Lynis 2.1.1

= Lynis 2.1.1 (2015-07-22) =

This release adds a lot of improvements, with focus on performance, and
additional support for common Linux distributions and external utilities.
We recommend to use this latest version.

* Operating system enhancements
Support for systems like CentOS, openSUSE, Slackware is improved.

* Performance
Performance tuning has been applied, to speed up execution of the audit on
systems with many files. This also includes code cleanups.

* Automatic updates
Initial work on an automatic updater has been implemented. This way Lynis
can be scheduled for automatic updating from a trusted source.

* Internal functions
Not all systems have readlink, or the -f option of readlink. The
ShowSymlinkPath function has been extended with a Python based check, which
is often available.

* Software support
Apache module directory /usr/lib64/apache has been added, which is used on

Support for Chef has been added.

Added tests for CSF's lfd utility for integrity monitoring on directories and
files. Related tests are FINT-4334 and FINT-4336.

Added support for Chrony time daemon and timesync daemon. Additionally NTP
sychronization status is checked when it is enabled.

Improved single user mode protection on the rescue.service file.

* Other
Check for user permissions has been extended.
Python binary is now detected, to help with symlink detection.
Several new legal terms have been added, which are used for usage in banners.
In several files old tests have been removed, to further clean up the code.

* Bug fixes
Nginx test showed error when access_log had multiple parameters.
Tests using locate won't be performed if not present.
Fix false positive match on Squid unsafe ports [SQD-3624].
The hardening index is now also inserted into the report if it is not displayed
on screen.

And more!

About Lynis Enterprise

We help companies with auditing and hardening their Unix, Linux and macOS systems.

Our software solution performs in-depth security audits and provides guidance. This way you are quickly underway in getting your systems safe and secure.

With focus on automation, boring hardening documents and benchmarks are no longer needed.