This cookbook installs Lynis and can also execute the security audit report if instructed.
Lynis is a software component to audit Unix based systems. Lynis Enterprise uses Lynis to gather data from machines. Additionally it has an administration interface, reporting, implementation plans, hardening guidance and more. For more details, refer to - https://cisofy.com/lynis-enterprise/
Depends on cookbooks
- apt
- apt-transport-https
- Tested on ubuntu-16.04 only
- Chef 12.0 or later
None
This would install lynis and execute the audit report
e.g.
Just include Lynis in your node's run_list:
{
"name":"my_node",
"run_list": [
"recipe[Lynis]"
]
}This would install lynis only
e.g.
Just include Lynis::install in your node's run_list:
{
"name":"my_node",
"run_list": [
"recipe[Lynis::install]"
]
}This would execute the security audit report. It would also check if the lynis package is installed. The report is generated by default under /var/log/. The 2 report files are -
- lynis.log
- lynis-report.dat
e.g.
Just include Lynis::audit in your node's run_list:
{
"name":"my_node",
"run_list": [
"recipe[Lynis::audit]"
]
}- Create a branch of the repository on Bitbucket
- Create a named feature branch (like
add_component_x) - Write your change
- Write tests for your change (if applicable)
- Run the tests, ensuring they all pass
- Submit a Pull Request using Bitbucket
Authors: Mrinal Mukherjee