Hi - First it would be fine to update lynis to 1.2.9 for Fedora 11 I use the unofficial rpm linked from the upstream-page There are some false positives > Suggestion: Harden the system by removing unneeded compilers. > This can decrease the chance of customized trojans, backdoors > and rootkits to be compiled and installed [test:HRDN-7220] I think the follwing packages trigger this libgcc-4.4.1-2.fc11.x86_64 perl-devel-5.10.0-82.fc11.x86_64 > Suggestion: Disable drivers like USB storage when not used, > to prevent unauthorized storage or data theft [test:STRG-1840] > Disable drivers like firewire storage when not used, > to prevent unauthorized storage or data theft [test:STRG-1846] Hm, the machine boots with "nosub"-kernel-param it the following modprobe-configuration. Do i something wrong or the tool? [root@arrakis:~]$ cat /etc/modprobe.d/local.conf alias ipv6 off alias net-pf-10 off blacklist ac blacklist acpi_cpufreq blacklist acpiphp blacklist cpufreq_ondemand blacklist dm_mod blacklist ehci_hcd blacklist firewire_core blacklist firewire_ohci blacklist floppy blacklist freq_table blacklist gspca_main blacklist gspca_zc3xx blacklist i2c_core blacklist i2c_piix4 blacklist ohci_hcd blacklist ohci-hcd blacklist parport blacklist parport_pc blacklist pciehp blacklist pcspkr blacklist ppdev blacklist shpchp blacklist snd blacklist snd_hda_codec blacklist snd_hda_codec_realtek blacklist snd_hda_intel blacklist snd_hwdep blacklist snd_mixer_oss blacklist snd_page_alloc blacklist snd_pcm blacklist snd_pcm_oss blacklist snd_pcsp blacklist snd_rawmidi blacklist snd_seq blacklist snd_seq_device blacklist snd_seq_dummy blacklist snd_seq_midi_event blacklist snd_seq_oss blacklist snd_timer blacklist snd_usb_audio blacklist snd_usb_lib blacklist soundcore blacklist uhci blacklist uhci_hcd blacklist usb-ohci blacklist usb_storage blacklist usb-uhci blacklist vmhgfs
lynis-1.2.9-1.fc12 has been submitted as an update for Fedora 12. http://admin.fedoraproject.org/updates/lynis-1.2.9-1.fc12
lynis-1.2.9-1.fc11 has been submitted as an update for Fedora 11. http://admin.fedoraproject.org/updates/lynis-1.2.9-1.fc11
I don't see these as bugs which I can fix, it would be nice if you can report this to upstream. I have updates waiting for latest lynis waiting in bodhi. Thanks,
lynis-1.2.9-1.fc11 has been pushed to the Fedora 11 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update lynis'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F11/FEDORA-2010-1239
lynis-1.2.9-1.fc12 has been pushed to the Fedora 12 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update lynis'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F12/FEDORA-2010-1250
lynis-1.2.9-1.fc12 has been pushed to the Fedora 12 stable repository. If problems still persist, please make note of it in this bug report.
lynis-1.2.9-1.fc11 has been pushed to the Fedora 11 stable repository. If problems still persist, please make note of it in this bug report.