You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the bug
Both tests NETW-3200 and FILE-6430 do no longer detect blacklisted modules
Version
Debian 12.5
Lynis version 3.1.2
Expected behavior
Both tests NETW-3200 and FILE-6430 detect blacklisted modules
Output
* Determine if protocol 'dccp' is really needed on this system [NETW-3200]
https://cisofy.com/lynis/controls/NETW-3200/
* Determine if protocol 'sctp' is really needed on this system [NETW-3200]
https://cisofy.com/lynis/controls/NETW-3200/
* Determine if protocol 'rds' is really needed on this system [NETW-3200]
https://cisofy.com/lynis/controls/NETW-3200/
* Determine if protocol 'tipc' is really needed on this system [NETW-3200]
https://cisofy.com/lynis/controls/NETW-3200/
Additional context
Since commit "9819ac4" the REGEX for detecting the blacklist entries is broken.
DATA=$(${GREPBINARY} "^install \+${P} \+/bin/true$" ${ROOTDIR}etc/modprobe.conf)
and DATA=$(${GREPBINARY} -l -s "^install \+${P} \+/bin/true$" ${ROOTDIR}etc/modprobe.d/*)
respectively, because the "" escapes the "+" and thus the "+" is expected in the output.
That's due to an error in include/consts, GREPBINARY="grep". It should read GREPBINARY="grep -E" because in NETW-3200 and other tests I assume extended regular expressions are used. And the test should be written as:
Describe the bug
Both tests NETW-3200 and FILE-6430 do no longer detect blacklisted modules
Version
Expected behavior
Both tests NETW-3200 and FILE-6430 detect blacklisted modules
Output
Additional context
Since commit "9819ac4" the REGEX for detecting the blacklist entries is broken.
DATA=$(${GREPBINARY} "^install \+${P} \+/bin/true$" ${ROOTDIR}etc/modprobe.conf)
and
DATA=$(${GREPBINARY} -l -s "^install \+${P} \+/bin/true$" ${ROOTDIR}etc/modprobe.d/*)
respectively, because the "" escapes the "+" and thus the "+" is expected in the output.
I fixed this to read
DATA=$(${GREPBINARY} "^install +${P} +/bin/true$" ${ROOTDIR}etc/modprobe.conf)
and
DATA=$(${GREPBINARY} -l -s "^install +${P} +/bin/true$" ${ROOTDIR}etc/modprobe.d/*)
which fulfills the original intention of allowing any number of blanks.
The text was updated successfully, but these errors were encountered: