2021-01-07 20:41:38 Starting Lynis 3.0.3 with PID 3782, build date 2021-01-07 2021-01-07 20:41:38 ==== 2021-01-07 20:41:38 ### 2007-2021, CISOfy - https://cisofy.com/lynis/ ### 2021-01-07 20:41:38 Checking permissions of /root/scans/lynis/include/profiles 2021-01-07 20:41:38 File permissions are OK 2021-01-07 20:41:38 Reading profile/configuration /root/scans/lynis/default.prf 2021-01-07 20:41:38 Action: created temporary file /tmp/lynis.6BqFwJdsBZ 2021-01-07 20:41:38 Language set via profile to '' 2021-01-07 20:41:38 Plugin 'authentication' enabled according profile (/root/scans/lynis/default.prf) 2021-01-07 20:41:38 Plugin 'compliance' enabled according profile (/root/scans/lynis/default.prf) 2021-01-07 20:41:38 Plugin 'configuration' enabled according profile (/root/scans/lynis/default.prf) 2021-01-07 20:41:38 Plugin 'control-panels' enabled according profile (/root/scans/lynis/default.prf) 2021-01-07 20:41:38 Plugin 'crypto' enabled according profile (/root/scans/lynis/default.prf) 2021-01-07 20:41:38 Plugin 'dns' enabled according profile (/root/scans/lynis/default.prf) 2021-01-07 20:41:38 Plugin 'docker' enabled according profile (/root/scans/lynis/default.prf) 2021-01-07 20:41:38 Plugin 'file-integrity' enabled according profile (/root/scans/lynis/default.prf) 2021-01-07 20:41:38 Plugin 'file-systems' enabled according profile (/root/scans/lynis/default.prf) 2021-01-07 20:41:38 Plugin 'firewalls' enabled according profile (/root/scans/lynis/default.prf) 2021-01-07 20:41:38 Plugin 'forensics' enabled according profile (/root/scans/lynis/default.prf) 2021-01-07 20:41:38 Plugin 'hardware' enabled according profile (/root/scans/lynis/default.prf) 2021-01-07 20:41:38 Plugin 'intrusion-detection' enabled according profile (/root/scans/lynis/default.prf) 2021-01-07 20:41:38 Plugin 'intrusion-prevention' enabled according profile (/root/scans/lynis/default.prf) 2021-01-07 20:41:38 Plugin 'kernel' enabled according profile (/root/scans/lynis/default.prf) 2021-01-07 20:41:38 Plugin 'malware' enabled according profile (/root/scans/lynis/default.prf) 2021-01-07 20:41:38 Plugin 'memory' enabled according profile (/root/scans/lynis/default.prf) 2021-01-07 20:41:38 Plugin 'nginx' enabled according profile (/root/scans/lynis/default.prf) 2021-01-07 20:41:38 Plugin 'pam' enabled according profile (/root/scans/lynis/default.prf) 2021-01-07 20:41:38 Plugin 'processes' enabled according profile (/root/scans/lynis/default.prf) 2021-01-07 20:41:38 Plugin 'security-modules' enabled according profile (/root/scans/lynis/default.prf) 2021-01-07 20:41:38 Plugin 'software' enabled according profile (/root/scans/lynis/default.prf) 2021-01-07 20:41:38 Plugin 'system-integrity' enabled according profile (/root/scans/lynis/default.prf) 2021-01-07 20:41:38 Plugin 'systemd' enabled according profile (/root/scans/lynis/default.prf) 2021-01-07 20:41:38 Plugin 'users' enabled according profile (/root/scans/lynis/default.prf) 2021-01-07 20:41:39 Set option to default value: NTPD_ROLE --> client 2021-01-07 20:41:39 ==== 2021-01-07 20:41:39 EOL check: 0 2021-01-07 20:41:39 Program version: 3.0.3 2021-01-07 20:41:39 Operating system: Linux 2021-01-07 20:41:39 Operating system name: Ubuntu 2021-01-07 20:41:39 Operating system version: 20.04 2021-01-07 20:41:39 Kernel version: 5.4.0 2021-01-07 20:41:39 Kernel version (full): 5.4.0-59-generic 2021-01-07 20:41:39 Hardware platform: x86_64 2021-01-07 20:41:39 ----------------------------------------------------- 2021-01-07 20:41:39 Hostname: ubuntu20041 2021-01-07 20:41:39 Auditor: [Not Specified] 2021-01-07 20:41:39 Profiles: /root/scans/lynis/default.prf 2021-01-07 20:41:39 Work directory: /root/scans/lynis 2021-01-07 20:41:39 Include directory: /root/scans/lynis/include 2021-01-07 20:41:39 Plugin directory: ./plugins 2021-01-07 20:41:39 ----------------------------------------------------- 2021-01-07 20:41:39 Log file: /var/log/lynis.log 2021-01-07 20:41:39 Report file: /var/log/lynis-report.dat 2021-01-07 20:41:39 Report version: 1.0 2021-01-07 20:41:39 ----------------------------------------------------- 2021-01-07 20:41:39 Test category: all 2021-01-07 20:41:39 Test group: all 2021-01-07 20:41:39 BusyBox used: 0 2021-01-07 20:41:39 ==== 2021-01-07 20:41:39 Test: Checking for program update... 2021-01-07 20:41:39 Current installed version : 303 2021-01-07 20:41:39 Latest stable version : 303 2021-01-07 20:41:39 No Lynis update available. 2021-01-07 20:41:39 ==== 2021-01-07 20:41:39 Checking permissions of /root/scans/lynis/include/binaries 2021-01-07 20:41:39 File permissions are OK 2021-01-07 20:41:39 ==== 2021-01-07 20:41:39 Action: Performing tests from category: System tools 2021-01-07 20:41:39 Start scanning for available audit binaries and tools... 2021-01-07 20:41:39 ==== 2021-01-07 20:41:39 Performing test ID CORE-1000 (Check all system binaries) 2021-01-07 20:41:39 Status: Starting binary scan... 2021-01-07 20:41:39 Test: Checking binaries in directory /usr/local/games 2021-01-07 20:41:39 Directory /usr/local/games exists. Starting directory scanning... 2021-01-07 20:41:39 Test: Checking binaries in directory /usr/games 2021-01-07 20:41:39 Directory /usr/games exists. Starting directory scanning... 2021-01-07 20:41:39 Test: Checking binaries in directory /bin 2021-01-07 20:41:39 Result: directory exists, but is actually a symlink 2021-01-07 20:41:39 Action: checking symlink for file /bin 2021-01-07 20:41:39 Setting temporary readlinkbinary variable 2021-01-07 20:41:39 Note: Using real readlink binary to determine symlink on /bin 2021-01-07 20:41:39 Result: readlink shows /usr/bin as output 2021-01-07 20:41:39 Result: symlink found, pointing to directory /usr/bin 2021-01-07 20:41:39 Result: found the path behind this symlink (/bin --> /usr/bin) 2021-01-07 20:41:39 Directory /usr/bin exists. Starting directory scanning... 2021-01-07 20:41:39 Found known binary: apt (package manager) - /usr/bin/apt 2021-01-07 20:41:39 Found known binary: awk (string tool) - /usr/bin/awk 2021-01-07 20:41:39 Found known binary: base64 (encoding tool) - /usr/bin/base64 2021-01-07 20:41:39 Found known binary: bootctl (systemd-boot manager utility) - /usr/bin/bootctl 2021-01-07 20:41:39 Found known binary: cat (generic file handling) - /usr/bin/cat 2021-01-07 20:41:39 Found known binary: comm (file compare) - /usr/bin/comm 2021-01-07 20:41:40 Found known binary: curl (browser, download utility) - /usr/bin/curl 2021-01-07 20:41:40 Found known binary: cut (text stream editor) - /usr/bin/cut 2021-01-07 20:41:40 Found known binary: dig (network/dns tool) - /usr/bin/dig 2021-01-07 20:41:40 Found known binary: dnsdomainname (DNS domain) - /usr/bin/dnsdomainname 2021-01-07 20:41:40 Found known binary: domainname (NIS domain) - /usr/bin/domainname 2021-01-07 20:41:40 Found known binary: dpkg (package management) - /usr/bin/dpkg 2021-01-07 20:41:40 Found known binary: egrep (text search) - /usr/bin/egrep 2021-01-07 20:41:40 Found known binary: file (file type detection) - /usr/bin/file 2021-01-07 20:41:40 Found known binary: find (search tool) - /usr/bin/find 2021-01-07 20:41:40 Found known binary: getent (query tool for name service switch libraries) - /usr/bin/getent 2021-01-07 20:41:40 Found known binary: grep (text search) - /usr/bin/grep 2021-01-07 20:41:40 Found known binary: gzip (compressing utility) - /usr/bin/gzip 2021-01-07 20:41:40 Found known binary: head (text filter) - /usr/bin/head 2021-01-07 20:41:40 Found known binary: ip (IP configuration) - /usr/bin/ip 2021-01-07 20:41:40 Found known binary: journalctl (systemd journal) - /usr/bin/journalctl 2021-01-07 20:41:40 Found known binary: ls (file listing) - /usr/bin/ls 2021-01-07 20:41:40 Found known binary: lsattr (file attributes) - /usr/bin/lsattr 2021-01-07 20:41:40 Found known binary: lsblk (block devices) - /usr/bin/lsblk 2021-01-07 20:41:40 Found known binary: lsmod (kernel modules) - /usr/bin/lsmod 2021-01-07 20:41:40 Found known binary: lsof (open files) - /usr/bin/lsof 2021-01-07 20:41:40 Note: added -K i to ignore tasks on Linux 2021-01-07 20:41:40 Found known binary: md5sum (hash tool) - /usr/bin/md5sum 2021-01-07 20:41:40 Found known binary: mount (disk utility) - /usr/bin/mount 2021-01-07 20:41:40 Found /usr/bin/mysql (version: ) 2021-01-07 20:41:40 Found known binary: netstat (network statistics) - /usr/bin/netstat 2021-01-07 20:41:40 Found /usr/bin/openssl (version 1.1.1f) 2021-01-07 20:41:40 Found /usr/bin/perl (version 5.30.0) 2021-01-07 20:41:40 Found known binary: pgrep (search in process list) - /usr/bin/pgrep 2021-01-07 20:41:40 Found known binary: php (programming language interpreter) - /usr/bin/php (version 7.4.3) 2021-01-07 20:41:40 Found known binary: ps (process listing) - /usr/bin/ps 2021-01-07 20:41:40 Found known binary: python3 (programming language interpreter) - /usr/bin/python3 (version 3.8.5) 2021-01-07 20:41:40 Found known binary: readlink (follows symlinks) - /usr/bin/readlink 2021-01-07 20:41:40 Found known binary: resolvectl (systemd-resolved DNS resolver manager) - /usr/bin/resolvectl 2021-01-07 20:41:40 Found known binary: sed (text stream editor) - /usr/bin/sed 2021-01-07 20:41:40 Found known binary: sha1/sha1sum/shasum (crypto hashing) - /usr/bin/sha1sum 2021-01-07 20:41:40 Found known binary: sha256/sha256sum (crypto hashing) - /usr/bin/sha256sum 2021-01-07 20:41:40 Found known binary: sha1/sha1sum/shasum (crypto hashing) - /usr/bin/shasum 2021-01-07 20:41:40 Found known binary: sort (sort data streams) - /usr/bin/sort 2021-01-07 20:41:40 Found known binary: ss (show sockets) - /usr/bin/ss 2021-01-07 20:41:40 Found known binary: ssh-keyscan (scanner for SSH keys) - /usr/bin/ssh-keyscan 2021-01-07 20:41:40 Found known binary: stat (file information) - /usr/bin/stat 2021-01-07 20:41:40 Found known binary: systemctl (client to systemd) - /usr/bin/systemctl 2021-01-07 20:41:40 Found known binary: systemd-analyze (systemd service analysis tool) - /usr/bin/systemd-analyze 2021-01-07 20:41:40 Found known binary: tail (text filter) - /usr/bin/tail 2021-01-07 20:41:40 Found known binary: timedatectl (timedate client) - /usr/bin/timedatectl 2021-01-07 20:41:40 Found known binary: tr (text transformation) - /usr/bin/tr 2021-01-07 20:41:40 Found known binary: uname (operating system details) - /usr/bin/uname 2021-01-07 20:41:40 Found known binary: uniq (text manipulation utility) - /usr/bin/uniq 2021-01-07 20:41:40 Found known binary: vmtoolsd (VMWare tools) - /usr/bin/vmtoolsd 2021-01-07 20:41:40 Found known binary: wc (word count) - /usr/bin/wc 2021-01-07 20:41:40 Found /usr/bin/wget (version 1.20.3) 2021-01-07 20:41:40 Found known binary: xargs (command output redirection) - /usr/bin/xargs 2021-01-07 20:41:40 Found known binary: zgrep (text search for compressed files) - /usr/bin/zgrep 2021-01-07 20:41:40 Test: Checking binaries in directory /sbin 2021-01-07 20:41:40 Result: directory exists, but is actually a symlink 2021-01-07 20:41:40 Action: checking symlink for file /sbin 2021-01-07 20:41:40 Note: Using real readlink binary to determine symlink on /sbin 2021-01-07 20:41:40 Result: readlink shows /usr/sbin as output 2021-01-07 20:41:40 Result: symlink found, pointing to directory /usr/sbin 2021-01-07 20:41:40 Result: found the path behind this symlink (/sbin --> /usr/sbin) 2021-01-07 20:41:40 Directory /usr/sbin exists. Starting directory scanning... 2021-01-07 20:41:40 Found known binary: aa-status (apparmor component) - /usr/sbin/aa-status 2021-01-07 20:41:40 Found known binary: apache2 (web server) - /usr/sbin/apache2 2021-01-07 20:41:40 Found known binary: blkid (information about block devices) - /usr/sbin/blkid 2021-01-07 20:41:40 Found known binary: cryptsetup (block device encryption) - /usr/sbin/cryptsetup 2021-01-07 20:41:40 Found known binary: dmidecode (hardware collector tool) - /usr/sbin/dmidecode 2021-01-07 20:41:40 Found known binary: getcap (kernel capabilities) - /usr/sbin/getcap 2021-01-07 20:41:40 Found known binary: grpck (consistency checker) - /usr/sbin/grpck 2021-01-07 20:41:40 Found known binary: ipconfig (IP configuration) - /usr/sbin/ifconfig 2021-01-07 20:41:40 Found known binary: integritysetup (dm-integrity setup tool) - /usr/sbin/integritysetup 2021-01-07 20:41:40 Found known binary: ip (IP configuration) - /usr/sbin/ip 2021-01-07 20:41:40 Found known binary: iptables (firewall) - /usr/sbin/iptables 2021-01-07 20:41:40 Found known binary: iptables-save (firewall) - /usr/sbin/iptables-save 2021-01-07 20:41:40 Found known binary: logrotate (log rotation tool) - /usr/sbin/logrotate 2021-01-07 20:41:40 Found known binary: lsmod (kernel modules) - /usr/sbin/lsmod 2021-01-07 20:41:40 Found known binary: lvdisplay (LVM tool) - /usr/sbin/lvdisplay 2021-01-07 20:41:40 Found known binary: modprobe (kernel modules) - /usr/sbin/modprobe 2021-01-07 20:41:40 Found known binary: runlevel (system utility) - /usr/sbin/runlevel 2021-01-07 20:41:40 Found known binary: service (system services) - /usr/sbin/service 2021-01-07 20:41:40 Found known binary: swapon (swap device tool) - /usr/sbin/swapon 2021-01-07 20:41:40 Found known binary: sysctl (kernel parameters) - /usr/sbin/sysctl 2021-01-07 20:41:40 Found known binary: tune2fs (file system tool) - /usr/sbin/tune2fs 2021-01-07 20:41:40 Found known binary: veritysetup (dm-verity setup tool) - /usr/sbin/veritysetup 2021-01-07 20:41:40 Found known binary: vgdisplay (LVM tool) - /usr/sbin/vgdisplay 2021-01-07 20:41:40 Test: Checking binaries in directory /usr/bin 2021-01-07 20:41:40 Result: Skipping this directory as it was already scanned 2021-01-07 20:41:40 Result: Directory /usr/bin skipped 2021-01-07 20:41:40 Test: Checking binaries in directory /usr/sbin 2021-01-07 20:41:40 Result: Skipping this directory as it was already scanned 2021-01-07 20:41:40 Result: Directory /usr/sbin skipped 2021-01-07 20:41:40 Test: Checking binaries in directory /usr/local/bin 2021-01-07 20:41:40 Directory /usr/local/bin exists. Starting directory scanning... 2021-01-07 20:41:40 Test: Checking binaries in directory /usr/local/sbin 2021-01-07 20:41:40 Directory /usr/local/sbin exists. Starting directory scanning... 2021-01-07 20:41:40 Discovered directories: /usr/local/games,/usr/games,/usr/bin,/usr/sbin,/usr/local/bin,/usr/local/sbin 2021-01-07 20:41:40 Result: found 1408 binaries including 17 set-uid and 12 set-gid 2021-01-07 20:41:40 Result: set-uid binaries: /usr/bin/at /usr/bin/atq /usr/bin/atrm /usr/bin/chfn /usr/bin/chsh /usr/bin/fusermount /usr/bin/gpasswd /usr/bin/mount /usr/bin/newgrp /usr/bin/passwd /usr/bin/pkexec /usr/bin/sg /usr/bin/su /usr/bin/sudo /usr/bin/sudoedit /usr/bin/ubuntu-core-launcher /usr/bin/umount 2021-01-07 20:41:40 Result: set-gid binaries: /usr/bin/at /usr/bin/atq /usr/bin/atrm /usr/bin/bsd-write /usr/bin/chage /usr/bin/crontab /usr/bin/expiry /usr/bin/ssh-agent /usr/bin/wall /usr/bin/write /usr/sbin/pam_extrausers_chkpwd /usr/sbin/unix_chkpwd 2021-01-07 20:41:40 ==== 2021-01-07 20:41:40 Informational: package manager is used 2021-01-07 20:41:40 Test: Determine if this system is a virtual machine 2021-01-07 20:41:40 Result: facter utility not found 2021-01-07 20:41:40 Test: trying to guess virtualization technology with systemd-detect-virt 2021-01-07 20:41:40 Result: found vmware 2021-01-07 20:41:40 Result: skipped lscpu test, as we already found machine type 2021-01-07 20:41:40 Result: skipped dmidecode test, as we already found machine type 2021-01-07 20:41:40 Result: skipped processes test, as we already found platform 2021-01-07 20:41:40 Result: skipped Amazon EC2 test, as we already found platform 2021-01-07 20:41:40 Result: skipped sysctl test, as we already found platform 2021-01-07 20:41:40 Result: skipped lshw test, as we already found machine type 2021-01-07 20:41:40 Result: found virtual machine (type: vmware, VMware product) 2021-01-07 20:41:40 Result: Lynis is not running in container 2021-01-07 20:41:40 Result: system is using systemd 2021-01-07 20:41:40 ==== 2021-01-07 20:41:40 Action: Performing plugin tests 2021-01-07 20:41:40 Searching plugins... 2021-01-07 20:41:40 Found plugin file: ./plugins/plugin_pam_phase1 2021-01-07 20:41:40 Action: checking plugin status in profile: /root/scans/lynis/default.prf 2021-01-07 20:41:40 Result: plugin enabled in profile (/root/scans/lynis/default.prf) 2021-01-07 20:41:40 Result: plugin pam is enabled 2021-01-07 20:41:40 Checking permissions of ./plugins/plugin_pam_phase1 2021-01-07 20:41:40 File permissions are OK 2021-01-07 20:41:40 Including plugin file: ./plugins/plugin_pam_phase1 (version: 1.0.5) 2021-01-07 20:41:40 ==== 2021-01-07 20:41:40 Skipped test PLGN-0008 (Check PAM configuration (pwquality.conf)) 2021-01-07 20:41:40 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:41:40 ==== 2021-01-07 20:41:40 Performing test ID PLGN-0010 (Check PAM configuration) 2021-01-07 20:41:40 Result: /etc/pam.d exists 2021-01-07 20:41:40 Now checking PAM file /etc/pam.d/common-session 2021-01-07 20:41:40 Result: Found brackets in line, indicating multiple options for control flags: default=1 2021-01-07 20:41:40 Result: brackets used, ignoring control flags 2021-01-07 20:41:40 Result: using module pam_permit.so (other) without options configured 2021-01-07 20:41:40 Result: using module pam_deny.so (requisite) without options configured 2021-01-07 20:41:40 Result: using module pam_permit.so (required) without options configured 2021-01-07 20:41:40 Result: using module pam_umask.so (optional) without options configured 2021-01-07 20:41:40 Result: using module pam_unix.so (required) without options configured 2021-01-07 20:41:40 Result: found pam_unix.so module (generic) 2021-01-07 20:41:40 Result: using module pam_systemd.so (optional) without options configured 2021-01-07 20:41:40 Now checking PAM file /etc/pam.d/atd 2021-01-07 20:41:40 Result: using module pam_loginuid.so (required) without options configured 2021-01-07 20:41:40 Result: using module pam_limits.so (required) without options configured 2021-01-07 20:41:41 Result: using module pam_env.so (required) with options user_readenv=1 2021-01-07 20:41:41 Now checking PAM file /etc/pam.d/runuser-l 2021-01-07 20:41:41 Result: using module pam_keyinit.so (optional) with options force revoke 2021-01-07 20:41:41 Result: using module pam_systemd.so (optional) without options configured 2021-01-07 20:41:41 Now checking PAM file /etc/pam.d/cron 2021-01-07 20:41:41 Result: using module pam_loginuid.so (required) without options configured 2021-01-07 20:41:41 Result: using module pam_env.so (required) without options configured 2021-01-07 20:41:41 Result: using module pam_env.so (required) with options envfile=/etc/default/locale 2021-01-07 20:41:41 Result: using module pam_limits.so (required) without options configured 2021-01-07 20:41:41 Now checking PAM file /etc/pam.d/other 2021-01-07 20:41:41 Now checking PAM file /etc/pam.d/common-password 2021-01-07 20:41:41 Result: Found brackets in line, indicating multiple options for control flags: success=1 default=ignore 2021-01-07 20:41:41 Result: brackets used, ignoring control flags 2021-01-07 20:41:41 Result: using module pam_unix.so (other) with options obscure sha512 2021-01-07 20:41:41 Result: found pam_unix.so module (generic) 2021-01-07 20:41:41 Result: using module pam_deny.so (requisite) without options configured 2021-01-07 20:41:41 Result: using module pam_permit.so (required) without options configured 2021-01-07 20:41:41 Now checking PAM file /etc/pam.d/polkit-1 2021-01-07 20:41:41 Result: using module pam_env.so (required) with options readenv=1 user_readenv=0 2021-01-07 20:41:41 Result: using module pam_env.so (required) with options readenv=1 envfile=/etc/default/locale user_readenv=0 2021-01-07 20:41:41 Now checking PAM file /etc/pam.d/chfn 2021-01-07 20:41:41 Result: using module pam_rootok.so (sufficient) without options configured 2021-01-07 20:41:41 Now checking PAM file /etc/pam.d/newusers 2021-01-07 20:41:41 Now checking PAM file /etc/pam.d/su 2021-01-07 20:41:42 Result: using module pam_rootok.so (sufficient) without options configured 2021-01-07 20:41:42 Result: using module pam_env.so (required) with options readenv=1 2021-01-07 20:41:42 Result: using module pam_env.so (required) with options readenv=1 envfile=/etc/default/locale 2021-01-07 20:41:42 Result: using module pam_mail.so (optional) with options nopen 2021-01-07 20:41:42 Result: using module pam_limits.so (required) without options configured 2021-01-07 20:41:42 Now checking PAM file /etc/pam.d/runuser 2021-01-07 20:41:42 Result: using module pam_rootok.so (sufficient) without options configured 2021-01-07 20:41:42 Result: using module pam_keyinit.so (optional) with options revoke 2021-01-07 20:41:42 Result: using module pam_limits.so (required) without options configured 2021-01-07 20:41:42 Result: using module pam_unix.so (required) without options configured 2021-01-07 20:41:42 Result: found pam_unix.so module (generic) 2021-01-07 20:41:42 Now checking PAM file /etc/pam.d/login 2021-01-07 20:41:42 Result: using module pam_faildelay.so (optional) with options delay=3000000 2021-01-07 20:41:42 Result: using module pam_nologin.so (requisite) without options configured 2021-01-07 20:41:42 Result: Found brackets in line, indicating multiple options for control flags: success=ok ignore=ignore module_unknown=ignore default=bad 2021-01-07 20:41:42 Result: brackets used, ignoring control flags 2021-01-07 20:41:42 Result: using module pam_selinux.so (other) with options close 2021-01-07 20:41:42 Result: using module pam_loginuid.so (required) without options configured 2021-01-07 20:41:42 Result: using module pam_motd.so (optional) with options motd=/run/motd.dynamic 2021-01-07 20:41:42 Result: using module pam_motd.so (optional) with options noupdate 2021-01-07 20:41:42 Result: Found brackets in line, indicating multiple options for control flags: success=ok ignore=ignore module_unknown=ignore default=bad 2021-01-07 20:41:42 Result: brackets used, ignoring control flags 2021-01-07 20:41:42 Result: using module pam_selinux.so (other) with options open 2021-01-07 20:41:42 Result: using module pam_env.so (required) with options readenv=1 2021-01-07 20:41:43 Result: using module pam_env.so (required) with options readenv=1 envfile=/etc/default/locale 2021-01-07 20:41:43 Result: using module pam_group.so (optional) without options configured 2021-01-07 20:41:43 Result: using module pam_limits.so (required) without options configured 2021-01-07 20:41:43 Result: using module pam_lastlog.so (optional) without options configured 2021-01-07 20:41:43 Result: using module pam_mail.so (optional) with options standard 2021-01-07 20:41:43 Result: using module pam_keyinit.so (optional) with options force revoke 2021-01-07 20:41:43 Now checking PAM file /etc/pam.d/passwd 2021-01-07 20:41:43 Now checking PAM file /etc/pam.d/common-session-noninteractive 2021-01-07 20:41:43 Result: Found brackets in line, indicating multiple options for control flags: default=1 2021-01-07 20:41:43 Result: brackets used, ignoring control flags 2021-01-07 20:41:43 Result: using module pam_permit.so (other) without options configured 2021-01-07 20:41:43 Result: using module pam_deny.so (requisite) without options configured 2021-01-07 20:41:43 Result: using module pam_permit.so (required) without options configured 2021-01-07 20:41:43 Result: using module pam_umask.so (optional) without options configured 2021-01-07 20:41:43 Result: using module pam_unix.so (required) without options configured 2021-01-07 20:41:43 Result: found pam_unix.so module (generic) 2021-01-07 20:41:43 Now checking PAM file /etc/pam.d/common-account 2021-01-07 20:41:43 Result: Found brackets in line, indicating multiple options for control flags: success=1 new_authtok_reqd=done default=ignore 2021-01-07 20:41:43 Result: brackets used, ignoring control flags 2021-01-07 20:41:43 Result: using module pam_unix.so (other) without options configured 2021-01-07 20:41:43 Result: found pam_unix.so module (generic) 2021-01-07 20:41:43 Result: using module pam_deny.so (requisite) without options configured 2021-01-07 20:41:43 Result: using module pam_permit.so (required) without options configured 2021-01-07 20:41:43 Now checking PAM file /etc/pam.d/vmtoolsd 2021-01-07 20:41:43 Result: using module pam_shells.so (required) without options configured 2021-01-07 20:41:43 Now checking PAM file /etc/pam.d/sudo 2021-01-07 20:41:44 Result: using module pam_env.so (required) with options readenv=1 user_readenv=0 2021-01-07 20:41:44 Result: using module pam_env.so (required) with options readenv=1 envfile=/etc/default/locale user_readenv=0 2021-01-07 20:41:44 Now checking PAM file /etc/pam.d/systemd-user 2021-01-07 20:41:44 Result: using module pam_selinux.so (required) with options close 2021-01-07 20:41:44 Result: using module pam_selinux.so (required) with options nottys open 2021-01-07 20:41:44 Result: using module pam_loginuid.so (required) without options configured 2021-01-07 20:41:44 Result: using module pam_limits.so (required) without options configured 2021-01-07 20:41:44 Result: using module pam_systemd.so (optional) without options configured 2021-01-07 20:41:44 Now checking PAM file /etc/pam.d/chsh 2021-01-07 20:41:44 Result: using module pam_shells.so (required) without options configured 2021-01-07 20:41:44 Result: using module pam_rootok.so (sufficient) without options configured 2021-01-07 20:41:44 Now checking PAM file /etc/pam.d/common-auth 2021-01-07 20:41:44 Result: Found brackets in line, indicating multiple options for control flags: success=1 default=ignore 2021-01-07 20:41:44 Result: brackets used, ignoring control flags 2021-01-07 20:41:44 Result: using module pam_unix.so (other) with options nullok_secure 2021-01-07 20:41:44 Result: found pam_unix.so module (generic) 2021-01-07 20:41:44 Result: using module pam_deny.so (requisite) without options configured 2021-01-07 20:41:44 Result: using module pam_permit.so (required) without options configured 2021-01-07 20:41:44 Result: using module pam_cap.so (optional) without options configured 2021-01-07 20:41:44 Now checking PAM file /etc/pam.d/chpasswd 2021-01-07 20:41:44 Now checking PAM file /etc/pam.d/su-l 2021-01-07 20:41:44 Result: using module pam_keyinit.so (optional) with options force revoke 2021-01-07 20:41:44 [PAM] PAM 2F authentication enabled: 0 2021-01-07 20:41:44 [PAM] PAM 2F authentication required: 0 2021-01-07 20:41:44 [PAM] Authentication unlock time: not configured 2021-01-07 20:41:44 [PAM] Password brute force protection: 0 2021-01-07 20:41:44 [PAM] Minimum password length: not configured 2021-01-07 20:41:44 [PAM] Password strength testing enabled: 0 2021-01-07 20:41:44 [PAM] Password maximum retry: Not configured 2021-01-07 20:41:44 [PAM] Password history with pam_pwhistory IS NOT enabled 2021-01-07 20:41:44 [PAM] Password history with pam_unix IS NOT enabled 2021-01-07 20:41:44 ==== 2021-01-07 20:41:44 Result: pam plugin (phase 1) finished 2021-01-07 20:41:44 -- 2021-01-07 20:41:44 Found plugin file: ./plugins/plugin_systemd_phase1 2021-01-07 20:41:44 Action: checking plugin status in profile: /root/scans/lynis/default.prf 2021-01-07 20:41:44 Result: plugin enabled in profile (/root/scans/lynis/default.prf) 2021-01-07 20:41:44 Result: plugin systemd is enabled 2021-01-07 20:41:44 Checking permissions of ./plugins/plugin_systemd_phase1 2021-01-07 20:41:44 File permissions are OK 2021-01-07 20:41:44 Including plugin file: ./plugins/plugin_systemd_phase1 (version: 1.0.4) 2021-01-07 20:41:44 ==== 2021-01-07 20:41:44 Performing test ID PLGN-3800 (Gather systemctl exit code) 2021-01-07 20:41:44 ==== 2021-01-07 20:41:44 Performing test ID PLGN-3802 (Query systemd version and options) 2021-01-07 20:41:44 Result: found systemd version 245 2021-01-07 20:41:44 Result: found builtin components list 2021-01-07 20:41:44 ==== 2021-01-07 20:41:44 Performing test ID PLGN-3804 (Gather systemd unit files and their status) 2021-01-07 20:41:45 Result: found systemd unit files via systemctl list-unit-files 2021-01-07 20:41:45 Output: proc-sys-fs-binfmt_misc.automount|static| 2021-01-07 20:41:45 Output: -.mount|generated| 2021-01-07 20:41:45 Output: boot.mount|generated| 2021-01-07 20:41:45 Output: dev-hugepages.mount|static| 2021-01-07 20:41:45 Output: dev-mqueue.mount|static| 2021-01-07 20:41:45 Output: proc-sys-fs-binfmt_misc.mount|disabled| 2021-01-07 20:41:45 Output: snap-core18-1880.mount|enabled| 2021-01-07 20:41:45 Output: snap-core18-1944.mount|enabled| 2021-01-07 20:41:45 Output: snap-lxd-16099.mount|enabled| 2021-01-07 20:41:45 Output: snap-lxd-18150.mount|enabled| 2021-01-07 20:41:45 Output: snap-snapd-10707.mount|enabled| 2021-01-07 20:41:45 Output: snap-snapd-8542.mount|enabled| 2021-01-07 20:41:45 Output: sys-fs-fuse-connections.mount|static| 2021-01-07 20:41:45 Output: sys-kernel-config.mount|static| 2021-01-07 20:41:45 Output: sys-kernel-debug.mount|static| 2021-01-07 20:41:45 Output: sys-kernel-tracing.mount|static| 2021-01-07 20:41:45 Output: apport-autoreport.path|enabled| 2021-01-07 20:41:45 Output: systemd-ask-password-console.path|static| 2021-01-07 20:41:45 Output: systemd-ask-password-plymouth.path|static| 2021-01-07 20:41:45 Output: systemd-ask-password-wall.path|static| 2021-01-07 20:41:45 Output: session-1.scope|transient| 2021-01-07 20:41:45 Output: accounts-daemon.service|enabled| 2021-01-07 20:41:45 Output: apache-htcacheclean.service|disabled| 2021-01-07 20:41:45 Output: apache-htcacheclean@.service|disabled| 2021-01-07 20:41:45 Output: apache2.service|enabled| 2021-01-07 20:41:45 Output: apache2@.service|disabled| 2021-01-07 20:41:45 Output: apparmor.service|enabled| 2021-01-07 20:41:45 Output: apport-autoreport.service|static| 2021-01-07 20:41:45 Output: apport-forward@.service|static| 2021-01-07 20:41:45 Output: apport.service|generated| 2021-01-07 20:41:45 Output: apt-daily-upgrade.service|static| 2021-01-07 20:41:45 Output: apt-daily.service|static| 2021-01-07 20:41:45 Output: atd.service|enabled| 2021-01-07 20:41:45 Output: autovt@.service|enabled| 2021-01-07 20:41:45 Output: blk-availability.service|enabled| 2021-01-07 20:41:45 Output: bolt.service|static| 2021-01-07 20:41:45 Output: cloud-config.service|enabled| 2021-01-07 20:41:45 Output: cloud-final.service|enabled| 2021-01-07 20:41:45 Output: cloud-init-local.service|enabled| 2021-01-07 20:41:45 Output: cloud-init.service|enabled| 2021-01-07 20:41:45 Output: console-getty.service|disabled| 2021-01-07 20:41:45 Output: console-setup.service|enabled| 2021-01-07 20:41:45 Output: container-getty@.service|static| 2021-01-07 20:41:45 Output: cron.service|enabled| 2021-01-07 20:41:45 Output: cryptdisks-early.service|masked| 2021-01-07 20:41:45 Output: cryptdisks.service|masked| 2021-01-07 20:41:45 Output: dbus-org.freedesktop.hostname1.service|static| 2021-01-07 20:41:45 Output: dbus-org.freedesktop.locale1.service|static| 2021-01-07 20:41:45 Output: dbus-org.freedesktop.login1.service|static| 2021-01-07 20:41:45 Output: dbus-org.freedesktop.resolve1.service|enabled| 2021-01-07 20:41:45 Output: dbus-org.freedesktop.thermald.service|enabled| 2021-01-07 20:41:45 Output: dbus-org.freedesktop.timedate1.service|static| 2021-01-07 20:41:45 Output: dbus-org.freedesktop.timesync1.service|enabled| 2021-01-07 20:41:45 Output: dbus.service|static| 2021-01-07 20:41:45 Output: debug-shell.service|disabled| 2021-01-07 20:41:45 Output: dm-event.service|static| 2021-01-07 20:41:45 Output: dmesg.service|enabled| 2021-01-07 20:41:45 Output: e2scrub@.service|static| 2021-01-07 20:41:45 Output: e2scrub_all.service|static| 2021-01-07 20:41:45 Output: e2scrub_fail@.service|static| 2021-01-07 20:41:45 Output: e2scrub_reap.service|enabled| 2021-01-07 20:41:45 Output: emergency.service|static| 2021-01-07 20:41:45 Output: finalrd.service|enabled| 2021-01-07 20:41:45 Output: friendly-recovery.service|static| 2021-01-07 20:41:45 Output: fstrim.service|static| 2021-01-07 20:41:45 Output: fwupd-offline-update.service|static| 2021-01-07 20:41:45 Output: fwupd-refresh.service|static| 2021-01-07 20:41:45 Output: fwupd.service|static| 2021-01-07 20:41:45 Output: getty-static.service|static| 2021-01-07 20:41:45 Output: getty@.service|enabled| 2021-01-07 20:41:45 Output: grub-common.service|generated| 2021-01-07 20:41:45 Output: grub-initrd-fallback.service|enabled| 2021-01-07 20:41:45 Output: hwclock.service|masked| 2021-01-07 20:41:45 Output: initrd-cleanup.service|static| 2021-01-07 20:41:45 Output: initrd-parse-etc.service|static| 2021-01-07 20:41:45 Output: initrd-switch-root.service|static| 2021-01-07 20:41:45 Output: initrd-udevadm-cleanup-db.service|static| 2021-01-07 20:41:45 Output: irqbalance.service|enabled| 2021-01-07 20:41:45 Output: iscsi.service|enabled| 2021-01-07 20:41:45 Output: iscsid.service|disabled| 2021-01-07 20:41:45 Output: keyboard-setup.service|enabled| 2021-01-07 20:41:45 Output: kmod-static-nodes.service|static| 2021-01-07 20:41:45 Output: kmod.service|static| 2021-01-07 20:41:45 Output: logrotate.service|static| 2021-01-07 20:41:45 Output: lvm2-lvmpolld.service|static| 2021-01-07 20:41:45 Output: lvm2-monitor.service|enabled| 2021-01-07 20:41:45 Output: lvm2-pvscan@.service|static| 2021-01-07 20:41:45 Output: lvm2.service|masked| 2021-01-07 20:41:45 Output: lxd-agent-9p.service|enabled| 2021-01-07 20:41:45 Output: lxd-agent.service|enabled| 2021-01-07 20:41:45 Output: man-db.service|static| 2021-01-07 20:41:45 Output: mdadm-grow-continue@.service|static| 2021-01-07 20:41:45 Output: mdadm-last-resort@.service|static| 2021-01-07 20:41:45 Output: mdcheck_continue.service|static| 2021-01-07 20:41:45 Output: mdcheck_start.service|static| 2021-01-07 20:41:45 Output: mdmon@.service|static| 2021-01-07 20:41:45 Output: mdmonitor-oneshot.service|static| 2021-01-07 20:41:45 Output: mdmonitor.service|static| 2021-01-07 20:41:45 Output: modprobe@.service|static| 2021-01-07 20:41:45 Output: motd-news.service|static| 2021-01-07 20:41:45 Output: multipath-tools-boot.service|masked| 2021-01-07 20:41:45 Output: multipath-tools.service|enabled| 2021-01-07 20:41:45 Output: multipathd.service|enabled| 2021-01-07 20:41:45 Output: mysql.service|enabled| 2021-01-07 20:41:45 Output: networkd-dispatcher.service|enabled| 2021-01-07 20:41:45 Output: ondemand.service|enabled| 2021-01-07 20:41:45 Output: open-iscsi.service|enabled| 2021-01-07 20:41:45 Output: open-vm-tools.service|enabled| 2021-01-07 20:41:45 Output: packagekit-offline-update.service|static| 2021-01-07 20:41:45 Output: packagekit.service|static| 2021-01-07 20:41:45 Output: phpsessionclean.service|static| 2021-01-07 20:41:45 Output: plymouth-halt.service|static| 2021-01-07 20:41:45 Output: plymouth-kexec.service|static| 2021-01-07 20:41:45 Output: plymouth-log.service|static| 2021-01-07 20:41:45 Output: plymouth-poweroff.service|static| 2021-01-07 20:41:45 Output: plymouth-quit-wait.service|static| 2021-01-07 20:41:45 Output: plymouth-quit.service|static| 2021-01-07 20:41:45 Output: plymouth-read-write.service|static| 2021-01-07 20:41:45 Output: plymouth-reboot.service|static| 2021-01-07 20:41:45 Output: plymouth-start.service|static| 2021-01-07 20:41:45 Output: plymouth-switch-root.service|static| 2021-01-07 20:41:45 Output: plymouth.service|static| 2021-01-07 20:41:45 Output: polkit.service|static| 2021-01-07 20:41:45 Output: pollinate.service|enabled| 2021-01-07 20:41:45 Output: procps.service|static| 2021-01-07 20:41:45 Output: quotaon.service|static| 2021-01-07 20:41:45 Output: rc-local.service|static| 2021-01-07 20:41:45 Output: rc.service|masked| 2021-01-07 20:41:45 Output: rcS.service|masked| 2021-01-07 20:41:45 Output: rescue.service|static| 2021-01-07 20:41:45 Output: rsync.service|enabled| 2021-01-07 20:41:45 Output: rsyslog.service|enabled| 2021-01-07 20:41:45 Output: screen-cleanup.service|masked| 2021-01-07 20:41:45 Output: secureboot-db.service|enabled| 2021-01-07 20:41:45 Output: serial-getty@.service|disabled| 2021-01-07 20:41:45 Output: setvtrgb.service|enabled| 2021-01-07 20:41:45 Output: snap.lxd.activate.service|enabled| 2021-01-07 20:41:45 Output: snap.lxd.daemon.service|static| 2021-01-07 20:41:45 Output: snapd.apparmor.service|enabled| 2021-01-07 20:41:45 Output: snapd.autoimport.service|enabled| 2021-01-07 20:41:45 Output: snapd.core-fixup.service|enabled| 2021-01-07 20:41:45 Output: snapd.failure.service|static| 2021-01-07 20:41:45 Output: snapd.recovery-chooser-trigger.service|enabled| 2021-01-07 20:41:45 Output: snapd.seeded.service|enabled| 2021-01-07 20:41:45 Output: snapd.service|enabled| 2021-01-07 20:41:45 Output: snapd.snap-repair.service|static| 2021-01-07 20:41:45 Output: snapd.system-shutdown.service|enabled| 2021-01-07 20:41:45 Output: sudo.service|masked| 2021-01-07 20:41:45 Output: syslog.service|enabled| 2021-01-07 20:41:45 Output: system-update-cleanup.service|static| 2021-01-07 20:41:45 Output: systemd-ask-password-console.service|static| 2021-01-07 20:41:45 Output: systemd-ask-password-plymouth.service|static| 2021-01-07 20:41:45 Output: systemd-ask-password-wall.service|static| 2021-01-07 20:41:45 Output: systemd-backlight@.service|static| 2021-01-07 20:41:45 Output: systemd-binfmt.service|static| 2021-01-07 20:41:45 Output: systemd-bless-boot.service|static| 2021-01-07 20:41:45 Output: systemd-boot-check-no-failures.service|disabled| 2021-01-07 20:41:45 Output: systemd-boot-system-token.service|static| 2021-01-07 20:41:45 Output: systemd-exit.service|static| 2021-01-07 20:41:45 Output: systemd-fsck-root.service|static| 2021-01-07 20:41:45 Output: systemd-fsck@.service|static| 2021-01-07 20:41:45 Output: systemd-fsckd.service|static| 2021-01-07 20:41:45 Output: systemd-halt.service|static| 2021-01-07 20:41:45 Output: systemd-hibernate-resume@.service|static| 2021-01-07 20:41:45 Output: systemd-hibernate.service|static| 2021-01-07 20:41:45 Output: systemd-hostnamed.service|static| 2021-01-07 20:41:45 Output: systemd-hwdb-update.service|static| 2021-01-07 20:41:45 Output: systemd-hybrid-sleep.service|static| 2021-01-07 20:41:45 Output: systemd-initctl.service|static| 2021-01-07 20:41:45 Output: systemd-journal-flush.service|static| 2021-01-07 20:41:45 Output: systemd-journald.service|static| 2021-01-07 20:41:45 Output: systemd-journald@.service|static| 2021-01-07 20:41:45 Output: systemd-kexec.service|static| 2021-01-07 20:41:45 Output: systemd-localed.service|static| 2021-01-07 20:41:45 Output: systemd-logind.service|static| 2021-01-07 20:41:45 Output: systemd-machine-id-commit.service|static| 2021-01-07 20:41:45 Output: systemd-modules-load.service|static| 2021-01-07 20:41:45 Output: systemd-network-generator.service|disabled| 2021-01-07 20:41:45 Output: systemd-networkd-wait-online.service|enabled| 2021-01-07 20:41:45 Output: systemd-networkd.service|enabled| 2021-01-07 20:41:45 Output: systemd-poweroff.service|static| 2021-01-07 20:41:45 Output: systemd-pstore.service|enabled| 2021-01-07 20:41:45 Output: systemd-quotacheck.service|static| 2021-01-07 20:41:45 Output: systemd-random-seed.service|static| 2021-01-07 20:41:45 Output: systemd-reboot.service|static| 2021-01-07 20:41:45 Output: systemd-remount-fs.service|enabled-runtime| 2021-01-07 20:41:45 Output: systemd-resolved.service|enabled| 2021-01-07 20:41:45 Output: systemd-rfkill.service|static| 2021-01-07 20:41:45 Output: systemd-suspend-then-hibernate.service|static| 2021-01-07 20:41:45 Output: systemd-suspend.service|static| 2021-01-07 20:41:45 Output: systemd-sysctl.service|static| 2021-01-07 20:41:45 Output: systemd-sysusers.service|static| 2021-01-07 20:41:45 Output: systemd-time-wait-sync.service|disabled| 2021-01-07 20:41:45 Output: systemd-timedated.service|static| 2021-01-07 20:41:45 Output: systemd-timesyncd.service|enabled| 2021-01-07 20:41:45 Output: systemd-tmpfiles-clean.service|static| 2021-01-07 20:41:45 Output: systemd-tmpfiles-setup-dev.service|static| 2021-01-07 20:41:45 Output: systemd-tmpfiles-setup.service|static| 2021-01-07 20:41:45 Output: systemd-udev-settle.service|static| 2021-01-07 20:41:45 Output: systemd-udev-trigger.service|static| 2021-01-07 20:41:45 Output: systemd-udevd.service|static| 2021-01-07 20:41:45 Output: systemd-update-utmp-runlevel.service|static| 2021-01-07 20:41:45 Output: systemd-update-utmp.service|static| 2021-01-07 20:41:45 Output: systemd-user-sessions.service|static| 2021-01-07 20:41:45 Output: systemd-volatile-root.service|static| 2021-01-07 20:41:45 Output: thermald.service|enabled| 2021-01-07 20:41:45 Output: udev.service|static| 2021-01-07 20:41:45 Output: ufw.service|enabled| 2021-01-07 20:41:45 Output: unattended-upgrades.service|enabled| 2021-01-07 20:41:45 Output: user-runtime-dir@.service|static| 2021-01-07 20:41:45 Output: user@.service|static| 2021-01-07 20:41:45 Output: uuidd.service|indirect| 2021-01-07 20:41:45 Output: vgauth.service|enabled| 2021-01-07 20:41:45 Output: vmtoolsd.service|enabled| 2021-01-07 20:41:45 Output: x11-common.service|masked| 2021-01-07 20:41:45 Output: xfs_scrub@.service|static| 2021-01-07 20:41:45 Output: xfs_scrub_all.service|static| 2021-01-07 20:41:45 Output: xfs_scrub_fail@.service|static| 2021-01-07 20:41:45 Output: machine.slice|static| 2021-01-07 20:41:45 Output: system-systemd\x2dcryptsetup.slice|static| 2021-01-07 20:41:45 Output: user.slice|static| 2021-01-07 20:41:45 Output: apport-forward.socket|enabled| 2021-01-07 20:41:45 Output: dbus.socket|static| 2021-01-07 20:41:45 Output: dm-event.socket|enabled| 2021-01-07 20:41:45 Output: iscsid.socket|enabled| 2021-01-07 20:41:45 Output: lvm2-lvmpolld.socket|enabled| 2021-01-07 20:41:45 Output: multipathd.socket|enabled| 2021-01-07 20:41:45 Output: snap.lxd.daemon.unix.socket|enabled| 2021-01-07 20:41:45 Output: snapd.socket|enabled| 2021-01-07 20:41:45 Output: syslog.socket|static| 2021-01-07 20:41:45 Output: systemd-fsckd.socket|static| 2021-01-07 20:41:45 Output: systemd-initctl.socket|static| 2021-01-07 20:41:45 Output: systemd-journald-audit.socket|static| 2021-01-07 20:41:45 Output: systemd-journald-dev-log.socket|static| 2021-01-07 20:41:45 Output: systemd-journald-varlink@.socket|static| 2021-01-07 20:41:45 Output: systemd-journald.socket|static| 2021-01-07 20:41:45 Output: systemd-journald@.socket|static| 2021-01-07 20:41:45 Output: systemd-networkd.socket|enabled| 2021-01-07 20:41:45 Output: systemd-rfkill.socket|static| 2021-01-07 20:41:45 Output: systemd-udevd-control.socket|static| 2021-01-07 20:41:45 Output: systemd-udevd-kernel.socket|static| 2021-01-07 20:41:45 Output: uuidd.socket|enabled| 2021-01-07 20:41:45 Output: swap.img.swap|generated| 2021-01-07 20:41:45 Output: basic.target|static| 2021-01-07 20:41:45 Output: blockdev@.target|static| 2021-01-07 20:41:45 Output: bluetooth.target|static| 2021-01-07 20:41:45 Output: boot-complete.target|static| 2021-01-07 20:41:46 Output: cloud-config.target|static| 2021-01-07 20:41:46 Output: cloud-init.target|enabled-runtime| 2021-01-07 20:41:46 Output: cryptsetup-pre.target|static| 2021-01-07 20:41:46 Output: cryptsetup.target|static| 2021-01-07 20:41:46 Output: ctrl-alt-del.target|disabled| 2021-01-07 20:41:46 Output: default.target|static| 2021-01-07 20:41:46 Output: emergency.target|static| 2021-01-07 20:41:46 Output: exit.target|disabled| 2021-01-07 20:41:46 Output: final.target|static| 2021-01-07 20:41:46 Output: friendly-recovery.target|static| 2021-01-07 20:41:46 Output: getty-pre.target|static| 2021-01-07 20:41:46 Output: getty.target|static| 2021-01-07 20:41:46 Output: graphical.target|static| 2021-01-07 20:41:46 Output: halt.target|disabled| 2021-01-07 20:41:46 Output: hibernate.target|static| 2021-01-07 20:41:46 Output: hybrid-sleep.target|static| 2021-01-07 20:41:46 Output: initrd-fs.target|static| 2021-01-07 20:41:46 Output: initrd-root-device.target|static| 2021-01-07 20:41:46 Output: initrd-root-fs.target|static| 2021-01-07 20:41:46 Output: initrd-switch-root.target|static| 2021-01-07 20:41:46 Output: initrd.target|static| 2021-01-07 20:41:46 Output: kexec.target|disabled| 2021-01-07 20:41:46 Output: local-fs-pre.target|static| 2021-01-07 20:41:46 Output: local-fs.target|static| 2021-01-07 20:41:46 Output: multi-user.target|static| 2021-01-07 20:41:46 Output: network-online.target|static| 2021-01-07 20:41:46 Output: network-pre.target|static| 2021-01-07 20:41:46 Output: network.target|static| 2021-01-07 20:41:46 Output: nss-lookup.target|static| 2021-01-07 20:41:46 Output: nss-user-lookup.target|static| 2021-01-07 20:41:46 Output: paths.target|static| 2021-01-07 20:41:46 Output: poweroff.target|disabled| 2021-01-07 20:41:46 Output: printer.target|static| 2021-01-07 20:41:46 Output: reboot.target|disabled| 2021-01-07 20:41:46 Output: remote-cryptsetup.target|disabled| 2021-01-07 20:41:46 Output: remote-fs-pre.target|static| 2021-01-07 20:41:46 Output: remote-fs.target|enabled| 2021-01-07 20:41:46 Output: rescue.target|static| 2021-01-07 20:41:46 Output: rpcbind.target|static| 2021-01-07 20:41:46 Output: runlevel0.target|disabled| 2021-01-07 20:41:46 Output: runlevel1.target|static| 2021-01-07 20:41:46 Output: runlevel2.target|static| 2021-01-07 20:41:46 Output: runlevel3.target|static| 2021-01-07 20:41:46 Output: runlevel4.target|static| 2021-01-07 20:41:46 Output: runlevel5.target|static| 2021-01-07 20:41:46 Output: runlevel6.target|disabled| 2021-01-07 20:41:46 Output: shutdown.target|static| 2021-01-07 20:41:46 Output: sigpwr.target|static| 2021-01-07 20:41:46 Output: sleep.target|static| 2021-01-07 20:41:46 Output: slices.target|static| 2021-01-07 20:41:46 Output: smartcard.target|static| 2021-01-07 20:41:46 Output: sockets.target|static| 2021-01-07 20:41:46 Output: sound.target|static| 2021-01-07 20:41:46 Output: suspend-then-hibernate.target|static| 2021-01-07 20:41:46 Output: suspend.target|static| 2021-01-07 20:41:46 Output: swap.target|static| 2021-01-07 20:41:46 Output: sysinit.target|static| 2021-01-07 20:41:46 Output: system-update-pre.target|static| 2021-01-07 20:41:46 Output: system-update.target|static| 2021-01-07 20:41:46 Output: time-set.target|static| 2021-01-07 20:41:46 Output: time-sync.target|static| 2021-01-07 20:41:46 Output: timers.target|static| 2021-01-07 20:41:46 Output: umount.target|static| 2021-01-07 20:41:46 Output: apt-daily-upgrade.timer|enabled| 2021-01-07 20:41:46 Output: apt-daily.timer|enabled| 2021-01-07 20:41:46 Output: e2scrub_all.timer|enabled| 2021-01-07 20:41:46 Output: fstrim.timer|enabled| 2021-01-07 20:41:46 Output: fwupd-refresh.timer|enabled| 2021-01-07 20:41:46 Output: logrotate.timer|enabled| 2021-01-07 20:41:46 Output: man-db.timer|enabled| 2021-01-07 20:41:46 Output: mdadm-last-resort@.timer|static| 2021-01-07 20:41:46 Output: mdcheck_continue.timer|static| 2021-01-07 20:41:46 Output: mdcheck_start.timer|enabled| 2021-01-07 20:41:46 Output: mdmonitor-oneshot.timer|enabled| 2021-01-07 20:41:46 Output: motd-news.timer|enabled| 2021-01-07 20:41:46 Output: phpsessionclean.timer|enabled| 2021-01-07 20:41:46 Output: snapd.snap-repair.timer|enabled| 2021-01-07 20:41:46 Output: systemd-tmpfiles-clean.timer|static| 2021-01-07 20:41:46 Output: xfs_scrub_all.timer|disabled| 2021-01-07 20:41:46 ==== 2021-01-07 20:41:46 Performing test ID PLGN-3806 (Gather failed systemd units) 2021-01-07 20:41:46 ==== 2021-01-07 20:41:46 Performing test ID PLGN-3808 (Gather systemd machine ID) 2021-01-07 20:41:46 Result: found machine ID: e08fbde5fdae464a8aa702c576e998bf 2021-01-07 20:41:46 ==== 2021-01-07 20:41:46 Performing test ID PLGN-3810 (Query main systemd binaries) 2021-01-07 20:41:46 Result: found systemd binaries in /usr/lib/systemd 2021-01-07 20:41:46 ==== 2021-01-07 20:41:46 Performing test ID PLGN-3812 (Query journal for boot related information) 2021-01-07 20:41:46 Output: number of boots listed in journal is 4 2021-01-07 20:41:46 Output: oldest boot date in journal is 2021-01-06 2021-01-07 20:41:46 ==== 2021-01-07 20:41:46 Performing test ID PLGN-3814 (Verify journal integrity) 2021-01-07 20:41:46 Result: systemd journal has no errors 2021-01-07 20:41:46 ==== 2021-01-07 20:41:46 Performing test ID PLGN-3816 (Query journal for boot related information) 2021-01-07 20:41:46 Result: journals are 40.0M in size 2021-01-07 20:41:46 ==== 2021-01-07 20:41:46 Performing test ID PLGN-3818 (Query journal meta data) 2021-01-07 20:41:46 ==== 2021-01-07 20:41:46 Performing test ID PLGN-3820 (Check for journal FSS configuration) 2021-01-07 20:41:46 ==== 2021-01-07 20:41:46 Performing test ID PLGN-3830 (Query systemd status) 2021-01-07 20:41:46 Result: found systemd status = running 2021-01-07 20:41:46 ==== 2021-01-07 20:41:46 Performing test ID PLGN-3832 (Query systemd status for processes which can not be found) 2021-01-07 20:41:46 ==== 2021-01-07 20:41:46 Performing test ID PLGN-3834 (Collect service units which can not be found in systemd) 2021-01-07 20:41:46 Result: found one or more services with faulty state 2021-01-07 20:41:46 Result: service seems to be faulty (not-found) auditd.service 2021-01-07 20:41:46 Result: service seems to be faulty (not-found) connman.service 2021-01-07 20:41:46 Result: service seems to be faulty (not-found) console-screen.service 2021-01-07 20:41:46 Result: service seems to be faulty (not-found) display-manager.service 2021-01-07 20:41:46 Result: service seems to be faulty (not-found) fcoe.service 2021-01-07 20:41:46 Result: service seems to be faulty (not-found) iscsi-shutdown.service 2021-01-07 20:41:46 Result: service seems to be faulty (not-found) kbd.service 2021-01-07 20:41:46 Result: service seems to be faulty (not-found) lvm2-activation-early.service 2021-01-07 20:41:46 Result: service seems to be faulty (not-found) lvm2-activation.service 2021-01-07 20:41:46 Result: service seems to be faulty (not-found) networking.service 2021-01-07 20:41:46 Result: service seems to be faulty (not-found) NetworkManager.service 2021-01-07 20:41:46 Result: service seems to be faulty (not-found) rbdmap.service 2021-01-07 20:41:46 Result: service seems to be faulty (not-found) ssh.service 2021-01-07 20:41:46 Result: service seems to be faulty (not-found) sshd-keygen.service 2021-01-07 20:41:46 Result: service seems to be faulty (not-found) sshd.service 2021-01-07 20:41:46 Result: service seems to be faulty (not-found) systemd-update-done.service 2021-01-07 20:41:46 Result: service seems to be faulty (not-found) systemd-vconsole-setup.service 2021-01-07 20:41:46 Result: service seems to be faulty (not-found) whoopsie.service 2021-01-07 20:41:46 ==== 2021-01-07 20:41:46 Performing test ID PLGN-3856 (Check if systemd-coredump is used) 2021-01-07 20:41:46 ==== 2021-01-07 20:41:46 Performing test ID PLGN-3860 (Query coredumps from journals since Yesterday) 2021-01-07 20:41:46 Result: found no coredumps 2021-01-07 20:41:46 ==== 2021-01-07 20:41:46 Result: systemd plugin (phase 1) finished 2021-01-07 20:41:46 -- 2021-01-07 20:41:46 Result: Found 2 plugins of which 2 are enabled 2021-01-07 20:41:46 Result: Plugins phase 1 finished 2021-01-07 20:41:46 ==== 2021-01-07 20:41:46 Result: No eth0 found (ether found), using first network interface to determine hostid (with ifconfig) 2021-01-07 20:41:46 Info: using hardware address 00:0c:29:4c:fa:60 to create ID 2021-01-07 20:41:46 Result: Found HostID: 7fc25b80ff05df4e64d70b74ece09f81764d4087 2021-01-07 20:41:46 Info: creating a HostID (version 2) 2021-01-07 20:41:46 Result: found file ssh_host_ed25519_key.pub in /etc/ssh, using that to create host identifier 2021-01-07 20:41:46 Using SSH public key to create the second host identifier 2021-01-07 20:41:46 Hash (hostname): 7092583f4fabdf2a5e52251007561039a3566d6983937be4a2987e00ca493883 2021-01-07 20:41:46 Hash (ssh or machineid): ff80e2121ea642494fc916efc1689e6a884995790320c5ed9309bad1b3d5ff9b 2021-01-07 20:41:46 Info: found valid HostID 7fc25b80ff05df4e64d70b74ece09f81764d4087 2021-01-07 20:41:46 Info: no machine ID found 2021-01-07 20:41:46 ==== 2021-01-07 20:41:46 Info: perform tests from all categories 2021-01-07 20:41:46 Security check: file is normal 2021-01-07 20:41:46 Checking permissions of /root/scans/lynis/include/tests_boot_services 2021-01-07 20:41:46 File permissions are OK 2021-01-07 20:41:46 ==== 2021-01-07 20:41:46 Action: Performing tests from category: Boot and services 2021-01-07 20:41:46 ==== 2021-01-07 20:41:46 Skipped test BOOT-5102 (Check for AIX boot device) 2021-01-07 20:41:46 Reason to skip: Incorrect guest OS (AIX only) 2021-01-07 20:41:46 ==== 2021-01-07 20:41:46 Performing test ID BOOT-5104 (Determine service manager) 2021-01-07 20:41:46 Result: cmdline found = /sbin/init auto automatic-ubiquity noprompt 2021-01-07 20:41:46 Result: file on disk = /sbin/init 2021-01-07 20:41:46 Action: checking symlink for file /sbin/init 2021-01-07 20:41:46 Note: Using real readlink binary to determine symlink on /sbin/init 2021-01-07 20:41:46 Result: readlink shows /usr/lib/systemd/systemd as output 2021-01-07 20:41:46 Result: symlink found, pointing to file /usr/lib/systemd/systemd 2021-01-07 20:41:46 Found: systemd 2021-01-07 20:41:46 Result: service manager found = systemd 2021-01-07 20:41:46 ==== 2021-01-07 20:41:46 Skipped test BOOT-5106 (Check EFI boot file on Mac OS X/macOS) 2021-01-07 20:41:46 Reason to skip: Incorrect guest OS (macOS only) 2021-01-07 20:41:46 ==== 2021-01-07 20:41:46 Performing test ID BOOT-5108 (Check Syslinux as bootloader) 2021-01-07 20:41:46 Test: checking if file /boot/syslinux/syslinux.cfg exists 2021-01-07 20:41:46 Result: file /boot/syslinux/syslinux.cfg NOT found 2021-01-07 20:41:46 ==== 2021-01-07 20:41:46 Performing test ID BOOT-5109 (Check rEFInd as bootloader) 2021-01-07 20:41:46 Test: checking if file /boot/refind_linux.conf exists 2021-01-07 20:41:46 Result: file /boot/refind_linux.conf NOT found 2021-01-07 20:41:46 ==== 2021-01-07 20:41:46 Performing test ID BOOT-5116 (Check if system is booted in UEFI mode) 2021-01-07 20:41:46 Test: checking if UEFI is used 2021-01-07 20:41:46 Result: UEFI not used, can't find /sys/firmware/efi directory 2021-01-07 20:41:46 Test: determine if Secure Boot is used 2021-01-07 20:41:46 Result: system not booted with Secure Boot (no SecureBoot file found) 2021-01-07 20:41:46 ==== 2021-01-07 20:41:46 Skipped test BOOT-5117 (Check for systemd-boot bootloader presence) 2021-01-07 20:41:46 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:41:46 ==== 2021-01-07 20:41:46 Performing test ID BOOT-5121 (Check for GRUB boot loader presence) 2021-01-07 20:41:46 Test: Checking for presence GRUB conf file (/boot/grub/grub.conf or /boot/grub/menu.lst) 2021-01-07 20:41:46 Result: found GRUB2 configuration file (/boot/grub/grub.cfg) 2021-01-07 20:41:46 ==== 2021-01-07 20:41:46 Performing test ID BOOT-5122 (Check for GRUB boot password) 2021-01-07 20:41:46 Found file /boot/grub/grub.cfg, proceeding with tests. 2021-01-07 20:41:46 Test: check if we can access /boot/grub/grub.cfg (escaped: /boot/grub/grub.cfg) 2021-01-07 20:41:46 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:41:46 Result: file /boot/grub/grub.cfg is readable (or directory accessible). 2021-01-07 20:41:46 Result: did not find hashed password line in this file 2021-01-07 20:41:46 Result: File '/boot/grub/custom.cfg' does not exist 2021-01-07 20:41:46 Found file /etc/grub.d/10_linux_zfs, proceeding with tests. 2021-01-07 20:41:46 Test: check if we can access /etc/grub.d/10_linux_zfs (escaped: /etc/grub.d/10_linux_zfs) 2021-01-07 20:41:46 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:41:46 Result: file /etc/grub.d/10_linux_zfs is readable (or directory accessible). 2021-01-07 20:41:46 Result: did not find hashed password line in this file 2021-01-07 20:41:46 Found file /etc/grub.d/00_header, proceeding with tests. 2021-01-07 20:41:46 Test: check if we can access /etc/grub.d/00_header (escaped: /etc/grub.d/00_header) 2021-01-07 20:41:46 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:41:46 Result: file /etc/grub.d/00_header is readable (or directory accessible). 2021-01-07 20:41:47 Result: did not find hashed password line in this file 2021-01-07 20:41:47 Found file /etc/grub.d/41_custom, proceeding with tests. 2021-01-07 20:41:47 Test: check if we can access /etc/grub.d/41_custom (escaped: /etc/grub.d/41_custom) 2021-01-07 20:41:47 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:41:47 Result: file /etc/grub.d/41_custom is readable (or directory accessible). 2021-01-07 20:41:47 Result: did not find hashed password line in this file 2021-01-07 20:41:47 Found file /etc/grub.d/05_debian_theme, proceeding with tests. 2021-01-07 20:41:47 Test: check if we can access /etc/grub.d/05_debian_theme (escaped: /etc/grub.d/05_debian_theme) 2021-01-07 20:41:47 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:41:47 Result: file /etc/grub.d/05_debian_theme is readable (or directory accessible). 2021-01-07 20:41:47 Result: did not find hashed password line in this file 2021-01-07 20:41:47 Found file /etc/grub.d/20_linux_xen, proceeding with tests. 2021-01-07 20:41:47 Test: check if we can access /etc/grub.d/20_linux_xen (escaped: /etc/grub.d/20_linux_xen) 2021-01-07 20:41:47 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:41:47 Result: file /etc/grub.d/20_linux_xen is readable (or directory accessible). 2021-01-07 20:41:47 Result: did not find hashed password line in this file 2021-01-07 20:41:47 Found file /etc/grub.d/30_uefi-firmware, proceeding with tests. 2021-01-07 20:41:47 Test: check if we can access /etc/grub.d/30_uefi-firmware (escaped: /etc/grub.d/30_uefi-firmware) 2021-01-07 20:41:47 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:41:47 Result: file /etc/grub.d/30_uefi-firmware is readable (or directory accessible). 2021-01-07 20:41:47 Result: did not find hashed password line in this file 2021-01-07 20:41:47 Found file /etc/grub.d/10_linux, proceeding with tests. 2021-01-07 20:41:47 Test: check if we can access /etc/grub.d/10_linux (escaped: /etc/grub.d/10_linux) 2021-01-07 20:41:47 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:41:47 Result: file /etc/grub.d/10_linux is readable (or directory accessible). 2021-01-07 20:41:47 Result: did not find hashed password line in this file 2021-01-07 20:41:47 Found file /etc/grub.d/40_custom, proceeding with tests. 2021-01-07 20:41:47 Test: check if we can access /etc/grub.d/40_custom (escaped: /etc/grub.d/40_custom) 2021-01-07 20:41:47 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:41:47 Result: file /etc/grub.d/40_custom is readable (or directory accessible). 2021-01-07 20:41:47 Result: did not find hashed password line in this file 2021-01-07 20:41:47 Found file /etc/grub.d/30_os-prober, proceeding with tests. 2021-01-07 20:41:47 Test: check if we can access /etc/grub.d/30_os-prober (escaped: /etc/grub.d/30_os-prober) 2021-01-07 20:41:47 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:41:47 Result: file /etc/grub.d/30_os-prober is readable (or directory accessible). 2021-01-07 20:41:47 Result: did not find hashed password line in this file 2021-01-07 20:41:47 Result: Didn't find hashed password line in GRUB configuration 2021-01-07 20:41:47 Suggestion: Set a password on GRUB boot loader to prevent altering boot configuration (e.g. boot in single user mode without password) [test:BOOT-5122] [details:-] [solution:-] 2021-01-07 20:41:47 Hardening: assigned partial number of hardening points (0 of 2). Currently having 0 points (out of 2) 2021-01-07 20:41:47 ==== 2021-01-07 20:41:47 Skipped test BOOT-5124 (Check for FreeBSD boot loader presence) 2021-01-07 20:41:47 Reason to skip: Incorrect guest OS (FreeBSD only) 2021-01-07 20:41:47 ==== 2021-01-07 20:41:47 Skipped test BOOT-5261 (Check for DragonFly boot loader presence) 2021-01-07 20:41:47 Reason to skip: Incorrect guest OS (DragonFly only) 2021-01-07 20:41:47 ==== 2021-01-07 20:41:47 Skipped test BOOT-5126 (Check for NetBSD boot loader presence) 2021-01-07 20:41:47 Reason to skip: Incorrect guest OS (NetBSD only) 2021-01-07 20:41:47 ==== 2021-01-07 20:41:47 Performing test ID BOOT-5139 (Check for LILO boot loader presence) 2021-01-07 20:41:47 Test: checking for presence LILO configuration file 2021-01-07 20:41:47 Result: LILO configuration file not found 2021-01-07 20:41:47 ==== 2021-01-07 20:41:47 Performing test ID BOOT-5142 (Check SPARC Improved boot loader (SILO)) 2021-01-07 20:41:47 Result: no SILO configuration file found. 2021-01-07 20:41:47 ==== 2021-01-07 20:41:47 Performing test ID BOOT-5155 (Check for YABOOT boot loader configuration file) 2021-01-07 20:41:47 Test: Check for /etc/yaboot.conf 2021-01-07 20:41:47 Result: no YABOOT configuration file found. 2021-01-07 20:41:47 ==== 2021-01-07 20:41:47 Skipped test BOOT-5159 (Check for OpenBSD boot loader presence) 2021-01-07 20:41:47 Reason to skip: Incorrect guest OS (OpenBSD only) 2021-01-07 20:41:47 ==== 2021-01-07 20:41:47 Skipped test BOOT-5165 (Check for FreeBSD boot services) 2021-01-07 20:41:47 Reason to skip: Incorrect guest OS (FreeBSD only) 2021-01-07 20:41:47 ==== 2021-01-07 20:41:47 Skipped test BOOT-5170 (Check for Solaris boot daemons) 2021-01-07 20:41:47 Reason to skip: Incorrect guest OS (Solaris only) 2021-01-07 20:41:47 ==== 2021-01-07 20:41:47 Performing test ID BOOT-5177 (Check for Linux boot and running services) 2021-01-07 20:41:47 Test: checking presence systemctl binary 2021-01-07 20:41:47 Result: systemctl binary found, trying that to discover information 2021-01-07 20:41:47 Searching for running services (systemctl services only) 2021-01-07 20:41:47 Found running service: accounts-daemon 2021-01-07 20:41:47 Found running service: apache2 2021-01-07 20:41:47 Found running service: atd 2021-01-07 20:41:47 Found running service: cron 2021-01-07 20:41:47 Found running service: dbus 2021-01-07 20:41:47 Found running service: getty@tty1 2021-01-07 20:41:47 Found running service: irqbalance 2021-01-07 20:41:47 Found running service: multipathd 2021-01-07 20:41:47 Found running service: mysql 2021-01-07 20:41:47 Found running service: networkd-dispatcher 2021-01-07 20:41:47 Found running service: open-vm-tools 2021-01-07 20:41:47 Found running service: polkit 2021-01-07 20:41:47 Found running service: rsyslog 2021-01-07 20:41:47 Found running service: snapd 2021-01-07 20:41:47 Found running service: systemd-journald 2021-01-07 20:41:47 Found running service: systemd-logind 2021-01-07 20:41:47 Found running service: systemd-networkd 2021-01-07 20:41:47 Found running service: systemd-resolved 2021-01-07 20:41:47 Found running service: systemd-timesyncd 2021-01-07 20:41:47 Found running service: systemd-udevd 2021-01-07 20:41:47 Found running service: unattended-upgrades 2021-01-07 20:41:47 Found running service: user@1000 2021-01-07 20:41:47 Found running service: vgauth 2021-01-07 20:41:47 Hint: Run systemctl --full --type=service to see all services 2021-01-07 20:41:47 Result: Found 23 running services 2021-01-07 20:41:47 Searching for enabled services (systemctl services only) 2021-01-07 20:41:48 Found enabled service at boot: accounts-daemon 2021-01-07 20:41:48 Found enabled service at boot: apache2 2021-01-07 20:41:48 Found enabled service at boot: apparmor 2021-01-07 20:41:48 Found enabled service at boot: atd 2021-01-07 20:41:48 Found enabled service at boot: autovt@ 2021-01-07 20:41:48 Found enabled service at boot: blk-availability 2021-01-07 20:41:48 Found enabled service at boot: cloud-config 2021-01-07 20:41:48 Found enabled service at boot: cloud-final 2021-01-07 20:41:48 Found enabled service at boot: cloud-init-local 2021-01-07 20:41:48 Found enabled service at boot: cloud-init 2021-01-07 20:41:48 Found enabled service at boot: console-setup 2021-01-07 20:41:48 Found enabled service at boot: cron 2021-01-07 20:41:48 Found enabled service at boot: dbus-org.freedesktop.resolve1 2021-01-07 20:41:48 Found enabled service at boot: dbus-org.freedesktop.thermald 2021-01-07 20:41:48 Found enabled service at boot: dbus-org.freedesktop.timesync1 2021-01-07 20:41:48 Found enabled service at boot: dmesg 2021-01-07 20:41:48 Found enabled service at boot: e2scrub_reap 2021-01-07 20:41:48 Found enabled service at boot: finalrd 2021-01-07 20:41:48 Found enabled service at boot: getty@ 2021-01-07 20:41:48 Found enabled service at boot: grub-initrd-fallback 2021-01-07 20:41:48 Found enabled service at boot: irqbalance 2021-01-07 20:41:48 Found enabled service at boot: iscsi 2021-01-07 20:41:48 Found enabled service at boot: keyboard-setup 2021-01-07 20:41:48 Found enabled service at boot: lvm2-monitor 2021-01-07 20:41:48 Found enabled service at boot: lxd-agent-9p 2021-01-07 20:41:48 Found enabled service at boot: lxd-agent 2021-01-07 20:41:48 Found enabled service at boot: multipath-tools 2021-01-07 20:41:48 Found enabled service at boot: multipathd 2021-01-07 20:41:48 Found enabled service at boot: mysql 2021-01-07 20:41:48 Found enabled service at boot: networkd-dispatcher 2021-01-07 20:41:48 Found enabled service at boot: ondemand 2021-01-07 20:41:48 Found enabled service at boot: open-iscsi 2021-01-07 20:41:48 Found enabled service at boot: open-vm-tools 2021-01-07 20:41:48 Found enabled service at boot: pollinate 2021-01-07 20:41:48 Found enabled service at boot: rsync 2021-01-07 20:41:48 Found enabled service at boot: rsyslog 2021-01-07 20:41:48 Found enabled service at boot: secureboot-db 2021-01-07 20:41:48 Found enabled service at boot: setvtrgb 2021-01-07 20:41:48 Found enabled service at boot: snap.lxd.activate 2021-01-07 20:41:48 Found enabled service at boot: snapd.apparmor 2021-01-07 20:41:48 Found enabled service at boot: snapd.autoimport 2021-01-07 20:41:48 Found enabled service at boot: snapd.core-fixup 2021-01-07 20:41:48 Found enabled service at boot: snapd.recovery-chooser-trigger 2021-01-07 20:41:48 Found enabled service at boot: snapd.seeded 2021-01-07 20:41:48 Found enabled service at boot: snapd 2021-01-07 20:41:48 Found enabled service at boot: snapd.system-shutdown 2021-01-07 20:41:48 Found enabled service at boot: syslog 2021-01-07 20:41:48 Found enabled service at boot: systemd-networkd-wait-online 2021-01-07 20:41:48 Found enabled service at boot: systemd-networkd 2021-01-07 20:41:48 Found enabled service at boot: systemd-pstore 2021-01-07 20:41:48 Found enabled service at boot: systemd-resolved 2021-01-07 20:41:48 Found enabled service at boot: systemd-timesyncd 2021-01-07 20:41:48 Found enabled service at boot: thermald 2021-01-07 20:41:48 Found enabled service at boot: ufw 2021-01-07 20:41:48 Found enabled service at boot: unattended-upgrades 2021-01-07 20:41:48 Found enabled service at boot: vgauth 2021-01-07 20:41:48 Found enabled service at boot: vmtoolsd 2021-01-07 20:41:48 Hint: Run systemctl list-unit-files --type=service to see all services 2021-01-07 20:41:48 Result: Found 57 enabled services 2021-01-07 20:41:48 ==== 2021-01-07 20:41:48 Performing test ID BOOT-5180 (Check for Linux boot services (Debian style)) 2021-01-07 20:41:48 Result: found runlevel 5 2021-01-07 20:41:48 Result: skipping further actions 2021-01-07 20:41:48 ==== 2021-01-07 20:41:48 Performing test ID BOOT-5184 (Check permissions for boot files/scripts) 2021-01-07 20:41:48 Result: checking /etc/init.d scripts for writable bit 2021-01-07 20:41:48 Test: checking if directory /etc/init.d exists 2021-01-07 20:41:48 Result: directory /etc/init.d found 2021-01-07 20:41:48 Test: checking for available files in directory 2021-01-07 20:41:48 Result: found files in directory, checking permissions now 2021-01-07 20:41:48 Test: checking permissions of file /etc/init.d/apache-htcacheclean 2021-01-07 20:41:48 Result: good, file /etc/init.d/apache-htcacheclean not world writable 2021-01-07 20:41:48 Test: checking permissions of file /etc/init.d/apache2 2021-01-07 20:41:48 Result: good, file /etc/init.d/apache2 not world writable 2021-01-07 20:41:48 Test: checking permissions of file /etc/init.d/apparmor 2021-01-07 20:41:48 Result: good, file /etc/init.d/apparmor not world writable 2021-01-07 20:41:48 Test: checking permissions of file /etc/init.d/apport 2021-01-07 20:41:48 Result: good, file /etc/init.d/apport not world writable 2021-01-07 20:41:48 Test: checking permissions of file /etc/init.d/atd 2021-01-07 20:41:48 Result: good, file /etc/init.d/atd not world writable 2021-01-07 20:41:48 Test: checking permissions of file /etc/init.d/console-setup.sh 2021-01-07 20:41:48 Result: good, file /etc/init.d/console-setup.sh not world writable 2021-01-07 20:41:48 Test: checking permissions of file /etc/init.d/cron 2021-01-07 20:41:48 Result: good, file /etc/init.d/cron not world writable 2021-01-07 20:41:48 Test: checking permissions of file /etc/init.d/cryptdisks 2021-01-07 20:41:48 Result: good, file /etc/init.d/cryptdisks not world writable 2021-01-07 20:41:48 Test: checking permissions of file /etc/init.d/cryptdisks-early 2021-01-07 20:41:48 Result: good, file /etc/init.d/cryptdisks-early not world writable 2021-01-07 20:41:48 Test: checking permissions of file /etc/init.d/dbus 2021-01-07 20:41:48 Result: good, file /etc/init.d/dbus not world writable 2021-01-07 20:41:48 Test: checking permissions of file /etc/init.d/grub-common 2021-01-07 20:41:48 Result: good, file /etc/init.d/grub-common not world writable 2021-01-07 20:41:48 Test: checking permissions of file /etc/init.d/hwclock.sh 2021-01-07 20:41:48 Result: good, file /etc/init.d/hwclock.sh not world writable 2021-01-07 20:41:48 Test: checking permissions of file /etc/init.d/irqbalance 2021-01-07 20:41:48 Result: good, file /etc/init.d/irqbalance not world writable 2021-01-07 20:41:48 Test: checking permissions of file /etc/init.d/iscsid 2021-01-07 20:41:48 Result: good, file /etc/init.d/iscsid not world writable 2021-01-07 20:41:48 Test: checking permissions of file /etc/init.d/keyboard-setup.sh 2021-01-07 20:41:48 Result: good, file /etc/init.d/keyboard-setup.sh not world writable 2021-01-07 20:41:48 Test: checking permissions of file /etc/init.d/kmod 2021-01-07 20:41:48 Result: good, file /etc/init.d/kmod not world writable 2021-01-07 20:41:48 Test: checking permissions of file /etc/init.d/lvm2 2021-01-07 20:41:48 Result: good, file /etc/init.d/lvm2 not world writable 2021-01-07 20:41:48 Test: checking permissions of file /etc/init.d/lvm2-lvmpolld 2021-01-07 20:41:48 Result: good, file /etc/init.d/lvm2-lvmpolld not world writable 2021-01-07 20:41:48 Test: checking permissions of file /etc/init.d/multipath-tools 2021-01-07 20:41:48 Result: good, file /etc/init.d/multipath-tools not world writable 2021-01-07 20:41:48 Test: checking permissions of file /etc/init.d/mysql 2021-01-07 20:41:48 Result: good, file /etc/init.d/mysql not world writable 2021-01-07 20:41:48 Test: checking permissions of file /etc/init.d/open-iscsi 2021-01-07 20:41:48 Result: good, file /etc/init.d/open-iscsi not world writable 2021-01-07 20:41:48 Test: checking permissions of file /etc/init.d/open-vm-tools 2021-01-07 20:41:48 Result: good, file /etc/init.d/open-vm-tools not world writable 2021-01-07 20:41:48 Test: checking permissions of file /etc/init.d/plymouth 2021-01-07 20:41:48 Result: good, file /etc/init.d/plymouth not world writable 2021-01-07 20:41:48 Test: checking permissions of file /etc/init.d/plymouth-log 2021-01-07 20:41:48 Result: good, file /etc/init.d/plymouth-log not world writable 2021-01-07 20:41:48 Test: checking permissions of file /etc/init.d/procps 2021-01-07 20:41:48 Result: good, file /etc/init.d/procps not world writable 2021-01-07 20:41:48 Test: checking permissions of file /etc/init.d/rsync 2021-01-07 20:41:48 Result: good, file /etc/init.d/rsync not world writable 2021-01-07 20:41:48 Test: checking permissions of file /etc/init.d/rsyslog 2021-01-07 20:41:48 Result: good, file /etc/init.d/rsyslog not world writable 2021-01-07 20:41:48 Test: checking permissions of file /etc/init.d/screen-cleanup 2021-01-07 20:41:48 Result: good, file /etc/init.d/screen-cleanup not world writable 2021-01-07 20:41:48 Test: checking permissions of file /etc/init.d/udev 2021-01-07 20:41:48 Result: good, file /etc/init.d/udev not world writable 2021-01-07 20:41:48 Test: checking permissions of file /etc/init.d/ufw 2021-01-07 20:41:48 Result: good, file /etc/init.d/ufw not world writable 2021-01-07 20:41:48 Test: checking permissions of file /etc/init.d/unattended-upgrades 2021-01-07 20:41:48 Result: good, file /etc/init.d/unattended-upgrades not world writable 2021-01-07 20:41:48 Test: checking permissions of file /etc/init.d/uuidd 2021-01-07 20:41:48 Result: good, file /etc/init.d/uuidd not world writable 2021-01-07 20:41:48 Test: checking if directory /etc/rc.d exists 2021-01-07 20:41:48 Result: directory /etc/rc.d not found. Skipping.. 2021-01-07 20:41:48 Test: checking if directory /etc/rcS.d exists 2021-01-07 20:41:48 Result: directory /etc/rcS.d found 2021-01-07 20:41:48 Test: checking for available files in directory 2021-01-07 20:41:48 Result: found no files in directory. 2021-01-07 20:41:48 Test: Checking /etc/rc0.d scripts for writable bit 2021-01-07 20:41:48 Test: Checking /etc/rc1.d scripts for writable bit 2021-01-07 20:41:48 Test: Checking /etc/rc2.d scripts for writable bit 2021-01-07 20:41:48 Test: Checking /etc/rc3.d scripts for writable bit 2021-01-07 20:41:48 Test: Checking /etc/rc4.d scripts for writable bit 2021-01-07 20:41:48 Test: Checking /etc/rc5.d scripts for writable bit 2021-01-07 20:41:48 Test: Checking /etc/rc6.d scripts for writable bit 2021-01-07 20:41:48 Hardening: assigned maximum number of hardening points for this item (3). Currently having 3 points (out of 5) 2021-01-07 20:41:48 ==== 2021-01-07 20:41:48 Performing test ID BOOT-5202 (Check uptime of system) 2021-01-07 20:41:48 Uptime (in seconds): 951 2021-01-07 20:41:48 Uptime (in days): 0 2021-01-07 20:41:48 ==== 2021-01-07 20:41:48 Performing test ID BOOT-5260 (Check single user mode for systemd) 2021-01-07 20:41:48 Test: Searching /usr/lib/systemd/system/rescue.service 2021-01-07 20:41:48 Result: file /usr/lib/systemd/system/rescue.service 2021-01-07 20:41:48 Test: checking presence sulogin for single user mode 2021-01-07 20:41:48 Result: found sulogin, so single user is protected 2021-01-07 20:41:48 Hardening: assigned maximum number of hardening points for this item (3). Currently having 6 points (out of 8) 2021-01-07 20:41:48 ==== 2021-01-07 20:41:48 Skipped test BOOT-5262 (Check for OpenBSD boot daemons) 2021-01-07 20:41:48 Reason to skip: Incorrect guest OS (OpenBSD only) 2021-01-07 20:41:48 ==== 2021-01-07 20:41:48 Skipped test BOOT-5263 (Check permissions for boot files/scripts) 2021-01-07 20:41:48 Reason to skip: Incorrect guest OS (OpenBSD only) 2021-01-07 20:41:48 ==== 2021-01-07 20:41:48 Performing test ID BOOT-5264 (Run systemd-analyze security) 2021-01-07 20:41:48 Test: Run systemd-analyze security 2021-01-07 20:41:49 Result: accounts-daemon.service: 9.6 UNSAFE 2021-01-07 20:41:49 Result: apache2.service: 9.2 UNSAFE 2021-01-07 20:41:49 Result: apport.service: 9.6 UNSAFE 2021-01-07 20:41:49 Result: atd.service: 9.6 UNSAFE 2021-01-07 20:41:49 Result: cron.service: 9.6 UNSAFE 2021-01-07 20:41:49 Result: dbus.service: 9.6 UNSAFE 2021-01-07 20:41:49 Result: dm-event.service: 9.5 UNSAFE 2021-01-07 20:41:49 Result: dmesg.service: 9.6 UNSAFE 2021-01-07 20:41:49 Result: emergency.service: 9.5 UNSAFE 2021-01-07 20:41:49 Result: getty@tty1.service: 9.6 UNSAFE 2021-01-07 20:41:49 Result: grub-common.service: 9.6 UNSAFE 2021-01-07 20:41:49 Result: irqbalance.service: 6.1 MEDIUM 2021-01-07 20:41:49 Result: iscsid.service: 9.5 UNSAFE 2021-01-07 20:41:49 Result: lvm2-lvmpolld.service: 9.5 UNSAFE 2021-01-07 20:41:49 Result: lxd-agent.service: 9.5 UNSAFE 2021-01-07 20:41:49 Result: multipathd.service: 9.5 UNSAFE 2021-01-07 20:41:49 Result: mysql.service: 9.2 UNSAFE 2021-01-07 20:41:49 Result: networkd-dispatcher.service: 9.6 UNSAFE 2021-01-07 20:41:49 Result: ondemand.service: 9.6 UNSAFE 2021-01-07 20:41:49 Result: open-vm-tools.service: 9.5 UNSAFE 2021-01-07 20:41:49 Result: plymouth-start.service: 9.5 UNSAFE 2021-01-07 20:41:49 Result: polkit.service: 9.6 UNSAFE 2021-01-07 20:41:49 Result: rc-local.service: 9.6 UNSAFE 2021-01-07 20:41:49 Result: rescue.service: 9.5 UNSAFE 2021-01-07 20:41:49 Result: rsync.service: 9.6 UNSAFE 2021-01-07 20:41:49 Result: rsyslog.service: 9.6 UNSAFE 2021-01-07 20:41:49 Result: snap.lxd.daemon.service: 9.6 UNSAFE 2021-01-07 20:41:49 Result: snapd.service: 9.6 UNSAFE 2021-01-07 20:41:49 Result: systemd-ask-password-console.service: 9.3 UNSAFE 2021-01-07 20:41:49 Result: systemd-ask-password-plymouth.service: 9.5 UNSAFE 2021-01-07 20:41:49 Result: systemd-ask-password-wall.service: 9.4 UNSAFE 2021-01-07 20:41:49 Result: systemd-fsckd.service: 9.5 UNSAFE 2021-01-07 20:41:49 Result: systemd-initctl.service: 9.3 UNSAFE 2021-01-07 20:41:49 Result: systemd-journald.service: 4.4 OK 2021-01-07 20:41:49 Result: systemd-logind.service: 2.8 OK 2021-01-07 20:41:49 Result: systemd-networkd.service: 3.1 OK 2021-01-07 20:41:49 Result: systemd-resolved.service: 2.2 OK 2021-01-07 20:41:49 Result: systemd-rfkill.service: 9.3 UNSAFE 2021-01-07 20:41:49 Result: systemd-timesyncd.service: 2.1 OK 2021-01-07 20:41:49 Result: systemd-udevd.service: 8.4 EXPOSED 2021-01-07 20:41:49 Result: thermald.service: 9.6 UNSAFE 2021-01-07 20:41:49 Result: unattended-upgrades.service: 9.6 UNSAFE 2021-01-07 20:41:49 Result: user@1000.service: 9.4 UNSAFE 2021-01-07 20:41:49 Result: uuidd.service: 4.5 OK 2021-01-07 20:41:49 Result: vgauth.service: 9.5 UNSAFE 2021-01-07 20:41:49 Suggestion: Consider hardening system services [test:BOOT-5264] [details:Run '/usr/bin/systemd-analyze security SERVICE' for each service] [solution:-] 2021-01-07 20:41:49 Security check: file is normal 2021-01-07 20:41:49 Checking permissions of /root/scans/lynis/include/tests_kernel 2021-01-07 20:41:49 File permissions are OK 2021-01-07 20:41:49 ==== 2021-01-07 20:41:49 Action: Performing tests from category: Kernel 2021-01-07 20:41:49 ==== 2021-01-07 20:41:49 Performing test ID KRNL-5622 (Determine Linux default run level) 2021-01-07 20:41:49 Test: Checking for systemd default.target 2021-01-07 20:41:49 Result: no systemd found, so trying inittab 2021-01-07 20:41:49 Test: Checking /etc/inittab 2021-01-07 20:41:49 Result: file /etc/inittab not found 2021-01-07 20:41:49 Test: Checking run level with who -r, for Debian based systems 2021-01-07 20:41:49 Result: Found default run level '5' 2021-01-07 20:41:49 ==== 2021-01-07 20:41:49 Performing test ID KRNL-5677 (Check CPU options and support) 2021-01-07 20:41:49 Test: Checking /proc/cpuinfo 2021-01-07 20:41:49 Result: found /proc/cpuinfo 2021-01-07 20:41:49 Test: Checking CPU options (XD/NX/PAE) 2021-01-07 20:41:49 PAE: Yes 2021-01-07 20:41:49 NX: Yes 2021-01-07 20:41:49 Result: PAE or No eXecute option(s) both found 2021-01-07 20:41:49 ==== 2021-01-07 20:41:49 Performing test ID KRNL-5695 (Determine Linux kernel version and release number) 2021-01-07 20:41:49 Result: found kernel release 5.4.0-59-generic 2021-01-07 20:41:49 Result: found kernel version #65-Ubuntu SMP Thu Dec 10 12:01:51 UTC 2020 2021-01-07 20:41:49 ==== 2021-01-07 20:41:49 Performing test ID KRNL-5723 (Determining if Linux kernel is monolithic) 2021-01-07 20:41:49 Test: checking if kernel is monolithic or modular 2021-01-07 20:41:49 Result: Found modular kernel 2021-01-07 20:41:49 ==== 2021-01-07 20:41:49 Performing test ID KRNL-5726 (Checking Linux loaded kernel modules) 2021-01-07 20:41:49 Loaded modules according lsmod: 2021-01-07 20:41:49 Loaded module: ac97_bus 2021-01-07 20:41:49 Loaded module: aesni_intel 2021-01-07 20:41:49 Loaded module: ahci 2021-01-07 20:41:49 Loaded module: async_memcpy 2021-01-07 20:41:49 Loaded module: async_pq 2021-01-07 20:41:49 Loaded module: async_raid6_recov 2021-01-07 20:41:49 Loaded module: async_tx 2021-01-07 20:41:49 Loaded module: async_xor 2021-01-07 20:41:49 Loaded module: autofs4 2021-01-07 20:41:49 Loaded module: btrfs 2021-01-07 20:41:49 Loaded module: crc32_pclmul 2021-01-07 20:41:49 Loaded module: crct10dif_pclmul 2021-01-07 20:41:49 Loaded module: cryptd 2021-01-07 20:41:49 Loaded module: crypto_simd 2021-01-07 20:41:49 Loaded module: dm_multipath 2021-01-07 20:41:49 Loaded module: drm 2021-01-07 20:41:49 Loaded module: drm_kms_helper 2021-01-07 20:41:49 Loaded module: e1000 2021-01-07 20:41:49 Loaded module: fb_sys_fops 2021-01-07 20:41:49 Loaded module: floppy 2021-01-07 20:41:49 Loaded module: gameport 2021-01-07 20:41:49 Loaded module: ghash_clmulni_intel 2021-01-07 20:41:49 Loaded module: glue_helper 2021-01-07 20:41:49 Loaded module: hid 2021-01-07 20:41:49 Loaded module: hid_generic 2021-01-07 20:41:49 Loaded module: i2c_piix4 2021-01-07 20:41:49 Loaded module: input_leds 2021-01-07 20:41:49 Loaded module: intel_rapl_common 2021-01-07 20:41:49 Loaded module: intel_rapl_msr 2021-01-07 20:41:49 Loaded module: ip_tables 2021-01-07 20:41:49 Loaded module: joydev 2021-01-07 20:41:49 Loaded module: libahci 2021-01-07 20:41:49 Loaded module: libcrc32c 2021-01-07 20:41:49 Loaded module: linear 2021-01-07 20:41:49 Loaded module: mac_hid 2021-01-07 20:41:49 Loaded module: mptbase 2021-01-07 20:41:49 Loaded module: mptscsih 2021-01-07 20:41:49 Loaded module: mptspi 2021-01-07 20:41:49 Loaded module: multipath 2021-01-07 20:41:49 Loaded module: pata_acpi 2021-01-07 20:41:49 Loaded module: psmouse 2021-01-07 20:41:49 Loaded module: raid0 2021-01-07 20:41:49 Loaded module: raid1 2021-01-07 20:41:49 Loaded module: raid10 2021-01-07 20:41:49 Loaded module: raid456 2021-01-07 20:41:49 Loaded module: raid6_pq 2021-01-07 20:41:49 Loaded module: rapl 2021-01-07 20:41:49 Loaded module: sb_edac 2021-01-07 20:41:49 Loaded module: sch_fq_codel 2021-01-07 20:41:49 Loaded module: scsi_dh_alua 2021-01-07 20:41:49 Loaded module: scsi_dh_emc 2021-01-07 20:41:49 Loaded module: scsi_dh_rdac 2021-01-07 20:41:49 Loaded module: scsi_transport_spi 2021-01-07 20:41:49 Loaded module: serio_raw 2021-01-07 20:41:49 Loaded module: snd 2021-01-07 20:41:49 Loaded module: snd_ac97_codec 2021-01-07 20:41:49 Loaded module: snd_ens1371 2021-01-07 20:41:49 Loaded module: snd_pcm 2021-01-07 20:41:49 Loaded module: snd_rawmidi 2021-01-07 20:41:49 Loaded module: snd_seq_device 2021-01-07 20:41:49 Loaded module: snd_timer 2021-01-07 20:41:49 Loaded module: soundcore 2021-01-07 20:41:49 Loaded module: syscopyarea 2021-01-07 20:41:49 Loaded module: sysfillrect 2021-01-07 20:41:49 Loaded module: sysimgblt 2021-01-07 20:41:49 Loaded module: ttm 2021-01-07 20:41:49 Loaded module: usbhid 2021-01-07 20:41:49 Loaded module: vmw_balloon 2021-01-07 20:41:49 Loaded module: vmw_vmci 2021-01-07 20:41:49 Loaded module: vmw_vsock_vmci_transport 2021-01-07 20:41:49 Loaded module: vmwgfx 2021-01-07 20:41:49 Loaded module: vsock 2021-01-07 20:41:49 Loaded module: x_tables 2021-01-07 20:41:49 Loaded module: xor 2021-01-07 20:41:49 Loaded module: zstd_compress 2021-01-07 20:41:49 ==== 2021-01-07 20:41:49 Performing test ID KRNL-5728 (Checking Linux kernel config) 2021-01-07 20:41:49 Result: found config (/boot/config-5.4.0-59-generic) 2021-01-07 20:41:49 ==== 2021-01-07 20:41:49 Performing test ID KRNL-5730 (Checking disk I/O kernel scheduler) 2021-01-07 20:41:49 Test: Checking the default I/O kernel scheduler 2021-01-07 20:41:49 Result: no default I/O kernel scheduler found 2021-01-07 20:41:49 ==== 2021-01-07 20:41:49 Skipped test KRNL-5745 (Checking FreeBSD loaded kernel modules) 2021-01-07 20:41:49 Reason to skip: Incorrect guest OS (FreeBSD only) 2021-01-07 20:41:49 ==== 2021-01-07 20:41:49 Skipped test KRNL-5831 (Checking DragonFly loaded kernel modules) 2021-01-07 20:41:49 Reason to skip: Incorrect guest OS (DragonFly only) 2021-01-07 20:41:49 ==== 2021-01-07 20:41:49 Skipped test KRNL-5770 (Checking active kernel modules) 2021-01-07 20:41:49 Reason to skip: Incorrect guest OS (Solaris only) 2021-01-07 20:41:49 ==== 2021-01-07 20:41:49 Performing test ID KRNL-5788 (Checking availability new Linux kernel) 2021-01-07 20:41:49 Test: Searching apt-cache, to determine if a newer kernel is available 2021-01-07 20:41:49 Result: found /usr/bin/apt-cache 2021-01-07 20:41:49 Test: checking presence of /vmlinuz or /boot/vmlinuz 2021-01-07 20:41:49 Result: found /boot/vmlinuz 2021-01-07 20:41:49 Test: checking readlink location of /boot/vmlinuz 2021-01-07 20:41:49 Output: readlink reported file /boot/vmlinuz-5.4.0-59-generic 2021-01-07 20:41:49 Test: checking package from dpkg -S 2021-01-07 20:41:49 Output: dpkg -S reported package linux-image-5.4.0-59-generic 2021-01-07 20:41:49 Test: Using apt-cache policy to determine if there is an update available 2021-01-07 20:41:49 Kernel installed: 5.4.0-59.65 2021-01-07 20:41:49 Kernel candidate: 5.4.0-59.65 2021-01-07 20:41:49 Result: no kernel update available 2021-01-07 20:41:49 ==== 2021-01-07 20:41:49 Performing test ID KRNL-5820 (Checking core dumps configuration) 2021-01-07 20:41:49 Test: Checking presence of systemd 2021-01-07 20:41:49 Result: systemd is present on this system 2021-01-07 20:41:49 Test: Checking if core dumps are disabled in /etc/systemd/coredump.conf and /etc/systemd/coredump.conf.d/*.conf 2021-01-07 20:41:49 Result: core dumps are not disabled in systemd configuration. Didn't find settings 'ProcessSizeMax=0' and 'Storage=none' 2021-01-07 20:41:49 Hardening: assigned partial number of hardening points (0 of 1). Currently having 6 points (out of 9) 2021-01-07 20:41:49 Test: Checking presence /etc/profile 2021-01-07 20:41:49 Test: Checking if 'ulimit -c 0' exists in /etc/profile or /etc/profile.d/*.sh 2021-01-07 20:41:49 Result: core dumps are not disabled in /etc/profile or /etc/profile.d/*.sh config files. Didn't find setting 'ulimit -c 0' 2021-01-07 20:41:49 Hardening: assigned partial number of hardening points (0 of 1). Currently having 6 points (out of 10) 2021-01-07 20:41:49 Test: Checking presence /etc/security/limits.conf 2021-01-07 20:41:49 Result: file /etc/security/limits.conf exists 2021-01-07 20:41:49 Test: Checking if core dumps are disabled in /etc/security/limits.conf and /etc/security/limits.d/* 2021-01-07 20:41:50 Result: core dumps are not explicitly disabled 2021-01-07 20:41:50 Suggestion: If not required, consider explicit disabling of core dump in /etc/security/limits.conf file [test:KRNL-5820] [details:-] [solution:-] 2021-01-07 20:41:50 Hardening: assigned partial number of hardening points (1 of 3). Currently having 7 points (out of 13) 2021-01-07 20:41:50 Test: Checking sysctl value of fs.suid_dumpable 2021-01-07 20:41:50 Result: value 2 found 2021-01-07 20:41:50 Result: programs can dump core dump, but only readable by root (value 2, for debugging with file protection) 2021-01-07 20:41:50 Hardening: assigned maximum number of hardening points for this item (1). Currently having 8 points (out of 14) 2021-01-07 20:41:50 ==== 2021-01-07 20:41:50 Performing test ID KRNL-5830 (Checking if system is running on the latest installed kernel) 2021-01-07 20:41:50 Test: Checking presence /var/run/reboot-required.pkgs 2021-01-07 20:41:50 Result: file /var/run/reboot-required.pkgs not found 2021-01-07 20:41:50 Result: /boot exists, performing more tests from here 2021-01-07 20:41:50 Result: found /boot/vmlinuz 2021-01-07 20:41:50 Result: found a symlink, retrieving destination 2021-01-07 20:41:50 Result: destination file is vmlinuz-5.4.0-59-generic 2021-01-07 20:41:50 Result: version derived from file name is '5.4.0-59-generic' 2021-01-07 20:41:50 Result: found version 5.4.0-59-generic 2021-01-07 20:41:50 Result: active kernel version 5.4.0-59-generic 2021-01-07 20:41:50 Result: no reboot needed, active kernel is the same version as the one on disk 2021-01-07 20:41:50 Result: /var/cache/apt/archives/ does not exist 2021-01-07 20:41:50 Hardening: assigned maximum number of hardening points for this item (5). Currently having 13 points (out of 19) 2021-01-07 20:41:50 Security check: file is normal 2021-01-07 20:41:50 Checking permissions of /root/scans/lynis/include/tests_memory_processes 2021-01-07 20:41:50 File permissions are OK 2021-01-07 20:41:50 ==== 2021-01-07 20:41:50 Action: Performing tests from category: Memory and Processes 2021-01-07 20:41:50 ==== 2021-01-07 20:41:50 Performing test ID PROC-3602 (Checking /proc/meminfo for memory details) 2021-01-07 20:41:50 Result: found /proc/meminfo 2021-01-07 20:41:50 Result: Found 4001744 kB memory 2021-01-07 20:41:50 ==== 2021-01-07 20:41:50 Skipped test PROC-3604 (Query prtconf for memory details) 2021-01-07 20:41:50 Reason to skip: Incorrect guest OS (Solaris only) 2021-01-07 20:41:50 ==== 2021-01-07 20:41:50 Performing test ID PROC-3612 (Check dead or zombie processes) 2021-01-07 20:41:50 Result: no zombie processes found 2021-01-07 20:41:50 ==== 2021-01-07 20:41:50 Performing test ID PROC-3614 (Check heavy IO waiting based processes) 2021-01-07 20:41:50 Result: No processes were waiting for IO requests to be handled first 2021-01-07 20:41:50 ==== 2021-01-07 20:41:50 Performing test ID PROC-3802 (Check presence of prelink tooling) 2021-01-07 20:41:50 Result: prelink package is NOT installed 2021-01-07 20:41:50 Hardening: assigned maximum number of hardening points for this item (3). Currently having 16 points (out of 22) 2021-01-07 20:41:50 Security check: file is normal 2021-01-07 20:41:50 Checking permissions of /root/scans/lynis/include/tests_authentication 2021-01-07 20:41:50 File permissions are OK 2021-01-07 20:41:50 ==== 2021-01-07 20:41:50 Action: Performing tests from category: Users, Groups and Authentication 2021-01-07 20:41:50 ==== 2021-01-07 20:41:50 Performing test ID AUTH-9204 (Check users with an UID of zero) 2021-01-07 20:41:50 Test: Searching accounts with UID 0 2021-01-07 20:41:50 Result: No accounts found with UID 0 other than root. 2021-01-07 20:41:50 ==== 2021-01-07 20:41:50 Performing test ID AUTH-9208 (Check non-unique accounts in passwd file) 2021-01-07 20:41:50 Test: Checking for non-unique accounts 2021-01-07 20:41:50 Result: all accounts found in /etc/passwd are unique 2021-01-07 20:41:50 Remarks: Non unique UIDs can be a risk for the system or part of a configuration mistake 2021-01-07 20:41:50 Prerequisite test: /usr/sbin/chkgrp 2021-01-07 20:41:50 ==== 2021-01-07 20:41:50 Skipped test AUTH-9212 (Test group file) 2021-01-07 20:41:50 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:41:50 ==== 2021-01-07 20:41:50 Performing test ID AUTH-9216 (Check group and shadow group files) 2021-01-07 20:41:50 Test: Checking for grpck binary output 2021-01-07 20:41:50 Result: grpck binary didn't find any errors in the group files 2021-01-07 20:41:50 ==== 2021-01-07 20:41:50 Skipped test AUTH-9218 (Check login shells for passwordless accounts) 2021-01-07 20:41:50 Reason to skip: Incorrect guest OS (DragonFly FreeBSD NetBSD OpenBSD only) 2021-01-07 20:41:50 ==== 2021-01-07 20:41:50 Performing test ID AUTH-9222 (Check unique groups (IDs)) 2021-01-07 20:41:50 Test: Checking for non unique group ID's in /etc/group 2021-01-07 20:41:50 Result: All group ID's are unique 2021-01-07 20:41:50 ==== 2021-01-07 20:41:50 Performing test ID AUTH-9226 (Check unique group names) 2021-01-07 20:41:50 Test: Checking for non unique group names in /etc/group 2021-01-07 20:41:50 Result: All group names are unique 2021-01-07 20:41:50 ==== 2021-01-07 20:41:50 Performing test ID AUTH-9228 (Check password file consistency with pwck) 2021-01-07 20:41:50 Test: Checking password file consistency (pwck) 2021-01-07 20:41:50 Result: pwck check didn't find any problems 2021-01-07 20:41:50 Hardening: assigned maximum number of hardening points for this item (2). Currently having 18 points (out of 24) 2021-01-07 20:41:50 ==== 2021-01-07 20:41:50 Performing test ID AUTH-9229 (Check password hashing methods) 2021-01-07 20:41:50 Test: Checking password hashing methods 2021-01-07 20:41:50 Result: poor password hashing methods found: sha256crypt/sha512crypt(default<=5000rounds) 2021-01-07 20:41:50 Suggestion: Check PAM configuration, add rounds if applicable and expire passwords to encrypt with new values [test:AUTH-9229] [details:-] [solution:-] 2021-01-07 20:41:50 Hardening: assigned partial number of hardening points (0 of 2). Currently having 18 points (out of 26) 2021-01-07 20:41:50 ==== 2021-01-07 20:41:50 Performing test ID AUTH-9230 (Check password hashing rounds) 2021-01-07 20:41:50 Test: Checking SHA_CRYPT_{MIN,MAX}_ROUNDS option in /etc/login.defs 2021-01-07 20:41:50 Result: number of password hashing rounds is not configured 2021-01-07 20:41:50 Suggestion: Configure password hashing rounds in /etc/login.defs [test:AUTH-9230] [details:-] [solution:-] 2021-01-07 20:41:50 Hardening: assigned partial number of hardening points (0 of 2). Currently having 18 points (out of 28) 2021-01-07 20:41:50 ==== 2021-01-07 20:41:50 Performing test ID AUTH-9234 (Query user accounts) 2021-01-07 20:41:50 Test: Read system users (including root user) from password database (e.g. /etc/passwd) 2021-01-07 20:41:50 Result: found minimal user id specified: 1000 2021-01-07 20:41:50 Linux real users output (ID = 0, or 1000+, but not 65534): 2021-01-07 20:41:50 Real user: root,0 2021-01-07 20:41:50 Real user: ll,1000 2021-01-07 20:41:50 ==== 2021-01-07 20:41:50 Performing test ID AUTH-9240 (Query NIS+ authentication support) 2021-01-07 20:41:50 Result: NIS+ authentication not enabled 2021-01-07 20:41:50 ==== 2021-01-07 20:41:50 Performing test ID AUTH-9242 (Query NIS authentication support) 2021-01-07 20:41:50 Result: NIS authentication not enabled 2021-01-07 20:41:50 ==== 2021-01-07 20:41:50 Performing test ID AUTH-9250 (Checking sudoers file) 2021-01-07 20:41:50 Test: checking presence /etc/sudoers 2021-01-07 20:41:50 Result: found file (/etc/sudoers) 2021-01-07 20:41:50 Test: checking presence /usr/local/etc/sudoers 2021-01-07 20:41:50 Result: file /usr/local/etc/sudoers not found 2021-01-07 20:41:50 Test: checking presence /usr/pkg/etc/sudoers 2021-01-07 20:41:50 Result: file /usr/pkg/etc/sudoers not found 2021-01-07 20:41:50 Result: sudoers file found (/etc/sudoers) 2021-01-07 20:41:50 ==== 2021-01-07 20:41:50 Performing test ID AUTH-9252 (Check ownership and permissions for sudo configuration files) 2021-01-07 20:41:50 Test: checking drop-in directory (/etc/sudoers.d) 2021-01-07 20:41:50 Result: Found directory permissions: rwxr-xr-x and owner UID GID: 00 2021-01-07 20:41:50 Result: directory /etc/sudoers.d has possibly unsafe permissions 2021-01-07 20:41:50 Result: directory /etc/sudoers.d ownership OK 2021-01-07 20:41:50 Test: checking file (/etc/sudoers) 2021-01-07 20:41:50 Result: Found file permissions: r--r----- and owner UID GID: 00 2021-01-07 20:41:50 Result: file /etc/sudoers permissions OK 2021-01-07 20:41:50 Result: file /etc/sudoers ownership OK 2021-01-07 20:41:50 Test: checking file (/etc/sudoers.d/README) 2021-01-07 20:41:50 Result: Found file permissions: r--r----- and owner UID GID: 00 2021-01-07 20:41:50 Result: file /etc/sudoers.d/README permissions OK 2021-01-07 20:41:50 Result: file /etc/sudoers.d/README ownership OK 2021-01-07 20:41:50 Test: checking file (/etc/sudoers.d/99-snapd.conf) 2021-01-07 20:41:50 Result: Found file permissions: r--r----- and owner UID GID: 00 2021-01-07 20:41:50 Result: file /etc/sudoers.d/99-snapd.conf permissions OK 2021-01-07 20:41:50 Result: file /etc/sudoers.d/99-snapd.conf ownership OK 2021-01-07 20:41:50 ==== 2021-01-07 20:41:50 Skipped test AUTH-9254 (Solaris passwordless accounts) 2021-01-07 20:41:50 Reason to skip: Incorrect guest OS (Solaris only) 2021-01-07 20:41:50 ==== 2021-01-07 20:41:50 Performing test ID AUTH-9262 (Checking presence password strength testing tools (PAM)) 2021-01-07 20:41:50 Searching PAM password testing modules (cracklib, passwdqc, pwquality) 2021-01-07 20:41:50 Result: pam_cracklib.so NOT found (crack library PAM) 2021-01-07 20:41:50 Result: pam_passwdqc.so NOT found (passwd quality control PAM) 2021-01-07 20:41:50 Result: pam_pwquality.so NOT found (pwquality control PAM) 2021-01-07 20:41:50 Result: no PAM modules for password strength testing found 2021-01-07 20:41:50 Suggestion: Install a PAM module for password strength testing like pam_cracklib or pam_passwdqc [test:AUTH-9262] [details:-] [solution:-] 2021-01-07 20:41:50 Hardening: assigned partial number of hardening points (0 of 3). Currently having 18 points (out of 31) 2021-01-07 20:41:50 ==== 2021-01-07 20:41:50 Performing test ID AUTH-9264 (Checking presence pam.conf) 2021-01-07 20:41:50 Test: Checking file /etc/pam.conf 2021-01-07 20:41:50 Result: file /etc/pam.conf exists 2021-01-07 20:41:50 Test: searching PAM configuration files 2021-01-07 20:41:50 Result: File has no configuration options defined (empty, or only filled with comments and empty lines) 2021-01-07 20:41:50 ==== 2021-01-07 20:41:50 Performing test ID AUTH-9266 (Checking presence pam.d files) 2021-01-07 20:41:50 Test: Checking directory /etc/pam.d 2021-01-07 20:41:50 Result: directory /etc/pam.d exists 2021-01-07 20:41:50 Test: searching PAM configuration files 2021-01-07 20:41:50 Found file: /etc/pam.d/atd 2021-01-07 20:41:50 Found file: /etc/pam.d/chfn 2021-01-07 20:41:50 Found file: /etc/pam.d/chpasswd 2021-01-07 20:41:50 Found file: /etc/pam.d/chsh 2021-01-07 20:41:50 Found file: /etc/pam.d/common-account 2021-01-07 20:41:50 Found file: /etc/pam.d/common-auth 2021-01-07 20:41:50 Found file: /etc/pam.d/common-password 2021-01-07 20:41:50 Found file: /etc/pam.d/common-session 2021-01-07 20:41:50 Found file: /etc/pam.d/common-session-noninteractive 2021-01-07 20:41:50 Found file: /etc/pam.d/cron 2021-01-07 20:41:50 Found file: /etc/pam.d/login 2021-01-07 20:41:50 Found file: /etc/pam.d/newusers 2021-01-07 20:41:50 Found file: /etc/pam.d/other 2021-01-07 20:41:50 Found file: /etc/pam.d/passwd 2021-01-07 20:41:50 Found file: /etc/pam.d/polkit-1 2021-01-07 20:41:50 Found file: /etc/pam.d/runuser 2021-01-07 20:41:50 Found file: /etc/pam.d/runuser-l 2021-01-07 20:41:50 Found file: /etc/pam.d/su 2021-01-07 20:41:50 Found file: /etc/pam.d/su-l 2021-01-07 20:41:50 Found file: /etc/pam.d/sudo 2021-01-07 20:41:50 Found file: /etc/pam.d/systemd-user 2021-01-07 20:41:50 Found file: /etc/pam.d/vmtoolsd 2021-01-07 20:41:50 ==== 2021-01-07 20:41:50 Performing test ID AUTH-9268 (Checking presence pam.d files) 2021-01-07 20:41:50 Test: Searching pam modules 2021-01-07 20:41:50 Test: Checking /lib/arm-linux-gnueabihf/security 2021-01-07 20:41:50 Result: directory /lib/arm-linux-gnueabihf/security could not be found or is a symlink to another directory 2021-01-07 20:41:50 Test: Checking /lib/i386-linux-gnu/security 2021-01-07 20:41:50 Result: directory /lib/i386-linux-gnu/security could not be found or is a symlink to another directory 2021-01-07 20:41:50 Test: Checking /lib/security 2021-01-07 20:41:50 Result: directory /lib/security could not be found or is a symlink to another directory 2021-01-07 20:41:50 Test: Checking /lib/x86_64-linux-gnu/security 2021-01-07 20:41:50 Result: directory /lib/x86_64-linux-gnu/security exists 2021-01-07 20:41:50 Found file: /lib/x86_64-linux-gnu/security/pam_access.so 2021-01-07 20:41:50 Found file: /lib/x86_64-linux-gnu/security/pam_cap.so 2021-01-07 20:41:50 Found file: /lib/x86_64-linux-gnu/security/pam_debug.so 2021-01-07 20:41:50 Found file: /lib/x86_64-linux-gnu/security/pam_deny.so 2021-01-07 20:41:50 Found file: /lib/x86_64-linux-gnu/security/pam_echo.so 2021-01-07 20:41:50 Found file: /lib/x86_64-linux-gnu/security/pam_env.so 2021-01-07 20:41:50 Found file: /lib/x86_64-linux-gnu/security/pam_exec.so 2021-01-07 20:41:50 Found file: /lib/x86_64-linux-gnu/security/pam_extrausers.so 2021-01-07 20:41:50 Found file: /lib/x86_64-linux-gnu/security/pam_faildelay.so 2021-01-07 20:41:50 Found file: /lib/x86_64-linux-gnu/security/pam_filter.so 2021-01-07 20:41:50 Found file: /lib/x86_64-linux-gnu/security/pam_ftp.so 2021-01-07 20:41:50 Found file: /lib/x86_64-linux-gnu/security/pam_group.so 2021-01-07 20:41:50 Found file: /lib/x86_64-linux-gnu/security/pam_issue.so 2021-01-07 20:41:50 Found file: /lib/x86_64-linux-gnu/security/pam_keyinit.so 2021-01-07 20:41:50 Found file: /lib/x86_64-linux-gnu/security/pam_lastlog.so 2021-01-07 20:41:50 Found file: /lib/x86_64-linux-gnu/security/pam_limits.so 2021-01-07 20:41:50 Found file: /lib/x86_64-linux-gnu/security/pam_listfile.so 2021-01-07 20:41:50 Found file: /lib/x86_64-linux-gnu/security/pam_localuser.so 2021-01-07 20:41:50 Found file: /lib/x86_64-linux-gnu/security/pam_loginuid.so 2021-01-07 20:41:50 Found file: /lib/x86_64-linux-gnu/security/pam_mail.so 2021-01-07 20:41:50 Found file: /lib/x86_64-linux-gnu/security/pam_mkhomedir.so 2021-01-07 20:41:50 Found file: /lib/x86_64-linux-gnu/security/pam_motd.so 2021-01-07 20:41:50 Found file: /lib/x86_64-linux-gnu/security/pam_namespace.so 2021-01-07 20:41:50 Found file: /lib/x86_64-linux-gnu/security/pam_nologin.so 2021-01-07 20:41:50 Found file: /lib/x86_64-linux-gnu/security/pam_permit.so 2021-01-07 20:41:50 Found file: /lib/x86_64-linux-gnu/security/pam_pwhistory.so 2021-01-07 20:41:50 Found file: /lib/x86_64-linux-gnu/security/pam_rhosts.so 2021-01-07 20:41:50 Found file: /lib/x86_64-linux-gnu/security/pam_rootok.so 2021-01-07 20:41:50 Found file: /lib/x86_64-linux-gnu/security/pam_securetty.so 2021-01-07 20:41:50 Found file: /lib/x86_64-linux-gnu/security/pam_selinux.so 2021-01-07 20:41:50 Found file: /lib/x86_64-linux-gnu/security/pam_sepermit.so 2021-01-07 20:41:50 Found file: /lib/x86_64-linux-gnu/security/pam_shells.so 2021-01-07 20:41:50 Found file: /lib/x86_64-linux-gnu/security/pam_stress.so 2021-01-07 20:41:50 Found file: /lib/x86_64-linux-gnu/security/pam_succeed_if.so 2021-01-07 20:41:50 Found file: /lib/x86_64-linux-gnu/security/pam_systemd.so 2021-01-07 20:41:50 Found file: /lib/x86_64-linux-gnu/security/pam_tally.so 2021-01-07 20:41:50 Found file: /lib/x86_64-linux-gnu/security/pam_tally2.so 2021-01-07 20:41:50 Found file: /lib/x86_64-linux-gnu/security/pam_time.so 2021-01-07 20:41:50 Found file: /lib/x86_64-linux-gnu/security/pam_timestamp.so 2021-01-07 20:41:50 Found file: /lib/x86_64-linux-gnu/security/pam_tty_audit.so 2021-01-07 20:41:50 Found file: /lib/x86_64-linux-gnu/security/pam_umask.so 2021-01-07 20:41:50 Found file: /lib/x86_64-linux-gnu/security/pam_unix.so 2021-01-07 20:41:50 Found file: /lib/x86_64-linux-gnu/security/pam_userdb.so 2021-01-07 20:41:50 Found file: /lib/x86_64-linux-gnu/security/pam_warn.so 2021-01-07 20:41:50 Found file: /lib/x86_64-linux-gnu/security/pam_wheel.so 2021-01-07 20:41:50 Found file: /lib/x86_64-linux-gnu/security/pam_xauth.so 2021-01-07 20:41:50 Test: Checking /lib64/security 2021-01-07 20:41:50 Result: directory /lib64/security could not be found or is a symlink to another directory 2021-01-07 20:41:50 Test: Checking /usr/lib 2021-01-07 20:41:50 Result: directory /usr/lib exists 2021-01-07 20:41:50 Test: Checking /usr/lib/security 2021-01-07 20:41:50 Result: directory /usr/lib/security could not be found or is a symlink to another directory 2021-01-07 20:41:50 ==== 2021-01-07 20:41:50 Performing test ID AUTH-9278 (Determine LDAP support in PAM files) 2021-01-07 20:41:50 Test: checking presence /etc/pam.d/common-auth 2021-01-07 20:41:50 Result: file /etc/pam.d/common-auth exists 2021-01-07 20:41:50 Test: checking presence LDAP module 2021-01-07 20:41:50 Result: LDAP module not found 2021-01-07 20:41:50 Test: checking presence /etc/pam.d/system-auth 2021-01-07 20:41:50 Result: file /etc/pam.d/system-auth not found, skipping test 2021-01-07 20:41:50 ==== 2021-01-07 20:41:50 Performing test ID AUTH-9282 (Checking password protected account without expire date) 2021-01-07 20:41:50 Test: Checking Linux version and password expire date status 2021-01-07 20:41:50 Result: found one or more accounts without expire date set 2021-01-07 20:41:50 Account without expire date: ll 2021-01-07 20:41:50 Suggestion: When possible set expire dates for all password protected accounts [test:AUTH-9282] [details:-] [solution:-] 2021-01-07 20:41:50 ==== 2021-01-07 20:41:50 Performing test ID AUTH-9283 (Checking accounts without password) 2021-01-07 20:41:50 Test: Checking passwordless accounts 2021-01-07 20:41:50 Result: all accounts seem to have a password 2021-01-07 20:41:50 ==== 2021-01-07 20:41:50 Performing test ID AUTH-9284 (Check locked user accounts in /etc/passwd) 2021-01-07 20:41:50 Test: Checking locked accounts 2021-01-07 20:41:51 Result: all accounts seem to be unlocked 2021-01-07 20:41:51 ==== 2021-01-07 20:41:51 Performing test ID AUTH-9286 (Checking user password aging) 2021-01-07 20:41:51 Test: Checking PASS_MIN_DAYS option in /etc/login.defs 2021-01-07 20:41:51 Result: password minimum age is not configured 2021-01-07 20:41:51 Suggestion: Configure minimum password age in /etc/login.defs [test:AUTH-9286] [details:-] [solution:-] 2021-01-07 20:41:51 Hardening: assigned partial number of hardening points (0 of 1). Currently having 18 points (out of 32) 2021-01-07 20:41:51 Test: Checking PASS_MAX_DAYS option in /etc/login.defs 2021-01-07 20:41:51 Result: password aging limits are not configured 2021-01-07 20:41:51 Suggestion: Configure maximum password age in /etc/login.defs [test:AUTH-9286] [details:-] [solution:-] 2021-01-07 20:41:51 Hardening: assigned partial number of hardening points (0 of 1). Currently having 18 points (out of 33) 2021-01-07 20:41:51 ==== 2021-01-07 20:41:51 Performing test ID AUTH-9288 (Checking for expired passwords) 2021-01-07 20:41:51 Test: check if we can access /etc/shadow (escaped: /etc/shadow) 2021-01-07 20:41:51 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:41:51 Result: file /etc/shadow is readable (or directory accessible). 2021-01-07 20:41:51 Data: Days since epoch is 18634 2021-01-07 20:41:51 Test: collecting accounts which have an expired password (last day changed + maximum change time) 2021-01-07 20:41:51 Result: good, no passwords have been expired 2021-01-07 20:41:51 Hardening: assigned maximum number of hardening points for this item (10). Currently having 28 points (out of 43) 2021-01-07 20:41:51 ==== 2021-01-07 20:41:51 Skipped test AUTH-9304 (Check single user login configuration) 2021-01-07 20:41:51 Reason to skip: Incorrect guest OS (Solaris only) 2021-01-07 20:41:51 ==== 2021-01-07 20:41:51 Skipped test AUTH-9306 (Check single boot authentication) 2021-01-07 20:41:51 Reason to skip: Incorrect guest OS (HP-UX only) 2021-01-07 20:41:51 ==== 2021-01-07 20:41:51 Performing test ID AUTH-9308 (Check single user login configuration) 2021-01-07 20:41:51 Test: going to check several systemd targets now 2021-01-07 20:41:51 Test: checking if target console-shell.service is available (/lib/systemd/system/console-shell.service) 2021-01-07 20:41:51 Result: target console-shell.service not found 2021-01-07 20:41:51 Test: checking if target emergency.service is available (/lib/systemd/system/emergency.service) 2021-01-07 20:41:51 Result: found target emergency.service 2021-01-07 20:41:51 Result: sulogin was found, which is a good measure to protect single user mode 2021-01-07 20:41:51 Test: checking if target rescue.service is available (/lib/systemd/system/rescue.service) 2021-01-07 20:41:51 Result: found target rescue.service 2021-01-07 20:41:51 Result: sulogin was found, which is a good measure to protect single user mode 2021-01-07 20:41:51 Result: option set, password is needed at single user mode boot 2021-01-07 20:41:51 Hardening: assigned maximum number of hardening points for this item (2). Currently having 30 points (out of 45) 2021-01-07 20:41:51 ==== 2021-01-07 20:41:51 Performing test ID AUTH-9328 (Default umask values) 2021-01-07 20:41:51 Test: Checking /etc/profile.d directory 2021-01-07 20:41:51 Result: found /etc/profile.d, with one or more files in it 2021-01-07 20:41:51 Test: Checking /etc/profile 2021-01-07 20:41:51 Result: file /etc/profile exists 2021-01-07 20:41:51 Test: Checking umask value in /etc/profile 2021-01-07 20:41:51 Result: did not find umask in /etc/profile 2021-01-07 20:41:51 Result: found no umask. Please check if this is correct 2021-01-07 20:41:51 Test: Checking umask entries in /etc/passwd (pam_umask) 2021-01-07 20:41:51 Result: file /etc/passwd exists 2021-01-07 20:41:51 Test: Checking umask value in /etc/passwd 2021-01-07 20:41:51 Manual: one or more manual actions are required for further testing of this control/plugin 2021-01-07 20:41:51 Test: Checking /etc/login.defs 2021-01-07 20:41:51 Result: file /etc/login.defs exists 2021-01-07 20:41:51 Test: Checking umask value in /etc/login.defs 2021-01-07 20:41:51 Result: found umask 022, which could be improved 2021-01-07 20:41:51 Suggestion: Default umask in /etc/login.defs could be more strict like 027 [test:AUTH-9328] [details:-] [solution:-] 2021-01-07 20:41:51 Hardening: assigned partial number of hardening points (0 of 2). Currently having 30 points (out of 47) 2021-01-07 20:41:51 Test: Checking /etc/init.d/functions 2021-01-07 20:41:51 Result: file /etc/init.d/functions does not exist 2021-01-07 20:41:51 Test: Checking /etc/init.d/rc 2021-01-07 20:41:51 Result: file /etc/init.d/rc does not exist 2021-01-07 20:41:51 Test: Checking /etc/init.d/rcS 2021-01-07 20:41:51 Result: file /etc/init.d/rcS does not exist 2021-01-07 20:41:51 ==== 2021-01-07 20:41:51 Skipped test AUTH-9340 (Solaris account locking) 2021-01-07 20:41:51 Reason to skip: Incorrect guest OS (Solaris only) 2021-01-07 20:41:51 ==== 2021-01-07 20:41:51 Performing test ID AUTH-9402 (Query LDAP authentication support) 2021-01-07 20:41:51 Result: LDAP authentication not enabled 2021-01-07 20:41:51 ==== 2021-01-07 20:41:51 Skipped test AUTH-9406 (Query LDAP servers in client configuration) 2021-01-07 20:41:51 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:41:51 ==== 2021-01-07 20:41:51 Performing test ID AUTH-9408 (Logging of failed login attempts) 2021-01-07 20:41:51 Result: did not find /var/log/tallylog on disk or its file size is zero bytes 2021-01-07 20:41:51 Result: found pam_tally2 module on disk 2021-01-07 20:41:51 Outcome: it looks like pam_tally2 is not configured to log failed login attempts 2021-01-07 20:41:51 Test: Checking FAILLOG_ENAB option in /etc/login.defs 2021-01-07 20:41:51 Result: FAILLOG_ENAB is set to 'yes' 2021-01-07 20:41:51 Outcome: failed login attempts are logged in /var/log/faillog 2021-01-07 20:41:51 Hardening: assigned maximum number of hardening points for this item (3). Currently having 33 points (out of 50) 2021-01-07 20:41:51 ==== 2021-01-07 20:41:51 Skipped test AUTH-9409 (Checking /etc/doas.conf file) 2021-01-07 20:41:51 Reason to skip: Incorrect guest OS (OpenBSD only) 2021-01-07 20:41:51 ==== 2021-01-07 20:41:51 Skipped test AUTH-9410 (Check /etc/doas.conf file permissions) 2021-01-07 20:41:51 Reason to skip: Incorrect guest OS (OpenBSD only) 2021-01-07 20:41:51 Security check: file is normal 2021-01-07 20:41:51 Checking permissions of /root/scans/lynis/include/tests_shells 2021-01-07 20:41:51 File permissions are OK 2021-01-07 20:41:51 ==== 2021-01-07 20:41:51 Action: Performing tests from category: Shells 2021-01-07 20:41:51 ==== 2021-01-07 20:41:51 Skipped test SHLL-6202 (Check console TTYs) 2021-01-07 20:41:51 Reason to skip: Incorrect guest OS (FreeBSD only) 2021-01-07 20:41:51 ==== 2021-01-07 20:41:51 Performing test ID SHLL-6211 (Available and valid shells) 2021-01-07 20:41:51 Test: Searching for /etc/shells 2021-01-07 20:41:51 Result: Found /etc/shells file 2021-01-07 20:41:51 Test: Reading available shells from /etc/shells 2021-01-07 20:41:51 Found installed shell: /bin/sh 2021-01-07 20:41:51 Found installed shell: /bin/bash 2021-01-07 20:41:51 Found installed shell: /usr/bin/bash 2021-01-07 20:41:51 Found installed shell: /bin/rbash 2021-01-07 20:41:51 Found installed shell: /usr/bin/rbash 2021-01-07 20:41:51 Found installed shell: /bin/dash 2021-01-07 20:41:51 Found installed shell: /usr/bin/dash 2021-01-07 20:41:51 Found installed shell: /usr/bin/tmux 2021-01-07 20:41:51 Found installed shell: /usr/bin/screen 2021-01-07 20:41:51 ==== 2021-01-07 20:41:51 Performing test ID SHLL-6220 (Idle session killing tools or settings) 2021-01-07 20:41:51 Test: Search for session timeout tools or settings in shell 2021-01-07 20:41:51 Performing pgrep scan without uid 2021-01-07 20:41:51 IsRunning: process 'timeoutd' not found 2021-01-07 20:41:51 Performing pgrep scan without uid 2021-01-07 20:41:51 IsRunning: process 'autolog' not found 2021-01-07 20:41:51 Result: could not find TMOUT setting in /etc/profile 2021-01-07 20:41:51 Result: could not find export, readonly or typeset -r in /etc/profile 2021-01-07 20:41:51 Result: could not find TMOUT setting in /etc/profile.d/*.sh 2021-01-07 20:41:51 Result: could not find export, readonly or typeset -r in /etc/profile 2021-01-07 20:41:51 Hardening: assigned partial number of hardening points (1 of 3). Currently having 34 points (out of 53) 2021-01-07 20:41:51 ==== 2021-01-07 20:41:51 Performing test ID SHLL-6230 (Perform umask check for shell configurations) 2021-01-07 20:41:51 Result: file /etc/bashrc not found 2021-01-07 20:41:51 Result: file /etc/bash.bashrc exists 2021-01-07 20:41:51 Result: did not find umask configured in /etc/bash.bashrc 2021-01-07 20:41:51 Result: file /etc/bash.bashrc.local not found 2021-01-07 20:41:51 Result: file /etc/csh.cshrc not found 2021-01-07 20:41:51 Result: file /etc/profile exists 2021-01-07 20:41:51 Result: did not find umask configured in /etc/profile 2021-01-07 20:41:51 Security check: file is normal 2021-01-07 20:41:51 Checking permissions of /root/scans/lynis/include/tests_filesystems 2021-01-07 20:41:51 File permissions are OK 2021-01-07 20:41:51 ==== 2021-01-07 20:41:51 Action: Performing tests from category: File systems 2021-01-07 20:41:51 ==== 2021-01-07 20:41:51 Performing test ID FILE-6310 (Checking /tmp, /home and /var directory) 2021-01-07 20:41:51 Test: Checking if /home is mounted separately or mounted on / file system 2021-01-07 20:41:51 Result: directory /home exists 2021-01-07 20:41:51 Result: /home not found in mount list. Directory most likely stored on / file system 2021-01-07 20:41:51 Suggestion: To decrease the impact of a full /home file system, place /home on a separate partition [test:FILE-6310] [details:-] [solution:-] 2021-01-07 20:41:51 Hardening: assigned partial number of hardening points (9 of 10). Currently having 43 points (out of 63) 2021-01-07 20:41:51 Test: Checking if /tmp is mounted separately or mounted on / file system 2021-01-07 20:41:51 Result: directory /tmp exists 2021-01-07 20:41:51 Result: /tmp not found in mount list. Directory most likely stored on / file system 2021-01-07 20:41:51 Suggestion: To decrease the impact of a full /tmp file system, place /tmp on a separate partition [test:FILE-6310] [details:-] [solution:-] 2021-01-07 20:41:51 Hardening: assigned partial number of hardening points (9 of 10). Currently having 52 points (out of 73) 2021-01-07 20:41:51 Test: Checking if /var is mounted separately or mounted on / file system 2021-01-07 20:41:51 Result: directory /var exists 2021-01-07 20:41:51 Result: /var not found in mount list. Directory most likely stored on / file system 2021-01-07 20:41:51 Suggestion: To decrease the impact of a full /var file system, place /var on a separate partition [test:FILE-6310] [details:-] [solution:-] 2021-01-07 20:41:51 Hardening: assigned partial number of hardening points (9 of 10). Currently having 61 points (out of 83) 2021-01-07 20:41:51 ==== 2021-01-07 20:41:51 Performing test ID FILE-6311 (Checking LVM volume groups) 2021-01-07 20:41:51 Test: Checking for LVM volume groups 2021-01-07 20:41:51 Result: found one or more volume groups 2021-01-07 20:41:51 Found LVM volume group: ubuntu-vg 2021-01-07 20:41:51 ==== 2021-01-07 20:41:51 Performing test ID FILE-6312 (Checking LVM volumes) 2021-01-07 20:41:51 Test: Checking for LVM volumes 2021-01-07 20:41:51 Result: found one or more volumes 2021-01-07 20:41:51 Found LVM volume: ubuntu-lv 2021-01-07 20:41:51 ==== 2021-01-07 20:41:52 Performing test ID FILE-6323 (Checking EXT file systems) 2021-01-07 20:41:52 Test: Checking for Linux EXT file systems 2021-01-07 20:41:52 Result: found one or more EXT file systems 2021-01-07 20:41:52 File system: / (type: ext4) 2021-01-07 20:41:52 File system: /boot (type: ext4) 2021-01-07 20:41:52 ==== 2021-01-07 20:41:52 Performing test ID FILE-6324 (Checking XFS file systems) 2021-01-07 20:41:52 Test: Checking for Linux XFS file systems 2021-01-07 20:41:52 Result: no XFS file systems found 2021-01-07 20:41:52 ==== 2021-01-07 20:41:52 Performing test ID FILE-6329 (Checking FFS/UFS file systems) 2021-01-07 20:41:52 Test: Query /etc/fstab for available FFS/UFS mount points 2021-01-07 20:41:52 Result: unable to find any single mount point (FFS/UFS) 2021-01-07 20:41:52 ==== 2021-01-07 20:41:52 Skipped test FILE-6330 (Checking ZFS file systems) 2021-01-07 20:41:52 Reason to skip: Incorrect guest OS (FreeBSD only) 2021-01-07 20:41:52 ==== 2021-01-07 20:41:52 Skipped test FILE-6439 (Checking HAMMER PFS mounts) 2021-01-07 20:41:52 Reason to skip: Incorrect guest OS (DragonFly only) 2021-01-07 20:41:52 ==== 2021-01-07 20:41:52 Performing test ID FILE-6332 (Checking swap partitions) 2021-01-07 20:41:52 Test: query swap partitions from /etc/fstab file 2021-01-07 20:41:52 Swap partition found: /swap.img 2021-01-07 20:41:52 ==== 2021-01-07 20:41:52 Performing test ID FILE-6336 (Checking swap mount options) 2021-01-07 20:41:52 Test: check swap partitions with incorrect mount options 2021-01-07 20:41:52 Result: all swap partitions have correct options (sw or swap) 2021-01-07 20:41:52 ==== 2021-01-07 20:41:52 Performing test ID FILE-6344 (Checking proc mount options) 2021-01-07 20:41:52 Test: check proc mount with incorrect mount options 2021-01-07 20:41:52 Hardening: assigned partial number of hardening points (0 of 3). Currently having 61 points (out of 86) 2021-01-07 20:41:52 Result: /proc filesystem is not mounted with option hidepid=1 or hidepid=2 2021-01-07 20:41:52 ==== 2021-01-07 20:41:52 Performing test ID FILE-6354 (Searching for old files in /tmp) 2021-01-07 20:41:52 Test: Searching for old files in /tmp 2021-01-07 20:41:52 Result: no files found in /tmp which are older than 3 months 2021-01-07 20:41:52 ==== 2021-01-07 20:41:52 Performing test ID FILE-6362 (Checking /tmp sticky bit) 2021-01-07 20:41:52 Result: sticky bit found on /tmp directory 2021-01-07 20:41:52 Hardening: assigned maximum number of hardening points for this item (3). Currently having 64 points (out of 89) 2021-01-07 20:41:52 ==== 2021-01-07 20:41:52 Performing test ID FILE-6363 (Checking /var/tmp sticky bit) 2021-01-07 20:41:52 Result: sticky bit found on /var/tmp directory 2021-01-07 20:41:52 Hardening: assigned maximum number of hardening points for this item (3). Currently having 67 points (out of 92) 2021-01-07 20:41:52 ==== 2021-01-07 20:41:52 Performing test ID FILE-6368 (Checking ACL support on root file system) 2021-01-07 20:41:52 Test: Checking acl option on ext[2-4] root file system 2021-01-07 20:41:52 Result: mount point probably mounted with defaults 2021-01-07 20:41:52 Test: Checking device which holds root file system 2021-01-07 20:41:52 Result: found /dev/mapper/ubuntu--vg-ubuntu--lv 2021-01-07 20:41:52 Test: Checking default options on /dev/mapper/ubuntu--vg-ubuntu--lv 2021-01-07 20:41:52 Result: found ACL option in default mount options 2021-01-07 20:41:52 Test: Checking acl option on xfs root file system 2021-01-07 20:41:52 Result: ACL option enabled on root file system 2021-01-07 20:41:52 Hardening: assigned maximum number of hardening points for this item (3). Currently having 70 points (out of 95) 2021-01-07 20:41:52 ==== 2021-01-07 20:41:52 Performing test ID FILE-6372 (Checking / mount options) 2021-01-07 20:41:52 Result: mount system / is configured with options: defaults 2021-01-07 20:41:52 ==== 2021-01-07 20:41:52 Performing test ID FILE-6374 (Linux mount options) 2021-01-07 20:41:52 File system: /boot 2021-01-07 20:41:52 Expected flags: nodev noexec nosuid 2021-01-07 20:41:52 Found flags: defaults 2021-01-07 20:41:52 Result: Could not find mount option nodev on file system /boot 2021-01-07 20:41:52 Result: Could not find mount option noexec on file system /boot 2021-01-07 20:41:52 Result: Could not find mount option nosuid on file system /boot 2021-01-07 20:41:52 Result: marked /boot options as default (not hardened) 2021-01-07 20:41:52 Hardening: assigned partial number of hardening points (3 of 5). Currently having 73 points (out of 100) 2021-01-07 20:41:52 File system: /dev 2021-01-07 20:41:52 Expected flags: noexec nosuid 2021-01-07 20:41:52 Found flags: (rw nosuid noexec relatime size=1956944k nr_inodes=489236 mode=755) 2021-01-07 20:41:52 Result: GOOD, found mount option noexec on file system /dev 2021-01-07 20:41:52 Result: GOOD, found mount option nosuid on file system /dev 2021-01-07 20:41:52 Result: marked /dev as fully hardened 2021-01-07 20:41:52 Hardening: assigned maximum number of hardening points for this item (5). Currently having 78 points (out of 105) 2021-01-07 20:41:52 File system: /dev/shm 2021-01-07 20:41:52 Expected flags: nosuid nodev noexec 2021-01-07 20:41:52 Found flags: (rw nosuid nodev) 2021-01-07 20:41:52 Result: GOOD, found mount option nosuid on file system /dev/shm 2021-01-07 20:41:52 Result: GOOD, found mount option nodev on file system /dev/shm 2021-01-07 20:41:52 Result: Could not find mount option noexec on file system /dev/shm 2021-01-07 20:41:52 Result: marked /dev/shm as partially hardened 2021-01-07 20:41:52 Hardening: assigned partial number of hardening points (4 of 5). Currently having 82 points (out of 110) 2021-01-07 20:41:52 Result: file system /home not found in /etc/fstab 2021-01-07 20:41:52 File system: /run 2021-01-07 20:41:52 Expected flags: nodev nosuid 2021-01-07 20:41:52 Found flags: (rw nosuid nodev noexec relatime size=400176k mode=755) 2021-01-07 20:41:52 Result: GOOD, found mount option nodev on file system /run 2021-01-07 20:41:52 Result: GOOD, found mount option nosuid on file system /run 2021-01-07 20:41:52 Result: marked /run as fully hardened 2021-01-07 20:41:52 Hardening: assigned maximum number of hardening points for this item (5). Currently having 87 points (out of 115) 2021-01-07 20:41:52 Result: file system /tmp not found in /etc/fstab 2021-01-07 20:41:52 Result: file system /var not found in /etc/fstab 2021-01-07 20:41:52 Result: file system /var/log not found in /etc/fstab 2021-01-07 20:41:52 Result: file system /var/log/audit not found in /etc/fstab 2021-01-07 20:41:52 Result: file system /var/tmp not found in /etc/fstab 2021-01-07 20:41:52 Result: Total without nodev:7 noexec:14 nosuid:11 ro or noexec (W^X): 8, of total 43 2021-01-07 20:41:52 ==== 2021-01-07 20:41:52 Performing test ID FILE-6376 (Determine if /var/tmp is bound to /tmp) 2021-01-07 20:41:52 Result: no mount point /var/tmp or expected options found 2021-01-07 20:41:52 ==== 2021-01-07 20:41:52 Performing test ID FILE-6394 (Determine level of swappiness.) 2021-01-07 20:41:52 Test: checking level of vm.swappiness: 60 2021-01-07 20:41:52 Result: vm.swappiness=60 which is the standard level of swappiness and works well for desktop systems. 2021-01-07 20:41:52 ==== 2021-01-07 20:41:52 Skipped test FILE-6410 (Checking Locate database) 2021-01-07 20:41:52 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:41:52 ==== 2021-01-07 20:41:52 Performing test ID FILE-6430 (Disable mounting of some filesystems) 2021-01-07 20:41:52 Result: found cramfs support in the kernel (output = insmod /lib/modules/5.4.0-59-generic/kernel/fs/cramfs/cramfs.ko ) 2021-01-07 20:41:52 Test: Checking if cramfs is active 2021-01-07 20:41:52 Result: module cramfs is currently not loaded in the kernel. 2021-01-07 20:41:52 Hardening: assigned partial number of hardening points (2 of 3). Currently having 89 points (out of 118) 2021-01-07 20:41:52 Result: found freevxfs support in the kernel (output = insmod /lib/modules/5.4.0-59-generic/kernel/fs/freevxfs/freevxfs.ko ) 2021-01-07 20:41:52 Test: Checking if freevxfs is active 2021-01-07 20:41:52 Result: module freevxfs is currently not loaded in the kernel. 2021-01-07 20:41:52 Hardening: assigned partial number of hardening points (2 of 3). Currently having 91 points (out of 121) 2021-01-07 20:41:52 Result: found hfs support in the kernel (output = insmod /lib/modules/5.4.0-59-generic/kernel/fs/hfs/hfs.ko ) 2021-01-07 20:41:52 Test: Checking if hfs is active 2021-01-07 20:41:52 Result: module hfs is currently not loaded in the kernel. 2021-01-07 20:41:52 Hardening: assigned partial number of hardening points (2 of 3). Currently having 93 points (out of 124) 2021-01-07 20:41:52 Result: found hfsplus support in the kernel (output = insmod /lib/modules/5.4.0-59-generic/kernel/fs/hfsplus/hfsplus.ko ) 2021-01-07 20:41:52 Test: Checking if hfsplus is active 2021-01-07 20:41:52 Result: module hfsplus is currently not loaded in the kernel. 2021-01-07 20:41:52 Hardening: assigned partial number of hardening points (2 of 3). Currently having 95 points (out of 127) 2021-01-07 20:41:52 Result: found jffs2 support in the kernel (output = insmod /lib/modules/5.4.0-59-generic/kernel/fs/jffs2/jffs2.ko ) 2021-01-07 20:41:52 Test: Checking if jffs2 is active 2021-01-07 20:41:52 Result: module jffs2 is currently not loaded in the kernel. 2021-01-07 20:41:52 Hardening: assigned partial number of hardening points (2 of 3). Currently having 97 points (out of 130) 2021-01-07 20:41:52 Hardening: assigned maximum number of hardening points for this item (3). Currently having 100 points (out of 133) 2021-01-07 20:41:52 Result: found udf support in the kernel (output = insmod /lib/modules/5.4.0-59-generic/kernel/fs/udf/udf.ko ) 2021-01-07 20:41:52 Test: Checking if udf is active 2021-01-07 20:41:52 Result: module udf is currently not loaded in the kernel. 2021-01-07 20:41:52 Hardening: assigned partial number of hardening points (2 of 3). Currently having 102 points (out of 136) 2021-01-07 20:41:52 Suggestion: Consider disabling unused kernel modules [test:FILE-6430] [details:/etc/modprobe.d/blacklist.conf] [solution:Add 'install MODULENAME /bin/true' (without quotes)] 2021-01-07 20:41:52 Security check: file is normal 2021-01-07 20:41:52 Checking permissions of /root/scans/lynis/include/tests_usb 2021-01-07 20:41:52 File permissions are OK 2021-01-07 20:41:52 ==== 2021-01-07 20:41:52 Action: Performing tests from category: USB Devices 2021-01-07 20:41:52 ==== 2021-01-07 20:41:52 Performing test ID USB-1000 (Check if USB storage is disabled) 2021-01-07 20:41:52 Test: Checking USB storage driver in directory /etc/modprobe.d and configuration file /etc/modprobe.conf 2021-01-07 20:41:52 Result: usb-storage driver is not explicitly disabled 2021-01-07 20:41:52 Suggestion: Disable drivers like USB storage when not used, to prevent unauthorized storage or data theft [test:USB-1000] [details:-] [solution:-] 2021-01-07 20:41:52 Hardening: assigned partial number of hardening points (2 of 3). Currently having 104 points (out of 139) 2021-01-07 20:41:52 ==== 2021-01-07 20:41:52 Performing test ID USB-2000 (Check USB authorizations) 2021-01-07 20:41:52 Test: checking presence of USB devices path (/sys/bus/usb/devices) 2021-01-07 20:41:52 Test: Checking USB devices authorization to connect to the system 2021-01-07 20:41:52 Test: /sys/bus/usb/devices/usb1 is authorized by default (authorized_default=1) 2021-01-07 20:41:52 Test: /sys/bus/usb/devices/usb1 is authorized currently (authorized=1) 2021-01-07 20:41:52 Test: /sys/bus/usb/devices/usb2 is authorized by default (authorized_default=1) 2021-01-07 20:41:52 Test: /sys/bus/usb/devices/usb2 is authorized currently (authorized=1) 2021-01-07 20:41:52 Result: Some USB devices are authorized by default (or temporary) to connect to the system 2021-01-07 20:41:52 Hardening: assigned partial number of hardening points (0 of 3). Currently having 104 points (out of 142) 2021-01-07 20:41:52 ==== 2021-01-07 20:41:52 Performing test ID USB-3000 (Check for presence of USBGuard) 2021-01-07 20:41:52 Result: USBGuard not found 2021-01-07 20:41:52 Hardening: assigned partial number of hardening points (0 of 8). Currently having 104 points (out of 150) 2021-01-07 20:41:52 Security check: file is normal 2021-01-07 20:41:52 Checking permissions of /root/scans/lynis/include/tests_storage 2021-01-07 20:41:52 File permissions are OK 2021-01-07 20:41:52 ==== 2021-01-07 20:41:52 Action: Performing tests from category: Storage 2021-01-07 20:41:52 ==== 2021-01-07 20:41:52 Performing test ID STRG-1846 (Check if firewire storage is disabled) 2021-01-07 20:41:52 Test: Checking firewire storage driver in directory /etc/modprobe.d and configuration file /etc/modprobe.conf 2021-01-07 20:41:52 Result: found firewire ohci driver in disabled state 2021-01-07 20:41:52 Result: firewire ohci driver is disabled 2021-01-07 20:41:52 Hardening: assigned maximum number of hardening points for this item (3). Currently having 107 points (out of 153) 2021-01-07 20:41:52 Security check: file is normal 2021-01-07 20:41:52 Checking permissions of /root/scans/lynis/include/tests_storage_nfs 2021-01-07 20:41:52 File permissions are OK 2021-01-07 20:41:52 ==== 2021-01-07 20:41:52 Action: Performing tests from category: NFS 2021-01-07 20:41:52 ==== 2021-01-07 20:41:52 Skipped test STRG-1902 (Check rpcinfo registered programs) 2021-01-07 20:41:52 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:41:52 ==== 2021-01-07 20:41:52 Skipped test STRG-1904 (Check nfs rpc) 2021-01-07 20:41:52 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:41:52 ==== 2021-01-07 20:41:52 Skipped test STRG-1906 (Check nfs rpc) 2021-01-07 20:41:52 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:41:52 ==== 2021-01-07 20:41:52 Performing test ID STRG-1920 (Checking NFS daemon) 2021-01-07 20:41:52 Test: Checking running NFS daemon 2021-01-07 20:41:52 Output: NFS daemon is not running 2021-01-07 20:41:52 ==== 2021-01-07 20:41:52 Skipped test STRG-1926 (Checking NFS exports) 2021-01-07 20:41:52 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:41:52 ==== 2021-01-07 20:41:53 Skipped test STRG-1928 (Checking empty /etc/exports) 2021-01-07 20:41:53 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:41:53 ==== 2021-01-07 20:41:53 Skipped test STRG-1930 (Check client access to nfs share) 2021-01-07 20:41:53 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:41:53 Security check: file is normal 2021-01-07 20:41:53 Checking permissions of /root/scans/lynis/include/tests_nameservices 2021-01-07 20:41:53 File permissions are OK 2021-01-07 20:41:53 ==== 2021-01-07 20:41:53 Action: Performing tests from category: Name services 2021-01-07 20:41:53 ==== 2021-01-07 20:41:53 Performing test ID NAME-4016 (Check /etc/resolv.conf default domain) 2021-01-07 20:41:53 Test: check /etc/resolv.conf for default domain 2021-01-07 20:41:53 Result: /etc/resolv.conf found 2021-01-07 20:41:53 Result: no default domain found 2021-01-07 20:41:53 ==== 2021-01-07 20:41:53 Performing test ID NAME-4018 (Check /etc/resolv.conf search domains) 2021-01-07 20:41:53 Test: check /etc/resolv.conf for search domains 2021-01-07 20:41:53 Result: /etc/resolv.conf found 2021-01-07 20:41:53 Found search domain: localdomain 2021-01-07 20:41:53 Result: Found 1 search domains 2021-01-07 20:41:53 Result: found 1 line(s) with a search statement (expecting less than 2 lines) 2021-01-07 20:41:53 ==== 2021-01-07 20:41:53 Performing test ID NAME-4020 (Check non default options) 2021-01-07 20:41:53 Test: check /etc/resolv.conf for non default options 2021-01-07 20:41:53 Result: /etc/resolv.conf found 2021-01-07 20:41:53 Found option: edns0 2021-01-07 20:41:53 ==== 2021-01-07 20:41:53 Skipped test NAME-4024 (Solaris uname -n output) 2021-01-07 20:41:53 Reason to skip: Incorrect guest OS (Solaris only) 2021-01-07 20:41:53 ==== 2021-01-07 20:41:53 Skipped test NAME-4026 (Check /etc/nodename) 2021-01-07 20:41:53 Reason to skip: Incorrect guest OS (Solaris only) 2021-01-07 20:41:53 ==== 2021-01-07 20:41:53 Performing test ID NAME-4028 (Check domain name) 2021-01-07 20:41:53 Test: Checking if dnsdomainname command is available 2021-01-07 20:41:53 Result: dnsdomainname command returned no value 2021-01-07 20:41:53 Result: using domain name from FQDN hostname (ubuntu20041) 2021-01-07 20:41:53 Suggestion: Check DNS configuration for the dns domain name [test:NAME-4028] [details:-] [solution:-] 2021-01-07 20:41:53 ==== 2021-01-07 20:41:53 Performing test ID NAME-4032 (Check nscd status) 2021-01-07 20:41:53 Test: checking nscd status 2021-01-07 20:41:53 Performing pgrep scan without uid 2021-01-07 20:41:53 IsRunning: process 'nscd' not found 2021-01-07 20:41:53 Result: nscd is not running 2021-01-07 20:41:53 ==== 2021-01-07 20:41:53 Performing test ID NAME-4034 (Check Unbound status) 2021-01-07 20:41:53 Test: checking Unbound (unbound) status 2021-01-07 20:41:53 Performing pgrep scan without uid 2021-01-07 20:41:53 IsRunning: process 'unbound' not found 2021-01-07 20:41:53 Result: Unbound daemon is not running 2021-01-07 20:41:53 ==== 2021-01-07 20:41:53 Skipped test NAME-4036 (Check Unbound configuration file) 2021-01-07 20:41:53 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:41:53 ==== 2021-01-07 20:41:53 Performing test ID NAME-4202 (Check BIND status) 2021-01-07 20:41:53 Test: Checking for running BIND instance 2021-01-07 20:41:53 Performing pgrep scan without uid 2021-01-07 20:41:53 IsRunning: process 'named' not found 2021-01-07 20:41:53 Result: BIND not running 2021-01-07 20:41:53 ==== 2021-01-07 20:41:53 Skipped test NAME-4204 (Search BIND configuration file) 2021-01-07 20:41:53 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:41:53 ==== 2021-01-07 20:41:53 Skipped test NAME-4206 (Check BIND configuration consistency) 2021-01-07 20:41:53 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:41:53 ==== 2021-01-07 20:41:53 Skipped test NAME-4210 (Check DNS banner) 2021-01-07 20:41:53 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:41:53 ==== 2021-01-07 20:41:53 Performing test ID NAME-4230 (Check PowerDNS status) 2021-01-07 20:41:53 Test: Checking for running PowerDNS instance 2021-01-07 20:41:53 Performing pgrep scan without uid 2021-01-07 20:41:53 IsRunning: process 'pdns_server' not found 2021-01-07 20:41:53 Result: PowerDNS not running 2021-01-07 20:41:53 ==== 2021-01-07 20:41:53 Skipped test NAME-4232 (Search PowerDNS configuration file) 2021-01-07 20:41:53 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:41:53 ==== 2021-01-07 20:41:53 Skipped test NAME-4236 (Check PowerDNS backends) 2021-01-07 20:41:53 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:41:53 ==== 2021-01-07 20:41:53 Skipped test NAME-4238 (Check PowerDNS authoritative status) 2021-01-07 20:41:53 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:41:53 ==== 2021-01-07 20:41:53 Performing test ID NAME-4304 (Check NIS ypbind status) 2021-01-07 20:41:53 Test: Checking status of ypbind daemon 2021-01-07 20:41:53 Performing pgrep scan without uid 2021-01-07 20:41:53 IsRunning: process 'ypbind' not found 2021-01-07 20:41:53 Result: ypbind is not active 2021-01-07 20:41:53 ==== 2021-01-07 20:41:53 Skipped test NAME-4306 (Check NIS domain) 2021-01-07 20:41:53 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:41:53 ==== 2021-01-07 20:41:53 Performing test ID NAME-4402 (Check duplicate line in /etc/hosts) 2021-01-07 20:41:53 Test: check duplicate line in /etc/hosts 2021-01-07 20:41:53 Result: OK, no duplicate lines found 2021-01-07 20:41:53 ==== 2021-01-07 20:41:53 Performing test ID NAME-4404 (Check /etc/hosts contains an entry for this server name) 2021-01-07 20:41:53 Test: Check /etc/hosts contains an entry for this server name 2021-01-07 20:41:53 Result: Found entry for ubuntu20041 in /etc/hosts 2021-01-07 20:41:53 ==== 2021-01-07 20:41:53 Performing test ID NAME-4406 (Check server hostname mapping) 2021-01-07 20:41:53 Test: Check server hostname not locally mapped in /etc/hosts 2021-01-07 20:41:53 Result: this server hostname is not mapped to a local address 2021-01-07 20:41:53 ==== 2021-01-07 20:41:53 Performing test ID NAME-4408 (Check localhost entry) 2021-01-07 20:41:53 Test: Check server hostname not locally mapped in /etc/hosts 2021-01-07 20:41:53 Result: localhost mapped to ::1 2021-01-07 20:41:53 Security check: file is normal 2021-01-07 20:41:53 Checking permissions of /root/scans/lynis/include/tests_dns 2021-01-07 20:41:53 File permissions are OK 2021-01-07 20:41:53 Security check: file is normal 2021-01-07 20:41:53 Checking permissions of /root/scans/lynis/include/tests_ports_packages 2021-01-07 20:41:53 File permissions are OK 2021-01-07 20:41:53 ==== 2021-01-07 20:41:53 Action: Performing tests from category: Ports and packages 2021-01-07 20:41:53 ==== 2021-01-07 20:41:53 Skipped test PKGS-7301 (Query FreeBSD pkg) 2021-01-07 20:41:53 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:41:53 ==== 2021-01-07 20:41:53 Skipped test PKGS-7302 (Query FreeBSD/NetBSD pkg_info) 2021-01-07 20:41:53 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:41:53 ==== 2021-01-07 20:41:53 Skipped test PKGS-7303 (Query brew package manager) 2021-01-07 20:41:53 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:41:53 Result: brew can NOT be found on this system 2021-01-07 20:41:53 ==== 2021-01-07 20:41:53 Skipped test PKGS-7304 (Querying Gentoo packages) 2021-01-07 20:41:53 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:41:53 Result: emerge can NOT be found on this system 2021-01-07 20:41:53 ==== 2021-01-07 20:41:53 Skipped test PKGS-7306 (Querying Solaris packages) 2021-01-07 20:41:53 Reason to skip: Incorrect guest OS (Solaris only) 2021-01-07 20:41:53 Result: pkginfo can NOT be found on this system 2021-01-07 20:41:53 ==== 2021-01-07 20:41:53 Skipped test PKGS-7308 (Checking package list with RPM) 2021-01-07 20:41:53 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:41:53 Result: RPM binary NOT found on this system, test skipped 2021-01-07 20:41:53 ==== 2021-01-07 20:41:53 Skipped test PKGS-7310 (Checking package list with pacman) 2021-01-07 20:41:53 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:41:53 ==== 2021-01-07 20:41:53 Skipped test PKGS-7312 (Checking available updates for pacman based system) 2021-01-07 20:41:53 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:41:53 Result: pacman binary NOT found on this system, test skipped 2021-01-07 20:41:53 ==== 2021-01-07 20:41:53 Skipped test PKGS-7314 (Checking pacman configuration options) 2021-01-07 20:41:53 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:41:53 ==== 2021-01-07 20:41:53 Skipped test PKGS-7320 (Checking for arch-audit tooling) 2021-01-07 20:41:53 Reason to skip: Test only applies to Arch Linux 2021-01-07 20:41:53 ==== 2021-01-07 20:41:53 Skipped test PKGS-7322 (Discover vulnerable packages with arch-audit) 2021-01-07 20:41:53 Reason to skip: arch-audit not found 2021-01-07 20:41:53 ==== 2021-01-07 20:41:53 Skipped test PKGS-7328 (Querying Zypper for installed packages) 2021-01-07 20:41:53 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:41:53 ==== 2021-01-07 20:41:53 Skipped test PKGS-7330 (Querying Zypper for vulnerable packages) 2021-01-07 20:41:53 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:41:53 ==== 2021-01-07 20:41:53 Skipped test PKGS-7332 (Query macOS ports) 2021-01-07 20:41:53 Reason to skip: Incorrect guest OS (macOS only) 2021-01-07 20:41:53 ==== 2021-01-07 20:41:53 Skipped test PKGS-7334 (Query port for port upgrades) 2021-01-07 20:41:53 Reason to skip: Incorrect guest OS (macOS only) 2021-01-07 20:41:53 ==== 2021-01-07 20:41:53 Performing test ID PKGS-7345 (Querying dpkg) 2021-01-07 20:41:53 Result: Found dpkg binary 2021-01-07 20:41:53 Test: Querying dpkg -l to get package list 2021-01-07 20:41:53 Output: 2021-01-07 20:41:53 Found package: accountsservice (version: 0.6.55-0ubuntu12~20.04.4) 2021-01-07 20:41:53 Found package: adduser (version: 3.118ubuntu2) 2021-01-07 20:41:53 Found package: alsa-topology-conf (version: 1.2.2-1) 2021-01-07 20:41:53 Found package: alsa-ucm-conf (version: 1.2.2-1ubuntu0.1) 2021-01-07 20:41:53 Found package: amd64-microcode (version: 3.20191218.1ubuntu1) 2021-01-07 20:41:53 Found package: apache2 (version: 2.4.41-4ubuntu3.1) 2021-01-07 20:41:53 Found package: apache2-bin (version: 2.4.41-4ubuntu3.1) 2021-01-07 20:41:53 Found package: apache2-data (version: 2.4.41-4ubuntu3.1) 2021-01-07 20:41:53 Found package: apache2-utils (version: 2.4.41-4ubuntu3.1) 2021-01-07 20:41:53 Found package: apparmor (version: 2.13.3-7ubuntu5.1) 2021-01-07 20:41:53 Found package: apport (version: 2.20.11-0ubuntu27.12) 2021-01-07 20:41:53 Found package: apport-symptoms (version: 0.23) 2021-01-07 20:41:53 Found package: apt (version: 2.0.2ubuntu0.2) 2021-01-07 20:41:53 Found package: apt-utils (version: 2.0.2ubuntu0.2) 2021-01-07 20:41:53 Found package: at (version: 3.1.23-1ubuntu1) 2021-01-07 20:41:53 Found package: base-files (version: 11ubuntu5.1) 2021-01-07 20:41:53 Found package: base-passwd (version: 3.5.47) 2021-01-07 20:41:53 Found package: bash (version: 5.0-6ubuntu1.1) 2021-01-07 20:41:53 Found package: bash-completion (version: 1:2.10-1ubuntu1) 2021-01-07 20:41:53 Found package: bc (version: 1.07.1-2build1) 2021-01-07 20:41:53 Found package: bcache-tools (version: 1.0.8-3) 2021-01-07 20:41:53 Found package: bind9-dnsutils (version: 1:9.16.1-0ubuntu2.3) 2021-01-07 20:41:53 Found package: bind9-host (version: 1:9.16.1-0ubuntu2.4) 2021-01-07 20:41:53 Found package: bind9-libs:amd64 (version: 1:9.16.1-0ubuntu2.3) 2021-01-07 20:41:53 Found package: bolt (version: 0.8-4) 2021-01-07 20:41:53 Found package: bsdmainutils (version: 11.1.2ubuntu3) 2021-01-07 20:41:53 Found package: bsdutils (version: 1:2.34-0.1ubuntu9) 2021-01-07 20:41:54 Found package: btrfs-progs (version: 5.4.1-2) 2021-01-07 20:41:54 Found package: busybox-initramfs (version: 1:1.30.1-4ubuntu6.2) 2021-01-07 20:41:54 Found package: busybox-static (version: 1:1.30.1-4ubuntu6.2) 2021-01-07 20:41:54 Found package: byobu (version: 5.133-0ubuntu1) 2021-01-07 20:41:54 Found package: bzip2 (version: 1.0.8-2) 2021-01-07 20:41:54 Found package: ca-certificates (version: 20201027ubuntu0.20.04.1) 2021-01-07 20:41:54 Found package: cloud-guest-utils (version: 0.31-7-gd99b2d76-0ubuntu1) 2021-01-07 20:41:54 Found package: cloud-init (version: 20.2-45-g5f7825e2-0ubuntu1~20.04.1) 2021-01-07 20:41:54 Found package: cloud-initramfs-copymods (version: 0.45ubuntu1) 2021-01-07 20:41:54 Found package: cloud-initramfs-dyn-netconf (version: 0.45ubuntu1) 2021-01-07 20:41:54 Found package: command-not-found (version: 20.04.2) 2021-01-07 20:41:54 Found package: console-setup (version: 1.194ubuntu3) 2021-01-07 20:41:54 Found package: console-setup-linux (version: 1.194ubuntu3) 2021-01-07 20:41:54 Found package: coreutils (version: 8.30-3ubuntu2) 2021-01-07 20:41:54 Found package: cpio (version: 2.13+dfsg-2) 2021-01-07 20:41:54 Found package: crda (version: 3.18-1build1) 2021-01-07 20:41:54 Found package: cron (version: 3.0pl1-136ubuntu1) 2021-01-07 20:41:54 Found package: cryptsetup (version: 2:2.2.2-3ubuntu2.2) 2021-01-07 20:41:54 Found package: cryptsetup-bin (version: 2:2.2.2-3ubuntu2.2) 2021-01-07 20:41:54 Found package: cryptsetup-initramfs (version: 2:2.2.2-3ubuntu2.2) 2021-01-07 20:41:54 Found package: cryptsetup-run (version: 2:2.2.2-3ubuntu2.2) 2021-01-07 20:41:54 Found package: curl (version: 7.68.0-1ubuntu2.4) 2021-01-07 20:41:54 Found package: dash (version: 0.5.10.2-6) 2021-01-07 20:41:54 Found package: dbus (version: 1.12.16-2ubuntu2.1) 2021-01-07 20:41:54 Found package: dbus-user-session (version: 1.12.16-2ubuntu2.1) 2021-01-07 20:41:54 Found package: dconf-gsettings-backend:amd64 (version: 0.36.0-1) 2021-01-07 20:41:54 Found package: dconf-service (version: 0.36.0-1) 2021-01-07 20:41:54 Found package: debconf (version: 1.5.73) 2021-01-07 20:41:54 Found package: debconf-i18n (version: 1.5.73) 2021-01-07 20:41:54 Found package: debianutils (version: 4.9.1) 2021-01-07 20:41:54 Found package: diffutils (version: 1:3.7-3) 2021-01-07 20:41:54 Found package: dirmngr (version: 2.2.19-3ubuntu2) 2021-01-07 20:41:54 Found package: distro-info-data (version: 0.43ubuntu1.4) 2021-01-07 20:41:54 Found package: dmeventd (version: 2:1.02.167-1ubuntu1) 2021-01-07 20:41:54 Found package: dmidecode (version: 3.2-3) 2021-01-07 20:41:54 Found package: dmsetup (version: 2:1.02.167-1ubuntu1) 2021-01-07 20:41:54 Found package: dosfstools (version: 4.1-2) 2021-01-07 20:41:54 Found package: dpkg (version: 1.19.7ubuntu3) 2021-01-07 20:41:54 Found package: e2fsprogs (version: 1.45.5-2ubuntu1) 2021-01-07 20:41:54 Found package: eatmydata (version: 105-7) 2021-01-07 20:41:54 Found package: ed (version: 1.16-1) 2021-01-07 20:41:54 Found package: eject (version: 2.1.5+deb1+cvs20081104-14) 2021-01-07 20:41:54 Found package: ethtool (version: 1:5.4-1) 2021-01-07 20:41:54 Found package: fdisk (version: 2.34-0.1ubuntu9) 2021-01-07 20:41:54 Found package: file (version: 1:5.38-4) 2021-01-07 20:41:54 Found package: finalrd (version: 5) 2021-01-07 20:41:54 Found package: findutils (version: 4.7.0-1ubuntu1) 2021-01-07 20:41:54 Found package: fonts-ubuntu-console (version: 0.83-4ubuntu1) 2021-01-07 20:41:54 Found package: friendly-recovery (version: 0.2.41) 2021-01-07 20:41:54 Found package: ftp (version: 0.17-34.1) 2021-01-07 20:41:54 Found package: fuse (version: 2.9.9-3) 2021-01-07 20:41:54 Found package: fwupd (version: 1.3.11-1~focal1) 2021-01-07 20:41:54 Found package: fwupd-signed (version: 1.27.1ubuntu2+1.3.11-1~focal1) 2021-01-07 20:41:54 Found package: gawk (version: 1:5.0.1+dfsg-1) 2021-01-07 20:41:54 Found package: gcc-10-base:amd64 (version: 10.2.0-5ubuntu1~20.04) 2021-01-07 20:41:54 Found package: gdisk (version: 1.0.5-1) 2021-01-07 20:41:54 Found package: gettext-base (version: 0.19.8.1-10build1) 2021-01-07 20:41:54 Found package: gir1.2-glib-2.0:amd64 (version: 1.64.1-1~ubuntu20.04.1) 2021-01-07 20:41:54 Found package: gir1.2-packagekitglib-1.0 (version: 1.1.13-2ubuntu1.1) 2021-01-07 20:41:54 Found package: git (version: 1:2.25.1-1ubuntu3) 2021-01-07 20:41:54 Found package: git-man (version: 1:2.25.1-1ubuntu3) 2021-01-07 20:41:54 Found package: glib-networking-common (version: 2.64.2-1ubuntu0.1) 2021-01-07 20:41:54 Found package: glib-networking-services (version: 2.64.2-1ubuntu0.1) 2021-01-07 20:41:54 Found package: glib-networking:amd64 (version: 2.64.2-1ubuntu0.1) 2021-01-07 20:41:54 Found package: gnupg (version: 2.2.19-3ubuntu2) 2021-01-07 20:41:54 Found package: gnupg-l10n (version: 2.2.19-3ubuntu2) 2021-01-07 20:41:54 Found package: gnupg-utils (version: 2.2.19-3ubuntu2) 2021-01-07 20:41:54 Found package: gpg (version: 2.2.19-3ubuntu2) 2021-01-07 20:41:54 Found package: gpg-agent (version: 2.2.19-3ubuntu2) 2021-01-07 20:41:54 Found package: gpg-wks-client (version: 2.2.19-3ubuntu2) 2021-01-07 20:41:54 Found package: gpg-wks-server (version: 2.2.19-3ubuntu2) 2021-01-07 20:41:54 Found package: gpgconf (version: 2.2.19-3ubuntu2) 2021-01-07 20:41:54 Found package: gpgsm (version: 2.2.19-3ubuntu2) 2021-01-07 20:41:54 Found package: gpgv (version: 2.2.19-3ubuntu2) 2021-01-07 20:41:54 Found package: grep (version: 3.4-1) 2021-01-07 20:41:54 Found package: groff-base (version: 1.22.4-4build1) 2021-01-07 20:41:54 Found package: grub-common (version: 2.04-1ubuntu26.7) 2021-01-07 20:41:54 Found package: grub-gfxpayload-lists (version: 0.7) 2021-01-07 20:41:54 Found package: grub-pc (version: 2.04-1ubuntu26.7) 2021-01-07 20:41:54 Found package: grub-pc-bin (version: 2.04-1ubuntu26.7) 2021-01-07 20:41:54 Found package: grub2-common (version: 2.04-1ubuntu26.7) 2021-01-07 20:41:54 Found package: gsettings-desktop-schemas (version: 3.36.0-1ubuntu1) 2021-01-07 20:41:54 Found package: gzip (version: 1.10-0ubuntu4) 2021-01-07 20:41:54 Found package: hdparm (version: 9.58+ds-4) 2021-01-07 20:41:54 Found package: hostname (version: 3.23) 2021-01-07 20:41:54 Found package: htop (version: 2.2.0-2build1) 2021-01-07 20:41:54 Found package: info (version: 6.7.0.dfsg.2-5) 2021-01-07 20:41:54 Found package: init (version: 1.57) 2021-01-07 20:41:54 Found package: init-system-helpers (version: 1.57) 2021-01-07 20:41:54 Found package: initramfs-tools (version: 0.136ubuntu6.2) 2021-01-07 20:41:54 Found package: initramfs-tools-bin (version: 0.136ubuntu6.2) 2021-01-07 20:41:54 Found package: initramfs-tools-core (version: 0.136ubuntu6.2) 2021-01-07 20:41:54 Found package: install-info (version: 6.7.0.dfsg.2-5) 2021-01-07 20:41:54 Found package: intel-microcode (version: 3.20201110.0ubuntu0.20.04.2) 2021-01-07 20:41:54 Found package: iproute2 (version: 5.5.0-1ubuntu1) 2021-01-07 20:41:54 Found package: iptables (version: 1.8.4-3ubuntu2) 2021-01-07 20:41:54 Found package: iputils-ping (version: 3:20190709-3) 2021-01-07 20:41:54 Found package: iputils-tracepath (version: 3:20190709-3) 2021-01-07 20:41:54 Found package: irqbalance (version: 1.6.0-3ubuntu1) 2021-01-07 20:41:54 Found package: isc-dhcp-client (version: 4.4.1-2.1ubuntu5) 2021-01-07 20:41:54 Found package: isc-dhcp-common (version: 4.4.1-2.1ubuntu5) 2021-01-07 20:41:54 Found package: iso-codes (version: 4.4-1) 2021-01-07 20:41:54 Found package: iucode-tool (version: 2.3.1-1) 2021-01-07 20:41:54 Found package: iw (version: 5.4-1) 2021-01-07 20:41:54 Found package: kbd (version: 2.0.4-4ubuntu2) 2021-01-07 20:41:54 Found package: keyboard-configuration (version: 1.194ubuntu3) 2021-01-07 20:41:54 Found package: klibc-utils (version: 2.0.7-1ubuntu5) 2021-01-07 20:41:54 Found package: kmod (version: 27-1ubuntu2) 2021-01-07 20:41:54 Found package: kpartx (version: 0.8.3-1ubuntu2) 2021-01-07 20:41:54 Found package: krb5-locales (version: 1.17-6ubuntu4.1) 2021-01-07 20:41:54 Found package: landscape-common (version: 19.12-0ubuntu4.1) 2021-01-07 20:41:54 Found package: language-selector-common (version: 0.204) 2021-01-07 20:41:54 Found package: less (version: 551-1ubuntu0.1) 2021-01-07 20:41:54 Found package: libaccountsservice0:amd64 (version: 0.6.55-0ubuntu12~20.04.4) 2021-01-07 20:41:54 Found package: libacl1:amd64 (version: 2.2.53-6) 2021-01-07 20:41:54 Found package: libaio1:amd64 (version: 0.3.112-5) 2021-01-07 20:41:54 Found package: libapache2-mod-php (version: 2:7.4+75) 2021-01-07 20:41:54 Found package: libapache2-mod-php7.4 (version: 7.4.3-4ubuntu2.4) 2021-01-07 20:41:54 Found package: libapparmor1:amd64 (version: 2.13.3-7ubuntu5.1) 2021-01-07 20:41:54 Found package: libappstream4:amd64 (version: 0.12.10-2) 2021-01-07 20:41:54 Found package: libapr1:amd64 (version: 1.6.5-1ubuntu1) 2021-01-07 20:41:54 Found package: libaprutil1-dbd-sqlite3:amd64 (version: 1.6.1-4ubuntu2) 2021-01-07 20:41:54 Found package: libaprutil1-ldap:amd64 (version: 1.6.1-4ubuntu2) 2021-01-07 20:41:54 Found package: libaprutil1:amd64 (version: 1.6.1-4ubuntu2) 2021-01-07 20:41:54 Found package: libapt-pkg6.0:amd64 (version: 2.0.2ubuntu0.2) 2021-01-07 20:41:54 Found package: libarchive13:amd64 (version: 3.4.0-2ubuntu1) 2021-01-07 20:41:54 Found package: libargon2-1:amd64 (version: 0~20171227-0.2) 2021-01-07 20:41:54 Found package: libasn1-8-heimdal:amd64 (version: 7.7.0+dfsg-1ubuntu1) 2021-01-07 20:41:54 Found package: libasound2-data (version: 1.2.2-2.1ubuntu1) 2021-01-07 20:41:54 Found package: libasound2:amd64 (version: 1.2.2-2.1ubuntu1) 2021-01-07 20:41:54 Found package: libassuan0:amd64 (version: 2.5.3-7ubuntu2) 2021-01-07 20:41:54 Found package: libatm1:amd64 (version: 1:2.5.1-4) 2021-01-07 20:41:54 Found package: libattr1:amd64 (version: 1:2.4.48-5) 2021-01-07 20:41:54 Found package: libaudit-common (version: 1:2.8.5-2ubuntu6) 2021-01-07 20:41:54 Found package: libaudit1:amd64 (version: 1:2.8.5-2ubuntu6) 2021-01-07 20:41:54 Found package: libblkid1:amd64 (version: 2.34-0.1ubuntu9) 2021-01-07 20:41:54 Found package: libbrotli1:amd64 (version: 1.0.7-6ubuntu0.1) 2021-01-07 20:41:54 Found package: libbsd0:amd64 (version: 0.10.0-1) 2021-01-07 20:41:54 Found package: libbz2-1.0:amd64 (version: 1.0.8-2) 2021-01-07 20:41:54 Found package: libc-bin (version: 2.31-0ubuntu9) 2021-01-07 20:41:54 Found package: libc6:amd64 (version: 2.31-0ubuntu9) 2021-01-07 20:41:54 Found package: libcanberra0:amd64 (version: 0.30-7ubuntu1) 2021-01-07 20:41:54 Found package: libcap-ng0:amd64 (version: 0.7.9-2.1build1) 2021-01-07 20:41:54 Found package: libcap2-bin (version: 1:2.32-1) 2021-01-07 20:41:54 Found package: libcap2:amd64 (version: 1:2.32-1) 2021-01-07 20:41:54 Found package: libcbor0.6:amd64 (version: 0.6.0-0ubuntu1) 2021-01-07 20:41:54 Found package: libcgi-fast-perl (version: 1:2.15-1) 2021-01-07 20:41:54 Found package: libcgi-pm-perl (version: 4.46-1) 2021-01-07 20:41:54 Found package: libcom-err2:amd64 (version: 1.45.5-2ubuntu1) 2021-01-07 20:41:54 Found package: libcrypt1:amd64 (version: 1:4.4.10-10ubuntu4) 2021-01-07 20:41:54 Found package: libcryptsetup12:amd64 (version: 2:2.2.2-3ubuntu2.2) 2021-01-07 20:41:54 Found package: libcurl3-gnutls:amd64 (version: 7.68.0-1ubuntu2.4) 2021-01-07 20:41:54 Found package: libcurl4:amd64 (version: 7.68.0-1ubuntu2.4) 2021-01-07 20:41:54 Found package: libdb5.3:amd64 (version: 5.3.28+dfsg1-0.6ubuntu2) 2021-01-07 20:41:54 Found package: libdbus-1-3:amd64 (version: 1.12.16-2ubuntu2.1) 2021-01-07 20:41:54 Found package: libdbus-glib-1-2:amd64 (version: 0.110-5fakssync1) 2021-01-07 20:41:54 Found package: libdconf1:amd64 (version: 0.36.0-1) 2021-01-07 20:41:54 Found package: libdebconfclient0:amd64 (version: 0.251ubuntu1) 2021-01-07 20:41:54 Found package: libdevmapper-event1.02.1:amd64 (version: 2:1.02.167-1ubuntu1) 2021-01-07 20:41:54 Found package: libdevmapper1.02.1:amd64 (version: 2:1.02.167-1ubuntu1) 2021-01-07 20:41:54 Found package: libdns-export1109 (version: 1:9.11.16+dfsg-3~build1) 2021-01-07 20:41:54 Found package: libdrm-common (version: 2.4.101-2) 2021-01-07 20:41:54 Found package: libdrm2:amd64 (version: 2.4.101-2) 2021-01-07 20:41:54 Found package: libeatmydata1:amd64 (version: 105-7) 2021-01-07 20:41:54 Found package: libedit2:amd64 (version: 3.1-20191231-1) 2021-01-07 20:41:54 Found package: libefiboot1:amd64 (version: 37-2ubuntu2) 2021-01-07 20:41:54 Found package: libefivar1:amd64 (version: 37-2ubuntu2) 2021-01-07 20:41:54 Found package: libelf1:amd64 (version: 0.176-1.1build1) 2021-01-07 20:41:54 Found package: libencode-locale-perl (version: 1.05-1) 2021-01-07 20:41:54 Found package: liberror-perl (version: 0.17029-1) 2021-01-07 20:41:54 Found package: libestr0:amd64 (version: 0.1.10-2.1) 2021-01-07 20:41:54 Found package: libevent-2.1-7:amd64 (version: 2.1.11-stable-1) 2021-01-07 20:41:54 Found package: libevent-core-2.1-7:amd64 (version: 2.1.11-stable-1) 2021-01-07 20:41:54 Found package: libevent-pthreads-2.1-7:amd64 (version: 2.1.11-stable-1) 2021-01-07 20:41:54 Found package: libexpat1:amd64 (version: 2.2.9-1build1) 2021-01-07 20:41:54 Found package: libext2fs2:amd64 (version: 1.45.5-2ubuntu1) 2021-01-07 20:41:54 Found package: libfastjson4:amd64 (version: 0.99.8-2) 2021-01-07 20:41:54 Found package: libfcgi-perl (version: 0.79-1) 2021-01-07 20:41:54 Found package: libfdisk1:amd64 (version: 2.34-0.1ubuntu9) 2021-01-07 20:41:54 Found package: libffi7:amd64 (version: 3.3-4) 2021-01-07 20:41:54 Found package: libfido2-1:amd64 (version: 1.3.1-1ubuntu2) 2021-01-07 20:41:54 Found package: libfl2:amd64 (version: 2.6.4-6.2) 2021-01-07 20:41:54 Found package: libfreetype6:amd64 (version: 2.10.1-2ubuntu0.1) 2021-01-07 20:41:54 Found package: libfribidi0:amd64 (version: 1.0.8-2) 2021-01-07 20:41:54 Found package: libfuse2:amd64 (version: 2.9.9-3) 2021-01-07 20:41:54 Found package: libfwupd2:amd64 (version: 1.3.11-1~focal1) 2021-01-07 20:41:54 Found package: libfwupdplugin1:amd64 (version: 1.3.11-1~focal1) 2021-01-07 20:41:54 Found package: libgcab-1.0-0:amd64 (version: 1.4-1) 2021-01-07 20:41:54 Found package: libgcc-s1:amd64 (version: 10.2.0-5ubuntu1~20.04) 2021-01-07 20:41:54 Found package: libgcrypt20:amd64 (version: 1.8.5-5ubuntu1) 2021-01-07 20:41:54 Found package: libgdbm-compat4:amd64 (version: 1.18.1-5) 2021-01-07 20:41:54 Found package: libgdbm6:amd64 (version: 1.18.1-5) 2021-01-07 20:41:54 Found package: libgirepository-1.0-1:amd64 (version: 1.64.1-1~ubuntu20.04.1) 2021-01-07 20:41:54 Found package: libglib2.0-0:amd64 (version: 2.64.3-1~ubuntu20.04.1) 2021-01-07 20:41:54 Found package: libglib2.0-bin (version: 2.64.3-1~ubuntu20.04.1) 2021-01-07 20:41:54 Found package: libglib2.0-data (version: 2.64.3-1~ubuntu20.04.1) 2021-01-07 20:41:54 Found package: libgmp10:amd64 (version: 2:6.2.0+dfsg-4) 2021-01-07 20:41:54 Found package: libgnutls30:amd64 (version: 3.6.13-2ubuntu1.3) 2021-01-07 20:41:54 Found package: libgpg-error0:amd64 (version: 1.37-1) 2021-01-07 20:41:54 Found package: libgpgme11:amd64 (version: 1.13.1-7ubuntu2) 2021-01-07 20:41:54 Found package: libgpm2:amd64 (version: 1.20.7-5) 2021-01-07 20:41:54 Found package: libgssapi-krb5-2:amd64 (version: 1.17-6ubuntu4.1) 2021-01-07 20:41:54 Found package: libgssapi3-heimdal:amd64 (version: 7.7.0+dfsg-1ubuntu1) 2021-01-07 20:41:54 Found package: libgstreamer1.0-0:amd64 (version: 1.16.2-2) 2021-01-07 20:41:54 Found package: libgudev-1.0-0:amd64 (version: 1:233-1) 2021-01-07 20:41:55 Found package: libgusb2:amd64 (version: 0.3.4-0.1) 2021-01-07 20:41:55 Found package: libhcrypto4-heimdal:amd64 (version: 7.7.0+dfsg-1ubuntu1) 2021-01-07 20:41:55 Found package: libheimbase1-heimdal:amd64 (version: 7.7.0+dfsg-1ubuntu1) 2021-01-07 20:41:55 Found package: libheimntlm0-heimdal:amd64 (version: 7.7.0+dfsg-1ubuntu1) 2021-01-07 20:41:55 Found package: libhogweed5:amd64 (version: 3.5.1+really3.5.1-2) 2021-01-07 20:41:55 Found package: libhtml-parser-perl (version: 3.72-5) 2021-01-07 20:41:55 Found package: libhtml-tagset-perl (version: 3.20-4) 2021-01-07 20:41:55 Found package: libhtml-template-perl (version: 2.97-1) 2021-01-07 20:41:55 Found package: libhttp-date-perl (version: 6.05-1) 2021-01-07 20:41:55 Found package: libhttp-message-perl (version: 6.22-1) 2021-01-07 20:41:55 Found package: libhx509-5-heimdal:amd64 (version: 7.7.0+dfsg-1ubuntu1) 2021-01-07 20:41:55 Found package: libicu66:amd64 (version: 66.1-2ubuntu2) 2021-01-07 20:41:55 Found package: libidn2-0:amd64 (version: 2.2.0-2) 2021-01-07 20:41:55 Found package: libio-html-perl (version: 1.001-1) 2021-01-07 20:41:55 Found package: libip4tc2:amd64 (version: 1.8.4-3ubuntu2) 2021-01-07 20:41:55 Found package: libip6tc2:amd64 (version: 1.8.4-3ubuntu2) 2021-01-07 20:41:55 Found package: libisc-export1105:amd64 (version: 1:9.11.16+dfsg-3~build1) 2021-01-07 20:41:55 Found package: libisns0:amd64 (version: 0.97-3) 2021-01-07 20:41:55 Found package: libjansson4:amd64 (version: 2.12-1build1) 2021-01-07 20:41:55 Found package: libjson-c4:amd64 (version: 0.13.1+dfsg-7ubuntu0.3) 2021-01-07 20:41:55 Found package: libjson-glib-1.0-0:amd64 (version: 1.4.4-2ubuntu2) 2021-01-07 20:41:55 Found package: libjson-glib-1.0-common (version: 1.4.4-2ubuntu2) 2021-01-07 20:41:55 Found package: libk5crypto3:amd64 (version: 1.17-6ubuntu4.1) 2021-01-07 20:41:55 Found package: libkeyutils1:amd64 (version: 1.6-6ubuntu1) 2021-01-07 20:41:55 Found package: libklibc:amd64 (version: 2.0.7-1ubuntu5) 2021-01-07 20:41:55 Found package: libkmod2:amd64 (version: 27-1ubuntu2) 2021-01-07 20:41:55 Found package: libkrb5-26-heimdal:amd64 (version: 7.7.0+dfsg-1ubuntu1) 2021-01-07 20:41:55 Found package: libkrb5-3:amd64 (version: 1.17-6ubuntu4.1) 2021-01-07 20:41:55 Found package: libkrb5support0:amd64 (version: 1.17-6ubuntu4.1) 2021-01-07 20:41:55 Found package: libksba8:amd64 (version: 1.3.5-2) 2021-01-07 20:41:55 Found package: libldap-2.4-2:amd64 (version: 2.4.49+dfsg-2ubuntu1.5) 2021-01-07 20:41:55 Found package: libldap-common (version: 2.4.49+dfsg-2ubuntu1.5) 2021-01-07 20:41:55 Found package: liblmdb0:amd64 (version: 0.9.24-1) 2021-01-07 20:41:55 Found package: liblocale-gettext-perl (version: 1.07-4) 2021-01-07 20:41:55 Found package: libltdl7:amd64 (version: 2.4.6-14) 2021-01-07 20:41:55 Found package: liblua5.2-0:amd64 (version: 5.2.4-1.1build3) 2021-01-07 20:41:55 Found package: liblvm2cmd2.03:amd64 (version: 2.03.07-1ubuntu1) 2021-01-07 20:41:55 Found package: liblwp-mediatypes-perl (version: 6.04-1) 2021-01-07 20:41:55 Found package: liblz4-1:amd64 (version: 1.9.2-2) 2021-01-07 20:41:55 Found package: liblzma5:amd64 (version: 5.2.4-1) 2021-01-07 20:41:55 Found package: liblzo2-2:amd64 (version: 2.10-2) 2021-01-07 20:41:55 Found package: libmagic-mgc (version: 1:5.38-4) 2021-01-07 20:41:55 Found package: libmagic1:amd64 (version: 1:5.38-4) 2021-01-07 20:41:55 Found package: libmaxminddb0:amd64 (version: 1.4.2-0ubuntu1.20.04.1) 2021-01-07 20:41:55 Found package: libmecab2:amd64 (version: 0.996-10build1) 2021-01-07 20:41:55 Found package: libmnl0:amd64 (version: 1.0.4-2) 2021-01-07 20:41:55 Found package: libmount1:amd64 (version: 2.34-0.1ubuntu9) 2021-01-07 20:41:55 Found package: libmpdec2:amd64 (version: 2.4.2-3) 2021-01-07 20:41:55 Found package: libmpfr6:amd64 (version: 4.0.2-1) 2021-01-07 20:41:55 Found package: libmspack0:amd64 (version: 0.10.1-2) 2021-01-07 20:41:55 Found package: libncurses6:amd64 (version: 6.2-0ubuntu2) 2021-01-07 20:41:55 Found package: libncursesw6:amd64 (version: 6.2-0ubuntu2) 2021-01-07 20:41:55 Found package: libnetfilter-conntrack3:amd64 (version: 1.0.7-2) 2021-01-07 20:41:55 Found package: libnetplan0:amd64 (version: 0.99-0ubuntu3~20.04.2) 2021-01-07 20:41:55 Found package: libnettle7:amd64 (version: 3.5.1+really3.5.1-2) 2021-01-07 20:41:55 Found package: libnewt0.52:amd64 (version: 0.52.21-4ubuntu2) 2021-01-07 20:41:55 Found package: libnfnetlink0:amd64 (version: 1.0.1-3build1) 2021-01-07 20:41:55 Found package: libnftnl11:amd64 (version: 1.1.5-1) 2021-01-07 20:41:55 Found package: libnghttp2-14:amd64 (version: 1.40.0-1build1) 2021-01-07 20:41:55 Found package: libnl-3-200:amd64 (version: 3.4.0-1) 2021-01-07 20:41:55 Found package: libnl-genl-3-200:amd64 (version: 3.4.0-1) 2021-01-07 20:41:55 Found package: libnpth0:amd64 (version: 1.6-1) 2021-01-07 20:41:55 Found package: libnss-systemd:amd64 (version: 245.4-4ubuntu3.2) 2021-01-07 20:41:55 Found package: libntfs-3g883 (version: 1:2017.3.23AR.3-3ubuntu1) 2021-01-07 20:41:55 Found package: libnuma1:amd64 (version: 2.0.12-1) 2021-01-07 20:41:55 Found package: libogg0:amd64 (version: 1.3.4-0ubuntu1) 2021-01-07 20:41:55 Found package: libp11-kit0:amd64 (version: 0.23.20-1ubuntu0.1) 2021-01-07 20:41:55 Found package: libpackagekit-glib2-18:amd64 (version: 1.1.13-2ubuntu1.1) 2021-01-07 20:41:55 Found package: libpam-cap:amd64 (version: 1:2.32-1) 2021-01-07 20:41:55 Found package: libpam-modules-bin (version: 1.3.1-5ubuntu4) 2021-01-07 20:41:55 Found package: libpam-modules:amd64 (version: 1.3.1-5ubuntu4) 2021-01-07 20:41:55 Found package: libpam-runtime (version: 1.3.1-5ubuntu4) 2021-01-07 20:41:55 Found package: libpam-systemd:amd64 (version: 245.4-4ubuntu3.2) 2021-01-07 20:41:55 Found package: libpam0g:amd64 (version: 1.3.1-5ubuntu4) 2021-01-07 20:41:55 Found package: libparted2:amd64 (version: 3.3-4) 2021-01-07 20:41:55 Found package: libpcap0.8:amd64 (version: 1.9.1-3) 2021-01-07 20:41:55 Found package: libpci3:amd64 (version: 1:3.6.4-1) 2021-01-07 20:41:55 Found package: libpcre2-8-0:amd64 (version: 10.34-7) 2021-01-07 20:41:55 Found package: libpcre3:amd64 (version: 2:8.39-12build1) 2021-01-07 20:41:55 Found package: libperl5.30:amd64 (version: 5.30.0-9ubuntu0.2) 2021-01-07 20:41:55 Found package: libpipeline1:amd64 (version: 1.5.2-2build1) 2021-01-07 20:41:55 Found package: libplymouth5:amd64 (version: 0.9.4git20200323-0ubuntu6) 2021-01-07 20:41:55 Found package: libpng16-16:amd64 (version: 1.6.37-2) 2021-01-07 20:41:55 Found package: libpolkit-agent-1-0:amd64 (version: 0.105-26ubuntu1) 2021-01-07 20:41:55 Found package: libpolkit-gobject-1-0:amd64 (version: 0.105-26ubuntu1) 2021-01-07 20:41:55 Found package: libpopt0:amd64 (version: 1.16-14) 2021-01-07 20:41:55 Found package: libprocps8:amd64 (version: 2:3.3.16-1ubuntu2) 2021-01-07 20:41:55 Found package: libproxy1v5:amd64 (version: 0.4.15-10ubuntu1.2) 2021-01-07 20:41:55 Found package: libpsl5:amd64 (version: 0.21.0-1ubuntu1) 2021-01-07 20:41:55 Found package: libpython3-stdlib:amd64 (version: 3.8.2-0ubuntu2) 2021-01-07 20:41:55 Found package: libpython3.8-minimal:amd64 (version: 3.8.5-1~20.04) 2021-01-07 20:41:55 Found package: libpython3.8-stdlib:amd64 (version: 3.8.5-1~20.04) 2021-01-07 20:41:55 Found package: libpython3.8:amd64 (version: 3.8.5-1~20.04) 2021-01-07 20:41:55 Found package: libreadline5:amd64 (version: 5.2+dfsg-3build3) 2021-01-07 20:41:55 Found package: libreadline8:amd64 (version: 8.0-4) 2021-01-07 20:41:55 Found package: libroken18-heimdal:amd64 (version: 7.7.0+dfsg-1ubuntu1) 2021-01-07 20:41:55 Found package: librtmp1:amd64 (version: 2.4+20151223.gitfa8646d.1-2build1) 2021-01-07 20:41:55 Found package: libsasl2-2:amd64 (version: 2.1.27+dfsg-2) 2021-01-07 20:41:55 Found package: libsasl2-modules-db:amd64 (version: 2.1.27+dfsg-2) 2021-01-07 20:41:55 Found package: libsasl2-modules:amd64 (version: 2.1.27+dfsg-2) 2021-01-07 20:41:55 Found package: libseccomp2:amd64 (version: 2.4.3-1ubuntu3.20.04.3) 2021-01-07 20:41:55 Found package: libselinux1:amd64 (version: 3.0-1build2) 2021-01-07 20:41:55 Found package: libsemanage-common (version: 3.0-1build2) 2021-01-07 20:41:55 Found package: libsemanage1:amd64 (version: 3.0-1build2) 2021-01-07 20:41:55 Found package: libsepol1:amd64 (version: 3.0-1) 2021-01-07 20:41:55 Found package: libsgutils2-2 (version: 1.44-1ubuntu2) 2021-01-07 20:41:55 Found package: libsigsegv2:amd64 (version: 2.12-2) 2021-01-07 20:41:55 Found package: libslang2:amd64 (version: 2.3.2-4) 2021-01-07 20:41:55 Found package: libsmartcols1:amd64 (version: 2.34-0.1ubuntu9) 2021-01-07 20:41:55 Found package: libsmbios-c2 (version: 2.4.3-1) 2021-01-07 20:41:55 Found package: libsodium23:amd64 (version: 1.0.18-1) 2021-01-07 20:41:55 Found package: libsoup2.4-1:amd64 (version: 2.70.0-1) 2021-01-07 20:41:55 Found package: libsqlite3-0:amd64 (version: 3.31.1-4ubuntu0.2) 2021-01-07 20:41:55 Found package: libss2:amd64 (version: 1.45.5-2ubuntu1) 2021-01-07 20:41:55 Found package: libssh-4:amd64 (version: 0.9.3-2ubuntu2.1) 2021-01-07 20:41:55 Found package: libssl1.1:amd64 (version: 1.1.1f-1ubuntu2.1) 2021-01-07 20:41:55 Found package: libstdc++6:amd64 (version: 10.2.0-5ubuntu1~20.04) 2021-01-07 20:41:55 Found package: libstemmer0d:amd64 (version: 0+svn585-2) 2021-01-07 20:41:55 Found package: libsystemd0:amd64 (version: 245.4-4ubuntu3.2) 2021-01-07 20:41:55 Found package: libtasn1-6:amd64 (version: 4.16.0-2) 2021-01-07 20:41:55 Found package: libtdb1:amd64 (version: 1.4.2-3build1) 2021-01-07 20:41:55 Found package: libtext-charwidth-perl (version: 0.04-10) 2021-01-07 20:41:55 Found package: libtext-iconv-perl (version: 1.7-7) 2021-01-07 20:41:55 Found package: libtext-wrapi18n-perl (version: 0.06-9) 2021-01-07 20:41:55 Found package: libtimedate-perl (version: 2.3200-1) 2021-01-07 20:41:55 Found package: libtinfo6:amd64 (version: 6.2-0ubuntu2) 2021-01-07 20:41:55 Found package: libtss2-esys0 (version: 2.3.2-1) 2021-01-07 20:41:55 Found package: libuchardet0:amd64 (version: 0.0.6-3build1) 2021-01-07 20:41:55 Found package: libudev1:amd64 (version: 245.4-4ubuntu3.2) 2021-01-07 20:41:55 Found package: libunistring2:amd64 (version: 0.9.10-2) 2021-01-07 20:41:55 Found package: libunwind8:amd64 (version: 1.2.1-9build1) 2021-01-07 20:41:55 Found package: liburcu6:amd64 (version: 0.11.1-2) 2021-01-07 20:41:55 Found package: liburi-perl (version: 1.76-2) 2021-01-07 20:41:55 Found package: libusb-1.0-0:amd64 (version: 2:1.0.23-2build1) 2021-01-07 20:41:55 Found package: libutempter0:amd64 (version: 1.1.6-4) 2021-01-07 20:41:55 Found package: libuuid1:amd64 (version: 2.34-0.1ubuntu9) 2021-01-07 20:41:55 Found package: libuv1:amd64 (version: 1.34.2-1ubuntu1.1) 2021-01-07 20:41:55 Found package: libvorbis0a:amd64 (version: 1.3.6-2ubuntu1) 2021-01-07 20:41:55 Found package: libvorbisfile3:amd64 (version: 1.3.6-2ubuntu1) 2021-01-07 20:41:55 Found package: libwind0-heimdal:amd64 (version: 7.7.0+dfsg-1ubuntu1) 2021-01-07 20:41:55 Found package: libx11-6:amd64 (version: 2:1.6.9-2ubuntu1.1) 2021-01-07 20:41:55 Found package: libx11-data (version: 2:1.6.9-2ubuntu1.1) 2021-01-07 20:41:55 Found package: libxau6:amd64 (version: 1:1.0.9-0ubuntu1) 2021-01-07 20:41:55 Found package: libxcb1:amd64 (version: 1.14-2) 2021-01-07 20:41:55 Found package: libxdmcp6:amd64 (version: 1:1.1.3-0ubuntu1) 2021-01-07 20:41:55 Found package: libxext6:amd64 (version: 2:1.3.4-0ubuntu1) 2021-01-07 20:41:55 Found package: libxml2:amd64 (version: 2.9.10+dfsg-5) 2021-01-07 20:41:55 Found package: libxmlb1:amd64 (version: 0.1.15-2) 2021-01-07 20:41:55 Found package: libxmlsec1-openssl:amd64 (version: 1.2.28-2) 2021-01-07 20:41:55 Found package: libxmlsec1:amd64 (version: 1.2.28-2) 2021-01-07 20:41:55 Found package: libxmuu1:amd64 (version: 2:1.1.3-0ubuntu1) 2021-01-07 20:41:55 Found package: libxslt1.1:amd64 (version: 1.1.34-4) 2021-01-07 20:41:55 Found package: libxtables12:amd64 (version: 1.8.4-3ubuntu2) 2021-01-07 20:41:55 Found package: libyaml-0-2:amd64 (version: 0.2.2-1) 2021-01-07 20:41:55 Found package: libzstd1:amd64 (version: 1.4.4+dfsg-3) 2021-01-07 20:41:55 Found package: linux-base (version: 4.5ubuntu3.1) 2021-01-07 20:41:55 Found package: linux-firmware (version: 1.187.7) 2021-01-07 20:41:55 Found package: linux-generic (version: 5.4.0.59.62) 2021-01-07 20:41:55 Found package: linux-headers-5.4.0-59 (version: 5.4.0-59.65) 2021-01-07 20:41:55 Found package: linux-headers-5.4.0-59-generic (version: 5.4.0-59.65) 2021-01-07 20:41:55 Found package: linux-headers-generic (version: 5.4.0.59.62) 2021-01-07 20:41:55 Found package: linux-image-5.4.0-59-generic (version: 5.4.0-59.65) 2021-01-07 20:41:55 Found package: linux-image-generic (version: 5.4.0.59.62) 2021-01-07 20:41:55 Found package: linux-modules-5.4.0-59-generic (version: 5.4.0-59.65) 2021-01-07 20:41:55 Found package: linux-modules-extra-5.4.0-59-generic (version: 5.4.0-59.65) 2021-01-07 20:41:55 Found package: locales (version: 2.31-0ubuntu9) 2021-01-07 20:41:55 Found package: login (version: 1:4.8.1-1ubuntu5.20.04) 2021-01-07 20:41:55 Found package: logrotate (version: 3.14.0-4ubuntu3) 2021-01-07 20:41:55 Found package: logsave (version: 1.45.5-2ubuntu1) 2021-01-07 20:41:55 Found package: lsb-base (version: 11.1.0ubuntu2) 2021-01-07 20:41:55 Found package: lsb-release (version: 11.1.0ubuntu2) 2021-01-07 20:41:55 Found package: lshw (version: 02.18.85-0.3ubuntu2) 2021-01-07 20:41:55 Found package: lsof (version: 4.93.2+dfsg-1) 2021-01-07 20:41:55 Found package: ltrace (version: 0.7.3-6.1ubuntu1) 2021-01-07 20:41:55 Found package: lvm2 (version: 2.03.07-1ubuntu1) 2021-01-07 20:41:55 Found package: lxd-agent-loader (version: 0.4) 2021-01-07 20:41:55 Found package: lz4 (version: 1.9.2-2) 2021-01-07 20:41:55 Found package: man-db (version: 2.9.1-1) 2021-01-07 20:41:55 Found package: manpages (version: 5.05-1) 2021-01-07 20:41:55 Found package: mawk (version: 1.3.4.20200120-2) 2021-01-07 20:41:55 Found package: mdadm (version: 4.1-5ubuntu1) 2021-01-07 20:41:55 Found package: mecab-ipadic (version: 2.7.0-20070801+main-2.1) 2021-01-07 20:41:55 Found package: mecab-ipadic-utf8 (version: 2.7.0-20070801+main-2.1) 2021-01-07 20:41:55 Found package: mecab-utils (version: 0.996-10build1) 2021-01-07 20:41:55 Found package: mime-support (version: 3.64ubuntu1) 2021-01-07 20:41:55 Found package: mount (version: 2.34-0.1ubuntu9) 2021-01-07 20:41:55 Found package: mtr-tiny (version: 0.93-1) 2021-01-07 20:41:55 Found package: multipath-tools (version: 0.8.3-1ubuntu2) 2021-01-07 20:41:55 Found package: mysql-client-8.0 (version: 8.0.22-0ubuntu0.20.04.3) 2021-01-07 20:41:55 Found package: mysql-client-core-8.0 (version: 8.0.22-0ubuntu0.20.04.3) 2021-01-07 20:41:55 Found package: mysql-common (version: 5.8+1.0.5ubuntu2) 2021-01-07 20:41:55 Found package: mysql-server (version: 8.0.22-0ubuntu0.20.04.3) 2021-01-07 20:41:55 Found package: mysql-server-8.0 (version: 8.0.22-0ubuntu0.20.04.3) 2021-01-07 20:41:55 Found package: mysql-server-core-8.0 (version: 8.0.22-0ubuntu0.20.04.3) 2021-01-07 20:41:55 Found package: nano (version: 4.8-1ubuntu1) 2021-01-07 20:41:55 Found package: ncurses-base (version: 6.2-0ubuntu2) 2021-01-07 20:41:55 Found package: ncurses-bin (version: 6.2-0ubuntu2) 2021-01-07 20:41:55 Found package: net-tools (version: 1.60+git20180626.aebd88e-1ubuntu1) 2021-01-07 20:41:55 Found package: netbase (version: 6.1) 2021-01-07 20:41:55 Found package: netcat-openbsd (version: 1.206-1ubuntu1) 2021-01-07 20:41:55 Found package: netplan.io (version: 0.99-0ubuntu3~20.04.2) 2021-01-07 20:41:55 Found package: networkd-dispatcher (version: 2.0.1-1) 2021-01-07 20:41:56 Found package: ntfs-3g (version: 1:2017.3.23AR.3-3ubuntu1) 2021-01-07 20:41:56 Found package: open-iscsi (version: 2.0.874-7.1ubuntu6.1) 2021-01-07 20:41:56 Found package: open-vm-tools (version: 2:11.0.5-4) 2021-01-07 20:41:56 Found package: openssh-client (version: 1:8.2p1-4ubuntu0.1) 2021-01-07 20:41:56 Found package: openssl (version: 1.1.1f-1ubuntu2.1) 2021-01-07 20:41:56 Found package: os-prober (version: 1.74ubuntu2) 2021-01-07 20:41:56 Found package: overlayroot (version: 0.45ubuntu1) 2021-01-07 20:41:56 Found package: packagekit (version: 1.1.13-2ubuntu1.1) 2021-01-07 20:41:56 Found package: packagekit-tools (version: 1.1.13-2ubuntu1.1) 2021-01-07 20:41:56 Found package: parted (version: 3.3-4) 2021-01-07 20:41:56 Found package: passwd (version: 1:4.8.1-1ubuntu5.20.04) 2021-01-07 20:41:56 Found package: pastebinit (version: 1.5.1-1) 2021-01-07 20:41:56 Found package: patch (version: 2.7.6-6) 2021-01-07 20:41:56 Found package: pci.ids (version: 0.0~2020.03.20-1) 2021-01-07 20:41:56 Found package: pciutils (version: 1:3.6.4-1) 2021-01-07 20:41:56 Found package: perl (version: 5.30.0-9ubuntu0.2) 2021-01-07 20:41:56 Found package: perl-base (version: 5.30.0-9ubuntu0.2) 2021-01-07 20:41:56 Found package: perl-modules-5.30 (version: 5.30.0-9ubuntu0.2) 2021-01-07 20:41:56 Found package: php (version: 2:7.4+75) 2021-01-07 20:41:56 Found package: php-common (version: 2:75) 2021-01-07 20:41:56 Found package: php-mysql (version: 2:7.4+75) 2021-01-07 20:41:56 Found package: php7.4 (version: 7.4.3-4ubuntu2.4) 2021-01-07 20:41:56 Found package: php7.4-cli (version: 7.4.3-4ubuntu2.4) 2021-01-07 20:41:56 Found package: php7.4-common (version: 7.4.3-4ubuntu2.4) 2021-01-07 20:41:56 Found package: php7.4-json (version: 7.4.3-4ubuntu2.4) 2021-01-07 20:41:56 Found package: php7.4-mysql (version: 7.4.3-4ubuntu2.4) 2021-01-07 20:41:56 Found package: php7.4-opcache (version: 7.4.3-4ubuntu2.4) 2021-01-07 20:41:56 Found package: php7.4-readline (version: 7.4.3-4ubuntu2.4) 2021-01-07 20:41:56 Found package: pinentry-curses (version: 1.1.0-3build1) 2021-01-07 20:41:56 Found package: plymouth (version: 0.9.4git20200323-0ubuntu6) 2021-01-07 20:41:56 Found package: plymouth-theme-ubuntu-text (version: 0.9.4git20200323-0ubuntu6) 2021-01-07 20:41:56 Found package: policykit-1 (version: 0.105-26ubuntu1) 2021-01-07 20:41:56 Found package: pollinate (version: 4.33-3ubuntu1) 2021-01-07 20:41:56 Found package: popularity-contest (version: 1.69ubuntu1) 2021-01-07 20:41:56 Found package: powermgmt-base (version: 1.36) 2021-01-07 20:41:56 Found package: procps (version: 2:3.3.16-1ubuntu2) 2021-01-07 20:41:56 Found package: psmisc (version: 23.3-1) 2021-01-07 20:41:56 Found package: publicsuffix (version: 20200303.0012-1) 2021-01-07 20:41:56 Found package: python-apt-common (version: 2.0.0ubuntu0.20.04.3) 2021-01-07 20:41:56 Found package: python3 (version: 3.8.2-0ubuntu2) 2021-01-07 20:41:56 Found package: python3-apport (version: 2.20.11-0ubuntu27.12) 2021-01-07 20:41:56 Found package: python3-apt (version: 2.0.0ubuntu0.20.04.3) 2021-01-07 20:41:56 Found package: python3-attr (version: 19.3.0-2) 2021-01-07 20:41:56 Found package: python3-automat (version: 0.8.0-1ubuntu1) 2021-01-07 20:41:56 Found package: python3-blinker (version: 1.4+dfsg1-0.3ubuntu1) 2021-01-07 20:41:56 Found package: python3-certifi (version: 2019.11.28-1) 2021-01-07 20:41:56 Found package: python3-cffi-backend (version: 1.14.0-1build1) 2021-01-07 20:41:56 Found package: python3-chardet (version: 3.0.4-4build1) 2021-01-07 20:41:56 Found package: python3-click (version: 7.0-3) 2021-01-07 20:41:56 Found package: python3-colorama (version: 0.4.3-1build1) 2021-01-07 20:41:56 Found package: python3-commandnotfound (version: 20.04.2) 2021-01-07 20:41:56 Found package: python3-configobj (version: 5.0.6-4) 2021-01-07 20:41:56 Found package: python3-constantly (version: 15.1.0-1build1) 2021-01-07 20:41:56 Found package: python3-cryptography (version: 2.8-3ubuntu0.1) 2021-01-07 20:41:56 Found package: python3-dbus (version: 1.2.16-1build1) 2021-01-07 20:41:56 Found package: python3-debconf (version: 1.5.73) 2021-01-07 20:41:56 Found package: python3-debian (version: 0.1.36ubuntu1) 2021-01-07 20:41:56 Found package: python3-distro (version: 1.4.0-1) 2021-01-07 20:41:56 Found package: python3-distro-info (version: 0.23ubuntu1) 2021-01-07 20:41:56 Found package: python3-distupgrade (version: 1:20.04.23) 2021-01-07 20:41:56 Found package: python3-distutils (version: 3.8.5-1~20.04.1) 2021-01-07 20:41:56 Found package: python3-entrypoints (version: 0.3-2ubuntu1) 2021-01-07 20:41:56 Found package: python3-gdbm:amd64 (version: 3.8.5-1~20.04.1) 2021-01-07 20:41:56 Found package: python3-gi (version: 3.36.0-1) 2021-01-07 20:41:56 Found package: python3-hamcrest (version: 1.9.0-3) 2021-01-07 20:41:56 Found package: python3-httplib2 (version: 0.14.0-1ubuntu1) 2021-01-07 20:41:56 Found package: python3-hyperlink (version: 19.0.0-1) 2021-01-07 20:41:56 Found package: python3-idna (version: 2.8-1) 2021-01-07 20:41:56 Found package: python3-importlib-metadata (version: 1.5.0-1) 2021-01-07 20:41:56 Found package: python3-incremental (version: 16.10.1-3.2) 2021-01-07 20:41:56 Found package: python3-jinja2 (version: 2.10.1-2) 2021-01-07 20:41:56 Found package: python3-json-pointer (version: 2.0-0ubuntu1) 2021-01-07 20:41:56 Found package: python3-jsonpatch (version: 1.23-3) 2021-01-07 20:41:56 Found package: python3-jsonschema (version: 3.2.0-0ubuntu2) 2021-01-07 20:41:56 Found package: python3-jwt (version: 1.7.1-2ubuntu2) 2021-01-07 20:41:56 Found package: python3-keyring (version: 18.0.1-2ubuntu1) 2021-01-07 20:41:56 Found package: python3-launchpadlib (version: 1.10.13-1) 2021-01-07 20:41:56 Found package: python3-lazr.restfulclient (version: 0.14.2-2build1) 2021-01-07 20:41:56 Found package: python3-lazr.uri (version: 1.0.3-4build1) 2021-01-07 20:41:56 Found package: python3-lib2to3 (version: 3.8.5-1~20.04.1) 2021-01-07 20:41:56 Found package: python3-markupsafe (version: 1.1.0-1build2) 2021-01-07 20:41:56 Found package: python3-minimal (version: 3.8.2-0ubuntu2) 2021-01-07 20:41:56 Found package: python3-more-itertools (version: 4.2.0-1build1) 2021-01-07 20:41:56 Found package: python3-nacl (version: 1.3.0-5) 2021-01-07 20:41:56 Found package: python3-netifaces (version: 0.10.4-1ubuntu4) 2021-01-07 20:41:56 Found package: python3-newt:amd64 (version: 0.52.21-4ubuntu2) 2021-01-07 20:41:56 Found package: python3-oauthlib (version: 3.1.0-1ubuntu2) 2021-01-07 20:41:56 Found package: python3-openssl (version: 19.0.0-1build1) 2021-01-07 20:41:56 Found package: python3-pkg-resources (version: 45.2.0-1) 2021-01-07 20:41:56 Found package: python3-problem-report (version: 2.20.11-0ubuntu27.12) 2021-01-07 20:41:56 Found package: python3-pyasn1 (version: 0.4.2-3build1) 2021-01-07 20:41:56 Found package: python3-pyasn1-modules (version: 0.2.1-0.2build1) 2021-01-07 20:41:56 Found package: python3-pymacaroons (version: 0.13.0-3) 2021-01-07 20:41:56 Found package: python3-pyrsistent:amd64 (version: 0.15.5-1build1) 2021-01-07 20:41:56 Found package: python3-requests (version: 2.22.0-2ubuntu1) 2021-01-07 20:41:56 Found package: python3-requests-unixsocket (version: 0.2.0-2) 2021-01-07 20:41:56 Found package: python3-secretstorage (version: 2.3.1-2ubuntu1) 2021-01-07 20:41:56 Found package: python3-serial (version: 3.4-5.1) 2021-01-07 20:41:56 Found package: python3-service-identity (version: 18.1.0-5build1) 2021-01-07 20:41:56 Found package: python3-setuptools (version: 45.2.0-1) 2021-01-07 20:41:56 Found package: python3-simplejson (version: 3.16.0-2ubuntu2) 2021-01-07 20:41:56 Found package: python3-six (version: 1.14.0-2) 2021-01-07 20:41:56 Found package: python3-software-properties (version: 0.98.9.2) 2021-01-07 20:41:56 Found package: python3-systemd (version: 234-3build2) 2021-01-07 20:41:56 Found package: python3-twisted (version: 18.9.0-11) 2021-01-07 20:41:56 Found package: python3-twisted-bin:amd64 (version: 18.9.0-11) 2021-01-07 20:41:56 Found package: python3-update-manager (version: 1:20.04.10.1) 2021-01-07 20:41:56 Found package: python3-urllib3 (version: 1.25.8-2ubuntu0.1) 2021-01-07 20:41:56 Found package: python3-wadllib (version: 1.3.3-3build1) 2021-01-07 20:41:56 Found package: python3-yaml (version: 5.3.1-1) 2021-01-07 20:41:56 Found package: python3-zipp (version: 1.0.0-1) 2021-01-07 20:41:56 Found package: python3-zope.interface (version: 4.7.1-1) 2021-01-07 20:41:56 Found package: python3.8 (version: 3.8.5-1~20.04) 2021-01-07 20:41:56 Found package: python3.8-minimal (version: 3.8.5-1~20.04) 2021-01-07 20:41:56 Found package: readline-common (version: 8.0-4) 2021-01-07 20:41:56 Found package: rsync (version: 3.1.3-8) 2021-01-07 20:41:56 Found package: rsyslog (version: 8.2001.0-1ubuntu1) 2021-01-07 20:41:56 Found package: run-one (version: 1.17-0ubuntu1) 2021-01-07 20:41:56 Found package: sbsigntool (version: 0.9.2-2ubuntu1) 2021-01-07 20:41:56 Found package: screen (version: 4.8.0-1) 2021-01-07 20:41:56 Found package: secureboot-db (version: 1.5) 2021-01-07 20:41:56 Found package: sed (version: 4.7-1) 2021-01-07 20:41:56 Found package: sensible-utils (version: 0.0.12+nmu1) 2021-01-07 20:41:56 Found package: sg3-utils (version: 1.44-1ubuntu2) 2021-01-07 20:41:56 Found package: sg3-utils-udev (version: 1.44-1ubuntu2) 2021-01-07 20:41:56 Found package: shared-mime-info (version: 1.15-1) 2021-01-07 20:41:56 Found package: snapd (version: 2.45.1+20.04.2) 2021-01-07 20:41:56 Found package: software-properties-common (version: 0.98.9.2) 2021-01-07 20:41:56 Found package: sosreport (version: 3.9.1-1ubuntu0.20.04.2) 2021-01-07 20:41:56 Found package: sound-theme-freedesktop (version: 0.8-2ubuntu1) 2021-01-07 20:41:56 Found package: squashfs-tools (version: 1:4.4-1) 2021-01-07 20:41:56 Found package: ssl-cert (version: 1.0.39) 2021-01-07 20:41:56 Found package: strace (version: 5.5-3ubuntu1) 2021-01-07 20:41:56 Found package: sudo (version: 1.8.31-1ubuntu1) 2021-01-07 20:41:56 Found package: systemd (version: 245.4-4ubuntu3.2) 2021-01-07 20:41:56 Found package: systemd-sysv (version: 245.4-4ubuntu3.2) 2021-01-07 20:41:56 Found package: systemd-timesyncd (version: 245.4-4ubuntu3.2) 2021-01-07 20:41:56 Found package: sysvinit-utils (version: 2.96-2.1ubuntu1) 2021-01-07 20:41:56 Found package: tar (version: 1.30+dfsg-7) 2021-01-07 20:41:56 Found package: tcpdump (version: 4.9.3-4) 2021-01-07 20:41:56 Found package: telnet (version: 0.17-41.2build1) 2021-01-07 20:41:56 Found package: thermald (version: 1.9.1-1ubuntu0.3) 2021-01-07 20:41:56 Found package: thin-provisioning-tools (version: 0.8.5-4build1) 2021-01-07 20:41:56 Found package: time (version: 1.7-25.1build1) 2021-01-07 20:41:56 Found package: tmux (version: 3.0a-2ubuntu0.2) 2021-01-07 20:41:56 Found package: tpm-udev (version: 0.4) 2021-01-07 20:41:56 Found package: tzdata (version: 2020d-0ubuntu0.20.04) 2021-01-07 20:41:56 Found package: ubuntu-advantage-tools (version: 20.3) 2021-01-07 20:41:56 Found package: ubuntu-keyring (version: 2020.02.11.2) 2021-01-07 20:41:56 Found package: ubuntu-minimal (version: 1.450.1) 2021-01-07 20:41:56 Found package: ubuntu-release-upgrader-core (version: 1:20.04.23) 2021-01-07 20:41:56 Found package: ubuntu-server (version: 1.450.1) 2021-01-07 20:41:56 Found package: ubuntu-standard (version: 1.450.1) 2021-01-07 20:41:56 Found package: ucf (version: 3.0038+nmu1) 2021-01-07 20:41:56 Found package: udev (version: 245.4-4ubuntu3.2) 2021-01-07 20:41:56 Found package: ufw (version: 0.36-6) 2021-01-07 20:41:56 Found package: unattended-upgrades (version: 2.3) 2021-01-07 20:41:56 Found package: update-manager-core (version: 1:20.04.10.1) 2021-01-07 20:41:56 Found package: update-notifier-common (version: 3.192.30) 2021-01-07 20:41:56 Found package: usb.ids (version: 2020.03.19-1) 2021-01-07 20:41:56 Found package: usbutils (version: 1:012-2) 2021-01-07 20:41:56 Found package: util-linux (version: 2.34-0.1ubuntu9) 2021-01-07 20:41:56 Found package: uuid-runtime (version: 2.34-0.1ubuntu9) 2021-01-07 20:41:56 Found package: vim (version: 2:8.1.2269-1ubuntu5) 2021-01-07 20:41:56 Found package: vim-common (version: 2:8.1.2269-1ubuntu5) 2021-01-07 20:41:56 Found package: vim-runtime (version: 2:8.1.2269-1ubuntu5) 2021-01-07 20:41:56 Found package: vim-tiny (version: 2:8.1.2269-1ubuntu5) 2021-01-07 20:41:56 Found package: wget (version: 1.20.3-1ubuntu1) 2021-01-07 20:41:56 Found package: whiptail (version: 0.52.21-4ubuntu2) 2021-01-07 20:41:56 Found package: wireless-regdb (version: 2020.11.20-0ubuntu1~20.04.1) 2021-01-07 20:41:56 Found package: xauth (version: 1:1.1-0ubuntu1) 2021-01-07 20:41:56 Found package: xdg-user-dirs (version: 0.17-2ubuntu1) 2021-01-07 20:41:56 Found package: xfsprogs (version: 5.3.0-1ubuntu2) 2021-01-07 20:41:56 Found package: xkb-data (version: 2.29-2) 2021-01-07 20:41:56 Found package: xxd (version: 2:8.1.2269-1ubuntu5) 2021-01-07 20:41:56 Found package: xz-utils (version: 5.2.4-1) 2021-01-07 20:41:56 Found package: zerofree (version: 1.1.1-1) 2021-01-07 20:41:56 Found package: zlib1g:amd64 (version: 1:1.2.11.dfsg-2ubuntu1) 2021-01-07 20:41:56 ==== 2021-01-07 20:41:56 Performing test ID PKGS-7346 (Search unpurged packages on system) 2021-01-07 20:41:56 Test: Querying dpkg -l to get unpurged packages 2021-01-07 20:41:56 Result: no packages found with left overs 2021-01-07 20:41:56 ==== 2021-01-07 20:41:56 Skipped test PKGS-7348 (Check for old distfiles) 2021-01-07 20:41:56 Reason to skip: Incorrect guest OS (FreeBSD only) 2021-01-07 20:41:56 ==== 2021-01-07 20:41:56 Skipped test PKGS-7350 (Checking for installed packages with DNF utility) 2021-01-07 20:41:56 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:41:56 ==== 2021-01-07 20:41:56 Skipped test PKGS-7352 (Checking for security updates with DNF utility) 2021-01-07 20:41:56 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:41:56 ==== 2021-01-07 20:41:56 Skipped test PKGS-7354 (Checking package database integrity) 2021-01-07 20:41:56 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:41:56 ==== 2021-01-07 20:41:56 Skipped test PKGS-7366 (Checking for debsecan utility) 2021-01-07 20:41:56 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:41:56 ==== 2021-01-07 20:41:56 Performing test ID PKGS-7370 (Checking for debsums utility) 2021-01-07 20:41:56 Result: debsums utility is not installed. 2021-01-07 20:41:56 Hardening: assigned partial number of hardening points (0 of 2). Currently having 107 points (out of 155) 2021-01-07 20:41:56 Suggestion: Install debsums utility for the verification of packages with known good database. [test:PKGS-7370] [details:-] [solution:-] 2021-01-07 20:41:56 ==== 2021-01-07 20:41:56 Skipped test PKGS-7378 (Query portmaster for port upgrades) 2021-01-07 20:41:56 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:41:56 ==== 2021-01-07 20:41:57 Skipped test PKGS-7380 (Check for vulnerable NetBSD packages) 2021-01-07 20:41:57 Reason to skip: Incorrect guest OS (NetBSD only) 2021-01-07 20:41:57 ==== 2021-01-07 20:41:57 Skipped test PKGS-7381 (Check for vulnerable FreeBSD packages with pkg) 2021-01-07 20:41:57 Reason to skip: pkg tool not available 2021-01-07 20:41:57 ==== 2021-01-07 20:41:57 Skipped test PKGS-7382 (Check for vulnerable FreeBSD packages with portaudit) 2021-01-07 20:41:57 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:41:57 ==== 2021-01-07 20:41:57 Skipped test PKGS-7383 (Check for YUM package update management) 2021-01-07 20:41:57 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:41:57 ==== 2021-01-07 20:41:57 Skipped test PKGS-7384 (Check for YUM utils package) 2021-01-07 20:41:57 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:41:57 ==== 2021-01-07 20:41:57 Skipped test PKGS-7386 (Check for YUM security package) 2021-01-07 20:41:57 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:41:57 ==== 2021-01-07 20:41:57 Skipped test PKGS-7387 (Check for GPG signing in YUM security package) 2021-01-07 20:41:57 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:41:57 ==== 2021-01-07 20:41:57 Performing test ID PKGS-7388 (Check security repository in apt sources.list file) 2021-01-07 20:41:57 Searching for security.debian.org/security.ubuntu.com or security repositories in /etc/apt/sources.list file 2021-01-07 20:41:57 Result: Found security repository in /etc/apt/sources.list 2021-01-07 20:41:57 Output: deb http://de.archive.ubuntu.com/ubuntu focal-security main restricted 2021-01-07 20:41:57 Output: deb http://de.archive.ubuntu.com/ubuntu focal-security universe 2021-01-07 20:41:57 Output: deb http://de.archive.ubuntu.com/ubuntu focal-security multiverse 2021-01-07 20:41:57 Searching for security.debian.org/security.ubuntu.com or security repositories in /etc/apt/sources.list.d directory 2021-01-07 20:41:57 Result: security repository was found 2021-01-07 20:41:57 Hardening: assigned maximum number of hardening points for this item (3). Currently having 110 points (out of 158) 2021-01-07 20:41:57 ==== 2021-01-07 20:41:57 Performing test ID PKGS-7390 (Check Ubuntu database consistency) 2021-01-07 20:41:57 Test: Package database consistency by running apt-get check 2021-01-07 20:41:57 Result: package database seems to be consistent. 2021-01-07 20:41:57 ==== 2021-01-07 20:41:57 Performing test ID PKGS-7392 (Check for Debian/Ubuntu security updates) 2021-01-07 20:41:57 Action: updating package repository with apt-get 2021-01-07 20:41:59 Result: apt-get finished 2021-01-07 20:41:59 Test: Checking if /usr/lib/update-notifier/apt-check exists 2021-01-07 20:41:59 Result: found /usr/lib/update-notifier/apt-check 2021-01-07 20:41:59 Test: checking if any of the updates contain security updates 2021-01-07 20:42:02 Result: no vulnerable packages found via apt-check 2021-01-07 20:42:03 Result: no vulnerable packages found 2021-01-07 20:42:03 ==== 2021-01-07 20:42:03 Skipped test PKGS-7393 (Check for Gentoo vulnerable packages) 2021-01-07 20:42:03 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:03 ==== 2021-01-07 20:42:03 Performing test ID PKGS-7394 (Check for Ubuntu updates) 2021-01-07 20:42:03 Test: checking /usr/bin/apt-show-versions 2021-01-07 20:42:03 Result: /usr/bin/apt-show-versions not found 2021-01-07 20:42:03 Suggestion: Install package apt-show-versions for patch management purposes [test:PKGS-7394] [details:-] [solution:-] 2021-01-07 20:42:03 ==== 2021-01-07 20:42:03 Performing test ID PKGS-7398 (Check for package audit tool) 2021-01-07 20:42:03 Test: checking for package audit tool 2021-01-07 20:42:03 Result: found package audit tool: apt-check 2021-01-07 20:42:03 ==== 2021-01-07 20:42:03 Performing test ID PKGS-7410 (Count installed kernel packages) 2021-01-07 20:42:03 Test: Checking how many kernel packages are installed 2021-01-07 20:42:03 Result: found 1 kernel packages on the system, which is fine 2021-01-07 20:42:03 ==== 2021-01-07 20:42:03 Performing test ID PKGS-7420 (Detect toolkit to automatically download and apply upgrades) 2021-01-07 20:42:03 Result: found unattended-upgrade 2021-01-07 20:42:03 Hardening: assigned maximum number of hardening points for this item (5). Currently having 115 points (out of 163) 2021-01-07 20:42:03 Security check: file is normal 2021-01-07 20:42:03 Checking permissions of /root/scans/lynis/include/tests_networking 2021-01-07 20:42:03 File permissions are OK 2021-01-07 20:42:03 ==== 2021-01-07 20:42:03 Action: Performing tests from category: Networking 2021-01-07 20:42:03 ==== 2021-01-07 20:42:03 Performing test ID NETW-2400 (Hostname length and value check) 2021-01-07 20:42:03 Result: FQDN is defined and not longer than 253 characters (11 characters) 2021-01-07 20:42:03 Result: hostnamed is defined and not longer than 63 characters 2021-01-07 20:42:03 Result: good, no unexpected characters discovered in hostname 2021-01-07 20:42:03 ==== 2021-01-07 20:42:03 Performing test ID NETW-2600 (Checking IPv6 configuration) 2021-01-07 20:42:04 Result: IPV6 mode is auto 2021-01-07 20:42:04 Result: IPv6 only configuration: NO 2021-01-07 20:42:04 ==== 2021-01-07 20:42:04 Performing test ID NETW-2704 (Basic nameserver configuration tests) 2021-01-07 20:42:04 Test: Checking /etc/resolv.conf file 2021-01-07 20:42:04 Result: Found /etc/resolv.conf file 2021-01-07 20:42:04 Test: Querying nameservers 2021-01-07 20:42:04 Found nameserver: 127.0.0.53 2021-01-07 20:42:04 Nameserver 127.0.0.53 seems to respond to queries from this host. 2021-01-07 20:42:04 ==== 2021-01-07 20:42:04 Skipped test NETW-2705 (Check availability two nameservers) 2021-01-07 20:42:04 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:04 Result: Test most likely skipped due having local resolver in /etc/resolv.conf 2021-01-07 20:42:04 ==== 2021-01-07 20:42:04 Performing test ID NETW-2706 (Check systemd-resolved and upstream DNSSEC status) 2021-01-07 20:42:04 Result: DNSSEC not supported by systemd-resolved or upstream DNS servers 2021-01-07 20:42:04 ==== 2021-01-07 20:42:04 Performing test ID NETW-3001 (Find default gateway (route)) 2021-01-07 20:42:04 Test: Searching default gateway(s) 2021-01-07 20:42:04 Result: Found default gateway 192.168.37.2 2021-01-07 20:42:04 ==== 2021-01-07 20:42:04 Performing test ID NETW-3004 (Search for available network interfaces) 2021-01-07 20:42:04 Found network interface: lo 2021-01-07 20:42:04 Found network interface: ens33 2021-01-07 20:42:04 ==== 2021-01-07 20:42:04 Performing test ID NETW-3006 (Get network MAC addresses) 2021-01-07 20:42:04 Found MAC address: 00:0c:29:4c:fa:60 2021-01-07 20:42:04 ==== 2021-01-07 20:42:04 Performing test ID NETW-3008 (Get network IP addresses) 2021-01-07 20:42:04 Found IPv4 address: 192.168.37.134 2021-01-07 20:42:04 Found IPv4 address: 127.0.0.1 2021-01-07 20:42:04 Found IPv6 address: fe80::20c:29ff:fe4c:fa60 2021-01-07 20:42:04 Found IPv6 address: ::1 2021-01-07 20:42:04 ==== 2021-01-07 20:42:04 Performing test ID NETW-3012 (Check listening ports) 2021-01-07 20:42:04 Test: Retrieving ss information to find listening ports 2021-01-07 20:42:04 ==== 2021-01-07 20:42:04 Skipped test NETW-3014 (Checking promiscuous interfaces (BSD)) 2021-01-07 20:42:04 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:04 ==== 2021-01-07 20:42:04 Performing test ID NETW-3015 (Checking promiscuous interfaces (Linux)) 2021-01-07 20:42:04 Test: Using ip binary to retrieve network interfaces 2021-01-07 20:42:04 Test: Checking all interfaces to discover any with promiscuous mode enabled 2021-01-07 20:42:04 Result: No promiscuous interfaces found 2021-01-07 20:42:04 ==== 2021-01-07 20:42:04 Performing test ID NETW-3028 (Checking connections in WAIT state) 2021-01-07 20:42:04 Test: Using netstat for check for connections in WAIT state 2021-01-07 20:42:04 Result: currently 1 connections are in a waiting state (max configured: 5000). 2021-01-07 20:42:04 Result: 1 connections are in WAIT state 2021-01-07 20:42:04 ==== 2021-01-07 20:42:04 Performing test ID NETW-3030 (Checking DHCP client status) 2021-01-07 20:42:04 Performing pgrep scan without uid 2021-01-07 20:42:04 IsRunning: process 'dhclient' not found 2021-01-07 20:42:04 Performing pgrep scan without uid 2021-01-07 20:42:04 IsRunning: process 'dhcpcd' not found 2021-01-07 20:42:04 Performing pgrep scan without uid 2021-01-07 20:42:04 IsRunning: process 'udhcpc' not found 2021-01-07 20:42:04 ==== 2021-01-07 20:42:04 Performing test ID NETW-3032 (Checking for ARP monitoring software) 2021-01-07 20:42:04 Performing pgrep scan without uid 2021-01-07 20:42:05 IsRunning: process 'addrwatch' not found 2021-01-07 20:42:05 Performing pgrep scan without uid 2021-01-07 20:42:05 IsRunning: process 'arpwatch' not found 2021-01-07 20:42:05 Performing pgrep scan without uid 2021-01-07 20:42:05 IsRunning: process 'arpon' not found 2021-01-07 20:42:05 ==== 2021-01-07 20:42:05 Performing test ID NETW-3200 (Determine available network protocols) 2021-01-07 20:42:05 Test: checking the status of some network protocols that typically are not used 2021-01-07 20:42:05 Test: now checking module 'dccp' 2021-01-07 20:42:05 Suggestion: Determine if protocol 'dccp' is really needed on this system [test:NETW-3200] [details:-] [solution:-] 2021-01-07 20:42:05 Test: now checking module 'sctp' 2021-01-07 20:42:05 Suggestion: Determine if protocol 'sctp' is really needed on this system [test:NETW-3200] [details:-] [solution:-] 2021-01-07 20:42:05 Test: now checking module 'rds' 2021-01-07 20:42:05 Suggestion: Determine if protocol 'rds' is really needed on this system [test:NETW-3200] [details:-] [solution:-] 2021-01-07 20:42:05 Test: now checking module 'tipc' 2021-01-07 20:42:05 Suggestion: Determine if protocol 'tipc' is really needed on this system [test:NETW-3200] [details:-] [solution:-] 2021-01-07 20:42:05 Security check: file is normal 2021-01-07 20:42:05 Checking permissions of /root/scans/lynis/include/tests_printers_spoolers 2021-01-07 20:42:05 File permissions are OK 2021-01-07 20:42:05 ==== 2021-01-07 20:42:05 Action: Performing tests from category: Printers and Spools 2021-01-07 20:42:05 ==== 2021-01-07 20:42:05 Skipped test PRNT-2302 (Check for printcap consistency) 2021-01-07 20:42:05 Reason to skip: Incorrect guest OS (FreeBSD only) 2021-01-07 20:42:05 ==== 2021-01-07 20:42:05 Performing test ID PRNT-2304 (Check cupsd status) 2021-01-07 20:42:05 Test: Checking cupsd status 2021-01-07 20:42:05 Performing pgrep scan without uid 2021-01-07 20:42:05 IsRunning: process 'cupsd' not found 2021-01-07 20:42:05 Result: cups daemon not running, cups daemon tests skipped 2021-01-07 20:42:05 ==== 2021-01-07 20:42:05 Skipped test PRNT-2306 (Check CUPSd configuration file) 2021-01-07 20:42:05 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:05 ==== 2021-01-07 20:42:05 Skipped test PRNT-2307 (Check CUPSd configuration file permissions) 2021-01-07 20:42:05 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:05 ==== 2021-01-07 20:42:05 Skipped test PRNT-2308 (Check CUPSd network configuration) 2021-01-07 20:42:05 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:05 ==== 2021-01-07 20:42:05 Performing test ID PRNT-2314 (Check lpd status) 2021-01-07 20:42:05 Test: Checking lpd status 2021-01-07 20:42:05 Performing pgrep scan without uid 2021-01-07 20:42:05 IsRunning: process 'lpd' not found 2021-01-07 20:42:05 Result: lp daemon not running 2021-01-07 20:42:05 Hardening: assigned maximum number of hardening points for this item (4). Currently having 119 points (out of 167) 2021-01-07 20:42:05 ==== 2021-01-07 20:42:05 Skipped test PRNT-2316 (Checking /etc/qconfig file) 2021-01-07 20:42:05 Reason to skip: Incorrect guest OS (AIX only) 2021-01-07 20:42:05 ==== 2021-01-07 20:42:05 Skipped test PRNT-2418 (Checking qdaemon printer spooler status) 2021-01-07 20:42:05 Reason to skip: Incorrect guest OS (AIX only) 2021-01-07 20:42:05 ==== 2021-01-07 20:42:05 Skipped test PRNT-2420 (Checking old print jobs) 2021-01-07 20:42:05 Reason to skip: Incorrect guest OS (AIX only) 2021-01-07 20:42:05 Security check: file is normal 2021-01-07 20:42:05 Checking permissions of /root/scans/lynis/include/tests_mail_messaging 2021-01-07 20:42:05 File permissions are OK 2021-01-07 20:42:05 ==== 2021-01-07 20:42:05 Action: Performing tests from category: Software: e-mail and messaging 2021-01-07 20:42:05 ==== 2021-01-07 20:42:05 Performing test ID MAIL-8802 (Check Exim status) 2021-01-07 20:42:05 Test: check Exim status 2021-01-07 20:42:05 Performing pgrep scan without uid 2021-01-07 20:42:05 IsRunning: process 'exim4' not found 2021-01-07 20:42:05 Performing pgrep scan without uid 2021-01-07 20:42:05 IsRunning: process 'exim' not found 2021-01-07 20:42:05 Result: no running Exim processes found 2021-01-07 20:42:05 ==== 2021-01-07 20:42:05 Skipped test MAIL-8804 (Exim configuration options) 2021-01-07 20:42:05 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:05 ==== 2021-01-07 20:42:05 Performing test ID MAIL-8814 (Check postfix process status) 2021-01-07 20:42:05 Test: check Postfix status 2021-01-07 20:42:05 Result: no running Postfix processes found 2021-01-07 20:42:05 ==== 2021-01-07 20:42:05 Skipped test MAIL-8816 (Check Postfix configuration) 2021-01-07 20:42:05 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:05 ==== 2021-01-07 20:42:05 Skipped test MAIL-8817 (Check Postfix configuration errors) 2021-01-07 20:42:05 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:05 ==== 2021-01-07 20:42:05 Skipped test MAIL-8818 (Check Postfix configuration: banner) 2021-01-07 20:42:05 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:05 ==== 2021-01-07 20:42:05 Performing test ID MAIL-8820 (Postfix configuration scan) 2021-01-07 20:42:05 ==== 2021-01-07 20:42:05 Performing test ID MAIL-8838 (Check dovecot process) 2021-01-07 20:42:05 Test: check dovecot status 2021-01-07 20:42:05 Performing pgrep scan without uid 2021-01-07 20:42:05 IsRunning: process 'dovecot' not found 2021-01-07 20:42:05 Result: dovecot not found 2021-01-07 20:42:05 ==== 2021-01-07 20:42:05 Performing test ID MAIL-8860 (Check Qmail status) 2021-01-07 20:42:05 Test: check Qmail status 2021-01-07 20:42:05 Performing pgrep scan without uid 2021-01-07 20:42:05 IsRunning: process 'qmail-smtpd' not found 2021-01-07 20:42:05 Result: no running Qmail processes found 2021-01-07 20:42:05 ==== 2021-01-07 20:42:05 Performing test ID MAIL-8880 (Check Sendmail status) 2021-01-07 20:42:05 Test: check sendmail status 2021-01-07 20:42:05 Performing pgrep scan without uid 2021-01-07 20:42:05 IsRunning: process 'sendmail' not found 2021-01-07 20:42:05 Result: no running Sendmail processes found 2021-01-07 20:42:05 ==== 2021-01-07 20:42:05 Skipped test MAIL-8920 (Check OpenSMTPD status) 2021-01-07 20:42:05 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:05 Security check: file is normal 2021-01-07 20:42:05 Checking permissions of /root/scans/lynis/include/tests_firewalls 2021-01-07 20:42:05 File permissions are OK 2021-01-07 20:42:05 ==== 2021-01-07 20:42:05 Action: Performing tests from category: Software: firewalls 2021-01-07 20:42:05 ==== 2021-01-07 20:42:05 Performing test ID FIRE-4502 (Check iptables kernel module) 2021-01-07 20:42:05 Result: Found iptables in loaded kernel modules 2021-01-07 20:42:05 Found module: ip_tables 2021-01-07 20:42:05 ==== 2021-01-07 20:42:05 Performing test ID FIRE-4508 (Check used policies of iptables chains) 2021-01-07 20:42:05 Test: gathering information from table filter 2021-01-07 20:42:05 Result: iptables -- policy is . 2021-01-07 20:42:05 Result: 2021-01-07 20:42:05 Result: iptables filter -- INPUTACCEPTFORWARDACCEPTOUTPUTACCEPT policy is . 2021-01-07 20:42:05 Result: 2021-01-07 20:42:05 ==== 2021-01-07 20:42:05 Performing test ID FIRE-4512 (Check iptables for empty ruleset) 2021-01-07 20:42:05 Result: iptables ruleset seems to be empty (found 0 rules) 2021-01-07 20:42:05 Warning: iptables module(s) loaded, but no rules active [test:FIRE-4512] [details:-] [solution:-] 2021-01-07 20:42:05 ==== 2021-01-07 20:42:05 Performing test ID FIRE-4513 (Check iptables for unused rules) 2021-01-07 20:42:05 Result: There are no unused rules present 2021-01-07 20:42:05 ==== 2021-01-07 20:42:05 Skipped test FIRE-4518 (Check pf firewall components) 2021-01-07 20:42:05 Reason to skip: No /dev/pf device 2021-01-07 20:42:05 ==== 2021-01-07 20:42:05 Skipped test FIRE-4520 (Check pf configuration consistency) 2021-01-07 20:42:05 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:05 ==== 2021-01-07 20:42:05 Performing test ID FIRE-4524 (Check for CSF presence) 2021-01-07 20:42:05 Test: check /etc/csf/csf.conf 2021-01-07 20:42:05 Result: /etc/csf/csf.conf does NOT exist 2021-01-07 20:42:05 ==== 2021-01-07 20:42:06 Skipped test FIRE-4526 (Check ipf status) 2021-01-07 20:42:06 Reason to skip: Incorrect guest OS (Solaris only) 2021-01-07 20:42:06 ==== 2021-01-07 20:42:06 Skipped test FIRE-4530 (Check IPFW status) 2021-01-07 20:42:06 Reason to skip: Incorrect guest OS (FreeBSD only) 2021-01-07 20:42:06 ==== 2021-01-07 20:42:06 Skipped test FIRE-4532 (Check macOS application firewall) 2021-01-07 20:42:06 Reason to skip: Incorrect guest OS (macOS only) 2021-01-07 20:42:06 ==== 2021-01-07 20:42:06 Skipped test FIRE-4534 (Check for presence of outbound firewalls on macOS) 2021-01-07 20:42:06 Reason to skip: Incorrect guest OS (macOS only) 2021-01-07 20:42:06 ==== 2021-01-07 20:42:06 Skipped test FIRE-4536 (Check nftables status) 2021-01-07 20:42:06 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:06 ==== 2021-01-07 20:42:06 Skipped test FIRE-4538 (Check nftables basic configuration) 2021-01-07 20:42:06 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:06 ==== 2021-01-07 20:42:06 Skipped test FIRE-4540 (Check for empty nftables configuration) 2021-01-07 20:42:06 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:06 ==== 2021-01-07 20:42:06 Performing test ID FIRE-4586 (Check firewall logging) 2021-01-07 20:42:06 ==== 2021-01-07 20:42:06 Performing test ID FIRE-4590 (Check firewall status) 2021-01-07 20:42:06 Result: host based firewall or packet filter is active 2021-01-07 20:42:06 Hardening: assigned maximum number of hardening points for this item (5). Currently having 124 points (out of 172) 2021-01-07 20:42:06 ==== 2021-01-07 20:42:06 Performing test ID FIRE-4594 (Check for APF presence) 2021-01-07 20:42:06 Test: check /etc/apf/conf.apf 2021-01-07 20:42:06 Result: /etc/apf/conf.apf does NOT exist 2021-01-07 20:42:06 Security check: file is normal 2021-01-07 20:42:06 Checking permissions of /root/scans/lynis/include/tests_webservers 2021-01-07 20:42:06 File permissions are OK 2021-01-07 20:42:06 ==== 2021-01-07 20:42:06 Action: Performing tests from category: Software: webserver 2021-01-07 20:42:06 Action: created temporary file /tmp/lynis.gBx178xQGW 2021-01-07 20:42:06 Action: created temporary file /tmp/lynis.wlc0zeD5Yl 2021-01-07 20:42:06 ==== 2021-01-07 20:42:06 Performing test ID HTTP-6622 (Checking Apache presence) 2021-01-07 20:42:06 Test: Scanning for Apache binary 2021-01-07 20:42:06 Result: /usr/sbin/apache2 seems to be Apache HTTP daemon 2021-01-07 20:42:06 Apache version: 2.4.41 2021-01-07 20:42:06 ==== 2021-01-07 20:42:06 Performing test ID HTTP-6624 (Testing main Apache configuration file) 2021-01-07 20:42:06 Result: Configuration file found (/etc/apache2/apache2.conf) 2021-01-07 20:42:06 ==== 2021-01-07 20:42:06 Performing test ID HTTP-6626 (Testing other Apache configuration file) 2021-01-07 20:42:06 Apache config file: /etc/apache2/apache2.conf 2021-01-07 20:42:06 Test: check if we can access /etc/apache2/apache2.conf (escaped: /etc/apache2/apache2.conf) 2021-01-07 20:42:06 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:06 Result: file /etc/apache2/apache2.conf is readable (or directory accessible). 2021-01-07 20:42:06 Apache config file: /etc/apache2/conf-available/charset.conf 2021-01-07 20:42:06 Test: check if we can access /etc/apache2/conf-available/charset.conf (escaped: /etc/apache2/conf-available/charset.conf) 2021-01-07 20:42:06 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:06 Result: file /etc/apache2/conf-available/charset.conf is readable (or directory accessible). 2021-01-07 20:42:06 Apache config file: /etc/apache2/conf-available/localized-error-pages.conf 2021-01-07 20:42:06 Test: check if we can access /etc/apache2/conf-available/localized-error-pages.conf (escaped: /etc/apache2/conf-available/localized-error-pages.conf) 2021-01-07 20:42:06 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:06 Result: file /etc/apache2/conf-available/localized-error-pages.conf is readable (or directory accessible). 2021-01-07 20:42:06 Apache config file: /etc/apache2/conf-available/other-vhosts-access-log.conf 2021-01-07 20:42:06 Test: check if we can access /etc/apache2/conf-available/other-vhosts-access-log.conf (escaped: /etc/apache2/conf-available/other-vhosts-access-log.conf) 2021-01-07 20:42:06 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:06 Result: file /etc/apache2/conf-available/other-vhosts-access-log.conf is readable (or directory accessible). 2021-01-07 20:42:06 Apache config file: /etc/apache2/conf-available/security.conf 2021-01-07 20:42:06 Test: check if we can access /etc/apache2/conf-available/security.conf (escaped: /etc/apache2/conf-available/security.conf) 2021-01-07 20:42:06 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:06 Result: file /etc/apache2/conf-available/security.conf is readable (or directory accessible). 2021-01-07 20:42:06 Apache config file: /etc/apache2/conf-available/serve-cgi-bin.conf 2021-01-07 20:42:06 Test: check if we can access /etc/apache2/conf-available/serve-cgi-bin.conf (escaped: /etc/apache2/conf-available/serve-cgi-bin.conf) 2021-01-07 20:42:06 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:06 Result: file /etc/apache2/conf-available/serve-cgi-bin.conf is readable (or directory accessible). 2021-01-07 20:42:06 Apache config file: /etc/apache2/conf-enabled/charset.conf 2021-01-07 20:42:06 Test: check if we can access /etc/apache2/conf-enabled/charset.conf (escaped: /etc/apache2/conf-enabled/charset.conf) 2021-01-07 20:42:06 Action: checking symlink for file /etc/apache2/conf-enabled/charset.conf 2021-01-07 20:42:06 Note: Using real readlink binary to determine symlink on /etc/apache2/conf-enabled/charset.conf 2021-01-07 20:42:06 Result: readlink shows /etc/apache2/conf-available/charset.conf as output 2021-01-07 20:42:06 Result: symlink found, pointing to file /etc/apache2/conf-available/charset.conf 2021-01-07 20:42:06 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:06 Result: file /etc/apache2/conf-available/charset.conf is readable (or directory accessible). 2021-01-07 20:42:06 Apache config file: /etc/apache2/conf-enabled/localized-error-pages.conf 2021-01-07 20:42:06 Test: check if we can access /etc/apache2/conf-enabled/localized-error-pages.conf (escaped: /etc/apache2/conf-enabled/localized-error-pages.conf) 2021-01-07 20:42:06 Action: checking symlink for file /etc/apache2/conf-enabled/localized-error-pages.conf 2021-01-07 20:42:06 Note: Using real readlink binary to determine symlink on /etc/apache2/conf-enabled/localized-error-pages.conf 2021-01-07 20:42:06 Result: readlink shows /etc/apache2/conf-available/localized-error-pages.conf as output 2021-01-07 20:42:06 Result: symlink found, pointing to file /etc/apache2/conf-available/localized-error-pages.conf 2021-01-07 20:42:06 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:06 Result: file /etc/apache2/conf-available/localized-error-pages.conf is readable (or directory accessible). 2021-01-07 20:42:06 Apache config file: /etc/apache2/conf-enabled/other-vhosts-access-log.conf 2021-01-07 20:42:06 Test: check if we can access /etc/apache2/conf-enabled/other-vhosts-access-log.conf (escaped: /etc/apache2/conf-enabled/other-vhosts-access-log.conf) 2021-01-07 20:42:06 Action: checking symlink for file /etc/apache2/conf-enabled/other-vhosts-access-log.conf 2021-01-07 20:42:06 Note: Using real readlink binary to determine symlink on /etc/apache2/conf-enabled/other-vhosts-access-log.conf 2021-01-07 20:42:06 Result: readlink shows /etc/apache2/conf-available/other-vhosts-access-log.conf as output 2021-01-07 20:42:06 Result: symlink found, pointing to file /etc/apache2/conf-available/other-vhosts-access-log.conf 2021-01-07 20:42:06 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:06 Result: file /etc/apache2/conf-available/other-vhosts-access-log.conf is readable (or directory accessible). 2021-01-07 20:42:06 Apache config file: /etc/apache2/conf-enabled/security.conf 2021-01-07 20:42:06 Test: check if we can access /etc/apache2/conf-enabled/security.conf (escaped: /etc/apache2/conf-enabled/security.conf) 2021-01-07 20:42:06 Action: checking symlink for file /etc/apache2/conf-enabled/security.conf 2021-01-07 20:42:06 Note: Using real readlink binary to determine symlink on /etc/apache2/conf-enabled/security.conf 2021-01-07 20:42:06 Result: readlink shows /etc/apache2/conf-available/security.conf as output 2021-01-07 20:42:06 Result: symlink found, pointing to file /etc/apache2/conf-available/security.conf 2021-01-07 20:42:06 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:06 Result: file /etc/apache2/conf-available/security.conf is readable (or directory accessible). 2021-01-07 20:42:06 Apache config file: /etc/apache2/conf-enabled/serve-cgi-bin.conf 2021-01-07 20:42:06 Test: check if we can access /etc/apache2/conf-enabled/serve-cgi-bin.conf (escaped: /etc/apache2/conf-enabled/serve-cgi-bin.conf) 2021-01-07 20:42:06 Action: checking symlink for file /etc/apache2/conf-enabled/serve-cgi-bin.conf 2021-01-07 20:42:06 Note: Using real readlink binary to determine symlink on /etc/apache2/conf-enabled/serve-cgi-bin.conf 2021-01-07 20:42:06 Result: readlink shows /etc/apache2/conf-available/serve-cgi-bin.conf as output 2021-01-07 20:42:06 Result: symlink found, pointing to file /etc/apache2/conf-available/serve-cgi-bin.conf 2021-01-07 20:42:06 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:06 Result: file /etc/apache2/conf-available/serve-cgi-bin.conf is readable (or directory accessible). 2021-01-07 20:42:06 Apache config file: /etc/apache2/mods-available/actions.conf 2021-01-07 20:42:06 Test: check if we can access /etc/apache2/mods-available/actions.conf (escaped: /etc/apache2/mods-available/actions.conf) 2021-01-07 20:42:06 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:06 Result: file /etc/apache2/mods-available/actions.conf is readable (or directory accessible). 2021-01-07 20:42:06 Apache config file: /etc/apache2/mods-available/alias.conf 2021-01-07 20:42:06 Test: check if we can access /etc/apache2/mods-available/alias.conf (escaped: /etc/apache2/mods-available/alias.conf) 2021-01-07 20:42:06 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:06 Result: file /etc/apache2/mods-available/alias.conf is readable (or directory accessible). 2021-01-07 20:42:06 Apache config file: /etc/apache2/mods-available/autoindex.conf 2021-01-07 20:42:06 Test: check if we can access /etc/apache2/mods-available/autoindex.conf (escaped: /etc/apache2/mods-available/autoindex.conf) 2021-01-07 20:42:06 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:06 Result: file /etc/apache2/mods-available/autoindex.conf is readable (or directory accessible). 2021-01-07 20:42:06 Apache config file: /etc/apache2/mods-available/cache_disk.conf 2021-01-07 20:42:06 Test: check if we can access /etc/apache2/mods-available/cache_disk.conf (escaped: /etc/apache2/mods-available/cache_disk.conf) 2021-01-07 20:42:06 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:06 Result: file /etc/apache2/mods-available/cache_disk.conf is readable (or directory accessible). 2021-01-07 20:42:06 Apache config file: /etc/apache2/mods-available/cgid.conf 2021-01-07 20:42:06 Test: check if we can access /etc/apache2/mods-available/cgid.conf (escaped: /etc/apache2/mods-available/cgid.conf) 2021-01-07 20:42:06 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:06 Result: file /etc/apache2/mods-available/cgid.conf is readable (or directory accessible). 2021-01-07 20:42:06 Apache config file: /etc/apache2/mods-available/dav_fs.conf 2021-01-07 20:42:06 Test: check if we can access /etc/apache2/mods-available/dav_fs.conf (escaped: /etc/apache2/mods-available/dav_fs.conf) 2021-01-07 20:42:06 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:06 Result: file /etc/apache2/mods-available/dav_fs.conf is readable (or directory accessible). 2021-01-07 20:42:06 Apache config file: /etc/apache2/mods-available/deflate.conf 2021-01-07 20:42:06 Test: check if we can access /etc/apache2/mods-available/deflate.conf (escaped: /etc/apache2/mods-available/deflate.conf) 2021-01-07 20:42:06 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:06 Result: file /etc/apache2/mods-available/deflate.conf is readable (or directory accessible). 2021-01-07 20:42:06 Apache config file: /etc/apache2/mods-available/dir.conf 2021-01-07 20:42:06 Test: check if we can access /etc/apache2/mods-available/dir.conf (escaped: /etc/apache2/mods-available/dir.conf) 2021-01-07 20:42:06 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:06 Result: file /etc/apache2/mods-available/dir.conf is readable (or directory accessible). 2021-01-07 20:42:06 Apache config file: /etc/apache2/mods-available/http2.conf 2021-01-07 20:42:06 Test: check if we can access /etc/apache2/mods-available/http2.conf (escaped: /etc/apache2/mods-available/http2.conf) 2021-01-07 20:42:06 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:06 Result: file /etc/apache2/mods-available/http2.conf is readable (or directory accessible). 2021-01-07 20:42:06 Apache config file: /etc/apache2/mods-available/info.conf 2021-01-07 20:42:06 Test: check if we can access /etc/apache2/mods-available/info.conf (escaped: /etc/apache2/mods-available/info.conf) 2021-01-07 20:42:06 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:06 Result: file /etc/apache2/mods-available/info.conf is readable (or directory accessible). 2021-01-07 20:42:06 Apache config file: /etc/apache2/mods-available/ldap.conf 2021-01-07 20:42:06 Test: check if we can access /etc/apache2/mods-available/ldap.conf (escaped: /etc/apache2/mods-available/ldap.conf) 2021-01-07 20:42:06 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:06 Result: file /etc/apache2/mods-available/ldap.conf is readable (or directory accessible). 2021-01-07 20:42:06 Apache config file: /etc/apache2/mods-available/mime.conf 2021-01-07 20:42:06 Test: check if we can access /etc/apache2/mods-available/mime.conf (escaped: /etc/apache2/mods-available/mime.conf) 2021-01-07 20:42:06 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:06 Result: file /etc/apache2/mods-available/mime.conf is readable (or directory accessible). 2021-01-07 20:42:06 Apache config file: /etc/apache2/mods-available/mime_magic.conf 2021-01-07 20:42:06 Test: check if we can access /etc/apache2/mods-available/mime_magic.conf (escaped: /etc/apache2/mods-available/mime_magic.conf) 2021-01-07 20:42:06 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:06 Result: file /etc/apache2/mods-available/mime_magic.conf is readable (or directory accessible). 2021-01-07 20:42:06 Apache config file: /etc/apache2/mods-available/mpm_event.conf 2021-01-07 20:42:06 Test: check if we can access /etc/apache2/mods-available/mpm_event.conf (escaped: /etc/apache2/mods-available/mpm_event.conf) 2021-01-07 20:42:06 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:06 Result: file /etc/apache2/mods-available/mpm_event.conf is readable (or directory accessible). 2021-01-07 20:42:06 Apache config file: /etc/apache2/mods-available/mpm_prefork.conf 2021-01-07 20:42:06 Test: check if we can access /etc/apache2/mods-available/mpm_prefork.conf (escaped: /etc/apache2/mods-available/mpm_prefork.conf) 2021-01-07 20:42:06 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:06 Result: file /etc/apache2/mods-available/mpm_prefork.conf is readable (or directory accessible). 2021-01-07 20:42:06 Apache config file: /etc/apache2/mods-available/mpm_worker.conf 2021-01-07 20:42:06 Test: check if we can access /etc/apache2/mods-available/mpm_worker.conf (escaped: /etc/apache2/mods-available/mpm_worker.conf) 2021-01-07 20:42:06 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:06 Result: file /etc/apache2/mods-available/mpm_worker.conf is readable (or directory accessible). 2021-01-07 20:42:06 Apache config file: /etc/apache2/mods-available/negotiation.conf 2021-01-07 20:42:06 Test: check if we can access /etc/apache2/mods-available/negotiation.conf (escaped: /etc/apache2/mods-available/negotiation.conf) 2021-01-07 20:42:06 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:06 Result: file /etc/apache2/mods-available/negotiation.conf is readable (or directory accessible). 2021-01-07 20:42:06 Apache config file: /etc/apache2/mods-available/php7.4.conf 2021-01-07 20:42:06 Test: check if we can access /etc/apache2/mods-available/php7.4.conf (escaped: /etc/apache2/mods-available/php7.4.conf) 2021-01-07 20:42:07 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:07 Result: file /etc/apache2/mods-available/php7.4.conf is readable (or directory accessible). 2021-01-07 20:42:07 Apache config file: /etc/apache2/mods-available/proxy.conf 2021-01-07 20:42:07 Test: check if we can access /etc/apache2/mods-available/proxy.conf (escaped: /etc/apache2/mods-available/proxy.conf) 2021-01-07 20:42:07 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:07 Result: file /etc/apache2/mods-available/proxy.conf is readable (or directory accessible). 2021-01-07 20:42:07 Apache config file: /etc/apache2/mods-available/proxy_balancer.conf 2021-01-07 20:42:07 Test: check if we can access /etc/apache2/mods-available/proxy_balancer.conf (escaped: /etc/apache2/mods-available/proxy_balancer.conf) 2021-01-07 20:42:07 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:07 Result: file /etc/apache2/mods-available/proxy_balancer.conf is readable (or directory accessible). 2021-01-07 20:42:07 Apache config file: /etc/apache2/mods-available/proxy_ftp.conf 2021-01-07 20:42:07 Test: check if we can access /etc/apache2/mods-available/proxy_ftp.conf (escaped: /etc/apache2/mods-available/proxy_ftp.conf) 2021-01-07 20:42:07 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:07 Result: file /etc/apache2/mods-available/proxy_ftp.conf is readable (or directory accessible). 2021-01-07 20:42:07 Apache config file: /etc/apache2/mods-available/proxy_html.conf 2021-01-07 20:42:07 Test: check if we can access /etc/apache2/mods-available/proxy_html.conf (escaped: /etc/apache2/mods-available/proxy_html.conf) 2021-01-07 20:42:07 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:07 Result: file /etc/apache2/mods-available/proxy_html.conf is readable (or directory accessible). 2021-01-07 20:42:07 Apache config file: /etc/apache2/mods-available/reqtimeout.conf 2021-01-07 20:42:07 Test: check if we can access /etc/apache2/mods-available/reqtimeout.conf (escaped: /etc/apache2/mods-available/reqtimeout.conf) 2021-01-07 20:42:07 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:07 Result: file /etc/apache2/mods-available/reqtimeout.conf is readable (or directory accessible). 2021-01-07 20:42:07 Apache config file: /etc/apache2/mods-available/setenvif.conf 2021-01-07 20:42:07 Test: check if we can access /etc/apache2/mods-available/setenvif.conf (escaped: /etc/apache2/mods-available/setenvif.conf) 2021-01-07 20:42:07 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:07 Result: file /etc/apache2/mods-available/setenvif.conf is readable (or directory accessible). 2021-01-07 20:42:07 Apache config file: /etc/apache2/mods-available/ssl.conf 2021-01-07 20:42:07 Test: check if we can access /etc/apache2/mods-available/ssl.conf (escaped: /etc/apache2/mods-available/ssl.conf) 2021-01-07 20:42:07 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:07 Result: file /etc/apache2/mods-available/ssl.conf is readable (or directory accessible). 2021-01-07 20:42:07 Apache config file: /etc/apache2/mods-available/status.conf 2021-01-07 20:42:07 Test: check if we can access /etc/apache2/mods-available/status.conf (escaped: /etc/apache2/mods-available/status.conf) 2021-01-07 20:42:07 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:07 Result: file /etc/apache2/mods-available/status.conf is readable (or directory accessible). 2021-01-07 20:42:07 Apache config file: /etc/apache2/mods-available/userdir.conf 2021-01-07 20:42:07 Test: check if we can access /etc/apache2/mods-available/userdir.conf (escaped: /etc/apache2/mods-available/userdir.conf) 2021-01-07 20:42:07 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:07 Result: file /etc/apache2/mods-available/userdir.conf is readable (or directory accessible). 2021-01-07 20:42:07 Apache config file: /etc/apache2/mods-enabled/alias.conf 2021-01-07 20:42:07 Test: check if we can access /etc/apache2/mods-enabled/alias.conf (escaped: /etc/apache2/mods-enabled/alias.conf) 2021-01-07 20:42:07 Action: checking symlink for file /etc/apache2/mods-enabled/alias.conf 2021-01-07 20:42:07 Note: Using real readlink binary to determine symlink on /etc/apache2/mods-enabled/alias.conf 2021-01-07 20:42:07 Result: readlink shows /etc/apache2/mods-available/alias.conf as output 2021-01-07 20:42:07 Result: symlink found, pointing to file /etc/apache2/mods-available/alias.conf 2021-01-07 20:42:07 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:07 Result: file /etc/apache2/mods-available/alias.conf is readable (or directory accessible). 2021-01-07 20:42:07 Apache config file: /etc/apache2/mods-enabled/autoindex.conf 2021-01-07 20:42:07 Test: check if we can access /etc/apache2/mods-enabled/autoindex.conf (escaped: /etc/apache2/mods-enabled/autoindex.conf) 2021-01-07 20:42:07 Action: checking symlink for file /etc/apache2/mods-enabled/autoindex.conf 2021-01-07 20:42:07 Note: Using real readlink binary to determine symlink on /etc/apache2/mods-enabled/autoindex.conf 2021-01-07 20:42:07 Result: readlink shows /etc/apache2/mods-available/autoindex.conf as output 2021-01-07 20:42:07 Result: symlink found, pointing to file /etc/apache2/mods-available/autoindex.conf 2021-01-07 20:42:07 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:07 Result: file /etc/apache2/mods-available/autoindex.conf is readable (or directory accessible). 2021-01-07 20:42:07 Apache config file: /etc/apache2/mods-enabled/deflate.conf 2021-01-07 20:42:07 Test: check if we can access /etc/apache2/mods-enabled/deflate.conf (escaped: /etc/apache2/mods-enabled/deflate.conf) 2021-01-07 20:42:07 Action: checking symlink for file /etc/apache2/mods-enabled/deflate.conf 2021-01-07 20:42:07 Note: Using real readlink binary to determine symlink on /etc/apache2/mods-enabled/deflate.conf 2021-01-07 20:42:07 Result: readlink shows /etc/apache2/mods-available/deflate.conf as output 2021-01-07 20:42:07 Result: symlink found, pointing to file /etc/apache2/mods-available/deflate.conf 2021-01-07 20:42:07 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:07 Result: file /etc/apache2/mods-available/deflate.conf is readable (or directory accessible). 2021-01-07 20:42:07 Apache config file: /etc/apache2/mods-enabled/dir.conf 2021-01-07 20:42:07 Test: check if we can access /etc/apache2/mods-enabled/dir.conf (escaped: /etc/apache2/mods-enabled/dir.conf) 2021-01-07 20:42:07 Action: checking symlink for file /etc/apache2/mods-enabled/dir.conf 2021-01-07 20:42:07 Note: Using real readlink binary to determine symlink on /etc/apache2/mods-enabled/dir.conf 2021-01-07 20:42:07 Result: readlink shows /etc/apache2/mods-available/dir.conf as output 2021-01-07 20:42:07 Result: symlink found, pointing to file /etc/apache2/mods-available/dir.conf 2021-01-07 20:42:07 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:07 Result: file /etc/apache2/mods-available/dir.conf is readable (or directory accessible). 2021-01-07 20:42:07 Apache config file: /etc/apache2/mods-enabled/mime.conf 2021-01-07 20:42:07 Test: check if we can access /etc/apache2/mods-enabled/mime.conf (escaped: /etc/apache2/mods-enabled/mime.conf) 2021-01-07 20:42:07 Action: checking symlink for file /etc/apache2/mods-enabled/mime.conf 2021-01-07 20:42:07 Note: Using real readlink binary to determine symlink on /etc/apache2/mods-enabled/mime.conf 2021-01-07 20:42:07 Result: readlink shows /etc/apache2/mods-available/mime.conf as output 2021-01-07 20:42:07 Result: symlink found, pointing to file /etc/apache2/mods-available/mime.conf 2021-01-07 20:42:07 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:07 Result: file /etc/apache2/mods-available/mime.conf is readable (or directory accessible). 2021-01-07 20:42:07 Apache config file: /etc/apache2/mods-enabled/mpm_prefork.conf 2021-01-07 20:42:07 Test: check if we can access /etc/apache2/mods-enabled/mpm_prefork.conf (escaped: /etc/apache2/mods-enabled/mpm_prefork.conf) 2021-01-07 20:42:07 Action: checking symlink for file /etc/apache2/mods-enabled/mpm_prefork.conf 2021-01-07 20:42:07 Note: Using real readlink binary to determine symlink on /etc/apache2/mods-enabled/mpm_prefork.conf 2021-01-07 20:42:07 Result: readlink shows /etc/apache2/mods-available/mpm_prefork.conf as output 2021-01-07 20:42:07 Result: symlink found, pointing to file /etc/apache2/mods-available/mpm_prefork.conf 2021-01-07 20:42:07 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:07 Result: file /etc/apache2/mods-available/mpm_prefork.conf is readable (or directory accessible). 2021-01-07 20:42:07 Apache config file: /etc/apache2/mods-enabled/negotiation.conf 2021-01-07 20:42:07 Test: check if we can access /etc/apache2/mods-enabled/negotiation.conf (escaped: /etc/apache2/mods-enabled/negotiation.conf) 2021-01-07 20:42:07 Action: checking symlink for file /etc/apache2/mods-enabled/negotiation.conf 2021-01-07 20:42:07 Note: Using real readlink binary to determine symlink on /etc/apache2/mods-enabled/negotiation.conf 2021-01-07 20:42:07 Result: readlink shows /etc/apache2/mods-available/negotiation.conf as output 2021-01-07 20:42:07 Result: symlink found, pointing to file /etc/apache2/mods-available/negotiation.conf 2021-01-07 20:42:07 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:07 Result: file /etc/apache2/mods-available/negotiation.conf is readable (or directory accessible). 2021-01-07 20:42:07 Apache config file: /etc/apache2/mods-enabled/php7.4.conf 2021-01-07 20:42:07 Test: check if we can access /etc/apache2/mods-enabled/php7.4.conf (escaped: /etc/apache2/mods-enabled/php7.4.conf) 2021-01-07 20:42:07 Action: checking symlink for file /etc/apache2/mods-enabled/php7.4.conf 2021-01-07 20:42:07 Note: Using real readlink binary to determine symlink on /etc/apache2/mods-enabled/php7.4.conf 2021-01-07 20:42:07 Result: readlink shows /etc/apache2/mods-available/php7.4.conf as output 2021-01-07 20:42:07 Result: symlink found, pointing to file /etc/apache2/mods-available/php7.4.conf 2021-01-07 20:42:07 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:07 Result: file /etc/apache2/mods-available/php7.4.conf is readable (or directory accessible). 2021-01-07 20:42:07 Apache config file: /etc/apache2/mods-enabled/reqtimeout.conf 2021-01-07 20:42:07 Test: check if we can access /etc/apache2/mods-enabled/reqtimeout.conf (escaped: /etc/apache2/mods-enabled/reqtimeout.conf) 2021-01-07 20:42:07 Action: checking symlink for file /etc/apache2/mods-enabled/reqtimeout.conf 2021-01-07 20:42:07 Note: Using real readlink binary to determine symlink on /etc/apache2/mods-enabled/reqtimeout.conf 2021-01-07 20:42:07 Result: readlink shows /etc/apache2/mods-available/reqtimeout.conf as output 2021-01-07 20:42:07 Result: symlink found, pointing to file /etc/apache2/mods-available/reqtimeout.conf 2021-01-07 20:42:07 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:07 Result: file /etc/apache2/mods-available/reqtimeout.conf is readable (or directory accessible). 2021-01-07 20:42:07 Apache config file: /etc/apache2/mods-enabled/setenvif.conf 2021-01-07 20:42:07 Test: check if we can access /etc/apache2/mods-enabled/setenvif.conf (escaped: /etc/apache2/mods-enabled/setenvif.conf) 2021-01-07 20:42:07 Action: checking symlink for file /etc/apache2/mods-enabled/setenvif.conf 2021-01-07 20:42:07 Note: Using real readlink binary to determine symlink on /etc/apache2/mods-enabled/setenvif.conf 2021-01-07 20:42:07 Result: readlink shows /etc/apache2/mods-available/setenvif.conf as output 2021-01-07 20:42:07 Result: symlink found, pointing to file /etc/apache2/mods-available/setenvif.conf 2021-01-07 20:42:07 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:07 Result: file /etc/apache2/mods-available/setenvif.conf is readable (or directory accessible). 2021-01-07 20:42:07 Apache config file: /etc/apache2/mods-enabled/status.conf 2021-01-07 20:42:07 Test: check if we can access /etc/apache2/mods-enabled/status.conf (escaped: /etc/apache2/mods-enabled/status.conf) 2021-01-07 20:42:07 Action: checking symlink for file /etc/apache2/mods-enabled/status.conf 2021-01-07 20:42:07 Note: Using real readlink binary to determine symlink on /etc/apache2/mods-enabled/status.conf 2021-01-07 20:42:07 Result: readlink shows /etc/apache2/mods-available/status.conf as output 2021-01-07 20:42:07 Result: symlink found, pointing to file /etc/apache2/mods-available/status.conf 2021-01-07 20:42:07 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:07 Result: file /etc/apache2/mods-available/status.conf is readable (or directory accessible). 2021-01-07 20:42:07 Apache config file: /etc/apache2/ports.conf 2021-01-07 20:42:07 Test: check if we can access /etc/apache2/ports.conf (escaped: /etc/apache2/ports.conf) 2021-01-07 20:42:07 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:07 Result: file /etc/apache2/ports.conf is readable (or directory accessible). 2021-01-07 20:42:07 Apache config file: /etc/apache2/sites-available/000-default.conf 2021-01-07 20:42:07 Test: check if we can access /etc/apache2/sites-available/000-default.conf (escaped: /etc/apache2/sites-available/000-default.conf) 2021-01-07 20:42:07 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:07 Result: file /etc/apache2/sites-available/000-default.conf is readable (or directory accessible). 2021-01-07 20:42:07 Apache config file: /etc/apache2/sites-available/default-ssl.conf 2021-01-07 20:42:07 Test: check if we can access /etc/apache2/sites-available/default-ssl.conf (escaped: /etc/apache2/sites-available/default-ssl.conf) 2021-01-07 20:42:07 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:07 Result: file /etc/apache2/sites-available/default-ssl.conf is readable (or directory accessible). 2021-01-07 20:42:07 Apache config file: /etc/apache2/sites-enabled/000-default.conf 2021-01-07 20:42:07 Test: check if we can access /etc/apache2/sites-enabled/000-default.conf (escaped: /etc/apache2/sites-enabled/000-default.conf) 2021-01-07 20:42:07 Action: checking symlink for file /etc/apache2/sites-enabled/000-default.conf 2021-01-07 20:42:07 Note: Using real readlink binary to determine symlink on /etc/apache2/sites-enabled/000-default.conf 2021-01-07 20:42:07 Result: readlink shows /etc/apache2/sites-available/000-default.conf as output 2021-01-07 20:42:07 Result: symlink found, pointing to file /etc/apache2/sites-available/000-default.conf 2021-01-07 20:42:07 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:07 Result: file /etc/apache2/sites-available/000-default.conf is readable (or directory accessible). 2021-01-07 20:42:07 Result: found 0 virtual hosts 2021-01-07 20:42:07 ==== 2021-01-07 20:42:07 Performing test ID HTTP-6632 (Determining all available Apache modules) 2021-01-07 20:42:07 Test: searching available Apache modules 2021-01-07 20:42:07 Test: checking if directory /etc/httpd/modules exists 2021-01-07 20:42:07 Result: directory /etc/httpd/modules NOT found 2021-01-07 20:42:07 Test: checking if directory /opt/local/apache2/modules exists 2021-01-07 20:42:07 Result: directory /opt/local/apache2/modules NOT found 2021-01-07 20:42:07 Test: checking if directory /usr/lib/apache exists 2021-01-07 20:42:07 Result: directory /usr/lib/apache NOT found 2021-01-07 20:42:07 Test: checking if directory /usr/lib/apache2 exists 2021-01-07 20:42:07 Result: directory /usr/lib/apache2 exists 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_access_compat.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_actions.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_alias.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_allowmethods.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_asis.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_auth_basic.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_auth_digest.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_auth_form.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_authn_anon.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_authn_core.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_authn_dbd.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_authn_dbm.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_authn_file.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_authn_socache.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_authnz_fcgi.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_authnz_ldap.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_authz_core.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_authz_dbd.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_authz_dbm.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_authz_groupfile.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_authz_host.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_authz_owner.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_authz_user.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_autoindex.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_brotli.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_bucketeer.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_buffer.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_cache.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_cache_disk.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_cache_socache.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_case_filter.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_case_filter_in.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_cern_meta.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_cgi.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_cgid.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_charset_lite.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_data.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_dav.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_dav_fs.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_dav_lock.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_dbd.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_deflate.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_dialup.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_dir.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_dumpio.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_echo.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_env.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_expires.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_ext_filter.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_file_cache.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_filter.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_headers.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_heartbeat.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_heartmonitor.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_http2.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_ident.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_imagemap.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_include.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_info.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_lbmethod_bybusyness.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_lbmethod_byrequests.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_lbmethod_bytraffic.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_lbmethod_heartbeat.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_ldap.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_log_debug.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_log_forensic.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_lua.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_macro.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_md.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_mime.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_mime_magic.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_mpm_event.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_mpm_prefork.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_mpm_worker.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_negotiation.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_proxy.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_proxy_ajp.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_proxy_balancer.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_proxy_connect.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_proxy_express.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_proxy_fcgi.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_proxy_fdpass.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_proxy_ftp.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_proxy_hcheck.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_proxy_html.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_proxy_http.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_proxy_http2.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_proxy_scgi.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_proxy_uwsgi.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_proxy_wstunnel.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_ratelimit.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_reflector.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_remoteip.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_reqtimeout.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_request.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_rewrite.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_sed.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_session.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_session_cookie.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_session_crypto.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_session_dbd.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_setenvif.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_slotmem_plain.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_slotmem_shm.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_socache_dbm.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_socache_memcache.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_socache_redis.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_socache_shmcb.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_speling.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_ssl.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_status.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_substitute.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_suexec.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_unique_id.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_userdir.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_usertrack.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_vhost_alias.so 2021-01-07 20:42:07 Result: found Apache module /usr/lib/apache2/modules/mod_xml2enc.so 2021-01-07 20:42:07 Test: checking if directory /usr/lib/httpd/modules exists 2021-01-07 20:42:07 Result: directory /usr/lib/httpd/modules NOT found 2021-01-07 20:42:07 Test: checking if directory /usr/libexec/apache2 exists 2021-01-07 20:42:07 Result: directory /usr/libexec/apache2 NOT found 2021-01-07 20:42:07 Test: checking if directory /usr/lib64/apache2 exists 2021-01-07 20:42:07 Result: directory /usr/lib64/apache2 NOT found 2021-01-07 20:42:07 Test: checking if directory /usr/lib64/apache2/modules exists 2021-01-07 20:42:07 Result: directory /usr/lib64/apache2/modules NOT found 2021-01-07 20:42:07 Test: checking if directory /usr/lib64/httpd/modules exists 2021-01-07 20:42:07 Result: directory /usr/lib64/httpd/modules NOT found 2021-01-07 20:42:07 Test: checking if directory /usr/local/libexec/apache exists 2021-01-07 20:42:07 Result: directory /usr/local/libexec/apache NOT found 2021-01-07 20:42:07 Test: checking if directory /usr/local/libexec/apache22 exists 2021-01-07 20:42:07 Result: directory /usr/local/libexec/apache22 NOT found 2021-01-07 20:42:07 Test: checking if directory /usr/local/libexec/apache24 exists 2021-01-07 20:42:07 Result: directory /usr/local/libexec/apache24 NOT found 2021-01-07 20:42:07 ==== 2021-01-07 20:42:07 Performing test ID HTTP-6640 (Determining existence of specific Apache modules) 2021-01-07 20:42:07 Test: search string /mod_evasive([0-9][0-9])?.so in earlier discovered results 2021-01-07 20:42:07 Result: search string NOT found 2021-01-07 20:42:07 Hardening: assigned partial number of hardening points (2 of 3). Currently having 126 points (out of 175) 2021-01-07 20:42:07 Suggestion: Install Apache mod_evasive to guard webserver against DoS/brute force attempts [test:HTTP-6640] [details:-] [solution:-] 2021-01-07 20:42:07 ==== 2021-01-07 20:42:07 Performing test ID HTTP-6641 (Determining existence of specific Apache modules) 2021-01-07 20:42:07 Test: search string /mod_(reqtimeout|qos).so in earlier discovered results 2021-01-07 20:42:07 Result: found search string (result: apache_module[]=/usr/lib/apache2/modules/mod_reqtimeout.so) 2021-01-07 20:42:07 Hardening: assigned maximum number of hardening points for this item (3). Currently having 129 points (out of 178) 2021-01-07 20:42:07 ==== 2021-01-07 20:42:07 Performing test ID HTTP-6643 (Determining existence of specific Apache modules) 2021-01-07 20:42:07 Test: search string /mod_security2.so in earlier discovered results 2021-01-07 20:42:08 Result: search string NOT found 2021-01-07 20:42:08 Hardening: assigned partial number of hardening points (2 of 3). Currently having 131 points (out of 181) 2021-01-07 20:42:08 Suggestion: Install Apache modsecurity to guard webserver against web application attacks [test:HTTP-6643] [details:-] [solution:-] 2021-01-07 20:42:08 ==== 2021-01-07 20:42:08 Performing test ID HTTP-6702 (Check nginx process) 2021-01-07 20:42:08 Test: searching running nginx process 2021-01-07 20:42:08 Performing pgrep scan without uid 2021-01-07 20:42:08 IsRunning: process 'nginx' not found 2021-01-07 20:42:08 Result: no running nginx process found 2021-01-07 20:42:08 ==== 2021-01-07 20:42:08 Skipped test HTTP-6704 (Check nginx configuration file) 2021-01-07 20:42:08 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:08 ==== 2021-01-07 20:42:08 Skipped test HTTP-6706 (Check for additional nginx configuration files) 2021-01-07 20:42:08 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:08 ==== 2021-01-07 20:42:08 Skipped test HTTP-6708 (Check discovered nginx configuration settings) 2021-01-07 20:42:08 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:08 ==== 2021-01-07 20:42:08 Skipped test HTTP-6710 (Check nginx SSL configuration settings) 2021-01-07 20:42:08 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:08 ==== 2021-01-07 20:42:08 Skipped test HTTP-6712 (Check nginx access logging) 2021-01-07 20:42:08 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:08 ==== 2021-01-07 20:42:08 Skipped test HTTP-6714 (Check for missing error logs in nginx) 2021-01-07 20:42:08 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:08 ==== 2021-01-07 20:42:08 Skipped test HTTP-6716 (Check for debug mode on error log in nginx) 2021-01-07 20:42:08 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:08 ==== 2021-01-07 20:42:08 Skipped test HTTP-6720 (Check Nginx log files) 2021-01-07 20:42:08 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:08 Security check: file is normal 2021-01-07 20:42:08 Checking permissions of /root/scans/lynis/include/tests_ssh 2021-01-07 20:42:08 File permissions are OK 2021-01-07 20:42:08 ==== 2021-01-07 20:42:08 Action: Performing tests from category: SSH Support 2021-01-07 20:42:08 ==== 2021-01-07 20:42:08 Performing test ID SSH-7402 (Check for running SSH daemon) 2021-01-07 20:42:08 Test: Searching for a SSH daemon 2021-01-07 20:42:08 Performing pgrep scan without uid 2021-01-07 20:42:08 IsRunning: process 'sshd' not found 2021-01-07 20:42:08 Test: find service listening on TCP:22 2021-01-07 20:42:08 Result: did not find service listening on port 22 (TCP) 2021-01-07 20:42:08 ==== 2021-01-07 20:42:08 Skipped test SSH-7404 (Check SSH daemon file location) 2021-01-07 20:42:08 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:08 ==== 2021-01-07 20:42:08 Skipped test SSH-7406 (Determine OpenSSH version) 2021-01-07 20:42:08 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:08 ==== 2021-01-07 20:42:08 Skipped test SSH-7408 (Check SSH specific defined options) 2021-01-07 20:42:08 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:08 ==== 2021-01-07 20:42:08 Skipped test SSH-7440 (Check OpenSSH option: AllowUsers and AllowGroups) 2021-01-07 20:42:08 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:08 Security check: file is normal 2021-01-07 20:42:08 Checking permissions of /root/scans/lynis/include/tests_snmp 2021-01-07 20:42:08 File permissions are OK 2021-01-07 20:42:08 ==== 2021-01-07 20:42:08 Action: Performing tests from category: SNMP Support 2021-01-07 20:42:08 ==== 2021-01-07 20:42:08 Performing test ID SNMP-3302 (Check for running SNMP daemon) 2021-01-07 20:42:08 Test: Searching for a SNMP daemon 2021-01-07 20:42:08 Performing pgrep scan without uid 2021-01-07 20:42:08 IsRunning: process 'snmpd' not found 2021-01-07 20:42:08 Result: No running SNMP daemon found 2021-01-07 20:42:08 ==== 2021-01-07 20:42:08 Skipped test SNMP-3304 (Check SNMP daemon file location) 2021-01-07 20:42:08 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:08 ==== 2021-01-07 20:42:08 Skipped test SNMP-3306 (Check SNMP communities) 2021-01-07 20:42:08 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:08 Security check: file is normal 2021-01-07 20:42:08 Checking permissions of /root/scans/lynis/include/tests_databases 2021-01-07 20:42:08 File permissions are OK 2021-01-07 20:42:08 ==== 2021-01-07 20:42:08 Action: Performing tests from category: Databases 2021-01-07 20:42:08 ==== 2021-01-07 20:42:08 Performing test ID DBS-1804 (Checking active MySQL process) 2021-01-07 20:42:08 Result: MySQL is active 2021-01-07 20:42:08 ==== 2021-01-07 20:42:08 Performing test ID DBS-1816 (Checking MySQL root password) 2021-01-07 20:42:08 Test: Trying to login to local MySQL server without password 2021-01-07 20:42:08 Result: Login did not succeed, so a MySQL root password is set 2021-01-07 20:42:08 Hardening: assigned maximum number of hardening points for this item (2). Currently having 133 points (out of 183) 2021-01-07 20:42:08 ==== 2021-01-07 20:42:08 Performing test ID DBS-1818 (Check status of MongoDB server) 2021-01-07 20:42:08 Performing pgrep scan without uid 2021-01-07 20:42:08 IsRunning: process 'mongod' not found 2021-01-07 20:42:08 ==== 2021-01-07 20:42:08 Performing test ID DBS-1820 (Check for authorization in MongoDB) 2021-01-07 20:42:08 ==== 2021-01-07 20:42:08 Performing test ID DBS-1826 (Checking active PostgreSQL processes) 2021-01-07 20:42:08 Performing pgrep scan without uid 2021-01-07 20:42:08 IsRunning: process 'postgres:' not found 2021-01-07 20:42:08 Result: PostgreSQL process not active 2021-01-07 20:42:08 ==== 2021-01-07 20:42:08 Skipped test DBS-1828 (Test PostgreSQL configuration) 2021-01-07 20:42:08 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:08 ==== 2021-01-07 20:42:08 Performing test ID DBS-1840 (Checking active Oracle processes) 2021-01-07 20:42:08 Result: Oracle process(es) not active 2021-01-07 20:42:08 ==== 2021-01-07 20:42:08 Performing test ID DBS-1860 (Checking active DB2 instances) 2021-01-07 20:42:08 Performing pgrep scan without uid 2021-01-07 20:42:08 IsRunning: process 'db2sysc' not found 2021-01-07 20:42:08 Result: No DB2 instances are running 2021-01-07 20:42:08 ==== 2021-01-07 20:42:08 Performing test ID DBS-1880 (Check for active Redis server) 2021-01-07 20:42:08 Performing pgrep scan without uid 2021-01-07 20:42:08 IsRunning: process 'redis-server' not found 2021-01-07 20:42:08 Result: No Redis processes are running 2021-01-07 20:42:08 ==== 2021-01-07 20:42:08 Skipped test DBS-1882 (Redis configuration file) 2021-01-07 20:42:08 Reason to skip: Redis not running 2021-01-07 20:42:08 ==== 2021-01-07 20:42:08 Skipped test DBS-1884 (Redis: requirepass option configured) 2021-01-07 20:42:08 Reason to skip: Redis not running, or no configuration file found 2021-01-07 20:42:08 ==== 2021-01-07 20:42:08 Skipped test DBS-1886 (Redis: rename-command CONFIG used) 2021-01-07 20:42:08 Reason to skip: Redis not running, or no configuration found 2021-01-07 20:42:08 ==== 2021-01-07 20:42:08 Skipped test DBS-1888 (Redis: bind on localhost) 2021-01-07 20:42:08 Reason to skip: Redis not running, or no configuration found 2021-01-07 20:42:08 Security check: file is normal 2021-01-07 20:42:08 Checking permissions of /root/scans/lynis/include/tests_ldap 2021-01-07 20:42:08 File permissions are OK 2021-01-07 20:42:08 ==== 2021-01-07 20:42:08 Action: Performing tests from category: LDAP Services 2021-01-07 20:42:08 ==== 2021-01-07 20:42:08 Performing test ID LDAP-2219 (Check running OpenLDAP instance) 2021-01-07 20:42:08 Performing pgrep scan without uid 2021-01-07 20:42:08 IsRunning: process 'slapd' not found 2021-01-07 20:42:08 Result: No running slapd process found. 2021-01-07 20:42:08 ==== 2021-01-07 20:42:08 Skipped test LDAP-2224 (Check presence slapd.conf) 2021-01-07 20:42:08 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:08 Security check: file is normal 2021-01-07 20:42:08 Checking permissions of /root/scans/lynis/include/tests_php 2021-01-07 20:42:08 File permissions are OK 2021-01-07 20:42:08 ==== 2021-01-07 20:42:08 Action: Performing tests from category: PHP 2021-01-07 20:42:08 ==== 2021-01-07 20:42:08 Performing test ID PHP-2211 (Check php.ini presence) 2021-01-07 20:42:08 Test: Checking for presence php.ini 2021-01-07 20:42:08 Test: checking presence /etc/php.ini 2021-01-07 20:42:08 Result: file /etc/php.ini not found 2021-01-07 20:42:08 Test: checking presence /etc/php.ini.default 2021-01-07 20:42:08 Result: file /etc/php.ini.default not found 2021-01-07 20:42:08 Test: checking presence /etc/php/php.ini 2021-01-07 20:42:08 Result: file /etc/php/php.ini not found 2021-01-07 20:42:08 Test: checking presence /etc/php5.5/php.ini 2021-01-07 20:42:08 Result: file /etc/php5.5/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php5.6/php.ini 2021-01-07 20:42:09 Result: file /etc/php5.6/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php7.0/php.ini 2021-01-07 20:42:09 Result: file /etc/php7.0/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php7.1/php.ini 2021-01-07 20:42:09 Result: file /etc/php7.1/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php7.2/php.ini 2021-01-07 20:42:09 Result: file /etc/php7.2/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php7.3/php.ini 2021-01-07 20:42:09 Result: file /etc/php7.3/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php7.4/php.ini 2021-01-07 20:42:09 Result: file /etc/php7.4/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php/cgi-php5/php.ini 2021-01-07 20:42:09 Result: file /etc/php/cgi-php5/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php/cli-php5/php.ini 2021-01-07 20:42:09 Result: file /etc/php/cli-php5/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php/apache2-php5/php.ini 2021-01-07 20:42:09 Result: file /etc/php/apache2-php5/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php/apache2-php5.5/php.ini 2021-01-07 20:42:09 Result: file /etc/php/apache2-php5.5/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php/apache2-php5.6/php.ini 2021-01-07 20:42:09 Result: file /etc/php/apache2-php5.6/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php/apache2-php7.0/php.ini 2021-01-07 20:42:09 Result: file /etc/php/apache2-php7.0/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php/apache2-php7.1/php.ini 2021-01-07 20:42:09 Result: file /etc/php/apache2-php7.1/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php/apache2-php7.2/php.ini 2021-01-07 20:42:09 Result: file /etc/php/apache2-php7.2/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php/apache2-php7.3/php.ini 2021-01-07 20:42:09 Result: file /etc/php/apache2-php7.3/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php/apache2-php7.4/php.ini 2021-01-07 20:42:09 Result: file /etc/php/apache2-php7.4/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php/cgi-php5.5/php.ini 2021-01-07 20:42:09 Result: file /etc/php/cgi-php5.5/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php/cgi-php5.6/php.ini 2021-01-07 20:42:09 Result: file /etc/php/cgi-php5.6/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php/cgi-php7.0/php.ini 2021-01-07 20:42:09 Result: file /etc/php/cgi-php7.0/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php/cgi-php7.1/php.ini 2021-01-07 20:42:09 Result: file /etc/php/cgi-php7.1/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php/cgi-php7.2/php.ini 2021-01-07 20:42:09 Result: file /etc/php/cgi-php7.2/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php/cgi-php7.3/php.ini 2021-01-07 20:42:09 Result: file /etc/php/cgi-php7.3/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php/cgi-php7.4/php.ini 2021-01-07 20:42:09 Result: file /etc/php/cgi-php7.4/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php/cli-php5.5/php.ini 2021-01-07 20:42:09 Result: file /etc/php/cli-php5.5/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php/cli-php5.6/php.ini 2021-01-07 20:42:09 Result: file /etc/php/cli-php5.6/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php/cli-php7.0/php.ini 2021-01-07 20:42:09 Result: file /etc/php/cli-php7.0/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php/cli-php7.1/php.ini 2021-01-07 20:42:09 Result: file /etc/php/cli-php7.1/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php/cli-php7.2/php.ini 2021-01-07 20:42:09 Result: file /etc/php/cli-php7.2/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php/cli-php7.3/php.ini 2021-01-07 20:42:09 Result: file /etc/php/cli-php7.3/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php/cli-php7.4/php.ini 2021-01-07 20:42:09 Result: file /etc/php/cli-php7.4/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php/embed-php5.5/php.ini 2021-01-07 20:42:09 Result: file /etc/php/embed-php5.5/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php/embed-php5.6/php.ini 2021-01-07 20:42:09 Result: file /etc/php/embed-php5.6/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php/embed-php7.0/php.ini 2021-01-07 20:42:09 Result: file /etc/php/embed-php7.0/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php/embed-php7.1/php.ini 2021-01-07 20:42:09 Result: file /etc/php/embed-php7.1/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php/embed-php7.2/php.ini 2021-01-07 20:42:09 Result: file /etc/php/embed-php7.2/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php/embed-php7.3/php.ini 2021-01-07 20:42:09 Result: file /etc/php/embed-php7.3/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php/embed-php7.4/php.ini 2021-01-07 20:42:09 Result: file /etc/php/embed-php7.4/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php/fpm-php7.4/php.ini 2021-01-07 20:42:09 Result: file /etc/php/fpm-php7.4/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php/fpm-php7.3/php.ini 2021-01-07 20:42:09 Result: file /etc/php/fpm-php7.3/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php/fpm-php7.2/php.ini 2021-01-07 20:42:09 Result: file /etc/php/fpm-php7.2/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php/fpm-php7.1/php.ini 2021-01-07 20:42:09 Result: file /etc/php/fpm-php7.1/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php/fpm-php7.0/php.ini 2021-01-07 20:42:09 Result: file /etc/php/fpm-php7.0/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php/fpm-php5.5/php.ini 2021-01-07 20:42:09 Result: file /etc/php/fpm-php5.5/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php/fpm-php5.6/php.ini 2021-01-07 20:42:09 Result: file /etc/php/fpm-php5.6/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php5/cgi/php.ini 2021-01-07 20:42:09 Result: file /etc/php5/cgi/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php5/cli/php.ini 2021-01-07 20:42:09 Result: file /etc/php5/cli/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php5/cli-php5.4/php.ini 2021-01-07 20:42:09 Result: file /etc/php5/cli-php5.4/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php5/cli-php5.5/php.ini 2021-01-07 20:42:09 Result: file /etc/php5/cli-php5.5/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php5/cli-php5.6/php.ini 2021-01-07 20:42:09 Result: file /etc/php5/cli-php5.6/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php5/apache2/php.ini 2021-01-07 20:42:09 Result: file /etc/php5/apache2/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php5/fpm/php.ini 2021-01-07 20:42:09 Result: file /etc/php5/fpm/php.ini not found 2021-01-07 20:42:09 Test: checking presence /private/etc/php.ini 2021-01-07 20:42:09 Result: file /private/etc/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php/7.0/apache2/php.ini 2021-01-07 20:42:09 Result: file /etc/php/7.0/apache2/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php/7.1/apache2/php.ini 2021-01-07 20:42:09 Result: file /etc/php/7.1/apache2/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php/7.2/apache2/php.ini 2021-01-07 20:42:09 Result: file /etc/php/7.2/apache2/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php/7.3/apache2/php.ini 2021-01-07 20:42:09 Result: file /etc/php/7.3/apache2/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php/7.4/apache2/php.ini 2021-01-07 20:42:09 Result: Found php.ini file (/etc/php/7.4/apache2/php.ini) 2021-01-07 20:42:09 Note: Adding file to php.ini array 2021-01-07 20:42:09 Test: checking presence /etc/php/7.0/cli/php.ini 2021-01-07 20:42:09 Result: file /etc/php/7.0/cli/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php/7.0/fpm/php.ini 2021-01-07 20:42:09 Result: file /etc/php/7.0/fpm/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php/7.1/cli/php.ini 2021-01-07 20:42:09 Result: file /etc/php/7.1/cli/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php/7.1/fpm/php.ini 2021-01-07 20:42:09 Result: file /etc/php/7.1/fpm/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php/7.2/cli/php.ini 2021-01-07 20:42:09 Result: file /etc/php/7.2/cli/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php/7.2/fpm/php.ini 2021-01-07 20:42:09 Result: file /etc/php/7.2/fpm/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php/7.3/cli/php.ini 2021-01-07 20:42:09 Result: file /etc/php/7.3/cli/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php/7.3/fpm/php.ini 2021-01-07 20:42:09 Result: file /etc/php/7.3/fpm/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php/7.4/cli/php.ini 2021-01-07 20:42:09 Result: Found php.ini file (/etc/php/7.4/cli/php.ini) 2021-01-07 20:42:09 Note: Adding file to php.ini array 2021-01-07 20:42:09 Test: checking presence /etc/php/7.4/fpm/php.ini 2021-01-07 20:42:09 Result: file /etc/php/7.4/fpm/php.ini not found 2021-01-07 20:42:09 Test: checking presence /var/www/conf/php.ini 2021-01-07 20:42:09 Result: file /var/www/conf/php.ini not found 2021-01-07 20:42:09 Test: checking presence /usr/local/etc/php.ini 2021-01-07 20:42:09 Result: file /usr/local/etc/php.ini not found 2021-01-07 20:42:09 Test: checking presence /usr/local/lib/php.ini 2021-01-07 20:42:09 Result: file /usr/local/lib/php.ini not found 2021-01-07 20:42:09 Test: checking presence /usr/local/etc/php5/cgi/php.ini 2021-01-07 20:42:09 Result: file /usr/local/etc/php5/cgi/php.ini not found 2021-01-07 20:42:09 Test: checking presence /usr/local/php54/lib/php.ini 2021-01-07 20:42:09 Result: file /usr/local/php54/lib/php.ini not found 2021-01-07 20:42:09 Test: checking presence /usr/local/php56/lib/php.ini 2021-01-07 20:42:09 Result: file /usr/local/php56/lib/php.ini not found 2021-01-07 20:42:09 Test: checking presence /usr/local/php70/lib/php.ini 2021-01-07 20:42:09 Result: file /usr/local/php70/lib/php.ini not found 2021-01-07 20:42:09 Test: checking presence /usr/local/php71/lib/php.ini 2021-01-07 20:42:09 Result: file /usr/local/php71/lib/php.ini not found 2021-01-07 20:42:09 Test: checking presence /usr/local/php72/lib/php.ini 2021-01-07 20:42:09 Result: file /usr/local/php72/lib/php.ini not found 2021-01-07 20:42:09 Test: checking presence /usr/local/php73/lib/php.ini 2021-01-07 20:42:09 Result: file /usr/local/php73/lib/php.ini not found 2021-01-07 20:42:09 Test: checking presence /usr/local/php74/lib/php.ini 2021-01-07 20:42:09 Result: file /usr/local/php74/lib/php.ini not found 2021-01-07 20:42:09 Test: checking presence /usr/local/zend/etc/php.ini 2021-01-07 20:42:09 Result: file /usr/local/zend/etc/php.ini not found 2021-01-07 20:42:09 Test: checking presence /usr/pkg/etc/php.ini 2021-01-07 20:42:09 Result: file /usr/pkg/etc/php.ini not found 2021-01-07 20:42:09 Test: checking presence /opt/cpanel/ea-php54/root/etc/php.ini 2021-01-07 20:42:09 Result: file /opt/cpanel/ea-php54/root/etc/php.ini not found 2021-01-07 20:42:09 Test: checking presence /opt/cpanel/ea-php55/root/etc/php.ini 2021-01-07 20:42:09 Result: file /opt/cpanel/ea-php55/root/etc/php.ini not found 2021-01-07 20:42:09 Test: checking presence /opt/cpanel/ea-php56/root/etc/php.ini 2021-01-07 20:42:09 Result: file /opt/cpanel/ea-php56/root/etc/php.ini not found 2021-01-07 20:42:09 Test: checking presence /opt/cpanel/ea-php70/root/etc/php.ini 2021-01-07 20:42:09 Result: file /opt/cpanel/ea-php70/root/etc/php.ini not found 2021-01-07 20:42:09 Test: checking presence /opt/cpanel/ea-php71/root/etc/php.ini 2021-01-07 20:42:09 Result: file /opt/cpanel/ea-php71/root/etc/php.ini not found 2021-01-07 20:42:09 Test: checking presence /opt/cpanel/ea-php72/root/etc/php.ini 2021-01-07 20:42:09 Result: file /opt/cpanel/ea-php72/root/etc/php.ini not found 2021-01-07 20:42:09 Test: checking presence /opt/cpanel/ea-php73/root/etc/php.ini 2021-01-07 20:42:09 Result: file /opt/cpanel/ea-php73/root/etc/php.ini not found 2021-01-07 20:42:09 Test: checking presence /opt/cpanel/ea-php74/root/etc/php.ini 2021-01-07 20:42:09 Result: file /opt/cpanel/ea-php74/root/etc/php.ini not found 2021-01-07 20:42:09 Test: checking presence /opt/alt/php44/etc/php.ini 2021-01-07 20:42:09 Result: file /opt/alt/php44/etc/php.ini not found 2021-01-07 20:42:09 Test: checking presence /opt/alt/php51/etc/php.ini 2021-01-07 20:42:09 Result: file /opt/alt/php51/etc/php.ini not found 2021-01-07 20:42:09 Test: checking presence /opt/alt/php52/etc/php.ini 2021-01-07 20:42:09 Result: file /opt/alt/php52/etc/php.ini not found 2021-01-07 20:42:09 Test: checking presence /opt/alt/php53/etc/php.ini 2021-01-07 20:42:09 Result: file /opt/alt/php53/etc/php.ini not found 2021-01-07 20:42:09 Test: checking presence /opt/alt/php54/etc/php.ini 2021-01-07 20:42:09 Result: file /opt/alt/php54/etc/php.ini not found 2021-01-07 20:42:09 Test: checking presence /opt/alt/php55/etc/php.ini 2021-01-07 20:42:09 Result: file /opt/alt/php55/etc/php.ini not found 2021-01-07 20:42:09 Test: checking presence /opt/alt/php56/etc/php.ini 2021-01-07 20:42:09 Result: file /opt/alt/php56/etc/php.ini not found 2021-01-07 20:42:09 Test: checking presence /opt/alt/php70/etc/php.ini 2021-01-07 20:42:09 Result: file /opt/alt/php70/etc/php.ini not found 2021-01-07 20:42:09 Test: checking presence /opt/alt/php71/etc/php.ini 2021-01-07 20:42:09 Result: file /opt/alt/php71/etc/php.ini not found 2021-01-07 20:42:09 Test: checking presence /opt/alt/php72/etc/php.ini 2021-01-07 20:42:09 Result: file /opt/alt/php72/etc/php.ini not found 2021-01-07 20:42:09 Test: checking presence /opt/alt/php73/etc/php.ini 2021-01-07 20:42:09 Result: file /opt/alt/php73/etc/php.ini not found 2021-01-07 20:42:09 Test: checking presence /opt/alt/php74/etc/php.ini 2021-01-07 20:42:09 Result: file /opt/alt/php74/etc/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/opt/remi/php56/php.ini 2021-01-07 20:42:09 Result: file /etc/opt/remi/php56/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/opt/remi/php70/php.ini 2021-01-07 20:42:09 Result: file /etc/opt/remi/php70/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/opt/remi/php71/php.ini 2021-01-07 20:42:09 Result: file /etc/opt/remi/php71/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/opt/remi/php72/php.ini 2021-01-07 20:42:09 Result: file /etc/opt/remi/php72/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/opt/remi/php73/php.ini 2021-01-07 20:42:09 Result: file /etc/opt/remi/php73/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/opt/remi/php74/php.ini 2021-01-07 20:42:09 Result: file /etc/opt/remi/php74/php.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php-5.6.ini 2021-01-07 20:42:09 Result: file /etc/php-5.6.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php-7.0.ini 2021-01-07 20:42:09 Result: file /etc/php-7.0.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php-7.1.ini 2021-01-07 20:42:09 Result: file /etc/php-7.1.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php-7.2.ini 2021-01-07 20:42:09 Result: file /etc/php-7.2.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php-7.3.ini 2021-01-07 20:42:09 Result: file /etc/php-7.3.ini not found 2021-01-07 20:42:09 Test: checking presence /etc/php-7.4.ini 2021-01-07 20:42:09 Result: file /etc/php-7.4.ini not found 2021-01-07 20:42:09 Result: no files found for /etc/php5/conf.d 2021-01-07 20:42:09 Result: no files found for /etc/php/7.0/cli/conf.d 2021-01-07 20:42:09 Result: no files found for /etc/php/7.1/cli/conf.d 2021-01-07 20:42:09 Result: no files found for /etc/php/7.2/cli/conf.d 2021-01-07 20:42:09 Result: no files found for /etc/php/7.3/cli/conf.d 2021-01-07 20:42:09 Result: found files in location /etc/php/7.4/cli/conf.d, checking 2021-01-07 20:42:09 Result: file /etc/php/7.4/cli/conf.d/10-mysqlnd.ini exists, adding to php.ini array 2021-01-07 20:42:09 Result: file /etc/php/7.4/cli/conf.d/10-opcache.ini exists, adding to php.ini array 2021-01-07 20:42:09 Result: file /etc/php/7.4/cli/conf.d/10-pdo.ini exists, adding to php.ini array 2021-01-07 20:42:09 Result: file /etc/php/7.4/cli/conf.d/20-calendar.ini exists, adding to php.ini array 2021-01-07 20:42:09 Result: file /etc/php/7.4/cli/conf.d/20-ctype.ini exists, adding to php.ini array 2021-01-07 20:42:09 Result: file /etc/php/7.4/cli/conf.d/20-exif.ini exists, adding to php.ini array 2021-01-07 20:42:09 Result: file /etc/php/7.4/cli/conf.d/20-ffi.ini exists, adding to php.ini array 2021-01-07 20:42:09 Result: file /etc/php/7.4/cli/conf.d/20-fileinfo.ini exists, adding to php.ini array 2021-01-07 20:42:09 Result: file /etc/php/7.4/cli/conf.d/20-ftp.ini exists, adding to php.ini array 2021-01-07 20:42:09 Result: file /etc/php/7.4/cli/conf.d/20-gettext.ini exists, adding to php.ini array 2021-01-07 20:42:09 Result: file /etc/php/7.4/cli/conf.d/20-iconv.ini exists, adding to php.ini array 2021-01-07 20:42:09 Result: file /etc/php/7.4/cli/conf.d/20-json.ini exists, adding to php.ini array 2021-01-07 20:42:09 Result: file /etc/php/7.4/cli/conf.d/20-mysqli.ini exists, adding to php.ini array 2021-01-07 20:42:09 Result: file /etc/php/7.4/cli/conf.d/20-pdo_mysql.ini exists, adding to php.ini array 2021-01-07 20:42:09 Result: file /etc/php/7.4/cli/conf.d/20-phar.ini exists, adding to php.ini array 2021-01-07 20:42:09 Result: file /etc/php/7.4/cli/conf.d/20-posix.ini exists, adding to php.ini array 2021-01-07 20:42:09 Result: file /etc/php/7.4/cli/conf.d/20-readline.ini exists, adding to php.ini array 2021-01-07 20:42:09 Result: file /etc/php/7.4/cli/conf.d/20-shmop.ini exists, adding to php.ini array 2021-01-07 20:42:09 Result: file /etc/php/7.4/cli/conf.d/20-sockets.ini exists, adding to php.ini array 2021-01-07 20:42:09 Result: file /etc/php/7.4/cli/conf.d/20-sysvmsg.ini exists, adding to php.ini array 2021-01-07 20:42:09 Result: file /etc/php/7.4/cli/conf.d/20-sysvsem.ini exists, adding to php.ini array 2021-01-07 20:42:09 Result: file /etc/php/7.4/cli/conf.d/20-sysvshm.ini exists, adding to php.ini array 2021-01-07 20:42:09 Result: file /etc/php/7.4/cli/conf.d/20-tokenizer.ini exists, adding to php.ini array 2021-01-07 20:42:09 Result: no files found for /etc/php/7.0/fpm/conf.d 2021-01-07 20:42:09 Result: no files found for /etc/php/7.1/fpm/conf.d 2021-01-07 20:42:09 Result: no files found for /etc/php/7.2/fpm/conf.d 2021-01-07 20:42:09 Result: no files found for /etc/php/7.3/fpm/conf.d 2021-01-07 20:42:09 Result: no files found for /etc/php/7.4/fpm/conf.d 2021-01-07 20:42:09 Result: no files found for /etc/php.d 2021-01-07 20:42:09 Result: no files found for /opt/cpanel/ea-php54/root/etc/php.d 2021-01-07 20:42:09 Result: no files found for /opt/cpanel/ea-php55/root/etc/php.d 2021-01-07 20:42:09 Result: no files found for /opt/cpanel/ea-php56/root/etc/php.d 2021-01-07 20:42:09 Result: no files found for /opt/cpanel/ea-php70/root/etc/php.d 2021-01-07 20:42:09 Result: no files found for /opt/cpanel/ea-php71/root/etc/php.d 2021-01-07 20:42:09 Result: no files found for /opt/cpanel/ea-php72/root/etc/php.d 2021-01-07 20:42:09 Result: no files found for /opt/cpanel/ea-php73/root/etc/php.d 2021-01-07 20:42:09 Result: no files found for /opt/cpanel/ea-php74/root/etc/php.d 2021-01-07 20:42:09 Result: no files found for /opt/alt/php44/etc/php.d.all 2021-01-07 20:42:09 Result: no files found for /opt/alt/php51/etc/php.d.all 2021-01-07 20:42:09 Result: no files found for /opt/alt/php52/etc/php.d.all 2021-01-07 20:42:09 Result: no files found for /opt/alt/php53/etc/php.d.all 2021-01-07 20:42:09 Result: no files found for /opt/alt/php54/etc/php.d.all 2021-01-07 20:42:09 Result: no files found for /opt/alt/php55/etc/php.d.all 2021-01-07 20:42:09 Result: no files found for /opt/alt/php56/etc/php.d.all 2021-01-07 20:42:09 Result: no files found for /opt/alt/php70/etc/php.d.all 2021-01-07 20:42:09 Result: no files found for /opt/alt/php71/etc/php.d.all 2021-01-07 20:42:09 Result: no files found for /opt/alt/php72/etc/php.d.all 2021-01-07 20:42:09 Result: no files found for /opt/alt/php73/etc/php.d.all 2021-01-07 20:42:09 Result: no files found for /opt/alt/php74/etc/php.d.all 2021-01-07 20:42:09 Result: no files found for /usr/local/lib/php.conf.d 2021-01-07 20:42:09 Result: no files found for /usr/local/php70/lib/php.conf.d 2021-01-07 20:42:09 Result: no files found for /usr/local/php71/lib/php.conf.d 2021-01-07 20:42:09 Result: no files found for /usr/local/php72/lib/php.conf.d 2021-01-07 20:42:09 Result: no files found for /usr/local/php73/lib/php.conf.d 2021-01-07 20:42:09 Result: no files found for /usr/local/php74/lib/php.conf.d 2021-01-07 20:42:09 Result: no files found for /etc/php-5.6 2021-01-07 20:42:09 Result: no files found for /etc/php-7.0 2021-01-07 20:42:09 Result: no files found for /etc/php-7.1 2021-01-07 20:42:09 Result: no files found for /etc/php-7.2 2021-01-07 20:42:09 Result: no files found for /etc/php-7.3 2021-01-07 20:42:09 Result: no files found for /etc/php-7.4 2021-01-07 20:42:09 Result: using single file /etc/php/7.4/cli/php.ini for main php.ini tests 2021-01-07 20:42:09 Result: using php.ini array /etc/php/7.4/apache2/php.ini /etc/php/7.4/cli/php.ini /etc/php/7.4/cli/conf.d/10-mysqlnd.ini /etc/php/7.4/cli/conf.d/10-opcache.ini /etc/php/7.4/cli/conf.d/10-pdo.ini /etc/php/7.4/cli/conf.d/20-calendar.ini /etc/php/7.4/cli/conf.d/20-ctype.ini /etc/php/7.4/cli/conf.d/20-exif.ini /etc/php/7.4/cli/conf.d/20-ffi.ini /etc/php/7.4/cli/conf.d/20-fileinfo.ini /etc/php/7.4/cli/conf.d/20-ftp.ini /etc/php/7.4/cli/conf.d/20-gettext.ini /etc/php/7.4/cli/conf.d/20-iconv.ini /etc/php/7.4/cli/conf.d/20-json.ini /etc/php/7.4/cli/conf.d/20-mysqli.ini /etc/php/7.4/cli/conf.d/20-pdo_mysql.ini /etc/php/7.4/cli/conf.d/20-phar.ini /etc/php/7.4/cli/conf.d/20-posix.ini /etc/php/7.4/cli/conf.d/20-readline.ini /etc/php/7.4/cli/conf.d/20-shmop.ini /etc/php/7.4/cli/conf.d/20-sockets.ini /etc/php/7.4/cli/conf.d/20-sysvmsg.ini /etc/php/7.4/cli/conf.d/20-sysvsem.ini /etc/php/7.4/cli/conf.d/20-sysvshm.ini /etc/php/7.4/cli/conf.d/20-tokenizer.ini for further tests 2021-01-07 20:42:09 ==== 2021-01-07 20:42:09 Performing test ID PHP-2320 (Check PHP disabled functions) 2021-01-07 20:42:09 Test: Checking for PHP function hardening disabled_functions or suhosin.executor.func.blacklist in file /etc/php/7.4/apache2/php.ini 2021-01-07 20:42:09 Result: /etc/php/7.4/apache2/php.ini: found disabled_functions 2021-01-07 20:42:09 Result: /etc/php/7.4/apache2/php.ini: suhosin.executor.func.blacklist not found 2021-01-07 20:42:09 Test: Checking for PHP function hardening disabled_functions or suhosin.executor.func.blacklist in file /etc/php/7.4/cli/php.ini 2021-01-07 20:42:09 Result: /etc/php/7.4/cli/php.ini: found disabled_functions 2021-01-07 20:42:09 Result: /etc/php/7.4/cli/php.ini: suhosin.executor.func.blacklist not found 2021-01-07 20:42:09 Test: Checking for PHP function hardening disabled_functions or suhosin.executor.func.blacklist in file /etc/php/7.4/cli/conf.d/10-mysqlnd.ini 2021-01-07 20:42:09 Result: /etc/php/7.4/cli/conf.d/10-mysqlnd.ini: disabled_functions not found 2021-01-07 20:42:09 Result: /etc/php/7.4/cli/conf.d/10-mysqlnd.ini: suhosin.executor.func.blacklist not found 2021-01-07 20:42:09 Test: Checking for PHP function hardening disabled_functions or suhosin.executor.func.blacklist in file /etc/php/7.4/cli/conf.d/10-opcache.ini 2021-01-07 20:42:09 Result: /etc/php/7.4/cli/conf.d/10-opcache.ini: disabled_functions not found 2021-01-07 20:42:09 Result: /etc/php/7.4/cli/conf.d/10-opcache.ini: suhosin.executor.func.blacklist not found 2021-01-07 20:42:09 Test: Checking for PHP function hardening disabled_functions or suhosin.executor.func.blacklist in file /etc/php/7.4/cli/conf.d/10-pdo.ini 2021-01-07 20:42:09 Result: /etc/php/7.4/cli/conf.d/10-pdo.ini: disabled_functions not found 2021-01-07 20:42:09 Result: /etc/php/7.4/cli/conf.d/10-pdo.ini: suhosin.executor.func.blacklist not found 2021-01-07 20:42:09 Test: Checking for PHP function hardening disabled_functions or suhosin.executor.func.blacklist in file /etc/php/7.4/cli/conf.d/20-calendar.ini 2021-01-07 20:42:09 Result: /etc/php/7.4/cli/conf.d/20-calendar.ini: disabled_functions not found 2021-01-07 20:42:09 Result: /etc/php/7.4/cli/conf.d/20-calendar.ini: suhosin.executor.func.blacklist not found 2021-01-07 20:42:09 Test: Checking for PHP function hardening disabled_functions or suhosin.executor.func.blacklist in file /etc/php/7.4/cli/conf.d/20-ctype.ini 2021-01-07 20:42:09 Result: /etc/php/7.4/cli/conf.d/20-ctype.ini: disabled_functions not found 2021-01-07 20:42:09 Result: /etc/php/7.4/cli/conf.d/20-ctype.ini: suhosin.executor.func.blacklist not found 2021-01-07 20:42:09 Test: Checking for PHP function hardening disabled_functions or suhosin.executor.func.blacklist in file /etc/php/7.4/cli/conf.d/20-exif.ini 2021-01-07 20:42:09 Result: /etc/php/7.4/cli/conf.d/20-exif.ini: disabled_functions not found 2021-01-07 20:42:09 Result: /etc/php/7.4/cli/conf.d/20-exif.ini: suhosin.executor.func.blacklist not found 2021-01-07 20:42:09 Test: Checking for PHP function hardening disabled_functions or suhosin.executor.func.blacklist in file /etc/php/7.4/cli/conf.d/20-ffi.ini 2021-01-07 20:42:09 Result: /etc/php/7.4/cli/conf.d/20-ffi.ini: disabled_functions not found 2021-01-07 20:42:09 Result: /etc/php/7.4/cli/conf.d/20-ffi.ini: suhosin.executor.func.blacklist not found 2021-01-07 20:42:09 Test: Checking for PHP function hardening disabled_functions or suhosin.executor.func.blacklist in file /etc/php/7.4/cli/conf.d/20-fileinfo.ini 2021-01-07 20:42:09 Result: /etc/php/7.4/cli/conf.d/20-fileinfo.ini: disabled_functions not found 2021-01-07 20:42:09 Result: /etc/php/7.4/cli/conf.d/20-fileinfo.ini: suhosin.executor.func.blacklist not found 2021-01-07 20:42:09 Test: Checking for PHP function hardening disabled_functions or suhosin.executor.func.blacklist in file /etc/php/7.4/cli/conf.d/20-ftp.ini 2021-01-07 20:42:09 Result: /etc/php/7.4/cli/conf.d/20-ftp.ini: disabled_functions not found 2021-01-07 20:42:09 Result: /etc/php/7.4/cli/conf.d/20-ftp.ini: suhosin.executor.func.blacklist not found 2021-01-07 20:42:09 Test: Checking for PHP function hardening disabled_functions or suhosin.executor.func.blacklist in file /etc/php/7.4/cli/conf.d/20-gettext.ini 2021-01-07 20:42:09 Result: /etc/php/7.4/cli/conf.d/20-gettext.ini: disabled_functions not found 2021-01-07 20:42:09 Result: /etc/php/7.4/cli/conf.d/20-gettext.ini: suhosin.executor.func.blacklist not found 2021-01-07 20:42:09 Test: Checking for PHP function hardening disabled_functions or suhosin.executor.func.blacklist in file /etc/php/7.4/cli/conf.d/20-iconv.ini 2021-01-07 20:42:09 Result: /etc/php/7.4/cli/conf.d/20-iconv.ini: disabled_functions not found 2021-01-07 20:42:09 Result: /etc/php/7.4/cli/conf.d/20-iconv.ini: suhosin.executor.func.blacklist not found 2021-01-07 20:42:09 Test: Checking for PHP function hardening disabled_functions or suhosin.executor.func.blacklist in file /etc/php/7.4/cli/conf.d/20-json.ini 2021-01-07 20:42:09 Result: /etc/php/7.4/cli/conf.d/20-json.ini: disabled_functions not found 2021-01-07 20:42:09 Result: /etc/php/7.4/cli/conf.d/20-json.ini: suhosin.executor.func.blacklist not found 2021-01-07 20:42:09 Test: Checking for PHP function hardening disabled_functions or suhosin.executor.func.blacklist in file /etc/php/7.4/cli/conf.d/20-mysqli.ini 2021-01-07 20:42:09 Result: /etc/php/7.4/cli/conf.d/20-mysqli.ini: disabled_functions not found 2021-01-07 20:42:09 Result: /etc/php/7.4/cli/conf.d/20-mysqli.ini: suhosin.executor.func.blacklist not found 2021-01-07 20:42:09 Test: Checking for PHP function hardening disabled_functions or suhosin.executor.func.blacklist in file /etc/php/7.4/cli/conf.d/20-pdo_mysql.ini 2021-01-07 20:42:09 Result: /etc/php/7.4/cli/conf.d/20-pdo_mysql.ini: disabled_functions not found 2021-01-07 20:42:09 Result: /etc/php/7.4/cli/conf.d/20-pdo_mysql.ini: suhosin.executor.func.blacklist not found 2021-01-07 20:42:09 Test: Checking for PHP function hardening disabled_functions or suhosin.executor.func.blacklist in file /etc/php/7.4/cli/conf.d/20-phar.ini 2021-01-07 20:42:09 Result: /etc/php/7.4/cli/conf.d/20-phar.ini: disabled_functions not found 2021-01-07 20:42:09 Result: /etc/php/7.4/cli/conf.d/20-phar.ini: suhosin.executor.func.blacklist not found 2021-01-07 20:42:09 Test: Checking for PHP function hardening disabled_functions or suhosin.executor.func.blacklist in file /etc/php/7.4/cli/conf.d/20-posix.ini 2021-01-07 20:42:09 Result: /etc/php/7.4/cli/conf.d/20-posix.ini: disabled_functions not found 2021-01-07 20:42:09 Result: /etc/php/7.4/cli/conf.d/20-posix.ini: suhosin.executor.func.blacklist not found 2021-01-07 20:42:09 Test: Checking for PHP function hardening disabled_functions or suhosin.executor.func.blacklist in file /etc/php/7.4/cli/conf.d/20-readline.ini 2021-01-07 20:42:09 Result: /etc/php/7.4/cli/conf.d/20-readline.ini: disabled_functions not found 2021-01-07 20:42:09 Result: /etc/php/7.4/cli/conf.d/20-readline.ini: suhosin.executor.func.blacklist not found 2021-01-07 20:42:09 Test: Checking for PHP function hardening disabled_functions or suhosin.executor.func.blacklist in file /etc/php/7.4/cli/conf.d/20-shmop.ini 2021-01-07 20:42:09 Result: /etc/php/7.4/cli/conf.d/20-shmop.ini: disabled_functions not found 2021-01-07 20:42:09 Result: /etc/php/7.4/cli/conf.d/20-shmop.ini: suhosin.executor.func.blacklist not found 2021-01-07 20:42:09 Test: Checking for PHP function hardening disabled_functions or suhosin.executor.func.blacklist in file /etc/php/7.4/cli/conf.d/20-sockets.ini 2021-01-07 20:42:09 Result: /etc/php/7.4/cli/conf.d/20-sockets.ini: disabled_functions not found 2021-01-07 20:42:09 Result: /etc/php/7.4/cli/conf.d/20-sockets.ini: suhosin.executor.func.blacklist not found 2021-01-07 20:42:09 Test: Checking for PHP function hardening disabled_functions or suhosin.executor.func.blacklist in file /etc/php/7.4/cli/conf.d/20-sysvmsg.ini 2021-01-07 20:42:09 Result: /etc/php/7.4/cli/conf.d/20-sysvmsg.ini: disabled_functions not found 2021-01-07 20:42:09 Result: /etc/php/7.4/cli/conf.d/20-sysvmsg.ini: suhosin.executor.func.blacklist not found 2021-01-07 20:42:09 Test: Checking for PHP function hardening disabled_functions or suhosin.executor.func.blacklist in file /etc/php/7.4/cli/conf.d/20-sysvsem.ini 2021-01-07 20:42:09 Result: /etc/php/7.4/cli/conf.d/20-sysvsem.ini: disabled_functions not found 2021-01-07 20:42:09 Result: /etc/php/7.4/cli/conf.d/20-sysvsem.ini: suhosin.executor.func.blacklist not found 2021-01-07 20:42:09 Test: Checking for PHP function hardening disabled_functions or suhosin.executor.func.blacklist in file /etc/php/7.4/cli/conf.d/20-sysvshm.ini 2021-01-07 20:42:09 Result: /etc/php/7.4/cli/conf.d/20-sysvshm.ini: disabled_functions not found 2021-01-07 20:42:09 Result: /etc/php/7.4/cli/conf.d/20-sysvshm.ini: suhosin.executor.func.blacklist not found 2021-01-07 20:42:09 Test: Checking for PHP function hardening disabled_functions or suhosin.executor.func.blacklist in file /etc/php/7.4/cli/conf.d/20-tokenizer.ini 2021-01-07 20:42:09 Result: /etc/php/7.4/cli/conf.d/20-tokenizer.ini: disabled_functions not found 2021-01-07 20:42:09 Result: /etc/php/7.4/cli/conf.d/20-tokenizer.ini: suhosin.executor.func.blacklist not found 2021-01-07 20:42:09 Result: one or more PHP functions are disabled/blacklisted 2021-01-07 20:42:09 Hardening: assigned maximum number of hardening points for this item (3). Currently having 136 points (out of 186) 2021-01-07 20:42:09 ==== 2021-01-07 20:42:09 Skipped test PHP-2368 (Check PHP register_globals option) 2021-01-07 20:42:09 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:09 ==== 2021-01-07 20:42:09 Performing test ID PHP-2372 (Check PHP expose_php option) 2021-01-07 20:42:09 Test: Checking file /etc/php/7.4/apache2/php.ini 2021-01-07 20:42:09 Result: Found 'expose_php' in disabled state (0, no, or off) 2021-01-07 20:42:09 Hardening: assigned maximum number of hardening points for this item (2). Currently having 138 points (out of 188) 2021-01-07 20:42:09 ==== 2021-01-07 20:42:09 Performing test ID PHP-2374 (Check PHP enable_dl option) 2021-01-07 20:42:09 Test: Checking PHP enable_dl option 2021-01-07 20:42:09 Result: Found 'enable_dl' in disabled state (not present, 0, no, or off) 2021-01-07 20:42:09 Hardening: assigned maximum number of hardening points for this item (2). Currently having 140 points (out of 190) 2021-01-07 20:42:09 ==== 2021-01-07 20:42:09 Performing test ID PHP-2376 (Check PHP allow_url_fopen option) 2021-01-07 20:42:09 Test: Checking PHP allow_url_fopen option 2021-01-07 20:42:09 Result: allow_url_fopen option is turned on, which can be used for downloads via PHP and is a security risk 2021-01-07 20:42:09 Suggestion: Change the allow_url_fopen line to: allow_url_fopen = Off, to disable downloads via PHP [test:PHP-2376] [details:-] [solution:-] 2021-01-07 20:42:09 Hardening: assigned partial number of hardening points (0 of 1). Currently having 140 points (out of 191) 2021-01-07 20:42:09 ==== 2021-01-07 20:42:09 Performing test ID PHP-2378 (Check PHP allow_url_include option) 2021-01-07 20:42:09 Test: Checking PHP allow_url_include option 2021-01-07 20:42:09 Result: Found 'allow_url_include' in disabled state (0, no, or off) 2021-01-07 20:42:09 Hardening: assigned maximum number of hardening points for this item (2). Currently having 142 points (out of 193) 2021-01-07 20:42:09 ==== 2021-01-07 20:42:09 Performing test ID PHP-2382 (Check PHP expose_php option) 2021-01-07 20:42:09 Test: Checking file /etc/php/7.4/apache2/php.ini 2021-01-07 20:42:09 Hardening: assigned maximum number of hardening points for this item (2). Currently having 144 points (out of 195) 2021-01-07 20:42:09 Security check: file is normal 2021-01-07 20:42:09 Checking permissions of /root/scans/lynis/include/tests_squid 2021-01-07 20:42:09 File permissions are OK 2021-01-07 20:42:09 ==== 2021-01-07 20:42:09 Action: Performing tests from category: Squid Support 2021-01-07 20:42:09 ==== 2021-01-07 20:42:09 Performing test ID SQD-3602 (Check for running Squid daemon) 2021-01-07 20:42:09 Test: Searching for a Squid daemon 2021-01-07 20:42:09 Result: No running Squid daemon found 2021-01-07 20:42:09 ==== 2021-01-07 20:42:09 Skipped test SQD-3604 (Check Squid daemon file location) 2021-01-07 20:42:09 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:09 ==== 2021-01-07 20:42:09 Skipped test SQD-3606 (Check Squid version) 2021-01-07 20:42:09 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:09 ==== 2021-01-07 20:42:09 Skipped test SQD-3610 (Gather Squid settings) 2021-01-07 20:42:09 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:09 ==== 2021-01-07 20:42:09 Skipped test SQD-3613 (Check Squid file permissions) 2021-01-07 20:42:09 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:09 ==== 2021-01-07 20:42:09 Skipped test SQD-3614 (Check Squid authentication methods) 2021-01-07 20:42:09 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:09 ==== 2021-01-07 20:42:09 Skipped test SQD-3616 (Check external Squid authentication) 2021-01-07 20:42:09 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:09 ==== 2021-01-07 20:42:09 Skipped test SQD-3620 (Check Squid access control lists) 2021-01-07 20:42:09 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:09 ==== 2021-01-07 20:42:09 Skipped test SQD-3624 (Check Squid safe ports) 2021-01-07 20:42:09 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:09 ==== 2021-01-07 20:42:09 Skipped test SQD-3630 (Check Squid reply_body_max_size option) 2021-01-07 20:42:09 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:09 ==== 2021-01-07 20:42:09 Skipped test SQD-3680 (Check Squid version suppression) 2021-01-07 20:42:10 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:10 Security check: file is normal 2021-01-07 20:42:10 Checking permissions of /root/scans/lynis/include/tests_logging 2021-01-07 20:42:10 File permissions are OK 2021-01-07 20:42:10 ==== 2021-01-07 20:42:10 Action: Performing tests from category: Logging and files 2021-01-07 20:42:10 ==== 2021-01-07 20:42:10 Performing test ID LOGG-2130 (Check for running syslog daemon) 2021-01-07 20:42:10 Test: Searching for a logging daemon 2021-01-07 20:42:10 Result: Found a logging daemon 2021-01-07 20:42:10 Hardening: assigned maximum number of hardening points for this item (3). Currently having 147 points (out of 198) 2021-01-07 20:42:10 ==== 2021-01-07 20:42:10 Performing test ID LOGG-2132 (Check for running syslog-ng daemon) 2021-01-07 20:42:10 Test: Searching for syslog-ng daemon in process list 2021-01-07 20:42:10 Performing pgrep scan without uid 2021-01-07 20:42:10 IsRunning: process 'syslog-ng' not found 2021-01-07 20:42:10 Result: Syslog-ng NOT found in process list 2021-01-07 20:42:10 ==== 2021-01-07 20:42:10 Skipped test LOGG-2134 (Checking Syslog-NG configuration file consistency) 2021-01-07 20:42:10 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:10 ==== 2021-01-07 20:42:10 Performing test ID LOGG-2136 (Check for running systemd journal daemon) 2021-01-07 20:42:10 Test: Searching for systemd journal daemon in process list 2021-01-07 20:42:10 Performing pgrep scan without uid 2021-01-07 20:42:10 IsRunning: process 'systemd-journal' found (479 ) 2021-01-07 20:42:10 ==== 2021-01-07 20:42:10 Performing test ID LOGG-2210 (Check for running metalog daemon) 2021-01-07 20:42:10 Test: Searching for metalog daemon in process list 2021-01-07 20:42:10 Performing pgrep scan without uid 2021-01-07 20:42:10 IsRunning: process 'metalog' not found 2021-01-07 20:42:10 Result: metalog NOT found in process list 2021-01-07 20:42:10 ==== 2021-01-07 20:42:10 Performing test ID LOGG-2230 (Check for running RSyslog daemon) 2021-01-07 20:42:10 Test: Searching for RSyslog daemon in process list 2021-01-07 20:42:10 Performing pgrep scan without uid 2021-01-07 20:42:10 IsRunning: process 'rsyslogd' found (831 ) 2021-01-07 20:42:10 Result: Found rsyslogd in process list 2021-01-07 20:42:10 ==== 2021-01-07 20:42:10 Performing test ID LOGG-2240 (Check for running RFC 3195 compliant daemon) 2021-01-07 20:42:10 Test: Searching for RFC 3195 daemon (alias syslog reliable) in process list 2021-01-07 20:42:10 Performing pgrep scan without uid 2021-01-07 20:42:10 IsRunning: process 'rfc3195d' not found 2021-01-07 20:42:10 Result: rfc3195d NOT found in process list 2021-01-07 20:42:10 ==== 2021-01-07 20:42:10 Performing test ID LOGG-2138 (Checking kernel logger daemon on Linux) 2021-01-07 20:42:10 Test: Searching kernel logger daemon (klogd) 2021-01-07 20:42:10 Result: test skipped, because other facility is being used to log kernel messages 2021-01-07 20:42:10 ==== 2021-01-07 20:42:10 Performing test ID LOGG-2142 (Checking minilog daemon) 2021-01-07 20:42:10 Result: Checking for unkilled minilogd instances 2021-01-07 20:42:10 Performing pgrep scan without uid 2021-01-07 20:42:10 IsRunning: process 'minilogd' not found 2021-01-07 20:42:10 Result: No minilogd is running 2021-01-07 20:42:10 ==== 2021-01-07 20:42:10 Performing test ID LOGG-2146 (Checking logrotate.conf and logrotate.d) 2021-01-07 20:42:10 Test: Checking for /etc/logrotate.conf 2021-01-07 20:42:10 Result: /etc/logrotate.conf found (file) 2021-01-07 20:42:10 Test: Checking for /etc/logrotate.d (directory) 2021-01-07 20:42:10 Result: /etc/logrotate.d found 2021-01-07 20:42:10 Result: logrotate configuration found 2021-01-07 20:42:10 ==== 2021-01-07 20:42:10 Performing test ID LOGG-2148 (Checking logrotated files) 2021-01-07 20:42:10 Test: Checking which files are rotated with logrotate and if they exist 2021-01-07 20:42:10 Result: found one or more files which are rotated via logrotate 2021-01-07 20:42:10 Output: File:/var/log/apport.log:does_not_exist 2021-01-07 20:42:10 Output: File:/var/log/boot.log:does_not_exist 2021-01-07 20:42:10 Output: File:/var/log/cron.log:does_not_exist 2021-01-07 20:42:10 Output: File:/var/log/daemon.log:does_not_exist 2021-01-07 20:42:10 Output: File:/var/log/debug:does_not_exist 2021-01-07 20:42:10 Output: File:/var/log/lpr.log:does_not_exist 2021-01-07 20:42:10 Output: File:/var/log/mail.err:does_not_exist 2021-01-07 20:42:10 Output: File:/var/log/mail.info:does_not_exist 2021-01-07 20:42:10 Output: File:/var/log/mail.log:does_not_exist 2021-01-07 20:42:10 Output: File:/var/log/mail.warn:does_not_exist 2021-01-07 20:42:10 Output: File:/var/log/messages:does_not_exist 2021-01-07 20:42:10 Output: File:/var/log/mysql.log:does_not_exist 2021-01-07 20:42:10 Output: File:/var/log/ufw.log:does_not_exist 2021-01-07 20:42:10 Output: File:/var/log/user.log:does_not_exist 2021-01-07 20:42:10 Output: File:/var/log/alternatives.log:exists 2021-01-07 20:42:10 Output: File:/var/log/apache2/access.log:exists 2021-01-07 20:42:10 Output: File:/var/log/apache2/error.log:exists 2021-01-07 20:42:10 Output: File:/var/log/apache2/other_vhosts_access.log:exists 2021-01-07 20:42:10 Output: File:/var/log/apport.log:exists 2021-01-07 20:42:10 Output: File:/var/log/apt/history.log:exists 2021-01-07 20:42:10 Output: File:/var/log/apt/term.log:exists 2021-01-07 20:42:10 Output: File:/var/log/auth.log:exists 2021-01-07 20:42:10 Output: File:/var/log/boot.log:exists 2021-01-07 20:42:10 Output: File:/var/log/btmp:exists 2021-01-07 20:42:10 Output: File:/var/log/cron.log:exists 2021-01-07 20:42:10 Output: File:/var/log/daemon.log:exists 2021-01-07 20:42:10 Output: File:/var/log/debug:exists 2021-01-07 20:42:10 Output: File:/var/log/dpkg.log:exists 2021-01-07 20:42:10 Output: File:/var/log/kern.log:exists 2021-01-07 20:42:10 Output: File:/var/log/lpr.log:exists 2021-01-07 20:42:10 Output: File:/var/log/mail.err:exists 2021-01-07 20:42:10 Output: File:/var/log/mail.info:exists 2021-01-07 20:42:10 Output: File:/var/log/mail.log:exists 2021-01-07 20:42:10 Output: File:/var/log/mail.warn:exists 2021-01-07 20:42:10 Output: File:/var/log/messages:exists 2021-01-07 20:42:10 Output: File:/var/log/mysql.log:exists 2021-01-07 20:42:10 Output: File:/var/log/mysql/error.log:exists 2021-01-07 20:42:10 Output: File:/var/log/syslog:exists 2021-01-07 20:42:10 Output: File:/var/log/ubuntu-advantage.log:exists 2021-01-07 20:42:10 Output: File:/var/log/ufw.log:exists 2021-01-07 20:42:10 Output: File:/var/log/unattended-upgrades/unattended-upgrades-dpkg.log:exists 2021-01-07 20:42:10 Output: File:/var/log/unattended-upgrades/unattended-upgrades-shutdown.log:exists 2021-01-07 20:42:10 Output: File:/var/log/unattended-upgrades/unattended-upgrades.log:exists 2021-01-07 20:42:10 Output: File:/var/log/user.log:exists 2021-01-07 20:42:10 Output: File:/var/log/wtmp:exists 2021-01-07 20:42:10 ==== 2021-01-07 20:42:10 Performing test ID LOGG-2150 (Checking directories in logrotate configuration) 2021-01-07 20:42:10 Test: Checking which directories can be found in logrotate configuration 2021-01-07 20:42:10 Result: found one or more directories (via logrotate configuration) 2021-01-07 20:42:10 Directory found: /var/log 2021-01-07 20:42:10 Directory found: /var/log/apache2 2021-01-07 20:42:10 Directory found: /var/log/apt 2021-01-07 20:42:10 Directory found: /var/log/mysql 2021-01-07 20:42:10 Directory found: /var/log/unattended-upgrades 2021-01-07 20:42:10 ==== 2021-01-07 20:42:10 Skipped test LOGG-2152 (Checking loghost) 2021-01-07 20:42:10 Reason to skip: Incorrect guest OS (Solaris only) 2021-01-07 20:42:10 ==== 2021-01-07 20:42:10 Skipped test LOGG-2153 (Checking loghost is localhost) 2021-01-07 20:42:10 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:10 ==== 2021-01-07 20:42:10 Performing test ID LOGG-2154 (Checking syslog configuration file) 2021-01-07 20:42:10 Test: analyzing file /etc/rsyslog.conf for remote target 2021-01-07 20:42:10 Result: no remote target found 2021-01-07 20:42:10 Test: analyzing file /etc/rsyslog.d/20-ufw.conf for remote target 2021-01-07 20:42:10 Result: no remote target found 2021-01-07 20:42:10 Test: analyzing file /etc/rsyslog.d/50-default.conf for remote target 2021-01-07 20:42:10 Result: no remote target found 2021-01-07 20:42:10 Test: analyzing file /etc/rsyslog.d/21-cloudinit.conf for remote target 2021-01-07 20:42:10 Result: no remote target found 2021-01-07 20:42:10 Result: no remote logging found 2021-01-07 20:42:10 Suggestion: Enable logging to an external logging host for archiving purposes and additional protection [test:LOGG-2154] [details:-] [solution:-] 2021-01-07 20:42:10 Hardening: assigned partial number of hardening points (1 of 3). Currently having 148 points (out of 201) 2021-01-07 20:42:10 ==== 2021-01-07 20:42:10 Skipped test LOGG-2160 (Checking /etc/newsyslog.conf) 2021-01-07 20:42:10 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:10 ==== 2021-01-07 20:42:10 Skipped test LOGG-2162 (Checking directories in /etc/newsyslog.conf) 2021-01-07 20:42:10 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:10 ==== 2021-01-07 20:42:10 Skipped test LOGG-2164 (Checking files specified /etc/newsyslog.conf) 2021-01-07 20:42:10 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:10 ==== 2021-01-07 20:42:10 Performing test ID LOGG-2170 (Checking log paths) 2021-01-07 20:42:10 Test: Searching log paths 2021-01-07 20:42:10 Result: directory /var/log exists 2021-01-07 20:42:10 Result: directory /var/adm can't be found 2021-01-07 20:42:10 ==== 2021-01-07 20:42:10 Performing test ID LOGG-2180 (Checking open log files) 2021-01-07 20:42:10 Test: checking open log files with lsof 2021-01-07 20:42:10 Found logfile: /root/scans/outputs/lynis-console-1.log 2021-01-07 20:42:10 Found logfile: /var/log/apache2/access.log 2021-01-07 20:42:10 Found logfile: /var/log/apache2/error.log 2021-01-07 20:42:10 Found logfile: /var/log/apache2/other_vhosts_access.log 2021-01-07 20:42:10 Found logfile: /var/log/auth.log 2021-01-07 20:42:10 Found logfile: /var/log/kern.log 2021-01-07 20:42:10 Found logfile: /var/log/mysql/error.log 2021-01-07 20:42:10 Found logfile: /var/log/syslog 2021-01-07 20:42:10 Found logfile: /var/log/unattended-upgrades/unattended-upgrades-shutdown.log 2021-01-07 20:42:10 Found logfile: /var/log/vmware-vmsvc-root.log 2021-01-07 20:42:10 ==== 2021-01-07 20:42:10 Performing test ID LOGG-2190 (Checking for deleted files in use) 2021-01-07 20:42:10 Test: checking deleted files that are still in use 2021-01-07 20:42:10 Result: found one or more files which are deleted, but still in use 2021-01-07 20:42:10 Found deleted file: /(none) 2021-01-07 20:42:10 Found deleted file: /tmp/.ZendSem.m9Ufrh(apache2) 2021-01-07 20:42:10 Suggestion: Check what deleted files are still in use and why. [test:LOGG-2190] [details:-] [solution:-] 2021-01-07 20:42:10 ==== 2021-01-07 20:42:10 Performing test ID LOGG-2192 (Checking for open log files that are empty) 2021-01-07 20:42:11 Found an opened logfile that is empty: apache2,/var/log/apache2/other_vhosts_access.log 2021-01-07 20:42:11 Security check: file is normal 2021-01-07 20:42:11 Checking permissions of /root/scans/lynis/include/tests_insecure_services 2021-01-07 20:42:11 File permissions are OK 2021-01-07 20:42:11 ==== 2021-01-07 20:42:11 Action: Performing tests from category: Insecure services 2021-01-07 20:42:11 ==== 2021-01-07 20:42:11 Performing test ID INSE-8000 (Installed inetd package) 2021-01-07 20:42:11 Test: Checking if inetd is installed 2021-01-07 20:42:11 Result: inetd is NOT installed 2021-01-07 20:42:11 ==== 2021-01-07 20:42:11 Skipped test INSE-8002 (Check for enabled inet daemon) 2021-01-07 20:42:11 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:11 ==== 2021-01-07 20:42:11 Skipped test INSE-8004 (Presence of inetd configuration file) 2021-01-07 20:42:11 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:11 ==== 2021-01-07 20:42:11 Skipped test INSE-8006 (Check configuration of inetd when disabled) 2021-01-07 20:42:11 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:11 ==== 2021-01-07 20:42:11 Skipped test INSE-8016 (Check for telnet via inetd) 2021-01-07 20:42:11 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:11 ==== 2021-01-07 20:42:11 Performing test ID INSE-8100 (Check for installed xinetd daemon) 2021-01-07 20:42:11 Test: Checking for installed xinetd daemon 2021-01-07 20:42:11 Result: xinetd is NOT installed 2021-01-07 20:42:11 ==== 2021-01-07 20:42:11 Performing test ID INSE-8102 (Check for active xinet daemon) 2021-01-07 20:42:11 Test: Searching for active extended internet services daemon (xinetd) 2021-01-07 20:42:11 Performing pgrep scan without uid 2021-01-07 20:42:11 IsRunning: process 'xinetd' not found 2021-01-07 20:42:11 Result: xinetd is NOT running 2021-01-07 20:42:11 ==== 2021-01-07 20:42:11 Skipped test INSE-8104 (Check for enabled xinet daemon) 2021-01-07 20:42:11 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:11 ==== 2021-01-07 20:42:11 Skipped test INSE-8106 (Check configuration of xinetd when disabled) 2021-01-07 20:42:11 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:11 ==== 2021-01-07 20:42:11 Skipped test INSE-8116 (Insecure services enabled via xinetd) 2021-01-07 20:42:11 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:11 ==== 2021-01-07 20:42:11 Skipped test INSE-8200 (Check if tcp_wrappers is installed when inetd/xinetd is active) 2021-01-07 20:42:11 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:11 ==== 2021-01-07 20:42:11 Performing test ID INSE-8300 (Check if rsh client is installed) 2021-01-07 20:42:11 Test: Checking if rsh client is installed 2021-01-07 20:42:11 Result: rsh client is NOT installed 2021-01-07 20:42:11 ==== 2021-01-07 20:42:11 Performing test ID INSE-8304 (Check if rsh server is installed) 2021-01-07 20:42:11 Test: Checking if rsh server is installed 2021-01-07 20:42:11 Result: rsh server is NOT installed 2021-01-07 20:42:11 ==== 2021-01-07 20:42:11 Performing test ID INSE-8310 (Check if telnet client is installed) 2021-01-07 20:42:11 Test: Checking if telnet client is installed 2021-01-07 20:42:11 Result: telnet client is NOT installed 2021-01-07 20:42:11 ==== 2021-01-07 20:42:11 Performing test ID INSE-8322 (Check if telnet server is installed) 2021-01-07 20:42:11 Test: Checking if telnet server is installed 2021-01-07 20:42:11 Result: telnet server is NOT installed 2021-01-07 20:42:11 ==== 2021-01-07 20:42:11 Performing test ID INSE-8314 (Check if NIS client is installed) 2021-01-07 20:42:11 Test: Checking if NIS client is installed 2021-01-07 20:42:11 Result: NIS client is NOT installed 2021-01-07 20:42:11 ==== 2021-01-07 20:42:11 Performing test ID INSE-8316 (Check if NIS server is installed) 2021-01-07 20:42:11 Test: Checking if NIS server is installed 2021-01-07 20:42:11 Result: NIS server is NOT installed 2021-01-07 20:42:11 ==== 2021-01-07 20:42:11 Performing test ID INSE-8318 (Check if TFTP client is installed) 2021-01-07 20:42:11 Test: Checking if TFTP client is installed 2021-01-07 20:42:11 Result: TFTP client is NOT installed 2021-01-07 20:42:11 ==== 2021-01-07 20:42:11 Performing test ID INSE-8320 (Check if TFTP server is installed) 2021-01-07 20:42:11 Test: Checking if TFTP server is installed 2021-01-07 20:42:11 Result: TFTP server is NOT installed 2021-01-07 20:42:11 ==== 2021-01-07 20:42:11 Skipped test INSE-8050 (Check for insecure services on macOS) 2021-01-07 20:42:11 Reason to skip: Incorrect guest OS (macOS only) 2021-01-07 20:42:11 Security check: file is normal 2021-01-07 20:42:11 Checking permissions of /root/scans/lynis/include/tests_banners 2021-01-07 20:42:11 File permissions are OK 2021-01-07 20:42:11 ==== 2021-01-07 20:42:11 Action: Performing tests from category: Banners and identification 2021-01-07 20:42:11 ==== 2021-01-07 20:42:11 Skipped test BANN-7113 (Check COPYRIGHT banner file) 2021-01-07 20:42:11 Reason to skip: Incorrect guest OS (FreeBSD only) 2021-01-07 20:42:11 ==== 2021-01-07 20:42:11 Performing test ID BANN-7124 (Check issue banner file) 2021-01-07 20:42:11 Test: Checking file /etc/issue 2021-01-07 20:42:11 ==== 2021-01-07 20:42:11 Performing test ID BANN-7126 (Check issue banner file contents) 2021-01-07 20:42:11 Test: Checking file /etc/issue contents for legal key words 2021-01-07 20:42:11 Result: Found only 0 key words (5 or more suggested), to warn unauthorized users and could be increased 2021-01-07 20:42:11 Suggestion: Add a legal banner to /etc/issue, to warn unauthorized users [test:BANN-7126] [details:-] [solution:-] 2021-01-07 20:42:11 Hardening: assigned partial number of hardening points (0 of 1). Currently having 148 points (out of 202) 2021-01-07 20:42:11 ==== 2021-01-07 20:42:11 Performing test ID BANN-7128 (Check issue.net banner file) 2021-01-07 20:42:11 Test: Checking file /etc/issue.net 2021-01-07 20:42:11 Result: file /etc/issue.net exists 2021-01-07 20:42:11 ==== 2021-01-07 20:42:11 Performing test ID BANN-7130 (Check issue.net banner file contents) 2021-01-07 20:42:11 Test: Checking file /etc/issue.net contents for legal key words 2021-01-07 20:42:11 Result: Found only 0 key words, to warn unauthorized users and could be increased 2021-01-07 20:42:11 Suggestion: Add legal banner to /etc/issue.net, to warn unauthorized users [test:BANN-7130] [details:-] [solution:-] 2021-01-07 20:42:11 Hardening: assigned partial number of hardening points (0 of 1). Currently having 148 points (out of 203) 2021-01-07 20:42:11 Security check: file is normal 2021-01-07 20:42:11 Checking permissions of /root/scans/lynis/include/tests_scheduling 2021-01-07 20:42:11 File permissions are OK 2021-01-07 20:42:11 ==== 2021-01-07 20:42:11 Action: Performing tests from category: Scheduled tasks 2021-01-07 20:42:11 ==== 2021-01-07 20:42:11 Performing test ID SCHD-7702 (Check status of cron daemon) 2021-01-07 20:42:11 Result: cron daemon running 2021-01-07 20:42:11 ==== 2021-01-07 20:42:11 Performing test ID SCHD-7704 (Check crontab/cronjobs) 2021-01-07 20:42:11 Found cronjob (/etc/crontab): 17,*,*,*,*,root,cd,/,&&,run-parts,--report,/etc/cron.hourly 2021-01-07 20:42:11 Found cronjob (/etc/crontab): 25,6,*,*,*,root,test,-x,/usr/sbin/anacron,||,(,cd,/,&&,run-parts,--report,/etc/cron.daily,) 2021-01-07 20:42:11 Found cronjob (/etc/crontab): 47,6,*,*,7,root,test,-x,/usr/sbin/anacron,||,(,cd,/,&&,run-parts,--report,/etc/cron.weekly,) 2021-01-07 20:42:11 Found cronjob (/etc/crontab): 52,6,1,*,*,root,test,-x,/usr/sbin/anacron,||,(,cd,/,&&,run-parts,--report,/etc/cron.monthly,) 2021-01-07 20:42:11 Test: checking directory /etc/cron.d 2021-01-07 20:42:11 Test: check if we can access /etc/cron.d (escaped: /etc/cron.d) 2021-01-07 20:42:11 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:11 Result: file /etc/cron.d is readable (or directory accessible). 2021-01-07 20:42:11 Result: found directory /etc/cron.d 2021-01-07 20:42:11 Test: searching files in /etc/cron.d 2021-01-07 20:42:11 Result: found one or more files in /etc/cron.d. Analyzing files.. 2021-01-07 20:42:11 Result: Found cronjob (/etc/cron.d/php): 09,39,*,*,*,*,root,[,-x,/usr/lib/php/sessionclean,],&&,if,[,!,-d,/run/systemd/system,];,then,/usr/lib/php/sessionclean;,fi 2021-01-07 20:42:11 Result: Found cronjob (/etc/cron.d/popularity-contest): 47,3,*,*,*,root,test,-x,/etc/cron.daily/popularity-contest,&&,/etc/cron.daily/popularity-contest,--crond 2021-01-07 20:42:11 Result: Found cronjob (/etc/cron.d/e2scrub_all): 10,3,*,*,*,root,test,-e,/run/systemd/system,||,SERVICE_MODE=1,/sbin/e2scrub_all,-A,-r 2021-01-07 20:42:11 Result: Found cronjob (/etc/cron.d/e2scrub_all): 30,3,*,*,0,root,test,-e,/run/systemd/system,||,SERVICE_MODE=1,/usr/lib/x86_64-linux-gnu/e2fsprogs/e2scrub_all_cron 2021-01-07 20:42:11 Result: done with analyzing files in /etc/cron.d 2021-01-07 20:42:11 Test: checking directory /etc/cron.hourly 2021-01-07 20:42:11 Result: found directory /etc/cron.hourly 2021-01-07 20:42:11 Test: check if we can access /etc/cron.hourly (escaped: /etc/cron.hourly) 2021-01-07 20:42:11 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:11 Result: file /etc/cron.hourly is readable (or directory accessible). 2021-01-07 20:42:11 Test: searching files in /etc/cron.hourly 2021-01-07 20:42:11 Result: no files found in /etc/cron.hourly 2021-01-07 20:42:11 Test: checking directory /etc/cron.daily 2021-01-07 20:42:11 Result: found directory /etc/cron.daily 2021-01-07 20:42:11 Test: check if we can access /etc/cron.daily (escaped: /etc/cron.daily) 2021-01-07 20:42:11 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:11 Result: file /etc/cron.daily is readable (or directory accessible). 2021-01-07 20:42:11 Test: searching files in /etc/cron.daily 2021-01-07 20:42:11 Result: found one or more files in /etc/cron.daily. Analyzing files.. 2021-01-07 20:42:11 Result: Found cronjob (/etc/cron.daily): /etc/cron.daily/dpkg 2021-01-07 20:42:11 Result: Found cronjob (/etc/cron.daily): /etc/cron.daily/popularity-contest 2021-01-07 20:42:11 Result: Found cronjob (/etc/cron.daily): /etc/cron.daily/apport 2021-01-07 20:42:12 Result: Found cronjob (/etc/cron.daily): /etc/cron.daily/logrotate 2021-01-07 20:42:12 Result: Found cronjob (/etc/cron.daily): /etc/cron.daily/man-db 2021-01-07 20:42:12 Result: Found cronjob (/etc/cron.daily): /etc/cron.daily/bsdmainutils 2021-01-07 20:42:12 Result: Found cronjob (/etc/cron.daily): /etc/cron.daily/apache2 2021-01-07 20:42:12 Result: Found cronjob (/etc/cron.daily): /etc/cron.daily/update-notifier-common 2021-01-07 20:42:12 Result: Found cronjob (/etc/cron.daily): /etc/cron.daily/apt-compat 2021-01-07 20:42:12 Result: done with analyzing files in /etc/cron.daily 2021-01-07 20:42:12 Test: checking directory /etc/cron.weekly 2021-01-07 20:42:12 Result: found directory /etc/cron.weekly 2021-01-07 20:42:12 Test: check if we can access /etc/cron.weekly (escaped: /etc/cron.weekly) 2021-01-07 20:42:12 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:12 Result: file /etc/cron.weekly is readable (or directory accessible). 2021-01-07 20:42:12 Test: searching files in /etc/cron.weekly 2021-01-07 20:42:12 Result: found one or more files in /etc/cron.weekly. Analyzing files.. 2021-01-07 20:42:12 Result: Found cronjob (/etc/cron.weekly): /etc/cron.weekly/man-db 2021-01-07 20:42:12 Result: Found cronjob (/etc/cron.weekly): /etc/cron.weekly/update-notifier-common 2021-01-07 20:42:12 Result: done with analyzing files in /etc/cron.weekly 2021-01-07 20:42:12 Test: checking directory /etc/cron.monthly 2021-01-07 20:42:12 Result: found directory /etc/cron.monthly 2021-01-07 20:42:12 Test: check if we can access /etc/cron.monthly (escaped: /etc/cron.monthly) 2021-01-07 20:42:12 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:12 Result: file /etc/cron.monthly is readable (or directory accessible). 2021-01-07 20:42:12 Test: searching files in /etc/cron.monthly 2021-01-07 20:42:12 Result: no files found in /etc/cron.monthly 2021-01-07 20:42:12 ==== 2021-01-07 20:42:12 Performing test ID SCHD-7718 (Check at users) 2021-01-07 20:42:12 Test: Checking atd status 2021-01-07 20:42:12 Result: at daemon active 2021-01-07 20:42:12 ==== 2021-01-07 20:42:12 Performing test ID SCHD-7720 (Check at users) 2021-01-07 20:42:12 Test: checking for file /etc/at.allow 2021-01-07 20:42:12 Result: file /etc/at.allow does not exist 2021-01-07 20:42:12 Test: checking for file /etc/at.deny 2021-01-07 20:42:12 Test: check if we can access /etc/at.deny (escaped: /etc/at.deny) 2021-01-07 20:42:12 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:12 Result: file /etc/at.deny is readable (or directory accessible). 2021-01-07 20:42:12 Result: file /etc/at.deny exists, only non listed users can schedule at jobs 2021-01-07 20:42:12 Denied at user: alias 2021-01-07 20:42:12 Denied at user: backup 2021-01-07 20:42:12 Denied at user: bin 2021-01-07 20:42:12 Denied at user: daemon 2021-01-07 20:42:12 Denied at user: ftp 2021-01-07 20:42:12 Denied at user: games 2021-01-07 20:42:12 Denied at user: gnats 2021-01-07 20:42:12 Denied at user: guest 2021-01-07 20:42:12 Denied at user: irc 2021-01-07 20:42:12 Denied at user: lp 2021-01-07 20:42:12 Denied at user: mail 2021-01-07 20:42:12 Denied at user: man 2021-01-07 20:42:12 Denied at user: nobody 2021-01-07 20:42:12 Denied at user: operator 2021-01-07 20:42:12 Denied at user: proxy 2021-01-07 20:42:12 Denied at user: qmaild 2021-01-07 20:42:12 Denied at user: qmaill 2021-01-07 20:42:12 Denied at user: qmailp 2021-01-07 20:42:12 Denied at user: qmailq 2021-01-07 20:42:12 Denied at user: qmailr 2021-01-07 20:42:12 Denied at user: qmails 2021-01-07 20:42:12 Denied at user: sync 2021-01-07 20:42:12 Denied at user: sys 2021-01-07 20:42:12 Denied at user: www-data 2021-01-07 20:42:12 ==== 2021-01-07 20:42:12 Performing test ID SCHD-7724 (Check at jobs) 2021-01-07 20:42:12 Test: Check scheduled at jobs 2021-01-07 20:42:12 Result: no pending at jobs 2021-01-07 20:42:12 Result: no scheduled Lynis execution found (e.g. crontab, cronjob) 2021-01-07 20:42:12 Security check: file is normal 2021-01-07 20:42:12 Checking permissions of /root/scans/lynis/include/tests_accounting 2021-01-07 20:42:12 File permissions are OK 2021-01-07 20:42:12 ==== 2021-01-07 20:42:12 Action: Performing tests from category: Accounting 2021-01-07 20:42:12 ==== 2021-01-07 20:42:12 Skipped test ACCT-2754 (Check for available FreeBSD accounting information) 2021-01-07 20:42:12 Reason to skip: Incorrect guest OS (FreeBSD only) 2021-01-07 20:42:12 ==== 2021-01-07 20:42:12 Skipped test ACCT-2760 (Check for available OpenBSD accounting information) 2021-01-07 20:42:12 Reason to skip: Incorrect guest OS (OpenBSD only) 2021-01-07 20:42:12 ==== 2021-01-07 20:42:12 Performing test ID ACCT-9622 (Check for available Linux accounting information) 2021-01-07 20:42:12 Test: Check accounting information 2021-01-07 20:42:12 Result: No accounting information available (/var/account/pacct, /var/log/account/pact nor /var/log/pact exist) 2021-01-07 20:42:12 Remark: Possibly there is another location where the accounting data is stored 2021-01-07 20:42:12 Suggestion: Enable process accounting [test:ACCT-9622] [details:-] [solution:-] 2021-01-07 20:42:12 Hardening: assigned partial number of hardening points (2 of 3). Currently having 150 points (out of 206) 2021-01-07 20:42:12 ==== 2021-01-07 20:42:12 Performing test ID ACCT-9626 (Check for sysstat accounting data) 2021-01-07 20:42:12 Test: check /etc/default/sysstat presence 2021-01-07 20:42:12 Result: sysstat not found via /etc/default/sysstat or /etc/cron.d/sysstat or as a systemd unit 2021-01-07 20:42:12 Suggestion: Enable sysstat to collect accounting (no results) [test:ACCT-9626] [details:-] [solution:-] 2021-01-07 20:42:12 ==== 2021-01-07 20:42:12 Performing test ID ACCT-9628 (Check for auditd) 2021-01-07 20:42:12 Test: Check auditd status 2021-01-07 20:42:12 Performing pgrep scan without uid 2021-01-07 20:42:12 IsRunning: process 'auditd' not found 2021-01-07 20:42:12 Result: auditd not active 2021-01-07 20:42:12 Suggestion: Enable auditd to collect audit information [test:ACCT-9628] [details:-] [solution:-] 2021-01-07 20:42:12 Hardening: assigned partial number of hardening points (0 of 1). Currently having 150 points (out of 207) 2021-01-07 20:42:12 ==== 2021-01-07 20:42:12 Skipped test ACCT-9630 (Check for auditd rules) 2021-01-07 20:42:12 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:12 ==== 2021-01-07 20:42:12 Skipped test ACCT-9632 (Check for auditd configuration file) 2021-01-07 20:42:12 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:12 ==== 2021-01-07 20:42:12 Skipped test ACCT-9634 (Check for auditd log file) 2021-01-07 20:42:12 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:12 ==== 2021-01-07 20:42:12 Performing test ID ACCT-9636 (Check for Snoopy wrapper and logger) 2021-01-07 20:42:12 ==== 2021-01-07 20:42:12 Skipped test ACCT-9650 (Check Solaris audit daemon) 2021-01-07 20:42:12 Reason to skip: Incorrect guest OS (Solaris only) 2021-01-07 20:42:12 ==== 2021-01-07 20:42:12 Skipped test ACCT-9652 (Check auditd SMF status) 2021-01-07 20:42:12 Reason to skip: Incorrect guest OS (Solaris only) 2021-01-07 20:42:12 ==== 2021-01-07 20:42:12 Skipped test ACCT-9654 (Check BSM auditing in /etc/system) 2021-01-07 20:42:12 Reason to skip: Incorrect guest OS (Solaris only) 2021-01-07 20:42:12 ==== 2021-01-07 20:42:12 Skipped test ACCT-9656 (Check BSM auditing in module list) 2021-01-07 20:42:12 Reason to skip: Incorrect guest OS (Solaris only) 2021-01-07 20:42:12 ==== 2021-01-07 20:42:12 Skipped test ACCT-9660 (Check location of audit events) 2021-01-07 20:42:12 Reason to skip: Incorrect guest OS (Solaris only) 2021-01-07 20:42:12 ==== 2021-01-07 20:42:12 Skipped test ACCT-9662 (Check Solaris auditing stats) 2021-01-07 20:42:12 Reason to skip: Incorrect guest OS (Solaris only) 2021-01-07 20:42:12 Security check: file is normal 2021-01-07 20:42:12 Checking permissions of /root/scans/lynis/include/tests_time 2021-01-07 20:42:12 File permissions are OK 2021-01-07 20:42:12 ==== 2021-01-07 20:42:12 Action: Performing tests from category: Time and Synchronization 2021-01-07 20:42:12 ==== 2021-01-07 20:42:12 Performing test ID TIME-3104 (Check for running NTP daemon or client) 2021-01-07 20:42:12 Test: Searching for a running NTP daemon or available client 2021-01-07 20:42:12 Result: no chrony configuration found 2021-01-07 20:42:12 Performing pgrep scan without uid 2021-01-07 20:42:12 IsRunning: process 'dntpd' not found 2021-01-07 20:42:12 Performing pgrep scan without uid 2021-01-07 20:42:12 IsRunning: process 'timed' not found 2021-01-07 20:42:12 Result: Found running systemd-timesyncd in process list 2021-01-07 20:42:12 Result: crontab file /etc/anacrontab not found 2021-01-07 20:42:12 Test: checking for ntpdate, rdate, sntp or ntpdig in crontab file /etc/crontab 2021-01-07 20:42:12 Result: no ntpdate, rdate, sntp or ntpdig reference found in crontab file /etc/crontab 2021-01-07 20:42:12 Test: checking for ntpdate, rdate, sntp or ntpdig in /etc/cron.d/e2scrub_all 2021-01-07 20:42:12 Test: checking for ntpdate, rdate, sntp or ntpdig in /etc/cron.d/php 2021-01-07 20:42:12 Test: checking for ntpdate, rdate, sntp or ntpdig in /etc/cron.d/popularity-contest 2021-01-07 20:42:12 Test: checking for ntpdate, rdate, sntp or ntpdig in /etc/cron.daily/apache2 2021-01-07 20:42:12 Test: checking for ntpdate, rdate, sntp or ntpdig in /etc/cron.daily/apport 2021-01-07 20:42:12 Test: checking for ntpdate, rdate, sntp or ntpdig in /etc/cron.daily/apt-compat 2021-01-07 20:42:12 Test: checking for ntpdate, rdate, sntp or ntpdig in /etc/cron.daily/bsdmainutils 2021-01-07 20:42:12 Test: checking for ntpdate, rdate, sntp or ntpdig in /etc/cron.daily/dpkg 2021-01-07 20:42:12 Test: checking for ntpdate, rdate, sntp or ntpdig in /etc/cron.daily/logrotate 2021-01-07 20:42:12 Test: checking for ntpdate, rdate, sntp or ntpdig in /etc/cron.daily/man-db 2021-01-07 20:42:12 Test: checking for ntpdate, rdate, sntp or ntpdig in /etc/cron.daily/popularity-contest 2021-01-07 20:42:12 Test: checking for ntpdate, rdate, sntp or ntpdig in /etc/cron.daily/update-notifier-common 2021-01-07 20:42:12 Test: checking for ntpdate, rdate, sntp or ntpdig in /etc/cron.weekly/man-db 2021-01-07 20:42:12 Test: checking for ntpdate, rdate, sntp or ntpdig in /etc/cron.weekly/update-notifier-common 2021-01-07 20:42:12 Result: no ntpdate or rdate found in cron directories 2021-01-07 20:42:12 Test: checking for file /etc/network/if-up.d/ntpdate 2021-01-07 20:42:12 Result: file /etc/network/if-up.d/ntpdate does not exist 2021-01-07 20:42:12 Result: Found a time syncing daemon/client. 2021-01-07 20:42:12 Hardening: assigned maximum number of hardening points for this item (3). Currently having 153 points (out of 210) 2021-01-07 20:42:12 ==== 2021-01-07 20:42:12 Skipped test TIME-3106 (Check systemd NTP time synchronization status) 2021-01-07 20:42:12 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:12 ==== 2021-01-07 20:42:12 Skipped test TIME-3112 (Check active NTP associations ID's) 2021-01-07 20:42:12 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:12 ==== 2021-01-07 20:42:12 Skipped test TIME-3116 (Check peers with stratum value of 16) 2021-01-07 20:42:12 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:12 ==== 2021-01-07 20:42:12 Skipped test TIME-3120 (Check unreliable NTP peers) 2021-01-07 20:42:12 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:12 ==== 2021-01-07 20:42:12 Skipped test TIME-3124 (Check selected time source) 2021-01-07 20:42:12 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:12 ==== 2021-01-07 20:42:12 Skipped test TIME-3128 (Check preferred time source) 2021-01-07 20:42:12 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:12 ==== 2021-01-07 20:42:12 Skipped test TIME-3132 (Check NTP falsetickers) 2021-01-07 20:42:12 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:12 ==== 2021-01-07 20:42:12 Skipped test TIME-3136 (Check NTP protocol version) 2021-01-07 20:42:12 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:12 ==== 2021-01-07 20:42:12 Performing test ID TIME-3148 (Check TZ variable) 2021-01-07 20:42:12 Test: testing for TZ variable 2021-01-07 20:42:12 Result: found TZ variable with value notset 2021-01-07 20:42:12 ==== 2021-01-07 20:42:12 Skipped test TIME-3160 (Check empty NTP step-tickers) 2021-01-07 20:42:12 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:12 ==== 2021-01-07 20:42:12 Performing test ID TIME-3170 (Check configuration files) 2021-01-07 20:42:12 ==== 2021-01-07 20:42:12 Skipped test TIME-3180 (Report if ntpctl cannot communicate with OpenNTPD) 2021-01-07 20:42:12 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:12 ==== 2021-01-07 20:42:12 Skipped test TIME-3181 (Check status of OpenNTPD time synchronisation) 2021-01-07 20:42:12 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:12 ==== 2021-01-07 20:42:12 Skipped test TIME-3182 (Check OpenNTPD has working peers) 2021-01-07 20:42:12 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:12 ==== 2021-01-07 20:42:12 Performing test ID TIME-3185 (Check systemd-timesyncd synchronized time) 2021-01-07 20:42:12 Result: systemd-timesyncd synchronized time 412 seconds ago. 2021-01-07 20:42:12 Security check: file is normal 2021-01-07 20:42:13 Checking permissions of /root/scans/lynis/include/tests_crypto 2021-01-07 20:42:13 File permissions are OK 2021-01-07 20:42:13 ==== 2021-01-07 20:42:13 Action: Performing tests from category: Cryptography 2021-01-07 20:42:13 ==== 2021-01-07 20:42:13 Performing test ID CRYP-7902 (Check expire date of SSL certificates) 2021-01-07 20:42:13 Paths to scan: /etc/apache2 /etc/dovecot /etc/httpd /etc/letsencrypt /etc/pki /etc/postfix /etc/refind.d/keys /etc/ssl /opt/psa/var/certificates /usr/local/psa/var/certificates /usr/local/share/ca-certificates /usr/share/ca-certificates /usr/share/gnupg /var/www /srv/www 2021-01-07 20:42:13 Paths to ignore: /etc/letsencrypt/archive 2021-01-07 20:42:13 Test: check if we can access /etc/apache2 (escaped: /etc/apache2) 2021-01-07 20:42:13 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:13 Result: file /etc/apache2 is readable (or directory accessible). 2021-01-07 20:42:13 Result: found directory /etc/apache2 2021-01-07 20:42:13 Result: found 0 certificates in /etc/apache2 2021-01-07 20:42:13 Result: SSL path /etc/dovecot does not exist 2021-01-07 20:42:13 Result: SSL path /etc/httpd does not exist 2021-01-07 20:42:13 Result: SSL path /etc/letsencrypt does not exist 2021-01-07 20:42:13 Test: check if we can access /etc/pki (escaped: /etc/pki) 2021-01-07 20:42:13 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:13 Result: file /etc/pki is readable (or directory accessible). 2021-01-07 20:42:13 Result: found directory /etc/pki 2021-01-07 20:42:13 Test: check if we can access /etc/pki/fwupd-metadata/LVFS-CA.pem (escaped: /etc/pki/fwupd-metadata/LVFS-CA.pem) 2021-01-07 20:42:13 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:13 Result: file /etc/pki/fwupd-metadata/LVFS-CA.pem is readable (or directory accessible). 2021-01-07 20:42:13 Result: file '/etc/pki/fwupd-metadata/LVFS-CA.pem' belongs to package (fwupd) 2021-01-07 20:42:13 Test: check if we can access /etc/pki/fwupd/LVFS-CA.pem (escaped: /etc/pki/fwupd/LVFS-CA.pem) 2021-01-07 20:42:13 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:13 Result: file /etc/pki/fwupd/LVFS-CA.pem is readable (or directory accessible). 2021-01-07 20:42:13 Result: file '/etc/pki/fwupd/LVFS-CA.pem' belongs to package (fwupd) 2021-01-07 20:42:13 Result: found 2 certificates in /etc/pki 2021-01-07 20:42:13 Result: SSL path /etc/postfix does not exist 2021-01-07 20:42:13 Result: SSL path /etc/refind.d/keys does not exist 2021-01-07 20:42:13 Test: check if we can access /etc/ssl (escaped: /etc/ssl) 2021-01-07 20:42:13 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:13 Result: file /etc/ssl is readable (or directory accessible). 2021-01-07 20:42:13 Result: found directory /etc/ssl 2021-01-07 20:42:13 Test: check if we can access /etc/ssl/certs/ca-certificates.crt (escaped: /etc/ssl/certs/ca-certificates.crt) 2021-01-07 20:42:13 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:13 Result: file /etc/ssl/certs/ca-certificates.crt is readable (or directory accessible). 2021-01-07 20:42:13 Result: file '/etc/ssl/certs/ca-certificates.crt' does most likely not belong to a package 2021-01-07 20:42:13 Result: file is a certificate file 2021-01-07 20:42:13 Result: certificate /etc/ssl/certs/ca-certificates.crt seems to be correct and still valid 2021-01-07 20:42:13 Test: check if we can access /etc/ssl/certs/ssl-cert-snakeoil.pem (escaped: /etc/ssl/certs/ssl-cert-snakeoil.pem) 2021-01-07 20:42:13 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:13 Result: file /etc/ssl/certs/ssl-cert-snakeoil.pem is readable (or directory accessible). 2021-01-07 20:42:13 Result: file '/etc/ssl/certs/ssl-cert-snakeoil.pem' does most likely not belong to a package 2021-01-07 20:42:13 Result: file is a certificate file 2021-01-07 20:42:13 Result: certificate /etc/ssl/certs/ssl-cert-snakeoil.pem seems to be correct and still valid 2021-01-07 20:42:13 Result: found 2 certificates in /etc/ssl 2021-01-07 20:42:13 Result: SSL path /opt/psa/var/certificates does not exist 2021-01-07 20:42:13 Result: SSL path /usr/local/psa/var/certificates does not exist 2021-01-07 20:42:13 Test: check if we can access /usr/local/share/ca-certificates (escaped: /usr/local/share/ca-certificates) 2021-01-07 20:42:13 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:13 Result: file /usr/local/share/ca-certificates is readable (or directory accessible). 2021-01-07 20:42:13 Result: found directory /usr/local/share/ca-certificates 2021-01-07 20:42:13 Result: found 0 certificates in /usr/local/share/ca-certificates 2021-01-07 20:42:13 Test: check if we can access /usr/share/ca-certificates (escaped: /usr/share/ca-certificates) 2021-01-07 20:42:13 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:13 Result: file /usr/share/ca-certificates is readable (or directory accessible). 2021-01-07 20:42:13 Result: found directory /usr/share/ca-certificates 2021-01-07 20:42:13 Test: check if we can access /usr/share/ca-certificates/mozilla/ACCVRAIZ1.crt (escaped: /usr/share/ca-certificates/mozilla/ACCVRAIZ1.crt) 2021-01-07 20:42:13 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:13 Result: file /usr/share/ca-certificates/mozilla/ACCVRAIZ1.crt is readable (or directory accessible). 2021-01-07 20:42:13 Result: file '/usr/share/ca-certificates/mozilla/ACCVRAIZ1.crt' belongs to package (ca-certificates) 2021-01-07 20:42:13 Test: check if we can access /usr/share/ca-certificates/mozilla/AC_RAIZ_FNMT-RCM.crt (escaped: /usr/share/ca-certificates/mozilla/AC_RAIZ_FNMT-RCM.crt) 2021-01-07 20:42:13 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:13 Result: file /usr/share/ca-certificates/mozilla/AC_RAIZ_FNMT-RCM.crt is readable (or directory accessible). 2021-01-07 20:42:13 Result: file '/usr/share/ca-certificates/mozilla/AC_RAIZ_FNMT-RCM.crt' belongs to package (ca-certificates) 2021-01-07 20:42:13 Test: check if we can access /usr/share/ca-certificates/mozilla/Actalis_Authentication_Root_CA.crt (escaped: /usr/share/ca-certificates/mozilla/Actalis_Authentication_Root_CA.crt) 2021-01-07 20:42:13 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:13 Result: file /usr/share/ca-certificates/mozilla/Actalis_Authentication_Root_CA.crt is readable (or directory accessible). 2021-01-07 20:42:13 Result: file '/usr/share/ca-certificates/mozilla/Actalis_Authentication_Root_CA.crt' belongs to package (ca-certificates) 2021-01-07 20:42:13 Test: check if we can access /usr/share/ca-certificates/mozilla/AffirmTrust_Commercial.crt (escaped: /usr/share/ca-certificates/mozilla/AffirmTrust_Commercial.crt) 2021-01-07 20:42:13 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:13 Result: file /usr/share/ca-certificates/mozilla/AffirmTrust_Commercial.crt is readable (or directory accessible). 2021-01-07 20:42:13 Result: file '/usr/share/ca-certificates/mozilla/AffirmTrust_Commercial.crt' belongs to package (ca-certificates) 2021-01-07 20:42:13 Test: check if we can access /usr/share/ca-certificates/mozilla/AffirmTrust_Networking.crt (escaped: /usr/share/ca-certificates/mozilla/AffirmTrust_Networking.crt) 2021-01-07 20:42:13 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:13 Result: file /usr/share/ca-certificates/mozilla/AffirmTrust_Networking.crt is readable (or directory accessible). 2021-01-07 20:42:13 Result: file '/usr/share/ca-certificates/mozilla/AffirmTrust_Networking.crt' belongs to package (ca-certificates) 2021-01-07 20:42:13 Test: check if we can access /usr/share/ca-certificates/mozilla/AffirmTrust_Premium.crt (escaped: /usr/share/ca-certificates/mozilla/AffirmTrust_Premium.crt) 2021-01-07 20:42:13 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:13 Result: file /usr/share/ca-certificates/mozilla/AffirmTrust_Premium.crt is readable (or directory accessible). 2021-01-07 20:42:13 Result: file '/usr/share/ca-certificates/mozilla/AffirmTrust_Premium.crt' belongs to package (ca-certificates) 2021-01-07 20:42:13 Test: check if we can access /usr/share/ca-certificates/mozilla/AffirmTrust_Premium_ECC.crt (escaped: /usr/share/ca-certificates/mozilla/AffirmTrust_Premium_ECC.crt) 2021-01-07 20:42:13 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:13 Result: file /usr/share/ca-certificates/mozilla/AffirmTrust_Premium_ECC.crt is readable (or directory accessible). 2021-01-07 20:42:13 Result: file '/usr/share/ca-certificates/mozilla/AffirmTrust_Premium_ECC.crt' belongs to package (ca-certificates) 2021-01-07 20:42:13 Test: check if we can access /usr/share/ca-certificates/mozilla/Amazon_Root_CA_1.crt (escaped: /usr/share/ca-certificates/mozilla/Amazon_Root_CA_1.crt) 2021-01-07 20:42:13 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:13 Result: file /usr/share/ca-certificates/mozilla/Amazon_Root_CA_1.crt is readable (or directory accessible). 2021-01-07 20:42:13 Result: file '/usr/share/ca-certificates/mozilla/Amazon_Root_CA_1.crt' belongs to package (ca-certificates) 2021-01-07 20:42:13 Test: check if we can access /usr/share/ca-certificates/mozilla/Amazon_Root_CA_2.crt (escaped: /usr/share/ca-certificates/mozilla/Amazon_Root_CA_2.crt) 2021-01-07 20:42:13 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:13 Result: file /usr/share/ca-certificates/mozilla/Amazon_Root_CA_2.crt is readable (or directory accessible). 2021-01-07 20:42:13 Result: file '/usr/share/ca-certificates/mozilla/Amazon_Root_CA_2.crt' belongs to package (ca-certificates) 2021-01-07 20:42:13 Test: check if we can access /usr/share/ca-certificates/mozilla/Amazon_Root_CA_3.crt (escaped: /usr/share/ca-certificates/mozilla/Amazon_Root_CA_3.crt) 2021-01-07 20:42:13 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:13 Result: file /usr/share/ca-certificates/mozilla/Amazon_Root_CA_3.crt is readable (or directory accessible). 2021-01-07 20:42:13 Result: file '/usr/share/ca-certificates/mozilla/Amazon_Root_CA_3.crt' belongs to package (ca-certificates) 2021-01-07 20:42:13 Test: check if we can access /usr/share/ca-certificates/mozilla/Amazon_Root_CA_4.crt (escaped: /usr/share/ca-certificates/mozilla/Amazon_Root_CA_4.crt) 2021-01-07 20:42:13 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:13 Result: file /usr/share/ca-certificates/mozilla/Amazon_Root_CA_4.crt is readable (or directory accessible). 2021-01-07 20:42:14 Result: file '/usr/share/ca-certificates/mozilla/Amazon_Root_CA_4.crt' belongs to package (ca-certificates) 2021-01-07 20:42:14 Test: check if we can access /usr/share/ca-certificates/mozilla/Atos_TrustedRoot_2011.crt (escaped: /usr/share/ca-certificates/mozilla/Atos_TrustedRoot_2011.crt) 2021-01-07 20:42:14 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:14 Result: file /usr/share/ca-certificates/mozilla/Atos_TrustedRoot_2011.crt is readable (or directory accessible). 2021-01-07 20:42:14 Result: file '/usr/share/ca-certificates/mozilla/Atos_TrustedRoot_2011.crt' belongs to package (ca-certificates) 2021-01-07 20:42:14 Test: check if we can access /usr/share/ca-certificates/mozilla/Autoridad_de_Certificacion_Firmaprofesional_CIF_A62634068.crt (escaped: /usr/share/ca-certificates/mozilla/Autoridad_de_Certificacion_Firmaprofesional_CIF_A62634068.crt) 2021-01-07 20:42:14 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:14 Result: file /usr/share/ca-certificates/mozilla/Autoridad_de_Certificacion_Firmaprofesional_CIF_A62634068.crt is readable (or directory accessible). 2021-01-07 20:42:14 Result: file '/usr/share/ca-certificates/mozilla/Autoridad_de_Certificacion_Firmaprofesional_CIF_A62634068.crt' belongs to package (ca-certificates) 2021-01-07 20:42:14 Test: check if we can access /usr/share/ca-certificates/mozilla/Baltimore_CyberTrust_Root.crt (escaped: /usr/share/ca-certificates/mozilla/Baltimore_CyberTrust_Root.crt) 2021-01-07 20:42:14 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:14 Result: file /usr/share/ca-certificates/mozilla/Baltimore_CyberTrust_Root.crt is readable (or directory accessible). 2021-01-07 20:42:14 Result: file '/usr/share/ca-certificates/mozilla/Baltimore_CyberTrust_Root.crt' belongs to package (ca-certificates) 2021-01-07 20:42:14 Test: check if we can access /usr/share/ca-certificates/mozilla/Buypass_Class_2_Root_CA.crt (escaped: /usr/share/ca-certificates/mozilla/Buypass_Class_2_Root_CA.crt) 2021-01-07 20:42:14 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:14 Result: file /usr/share/ca-certificates/mozilla/Buypass_Class_2_Root_CA.crt is readable (or directory accessible). 2021-01-07 20:42:14 Result: file '/usr/share/ca-certificates/mozilla/Buypass_Class_2_Root_CA.crt' belongs to package (ca-certificates) 2021-01-07 20:42:14 Test: check if we can access /usr/share/ca-certificates/mozilla/Buypass_Class_3_Root_CA.crt (escaped: /usr/share/ca-certificates/mozilla/Buypass_Class_3_Root_CA.crt) 2021-01-07 20:42:14 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:14 Result: file /usr/share/ca-certificates/mozilla/Buypass_Class_3_Root_CA.crt is readable (or directory accessible). 2021-01-07 20:42:14 Result: file '/usr/share/ca-certificates/mozilla/Buypass_Class_3_Root_CA.crt' belongs to package (ca-certificates) 2021-01-07 20:42:14 Test: check if we can access /usr/share/ca-certificates/mozilla/CA_Disig_Root_R2.crt (escaped: /usr/share/ca-certificates/mozilla/CA_Disig_Root_R2.crt) 2021-01-07 20:42:14 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:14 Result: file /usr/share/ca-certificates/mozilla/CA_Disig_Root_R2.crt is readable (or directory accessible). 2021-01-07 20:42:14 Result: file '/usr/share/ca-certificates/mozilla/CA_Disig_Root_R2.crt' belongs to package (ca-certificates) 2021-01-07 20:42:14 Test: check if we can access /usr/share/ca-certificates/mozilla/CFCA_EV_ROOT.crt (escaped: /usr/share/ca-certificates/mozilla/CFCA_EV_ROOT.crt) 2021-01-07 20:42:14 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:14 Result: file /usr/share/ca-certificates/mozilla/CFCA_EV_ROOT.crt is readable (or directory accessible). 2021-01-07 20:42:14 Result: file '/usr/share/ca-certificates/mozilla/CFCA_EV_ROOT.crt' belongs to package (ca-certificates) 2021-01-07 20:42:14 Test: check if we can access /usr/share/ca-certificates/mozilla/COMODO_Certification_Authority.crt (escaped: /usr/share/ca-certificates/mozilla/COMODO_Certification_Authority.crt) 2021-01-07 20:42:14 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:14 Result: file /usr/share/ca-certificates/mozilla/COMODO_Certification_Authority.crt is readable (or directory accessible). 2021-01-07 20:42:14 Result: file '/usr/share/ca-certificates/mozilla/COMODO_Certification_Authority.crt' belongs to package (ca-certificates) 2021-01-07 20:42:14 Test: check if we can access /usr/share/ca-certificates/mozilla/COMODO_ECC_Certification_Authority.crt (escaped: /usr/share/ca-certificates/mozilla/COMODO_ECC_Certification_Authority.crt) 2021-01-07 20:42:14 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:14 Result: file /usr/share/ca-certificates/mozilla/COMODO_ECC_Certification_Authority.crt is readable (or directory accessible). 2021-01-07 20:42:14 Result: file '/usr/share/ca-certificates/mozilla/COMODO_ECC_Certification_Authority.crt' belongs to package (ca-certificates) 2021-01-07 20:42:14 Test: check if we can access /usr/share/ca-certificates/mozilla/COMODO_RSA_Certification_Authority.crt (escaped: /usr/share/ca-certificates/mozilla/COMODO_RSA_Certification_Authority.crt) 2021-01-07 20:42:14 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:14 Result: file /usr/share/ca-certificates/mozilla/COMODO_RSA_Certification_Authority.crt is readable (or directory accessible). 2021-01-07 20:42:14 Result: file '/usr/share/ca-certificates/mozilla/COMODO_RSA_Certification_Authority.crt' belongs to package (ca-certificates) 2021-01-07 20:42:14 Test: check if we can access /usr/share/ca-certificates/mozilla/Certigna.crt (escaped: /usr/share/ca-certificates/mozilla/Certigna.crt) 2021-01-07 20:42:14 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:14 Result: file /usr/share/ca-certificates/mozilla/Certigna.crt is readable (or directory accessible). 2021-01-07 20:42:14 Result: file '/usr/share/ca-certificates/mozilla/Certigna.crt' belongs to package (ca-certificates) 2021-01-07 20:42:14 Test: check if we can access /usr/share/ca-certificates/mozilla/Certigna_Root_CA.crt (escaped: /usr/share/ca-certificates/mozilla/Certigna_Root_CA.crt) 2021-01-07 20:42:14 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:14 Result: file /usr/share/ca-certificates/mozilla/Certigna_Root_CA.crt is readable (or directory accessible). 2021-01-07 20:42:14 Result: file '/usr/share/ca-certificates/mozilla/Certigna_Root_CA.crt' belongs to package (ca-certificates) 2021-01-07 20:42:14 Test: check if we can access /usr/share/ca-certificates/mozilla/Certum_Trusted_Network_CA.crt (escaped: /usr/share/ca-certificates/mozilla/Certum_Trusted_Network_CA.crt) 2021-01-07 20:42:14 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:14 Result: file /usr/share/ca-certificates/mozilla/Certum_Trusted_Network_CA.crt is readable (or directory accessible). 2021-01-07 20:42:14 Result: file '/usr/share/ca-certificates/mozilla/Certum_Trusted_Network_CA.crt' belongs to package (ca-certificates) 2021-01-07 20:42:14 Test: check if we can access /usr/share/ca-certificates/mozilla/Certum_Trusted_Network_CA_2.crt (escaped: /usr/share/ca-certificates/mozilla/Certum_Trusted_Network_CA_2.crt) 2021-01-07 20:42:14 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:14 Result: file /usr/share/ca-certificates/mozilla/Certum_Trusted_Network_CA_2.crt is readable (or directory accessible). 2021-01-07 20:42:14 Result: file '/usr/share/ca-certificates/mozilla/Certum_Trusted_Network_CA_2.crt' belongs to package (ca-certificates) 2021-01-07 20:42:14 Test: check if we can access /usr/share/ca-certificates/mozilla/Chambers_of_Commerce_Root_-_2008.crt (escaped: /usr/share/ca-certificates/mozilla/Chambers_of_Commerce_Root_-_2008.crt) 2021-01-07 20:42:14 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:14 Result: file /usr/share/ca-certificates/mozilla/Chambers_of_Commerce_Root_-_2008.crt is readable (or directory accessible). 2021-01-07 20:42:14 Result: file '/usr/share/ca-certificates/mozilla/Chambers_of_Commerce_Root_-_2008.crt' belongs to package (ca-certificates) 2021-01-07 20:42:14 Test: check if we can access /usr/share/ca-certificates/mozilla/Comodo_AAA_Services_root.crt (escaped: /usr/share/ca-certificates/mozilla/Comodo_AAA_Services_root.crt) 2021-01-07 20:42:14 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:14 Result: file /usr/share/ca-certificates/mozilla/Comodo_AAA_Services_root.crt is readable (or directory accessible). 2021-01-07 20:42:14 Result: file '/usr/share/ca-certificates/mozilla/Comodo_AAA_Services_root.crt' belongs to package (ca-certificates) 2021-01-07 20:42:14 Test: check if we can access /usr/share/ca-certificates/mozilla/Cybertrust_Global_Root.crt (escaped: /usr/share/ca-certificates/mozilla/Cybertrust_Global_Root.crt) 2021-01-07 20:42:14 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:14 Result: file /usr/share/ca-certificates/mozilla/Cybertrust_Global_Root.crt is readable (or directory accessible). 2021-01-07 20:42:14 Result: file '/usr/share/ca-certificates/mozilla/Cybertrust_Global_Root.crt' belongs to package (ca-certificates) 2021-01-07 20:42:14 Test: check if we can access /usr/share/ca-certificates/mozilla/D-TRUST_Root_Class_3_CA_2_2009.crt (escaped: /usr/share/ca-certificates/mozilla/D-TRUST_Root_Class_3_CA_2_2009.crt) 2021-01-07 20:42:14 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:14 Result: file /usr/share/ca-certificates/mozilla/D-TRUST_Root_Class_3_CA_2_2009.crt is readable (or directory accessible). 2021-01-07 20:42:14 Result: file '/usr/share/ca-certificates/mozilla/D-TRUST_Root_Class_3_CA_2_2009.crt' belongs to package (ca-certificates) 2021-01-07 20:42:15 Test: check if we can access /usr/share/ca-certificates/mozilla/D-TRUST_Root_Class_3_CA_2_EV_2009.crt (escaped: /usr/share/ca-certificates/mozilla/D-TRUST_Root_Class_3_CA_2_EV_2009.crt) 2021-01-07 20:42:15 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:15 Result: file /usr/share/ca-certificates/mozilla/D-TRUST_Root_Class_3_CA_2_EV_2009.crt is readable (or directory accessible). 2021-01-07 20:42:15 Result: file '/usr/share/ca-certificates/mozilla/D-TRUST_Root_Class_3_CA_2_EV_2009.crt' belongs to package (ca-certificates) 2021-01-07 20:42:15 Test: check if we can access /usr/share/ca-certificates/mozilla/DST_Root_CA_X3.crt (escaped: /usr/share/ca-certificates/mozilla/DST_Root_CA_X3.crt) 2021-01-07 20:42:15 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:15 Result: file /usr/share/ca-certificates/mozilla/DST_Root_CA_X3.crt is readable (or directory accessible). 2021-01-07 20:42:15 Result: file '/usr/share/ca-certificates/mozilla/DST_Root_CA_X3.crt' belongs to package (ca-certificates) 2021-01-07 20:42:15 Test: check if we can access /usr/share/ca-certificates/mozilla/DigiCert_Assured_ID_Root_CA.crt (escaped: /usr/share/ca-certificates/mozilla/DigiCert_Assured_ID_Root_CA.crt) 2021-01-07 20:42:15 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:15 Result: file /usr/share/ca-certificates/mozilla/DigiCert_Assured_ID_Root_CA.crt is readable (or directory accessible). 2021-01-07 20:42:15 Result: file '/usr/share/ca-certificates/mozilla/DigiCert_Assured_ID_Root_CA.crt' belongs to package (ca-certificates) 2021-01-07 20:42:15 Test: check if we can access /usr/share/ca-certificates/mozilla/DigiCert_Assured_ID_Root_G2.crt (escaped: /usr/share/ca-certificates/mozilla/DigiCert_Assured_ID_Root_G2.crt) 2021-01-07 20:42:15 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:15 Result: file /usr/share/ca-certificates/mozilla/DigiCert_Assured_ID_Root_G2.crt is readable (or directory accessible). 2021-01-07 20:42:15 Result: file '/usr/share/ca-certificates/mozilla/DigiCert_Assured_ID_Root_G2.crt' belongs to package (ca-certificates) 2021-01-07 20:42:15 Test: check if we can access /usr/share/ca-certificates/mozilla/DigiCert_Assured_ID_Root_G3.crt (escaped: /usr/share/ca-certificates/mozilla/DigiCert_Assured_ID_Root_G3.crt) 2021-01-07 20:42:15 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:15 Result: file /usr/share/ca-certificates/mozilla/DigiCert_Assured_ID_Root_G3.crt is readable (or directory accessible). 2021-01-07 20:42:15 Result: file '/usr/share/ca-certificates/mozilla/DigiCert_Assured_ID_Root_G3.crt' belongs to package (ca-certificates) 2021-01-07 20:42:15 Test: check if we can access /usr/share/ca-certificates/mozilla/DigiCert_Global_Root_CA.crt (escaped: /usr/share/ca-certificates/mozilla/DigiCert_Global_Root_CA.crt) 2021-01-07 20:42:15 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:15 Result: file /usr/share/ca-certificates/mozilla/DigiCert_Global_Root_CA.crt is readable (or directory accessible). 2021-01-07 20:42:15 Result: file '/usr/share/ca-certificates/mozilla/DigiCert_Global_Root_CA.crt' belongs to package (ca-certificates) 2021-01-07 20:42:15 Test: check if we can access /usr/share/ca-certificates/mozilla/DigiCert_Global_Root_G2.crt (escaped: /usr/share/ca-certificates/mozilla/DigiCert_Global_Root_G2.crt) 2021-01-07 20:42:15 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:15 Result: file /usr/share/ca-certificates/mozilla/DigiCert_Global_Root_G2.crt is readable (or directory accessible). 2021-01-07 20:42:15 Result: file '/usr/share/ca-certificates/mozilla/DigiCert_Global_Root_G2.crt' belongs to package (ca-certificates) 2021-01-07 20:42:15 Test: check if we can access /usr/share/ca-certificates/mozilla/DigiCert_Global_Root_G3.crt (escaped: /usr/share/ca-certificates/mozilla/DigiCert_Global_Root_G3.crt) 2021-01-07 20:42:15 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:15 Result: file /usr/share/ca-certificates/mozilla/DigiCert_Global_Root_G3.crt is readable (or directory accessible). 2021-01-07 20:42:15 Result: file '/usr/share/ca-certificates/mozilla/DigiCert_Global_Root_G3.crt' belongs to package (ca-certificates) 2021-01-07 20:42:15 Test: check if we can access /usr/share/ca-certificates/mozilla/DigiCert_High_Assurance_EV_Root_CA.crt (escaped: /usr/share/ca-certificates/mozilla/DigiCert_High_Assurance_EV_Root_CA.crt) 2021-01-07 20:42:15 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:15 Result: file /usr/share/ca-certificates/mozilla/DigiCert_High_Assurance_EV_Root_CA.crt is readable (or directory accessible). 2021-01-07 20:42:15 Result: file '/usr/share/ca-certificates/mozilla/DigiCert_High_Assurance_EV_Root_CA.crt' belongs to package (ca-certificates) 2021-01-07 20:42:15 Test: check if we can access /usr/share/ca-certificates/mozilla/DigiCert_Trusted_Root_G4.crt (escaped: /usr/share/ca-certificates/mozilla/DigiCert_Trusted_Root_G4.crt) 2021-01-07 20:42:15 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:15 Result: file /usr/share/ca-certificates/mozilla/DigiCert_Trusted_Root_G4.crt is readable (or directory accessible). 2021-01-07 20:42:15 Result: file '/usr/share/ca-certificates/mozilla/DigiCert_Trusted_Root_G4.crt' belongs to package (ca-certificates) 2021-01-07 20:42:15 Test: check if we can access /usr/share/ca-certificates/mozilla/E-Tugra_Certification_Authority.crt (escaped: /usr/share/ca-certificates/mozilla/E-Tugra_Certification_Authority.crt) 2021-01-07 20:42:15 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:15 Result: file /usr/share/ca-certificates/mozilla/E-Tugra_Certification_Authority.crt is readable (or directory accessible). 2021-01-07 20:42:15 Result: file '/usr/share/ca-certificates/mozilla/E-Tugra_Certification_Authority.crt' belongs to package (ca-certificates) 2021-01-07 20:42:15 Test: check if we can access /usr/share/ca-certificates/mozilla/EC-ACC.crt (escaped: /usr/share/ca-certificates/mozilla/EC-ACC.crt) 2021-01-07 20:42:15 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:15 Result: file /usr/share/ca-certificates/mozilla/EC-ACC.crt is readable (or directory accessible). 2021-01-07 20:42:15 Result: file '/usr/share/ca-certificates/mozilla/EC-ACC.crt' belongs to package (ca-certificates) 2021-01-07 20:42:15 Test: check if we can access /usr/share/ca-certificates/mozilla/Entrust.net_Premium_2048_Secure_Server_CA.crt (escaped: /usr/share/ca-certificates/mozilla/Entrust.net_Premium_2048_Secure_Server_CA.crt) 2021-01-07 20:42:15 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:15 Result: file /usr/share/ca-certificates/mozilla/Entrust.net_Premium_2048_Secure_Server_CA.crt is readable (or directory accessible). 2021-01-07 20:42:15 Result: file '/usr/share/ca-certificates/mozilla/Entrust.net_Premium_2048_Secure_Server_CA.crt' belongs to package (ca-certificates) 2021-01-07 20:42:15 Test: check if we can access /usr/share/ca-certificates/mozilla/Entrust_Root_Certification_Authority.crt (escaped: /usr/share/ca-certificates/mozilla/Entrust_Root_Certification_Authority.crt) 2021-01-07 20:42:15 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:15 Result: file /usr/share/ca-certificates/mozilla/Entrust_Root_Certification_Authority.crt is readable (or directory accessible). 2021-01-07 20:42:15 Result: file '/usr/share/ca-certificates/mozilla/Entrust_Root_Certification_Authority.crt' belongs to package (ca-certificates) 2021-01-07 20:42:15 Test: check if we can access /usr/share/ca-certificates/mozilla/Entrust_Root_Certification_Authority_-_EC1.crt (escaped: /usr/share/ca-certificates/mozilla/Entrust_Root_Certification_Authority_-_EC1.crt) 2021-01-07 20:42:15 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:15 Result: file /usr/share/ca-certificates/mozilla/Entrust_Root_Certification_Authority_-_EC1.crt is readable (or directory accessible). 2021-01-07 20:42:15 Result: file '/usr/share/ca-certificates/mozilla/Entrust_Root_Certification_Authority_-_EC1.crt' belongs to package (ca-certificates) 2021-01-07 20:42:15 Test: check if we can access /usr/share/ca-certificates/mozilla/Entrust_Root_Certification_Authority_-_G2.crt (escaped: /usr/share/ca-certificates/mozilla/Entrust_Root_Certification_Authority_-_G2.crt) 2021-01-07 20:42:15 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:15 Result: file /usr/share/ca-certificates/mozilla/Entrust_Root_Certification_Authority_-_G2.crt is readable (or directory accessible). 2021-01-07 20:42:15 Result: file '/usr/share/ca-certificates/mozilla/Entrust_Root_Certification_Authority_-_G2.crt' belongs to package (ca-certificates) 2021-01-07 20:42:15 Test: check if we can access /usr/share/ca-certificates/mozilla/Entrust_Root_Certification_Authority_-_G4.crt (escaped: /usr/share/ca-certificates/mozilla/Entrust_Root_Certification_Authority_-_G4.crt) 2021-01-07 20:42:15 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:15 Result: file /usr/share/ca-certificates/mozilla/Entrust_Root_Certification_Authority_-_G4.crt is readable (or directory accessible). 2021-01-07 20:42:15 Result: file '/usr/share/ca-certificates/mozilla/Entrust_Root_Certification_Authority_-_G4.crt' belongs to package (ca-certificates) 2021-01-07 20:42:15 Test: check if we can access /usr/share/ca-certificates/mozilla/GDCA_TrustAUTH_R5_ROOT.crt (escaped: /usr/share/ca-certificates/mozilla/GDCA_TrustAUTH_R5_ROOT.crt) 2021-01-07 20:42:15 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:15 Result: file /usr/share/ca-certificates/mozilla/GDCA_TrustAUTH_R5_ROOT.crt is readable (or directory accessible). 2021-01-07 20:42:15 Result: file '/usr/share/ca-certificates/mozilla/GDCA_TrustAUTH_R5_ROOT.crt' belongs to package (ca-certificates) 2021-01-07 20:42:15 Test: check if we can access /usr/share/ca-certificates/mozilla/GTS_Root_R1.crt (escaped: /usr/share/ca-certificates/mozilla/GTS_Root_R1.crt) 2021-01-07 20:42:15 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:15 Result: file /usr/share/ca-certificates/mozilla/GTS_Root_R1.crt is readable (or directory accessible). 2021-01-07 20:42:16 Result: file '/usr/share/ca-certificates/mozilla/GTS_Root_R1.crt' belongs to package (ca-certificates) 2021-01-07 20:42:16 Test: check if we can access /usr/share/ca-certificates/mozilla/GTS_Root_R2.crt (escaped: /usr/share/ca-certificates/mozilla/GTS_Root_R2.crt) 2021-01-07 20:42:16 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:16 Result: file /usr/share/ca-certificates/mozilla/GTS_Root_R2.crt is readable (or directory accessible). 2021-01-07 20:42:16 Result: file '/usr/share/ca-certificates/mozilla/GTS_Root_R2.crt' belongs to package (ca-certificates) 2021-01-07 20:42:16 Test: check if we can access /usr/share/ca-certificates/mozilla/GTS_Root_R3.crt (escaped: /usr/share/ca-certificates/mozilla/GTS_Root_R3.crt) 2021-01-07 20:42:16 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:16 Result: file /usr/share/ca-certificates/mozilla/GTS_Root_R3.crt is readable (or directory accessible). 2021-01-07 20:42:16 Result: file '/usr/share/ca-certificates/mozilla/GTS_Root_R3.crt' belongs to package (ca-certificates) 2021-01-07 20:42:16 Test: check if we can access /usr/share/ca-certificates/mozilla/GTS_Root_R4.crt (escaped: /usr/share/ca-certificates/mozilla/GTS_Root_R4.crt) 2021-01-07 20:42:16 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:16 Result: file /usr/share/ca-certificates/mozilla/GTS_Root_R4.crt is readable (or directory accessible). 2021-01-07 20:42:16 Result: file '/usr/share/ca-certificates/mozilla/GTS_Root_R4.crt' belongs to package (ca-certificates) 2021-01-07 20:42:16 Test: check if we can access /usr/share/ca-certificates/mozilla/GeoTrust_Global_CA.crt (escaped: /usr/share/ca-certificates/mozilla/GeoTrust_Global_CA.crt) 2021-01-07 20:42:16 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:16 Result: file /usr/share/ca-certificates/mozilla/GeoTrust_Global_CA.crt is readable (or directory accessible). 2021-01-07 20:42:16 Result: file '/usr/share/ca-certificates/mozilla/GeoTrust_Global_CA.crt' belongs to package (ca-certificates) 2021-01-07 20:42:16 Test: check if we can access /usr/share/ca-certificates/mozilla/GeoTrust_Primary_Certification_Authority.crt (escaped: /usr/share/ca-certificates/mozilla/GeoTrust_Primary_Certification_Authority.crt) 2021-01-07 20:42:16 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:16 Result: file /usr/share/ca-certificates/mozilla/GeoTrust_Primary_Certification_Authority.crt is readable (or directory accessible). 2021-01-07 20:42:16 Result: file '/usr/share/ca-certificates/mozilla/GeoTrust_Primary_Certification_Authority.crt' belongs to package (ca-certificates) 2021-01-07 20:42:16 Test: check if we can access /usr/share/ca-certificates/mozilla/GeoTrust_Primary_Certification_Authority_-_G2.crt (escaped: /usr/share/ca-certificates/mozilla/GeoTrust_Primary_Certification_Authority_-_G2.crt) 2021-01-07 20:42:16 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:16 Result: file /usr/share/ca-certificates/mozilla/GeoTrust_Primary_Certification_Authority_-_G2.crt is readable (or directory accessible). 2021-01-07 20:42:16 Result: file '/usr/share/ca-certificates/mozilla/GeoTrust_Primary_Certification_Authority_-_G2.crt' belongs to package (ca-certificates) 2021-01-07 20:42:16 Test: check if we can access /usr/share/ca-certificates/mozilla/GeoTrust_Primary_Certification_Authority_-_G3.crt (escaped: /usr/share/ca-certificates/mozilla/GeoTrust_Primary_Certification_Authority_-_G3.crt) 2021-01-07 20:42:16 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:16 Result: file /usr/share/ca-certificates/mozilla/GeoTrust_Primary_Certification_Authority_-_G3.crt is readable (or directory accessible). 2021-01-07 20:42:16 Result: file '/usr/share/ca-certificates/mozilla/GeoTrust_Primary_Certification_Authority_-_G3.crt' belongs to package (ca-certificates) 2021-01-07 20:42:16 Test: check if we can access /usr/share/ca-certificates/mozilla/GeoTrust_Universal_CA.crt (escaped: /usr/share/ca-certificates/mozilla/GeoTrust_Universal_CA.crt) 2021-01-07 20:42:16 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:16 Result: file /usr/share/ca-certificates/mozilla/GeoTrust_Universal_CA.crt is readable (or directory accessible). 2021-01-07 20:42:16 Result: file '/usr/share/ca-certificates/mozilla/GeoTrust_Universal_CA.crt' belongs to package (ca-certificates) 2021-01-07 20:42:16 Test: check if we can access /usr/share/ca-certificates/mozilla/GeoTrust_Universal_CA_2.crt (escaped: /usr/share/ca-certificates/mozilla/GeoTrust_Universal_CA_2.crt) 2021-01-07 20:42:16 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:16 Result: file /usr/share/ca-certificates/mozilla/GeoTrust_Universal_CA_2.crt is readable (or directory accessible). 2021-01-07 20:42:16 Result: file '/usr/share/ca-certificates/mozilla/GeoTrust_Universal_CA_2.crt' belongs to package (ca-certificates) 2021-01-07 20:42:16 Test: check if we can access /usr/share/ca-certificates/mozilla/GlobalSign_ECC_Root_CA_-_R4.crt (escaped: /usr/share/ca-certificates/mozilla/GlobalSign_ECC_Root_CA_-_R4.crt) 2021-01-07 20:42:16 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:16 Result: file /usr/share/ca-certificates/mozilla/GlobalSign_ECC_Root_CA_-_R4.crt is readable (or directory accessible). 2021-01-07 20:42:16 Result: file '/usr/share/ca-certificates/mozilla/GlobalSign_ECC_Root_CA_-_R4.crt' belongs to package (ca-certificates) 2021-01-07 20:42:16 Test: check if we can access /usr/share/ca-certificates/mozilla/GlobalSign_ECC_Root_CA_-_R5.crt (escaped: /usr/share/ca-certificates/mozilla/GlobalSign_ECC_Root_CA_-_R5.crt) 2021-01-07 20:42:16 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:16 Result: file /usr/share/ca-certificates/mozilla/GlobalSign_ECC_Root_CA_-_R5.crt is readable (or directory accessible). 2021-01-07 20:42:16 Result: file '/usr/share/ca-certificates/mozilla/GlobalSign_ECC_Root_CA_-_R5.crt' belongs to package (ca-certificates) 2021-01-07 20:42:16 Test: check if we can access /usr/share/ca-certificates/mozilla/GlobalSign_Root_CA.crt (escaped: /usr/share/ca-certificates/mozilla/GlobalSign_Root_CA.crt) 2021-01-07 20:42:16 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:16 Result: file /usr/share/ca-certificates/mozilla/GlobalSign_Root_CA.crt is readable (or directory accessible). 2021-01-07 20:42:16 Result: file '/usr/share/ca-certificates/mozilla/GlobalSign_Root_CA.crt' belongs to package (ca-certificates) 2021-01-07 20:42:16 Test: check if we can access /usr/share/ca-certificates/mozilla/GlobalSign_Root_CA_-_R2.crt (escaped: /usr/share/ca-certificates/mozilla/GlobalSign_Root_CA_-_R2.crt) 2021-01-07 20:42:16 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:16 Result: file /usr/share/ca-certificates/mozilla/GlobalSign_Root_CA_-_R2.crt is readable (or directory accessible). 2021-01-07 20:42:16 Result: file '/usr/share/ca-certificates/mozilla/GlobalSign_Root_CA_-_R2.crt' belongs to package (ca-certificates) 2021-01-07 20:42:16 Test: check if we can access /usr/share/ca-certificates/mozilla/GlobalSign_Root_CA_-_R3.crt (escaped: /usr/share/ca-certificates/mozilla/GlobalSign_Root_CA_-_R3.crt) 2021-01-07 20:42:16 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:16 Result: file /usr/share/ca-certificates/mozilla/GlobalSign_Root_CA_-_R3.crt is readable (or directory accessible). 2021-01-07 20:42:16 Result: file '/usr/share/ca-certificates/mozilla/GlobalSign_Root_CA_-_R3.crt' belongs to package (ca-certificates) 2021-01-07 20:42:16 Test: check if we can access /usr/share/ca-certificates/mozilla/GlobalSign_Root_CA_-_R6.crt (escaped: /usr/share/ca-certificates/mozilla/GlobalSign_Root_CA_-_R6.crt) 2021-01-07 20:42:16 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:16 Result: file /usr/share/ca-certificates/mozilla/GlobalSign_Root_CA_-_R6.crt is readable (or directory accessible). 2021-01-07 20:42:16 Result: file '/usr/share/ca-certificates/mozilla/GlobalSign_Root_CA_-_R6.crt' belongs to package (ca-certificates) 2021-01-07 20:42:16 Test: check if we can access /usr/share/ca-certificates/mozilla/Global_Chambersign_Root_-_2008.crt (escaped: /usr/share/ca-certificates/mozilla/Global_Chambersign_Root_-_2008.crt) 2021-01-07 20:42:16 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:16 Result: file /usr/share/ca-certificates/mozilla/Global_Chambersign_Root_-_2008.crt is readable (or directory accessible). 2021-01-07 20:42:16 Result: file '/usr/share/ca-certificates/mozilla/Global_Chambersign_Root_-_2008.crt' belongs to package (ca-certificates) 2021-01-07 20:42:16 Test: check if we can access /usr/share/ca-certificates/mozilla/Go_Daddy_Class_2_CA.crt (escaped: /usr/share/ca-certificates/mozilla/Go_Daddy_Class_2_CA.crt) 2021-01-07 20:42:16 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:16 Result: file /usr/share/ca-certificates/mozilla/Go_Daddy_Class_2_CA.crt is readable (or directory accessible). 2021-01-07 20:42:16 Result: file '/usr/share/ca-certificates/mozilla/Go_Daddy_Class_2_CA.crt' belongs to package (ca-certificates) 2021-01-07 20:42:16 Test: check if we can access /usr/share/ca-certificates/mozilla/Go_Daddy_Root_Certificate_Authority_-_G2.crt (escaped: /usr/share/ca-certificates/mozilla/Go_Daddy_Root_Certificate_Authority_-_G2.crt) 2021-01-07 20:42:16 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:16 Result: file /usr/share/ca-certificates/mozilla/Go_Daddy_Root_Certificate_Authority_-_G2.crt is readable (or directory accessible). 2021-01-07 20:42:16 Result: file '/usr/share/ca-certificates/mozilla/Go_Daddy_Root_Certificate_Authority_-_G2.crt' belongs to package (ca-certificates) 2021-01-07 20:42:16 Test: check if we can access /usr/share/ca-certificates/mozilla/Hellenic_Academic_and_Research_Institutions_ECC_RootCA_2015.crt (escaped: /usr/share/ca-certificates/mozilla/Hellenic_Academic_and_Research_Institutions_ECC_RootCA_2015.crt) 2021-01-07 20:42:16 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:16 Result: file /usr/share/ca-certificates/mozilla/Hellenic_Academic_and_Research_Institutions_ECC_RootCA_2015.crt is readable (or directory accessible). 2021-01-07 20:42:17 Result: file '/usr/share/ca-certificates/mozilla/Hellenic_Academic_and_Research_Institutions_ECC_RootCA_2015.crt' belongs to package (ca-certificates) 2021-01-07 20:42:17 Test: check if we can access /usr/share/ca-certificates/mozilla/Hellenic_Academic_and_Research_Institutions_RootCA_2011.crt (escaped: /usr/share/ca-certificates/mozilla/Hellenic_Academic_and_Research_Institutions_RootCA_2011.crt) 2021-01-07 20:42:17 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:17 Result: file /usr/share/ca-certificates/mozilla/Hellenic_Academic_and_Research_Institutions_RootCA_2011.crt is readable (or directory accessible). 2021-01-07 20:42:17 Result: file '/usr/share/ca-certificates/mozilla/Hellenic_Academic_and_Research_Institutions_RootCA_2011.crt' belongs to package (ca-certificates) 2021-01-07 20:42:17 Test: check if we can access /usr/share/ca-certificates/mozilla/Hellenic_Academic_and_Research_Institutions_RootCA_2015.crt (escaped: /usr/share/ca-certificates/mozilla/Hellenic_Academic_and_Research_Institutions_RootCA_2015.crt) 2021-01-07 20:42:17 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:17 Result: file /usr/share/ca-certificates/mozilla/Hellenic_Academic_and_Research_Institutions_RootCA_2015.crt is readable (or directory accessible). 2021-01-07 20:42:17 Result: file '/usr/share/ca-certificates/mozilla/Hellenic_Academic_and_Research_Institutions_RootCA_2015.crt' belongs to package (ca-certificates) 2021-01-07 20:42:17 Test: check if we can access /usr/share/ca-certificates/mozilla/Hongkong_Post_Root_CA_1.crt (escaped: /usr/share/ca-certificates/mozilla/Hongkong_Post_Root_CA_1.crt) 2021-01-07 20:42:17 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:17 Result: file /usr/share/ca-certificates/mozilla/Hongkong_Post_Root_CA_1.crt is readable (or directory accessible). 2021-01-07 20:42:17 Result: file '/usr/share/ca-certificates/mozilla/Hongkong_Post_Root_CA_1.crt' belongs to package (ca-certificates) 2021-01-07 20:42:17 Test: check if we can access /usr/share/ca-certificates/mozilla/Hongkong_Post_Root_CA_3.crt (escaped: /usr/share/ca-certificates/mozilla/Hongkong_Post_Root_CA_3.crt) 2021-01-07 20:42:17 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:17 Result: file /usr/share/ca-certificates/mozilla/Hongkong_Post_Root_CA_3.crt is readable (or directory accessible). 2021-01-07 20:42:17 Result: file '/usr/share/ca-certificates/mozilla/Hongkong_Post_Root_CA_3.crt' belongs to package (ca-certificates) 2021-01-07 20:42:17 Test: check if we can access /usr/share/ca-certificates/mozilla/ISRG_Root_X1.crt (escaped: /usr/share/ca-certificates/mozilla/ISRG_Root_X1.crt) 2021-01-07 20:42:17 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:17 Result: file /usr/share/ca-certificates/mozilla/ISRG_Root_X1.crt is readable (or directory accessible). 2021-01-07 20:42:17 Result: file '/usr/share/ca-certificates/mozilla/ISRG_Root_X1.crt' belongs to package (ca-certificates) 2021-01-07 20:42:17 Test: check if we can access /usr/share/ca-certificates/mozilla/IdenTrust_Commercial_Root_CA_1.crt (escaped: /usr/share/ca-certificates/mozilla/IdenTrust_Commercial_Root_CA_1.crt) 2021-01-07 20:42:17 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:17 Result: file /usr/share/ca-certificates/mozilla/IdenTrust_Commercial_Root_CA_1.crt is readable (or directory accessible). 2021-01-07 20:42:17 Result: file '/usr/share/ca-certificates/mozilla/IdenTrust_Commercial_Root_CA_1.crt' belongs to package (ca-certificates) 2021-01-07 20:42:17 Test: check if we can access /usr/share/ca-certificates/mozilla/IdenTrust_Public_Sector_Root_CA_1.crt (escaped: /usr/share/ca-certificates/mozilla/IdenTrust_Public_Sector_Root_CA_1.crt) 2021-01-07 20:42:17 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:17 Result: file /usr/share/ca-certificates/mozilla/IdenTrust_Public_Sector_Root_CA_1.crt is readable (or directory accessible). 2021-01-07 20:42:17 Result: file '/usr/share/ca-certificates/mozilla/IdenTrust_Public_Sector_Root_CA_1.crt' belongs to package (ca-certificates) 2021-01-07 20:42:17 Test: check if we can access /usr/share/ca-certificates/mozilla/Izenpe.com.crt (escaped: /usr/share/ca-certificates/mozilla/Izenpe.com.crt) 2021-01-07 20:42:17 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:17 Result: file /usr/share/ca-certificates/mozilla/Izenpe.com.crt is readable (or directory accessible). 2021-01-07 20:42:17 Result: file '/usr/share/ca-certificates/mozilla/Izenpe.com.crt' belongs to package (ca-certificates) 2021-01-07 20:42:17 Test: check if we can access /usr/share/ca-certificates/mozilla/Microsec_e-Szigno_Root_CA_2009.crt (escaped: /usr/share/ca-certificates/mozilla/Microsec_e-Szigno_Root_CA_2009.crt) 2021-01-07 20:42:17 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:17 Result: file /usr/share/ca-certificates/mozilla/Microsec_e-Szigno_Root_CA_2009.crt is readable (or directory accessible). 2021-01-07 20:42:17 Result: file '/usr/share/ca-certificates/mozilla/Microsec_e-Szigno_Root_CA_2009.crt' belongs to package (ca-certificates) 2021-01-07 20:42:17 Test: check if we can access /usr/share/ca-certificates/mozilla/Microsoft_ECC_Root_Certificate_Authority_2017.crt (escaped: /usr/share/ca-certificates/mozilla/Microsoft_ECC_Root_Certificate_Authority_2017.crt) 2021-01-07 20:42:17 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:17 Result: file /usr/share/ca-certificates/mozilla/Microsoft_ECC_Root_Certificate_Authority_2017.crt is readable (or directory accessible). 2021-01-07 20:42:17 Result: file '/usr/share/ca-certificates/mozilla/Microsoft_ECC_Root_Certificate_Authority_2017.crt' belongs to package (ca-certificates) 2021-01-07 20:42:17 Test: check if we can access /usr/share/ca-certificates/mozilla/Microsoft_RSA_Root_Certificate_Authority_2017.crt (escaped: /usr/share/ca-certificates/mozilla/Microsoft_RSA_Root_Certificate_Authority_2017.crt) 2021-01-07 20:42:17 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:17 Result: file /usr/share/ca-certificates/mozilla/Microsoft_RSA_Root_Certificate_Authority_2017.crt is readable (or directory accessible). 2021-01-07 20:42:17 Result: file '/usr/share/ca-certificates/mozilla/Microsoft_RSA_Root_Certificate_Authority_2017.crt' belongs to package (ca-certificates) 2021-01-07 20:42:17 Test: check if we can access /usr/share/ca-certificates/mozilla/NetLock_Arany_=Class_Gold=_Főtanúsítvány.crt (escaped: /usr/share/ca-certificates/mozilla/NetLock_Arany_=Class_Gold=_Főtanúsítvány.crt) 2021-01-07 20:42:17 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:17 Result: file /usr/share/ca-certificates/mozilla/NetLock_Arany_=Class_Gold=_Főtanúsítvány.crt is readable (or directory accessible). 2021-01-07 20:42:17 Result: file '/usr/share/ca-certificates/mozilla/NetLock_Arany_=Class_Gold=_Főtanúsítvány.crt' belongs to package (ca-certificates) 2021-01-07 20:42:17 Test: check if we can access /usr/share/ca-certificates/mozilla/Network_Solutions_Certificate_Authority.crt (escaped: /usr/share/ca-certificates/mozilla/Network_Solutions_Certificate_Authority.crt) 2021-01-07 20:42:17 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:17 Result: file /usr/share/ca-certificates/mozilla/Network_Solutions_Certificate_Authority.crt is readable (or directory accessible). 2021-01-07 20:42:17 Result: file '/usr/share/ca-certificates/mozilla/Network_Solutions_Certificate_Authority.crt' belongs to package (ca-certificates) 2021-01-07 20:42:17 Test: check if we can access /usr/share/ca-certificates/mozilla/OISTE_WISeKey_Global_Root_GB_CA.crt (escaped: /usr/share/ca-certificates/mozilla/OISTE_WISeKey_Global_Root_GB_CA.crt) 2021-01-07 20:42:17 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:17 Result: file /usr/share/ca-certificates/mozilla/OISTE_WISeKey_Global_Root_GB_CA.crt is readable (or directory accessible). 2021-01-07 20:42:17 Result: file '/usr/share/ca-certificates/mozilla/OISTE_WISeKey_Global_Root_GB_CA.crt' belongs to package (ca-certificates) 2021-01-07 20:42:17 Test: check if we can access /usr/share/ca-certificates/mozilla/OISTE_WISeKey_Global_Root_GC_CA.crt (escaped: /usr/share/ca-certificates/mozilla/OISTE_WISeKey_Global_Root_GC_CA.crt) 2021-01-07 20:42:17 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:17 Result: file /usr/share/ca-certificates/mozilla/OISTE_WISeKey_Global_Root_GC_CA.crt is readable (or directory accessible). 2021-01-07 20:42:17 Result: file '/usr/share/ca-certificates/mozilla/OISTE_WISeKey_Global_Root_GC_CA.crt' belongs to package (ca-certificates) 2021-01-07 20:42:17 Test: check if we can access /usr/share/ca-certificates/mozilla/QuoVadis_Root_CA.crt (escaped: /usr/share/ca-certificates/mozilla/QuoVadis_Root_CA.crt) 2021-01-07 20:42:17 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:17 Result: file /usr/share/ca-certificates/mozilla/QuoVadis_Root_CA.crt is readable (or directory accessible). 2021-01-07 20:42:17 Result: file '/usr/share/ca-certificates/mozilla/QuoVadis_Root_CA.crt' belongs to package (ca-certificates) 2021-01-07 20:42:17 Test: check if we can access /usr/share/ca-certificates/mozilla/QuoVadis_Root_CA_1_G3.crt (escaped: /usr/share/ca-certificates/mozilla/QuoVadis_Root_CA_1_G3.crt) 2021-01-07 20:42:17 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:17 Result: file /usr/share/ca-certificates/mozilla/QuoVadis_Root_CA_1_G3.crt is readable (or directory accessible). 2021-01-07 20:42:17 Result: file '/usr/share/ca-certificates/mozilla/QuoVadis_Root_CA_1_G3.crt' belongs to package (ca-certificates) 2021-01-07 20:42:17 Test: check if we can access /usr/share/ca-certificates/mozilla/QuoVadis_Root_CA_2.crt (escaped: /usr/share/ca-certificates/mozilla/QuoVadis_Root_CA_2.crt) 2021-01-07 20:42:17 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:17 Result: file /usr/share/ca-certificates/mozilla/QuoVadis_Root_CA_2.crt is readable (or directory accessible). 2021-01-07 20:42:17 Result: file '/usr/share/ca-certificates/mozilla/QuoVadis_Root_CA_2.crt' belongs to package (ca-certificates) 2021-01-07 20:42:17 Test: check if we can access /usr/share/ca-certificates/mozilla/QuoVadis_Root_CA_2_G3.crt (escaped: /usr/share/ca-certificates/mozilla/QuoVadis_Root_CA_2_G3.crt) 2021-01-07 20:42:17 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:18 Result: file /usr/share/ca-certificates/mozilla/QuoVadis_Root_CA_2_G3.crt is readable (or directory accessible). 2021-01-07 20:42:18 Result: file '/usr/share/ca-certificates/mozilla/QuoVadis_Root_CA_2_G3.crt' belongs to package (ca-certificates) 2021-01-07 20:42:18 Test: check if we can access /usr/share/ca-certificates/mozilla/QuoVadis_Root_CA_3.crt (escaped: /usr/share/ca-certificates/mozilla/QuoVadis_Root_CA_3.crt) 2021-01-07 20:42:18 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:18 Result: file /usr/share/ca-certificates/mozilla/QuoVadis_Root_CA_3.crt is readable (or directory accessible). 2021-01-07 20:42:18 Result: file '/usr/share/ca-certificates/mozilla/QuoVadis_Root_CA_3.crt' belongs to package (ca-certificates) 2021-01-07 20:42:18 Test: check if we can access /usr/share/ca-certificates/mozilla/QuoVadis_Root_CA_3_G3.crt (escaped: /usr/share/ca-certificates/mozilla/QuoVadis_Root_CA_3_G3.crt) 2021-01-07 20:42:18 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:18 Result: file /usr/share/ca-certificates/mozilla/QuoVadis_Root_CA_3_G3.crt is readable (or directory accessible). 2021-01-07 20:42:18 Result: file '/usr/share/ca-certificates/mozilla/QuoVadis_Root_CA_3_G3.crt' belongs to package (ca-certificates) 2021-01-07 20:42:18 Test: check if we can access /usr/share/ca-certificates/mozilla/SSL.com_EV_Root_Certification_Authority_ECC.crt (escaped: /usr/share/ca-certificates/mozilla/SSL.com_EV_Root_Certification_Authority_ECC.crt) 2021-01-07 20:42:18 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:18 Result: file /usr/share/ca-certificates/mozilla/SSL.com_EV_Root_Certification_Authority_ECC.crt is readable (or directory accessible). 2021-01-07 20:42:18 Result: file '/usr/share/ca-certificates/mozilla/SSL.com_EV_Root_Certification_Authority_ECC.crt' belongs to package (ca-certificates) 2021-01-07 20:42:18 Test: check if we can access /usr/share/ca-certificates/mozilla/SSL.com_EV_Root_Certification_Authority_RSA_R2.crt (escaped: /usr/share/ca-certificates/mozilla/SSL.com_EV_Root_Certification_Authority_RSA_R2.crt) 2021-01-07 20:42:18 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:18 Result: file /usr/share/ca-certificates/mozilla/SSL.com_EV_Root_Certification_Authority_RSA_R2.crt is readable (or directory accessible). 2021-01-07 20:42:18 Result: file '/usr/share/ca-certificates/mozilla/SSL.com_EV_Root_Certification_Authority_RSA_R2.crt' belongs to package (ca-certificates) 2021-01-07 20:42:18 Test: check if we can access /usr/share/ca-certificates/mozilla/SSL.com_Root_Certification_Authority_ECC.crt (escaped: /usr/share/ca-certificates/mozilla/SSL.com_Root_Certification_Authority_ECC.crt) 2021-01-07 20:42:18 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:18 Result: file /usr/share/ca-certificates/mozilla/SSL.com_Root_Certification_Authority_ECC.crt is readable (or directory accessible). 2021-01-07 20:42:18 Result: file '/usr/share/ca-certificates/mozilla/SSL.com_Root_Certification_Authority_ECC.crt' belongs to package (ca-certificates) 2021-01-07 20:42:18 Test: check if we can access /usr/share/ca-certificates/mozilla/SSL.com_Root_Certification_Authority_RSA.crt (escaped: /usr/share/ca-certificates/mozilla/SSL.com_Root_Certification_Authority_RSA.crt) 2021-01-07 20:42:18 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:18 Result: file /usr/share/ca-certificates/mozilla/SSL.com_Root_Certification_Authority_RSA.crt is readable (or directory accessible). 2021-01-07 20:42:18 Result: file '/usr/share/ca-certificates/mozilla/SSL.com_Root_Certification_Authority_RSA.crt' belongs to package (ca-certificates) 2021-01-07 20:42:18 Test: check if we can access /usr/share/ca-certificates/mozilla/SZAFIR_ROOT_CA2.crt (escaped: /usr/share/ca-certificates/mozilla/SZAFIR_ROOT_CA2.crt) 2021-01-07 20:42:18 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:18 Result: file /usr/share/ca-certificates/mozilla/SZAFIR_ROOT_CA2.crt is readable (or directory accessible). 2021-01-07 20:42:18 Result: file '/usr/share/ca-certificates/mozilla/SZAFIR_ROOT_CA2.crt' belongs to package (ca-certificates) 2021-01-07 20:42:18 Test: check if we can access /usr/share/ca-certificates/mozilla/SecureSign_RootCA11.crt (escaped: /usr/share/ca-certificates/mozilla/SecureSign_RootCA11.crt) 2021-01-07 20:42:18 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:18 Result: file /usr/share/ca-certificates/mozilla/SecureSign_RootCA11.crt is readable (or directory accessible). 2021-01-07 20:42:18 Result: file '/usr/share/ca-certificates/mozilla/SecureSign_RootCA11.crt' belongs to package (ca-certificates) 2021-01-07 20:42:18 Test: check if we can access /usr/share/ca-certificates/mozilla/SecureTrust_CA.crt (escaped: /usr/share/ca-certificates/mozilla/SecureTrust_CA.crt) 2021-01-07 20:42:18 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:18 Result: file /usr/share/ca-certificates/mozilla/SecureTrust_CA.crt is readable (or directory accessible). 2021-01-07 20:42:18 Result: file '/usr/share/ca-certificates/mozilla/SecureTrust_CA.crt' belongs to package (ca-certificates) 2021-01-07 20:42:18 Test: check if we can access /usr/share/ca-certificates/mozilla/Secure_Global_CA.crt (escaped: /usr/share/ca-certificates/mozilla/Secure_Global_CA.crt) 2021-01-07 20:42:18 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:18 Result: file /usr/share/ca-certificates/mozilla/Secure_Global_CA.crt is readable (or directory accessible). 2021-01-07 20:42:18 Result: file '/usr/share/ca-certificates/mozilla/Secure_Global_CA.crt' belongs to package (ca-certificates) 2021-01-07 20:42:18 Test: check if we can access /usr/share/ca-certificates/mozilla/Security_Communication_RootCA2.crt (escaped: /usr/share/ca-certificates/mozilla/Security_Communication_RootCA2.crt) 2021-01-07 20:42:18 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:18 Result: file /usr/share/ca-certificates/mozilla/Security_Communication_RootCA2.crt is readable (or directory accessible). 2021-01-07 20:42:18 Result: file '/usr/share/ca-certificates/mozilla/Security_Communication_RootCA2.crt' belongs to package (ca-certificates) 2021-01-07 20:42:18 Test: check if we can access /usr/share/ca-certificates/mozilla/Security_Communication_Root_CA.crt (escaped: /usr/share/ca-certificates/mozilla/Security_Communication_Root_CA.crt) 2021-01-07 20:42:18 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:18 Result: file /usr/share/ca-certificates/mozilla/Security_Communication_Root_CA.crt is readable (or directory accessible). 2021-01-07 20:42:18 Result: file '/usr/share/ca-certificates/mozilla/Security_Communication_Root_CA.crt' belongs to package (ca-certificates) 2021-01-07 20:42:18 Test: check if we can access /usr/share/ca-certificates/mozilla/Sonera_Class_2_Root_CA.crt (escaped: /usr/share/ca-certificates/mozilla/Sonera_Class_2_Root_CA.crt) 2021-01-07 20:42:18 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:18 Result: file /usr/share/ca-certificates/mozilla/Sonera_Class_2_Root_CA.crt is readable (or directory accessible). 2021-01-07 20:42:18 Result: file '/usr/share/ca-certificates/mozilla/Sonera_Class_2_Root_CA.crt' belongs to package (ca-certificates) 2021-01-07 20:42:18 Test: check if we can access /usr/share/ca-certificates/mozilla/Staat_der_Nederlanden_EV_Root_CA.crt (escaped: /usr/share/ca-certificates/mozilla/Staat_der_Nederlanden_EV_Root_CA.crt) 2021-01-07 20:42:18 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:18 Result: file /usr/share/ca-certificates/mozilla/Staat_der_Nederlanden_EV_Root_CA.crt is readable (or directory accessible). 2021-01-07 20:42:18 Result: file '/usr/share/ca-certificates/mozilla/Staat_der_Nederlanden_EV_Root_CA.crt' belongs to package (ca-certificates) 2021-01-07 20:42:18 Test: check if we can access /usr/share/ca-certificates/mozilla/Staat_der_Nederlanden_Root_CA_-_G3.crt (escaped: /usr/share/ca-certificates/mozilla/Staat_der_Nederlanden_Root_CA_-_G3.crt) 2021-01-07 20:42:18 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:18 Result: file /usr/share/ca-certificates/mozilla/Staat_der_Nederlanden_Root_CA_-_G3.crt is readable (or directory accessible). 2021-01-07 20:42:18 Result: file '/usr/share/ca-certificates/mozilla/Staat_der_Nederlanden_Root_CA_-_G3.crt' belongs to package (ca-certificates) 2021-01-07 20:42:18 Test: check if we can access /usr/share/ca-certificates/mozilla/Starfield_Class_2_CA.crt (escaped: /usr/share/ca-certificates/mozilla/Starfield_Class_2_CA.crt) 2021-01-07 20:42:18 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:18 Result: file /usr/share/ca-certificates/mozilla/Starfield_Class_2_CA.crt is readable (or directory accessible). 2021-01-07 20:42:18 Result: file '/usr/share/ca-certificates/mozilla/Starfield_Class_2_CA.crt' belongs to package (ca-certificates) 2021-01-07 20:42:18 Test: check if we can access /usr/share/ca-certificates/mozilla/Starfield_Root_Certificate_Authority_-_G2.crt (escaped: /usr/share/ca-certificates/mozilla/Starfield_Root_Certificate_Authority_-_G2.crt) 2021-01-07 20:42:18 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:18 Result: file /usr/share/ca-certificates/mozilla/Starfield_Root_Certificate_Authority_-_G2.crt is readable (or directory accessible). 2021-01-07 20:42:18 Result: file '/usr/share/ca-certificates/mozilla/Starfield_Root_Certificate_Authority_-_G2.crt' belongs to package (ca-certificates) 2021-01-07 20:42:18 Test: check if we can access /usr/share/ca-certificates/mozilla/Starfield_Services_Root_Certificate_Authority_-_G2.crt (escaped: /usr/share/ca-certificates/mozilla/Starfield_Services_Root_Certificate_Authority_-_G2.crt) 2021-01-07 20:42:18 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:18 Result: file /usr/share/ca-certificates/mozilla/Starfield_Services_Root_Certificate_Authority_-_G2.crt is readable (or directory accessible). 2021-01-07 20:42:18 Result: file '/usr/share/ca-certificates/mozilla/Starfield_Services_Root_Certificate_Authority_-_G2.crt' belongs to package (ca-certificates) 2021-01-07 20:42:19 Test: check if we can access /usr/share/ca-certificates/mozilla/SwissSign_Gold_CA_-_G2.crt (escaped: /usr/share/ca-certificates/mozilla/SwissSign_Gold_CA_-_G2.crt) 2021-01-07 20:42:19 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:19 Result: file /usr/share/ca-certificates/mozilla/SwissSign_Gold_CA_-_G2.crt is readable (or directory accessible). 2021-01-07 20:42:19 Result: file '/usr/share/ca-certificates/mozilla/SwissSign_Gold_CA_-_G2.crt' belongs to package (ca-certificates) 2021-01-07 20:42:19 Test: check if we can access /usr/share/ca-certificates/mozilla/SwissSign_Silver_CA_-_G2.crt (escaped: /usr/share/ca-certificates/mozilla/SwissSign_Silver_CA_-_G2.crt) 2021-01-07 20:42:19 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:19 Result: file /usr/share/ca-certificates/mozilla/SwissSign_Silver_CA_-_G2.crt is readable (or directory accessible). 2021-01-07 20:42:19 Result: file '/usr/share/ca-certificates/mozilla/SwissSign_Silver_CA_-_G2.crt' belongs to package (ca-certificates) 2021-01-07 20:42:19 Test: check if we can access /usr/share/ca-certificates/mozilla/T-TeleSec_GlobalRoot_Class_2.crt (escaped: /usr/share/ca-certificates/mozilla/T-TeleSec_GlobalRoot_Class_2.crt) 2021-01-07 20:42:19 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:19 Result: file /usr/share/ca-certificates/mozilla/T-TeleSec_GlobalRoot_Class_2.crt is readable (or directory accessible). 2021-01-07 20:42:19 Result: file '/usr/share/ca-certificates/mozilla/T-TeleSec_GlobalRoot_Class_2.crt' belongs to package (ca-certificates) 2021-01-07 20:42:19 Test: check if we can access /usr/share/ca-certificates/mozilla/T-TeleSec_GlobalRoot_Class_3.crt (escaped: /usr/share/ca-certificates/mozilla/T-TeleSec_GlobalRoot_Class_3.crt) 2021-01-07 20:42:19 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:19 Result: file /usr/share/ca-certificates/mozilla/T-TeleSec_GlobalRoot_Class_3.crt is readable (or directory accessible). 2021-01-07 20:42:19 Result: file '/usr/share/ca-certificates/mozilla/T-TeleSec_GlobalRoot_Class_3.crt' belongs to package (ca-certificates) 2021-01-07 20:42:19 Test: check if we can access /usr/share/ca-certificates/mozilla/TUBITAK_Kamu_SM_SSL_Kok_Sertifikasi_-_Surum_1.crt (escaped: /usr/share/ca-certificates/mozilla/TUBITAK_Kamu_SM_SSL_Kok_Sertifikasi_-_Surum_1.crt) 2021-01-07 20:42:19 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:19 Result: file /usr/share/ca-certificates/mozilla/TUBITAK_Kamu_SM_SSL_Kok_Sertifikasi_-_Surum_1.crt is readable (or directory accessible). 2021-01-07 20:42:19 Result: file '/usr/share/ca-certificates/mozilla/TUBITAK_Kamu_SM_SSL_Kok_Sertifikasi_-_Surum_1.crt' belongs to package (ca-certificates) 2021-01-07 20:42:19 Test: check if we can access /usr/share/ca-certificates/mozilla/TWCA_Global_Root_CA.crt (escaped: /usr/share/ca-certificates/mozilla/TWCA_Global_Root_CA.crt) 2021-01-07 20:42:19 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:19 Result: file /usr/share/ca-certificates/mozilla/TWCA_Global_Root_CA.crt is readable (or directory accessible). 2021-01-07 20:42:19 Result: file '/usr/share/ca-certificates/mozilla/TWCA_Global_Root_CA.crt' belongs to package (ca-certificates) 2021-01-07 20:42:19 Test: check if we can access /usr/share/ca-certificates/mozilla/TWCA_Root_Certification_Authority.crt (escaped: /usr/share/ca-certificates/mozilla/TWCA_Root_Certification_Authority.crt) 2021-01-07 20:42:19 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:19 Result: file /usr/share/ca-certificates/mozilla/TWCA_Root_Certification_Authority.crt is readable (or directory accessible). 2021-01-07 20:42:19 Result: file '/usr/share/ca-certificates/mozilla/TWCA_Root_Certification_Authority.crt' belongs to package (ca-certificates) 2021-01-07 20:42:19 Test: check if we can access /usr/share/ca-certificates/mozilla/TeliaSonera_Root_CA_v1.crt (escaped: /usr/share/ca-certificates/mozilla/TeliaSonera_Root_CA_v1.crt) 2021-01-07 20:42:19 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:19 Result: file /usr/share/ca-certificates/mozilla/TeliaSonera_Root_CA_v1.crt is readable (or directory accessible). 2021-01-07 20:42:19 Result: file '/usr/share/ca-certificates/mozilla/TeliaSonera_Root_CA_v1.crt' belongs to package (ca-certificates) 2021-01-07 20:42:19 Test: check if we can access /usr/share/ca-certificates/mozilla/TrustCor_ECA-1.crt (escaped: /usr/share/ca-certificates/mozilla/TrustCor_ECA-1.crt) 2021-01-07 20:42:19 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:19 Result: file /usr/share/ca-certificates/mozilla/TrustCor_ECA-1.crt is readable (or directory accessible). 2021-01-07 20:42:19 Result: file '/usr/share/ca-certificates/mozilla/TrustCor_ECA-1.crt' belongs to package (ca-certificates) 2021-01-07 20:42:19 Test: check if we can access /usr/share/ca-certificates/mozilla/TrustCor_RootCert_CA-1.crt (escaped: /usr/share/ca-certificates/mozilla/TrustCor_RootCert_CA-1.crt) 2021-01-07 20:42:19 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:19 Result: file /usr/share/ca-certificates/mozilla/TrustCor_RootCert_CA-1.crt is readable (or directory accessible). 2021-01-07 20:42:19 Result: file '/usr/share/ca-certificates/mozilla/TrustCor_RootCert_CA-1.crt' belongs to package (ca-certificates) 2021-01-07 20:42:19 Test: check if we can access /usr/share/ca-certificates/mozilla/TrustCor_RootCert_CA-2.crt (escaped: /usr/share/ca-certificates/mozilla/TrustCor_RootCert_CA-2.crt) 2021-01-07 20:42:19 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:19 Result: file /usr/share/ca-certificates/mozilla/TrustCor_RootCert_CA-2.crt is readable (or directory accessible). 2021-01-07 20:42:19 Result: file '/usr/share/ca-certificates/mozilla/TrustCor_RootCert_CA-2.crt' belongs to package (ca-certificates) 2021-01-07 20:42:19 Test: check if we can access /usr/share/ca-certificates/mozilla/Trustis_FPS_Root_CA.crt (escaped: /usr/share/ca-certificates/mozilla/Trustis_FPS_Root_CA.crt) 2021-01-07 20:42:19 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:19 Result: file /usr/share/ca-certificates/mozilla/Trustis_FPS_Root_CA.crt is readable (or directory accessible). 2021-01-07 20:42:19 Result: file '/usr/share/ca-certificates/mozilla/Trustis_FPS_Root_CA.crt' belongs to package (ca-certificates) 2021-01-07 20:42:19 Test: check if we can access /usr/share/ca-certificates/mozilla/Trustwave_Global_Certification_Authority.crt (escaped: /usr/share/ca-certificates/mozilla/Trustwave_Global_Certification_Authority.crt) 2021-01-07 20:42:19 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:19 Result: file /usr/share/ca-certificates/mozilla/Trustwave_Global_Certification_Authority.crt is readable (or directory accessible). 2021-01-07 20:42:19 Result: file '/usr/share/ca-certificates/mozilla/Trustwave_Global_Certification_Authority.crt' belongs to package (ca-certificates) 2021-01-07 20:42:19 Test: check if we can access /usr/share/ca-certificates/mozilla/Trustwave_Global_ECC_P256_Certification_Authority.crt (escaped: /usr/share/ca-certificates/mozilla/Trustwave_Global_ECC_P256_Certification_Authority.crt) 2021-01-07 20:42:19 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:19 Result: file /usr/share/ca-certificates/mozilla/Trustwave_Global_ECC_P256_Certification_Authority.crt is readable (or directory accessible). 2021-01-07 20:42:19 Result: file '/usr/share/ca-certificates/mozilla/Trustwave_Global_ECC_P256_Certification_Authority.crt' belongs to package (ca-certificates) 2021-01-07 20:42:19 Test: check if we can access /usr/share/ca-certificates/mozilla/Trustwave_Global_ECC_P384_Certification_Authority.crt (escaped: /usr/share/ca-certificates/mozilla/Trustwave_Global_ECC_P384_Certification_Authority.crt) 2021-01-07 20:42:19 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:19 Result: file /usr/share/ca-certificates/mozilla/Trustwave_Global_ECC_P384_Certification_Authority.crt is readable (or directory accessible). 2021-01-07 20:42:19 Result: file '/usr/share/ca-certificates/mozilla/Trustwave_Global_ECC_P384_Certification_Authority.crt' belongs to package (ca-certificates) 2021-01-07 20:42:19 Test: check if we can access /usr/share/ca-certificates/mozilla/UCA_Extended_Validation_Root.crt (escaped: /usr/share/ca-certificates/mozilla/UCA_Extended_Validation_Root.crt) 2021-01-07 20:42:19 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:19 Result: file /usr/share/ca-certificates/mozilla/UCA_Extended_Validation_Root.crt is readable (or directory accessible). 2021-01-07 20:42:19 Result: file '/usr/share/ca-certificates/mozilla/UCA_Extended_Validation_Root.crt' belongs to package (ca-certificates) 2021-01-07 20:42:19 Test: check if we can access /usr/share/ca-certificates/mozilla/UCA_Global_G2_Root.crt (escaped: /usr/share/ca-certificates/mozilla/UCA_Global_G2_Root.crt) 2021-01-07 20:42:19 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:19 Result: file /usr/share/ca-certificates/mozilla/UCA_Global_G2_Root.crt is readable (or directory accessible). 2021-01-07 20:42:19 Result: file '/usr/share/ca-certificates/mozilla/UCA_Global_G2_Root.crt' belongs to package (ca-certificates) 2021-01-07 20:42:19 Test: check if we can access /usr/share/ca-certificates/mozilla/USERTrust_ECC_Certification_Authority.crt (escaped: /usr/share/ca-certificates/mozilla/USERTrust_ECC_Certification_Authority.crt) 2021-01-07 20:42:19 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:19 Result: file /usr/share/ca-certificates/mozilla/USERTrust_ECC_Certification_Authority.crt is readable (or directory accessible). 2021-01-07 20:42:19 Result: file '/usr/share/ca-certificates/mozilla/USERTrust_ECC_Certification_Authority.crt' belongs to package (ca-certificates) 2021-01-07 20:42:19 Test: check if we can access /usr/share/ca-certificates/mozilla/USERTrust_RSA_Certification_Authority.crt (escaped: /usr/share/ca-certificates/mozilla/USERTrust_RSA_Certification_Authority.crt) 2021-01-07 20:42:19 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:19 Result: file /usr/share/ca-certificates/mozilla/USERTrust_RSA_Certification_Authority.crt is readable (or directory accessible). 2021-01-07 20:42:19 Result: file '/usr/share/ca-certificates/mozilla/USERTrust_RSA_Certification_Authority.crt' belongs to package (ca-certificates) 2021-01-07 20:42:20 Test: check if we can access /usr/share/ca-certificates/mozilla/VeriSign_Class_3_Public_Primary_Certification_Authority_-_G4.crt (escaped: /usr/share/ca-certificates/mozilla/VeriSign_Class_3_Public_Primary_Certification_Authority_-_G4.crt) 2021-01-07 20:42:20 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:20 Result: file /usr/share/ca-certificates/mozilla/VeriSign_Class_3_Public_Primary_Certification_Authority_-_G4.crt is readable (or directory accessible). 2021-01-07 20:42:20 Result: file '/usr/share/ca-certificates/mozilla/VeriSign_Class_3_Public_Primary_Certification_Authority_-_G4.crt' belongs to package (ca-certificates) 2021-01-07 20:42:20 Test: check if we can access /usr/share/ca-certificates/mozilla/VeriSign_Class_3_Public_Primary_Certification_Authority_-_G5.crt (escaped: /usr/share/ca-certificates/mozilla/VeriSign_Class_3_Public_Primary_Certification_Authority_-_G5.crt) 2021-01-07 20:42:20 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:20 Result: file /usr/share/ca-certificates/mozilla/VeriSign_Class_3_Public_Primary_Certification_Authority_-_G5.crt is readable (or directory accessible). 2021-01-07 20:42:20 Result: file '/usr/share/ca-certificates/mozilla/VeriSign_Class_3_Public_Primary_Certification_Authority_-_G5.crt' belongs to package (ca-certificates) 2021-01-07 20:42:20 Test: check if we can access /usr/share/ca-certificates/mozilla/VeriSign_Universal_Root_Certification_Authority.crt (escaped: /usr/share/ca-certificates/mozilla/VeriSign_Universal_Root_Certification_Authority.crt) 2021-01-07 20:42:20 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:20 Result: file /usr/share/ca-certificates/mozilla/VeriSign_Universal_Root_Certification_Authority.crt is readable (or directory accessible). 2021-01-07 20:42:20 Result: file '/usr/share/ca-certificates/mozilla/VeriSign_Universal_Root_Certification_Authority.crt' belongs to package (ca-certificates) 2021-01-07 20:42:20 Test: check if we can access /usr/share/ca-certificates/mozilla/XRamp_Global_CA_Root.crt (escaped: /usr/share/ca-certificates/mozilla/XRamp_Global_CA_Root.crt) 2021-01-07 20:42:20 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:20 Result: file /usr/share/ca-certificates/mozilla/XRamp_Global_CA_Root.crt is readable (or directory accessible). 2021-01-07 20:42:20 Result: file '/usr/share/ca-certificates/mozilla/XRamp_Global_CA_Root.crt' belongs to package (ca-certificates) 2021-01-07 20:42:20 Test: check if we can access /usr/share/ca-certificates/mozilla/certSIGN_ROOT_CA.crt (escaped: /usr/share/ca-certificates/mozilla/certSIGN_ROOT_CA.crt) 2021-01-07 20:42:20 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:20 Result: file /usr/share/ca-certificates/mozilla/certSIGN_ROOT_CA.crt is readable (or directory accessible). 2021-01-07 20:42:20 Result: file '/usr/share/ca-certificates/mozilla/certSIGN_ROOT_CA.crt' belongs to package (ca-certificates) 2021-01-07 20:42:20 Test: check if we can access /usr/share/ca-certificates/mozilla/certSIGN_Root_CA_G2.crt (escaped: /usr/share/ca-certificates/mozilla/certSIGN_Root_CA_G2.crt) 2021-01-07 20:42:20 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:20 Result: file /usr/share/ca-certificates/mozilla/certSIGN_Root_CA_G2.crt is readable (or directory accessible). 2021-01-07 20:42:20 Result: file '/usr/share/ca-certificates/mozilla/certSIGN_Root_CA_G2.crt' belongs to package (ca-certificates) 2021-01-07 20:42:20 Test: check if we can access /usr/share/ca-certificates/mozilla/e-Szigno_Root_CA_2017.crt (escaped: /usr/share/ca-certificates/mozilla/e-Szigno_Root_CA_2017.crt) 2021-01-07 20:42:20 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:20 Result: file /usr/share/ca-certificates/mozilla/e-Szigno_Root_CA_2017.crt is readable (or directory accessible). 2021-01-07 20:42:20 Result: file '/usr/share/ca-certificates/mozilla/e-Szigno_Root_CA_2017.crt' belongs to package (ca-certificates) 2021-01-07 20:42:20 Test: check if we can access /usr/share/ca-certificates/mozilla/ePKI_Root_Certification_Authority.crt (escaped: /usr/share/ca-certificates/mozilla/ePKI_Root_Certification_Authority.crt) 2021-01-07 20:42:20 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:20 Result: file /usr/share/ca-certificates/mozilla/ePKI_Root_Certification_Authority.crt is readable (or directory accessible). 2021-01-07 20:42:20 Result: file '/usr/share/ca-certificates/mozilla/ePKI_Root_Certification_Authority.crt' belongs to package (ca-certificates) 2021-01-07 20:42:20 Test: check if we can access /usr/share/ca-certificates/mozilla/emSign_ECC_Root_CA_-_C3.crt (escaped: /usr/share/ca-certificates/mozilla/emSign_ECC_Root_CA_-_C3.crt) 2021-01-07 20:42:20 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:20 Result: file /usr/share/ca-certificates/mozilla/emSign_ECC_Root_CA_-_C3.crt is readable (or directory accessible). 2021-01-07 20:42:20 Result: file '/usr/share/ca-certificates/mozilla/emSign_ECC_Root_CA_-_C3.crt' belongs to package (ca-certificates) 2021-01-07 20:42:20 Test: check if we can access /usr/share/ca-certificates/mozilla/emSign_ECC_Root_CA_-_G3.crt (escaped: /usr/share/ca-certificates/mozilla/emSign_ECC_Root_CA_-_G3.crt) 2021-01-07 20:42:20 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:20 Result: file /usr/share/ca-certificates/mozilla/emSign_ECC_Root_CA_-_G3.crt is readable (or directory accessible). 2021-01-07 20:42:20 Result: file '/usr/share/ca-certificates/mozilla/emSign_ECC_Root_CA_-_G3.crt' belongs to package (ca-certificates) 2021-01-07 20:42:20 Test: check if we can access /usr/share/ca-certificates/mozilla/emSign_Root_CA_-_C1.crt (escaped: /usr/share/ca-certificates/mozilla/emSign_Root_CA_-_C1.crt) 2021-01-07 20:42:20 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:20 Result: file /usr/share/ca-certificates/mozilla/emSign_Root_CA_-_C1.crt is readable (or directory accessible). 2021-01-07 20:42:20 Result: file '/usr/share/ca-certificates/mozilla/emSign_Root_CA_-_C1.crt' belongs to package (ca-certificates) 2021-01-07 20:42:20 Test: check if we can access /usr/share/ca-certificates/mozilla/emSign_Root_CA_-_G1.crt (escaped: /usr/share/ca-certificates/mozilla/emSign_Root_CA_-_G1.crt) 2021-01-07 20:42:20 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:20 Result: file /usr/share/ca-certificates/mozilla/emSign_Root_CA_-_G1.crt is readable (or directory accessible). 2021-01-07 20:42:20 Result: file '/usr/share/ca-certificates/mozilla/emSign_Root_CA_-_G1.crt' belongs to package (ca-certificates) 2021-01-07 20:42:20 Test: check if we can access /usr/share/ca-certificates/mozilla/thawte_Primary_Root_CA.crt (escaped: /usr/share/ca-certificates/mozilla/thawte_Primary_Root_CA.crt) 2021-01-07 20:42:20 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:20 Result: file /usr/share/ca-certificates/mozilla/thawte_Primary_Root_CA.crt is readable (or directory accessible). 2021-01-07 20:42:20 Result: file '/usr/share/ca-certificates/mozilla/thawte_Primary_Root_CA.crt' belongs to package (ca-certificates) 2021-01-07 20:42:20 Test: check if we can access /usr/share/ca-certificates/mozilla/thawte_Primary_Root_CA_-_G2.crt (escaped: /usr/share/ca-certificates/mozilla/thawte_Primary_Root_CA_-_G2.crt) 2021-01-07 20:42:20 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:20 Result: file /usr/share/ca-certificates/mozilla/thawte_Primary_Root_CA_-_G2.crt is readable (or directory accessible). 2021-01-07 20:42:20 Result: file '/usr/share/ca-certificates/mozilla/thawte_Primary_Root_CA_-_G2.crt' belongs to package (ca-certificates) 2021-01-07 20:42:20 Test: check if we can access /usr/share/ca-certificates/mozilla/thawte_Primary_Root_CA_-_G3.crt (escaped: /usr/share/ca-certificates/mozilla/thawte_Primary_Root_CA_-_G3.crt) 2021-01-07 20:42:20 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:20 Result: file /usr/share/ca-certificates/mozilla/thawte_Primary_Root_CA_-_G3.crt is readable (or directory accessible). 2021-01-07 20:42:20 Result: file '/usr/share/ca-certificates/mozilla/thawte_Primary_Root_CA_-_G3.crt' belongs to package (ca-certificates) 2021-01-07 20:42:20 Result: found 138 certificates in /usr/share/ca-certificates 2021-01-07 20:42:20 Test: check if we can access /usr/share/gnupg (escaped: /usr/share/gnupg) 2021-01-07 20:42:20 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:20 Result: file /usr/share/gnupg is readable (or directory accessible). 2021-01-07 20:42:20 Result: found directory /usr/share/gnupg 2021-01-07 20:42:20 Test: check if we can access /usr/share/gnupg/sks-keyservers.netCA.pem (escaped: /usr/share/gnupg/sks-keyservers.netCA.pem) 2021-01-07 20:42:20 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:20 Result: file /usr/share/gnupg/sks-keyservers.netCA.pem is readable (or directory accessible). 2021-01-07 20:42:20 Result: file '/usr/share/gnupg/sks-keyservers.netCA.pem' belongs to package (dirmngr) 2021-01-07 20:42:20 Result: found 1 certificates in /usr/share/gnupg 2021-01-07 20:42:20 Test: check if we can access /var/www (escaped: /var/www) 2021-01-07 20:42:20 Result: file is owned by our current user ID (0), checking if it is readable 2021-01-07 20:42:20 Result: file /var/www is readable (or directory accessible). 2021-01-07 20:42:20 Result: found directory /var/www 2021-01-07 20:42:20 Result: found 0 certificates in /var/www 2021-01-07 20:42:20 Result: SSL path /srv/www does not exist 2021-01-07 20:42:20 Result: found a total of 143 certificates 2021-01-07 20:42:20 ==== 2021-01-07 20:42:20 Performing test ID CRYP-7930 (Determine if system uses LUKS block device encryption) 2021-01-07 20:42:21 Result: block device fd0 is not LUKS encrypted 2021-01-07 20:42:21 Result: block device loop0 is not LUKS encrypted 2021-01-07 20:42:21 Result: block device loop1 is not LUKS encrypted 2021-01-07 20:42:21 Result: block device loop2 is not LUKS encrypted 2021-01-07 20:42:21 Result: block device loop3 is not LUKS encrypted 2021-01-07 20:42:21 Result: block device loop4 is not LUKS encrypted 2021-01-07 20:42:21 Result: block device loop5 is not LUKS encrypted 2021-01-07 20:42:21 Result: block device sda is not LUKS encrypted 2021-01-07 20:42:21 Result: block device sda1 is not LUKS encrypted 2021-01-07 20:42:21 Result: block device sda2 is not LUKS encrypted 2021-01-07 20:42:21 Result: block device sda3 is not LUKS encrypted 2021-01-07 20:42:21 Result: block device sr0 is not LUKS encrypted 2021-01-07 20:42:21 Result: block device sr1 is not LUKS encrypted 2021-01-07 20:42:21 Result: block device ubuntu--vg-ubuntu--lv is not LUKS encrypted 2021-01-07 20:42:21 ==== 2021-01-07 20:42:21 Performing test ID CRYP-7931 (Determine if system uses encrypted swap) 2021-01-07 20:42:21 Result: Found unencrypted swap device: /swap.img 2021-01-07 20:42:21 ==== 2021-01-07 20:42:21 Performing test ID CRYP-8002 (Gather available kernel entropy) 2021-01-07 20:42:21 Result: found kernel entropy value of 3021 2021-01-07 20:42:21 ==== 2021-01-07 20:42:21 Performing test ID CRYP-8004 (Presence of hardware random number generators) 2021-01-07 20:42:21 Test: looking for /sys/class/misc/hw_random/rng_current 2021-01-07 20:42:21 Result: no HW RNG available 2021-01-07 20:42:21 ==== 2021-01-07 20:42:21 Performing test ID CRYP-8005 (Presence of software pseudo random number generators) 2021-01-07 20:42:21 Test: looking for software pseudo random number generators 2021-01-07 20:42:21 Performing pgrep scan without uid 2021-01-07 20:42:21 IsRunning: process 'audio-entropyd' not found 2021-01-07 20:42:21 Performing pgrep scan without uid 2021-01-07 20:42:21 IsRunning: process 'haveged' not found 2021-01-07 20:42:21 Performing pgrep scan without uid 2021-01-07 20:42:21 IsRunning: process 'jitterentropy-rngd' not found 2021-01-07 20:42:21 Security check: file is normal 2021-01-07 20:42:21 Checking permissions of /root/scans/lynis/include/tests_virtualization 2021-01-07 20:42:21 File permissions are OK 2021-01-07 20:42:21 ==== 2021-01-07 20:42:21 Action: Performing tests from category: Virtualization 2021-01-07 20:42:21 Security check: file is normal 2021-01-07 20:42:21 Checking permissions of /root/scans/lynis/include/tests_containers 2021-01-07 20:42:21 File permissions are OK 2021-01-07 20:42:21 ==== 2021-01-07 20:42:21 Action: Performing tests from category: Containers 2021-01-07 20:42:21 ==== 2021-01-07 20:42:21 Skipped test CONT-8004 (Query running Solaris zones) 2021-01-07 20:42:21 Reason to skip: Incorrect guest OS (Solaris only) 2021-01-07 20:42:21 ==== 2021-01-07 20:42:21 Performing test ID CONT-8102 (Checking Docker status and information) 2021-01-07 20:42:21 Performing pgrep scan without uid 2021-01-07 20:42:21 IsRunning: process 'dockerd' not found 2021-01-07 20:42:21 ==== 2021-01-07 20:42:21 Skipped test CONT-8104 (Checking Docker info for any warnings) 2021-01-07 20:42:21 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:21 ==== 2021-01-07 20:42:21 Skipped test CONT-8106 (Gather basic stats from Docker) 2021-01-07 20:42:21 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:21 ==== 2021-01-07 20:42:21 Skipped test CONT-8107 (Check number of Docker containers) 2021-01-07 20:42:21 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:21 ==== 2021-01-07 20:42:22 Skipped test CONT-8108 (Check file permissions for Docker files) 2021-01-07 20:42:22 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:22 Security check: file is normal 2021-01-07 20:42:22 Checking permissions of /root/scans/lynis/include/tests_mac_frameworks 2021-01-07 20:42:22 File permissions are OK 2021-01-07 20:42:22 ==== 2021-01-07 20:42:22 Action: Performing tests from category: Security frameworks 2021-01-07 20:42:22 ==== 2021-01-07 20:42:22 Performing test ID MACF-6204 (Check AppArmor presence) 2021-01-07 20:42:22 Result: aa-status binary found, AppArmor is installed 2021-01-07 20:42:22 ==== 2021-01-07 20:42:22 Performing test ID MACF-6208 (Check if AppArmor is enabled) 2021-01-07 20:42:22 Result: file /sys/kernel/security/apparmor/profiles is available and readable 2021-01-07 20:42:22 Result: AppArmor is enabled and a policy is loaded 2021-01-07 20:42:22 Hardening: assigned maximum number of hardening points for this item (3). Currently having 156 points (out of 213) 2021-01-07 20:42:22 Result: Unconfined process: unconfined:1:systemd 2021-01-07 20:42:22 Result: Unconfined process: unconfined:2:kthreadd 2021-01-07 20:42:22 Result: Unconfined process: unconfined:479:systemd-journal 2021-01-07 20:42:22 Result: Unconfined process: unconfined:508:systemd-udevd 2021-01-07 20:42:22 Result: Unconfined process: unconfined:684:multipathd 2021-01-07 20:42:22 Result: Unconfined process: unconfined:713:systemd-timesyn 2021-01-07 20:42:22 Result: Unconfined process: unconfined:723:VGAuthService 2021-01-07 20:42:22 Result: Unconfined process: unconfined:724:vmtoolsd 2021-01-07 20:42:22 Result: Unconfined process: unconfined:796:systemd-network 2021-01-07 20:42:22 Result: Unconfined process: unconfined:798:systemd-resolve 2021-01-07 20:42:22 Result: Unconfined process: unconfined:812:accounts-daemon 2021-01-07 20:42:22 Result: Unconfined process: unconfined:817:cron 2021-01-07 20:42:22 Result: Unconfined process: unconfined:818:dbus-daemon 2021-01-07 20:42:22 Result: Unconfined process: unconfined:823:irqbalance 2021-01-07 20:42:22 Result: Unconfined process: unconfined:827:networkd-dispat 2021-01-07 20:42:22 Result: Unconfined process: unconfined:831:rsyslogd 2021-01-07 20:42:22 Result: Unconfined process: unconfined:847:systemd-logind 2021-01-07 20:42:22 Result: Unconfined process: unconfined:857:atd 2021-01-07 20:42:22 Result: Unconfined process: unconfined:864:login 2021-01-07 20:42:22 Result: Unconfined process: unconfined:905:unattended-upgr 2021-01-07 20:42:22 Result: Unconfined process: unconfined:940:apache2 2021-01-07 20:42:22 Result: Unconfined process: unconfined:969:apache2 2021-01-07 20:42:22 Result: Unconfined process: unconfined:970:apache2 2021-01-07 20:42:22 Result: Unconfined process: unconfined:971:apache2 2021-01-07 20:42:22 Result: Unconfined process: unconfined:972:apache2 2021-01-07 20:42:22 Result: Unconfined process: unconfined:973:apache2 2021-01-07 20:42:22 Result: Unconfined process: unconfined:985:polkitd 2021-01-07 20:42:22 Result: Unconfined process: unconfined:1324:snapd 2021-01-07 20:42:22 Result: Unconfined process: unconfined:1865:systemd 2021-01-07 20:42:22 Result: Unconfined process: unconfined:1866:(sd-pam) 2021-01-07 20:42:22 Result: Unconfined process: unconfined:1886:bash 2021-01-07 20:42:22 Result: Unconfined process: unconfined:2211:sudo 2021-01-07 20:42:22 Result: Unconfined process: unconfined:2215:su 2021-01-07 20:42:22 Result: Unconfined process: unconfined:2216:bash 2021-01-07 20:42:22 Result: Unconfined process: unconfined:2255:vmhgfs-fuse 2021-01-07 20:42:22 Result: Unconfined process: unconfined:3780:scanner.js 2021-01-07 20:42:22 Result: Unconfined process: unconfined:3782:lynis 2021-01-07 20:42:22 Result: Unconfined process: unconfined:3783:tee 2021-01-07 20:42:22 Result: Unconfined process: unconfined:22843:packagekitd 2021-01-07 20:42:22 Result: Unconfined process: unconfined:35584:lynis 2021-01-07 20:42:22 Result: Unconfined process: unconfined:35585:ps 2021-01-07 20:42:22 Result: Unconfined process: unconfined:35586:grep 2021-01-07 20:42:22 Result: Unconfined process: unconfined:35587:tr 2021-01-07 20:42:22 ==== 2021-01-07 20:42:22 Performing test ID MACF-6232 (Check SELINUX presence) 2021-01-07 20:42:22 Test: checking if we have sestatus binary 2021-01-07 20:42:22 Result: sestatus binary NOT found 2021-01-07 20:42:22 ==== 2021-01-07 20:42:22 Skipped test MACF-6234 (Check SELINUX status) 2021-01-07 20:42:22 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:22 ==== 2021-01-07 20:42:22 Performing test ID MACF-6240 (Check TOMOYO Linux presence) 2021-01-07 20:42:22 Test: checking if we have tomoyo-init binary 2021-01-07 20:42:22 Result: tomoyo-init binary not found 2021-01-07 20:42:22 ==== 2021-01-07 20:42:22 Skipped test MACF-6242 (Check TOMOYO Linux status) 2021-01-07 20:42:22 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:22 ==== 2021-01-07 20:42:22 Performing test ID RBAC-6272 (Check grsecurity presence) 2021-01-07 20:42:22 Result: no grsecurity found in kernel config 2021-01-07 20:42:22 ==== 2021-01-07 20:42:22 Performing test ID MACF-6290 (Check for implemented MAC framework) 2021-01-07 20:42:22 Hardening: assigned maximum number of hardening points for this item (3). Currently having 159 points (out of 216) 2021-01-07 20:42:22 Result: found implemented MAC framework 2021-01-07 20:42:22 Security check: file is normal 2021-01-07 20:42:22 Checking permissions of /root/scans/lynis/include/tests_file_integrity 2021-01-07 20:42:22 File permissions are OK 2021-01-07 20:42:22 ==== 2021-01-07 20:42:22 Action: Performing tests from category: Software: file integrity 2021-01-07 20:42:22 ==== 2021-01-07 20:42:22 Performing test ID FINT-4310 (AFICK availability) 2021-01-07 20:42:22 Test: Checking AFICK binary 2021-01-07 20:42:22 Result: AFICK is not installed 2021-01-07 20:42:22 ==== 2021-01-07 20:42:22 Performing test ID FINT-4314 (AIDE availability) 2021-01-07 20:42:22 Test: Checking AIDE binary 2021-01-07 20:42:22 Result: AIDE is not installed 2021-01-07 20:42:22 ==== 2021-01-07 20:42:22 Skipped test FINT-4315 (Check AIDE configuration file) 2021-01-07 20:42:22 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:22 ==== 2021-01-07 20:42:22 Skipped test FINT-4316 (Presence of AIDE database and size check) 2021-01-07 20:42:22 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:22 ==== 2021-01-07 20:42:22 Performing test ID FINT-4318 (Osiris availability) 2021-01-07 20:42:22 Test: Checking Osiris binary 2021-01-07 20:42:22 Result: Osiris is not installed 2021-01-07 20:42:22 ==== 2021-01-07 20:42:22 Performing test ID FINT-4322 (Samhain availability) 2021-01-07 20:42:22 Test: Checking Samhain binary 2021-01-07 20:42:22 Result: Samhain is not installed 2021-01-07 20:42:22 ==== 2021-01-07 20:42:22 Performing test ID FINT-4326 (Tripwire availability) 2021-01-07 20:42:22 Test: Checking Tripwire binary 2021-01-07 20:42:22 Result: Tripwire is not installed 2021-01-07 20:42:22 ==== 2021-01-07 20:42:22 Performing test ID FINT-4328 (OSSEC syscheck daemon running) 2021-01-07 20:42:22 Test: Checking if OSSEC syscheck daemon is running 2021-01-07 20:42:22 Performing pgrep scan without uid 2021-01-07 20:42:22 IsRunning: process 'ossec-syscheckd' not found 2021-01-07 20:42:22 Result: syscheck (OSSEC) is not active 2021-01-07 20:42:22 ==== 2021-01-07 20:42:22 Performing test ID FINT-4330 (mtree availability) 2021-01-07 20:42:22 Test: Checking mtree binary 2021-01-07 20:42:22 Result: mtree is not installed 2021-01-07 20:42:22 ==== 2021-01-07 20:42:22 Skipped test FINT-4334 (Check lfd daemon status) 2021-01-07 20:42:22 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:22 ==== 2021-01-07 20:42:22 Skipped test FINT-4336 (Check lfd configuration status) 2021-01-07 20:42:22 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:22 ==== 2021-01-07 20:42:22 Performing test ID FINT-4338 (osqueryd syscheck daemon running) 2021-01-07 20:42:22 Test: Checking if osqueryd syscheck daemon is running 2021-01-07 20:42:22 Performing pgrep scan without uid 2021-01-07 20:42:22 IsRunning: process 'osqueryd' not found 2021-01-07 20:42:22 Result: syscheck (osquery) not installed 2021-01-07 20:42:22 ==== 2021-01-07 20:42:22 Skipped test FINT-4339 (Check IMA/EVM status) 2021-01-07 20:42:22 Reason to skip: No evmctl binary found 2021-01-07 20:42:22 ==== 2021-01-07 20:42:22 Performing test ID FINT-4340 (Check dm-integrity status) 2021-01-07 20:42:22 Result: dm-integrity tools found but no active devices 2021-01-07 20:42:22 ==== 2021-01-07 20:42:22 Performing test ID FINT-4341 (Check dm-verity status) 2021-01-07 20:42:22 Result: dm-verity tools found but no active devices 2021-01-07 20:42:22 ==== 2021-01-07 20:42:22 Skipped test FINT-4402 (AIDE configuration: Checksums (SHA256 or SHA512)) 2021-01-07 20:42:22 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:22 ==== 2021-01-07 20:42:22 Performing test ID FINT-4350 (File integrity software installed) 2021-01-07 20:42:22 Test: Check if at least on file integrity tool is available/installed 2021-01-07 20:42:22 Result: No file integrity tools found 2021-01-07 20:42:22 Suggestion: Install a file integrity tool to monitor changes to critical and sensitive files [test:FINT-4350] [details:-] [solution:-] 2021-01-07 20:42:22 Hardening: assigned partial number of hardening points (0 of 5). Currently having 159 points (out of 221) 2021-01-07 20:42:22 Security check: file is normal 2021-01-07 20:42:22 Checking permissions of /root/scans/lynis/include/tests_tooling 2021-01-07 20:42:22 File permissions are OK 2021-01-07 20:42:22 ==== 2021-01-07 20:42:22 Action: Performing tests from category: Software: System tooling 2021-01-07 20:42:22 ==== 2021-01-07 20:42:22 Performing test ID TOOL-5002 (Checking for automation tools) 2021-01-07 20:42:22 Test: checking if directory /root/.ansible exists 2021-01-07 20:42:22 Result: directory /root/.ansible NOT found 2021-01-07 20:42:22 Test: checking if directory /etc/ansible exists 2021-01-07 20:42:22 Result: directory /etc/ansible NOT found 2021-01-07 20:42:22 Test: checking if directory /root/.ansible exists 2021-01-07 20:42:22 Result: directory /root/.ansible NOT found 2021-01-07 20:42:22 Test: checking if directory /tmp/.ansible exists 2021-01-07 20:42:22 Result: directory /tmp/.ansible NOT found 2021-01-07 20:42:22 Test: checking if file /var/log/ansible.log exists 2021-01-07 20:42:22 Result: file /var/log/ansible.log NOT found 2021-01-07 20:42:22 Test: checking if file ~/.ansible-retry exists 2021-01-07 20:42:22 Result: file ~/.ansible-retry NOT found 2021-01-07 20:42:22 Performing pgrep scan without uid 2021-01-07 20:42:22 IsRunning: process 'puppet master' not found 2021-01-07 20:42:22 Suggestion: Determine if automation tools are present for system management [test:TOOL-5002] [details:-] [solution:-] 2021-01-07 20:42:22 ==== 2021-01-07 20:42:22 Performing test ID TOOL-5102 (Check for presence of Fail2ban) 2021-01-07 20:42:22 Result: Fail2ban not present (fail2ban-server not found) 2021-01-07 20:42:22 Checking Fail2ban configuration file 2021-01-07 20:42:22 ==== 2021-01-07 20:42:22 Skipped test TOOL-5104 (Enabled tests in Fail2ban) 2021-01-07 20:42:22 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:22 ==== 2021-01-07 20:42:22 Performing test ID TOOL-5120 (Check for presence of Snort) 2021-01-07 20:42:22 Performing pgrep scan without uid 2021-01-07 20:42:22 IsRunning: process 'snort' not found 2021-01-07 20:42:22 Result: Snort not present (Snort not running) 2021-01-07 20:42:22 ==== 2021-01-07 20:42:22 Performing test ID TOOL-5122 (Check Snort configuration file) 2021-01-07 20:42:22 ==== 2021-01-07 20:42:22 Performing test ID TOOL-5130 (Check for active Suricata daemon) 2021-01-07 20:42:22 Result: Suricata not installed (suricata not found) 2021-01-07 20:42:22 ==== 2021-01-07 20:42:22 Performing test ID TOOL-5126 (Check for active OSSEC daemon) 2021-01-07 20:42:22 Performing pgrep scan without uid 2021-01-07 20:42:22 IsRunning: process 'ossec-analysisd' not found 2021-01-07 20:42:22 Result: OSSEC analysis daemon not active 2021-01-07 20:42:22 Performing pgrep scan without uid 2021-01-07 20:42:22 IsRunning: process 'ossec-agentd' not found 2021-01-07 20:42:22 Result: OSSEC agent daemon not active 2021-01-07 20:42:22 ==== 2021-01-07 20:42:23 Performing test ID TOOL-5190 (Check presence of IDS/IPS tool) 2021-01-07 20:42:23 Hardening: assigned partial number of hardening points (0 of 2). Currently having 159 points (out of 223) 2021-01-07 20:42:23 Security check: file is normal 2021-01-07 20:42:23 Checking permissions of /root/scans/lynis/include/tests_malware 2021-01-07 20:42:23 File permissions are OK 2021-01-07 20:42:23 ==== 2021-01-07 20:42:23 Action: Performing tests from category: Software: Malware 2021-01-07 20:42:23 ==== 2021-01-07 20:42:23 Performing test ID MALW-3275 (Check for chkrootkit) 2021-01-07 20:42:23 Test: checking presence chkrootkit 2021-01-07 20:42:23 Result: chkrootkit not found 2021-01-07 20:42:23 ==== 2021-01-07 20:42:23 Performing test ID MALW-3276 (Check for Rootkit Hunter) 2021-01-07 20:42:23 Test: checking presence Rootkit Hunter 2021-01-07 20:42:23 Result: Rootkit Hunter not found 2021-01-07 20:42:23 ==== 2021-01-07 20:42:23 Performing test ID MALW-3278 (Check for LMD) 2021-01-07 20:42:23 Test: checking presence LMD 2021-01-07 20:42:23 Result: LMD not found 2021-01-07 20:42:23 ==== 2021-01-07 20:42:23 Performing test ID MALW-3280 (Check if anti-virus tool is installed) 2021-01-07 20:42:23 Test: checking process com.avast.daemon 2021-01-07 20:42:23 Performing pgrep scan without uid 2021-01-07 20:42:23 IsRunning: process 'com.avast.daemon' not found 2021-01-07 20:42:23 Test: checking process Avira daemon 2021-01-07 20:42:23 Performing pgrep scan without uid 2021-01-07 20:42:23 IsRunning: process 'avqmd' not found 2021-01-07 20:42:23 Test: checking process epagd 2021-01-07 20:42:23 Performing pgrep scan without uid 2021-01-07 20:42:23 IsRunning: process 'bdagentd' not found 2021-01-07 20:42:23 Performing pgrep scan without uid 2021-01-07 20:42:23 IsRunning: process 'epagd' not found 2021-01-07 20:42:23 Test: checking process falcon-sensor (CrowdStrike) 2021-01-07 20:42:23 Performing pgrep scan without uid 2021-01-07 20:42:23 IsRunning: process 'falcon-sensor' not found 2021-01-07 20:42:23 Test: checking process CylanceSvc 2021-01-07 20:42:23 Performing pgrep scan without uid 2021-01-07 20:42:23 IsRunning: process 'CylanceSvc' not found 2021-01-07 20:42:23 Test: checking process esets_daemon 2021-01-07 20:42:23 Performing pgrep scan without uid 2021-01-07 20:42:23 IsRunning: process 'esets_daemon' not found 2021-01-07 20:42:23 Test: checking process wdserver or klnagent (Kaspersky) 2021-01-07 20:42:23 Performing pgrep scan without uid 2021-01-07 20:42:23 IsRunning: process 'klnagent' not found 2021-01-07 20:42:23 Test: checking process cma or cmdagent (McAfee) 2021-01-07 20:42:23 Performing pgrep scan without uid 2021-01-07 20:42:23 IsRunning: process 'cmdagent' not found 2021-01-07 20:42:23 Test: checking process savscand 2021-01-07 20:42:23 Performing pgrep scan without uid 2021-01-07 20:42:23 IsRunning: process 'savscand' not found 2021-01-07 20:42:23 Test: checking process SophosScanD 2021-01-07 20:42:23 Performing pgrep scan without uid 2021-01-07 20:42:23 IsRunning: process 'SophosScanD' not found 2021-01-07 20:42:23 Test: checking process rtvscand 2021-01-07 20:42:23 Performing pgrep scan without uid 2021-01-07 20:42:23 IsRunning: process 'rtvscand' not found 2021-01-07 20:42:23 Test: checking process Symantec management client service 2021-01-07 20:42:23 Performing pgrep scan without uid 2021-01-07 20:42:23 IsRunning: process 'smcd' not found 2021-01-07 20:42:23 Test: checking process Symantec Endpoint Protection configuration service 2021-01-07 20:42:23 Performing pgrep scan without uid 2021-01-07 20:42:23 IsRunning: process 'symcfgd' not found 2021-01-07 20:42:23 Test: checking process synoavd 2021-01-07 20:42:23 Performing pgrep scan without uid 2021-01-07 20:42:23 IsRunning: process 'synoavd' not found 2021-01-07 20:42:23 Test: checking process TmccMac to test for Trend Micro anti-virus (macOS) 2021-01-07 20:42:23 Performing pgrep scan without uid 2021-01-07 20:42:23 IsRunning: process 'TmccMac' not found 2021-01-07 20:42:23 Result: no commercial anti-virus tools found 2021-01-07 20:42:23 Hardening: assigned partial number of hardening points (0 of 3). Currently having 159 points (out of 226) 2021-01-07 20:42:23 ==== 2021-01-07 20:42:23 Performing test ID MALW-3282 (Check for clamscan) 2021-01-07 20:42:23 Test: checking presence clamscan 2021-01-07 20:42:23 Result: clamscan couldn't be found 2021-01-07 20:42:23 ==== 2021-01-07 20:42:23 Performing test ID MALW-3284 (Check for clamd) 2021-01-07 20:42:23 Test: checking running ClamAV daemon (clamd) 2021-01-07 20:42:23 Performing pgrep scan without uid 2021-01-07 20:42:23 IsRunning: process 'clamd' not found 2021-01-07 20:42:23 Result: clamd not running 2021-01-07 20:42:23 ==== 2021-01-07 20:42:23 Skipped test MALW-3286 (Check for freshclam) 2021-01-07 20:42:23 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:23 ==== 2021-01-07 20:42:23 Skipped test MALW-3288 (Check for ClamXav) 2021-01-07 20:42:23 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution) 2021-01-07 20:42:23 Security check: file is normal 2021-01-07 20:42:23 Checking permissions of /root/scans/lynis/include/tests_file_permissions 2021-01-07 20:42:24 File permissions are OK 2021-01-07 20:42:24 ==== 2021-01-07 20:42:24 Action: Performing tests from category: File Permissions 2021-01-07 20:42:24 ==== 2021-01-07 20:42:24 Performing test ID FILE-7524 (Perform file permissions check) 2021-01-07 20:42:24 Test: Checking file permissions 2021-01-07 20:42:24 Using profile /root/scans/lynis/default.prf for baseline. 2021-01-07 20:42:24 Test: checking file/directory /boot/grub/grub.cfg 2021-01-07 20:42:24 Test: checking if file /boot/grub/grub.cfg has the permissions set to 600 or more restrictive 2021-01-07 20:42:24 Outcome: correct permissions (444) 2021-01-07 20:42:24 Test: checking file/directory /boot/grub2/grub.cfg 2021-01-07 20:42:24 Skipping file/directory /boot/grub2/grub.cfg as it does not exist on this system 2021-01-07 20:42:24 Test: checking file/directory /boot/grub2/user.cfg 2021-01-07 20:42:24 Skipping file/directory /boot/grub2/user.cfg as it does not exist on this system 2021-01-07 20:42:24 Test: checking file/directory /etc/at.allow 2021-01-07 20:42:24 Skipping file/directory /etc/at.allow as it does not exist on this system 2021-01-07 20:42:24 Test: checking file/directory /etc/at.deny 2021-01-07 20:42:24 Test: checking if file /etc/at.deny has the permissions set to 600 or more restrictive 2021-01-07 20:42:24 Outcome: permissions of file /etc/at.deny are not matching expected value (640 != rw-------) 2021-01-07 20:42:24 Test: checking file/directory /etc/cron.allow 2021-01-07 20:42:24 Skipping file/directory /etc/cron.allow as it does not exist on this system 2021-01-07 20:42:24 Test: checking file/directory /etc/cron.deny 2021-01-07 20:42:24 Skipping file/directory /etc/cron.deny as it does not exist on this system 2021-01-07 20:42:24 Test: checking file/directory /etc/crontab 2021-01-07 20:42:24 Test: checking if file /etc/crontab has the permissions set to 600 or more restrictive 2021-01-07 20:42:24 Outcome: permissions of file /etc/crontab are not matching expected value (644 != rw-------) 2021-01-07 20:42:24 Test: checking file/directory /etc/group 2021-01-07 20:42:24 Test: checking if file /etc/group has the permissions set to 644 or more restrictive 2021-01-07 20:42:24 Outcome: correct permissions (644) 2021-01-07 20:42:24 Test: checking file/directory /etc/group- 2021-01-07 20:42:24 Test: checking if file /etc/group- has the permissions set to 644 or more restrictive 2021-01-07 20:42:24 Outcome: correct permissions (644) 2021-01-07 20:42:24 Test: checking file/directory /etc/hosts.allow 2021-01-07 20:42:24 Skipping file/directory /etc/hosts.allow as it does not exist on this system 2021-01-07 20:42:24 Test: checking file/directory /etc/hosts.deny 2021-01-07 20:42:24 Skipping file/directory /etc/hosts.deny as it does not exist on this system 2021-01-07 20:42:24 Test: checking file/directory /etc/issue 2021-01-07 20:42:24 Test: checking if file /etc/issue has the permissions set to 644 or more restrictive 2021-01-07 20:42:24 Outcome: correct permissions (644) 2021-01-07 20:42:24 Test: checking file/directory /etc/issue.net 2021-01-07 20:42:24 Test: checking if file /etc/issue.net has the permissions set to 644 or more restrictive 2021-01-07 20:42:24 Outcome: correct permissions (644) 2021-01-07 20:42:24 Test: checking file/directory /etc/lilo.conf 2021-01-07 20:42:24 Skipping file/directory /etc/lilo.conf as it does not exist on this system 2021-01-07 20:42:24 Test: checking file/directory /etc/motd 2021-01-07 20:42:24 Skipping file/directory /etc/motd as it does not exist on this system 2021-01-07 20:42:24 Test: checking file/directory /etc/passwd 2021-01-07 20:42:24 Test: checking if file /etc/passwd has the permissions set to 644 or more restrictive 2021-01-07 20:42:24 Outcome: correct permissions (644) 2021-01-07 20:42:24 Test: checking file/directory /etc/passwd- 2021-01-07 20:42:24 Test: checking if file /etc/passwd- has the permissions set to 644 or more restrictive 2021-01-07 20:42:24 Outcome: correct permissions (644) 2021-01-07 20:42:24 Test: checking file/directory /etc/ssh/sshd_config 2021-01-07 20:42:24 Skipping file/directory /etc/ssh/sshd_config as it does not exist on this system 2021-01-07 20:42:24 Test: checking file/directory /etc/hosts.equiv 2021-01-07 20:42:24 Skipping file/directory /etc/hosts.equiv as it does not exist on this system 2021-01-07 20:42:24 Test: checking file/directory /etc/shosts.equiv 2021-01-07 20:42:24 Skipping file/directory /etc/shosts.equiv as it does not exist on this system 2021-01-07 20:42:24 Test: checking file/directory /root/.rhosts 2021-01-07 20:42:24 Skipping file/directory /root/.rhosts as it does not exist on this system 2021-01-07 20:42:24 Test: checking file/directory /root/.rlogin 2021-01-07 20:42:24 Skipping file/directory /root/.rlogin as it does not exist on this system 2021-01-07 20:42:24 Test: checking file/directory /root/.shosts 2021-01-07 20:42:24 Skipping file/directory /root/.shosts as it does not exist on this system 2021-01-07 20:42:24 Test: checking file/directory /root/.ssh 2021-01-07 20:42:24 Test: checking if file /root/.ssh has the permissions set to 700 or more restrictive 2021-01-07 20:42:24 Outcome: correct permissions (700) 2021-01-07 20:42:24 Test: checking file/directory /etc/cron.d 2021-01-07 20:42:24 Test: checking if file /etc/cron.d has the permissions set to 700 or more restrictive 2021-01-07 20:42:24 Outcome: permissions of file /etc/cron.d are not matching expected value (755 != rwx------) 2021-01-07 20:42:24 Test: checking file/directory /etc/cron.daily 2021-01-07 20:42:24 Test: checking if file /etc/cron.daily has the permissions set to 700 or more restrictive 2021-01-07 20:42:24 Outcome: permissions of file /etc/cron.daily are not matching expected value (755 != rwx------) 2021-01-07 20:42:24 Test: checking file/directory /etc/cron.hourly 2021-01-07 20:42:24 Test: checking if file /etc/cron.hourly has the permissions set to 700 or more restrictive 2021-01-07 20:42:24 Outcome: permissions of file /etc/cron.hourly are not matching expected value (755 != rwx------) 2021-01-07 20:42:24 Test: checking file/directory /etc/cron.weekly 2021-01-07 20:42:24 Test: checking if file /etc/cron.weekly has the permissions set to 700 or more restrictive 2021-01-07 20:42:24 Outcome: permissions of file /etc/cron.weekly are not matching expected value (755 != rwx------) 2021-01-07 20:42:24 Test: checking file/directory /etc/cron.monthly 2021-01-07 20:42:24 Test: checking if file /etc/cron.monthly has the permissions set to 700 or more restrictive 2021-01-07 20:42:24 Outcome: permissions of file /etc/cron.monthly are not matching expected value (755 != rwx------) 2021-01-07 20:42:24 Suggestion: Consider restricting file permissions [test:FILE-7524] [details:See screen output or log file] [solution:text:Use chmod to change file permissions] 2021-01-07 20:42:24 Security check: file is normal 2021-01-07 20:42:24 Checking permissions of /root/scans/lynis/include/tests_homedirs 2021-01-07 20:42:24 File permissions are OK 2021-01-07 20:42:24 ==== 2021-01-07 20:42:24 Action: Performing tests from category: Home directories 2021-01-07 20:42:24 ==== 2021-01-07 20:42:24 Performing test ID HOME-9302 (Create list with home directories) 2021-01-07 20:42:24 Test: query /etc/passwd to obtain home directories 2021-01-07 20:42:24 Result: found home directory: / (directory exists) 2021-01-07 20:42:24 Result: found home directory: /bin (directory exists) 2021-01-07 20:42:24 Result: found home directory: /dev (directory exists) 2021-01-07 20:42:24 Result: found home directory: /home/ll (directory exists) 2021-01-07 20:42:24 Result: found home directory: /home/syslog (directory does not exist) 2021-01-07 20:42:24 Result: found home directory: /nonexistent (directory does not exist) 2021-01-07 20:42:24 Result: found home directory: /root (directory exists) 2021-01-07 20:42:24 Result: found home directory: /run/systemd (directory exists) 2021-01-07 20:42:24 Result: found home directory: /run/uuidd (directory exists) 2021-01-07 20:42:24 Result: found home directory: /usr/games (directory exists) 2021-01-07 20:42:24 Result: found home directory: /usr/sbin (directory exists) 2021-01-07 20:42:24 Result: found home directory: /var/backups (directory exists) 2021-01-07 20:42:24 Result: found home directory: /var/cache/man (directory exists) 2021-01-07 20:42:24 Result: found home directory: /var/cache/pollinate (directory exists) 2021-01-07 20:42:24 Result: found home directory: /var/lib/gnats (directory does not exist) 2021-01-07 20:42:24 Result: found home directory: /var/lib/landscape (directory exists) 2021-01-07 20:42:24 Result: found home directory: /var/lib/tpm (directory exists) 2021-01-07 20:42:24 Result: found home directory: /var/list (directory does not exist) 2021-01-07 20:42:24 Result: found home directory: /var/mail (directory exists) 2021-01-07 20:42:24 Result: found home directory: /var/run/ircd (directory does not exist) 2021-01-07 20:42:24 Result: found home directory: /var/snap/lxd/common/lxd (directory exists) 2021-01-07 20:42:24 Result: found home directory: /var/spool/lpd (directory does not exist) 2021-01-07 20:42:24 Result: found home directory: /var/spool/news (directory does not exist) 2021-01-07 20:42:24 Result: found home directory: /var/spool/uucp (directory does not exist) 2021-01-07 20:42:24 Result: found home directory: /var/www (directory exists) 2021-01-07 20:42:24 ==== 2021-01-07 20:42:24 Performing test ID HOME-9304 (Check if users' home directories permissions are 750 or more restrictive) 2021-01-07 20:42:24 Test: checking directory '/home/ll' for user 'll' 2021-01-07 20:42:24 Result: permissions of home directory /home/ll of user ll are not strict enough. Should be 750 or more restrictive. Change with: chmod 750 /home/ll 2021-01-07 20:42:24 Suggestion: Double check the permissions of home directories as some might be not strict enough. [test:HOME-9304] [details:-] [solution:-] 2021-01-07 20:42:24 ==== 2021-01-07 20:42:24 Performing test ID HOME-9306 (Check if users own their home directories) 2021-01-07 20:42:24 Test: checking directory '/home/ll' for user 'll' 2021-01-07 20:42:24 Result: ownership of home directory /home/ll for user ll looks to be correct 2021-01-07 20:42:24 Result: OK, all users own their home directories 2021-01-07 20:42:24 ==== 2021-01-07 20:42:24 Performing test ID HOME-9310 (Checking for suspicious shell history files) 2021-01-07 20:42:24 Result: Ok, history files are type 'file'. 2021-01-07 20:42:24 Remark: History files are normally of the type 'file'. Symbolic links and other types are suspicious. 2021-01-07 20:42:24 ==== 2021-01-07 20:42:24 Performing test ID HOME-9350 (Collecting information from home directories) 2021-01-07 20:42:24 Result: IGNORE_HOME_DIRS empty, no paths excluded 2021-01-07 20:42:24 Security check: file is normal 2021-01-07 20:42:24 Checking permissions of /root/scans/lynis/include/tests_kernel_hardening 2021-01-07 20:42:24 File permissions are OK 2021-01-07 20:42:24 ==== 2021-01-07 20:42:24 Action: Performing tests from category: Kernel Hardening 2021-01-07 20:42:24 ==== 2021-01-07 20:42:24 Performing test ID KRNL-6000 (Check sysctl key pairs in scan profile) 2021-01-07 20:42:24 Result: sysctl key dev.tty.ldisc_autoload has a different value than expected in scan profile. Expected=0, Real=1 2021-01-07 20:42:24 Hardening: assigned partial number of hardening points (0 of 1). Currently having 159 points (out of 227) 2021-01-07 20:42:25 Result: sysctl key fs.protected_fifos has a different value than expected in scan profile. Expected=2, Real=1 2021-01-07 20:42:25 Hardening: assigned partial number of hardening points (0 of 1). Currently having 159 points (out of 228) 2021-01-07 20:42:25 Result: sysctl key fs.protected_hardlinks contains equal expected and current value (1) 2021-01-07 20:42:25 Hardening: assigned maximum number of hardening points for this item (1). Currently having 160 points (out of 229) 2021-01-07 20:42:25 Result: sysctl key fs.protected_regular contains equal expected and current value (2) 2021-01-07 20:42:25 Hardening: assigned maximum number of hardening points for this item (1). Currently having 161 points (out of 230) 2021-01-07 20:42:25 Result: sysctl key fs.protected_symlinks contains equal expected and current value (1) 2021-01-07 20:42:25 Hardening: assigned maximum number of hardening points for this item (1). Currently having 162 points (out of 231) 2021-01-07 20:42:25 Result: sysctl key fs.suid_dumpable has a different value than expected in scan profile. Expected=0, Real=2 2021-01-07 20:42:25 Hardening: assigned partial number of hardening points (0 of 1). Currently having 162 points (out of 232) 2021-01-07 20:42:25 Result: key hw.kbd.keymap_restrict_change does not exist on this machine 2021-01-07 20:42:25 Result: key kern.sugid_coredump does not exist on this machine 2021-01-07 20:42:25 Result: key kernel.core_setuid_ok does not exist on this machine 2021-01-07 20:42:25 Result: sysctl key kernel.core_uses_pid has a different value than expected in scan profile. Expected=1, Real=0 2021-01-07 20:42:25 Hardening: assigned partial number of hardening points (0 of 1). Currently having 162 points (out of 233) 2021-01-07 20:42:25 Result: sysctl key kernel.ctrl-alt-del contains equal expected and current value (0) 2021-01-07 20:42:25 Hardening: assigned maximum number of hardening points for this item (1). Currently having 163 points (out of 234) 2021-01-07 20:42:25 Result: sysctl key kernel.dmesg_restrict has a different value than expected in scan profile. Expected=1, Real=0 2021-01-07 20:42:25 Hardening: assigned partial number of hardening points (0 of 1). Currently having 163 points (out of 235) 2021-01-07 20:42:25 Result: key kernel.exec-shield-randomize does not exist on this machine 2021-01-07 20:42:25 Result: key kernel.exec-shield does not exist on this machine 2021-01-07 20:42:25 Result: sysctl key kernel.kptr_restrict has a different value than expected in scan profile. Expected=2, Real=1 2021-01-07 20:42:25 Hardening: assigned partial number of hardening points (0 of 1). Currently having 163 points (out of 236) 2021-01-07 20:42:25 Result: key kernel.maps_protect does not exist on this machine 2021-01-07 20:42:25 Result: sysctl key kernel.modules_disabled has a different value than expected in scan profile. Expected=1, Real=0 2021-01-07 20:42:25 Hardening: assigned partial number of hardening points (0 of 1). Currently having 163 points (out of 237) 2021-01-07 20:42:25 Result: sysctl key kernel.perf_event_paranoid contains equal expected and current value (3) 2021-01-07 20:42:25 Hardening: assigned maximum number of hardening points for this item (1). Currently having 164 points (out of 238) 2021-01-07 20:42:25 Result: sysctl key kernel.randomize_va_space contains equal expected and current value (2) 2021-01-07 20:42:25 Hardening: assigned maximum number of hardening points for this item (1). Currently having 165 points (out of 239) 2021-01-07 20:42:25 Result: key kernel.suid_dumpable does not exist on this machine 2021-01-07 20:42:25 Result: sysctl key kernel.sysrq has a different value than expected in scan profile. Expected=0, Real=176 2021-01-07 20:42:25 Hardening: assigned partial number of hardening points (0 of 1). Currently having 165 points (out of 240) 2021-01-07 20:42:25 Result: sysctl key kernel.unprivileged_bpf_disabled has a different value than expected in scan profile. Expected=1, Real=0 2021-01-07 20:42:25 Hardening: assigned partial number of hardening points (0 of 1). Currently having 165 points (out of 241) 2021-01-07 20:42:25 Result: key kernel.use-nx does not exist on this machine 2021-01-07 20:42:25 Result: sysctl key kernel.yama.ptrace_scope contains equal expected and current value (1 2 3) 2021-01-07 20:42:25 Hardening: assigned maximum number of hardening points for this item (1). Currently having 166 points (out of 242) 2021-01-07 20:42:25 Result: sysctl key net.core.bpf_jit_harden has a different value than expected in scan profile. Expected=2, Real=0 2021-01-07 20:42:25 Hardening: assigned partial number of hardening points (0 of 1). Currently having 166 points (out of 243) 2021-01-07 20:42:25 Result: key net.inet.icmp.bmcastecho does not exist on this machine 2021-01-07 20:42:25 Result: key net.inet.icmp.drop_redirect does not exist on this machine 2021-01-07 20:42:25 Result: key net.inet.icmp.rediraccept does not exist on this machine 2021-01-07 20:42:25 Result: key net.inet.icmp.timestamp does not exist on this machine 2021-01-07 20:42:25 Result: key net.inet.ip.accept_sourceroute does not exist on this machine 2021-01-07 20:42:25 Result: key net.inet.ip.check_interface does not exist on this machine 2021-01-07 20:42:25 Result: key net.inet.ip.forwarding does not exist on this machine 2021-01-07 20:42:25 Result: key net.inet.ip.linklocal.in.allowbadttl does not exist on this machine 2021-01-07 20:42:25 Result: key net.inet.ip.process_options does not exist on this machine 2021-01-07 20:42:25 Result: key net.inet.ip.random_id does not exist on this machine 2021-01-07 20:42:25 Result: key net.inet.ip.redirect does not exist on this machine 2021-01-07 20:42:25 Result: key net.inet.ip.sourceroute does not exist on this machine 2021-01-07 20:42:25 Result: key net.inet.ip6.redirect does not exist on this machine 2021-01-07 20:42:25 Result: key net.inet.tcp.always_keepalive does not exist on this machine 2021-01-07 20:42:25 Result: key net.inet.tcp.blackhole does not exist on this machine 2021-01-07 20:42:25 Result: key net.inet.tcp.drop_synfin does not exist on this machine 2021-01-07 20:42:25 Result: key net.inet.tcp.icmp_may_rst does not exist on this machine 2021-01-07 20:42:25 Result: key net.inet.tcp.nolocaltimewait does not exist on this machine 2021-01-07 20:42:25 Result: key net.inet.tcp.path_mtu_discovery does not exist on this machine 2021-01-07 20:42:25 Result: key net.inet.udp.blackhole does not exist on this machine 2021-01-07 20:42:25 Result: key net.inet6.icmp6.rediraccept does not exist on this machine 2021-01-07 20:42:25 Result: key net.inet6.ip6.forwarding does not exist on this machine 2021-01-07 20:42:25 Result: key net.inet6.ip6.fw.enable does not exist on this machine 2021-01-07 20:42:25 Result: key net.inet6.ip6.redirect does not exist on this machine 2021-01-07 20:42:25 Result: sysctl key net.ipv4.conf.all.accept_redirects has a different value than expected in scan profile. Expected=0, Real=1 2021-01-07 20:42:25 Hardening: assigned partial number of hardening points (0 of 1). Currently having 166 points (out of 244) 2021-01-07 20:42:25 Result: sysctl key net.ipv4.conf.all.accept_source_route contains equal expected and current value (0) 2021-01-07 20:42:25 Hardening: assigned maximum number of hardening points for this item (1). Currently having 167 points (out of 245) 2021-01-07 20:42:25 Result: sysctl key net.ipv4.conf.all.bootp_relay contains equal expected and current value (0) 2021-01-07 20:42:25 Hardening: assigned maximum number of hardening points for this item (1). Currently having 168 points (out of 246) 2021-01-07 20:42:25 Result: sysctl key net.ipv4.conf.all.forwarding contains equal expected and current value (0) 2021-01-07 20:42:25 Hardening: assigned maximum number of hardening points for this item (1). Currently having 169 points (out of 247) 2021-01-07 20:42:25 Result: sysctl key net.ipv4.conf.all.log_martians has a different value than expected in scan profile. Expected=1, Real=0 2021-01-07 20:42:25 Hardening: assigned partial number of hardening points (0 of 1). Currently having 169 points (out of 248) 2021-01-07 20:42:25 Result: sysctl key net.ipv4.conf.all.mc_forwarding contains equal expected and current value (0) 2021-01-07 20:42:25 Hardening: assigned maximum number of hardening points for this item (1). Currently having 170 points (out of 249) 2021-01-07 20:42:25 Result: sysctl key net.ipv4.conf.all.proxy_arp contains equal expected and current value (0) 2021-01-07 20:42:25 Hardening: assigned maximum number of hardening points for this item (1). Currently having 171 points (out of 250) 2021-01-07 20:42:25 Result: sysctl key net.ipv4.conf.all.rp_filter has a different value than expected in scan profile. Expected=1, Real=2 2021-01-07 20:42:25 Hardening: assigned partial number of hardening points (0 of 1). Currently having 171 points (out of 251) 2021-01-07 20:42:25 Result: sysctl key net.ipv4.conf.all.send_redirects has a different value than expected in scan profile. Expected=0, Real=1 2021-01-07 20:42:25 Hardening: assigned partial number of hardening points (0 of 1). Currently having 171 points (out of 252) 2021-01-07 20:42:25 Result: sysctl key net.ipv4.conf.default.accept_redirects has a different value than expected in scan profile. Expected=0, Real=1 2021-01-07 20:42:25 Hardening: assigned partial number of hardening points (0 of 1). Currently having 171 points (out of 253) 2021-01-07 20:42:26 Result: sysctl key net.ipv4.conf.default.accept_source_route has a different value than expected in scan profile. Expected=0, Real=1 2021-01-07 20:42:26 Hardening: assigned partial number of hardening points (0 of 1). Currently having 171 points (out of 254) 2021-01-07 20:42:26 Result: sysctl key net.ipv4.conf.default.log_martians has a different value than expected in scan profile. Expected=1, Real=0 2021-01-07 20:42:26 Hardening: assigned partial number of hardening points (0 of 1). Currently having 171 points (out of 255) 2021-01-07 20:42:26 Result: sysctl key net.ipv4.icmp_echo_ignore_broadcasts contains equal expected and current value (1) 2021-01-07 20:42:26 Hardening: assigned maximum number of hardening points for this item (1). Currently having 172 points (out of 256) 2021-01-07 20:42:26 Result: sysctl key net.ipv4.icmp_ignore_bogus_error_responses contains equal expected and current value (1) 2021-01-07 20:42:26 Hardening: assigned maximum number of hardening points for this item (1). Currently having 173 points (out of 257) 2021-01-07 20:42:26 Result: sysctl key net.ipv4.tcp_syncookies contains equal expected and current value (1) 2021-01-07 20:42:26 Hardening: assigned maximum number of hardening points for this item (1). Currently having 174 points (out of 258) 2021-01-07 20:42:26 Result: sysctl key net.ipv4.tcp_timestamps contains equal expected and current value (0 1) 2021-01-07 20:42:26 Hardening: assigned maximum number of hardening points for this item (1). Currently having 175 points (out of 259) 2021-01-07 20:42:26 Result: sysctl key net.ipv6.conf.all.accept_redirects has a different value than expected in scan profile. Expected=0, Real=1 2021-01-07 20:42:26 Hardening: assigned partial number of hardening points (0 of 1). Currently having 175 points (out of 260) 2021-01-07 20:42:26 Result: sysctl key net.ipv6.conf.all.accept_source_route contains equal expected and current value (0) 2021-01-07 20:42:26 Hardening: assigned maximum number of hardening points for this item (1). Currently having 176 points (out of 261) 2021-01-07 20:42:26 Result: key net.ipv6.conf.all.send_redirects does not exist on this machine 2021-01-07 20:42:26 Result: sysctl key net.ipv6.conf.default.accept_redirects has a different value than expected in scan profile. Expected=0, Real=1 2021-01-07 20:42:26 Hardening: assigned partial number of hardening points (0 of 1). Currently having 176 points (out of 262) 2021-01-07 20:42:26 Result: sysctl key net.ipv6.conf.default.accept_source_route contains equal expected and current value (0) 2021-01-07 20:42:26 Hardening: assigned maximum number of hardening points for this item (1). Currently having 177 points (out of 263) 2021-01-07 20:42:26 Result: key security.bsd.hardlink_check_gid does not exist on this machine 2021-01-07 20:42:26 Result: key security.bsd.hardlink_check_uid does not exist on this machine 2021-01-07 20:42:26 Result: key security.bsd.see_other_gids does not exist on this machine 2021-01-07 20:42:26 Result: key security.bsd.see_other_uids does not exist on this machine 2021-01-07 20:42:26 Result: key security.bsd.stack_guard_page does not exist on this machine 2021-01-07 20:42:26 Result: key security.bsd.unprivileged_proc_debug does not exist on this machine 2021-01-07 20:42:26 Result: key security.bsd.unprivileged_read_msgbuf does not exist on this machine 2021-01-07 20:42:26 Result: found 19 keys that can use tuning, according scan profile 2021-01-07 20:42:26 Suggestion: One or more sysctl values differ from the scan profile and could be tweaked [test:KRNL-6000] [details:] [solution:Change sysctl value or disable test (skip-test=KRNL-6000:)] 2021-01-07 20:42:26 Security check: file is normal 2021-01-07 20:42:26 Checking permissions of /root/scans/lynis/include/tests_hardening 2021-01-07 20:42:26 File permissions are OK 2021-01-07 20:42:26 ==== 2021-01-07 20:42:26 Action: Performing tests from category: Hardening 2021-01-07 20:42:26 ==== 2021-01-07 20:42:26 Performing test ID HRDN-7220 (Check if one or more compilers are installed) 2021-01-07 20:42:26 Test: Check if one or more compilers can be found on the system 2021-01-07 20:42:26 Result: no compilers found 2021-01-07 20:42:26 Hardening: assigned maximum number of hardening points for this item (3). Currently having 180 points (out of 266) 2021-01-07 20:42:26 ==== 2021-01-07 20:42:26 Performing test ID HRDN-7222 (Check compiler permissions) 2021-01-07 20:42:26 Test: Check if one or more compilers can be found on the system 2021-01-07 20:42:26 Result: no compilers found 2021-01-07 20:42:26 ==== 2021-01-07 20:42:26 Performing test ID HRDN-7230 (Check for malware scanner) 2021-01-07 20:42:26 Test: Check if a malware scanner is installed 2021-01-07 20:42:26 Result: no malware scanner found 2021-01-07 20:42:26 Suggestion: Harden the system by installing at least one malware scanner, to perform periodic file system scans [test:HRDN-7230] [details:-] [solution:Install a tool like rkhunter, chkrootkit, OSSEC] 2021-01-07 20:42:26 Hardening: assigned partial number of hardening points (1 of 3). Currently having 181 points (out of 269) 2021-01-07 20:42:26 Result: no malware scanner found 2021-01-07 20:42:26 ==== 2021-01-07 20:42:26 Performing test ID HRDN-7231 (Check for registered non-native binary formats) 2021-01-07 20:42:26 Test: Check for registered non-native binary formats 2021-01-07 20:42:26 Result: no non-native binary formats found 2021-01-07 20:42:26 ==== 2021-01-07 20:42:26 Action: Performing tests from category: Custom tests 2021-01-07 20:42:26 Test: Checking for tests_custom file 2021-01-07 20:42:26 ==== 2021-01-07 20:42:26 Action: Performing plugin tests 2021-01-07 20:42:26 Result: Found 2 plugins of which 2 are enabled 2021-01-07 20:42:26 Result: Plugins phase 2 finished 2021-01-07 20:42:26 Checking permissions of /root/scans/lynis/include/report 2021-01-07 20:42:26 File permissions are OK 2021-01-07 20:42:26 Hardening index : [67] [############# ] 2021-01-07 20:42:26 Hardening strength: System has been hardened, but could use additional hardening 2021-01-07 20:42:26 ==== 2021-01-07 20:42:27 Checking permissions of /root/scans/lynis/include/tool_tips 2021-01-07 20:42:27 File permissions are OK 2021-01-07 20:42:27 Tool tips: enabled 2021-01-07 20:42:27 ================================================================================ 2021-01-07 20:42:27 Tests performed: 272 2021-01-07 20:42:27 Total tests: 455 2021-01-07 20:42:27 Active plugins: 2 2021-01-07 20:42:27 Total plugins: 2 2021-01-07 20:42:27 ================================================================================ 2021-01-07 20:42:27 Lynis 3.0.3 2021-01-07 20:42:27 2007-2021, CISOfy - https://cisofy.com/lynis/ 2021-01-07 20:42:27 Enterprise support available (compliance, plugins, interface and tools) 2021-01-07 20:42:27 Program ended successfully 2021-01-07 20:42:27 ================================================================================ 2021-01-07 20:42:27 PID file removed (/var/run/lynis.pid) 2021-01-07 20:42:27 Temporary files: /tmp/lynis.6BqFwJdsBZ /tmp/lynis.gBx178xQGW /tmp/lynis.wlc0zeD5Yl 2021-01-07 20:42:27 Action: removing temporary file /tmp/lynis.6BqFwJdsBZ 2021-01-07 20:42:27 Info: temporary file /tmp/lynis.gBx178xQGW was already removed 2021-01-07 20:42:27 Info: temporary file /tmp/lynis.wlc0zeD5Yl was already removed 2021-01-07 20:42:27 Lynis ended successfully.