355db9c5473dfe94e56aad4c46b90198c83bd55cb236/userdata/ctr.log 2020-06-02 11:05:55 Found logfile: /var/lib/containers/storage/overlay-containers/ce3ff2bcc942e4a8d8dc6ebde991b30f7830af47436f6c719853628d63ae1e94/userdata/ctr.log 2020-06-02 11:05:55 Found logfile: /var/log/audit/audit.log 2020-06-02 11:05:55 Found logfile: /var/log/libvirt/qemu/kni-upi-lab-master-0.log 2020-06-02 11:05:55 Found logfile: /var/log/libvirt/qemu/kni-upi-lab-worker-0.log 2020-06-02 11:05:55 Found logfile: /var/log/libvirt/qemu/kni-upi-lab-worker-1.log 2020-06-02 11:05:55 Found logfile: /var/log/maillog 2020-06-02 11:05:55 Found logfile: /var/log/tuned/tuned.log 2020-06-02 11:05:55 ==== 2020-06-02 11:05:55 Performing test ID LOGG-2190 (Checking for deleted files in use) 2020-06-02 11:05:55 Test: checking deleted files that are still in use 2020-06-02 11:05:55 Result: found one or more files which are deleted, but still in use 2020-06-02 11:05:55 Found deleted file: /tmp/ffihhEO9w(tuned) 2020-06-02 11:05:55 Suggestion: Check what deleted files are still in use and why. [test:LOGG-2190] [details:-] [solution:-] 2020-06-02 11:05:55 ==== 2020-06-02 11:05:55 Performing test ID LOGG-2192 (Checking for open log files that are empty) 2020-06-02 11:05:56 Result: all opened log files are bigger than zero bytes in size 2020-06-02 11:05:56 Security check: file is normal 2020-06-02 11:05:56 Checking permissions of /root/blueval/lynis/include/tests_insecure_services 2020-06-02 11:05:56 File permissions are OK 2020-06-02 11:05:56 ==== 2020-06-02 11:05:56 Action: Performing tests from category: Insecure services 2020-06-02 11:05:56 ==== 2020-06-02 11:05:56 Performing test ID INSE-8000 (Installed inetd package) 2020-06-02 11:05:56 Test: Checking if inetd is installed 2020-06-02 11:05:56 Result: inetd is NOT installed 2020-06-02 11:05:56 ==== 2020-06-02 11:05:56 Skipped test INSE-8002 (Check for enabled inet daemon) 2020-06-02 11:05:56 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:56 ==== 2020-06-02 11:05:56 Skipped test INSE-8004 (Presence of inetd configuration file) 2020-06-02 11:05:56 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:56 ==== 2020-06-02 11:05:56 Skipped test INSE-8006 (Check configuration of inetd when disabled) 2020-06-02 11:05:56 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:56 ==== 2020-06-02 11:05:56 Skipped test INSE-8016 (Check for telnet via inetd) 2020-06-02 11:05:56 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:56 ==== 2020-06-02 11:05:56 Performing test ID INSE-8100 (Check for installed xinetd daemon) 2020-06-02 11:05:56 Test: Checking for installed xinetd daemon 2020-06-02 11:05:56 Result: xinetd is NOT installed 2020-06-02 11:05:56 ==== 2020-06-02 11:05:56 Performing test ID INSE-8102 (Check for active xinet daemon) 2020-06-02 11:05:56 Test: Searching for active extended internet services daemon (xinetd) 2020-06-02 11:05:56 Performing pgrep scan without uid 2020-06-02 11:05:56 IsRunning: process 'xinetd' not found 2020-06-02 11:05:56 Result: xinetd is NOT running 2020-06-02 11:05:56 ==== 2020-06-02 11:05:56 Skipped test INSE-8104 (Check for enabled xinet daemon) 2020-06-02 11:05:56 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:56 ==== 2020-06-02 11:05:56 Skipped test INSE-8106 (Check configuration of xinetd when disabled) 2020-06-02 11:05:56 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:56 ==== 2020-06-02 11:05:56 Skipped test INSE-8116 (Insecure services enabled via xinetd) 2020-06-02 11:05:56 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:56 ==== 2020-06-02 11:05:56 Skipped test INSE-8200 (Check if tcp_wrappers is installed when inetd/xinetd is active) 2020-06-02 11:05:56 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:56 ==== 2020-06-02 11:05:56 Performing test ID INSE-8300 (Check if rsh client is installed) 2020-06-02 11:05:56 Test: Checking if rsh client is installed 2020-06-02 11:05:56 Result: rsh client is NOT installed 2020-06-02 11:05:56 ==== 2020-06-02 11:05:56 Performing test ID INSE-8304 (Check if rsh server is installed) 2020-06-02 11:05:56 Test: Checking if rsh server is installed 2020-06-02 11:05:56 Result: rsh server is NOT installed 2020-06-02 11:05:56 ==== 2020-06-02 11:05:56 Performing test ID INSE-8310 (Check if telnet client is installed) 2020-06-02 11:05:56 Test: Checking if telnet client is installed 2020-06-02 11:05:56 Result: telnet client is NOT installed 2020-06-02 11:05:56 ==== 2020-06-02 11:05:56 Performing test ID INSE-8322 (Check if telnet server is installed) 2020-06-02 11:05:56 Test: Checking if telnet server is installed 2020-06-02 11:05:56 Result: telnet server is NOT installed 2020-06-02 11:05:56 ==== 2020-06-02 11:05:56 Performing test ID INSE-8314 (Check if NIS client is installed) 2020-06-02 11:05:56 Test: Checking if NIS client is installed 2020-06-02 11:05:57 Result: NIS client is NOT installed 2020-06-02 11:05:57 ==== 2020-06-02 11:05:57 Performing test ID INSE-8316 (Check if NIS server is installed) 2020-06-02 11:05:57 Test: Checking if NIS server is installed 2020-06-02 11:05:57 Result: NIS server is NOT installed 2020-06-02 11:05:57 ==== 2020-06-02 11:05:57 Performing test ID INSE-8318 (Check if TFTP client is installed) 2020-06-02 11:05:57 Test: Checking if TFTP client is installed 2020-06-02 11:05:57 Result: TFTP client is NOT installed 2020-06-02 11:05:57 ==== 2020-06-02 11:05:57 Performing test ID INSE-8320 (Check if TFTP server is installed) 2020-06-02 11:05:57 Test: Checking if TFTP server is installed 2020-06-02 11:05:57 Result: TFTP server is NOT installed 2020-06-02 11:05:57 ==== 2020-06-02 11:05:57 Skipped test INSE-8050 (Check for insecure services on macOS) 2020-06-02 11:05:57 Reason to skip: Incorrect guest OS (macOS only) 2020-06-02 11:05:57 Security check: file is normal 2020-06-02 11:05:57 Checking permissions of /root/blueval/lynis/include/tests_banners 2020-06-02 11:05:57 File permissions are OK 2020-06-02 11:05:57 ==== 2020-06-02 11:05:57 Action: Performing tests from category: Banners and identification 2020-06-02 11:05:57 ==== 2020-06-02 11:05:57 Skipped test BANN-7113 (Check COPYRIGHT banner file) 2020-06-02 11:05:57 Reason to skip: Incorrect guest OS (FreeBSD only) 2020-06-02 11:05:57 ==== 2020-06-02 11:05:57 Performing test ID BANN-7124 (Check issue banner file) 2020-06-02 11:05:57 Test: Checking file /etc/issue 2020-06-02 11:05:57 ==== 2020-06-02 11:05:57 Performing test ID BANN-7126 (Check issue banner file contents) 2020-06-02 11:05:57 Test: Checking file /etc/issue contents for legal key words 2020-06-02 11:05:57 Result: Found only 0 key words (5 or more suggested), to warn unauthorized users and could be increased 2020-06-02 11:05:57 Suggestion: Add a legal banner to /etc/issue, to warn unauthorized users [test:BANN-7126] [details:-] [solution:-] 2020-06-02 11:05:57 Hardening: assigned partial number of hardening points (0 of 1). Currently having 198 points (out of 299) 2020-06-02 11:05:57 ==== 2020-06-02 11:05:57 Performing test ID BANN-7128 (Check issue.net banner file) 2020-06-02 11:05:57 Test: Checking file /etc/issue.net 2020-06-02 11:05:57 Result: file /etc/issue.net exists 2020-06-02 11:05:57 ==== 2020-06-02 11:05:57 Performing test ID BANN-7130 (Check issue.net banner file contents) 2020-06-02 11:05:57 Test: Checking file /etc/issue.net contents for legal key words 2020-06-02 11:05:57 Result: Found only 0 key words, to warn unauthorized users and could be increased 2020-06-02 11:05:57 Suggestion: Add legal banner to /etc/issue.net, to warn unauthorized users [test:BANN-7130] [details:-] [solution:-] 2020-06-02 11:05:57 Hardening: assigned partial number of hardening points (0 of 1). Currently having 198 points (out of 300) 2020-06-02 11:05:57 Security check: file is normal 2020-06-02 11:05:57 Checking permissions of /root/blueval/lynis/include/tests_scheduling 2020-06-02 11:05:57 File permissions are OK 2020-06-02 11:05:57 ==== 2020-06-02 11:05:57 Action: Performing tests from category: Scheduled tasks 2020-06-02 11:05:57 ==== 2020-06-02 11:05:57 Performing test ID SCHD-7702 (Check status of cron daemon) 2020-06-02 11:05:57 Result: cron daemon running 2020-06-02 11:05:57 ==== 2020-06-02 11:05:57 Performing test ID SCHD-7704 (Check crontab/cronjobs) 2020-06-02 11:05:57 Test: checking directory /etc/cron.d 2020-06-02 11:05:58 Test: check if we can access /etc/cron.d (escaped: /etc/cron.d) 2020-06-02 11:05:58 Result: file is owned by our current user ID (0), checking if it is readable 2020-06-02 11:05:58 Result: file /etc/cron.d is readable (or directory accessible). 2020-06-02 11:05:58 Result: found directory /etc/cron.d 2020-06-02 11:05:58 Test: searching files in /etc/cron.d 2020-06-02 11:05:58 Result: found one or more files in /etc/cron.d. Analyzing files.. 2020-06-02 11:05:58 Result: Found cronjob (/etc/cron.d/0hourly): 01,*,*,*,*,root,run-parts,/etc/cron.hourly 2020-06-02 11:05:58 Result: Found cronjob (/etc/cron.d/raid-check): 0,1,*,*,Sun,root,/usr/sbin/raid-check 2020-06-02 11:05:58 Result: Found cronjob (/etc/cron.d/sysstat): */10,*,*,*,*,root,/usr/lib64/sa/sa1,1,1 2020-06-02 11:05:58 Result: Found cronjob (/etc/cron.d/sysstat): 53,23,*,*,*,root,/usr/lib64/sa/sa2,-A 2020-06-02 11:05:58 Result: done with analyzing files in /etc/cron.d 2020-06-02 11:05:58 Test: checking directory /etc/cron.hourly 2020-06-02 11:05:58 Result: found directory /etc/cron.hourly 2020-06-02 11:05:58 Test: check if we can access /etc/cron.hourly (escaped: /etc/cron.hourly) 2020-06-02 11:05:58 Result: file is owned by our current user ID (0), checking if it is readable 2020-06-02 11:05:58 Result: file /etc/cron.hourly is readable (or directory accessible). 2020-06-02 11:05:58 Test: searching files in /etc/cron.hourly 2020-06-02 11:05:58 Result: found one or more files in /etc/cron.hourly. Analyzing files.. 2020-06-02 11:05:58 Result: Found cronjob (/etc/cron.hourly): /etc/cron.hourly/0anacron 2020-06-02 11:05:58 Result: done with analyzing files in /etc/cron.hourly 2020-06-02 11:05:58 Test: checking directory /etc/cron.daily 2020-06-02 11:05:58 Result: found directory /etc/cron.daily 2020-06-02 11:05:58 Test: check if we can access /etc/cron.daily (escaped: /etc/cron.daily) 2020-06-02 11:05:58 Result: file is owned by our current user ID (0), checking if it is readable 2020-06-02 11:05:58 Result: file /etc/cron.daily is readable (or directory accessible). 2020-06-02 11:05:58 Test: searching files in /etc/cron.daily 2020-06-02 11:05:58 Result: found one or more files in /etc/cron.daily. Analyzing files.. 2020-06-02 11:05:58 Result: Found cronjob (/etc/cron.daily): /etc/cron.daily/logrotate 2020-06-02 11:05:58 Result: Found cronjob (/etc/cron.daily): /etc/cron.daily/mlocate 2020-06-02 11:05:58 Result: Found cronjob (/etc/cron.daily): /etc/cron.daily/man-db.cron 2020-06-02 11:05:58 Result: done with analyzing files in /etc/cron.daily 2020-06-02 11:05:58 Test: checking directory /etc/cron.weekly 2020-06-02 11:05:58 Result: found directory /etc/cron.weekly 2020-06-02 11:05:58 Test: check if we can access /etc/cron.weekly (escaped: /etc/cron.weekly) 2020-06-02 11:05:58 Result: file is owned by our current user ID (0), checking if it is readable 2020-06-02 11:05:58 Result: file /etc/cron.weekly is readable (or directory accessible). 2020-06-02 11:05:58 Test: searching files in /etc/cron.weekly 2020-06-02 11:05:58 Result: no files found in /etc/cron.weekly 2020-06-02 11:05:58 Test: checking directory /etc/cron.monthly 2020-06-02 11:05:58 Result: found directory /etc/cron.monthly 2020-06-02 11:05:58 Test: check if we can access /etc/cron.monthly (escaped: /etc/cron.monthly) 2020-06-02 11:05:58 Result: file is owned by our current user ID (0), checking if it is readable 2020-06-02 11:05:58 Result: file /etc/cron.monthly is readable (or directory accessible). 2020-06-02 11:05:58 Test: searching files in /etc/cron.monthly 2020-06-02 11:05:58 Result: no files found in /etc/cron.monthly 2020-06-02 11:05:58 Test: checking anacrontab 2020-06-02 11:05:58 Found anacron job (/etc/anacrontab): 1,5,cron.daily,nice,run-parts,/etc/cron.daily 2020-06-02 11:05:58 Found anacron job (/etc/anacrontab): 7,25,cron.weekly,nice,run-parts,/etc/cron.weekly 2020-06-02 11:05:58 Found anacron job (/etc/anacrontab): @monthly,45,cron.monthly,nice,run-parts,/etc/cron.monthly 2020-06-02 11:05:58 ==== 2020-06-02 11:05:58 Performing test ID SCHD-7718 (Check at users) 2020-06-02 11:05:58 Test: Checking atd status 2020-06-02 11:05:58 Result: at daemon active 2020-06-02 11:05:58 ==== 2020-06-02 11:05:58 Performing test ID SCHD-7720 (Check at users) 2020-06-02 11:05:58 Test: checking for file /etc/at.allow 2020-06-02 11:05:58 Result: file /etc/at.allow does not exist 2020-06-02 11:05:58 Test: checking for file /etc/at.deny 2020-06-02 11:05:58 Test: check if we can access /etc/at.deny (escaped: /etc/at.deny) 2020-06-02 11:05:58 Result: file is owned by our current user ID (0), checking if it is readable 2020-06-02 11:05:58 Result: file /etc/at.deny is readable (or directory accessible). 2020-06-02 11:05:58 Result: file /etc/at.deny exists, only non listed users can schedule at jobs 2020-06-02 11:05:58 Result: file is empty, no users are denied access to schedule jobs 2020-06-02 11:05:58 ==== 2020-06-02 11:05:58 Performing test ID SCHD-7724 (Check at jobs) 2020-06-02 11:05:58 Test: Check scheduled at jobs 2020-06-02 11:05:58 Result: no pending at jobs 2020-06-02 11:05:58 Result: no scheduled Lynis execution found (e.g. crontab, cronjob) 2020-06-02 11:05:58 Security check: file is normal 2020-06-02 11:05:58 Checking permissions of /root/blueval/lynis/include/tests_accounting 2020-06-02 11:05:58 File permissions are OK 2020-06-02 11:05:58 ==== 2020-06-02 11:05:58 Action: Performing tests from category: Accounting 2020-06-02 11:05:58 ==== 2020-06-02 11:05:58 Skipped test ACCT-2754 (Check for available FreeBSD accounting information) 2020-06-02 11:05:58 Reason to skip: Incorrect guest OS (FreeBSD only) 2020-06-02 11:05:58 ==== 2020-06-02 11:05:58 Skipped test ACCT-2760 (Check for available OpenBSD accounting information) 2020-06-02 11:05:58 Reason to skip: Incorrect guest OS (OpenBSD only) 2020-06-02 11:05:58 ==== 2020-06-02 11:05:58 Performing test ID ACCT-9622 (Check for available Linux accounting information) 2020-06-02 11:05:58 Test: Check accounting information 2020-06-02 11:05:58 Result: /var/account/pacct available 2020-06-02 11:05:58 Hardening: assigned maximum number of hardening points for this item (3). Currently having 201 points (out of 303) 2020-06-02 11:05:58 ==== 2020-06-02 11:05:58 Performing test ID ACCT-9626 (Check for sysstat accounting data) 2020-06-02 11:05:58 Test: check /etc/default/sysstat presence 2020-06-02 11:05:58 Result: sysstat enabled via /etc/cron.d/sysstat 2020-06-02 11:05:58 ==== 2020-06-02 11:05:58 Performing test ID ACCT-9628 (Check for auditd) 2020-06-02 11:05:58 Test: Check auditd status 2020-06-02 11:05:58 Performing pgrep scan without uid 2020-06-02 11:05:58 IsRunning: process 'auditd' found (7749 ) 2020-06-02 11:05:58 Result: auditd running 2020-06-02 11:05:58 Hardening: assigned maximum number of hardening points for this item (4). Currently having 205 points (out of 307) 2020-06-02 11:05:58 ==== 2020-06-02 11:05:58 Performing test ID ACCT-9630 (Check for auditd rules) 2020-06-02 11:05:58 Test: Checking auditd rules 2020-06-02 11:05:58 Result: auditd rules empty 2020-06-02 11:05:58 Hardening: assigned partial number of hardening points (0 of 2). Currently having 205 points (out of 309) 2020-06-02 11:05:58 Suggestion: Audit daemon is enabled with an empty ruleset. Disable the daemon or define rules [test:ACCT-9630] [details:-] [solution:-] 2020-06-02 11:05:58 ==== 2020-06-02 11:05:58 Performing test ID ACCT-9632 (Check for auditd configuration file) 2020-06-02 11:05:58 Test: Checking auditd configuration file 2020-06-02 11:05:58 Result: /etc/auditd.conf not found 2020-06-02 11:05:58 Result: Found /etc/audit/auditd.conf 2020-06-02 11:05:58 ==== 2020-06-02 11:05:58 Performing test ID ACCT-9634 (Check for auditd log file) 2020-06-02 11:05:58 Test: Checking auditd log file 2020-06-02 11:05:58 Result: log file is defined 2020-06-02 11:05:58 Defined value: /var/log/audit/audit.log 2020-06-02 11:05:58 Result: log file /var/log/audit/audit.log exists on disk 2020-06-02 11:05:58 ==== 2020-06-02 11:05:58 Performing test ID ACCT-9636 (Check for Snoopy wrapper and logger) 2020-06-02 11:05:58 ==== 2020-06-02 11:05:58 Skipped test ACCT-9650 (Check Solaris audit daemon) 2020-06-02 11:05:58 Reason to skip: Incorrect guest OS (Solaris only) 2020-06-02 11:05:58 ==== 2020-06-02 11:05:58 Skipped test ACCT-9652 (Check auditd SMF status) 2020-06-02 11:05:58 Reason to skip: Incorrect guest OS (Solaris only) 2020-06-02 11:05:58 ==== 2020-06-02 11:05:58 Skipped test ACCT-9654 (Check BSM auditing in /etc/system) 2020-06-02 11:05:58 Reason to skip: Incorrect guest OS (Solaris only) 2020-06-02 11:05:58 ==== 2020-06-02 11:05:58 Skipped test ACCT-9656 (Check BSM auditing in module list) 2020-06-02 11:05:58 Reason to skip: Incorrect guest OS (Solaris only) 2020-06-02 11:05:58 ==== 2020-06-02 11:05:58 Skipped test ACCT-9660 (Check location of audit events) 2020-06-02 11:05:58 Reason to skip: Incorrect guest OS (Solaris only) 2020-06-02 11:05:58 ==== 2020-06-02 11:05:58 Skipped test ACCT-9662 (Check Solaris auditing stats) 2020-06-02 11:05:58 Reason to skip: Incorrect guest OS (Solaris only) 2020-06-02 11:05:58 Security check: file is normal 2020-06-02 11:05:58 Checking permissions of /root/blueval/lynis/include/tests_time 2020-06-02 11:05:58 File permissions are OK 2020-06-02 11:05:58 ==== 2020-06-02 11:05:58 Action: Performing tests from category: Time and Synchronization 2020-06-02 11:05:58 ==== 2020-06-02 11:05:58 Performing test ID TIME-3104 (Check for running NTP daemon or client) 2020-06-02 11:05:58 Test: Searching for a running NTP daemon or available client 2020-06-02 11:05:58 result: found chrony configuration: /etc/chrony.conf 2020-06-02 11:05:58 Performing pgrep scan without uid 2020-06-02 11:05:58 IsRunning: process 'chronyd' found (7793 ) 2020-06-02 11:05:58 Performing pgrep scan without uid 2020-06-02 11:05:58 IsRunning: process 'dntpd' not found 2020-06-02 11:05:58 Performing pgrep scan without uid 2020-06-02 11:05:58 IsRunning: process 'timed' not found 2020-06-02 11:05:58 Result: /etc/systemd/timesyncd.conf does not exist 2020-06-02 11:05:58 Test: checking for ntpdate or rdate in crontab file /etc/anacrontab 2020-06-02 11:05:58 Result: no ntpdate or rdate reference found in crontab file /etc/anacrontab 2020-06-02 11:05:58 Test: checking for ntpdate or rdate in crontab file /etc/crontab 2020-06-02 11:05:58 Result: no ntpdate or rdate reference found in crontab file /etc/crontab 2020-06-02 11:05:58 Test: check if we can access /etc/cron.d (escaped: /etc/cron.d) 2020-06-02 11:05:58 Result: file is owned by our current user ID (0), checking if it is readable 2020-06-02 11:05:58 Result: file /etc/cron.d is readable (or directory accessible). 2020-06-02 11:05:58 Test: checking for ntpdate or rdate in /etc/cron.d/0hourly 2020-06-02 11:05:58 Test: check if we can access /etc/cron.d/0hourly (escaped: /etc/cron.d/0hourly) 2020-06-02 11:05:58 Result: file is owned by our current user ID (0), checking if it is readable 2020-06-02 11:05:58 Result: file /etc/cron.d/0hourly is readable (or directory accessible). 2020-06-02 11:05:58 Test: checking for ntpdate or rdate in /etc/cron.d/raid-check 2020-06-02 11:05:58 Test: check if we can access /etc/cron.d/raid-check (escaped: /etc/cron.d/raid-check) 2020-06-02 11:05:58 Result: file is owned by our current user ID (0), checking if it is readable 2020-06-02 11:05:58 Result: file /etc/cron.d/raid-check is readable (or directory accessible). 2020-06-02 11:05:58 Test: checking for ntpdate or rdate in /etc/cron.d/sysstat 2020-06-02 11:05:58 Test: check if we can access /etc/cron.d/sysstat (escaped: /etc/cron.d/sysstat) 2020-06-02 11:05:58 Result: file is owned by our current user ID (0), checking if it is readable 2020-06-02 11:05:59 Result: file /etc/cron.d/sysstat is readable (or directory accessible). 2020-06-02 11:05:59 Test: check if we can access /etc/cron.hourly (escaped: /etc/cron.hourly) 2020-06-02 11:05:59 Result: file is owned by our current user ID (0), checking if it is readable 2020-06-02 11:05:59 Result: file /etc/cron.hourly is readable (or directory accessible). 2020-06-02 11:05:59 Test: checking for ntpdate or rdate in /etc/cron.hourly/0anacron 2020-06-02 11:05:59 Test: check if we can access /etc/cron.hourly/0anacron (escaped: /etc/cron.hourly/0anacron) 2020-06-02 11:05:59 Result: file is owned by our current user ID (0), checking if it is readable 2020-06-02 11:05:59 Result: file /etc/cron.hourly/0anacron is readable (or directory accessible). 2020-06-02 11:05:59 Test: check if we can access /etc/cron.daily (escaped: /etc/cron.daily) 2020-06-02 11:05:59 Result: file is owned by our current user ID (0), checking if it is readable 2020-06-02 11:05:59 Result: file /etc/cron.daily is readable (or directory accessible). 2020-06-02 11:05:59 Test: checking for ntpdate or rdate in /etc/cron.daily/logrotate 2020-06-02 11:05:59 Test: check if we can access /etc/cron.daily/logrotate (escaped: /etc/cron.daily/logrotate) 2020-06-02 11:05:59 Result: file is owned by our current user ID (0), checking if it is readable 2020-06-02 11:05:59 Result: file /etc/cron.daily/logrotate is readable (or directory accessible). 2020-06-02 11:05:59 Test: checking for ntpdate or rdate in /etc/cron.daily/mlocate 2020-06-02 11:05:59 Test: check if we can access /etc/cron.daily/mlocate (escaped: /etc/cron.daily/mlocate) 2020-06-02 11:05:59 Result: file is owned by our current user ID (0), checking if it is readable 2020-06-02 11:05:59 Result: file /etc/cron.daily/mlocate is readable (or directory accessible). 2020-06-02 11:05:59 Test: checking for ntpdate or rdate in /etc/cron.daily/man-db.cron 2020-06-02 11:05:59 Test: check if we can access /etc/cron.daily/man-db.cron (escaped: /etc/cron.daily/man-db.cron) 2020-06-02 11:05:59 Result: file is owned by our current user ID (0), checking if it is readable 2020-06-02 11:05:59 Result: file /etc/cron.daily/man-db.cron is readable (or directory accessible). 2020-06-02 11:05:59 Test: check if we can access /etc/cron.weekly (escaped: /etc/cron.weekly) 2020-06-02 11:05:59 Result: file is owned by our current user ID (0), checking if it is readable 2020-06-02 11:05:59 Result: file /etc/cron.weekly is readable (or directory accessible). 2020-06-02 11:05:59 Result: /etc/cron.weekly is empty, skipping search in directory 2020-06-02 11:05:59 Test: check if we can access /etc/cron.monthly (escaped: /etc/cron.monthly) 2020-06-02 11:05:59 Result: file is owned by our current user ID (0), checking if it is readable 2020-06-02 11:05:59 Result: file /etc/cron.monthly is readable (or directory accessible). 2020-06-02 11:05:59 Result: /etc/cron.monthly is empty, skipping search in directory 2020-06-02 11:05:59 Result: no ntpdate or rdate found in cron directories 2020-06-02 11:05:59 Test: checking for file /etc/network/if-up.d/ntpdate 2020-06-02 11:05:59 Result: file /etc/network/if-up.d/ntpdate does not exist 2020-06-02 11:05:59 Result: Found a time syncing daemon/client. 2020-06-02 11:05:59 Hardening: assigned maximum number of hardening points for this item (3). Currently having 208 points (out of 312) 2020-06-02 11:05:59 ==== 2020-06-02 11:05:59 Skipped test TIME-3106 (Check systemd NTP time synchronization status) 2020-06-02 11:05:59 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:59 ==== 2020-06-02 11:05:59 Skipped test TIME-3112 (Check active NTP associations ID's) 2020-06-02 11:05:59 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:59 ==== 2020-06-02 11:05:59 Skipped test TIME-3116 (Check peers with stratum value of 16) 2020-06-02 11:05:59 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:59 ==== 2020-06-02 11:05:59 Skipped test TIME-3120 (Check unreliable NTP peers) 2020-06-02 11:05:59 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:59 ==== 2020-06-02 11:05:59 Skipped test TIME-3124 (Check selected time source) 2020-06-02 11:05:59 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:59 ==== 2020-06-02 11:05:59 Skipped test TIME-3128 (Check preferred time source) 2020-06-02 11:05:59 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:59 ==== 2020-06-02 11:05:59 Skipped test TIME-3132 (Check NTP falsetickers) 2020-06-02 11:05:59 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:59 ==== 2020-06-02 11:05:59 Skipped test TIME-3136 (Check NTP protocol version) 2020-06-02 11:05:59 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:59 ==== 2020-06-02 11:05:59 Performing test ID TIME-3148 (Check TZ variable) 2020-06-02 11:05:59 Test: testing for TZ variable 2020-06-02 11:05:59 Result: found TZ variable with value notset 2020-06-02 11:05:59 ==== 2020-06-02 11:05:59 Skipped test TIME-3160 (Check empty NTP step-tickers) 2020-06-02 11:05:59 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:59 ==== 2020-06-02 11:05:59 Performing test ID TIME-3170 (Check configuration files) 2020-06-02 11:05:59 Result: found /etc/chrony.conf 2020-06-02 11:05:59 ==== 2020-06-02 11:05:59 Skipped test TIME-3180 (Report if ntpctl cannot communicate with OpenNTPD) 2020-06-02 11:05:59 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:59 ==== 2020-06-02 11:05:59 Skipped test TIME-3181 (Check status of OpenNTPD time synchronisation) 2020-06-02 11:05:59 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:59 ==== 2020-06-02 11:05:59 Skipped test TIME-3182 (Check OpenNTPD has working peers) 2020-06-02 11:05:59 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:05:59 Security check: file is normal 2020-06-02 11:05:59 Checking permissions of /root/blueval/lynis/include/tests_crypto 2020-06-02 11:05:59 File permissions are OK 2020-06-02 11:05:59 ==== 2020-06-02 11:05:59 Action: Performing tests from category: Cryptography 2020-06-02 11:05:59 ==== 2020-06-02 11:05:59 Performing test ID CRYP-7902 (Check expire date of SSL certificates) 2020-06-02 11:05:59 Paths to scan: /etc/apache2 /etc/dovecot /etc/httpd /etc/letsencrypt /etc/pki /etc/postfix /etc/ssl /opt/psa/var/certificates /usr/local/psa/var/certificates /usr/local/share/ca-certificates /usr/share/ca-certificates /usr/share/gnupg /var/www /srv/www 2020-06-02 11:05:59 Paths to ignore: /etc/letsencrypt/archive 2020-06-02 11:05:59 Result: SSL path /etc/apache2 does not exist 2020-06-02 11:05:59 Result: SSL path /etc/dovecot does not exist 2020-06-02 11:05:59 Result: SSL path /etc/httpd does not exist 2020-06-02 11:05:59 Result: SSL path /etc/letsencrypt does not exist 2020-06-02 11:05:59 Test: check if we can access /etc/pki (escaped: /etc/pki) 2020-06-02 11:05:59 Result: file is owned by our current user ID (0), checking if it is readable 2020-06-02 11:05:59 Result: file /etc/pki is readable (or directory accessible). 2020-06-02 11:05:59 Result: found directory /etc/pki 2020-06-02 11:05:59 Test: check if we can access /etc/pki/ca-trust/extracted/openssl/ca-bundle.trust.crt (escaped: /etc/pki/ca-trust/extracted/openssl/ca-bundle.trust.crt) 2020-06-02 11:05:59 Result: file is owned by our current user ID (0), checking if it is readable 2020-06-02 11:05:59 Result: file /etc/pki/ca-trust/extracted/openssl/ca-bundle.trust.crt is readable (or directory accessible). 2020-06-02 11:05:59 Result: file '/etc/pki/ca-trust/extracted/openssl/ca-bundle.trust.crt' belongs to package (ca) 2020-06-02 11:05:59 Test: check if we can access /etc/pki/ca-trust/extracted/pem/email-ca-bundle.pem (escaped: /etc/pki/ca-trust/extracted/pem/email-ca-bundle.pem) 2020-06-02 11:05:59 Result: file is owned by our current user ID (0), checking if it is readable 2020-06-02 11:05:59 Result: file /etc/pki/ca-trust/extracted/pem/email-ca-bundle.pem is readable (or directory accessible). 2020-06-02 11:05:59 Result: file '/etc/pki/ca-trust/extracted/pem/email-ca-bundle.pem' belongs to package (ca) 2020-06-02 11:05:59 Test: check if we can access /etc/pki/ca-trust/extracted/pem/objsign-ca-bundle.pem (escaped: /etc/pki/ca-trust/extracted/pem/objsign-ca-bundle.pem) 2020-06-02 11:05:59 Result: file is owned by our current user ID (0), checking if it is readable 2020-06-02 11:05:59 Result: file /etc/pki/ca-trust/extracted/pem/objsign-ca-bundle.pem is readable (or directory accessible). 2020-06-02 11:05:59 Result: file '/etc/pki/ca-trust/extracted/pem/objsign-ca-bundle.pem' belongs to package (ca) 2020-06-02 11:05:59 Test: check if we can access /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem (escaped: /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem) 2020-06-02 11:05:59 Result: file is owned by our current user ID (0), checking if it is readable 2020-06-02 11:05:59 Result: file /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem is readable (or directory accessible). 2020-06-02 11:05:59 Result: file '/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem' belongs to package (ca) 2020-06-02 11:05:59 Result: found 4 certificates in /etc/pki 2020-06-02 11:05:59 Test: check if we can access /etc/postfix (escaped: /etc/postfix) 2020-06-02 11:05:59 Result: file is owned by our current user ID (0), checking if it is readable 2020-06-02 11:05:59 Result: file /etc/postfix is readable (or directory accessible). 2020-06-02 11:05:59 Result: found directory /etc/postfix 2020-06-02 11:05:59 Result: found 0 certificates in /etc/postfix 2020-06-02 11:05:59 Test: check if we can access /etc/ssl (escaped: /etc/ssl) 2020-06-02 11:05:59 Result: file is owned by our current user ID (0), checking if it is readable 2020-06-02 11:05:59 Result: file /etc/ssl is readable (or directory accessible). 2020-06-02 11:05:59 Result: found directory /etc/ssl 2020-06-02 11:05:59 Result: found 0 certificates in /etc/ssl 2020-06-02 11:05:59 Result: SSL path /opt/psa/var/certificates does not exist 2020-06-02 11:05:59 Result: SSL path /usr/local/psa/var/certificates does not exist 2020-06-02 11:05:59 Result: SSL path /usr/local/share/ca-certificates does not exist 2020-06-02 11:05:59 Result: SSL path /usr/share/ca-certificates does not exist 2020-06-02 11:05:59 Test: check if we can access /usr/share/gnupg (escaped: /usr/share/gnupg) 2020-06-02 11:05:59 Result: file is owned by our current user ID (0), checking if it is readable 2020-06-02 11:05:59 Result: file /usr/share/gnupg is readable (or directory accessible). 2020-06-02 11:05:59 Result: found directory /usr/share/gnupg 2020-06-02 11:05:59 Result: found 0 certificates in /usr/share/gnupg 2020-06-02 11:05:59 Result: SSL path /var/www does not exist 2020-06-02 11:05:59 Result: SSL path /srv/www does not exist 2020-06-02 11:05:59 Result: found a total of 4 certificates 2020-06-02 11:05:59 ==== 2020-06-02 11:05:59 Performing test ID CRYP-7930 (Determine if system uses LUKS block device encryption) 2020-06-02 11:05:59 Result: block device sda is not LUKS encrypted 2020-06-02 11:05:59 Result: block device sda1 is not LUKS encrypted 2020-06-02 11:05:59 Result: block device sda2 is not LUKS encrypted 2020-06-02 11:05:59 Result: block device sda3 is not LUKS encrypted 2020-06-02 11:05:59 ==== 2020-06-02 11:05:59 Performing test ID CRYP-7931 (Determine if system uses encrypted swap) 2020-06-02 11:05:59 Result: Found unencrypted swap device: /dev/sda2 2020-06-02 11:05:59 ==== 2020-06-02 11:05:59 Performing test ID CRYP-8002 (Gather available kernel entropy) 2020-06-02 11:05:59 Result: found kernel entropy value of 3754 2020-06-02 11:06:00 ==== 2020-06-02 11:06:00 Performing test ID CRYP-8004 (Presence of hardware random number generators) 2020-06-02 11:06:00 Test: looking for /sys/class/misc/hw_random/rng_current 2020-06-02 11:06:00 Result: no HW RNG available 2020-06-02 11:06:00 ==== 2020-06-02 11:06:00 Performing test ID CRYP-8005 (Presence of software pseudo random number generators) 2020-06-02 11:06:00 Test: looking for software pseudo random number generators 2020-06-02 11:06:00 Performing pgrep scan without uid 2020-06-02 11:06:00 IsRunning: process 'audio-entropyd' not found 2020-06-02 11:06:00 Performing pgrep scan without uid 2020-06-02 11:06:00 IsRunning: process 'haveged' not found 2020-06-02 11:06:00 Performing pgrep scan without uid 2020-06-02 11:06:00 IsRunning: process 'jitterentropy-rngd' not found 2020-06-02 11:06:00 Suggestion: Utilize software pseudo random number generators [test:CRYP-8005] [details:-] [solution:-] 2020-06-02 11:06:00 Security check: file is normal 2020-06-02 11:06:00 Checking permissions of /root/blueval/lynis/include/tests_virtualization 2020-06-02 11:06:00 File permissions are OK 2020-06-02 11:06:00 ==== 2020-06-02 11:06:00 Action: Performing tests from category: Virtualization 2020-06-02 11:06:00 Security check: file is normal 2020-06-02 11:06:00 Checking permissions of /root/blueval/lynis/include/tests_containers 2020-06-02 11:06:00 File permissions are OK 2020-06-02 11:06:00 ==== 2020-06-02 11:06:00 Action: Performing tests from category: Containers 2020-06-02 11:06:00 ==== 2020-06-02 11:06:00 Skipped test CONT-8004 (Query running Solaris zones) 2020-06-02 11:06:00 Reason to skip: Incorrect guest OS (Solaris only) 2020-06-02 11:06:00 ==== 2020-06-02 11:06:00 Performing test ID CONT-8102 (Checking Docker status and information) 2020-06-02 11:06:00 Performing pgrep scan without uid 2020-06-02 11:06:00 IsRunning: process 'dockerd' not found 2020-06-02 11:06:00 ==== 2020-06-02 11:06:00 Skipped test CONT-8104 (Checking Docker info for any warnings) 2020-06-02 11:06:00 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:06:00 ==== 2020-06-02 11:06:00 Skipped test CONT-8106 (Gather basic stats from Docker) 2020-06-02 11:06:00 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:06:00 ==== 2020-06-02 11:06:00 Skipped test CONT-8107 (Check number of Docker containers) 2020-06-02 11:06:00 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:06:00 ==== 2020-06-02 11:06:00 Skipped test CONT-8108 (Check file permissions for Docker files) 2020-06-02 11:06:00 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:06:00 Security check: file is normal 2020-06-02 11:06:00 Checking permissions of /root/blueval/lynis/include/tests_mac_frameworks 2020-06-02 11:06:00 File permissions are OK 2020-06-02 11:06:00 ==== 2020-06-02 11:06:00 Action: Performing tests from category: Security frameworks 2020-06-02 11:06:00 ==== 2020-06-02 11:06:00 Performing test ID MACF-6204 (Check AppArmor presence) 2020-06-02 11:06:00 Result: aa-status binary not found, AppArmor not installed 2020-06-02 11:06:00 ==== 2020-06-02 11:06:00 Skipped test MACF-6208 (Check if AppArmor is enabled) 2020-06-02 11:06:00 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:06:00 ==== 2020-06-02 11:06:00 Performing test ID MACF-6232 (Check SELINUX presence) 2020-06-02 11:06:00 Test: checking if we have sestatus binary 2020-06-02 11:06:00 Result: found sestatus binary (/usr/sbin/sestatus) 2020-06-02 11:06:00 ==== 2020-06-02 11:06:00 Performing test ID MACF-6234 (Check SELINUX status) 2020-06-02 11:06:00 Result: SELinux framework is enabled 2020-06-02 11:06:00 Result: current SELinux mode is enforcing 2020-06-02 11:06:00 Result: mode configured in config file is enforcing 2020-06-02 11:06:00 Result: Current SELinux mode is the same as in config file. 2020-06-02 11:06:02 Permissive SELinux object types: 2020-06-02 11:06:02 Unconfined processes: unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 535 /bin/sh ./lynis audit system unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 6537 /bin/sh ./lynis audit system unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 6538 /usr/bin/ps -eo label,pid,command unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 6539 /usr/bin/grep [u]nconfined_t unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 6540 /usr/bin/tr \n unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 9283 sshd: root@pts/0 unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 9294 -bash unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 9333 tmux unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 9335 tmux unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 9336 -bash 2020-06-02 11:06:02 Processes with initrc_t type: 2020-06-02 11:06:02 ==== 2020-06-02 11:06:02 Performing test ID MACF-6240 (Check TOMOYO Linux presence) 2020-06-02 11:06:02 Test: checking if we have tomoyo-init binary 2020-06-02 11:06:02 Result: tomoyo-init binary not found 2020-06-02 11:06:02 ==== 2020-06-02 11:06:02 Skipped test MACF-6242 (Check TOMOYO Linux status) 2020-06-02 11:06:02 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:06:02 ==== 2020-06-02 11:06:02 Performing test ID RBAC-6272 (Check grsecurity presence) 2020-06-02 11:06:02 Result: no grsecurity found in kernel config 2020-06-02 11:06:02 ==== 2020-06-02 11:06:02 Performing test ID MACF-6290 (Check for implemented MAC framework) 2020-06-02 11:06:02 Hardening: assigned maximum number of hardening points for this item (3). Currently having 211 points (out of 315) 2020-06-02 11:06:02 Result: found implemented MAC framework 2020-06-02 11:06:02 Security check: file is normal 2020-06-02 11:06:02 Checking permissions of /root/blueval/lynis/include/tests_file_integrity 2020-06-02 11:06:02 File permissions are OK 2020-06-02 11:06:02 ==== 2020-06-02 11:06:02 Action: Performing tests from category: Software: file integrity 2020-06-02 11:06:02 ==== 2020-06-02 11:06:02 Performing test ID FINT-4310 (AFICK availability) 2020-06-02 11:06:02 Test: Checking AFICK binary 2020-06-02 11:06:02 Result: AFICK is not installed 2020-06-02 11:06:02 ==== 2020-06-02 11:06:02 Performing test ID FINT-4314 (AIDE availability) 2020-06-02 11:06:02 Test: Checking AIDE binary 2020-06-02 11:06:02 Result: AIDE is not installed 2020-06-02 11:06:02 ==== 2020-06-02 11:06:02 Skipped test FINT-4315 (Check AIDE configuration file) 2020-06-02 11:06:02 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:06:02 ==== 2020-06-02 11:06:02 Skipped test FINT-4316 (Presence of AIDE database and size check) 2020-06-02 11:06:02 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:06:02 ==== 2020-06-02 11:06:02 Performing test ID FINT-4318 (Osiris availability) 2020-06-02 11:06:02 Test: Checking Osiris binary 2020-06-02 11:06:02 Result: Osiris is not installed 2020-06-02 11:06:02 ==== 2020-06-02 11:06:02 Performing test ID FINT-4322 (Samhain availability) 2020-06-02 11:06:02 Test: Checking Samhain binary 2020-06-02 11:06:02 Result: Samhain is not installed 2020-06-02 11:06:02 ==== 2020-06-02 11:06:02 Performing test ID FINT-4326 (Tripwire availability) 2020-06-02 11:06:02 Test: Checking Tripwire binary 2020-06-02 11:06:02 Result: Tripwire is not installed 2020-06-02 11:06:02 ==== 2020-06-02 11:06:02 Performing test ID FINT-4328 (OSSEC syscheck daemon running) 2020-06-02 11:06:02 Test: Checking if OSSEC syscheck daemon is running 2020-06-02 11:06:02 Performing pgrep scan without uid 2020-06-02 11:06:02 IsRunning: process 'ossec-syscheckd' not found 2020-06-02 11:06:02 Result: syscheck (OSSEC) is not active 2020-06-02 11:06:02 ==== 2020-06-02 11:06:02 Performing test ID FINT-4330 (mtree availability) 2020-06-02 11:06:02 Test: Checking mtree binary 2020-06-02 11:06:02 Result: mtree is not installed 2020-06-02 11:06:02 ==== 2020-06-02 11:06:02 Skipped test FINT-4334 (Check lfd daemon status) 2020-06-02 11:06:02 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:06:02 ==== 2020-06-02 11:06:02 Skipped test FINT-4336 (Check lfd configuration status) 2020-06-02 11:06:02 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:06:02 ==== 2020-06-02 11:06:02 Performing test ID FINT-4338 (osqueryd syscheck daemon running) 2020-06-02 11:06:02 Test: Checking if osqueryd syscheck daemon is running 2020-06-02 11:06:02 Performing pgrep scan without uid 2020-06-02 11:06:02 IsRunning: process 'osqueryd' not found 2020-06-02 11:06:02 Result: syscheck (osquery) not installed 2020-06-02 11:06:02 ==== 2020-06-02 11:06:02 Skipped test FINT-4339 (Check IMA/EVM status) 2020-06-02 11:06:02 Reason to skip: No evmctl binary found 2020-06-02 11:06:02 ==== 2020-06-02 11:06:02 Skipped test FINT-4340 (Check dm-integrity status) 2020-06-02 11:06:02 Reason to skip: No integritysetup binary found 2020-06-02 11:06:02 ==== 2020-06-02 11:06:02 Skipped test FINT-4341 (Check dm-verity status) 2020-06-02 11:06:02 Reason to skip: No veritysetup binary found 2020-06-02 11:06:02 ==== 2020-06-02 11:06:02 Skipped test FINT-4402 (AIDE configuration: Checksums (SHA256 or SHA512)) 2020-06-02 11:06:02 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:06:02 ==== 2020-06-02 11:06:02 Performing test ID FINT-4350 (File integrity software installed) 2020-06-02 11:06:02 Test: Check if at least on file integrity tool is available/installed 2020-06-02 11:06:02 Result: No file integrity tools found 2020-06-02 11:06:02 Suggestion: Install a file integrity tool to monitor changes to critical and sensitive files [test:FINT-4350] [details:-] [solution:-] 2020-06-02 11:06:02 Hardening: assigned partial number of hardening points (0 of 5). Currently having 211 points (out of 320) 2020-06-02 11:06:02 Security check: file is normal 2020-06-02 11:06:02 Checking permissions of /root/blueval/lynis/include/tests_tooling 2020-06-02 11:06:02 File permissions are OK 2020-06-02 11:06:02 ==== 2020-06-02 11:06:02 Action: Performing tests from category: Software: System tooling 2020-06-02 11:06:02 ==== 2020-06-02 11:06:02 Performing test ID TOOL-5002 (Checking for automation tools) 2020-06-02 11:06:02 Test: checking if directory /root/.ansible exists 2020-06-02 11:06:02 Result: directory /root/.ansible NOT found 2020-06-02 11:06:02 Test: checking if directory /etc/ansible exists 2020-06-02 11:06:02 Result: directory /etc/ansible NOT found 2020-06-02 11:06:02 Test: checking if directory /root/.ansible exists 2020-06-02 11:06:02 Result: directory /root/.ansible NOT found 2020-06-02 11:06:02 Test: checking if directory /tmp/.ansible exists 2020-06-02 11:06:02 Result: directory /tmp/.ansible NOT found 2020-06-02 11:06:02 Test: checking if file /var/log/ansible.log exists 2020-06-02 11:06:02 Result: file /var/log/ansible.log NOT found 2020-06-02 11:06:02 Test: checking if file ~/.ansible-retry exists 2020-06-02 11:06:02 Result: file ~/.ansible-retry NOT found 2020-06-02 11:06:02 Performing pgrep scan without uid 2020-06-02 11:06:02 IsRunning: process 'puppet master' not found 2020-06-02 11:06:02 Suggestion: Determine if automation tools are present for system management [test:TOOL-5002] [details:-] [solution:-] 2020-06-02 11:06:02 ==== 2020-06-02 11:06:02 Performing test ID TOOL-5102 (Check for presence of Fail2ban) 2020-06-02 11:06:02 Result: Fail2ban not present (fail2ban-server not found) 2020-06-02 11:06:02 Checking Fail2ban configuration file 2020-06-02 11:06:02 ==== 2020-06-02 11:06:02 Skipped test TOOL-5104 (Enabled tests in Fail2ban) 2020-06-02 11:06:02 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:06:03 ==== 2020-06-02 11:06:03 Performing test ID TOOL-5120 (Check for presence of Snort) 2020-06-02 11:06:03 Performing pgrep scan without uid 2020-06-02 11:06:03 IsRunning: process 'snort' not found 2020-06-02 11:06:03 Result: Snort not present (Snort not running) 2020-06-02 11:06:03 ==== 2020-06-02 11:06:03 Performing test ID TOOL-5122 (Check Snort configuration file) 2020-06-02 11:06:03 ==== 2020-06-02 11:06:03 Performing test ID TOOL-5126 (Check for active OSSEC daemon) 2020-06-02 11:06:03 Performing pgrep scan without uid 2020-06-02 11:06:03 IsRunning: process 'ossec-analysisd' not found 2020-06-02 11:06:03 Result: OSSEC analysis daemon not active 2020-06-02 11:06:03 Performing pgrep scan without uid 2020-06-02 11:06:03 IsRunning: process 'ossec-agentd' not found 2020-06-02 11:06:03 Result: OSSEC agent daemon not active 2020-06-02 11:06:03 ==== 2020-06-02 11:06:03 Performing test ID TOOL-5190 (Check presence of IDS/IPS tool) 2020-06-02 11:06:03 Hardening: assigned partial number of hardening points (0 of 2). Currently having 211 points (out of 322) 2020-06-02 11:06:03 Security check: file is normal 2020-06-02 11:06:03 Checking permissions of /root/blueval/lynis/include/tests_malware 2020-06-02 11:06:03 File permissions are OK 2020-06-02 11:06:03 ==== 2020-06-02 11:06:03 Action: Performing tests from category: Software: Malware 2020-06-02 11:06:03 ==== 2020-06-02 11:06:03 Performing test ID MALW-3275 (Check for chkrootkit) 2020-06-02 11:06:03 Test: checking presence chkrootkit 2020-06-02 11:06:03 Result: chkrootkit not found 2020-06-02 11:06:03 ==== 2020-06-02 11:06:03 Performing test ID MALW-3276 (Check for Rootkit Hunter) 2020-06-02 11:06:03 Test: checking presence Rootkit Hunter 2020-06-02 11:06:03 Result: Rootkit Hunter not found 2020-06-02 11:06:03 ==== 2020-06-02 11:06:03 Performing test ID MALW-3278 (Check for LMD) 2020-06-02 11:06:03 Test: checking presence LMD 2020-06-02 11:06:03 Result: LMD not found 2020-06-02 11:06:03 ==== 2020-06-02 11:06:03 Performing test ID MALW-3280 (Check if anti-virus tool is installed) 2020-06-02 11:06:03 Test: checking process esets_daemon 2020-06-02 11:06:03 Performing pgrep scan without uid 2020-06-02 11:06:03 IsRunning: process 'esets_daemon' not found 2020-06-02 11:06:03 Test: checking process epagd 2020-06-02 11:06:03 Performing pgrep scan without uid 2020-06-02 11:06:03 IsRunning: process 'epagd' not found 2020-06-02 11:06:03 Test: checking process com.avast.daemon 2020-06-02 11:06:03 Performing pgrep scan without uid 2020-06-02 11:06:03 IsRunning: process 'com.avast.daemon' not found 2020-06-02 11:06:03 Test: checking process Avira daemon 2020-06-02 11:06:03 Performing pgrep scan without uid 2020-06-02 11:06:03 IsRunning: process 'avqmd' not found 2020-06-02 11:06:03 Test: checking process falcon-sensor (CrowdStrike) 2020-06-02 11:06:03 Performing pgrep scan without uid 2020-06-02 11:06:03 IsRunning: process 'falcon-sensor' not found 2020-06-02 11:06:03 Test: checking process CylanceSvc 2020-06-02 11:06:03 Performing pgrep scan without uid 2020-06-02 11:06:03 IsRunning: process 'CylanceSvc' not found 2020-06-02 11:06:03 Test: checking process wdserver or klnagent (Kaspersky) 2020-06-02 11:06:03 Performing pgrep scan without uid 2020-06-02 11:06:03 IsRunning: process 'klnagent' not found 2020-06-02 11:06:03 Test: checking process cma or cmdagent (McAfee) 2020-06-02 11:06:03 Performing pgrep scan without uid 2020-06-02 11:06:03 IsRunning: process 'cmdagent' not found 2020-06-02 11:06:03 Test: checking process savscand 2020-06-02 11:06:03 Performing pgrep scan without uid 2020-06-02 11:06:03 IsRunning: process 'savscand' not found 2020-06-02 11:06:03 Test: checking process SophosScanD 2020-06-02 11:06:03 Performing pgrep scan without uid 2020-06-02 11:06:03 IsRunning: process 'SophosScanD' not found 2020-06-02 11:06:03 Test: checking process rtvscand 2020-06-02 11:06:03 Performing pgrep scan without uid 2020-06-02 11:06:03 IsRunning: process 'rtvscand' not found 2020-06-02 11:06:03 Test: checking process Symantec management client service 2020-06-02 11:06:03 Performing pgrep scan without uid 2020-06-02 11:06:03 IsRunning: process 'smcd' not found 2020-06-02 11:06:03 Test: checking process Symantec Endpoint Protection configuration service 2020-06-02 11:06:03 Performing pgrep scan without uid 2020-06-02 11:06:03 IsRunning: process 'symcfgd' not found 2020-06-02 11:06:03 Test: checking process TmccMac to test for Trend Micro anti-virus (macOS) 2020-06-02 11:06:03 Performing pgrep scan without uid 2020-06-02 11:06:03 IsRunning: process 'TmccMac' not found 2020-06-02 11:06:03 Result: no commercial anti-virus tools found 2020-06-02 11:06:03 Hardening: assigned partial number of hardening points (0 of 3). Currently having 211 points (out of 325) 2020-06-02 11:06:03 ==== 2020-06-02 11:06:03 Performing test ID MALW-3282 (Check for clamscan) 2020-06-02 11:06:03 Test: checking presence clamscan 2020-06-02 11:06:03 Result: clamscan couldn't be found 2020-06-02 11:06:03 ==== 2020-06-02 11:06:03 Performing test ID MALW-3284 (Check for clamd) 2020-06-02 11:06:03 Test: checking running ClamAV daemon (clamd) 2020-06-02 11:06:03 Performing pgrep scan without uid 2020-06-02 11:06:03 IsRunning: process 'clamd' not found 2020-06-02 11:06:03 Result: clamd not running 2020-06-02 11:06:03 ==== 2020-06-02 11:06:03 Skipped test MALW-3286 (Check for freshclam) 2020-06-02 11:06:03 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:06:03 ==== 2020-06-02 11:06:03 Skipped test MALW-3288 (Check for ClamXav) 2020-06-02 11:06:03 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2020-06-02 11:06:03 Security check: file is normal 2020-06-02 11:06:03 Checking permissions of /root/blueval/lynis/include/tests_file_permissions 2020-06-02 11:06:03 File permissions are OK 2020-06-02 11:06:03 ==== 2020-06-02 11:06:03 Action: Performing tests from category: File Permissions 2020-06-02 11:06:03 ==== 2020-06-02 11:06:03 Performing test ID FILE-7524 (Perform file permissions check) 2020-06-02 11:06:03 Test: Checking file permissions 2020-06-02 11:06:03 Using profile /root/blueval/lynis/default.prf for baseline. 2020-06-02 11:06:03 Test: checking file/directory /boot/grub/grub.cfg 2020-06-02 11:06:03 Skipping file/directory /boot/grub/grub.cfg as it does not exist on this system 2020-06-02 11:06:03 Test: checking file/directory /boot/grub2/grub.cfg 2020-06-02 11:06:03 Test: checking if file /boot/grub2/grub.cfg has the permissions set to 600 or more restrictive 2020-06-02 11:06:03 Outcome: permissions of file /boot/grub2/grub.cfg are not matching expected value (644 != rw-------) 2020-06-02 11:06:03 Test: checking file/directory /boot/grub2/user.cfg 2020-06-02 11:06:03 Skipping file/directory /boot/grub2/user.cfg as it does not exist on this system 2020-06-02 11:06:03 Test: checking file/directory /etc/at.allow 2020-06-02 11:06:03 Skipping file/directory /etc/at.allow as it does not exist on this system 2020-06-02 11:06:03 Test: checking file/directory /etc/at.deny 2020-06-02 11:06:03 Test: checking if file /etc/at.deny has the permissions set to 600 or more restrictive 2020-06-02 11:06:03 Outcome: permissions of file /etc/at.deny are not matching expected value (644 != rw-------) 2020-06-02 11:06:03 Test: checking file/directory /etc/cron.allow 2020-06-02 11:06:03 Skipping file/directory /etc/cron.allow as it does not exist on this system 2020-06-02 11:06:03 Test: checking file/directory /etc/cron.deny 2020-06-02 11:06:03 Test: checking if file /etc/cron.deny has the permissions set to 600 or more restrictive 2020-06-02 11:06:03 Outcome: correct permissions (600) 2020-06-02 11:06:03 Test: checking file/directory /etc/crontab 2020-06-02 11:06:03 Test: checking if file /etc/crontab has the permissions set to 600 or more restrictive 2020-06-02 11:06:03 Outcome: permissions of file /etc/crontab are not matching expected value (644 != rw-------) 2020-06-02 11:06:03 Test: checking file/directory /etc/group 2020-06-02 11:06:03 Test: checking if file /etc/group has the permissions set to 644 or more restrictive 2020-06-02 11:06:03 Outcome: correct permissions (644) 2020-06-02 11:06:03 Test: checking file/directory /etc/group- 2020-06-02 11:06:03 Test: checking if file /etc/group- has the permissions set to 644 or more restrictive 2020-06-02 11:06:03 Outcome: correct permissions (644) 2020-06-02 11:06:03 Test: checking file/directory /etc/hosts.allow 2020-06-02 11:06:03 Test: checking if file /etc/hosts.allow has the permissions set to 644 or more restrictive 2020-06-02 11:06:03 Outcome: correct permissions (644) 2020-06-02 11:06:03 Test: checking file/directory /etc/hosts.deny 2020-06-02 11:06:03 Test: checking if file /etc/hosts.deny has the permissions set to 644 or more restrictive 2020-06-02 11:06:03 Outcome: correct permissions (644) 2020-06-02 11:06:03 Test: checking file/directory /etc/issue 2020-06-02 11:06:03 Test: checking if file /etc/issue has the permissions set to 644 or more restrictive 2020-06-02 11:06:03 Outcome: correct permissions (644) 2020-06-02 11:06:03 Test: checking file/directory /etc/issue.net 2020-06-02 11:06:03 Test: checking if file /etc/issue.net has the permissions set to 644 or more restrictive 2020-06-02 11:06:03 Outcome: correct permissions (644) 2020-06-02 11:06:03 Test: checking file/directory /etc/lilo.conf 2020-06-02 11:06:03 Skipping file/directory /etc/lilo.conf as it does not exist on this system 2020-06-02 11:06:03 Test: checking file/directory /etc/motd 2020-06-02 11:06:03 Test: checking if file /etc/motd has the permissions set to 644 or more restrictive 2020-06-02 11:06:03 Outcome: correct permissions (644) 2020-06-02 11:06:03 Test: checking file/directory /etc/passwd 2020-06-02 11:06:03 Test: checking if file /etc/passwd has the permissions set to 644 or more restrictive 2020-06-02 11:06:03 Outcome: correct permissions (644) 2020-06-02 11:06:03 Test: checking file/directory /etc/passwd- 2020-06-02 11:06:03 Test: checking if file /etc/passwd- has the permissions set to 644 or more restrictive 2020-06-02 11:06:03 Outcome: correct permissions (644) 2020-06-02 11:06:03 Test: checking file/directory /etc/ssh/sshd_config 2020-06-02 11:06:03 Test: checking if file /etc/ssh/sshd_config has the permissions set to 600 or more restrictive 2020-06-02 11:06:03 Outcome: correct permissions (600) 2020-06-02 11:06:03 Test: checking file/directory /root/.ssh 2020-06-02 11:06:04 Test: checking if file /root/.ssh has the permissions set to 700 or more restrictive 2020-06-02 11:06:04 Outcome: correct permissions (700) 2020-06-02 11:06:04 Test: checking file/directory /etc/cron.d 2020-06-02 11:06:04 Test: checking if file /etc/cron.d has the permissions set to 700 or more restrictive 2020-06-02 11:06:04 Outcome: permissions of file /etc/cron.d are not matching expected value (755 != rwx------) 2020-06-02 11:06:04 Test: checking file/directory /etc/cron.daily 2020-06-02 11:06:04 Test: checking if file /etc/cron.daily has the permissions set to 700 or more restrictive 2020-06-02 11:06:04 Outcome: permissions of file /etc/cron.daily are not matching expected value (755 != rwx------) 2020-06-02 11:06:04 Test: checking file/directory /etc/cron.hourly 2020-06-02 11:06:04 Test: checking if file /etc/cron.hourly has the permissions set to 700 or more restrictive 2020-06-02 11:06:04 Outcome: permissions of file /etc/cron.hourly are not matching expected value (755 != rwx------) 2020-06-02 11:06:04 Test: checking file/directory /etc/cron.weekly 2020-06-02 11:06:04 Test: checking if file /etc/cron.weekly has the permissions set to 700 or more restrictive 2020-06-02 11:06:04 Outcome: permissions of file /etc/cron.weekly are not matching expected value (755 != rwx------) 2020-06-02 11:06:04 Test: checking file/directory /etc/cron.monthly 2020-06-02 11:06:04 Test: checking if file /etc/cron.monthly has the permissions set to 700 or more restrictive 2020-06-02 11:06:04 Outcome: permissions of file /etc/cron.monthly are not matching expected value (755 != rwx------) 2020-06-02 11:06:04 Suggestion: Consider restricting file permissions [test:FILE-7524] [details:See screen output or log file] [solution:text:Use chmod to change file permissions] 2020-06-02 11:06:04 Security check: file is normal 2020-06-02 11:06:04 Checking permissions of /root/blueval/lynis/include/tests_homedirs 2020-06-02 11:06:04 File permissions are OK 2020-06-02 11:06:04 ==== 2020-06-02 11:06:04 Action: Performing tests from category: Home directories 2020-06-02 11:06:04 ==== 2020-06-02 11:06:04 Performing test ID HOME-9302 (Create list with home directories) 2020-06-02 11:06:04 Test: query /etc/passwd to obtain home directories 2020-06-02 11:06:04 Result: found home directory: / (directory exists) 2020-06-02 11:06:04 Result: found home directory: /bin (directory exists) 2020-06-02 11:06:04 Result: found home directory: /dev/null (directory does not exist) 2020-06-02 11:06:04 Result: found home directory: /etc/abrt (directory exists) 2020-06-02 11:06:04 Result: found home directory: /etc/ntp (directory exists) 2020-06-02 11:06:04 Result: found home directory: /etc/unbound (directory exists) 2020-06-02 11:06:04 Result: found home directory: /home/rnoriega (directory exists) 2020-06-02 11:06:04 Result: found home directory: /root (directory exists) 2020-06-02 11:06:04 Result: found home directory: /run/gluster (directory does not exist) 2020-06-02 11:06:04 Result: found home directory: /run/saslauthd (directory does not exist) 2020-06-02 11:06:04 Result: found home directory: /sbin (directory exists) 2020-06-02 11:06:04 Result: found home directory: /usr/games (directory exists) 2020-06-02 11:06:04 Result: found home directory: /var/adm (directory exists) 2020-06-02 11:06:04 Result: found home directory: /var/empty/sshd (directory exists) 2020-06-02 11:06:04 Result: found home directory: /var/ftp (directory does not exist) 2020-06-02 11:06:04 Result: found home directory: /var/lib/chrony (directory exists) 2020-06-02 11:06:04 Result: found home directory: /var/lib/haproxy (directory exists) 2020-06-02 11:06:04 Result: found home directory: /var/lib/nfs (directory exists) 2020-06-02 11:06:04 Result: found home directory: /var/lib/rpcbind (directory exists) 2020-06-02 11:06:04 Result: found home directory: /var/run/lsm (directory exists) 2020-06-02 11:06:04 Result: found home directory: /var/spool/lpd (directory exists) 2020-06-02 11:06:04 Result: found home directory: /var/spool/mail (directory exists) 2020-06-02 11:06:04 Result: found home directory: /var/spool/postfix (directory exists) 2020-06-02 11:06:04 ==== 2020-06-02 11:06:04 Performing test ID HOME-9304 (Check if users' home directories permissions are 750 or more restrictive) 2020-06-02 11:06:04 Test: checking directory '/home/rnoriega' for user 'rnoriega' 2020-06-02 11:06:04 Result: permissions of home directory /home/rnoriega of user rnoriega are fine 2020-06-02 11:06:04 Result: OK, all permissions of the home directories are 750 or more restrictive 2020-06-02 11:06:04 ==== 2020-06-02 11:06:04 Performing test ID HOME-9306 (Check if users own their home directories) 2020-06-02 11:06:04 Test: checking directory '/home/rnoriega' for user 'rnoriega' 2020-06-02 11:06:04 Result: ownership of home directory /home/rnoriega for user rnoriega looks to be correct 2020-06-02 11:06:04 Result: OK, all users own their home directories 2020-06-02 11:06:04 ==== 2020-06-02 11:06:04 Performing test ID HOME-9310 (Checking for suspicious shell history files) 2020-06-02 11:06:04 Result: Ok, history files are type 'file'. 2020-06-02 11:06:04 Remark: History files are normally of the type 'file'. Symbolic links and other types are suspicious. 2020-06-02 11:06:04 ==== 2020-06-02 11:06:04 Performing test ID HOME-9350 (Collecting information from home directories) 2020-06-02 11:06:04 Result: IGNORE_HOME_DIRS empty, no paths excluded 2020-06-02 11:06:04 Security check: file is normal 2020-06-02 11:06:04 Checking permissions of /root/blueval/lynis/include/tests_kernel_hardening 2020-06-02 11:06:04 File permissions are OK 2020-06-02 11:06:04 ==== 2020-06-02 11:06:04 Action: Performing tests from category: Kernel Hardening 2020-06-02 11:06:04 ==== 2020-06-02 11:06:04 Performing test ID KRNL-6000 (Check sysctl key pairs in scan profile) 2020-06-02 11:06:04 Result: sysctl key fs.protected_hardlinks contains equal expected and current value (1) 2020-06-02 11:06:04 Hardening: assigned maximum number of hardening points for this item (1). Currently having 212 points (out of 326) 2020-06-02 11:06:04 Result: sysctl key fs.protected_symlinks contains equal expected and current value (1) 2020-06-02 11:06:04 Hardening: assigned maximum number of hardening points for this item (1). Currently having 213 points (out of 327) 2020-06-02 11:06:04 Result: sysctl key fs.suid_dumpable contains equal expected and current value (0) 2020-06-02 11:06:04 Hardening: assigned maximum number of hardening points for this item (1). Currently having 214 points (out of 328) 2020-06-02 11:06:04 Result: key hw.kbd.keymap_restrict_change does not exist on this machine 2020-06-02 11:06:04 Result: key kernel.core_setuid_ok does not exist on this machine 2020-06-02 11:06:04 Result: sysctl key kernel.core_uses_pid contains equal expected and current value (1) 2020-06-02 11:06:04 Hardening: assigned maximum number of hardening points for this item (1). Currently having 215 points (out of 329) 2020-06-02 11:06:04 Result: sysctl key kernel.ctrl-alt-del contains equal expected and current value (0) 2020-06-02 11:06:04 Hardening: assigned maximum number of hardening points for this item (1). Currently having 216 points (out of 330) 2020-06-02 11:06:04 Result: sysctl key kernel.dmesg_restrict has a different value than expected in scan profile. Expected=1, Real=0 2020-06-02 11:06:04 Hardening: assigned partial number of hardening points (0 of 1). Currently having 216 points (out of 331) 2020-06-02 11:06:04 Result: key kernel.exec-shield does not exist on this machine 2020-06-02 11:06:04 Result: key kernel.exec-shield-randomize does not exist on this machine 2020-06-02 11:06:04 Result: sysctl key kernel.kptr_restrict has a different value than expected in scan profile. Expected=2, Real=0 2020-06-02 11:06:04 Hardening: assigned partial number of hardening points (0 of 1). Currently having 216 points (out of 332) 2020-06-02 11:06:05 Result: key kernel.maps_protect does not exist on this machine 2020-06-02 11:06:05 Result: sysctl key kernel.randomize_va_space contains equal expected and current value (2) 2020-06-02 11:06:05 Hardening: assigned maximum number of hardening points for this item (1). Currently having 217 points (out of 333) 2020-06-02 11:06:05 Result: key kernel.suid_dumpable does not exist on this machine 2020-06-02 11:06:05 Result: sysctl key kernel.sysrq has a different value than expected in scan profile. Expected=0, Real=16 2020-06-02 11:06:05 Hardening: assigned partial number of hardening points (0 of 1). Currently having 217 points (out of 334) 2020-06-02 11:06:05 Result: key kernel.use-nx does not exist on this machine 2020-06-02 11:06:05 Result: sysctl key kernel.yama.ptrace_scope has a different value than expected in scan profile. Expected=1 2 3, Real=0 2020-06-02 11:06:05 Hardening: assigned partial number of hardening points (0 of 1). Currently having 217 points (out of 335) 2020-06-02 11:06:05 Result: key kern.sugid_coredump does not exist on this machine 2020-06-02 11:06:05 Result: key net.inet6.icmp6.rediraccept does not exist on this machine 2020-06-02 11:06:05 Result: key net.inet6.ip6.forwarding does not exist on this machine 2020-06-02 11:06:05 Result: key net.inet6.ip6.fw.enable does not exist on this machine 2020-06-02 11:06:05 Result: key net.inet6.ip6.redirect does not exist on this machine 2020-06-02 11:06:05 Result: key net.inet.icmp.bmcastecho does not exist on this machine 2020-06-02 11:06:05 Result: key net.inet.icmp.drop_redirect does not exist on this machine 2020-06-02 11:06:05 Result: key net.inet.icmp.rediraccept does not exist on this machine 2020-06-02 11:06:05 Result: key net.inet.icmp.timestamp does not exist on this machine 2020-06-02 11:06:05 Result: key net.inet.ip6.redirect does not exist on this machine 2020-06-02 11:06:05 Result: key net.inet.ip.accept_sourceroute does not exist on this machine 2020-06-02 11:06:05 Result: key net.inet.ip.check_interface does not exist on this machine 2020-06-02 11:06:05 Result: key net.inet.ip.forwarding does not exist on this machine 2020-06-02 11:06:05 Result: key net.inet.ip.linklocal.in.allowbadttl does not exist on this machine 2020-06-02 11:06:05 Result: key net.inet.ip.process_options does not exist on this machine 2020-06-02 11:06:05 Result: key net.inet.ip.random_id does not exist on this machine 2020-06-02 11:06:05 Result: key net.inet.ip.redirect does not exist on this machine 2020-06-02 11:06:05 Result: key net.inet.ip.sourceroute does not exist on this machine 2020-06-02 11:06:05 Result: key net.inet.tcp.always_keepalive does not exist on this machine 2020-06-02 11:06:05 Result: key net.inet.tcp.blackhole does not exist on this machine 2020-06-02 11:06:05 Result: key net.inet.tcp.drop_synfin does not exist on this machine 2020-06-02 11:06:05 Result: key net.inet.tcp.icmp_may_rst does not exist on this machine 2020-06-02 11:06:05 Result: key net.inet.tcp.nolocaltimewait does not exist on this machine 2020-06-02 11:06:05 Result: key net.inet.tcp.path_mtu_discovery does not exist on this machine 2020-06-02 11:06:05 Result: key net.inet.udp.blackhole does not exist on this machine 2020-06-02 11:06:05 Result: sysctl key net.ipv4.conf.all.accept_redirects contains equal expected and current value (0) 2020-06-02 11:06:05 Hardening: assigned maximum number of hardening points for this item (1). Currently having 218 points (out of 336) 2020-06-02 11:06:05 Result: sysctl key net.ipv4.conf.all.accept_source_route contains equal expected and current value (0) 2020-06-02 11:06:05 Hardening: assigned maximum number of hardening points for this item (1). Currently having 219 points (out of 337) 2020-06-02 11:06:05 Result: sysctl key net.ipv4.conf.all.bootp_relay contains equal expected and current value (0) 2020-06-02 11:06:05 Hardening: assigned maximum number of hardening points for this item (1). Currently having 220 points (out of 338) 2020-06-02 11:06:05 Result: sysctl key net.ipv4.conf.all.forwarding has a different value than expected in scan profile. Expected=0, Real=1 2020-06-02 11:06:05 Hardening: assigned partial number of hardening points (0 of 1). Currently having 220 points (out of 339) 2020-06-02 11:06:05 Result: sysctl key net.ipv4.conf.all.log_martians has a different value than expected in scan profile. Expected=1, Real=0 2020-06-02 11:06:05 Hardening: assigned partial number of hardening points (0 of 1). Currently having 220 points (out of 340) 2020-06-02 11:06:05 Result: sysctl key net.ipv4.conf.all.mc_forwarding contains equal expected and current value (0) 2020-06-02 11:06:05 Hardening: assigned maximum number of hardening points for this item (1). Currently having 221 points (out of 341) 2020-06-02 11:06:05 Result: sysctl key net.ipv4.conf.all.proxy_arp contains equal expected and current value (0) 2020-06-02 11:06:05 Hardening: assigned maximum number of hardening points for this item (1). Currently having 222 points (out of 342) 2020-06-02 11:06:05 Result: sysctl key net.ipv4.conf.all.rp_filter contains equal expected and current value (1) 2020-06-02 11:06:05 Hardening: assigned maximum number of hardening points for this item (1). Currently having 223 points (out of 343) 2020-06-02 11:06:05 Result: sysctl key net.ipv4.conf.all.send_redirects has a different value than expected in scan profile. Expected=0, Real=1 2020-06-02 11:06:05 Hardening: assigned partial number of hardening points (0 of 1). Currently having 223 points (out of 344) 2020-06-02 11:06:05 Result: sysctl key net.ipv4.conf.default.accept_redirects has a different value than expected in scan profile. Expected=0, Real=1 2020-06-02 11:06:05 Hardening: assigned partial number of hardening points (0 of 1). Currently having 223 points (out of 345) 2020-06-02 11:06:05 Result: sysctl key net.ipv4.conf.default.accept_source_route contains equal expected and current value (0) 2020-06-02 11:06:05 Hardening: assigned maximum number of hardening points for this item (1). Currently having 224 points (out of 346) 2020-06-02 11:06:05 Result: sysctl key net.ipv4.conf.default.log_martians has a different value than expected in scan profile. Expected=1, Real=0 2020-06-02 11:06:05 Hardening: assigned partial number of hardening points (0 of 1). Currently having 224 points (out of 347) 2020-06-02 11:06:05 Result: sysctl key net.ipv4.icmp_echo_ignore_broadcasts contains equal expected and current value (1) 2020-06-02 11:06:05 Hardening: assigned maximum number of hardening points for this item (1). Currently having 225 points (out of 348) 2020-06-02 11:06:05 Result: sysctl key net.ipv4.icmp_ignore_bogus_error_responses contains equal expected and current value (1) 2020-06-02 11:06:05 Hardening: assigned maximum number of hardening points for this item (1). Currently having 226 points (out of 349) 2020-06-02 11:06:05 Result: sysctl key net.ipv4.tcp_syncookies contains equal expected and current value (1) 2020-06-02 11:06:05 Hardening: assigned maximum number of hardening points for this item (1). Currently having 227 points (out of 350) 2020-06-02 11:06:05 Result: sysctl key net.ipv4.tcp_timestamps contains equal expected and current value (0 1) 2020-06-02 11:06:05 Hardening: assigned maximum number of hardening points for this item (1). Currently having 228 points (out of 351) 2020-06-02 11:06:05 Result: sysctl key net.ipv6.conf.all.accept_redirects has a different value than expected in scan profile. Expected=0, Real=1 2020-06-02 11:06:05 Hardening: assigned partial number of hardening points (0 of 1). Currently having 228 points (out of 352) 2020-06-02 11:06:05 Result: sysctl key net.ipv6.conf.all.accept_source_route contains equal expected and current value (0) 2020-06-02 11:06:05 Hardening: assigned maximum number of hardening points for this item (1). Currently having 229 points (out of 353) 2020-06-02 11:06:05 Result: key net.ipv6.conf.all.send_redirects does not exist on this machine 2020-06-02 11:06:05 Result: sysctl key net.ipv6.conf.default.accept_redirects has a different value than expected in scan profile. Expected=0, Real=1 2020-06-02 11:06:05 Hardening: assigned partial number of hardening points (0 of 1). Currently having 229 points (out of 354) 2020-06-02 11:06:05 Result: sysctl key net.ipv6.conf.default.accept_source_route contains equal expected and current value (0) 2020-06-02 11:06:05 Hardening: assigned maximum number of hardening points for this item (1). Currently having 230 points (out of 355) 2020-06-02 11:06:05 Result: key security.bsd.hardlink_check_gid does not exist on this machine 2020-06-02 11:06:05 Result: key security.bsd.hardlink_check_uid does not exist on this machine 2020-06-02 11:06:05 Result: key security.bsd.see_other_gids does not exist on this machine 2020-06-02 11:06:05 Result: key security.bsd.see_other_uids does not exist on this machine 2020-06-02 11:06:06 Result: key security.bsd.stack_guard_page does not exist on this machine 2020-06-02 11:06:06 Result: key security.bsd.unprivileged_proc_debug does not exist on this machine 2020-06-02 11:06:06 Result: key security.bsd.unprivileged_read_msgbuf does not exist on this machine 2020-06-02 11:06:06 Result: found 11 keys that can use tuning, according scan profile 2020-06-02 11:06:06 Suggestion: One or more sysctl values differ from the scan profile and could be tweaked [test:KRNL-6000] [details:] [solution:Change sysctl value or disable test (skip-test=KRNL-6000:)] 2020-06-02 11:06:06 Security check: file is normal 2020-06-02 11:06:06 Checking permissions of /root/blueval/lynis/include/tests_hardening 2020-06-02 11:06:06 File permissions are OK 2020-06-02 11:06:06 ==== 2020-06-02 11:06:06 Action: Performing tests from category: Hardening 2020-06-02 11:06:06 ==== 2020-06-02 11:06:06 Performing test ID HRDN-7220 (Check if one or more compilers are installed) 2020-06-02 11:06:06 Test: Check if one or more compilers can be found on the system 2020-06-02 11:06:06 Result: found installed compiler. See top of logfile which compilers have been found or use /usr/bin/grep to filter on 'compiler' 2020-06-02 11:06:06 Hardening: assigned partial number of hardening points (1 of 3). Currently having 231 points (out of 358) 2020-06-02 11:06:06 ==== 2020-06-02 11:06:06 Performing test ID HRDN-7222 (Check compiler permissions) 2020-06-02 11:06:06 Test: Check if one or more compilers can be found on the system 2020-06-02 11:06:06 Test: Check file permissions for /usr/bin/as 2020-06-02 11:06:06 Action: checking symlink for file /usr/bin/as 2020-06-02 11:06:06 Result: file /usr/bin/as is not a symlink 2020-06-02 11:06:06 Binary: found /usr/bin/as (world executable) 2020-06-02 11:06:06 Hardening: assigned partial number of hardening points (2 of 3). Currently having 233 points (out of 361) 2020-06-02 11:06:06 Test: Check file permissions for /usr/bin/cc 2020-06-02 11:06:06 Action: checking symlink for file /usr/bin/cc 2020-06-02 11:06:06 Note: Using real readlink binary to determine symlink on /usr/bin/cc 2020-06-02 11:06:06 Result: readlink shows /usr/bin/gcc as output 2020-06-02 11:06:06 Result: symlink found, pointing to file /usr/bin/gcc 2020-06-02 11:06:06 Binary: found /usr/bin/gcc (world executable) 2020-06-02 11:06:06 Hardening: assigned partial number of hardening points (2 of 3). Currently having 235 points (out of 364) 2020-06-02 11:06:06 Test: Check file permissions for /usr/bin/gcc 2020-06-02 11:06:06 Action: checking symlink for file /usr/bin/gcc 2020-06-02 11:06:06 Result: file /usr/bin/gcc is not a symlink 2020-06-02 11:06:06 Binary: found /usr/bin/gcc (world executable) 2020-06-02 11:06:06 Hardening: assigned partial number of hardening points (2 of 3). Currently having 237 points (out of 367) 2020-06-02 11:06:06 Result: at least one compiler could be better hardened by restricting executable access to root or group only 2020-06-02 11:06:06 Suggestion: Harden compilers like restricting access to root user only [test:HRDN-7222] [details:-] [solution:-] 2020-06-02 11:06:06 ==== 2020-06-02 11:06:06 Performing test ID HRDN-7230 (Check for malware scanner) 2020-06-02 11:06:06 Test: Check if a malware scanner is installed 2020-06-02 11:06:06 Result: no malware scanner found 2020-06-02 11:06:06 Suggestion: Harden the system by installing at least one malware scanner, to perform periodic file system scans [test:HRDN-7230] [details:-] [solution:Install a tool like rkhunter, chkrootkit, OSSEC] 2020-06-02 11:06:06 Hardening: assigned partial number of hardening points (1 of 3). Currently having 238 points (out of 370) 2020-06-02 11:06:06 Result: no malware scanner found 2020-06-02 11:06:06 ==== 2020-06-02 11:06:06 Action: Performing tests from category: Custom tests 2020-06-02 11:06:06 Test: Checking for tests_custom file 2020-06-02 11:06:06 ==== 2020-06-02 11:06:06 Action: Performing plugin tests 2020-06-02 11:06:06 Result: Found 2 plugins of which 2 are enabled 2020-06-02 11:06:06 Result: Plugins phase 2 finished 2020-06-02 11:06:06 Checking permissions of /root/blueval/lynis/include/report 2020-06-02 11:06:06 File permissions are OK 2020-06-02 11:06:06 Hardening index : [64] [############ ] 2020-06-02 11:06:06 Hardening strength: System has been hardened, but could use additional hardening 2020-06-02 11:06:06 ==== 2020-06-02 11:06:07 Checking permissions of /root/blueval/lynis/include/tool_tips 2020-06-02 11:06:07 File permissions are OK 2020-06-02 11:06:07 Tool tips: enabled 2020-06-02 11:06:07 ================================================================================ 2020-06-02 11:06:07 Tests performed: 261 2020-06-02 11:06:07 Total tests: 449 2020-06-02 11:06:07 Active plugins: 2 2020-06-02 11:06:07 Total plugins: 2 2020-06-02 11:06:07 ================================================================================ 2020-06-02 11:06:07 Lynis 3.0.0 2020-06-02 11:06:07 2007-2020, CISOfy - https://cisofy.com/lynis/ 2020-06-02 11:06:07 Enterprise support available (compliance, plugins, interface and tools) 2020-06-02 11:06:07 Program ended successfully 2020-06-02 11:06:07 ================================================================================ 2020-06-02 11:06:07 PID file removed (/var/run/lynis.pid) 2020-06-02 11:06:07 Temporary files: /tmp/lynis.5IWW5sUxjL /tmp/lynis.rW4mhzbnR2 /tmp/lynis.FrRcG2ks6F /tmp/lynis.XCTSwHqTnu 2020-06-02 11:06:07 Action: removing temporary file /tmp/lynis.5IWW5sUxjL 2020-06-02 11:06:07 Info: temporary file /tmp/lynis.rW4mhzbnR2 was already removed 2020-06-02 11:06:07 Info: temporary file /tmp/lynis.FrRcG2ks6F was already removed 2020-06-02 11:06:07 Action: removing temporary file /tmp/lynis.XCTSwHqTnu 2020-06-02 11:06:07 Lynis ended successfully.