linux-bench/README.md

[![Build Status](https://travis-ci.org/aquasecurity/linux-bench.svg?branch=main)](https://travis-ci.org/aquasecurity/linux-bench)
[![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0)
[![Coverage Status][cov-img]][cov]

[cov-img]: https://codecov.io/github/aquasecurity/linux-bench/branch/main/graph/badge.svg
[cov]: https://codecov.io/github/aquasecurity/linux-bench

Linux-bench is a Go application that checks whether the Linux operating system is configured securely by running the checks documented in the CIS Distribution Independent Linux Benchmark.

Tests are configured with YAML files, making this tool easy to update as test specifications evolve.

## CIS Linux Benchmark support

linux-bench currently supports tests for benchmark version 1.1.0 only.

linux-bench will determine the test set to run on the host machine based on the following:
- **Operating system platform - ubuntu/debian/rhel/coreos**
- **Boot loader - grub/grub2**
- **System logging tool - rsyslog/syslog-ng**
- **Lsm - selinux/apparmor**

## Installation

### Installing from sources

Install [Go](https://golang.org/doc/install), then
clone this repository and run as follows (assuming your [\$GOPATH is set](https://github.com/golang/go/wiki/GOPATH)):


```shell
go get github.com/aquasecurity/linux-bench
cd $GOPATH/src/github.com/aquasecurity/linux-bench
go build -o linux-bench .

# See all supported options
./linux-bench --help

# Run checks
./linux-bench

# Run checks for specified linux cis version
./linux-bench --version <version>
```

# Tests

Tests are specified in definition files `cfg/<version>/definitions.yaml.`

Where `<version>` is the version of linux cis for which the test applies.

# Contributing

We welcome PRs and issue reports.
Change master to be main 2020-12-17 15:56:50 +02:00			`[![Build Status](https://travis-ci.org/aquasecurity/linux-bench.svg?branch=main)](https://travis-ci.org/aquasecurity/linux-bench)`
Initialized basic bench project 2019-01-27 16:12:29 +02:00			`[![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0)`
Update README.md Add Codecov badge 2019-08-06 23:48:11 +03:00			`[![Coverage Status][cov-img]][cov]`

Change master to be main 2020-12-17 15:56:50 +02:00			`[cov-img]: https://codecov.io/github/aquasecurity/linux-bench/branch/main/graph/badge.svg`
Update README.md 2019-08-06 23:51:33 +03:00			`[cov]: https://codecov.io/github/aquasecurity/linux-bench`
Initialized basic bench project 2019-01-27 16:12:29 +02:00
Fix typos in README.md 2019-10-23 11:20:58 +02:00			`Linux-bench is a Go application that checks whether the Linux operating system is configured securely by running the checks documented in the CIS Distribution Independent Linux Benchmark.`
Initialized basic bench project 2019-01-27 16:12:29 +02:00
Fix typos in README.md 2019-10-23 11:20:58 +02:00			`Tests are configured with YAML files, making this tool easy to update as test specifications evolve.`
Initialized basic bench project 2019-01-27 16:12:29 +02:00
			`## CIS Linux Benchmark support`

Uploaded improved yaml file for version 1.1.0 Added information to readme file and to help cli 2019-01-27 16:12:29 +02:00			`linux-bench currently supports tests for benchmark version 1.1.0 only.`

			`linux-bench will determine the test set to run on the host machine based on the following:`
Update README.md - refactor documentation Converted identifying requirements to bullet points rather than plain lines, owing to better comprehensibility. Changed \####\ to - Because it makes sense to bolden the bullet points, rather than declaring them as headers 2019-10-11 01:50:31 +05:30			`- Operating system platform - ubuntu/debian/rhel/coreos`
			`- Boot loader - grub/grub2`
			`- System logging tool - rsyslog/syslog-ng`
			`- Lsm - selinux/apparmor`
Initialized basic bench project 2019-01-27 16:12:29 +02:00
			`## Installation`
Fix typos in README.md 2019-10-23 11:20:58 +02:00
Initialized basic bench project 2019-01-27 16:12:29 +02:00			`### Installing from sources`

Fix typos in README.md 2019-10-23 11:20:58 +02:00			`Install [Go](https://golang.org/doc/install), then`
			`clone this repository and run as follows (assuming your [\$GOPATH is set](https://github.com/golang/go/wiki/GOPATH)):`
Initialized basic bench project 2019-01-27 16:12:29 +02:00

			```shell
			`go get github.com/aquasecurity/linux-bench`
			`cd $GOPATH/src/github.com/aquasecurity/linux-bench`
			`go build -o linux-bench .`

			`# See all supported options`
			`./linux-bench --help`

			`# Run checks`
			`./linux-bench`

			`# Run checks for specified linux cis version`
Uploaded improved yaml file for version 1.1.0 Added information to readme file and to help cli 2019-01-27 16:12:29 +02:00			`./linux-bench --version <version>`
Initialized basic bench project 2019-01-27 16:12:29 +02:00			```

			`# Tests`
Fix typos in README.md 2019-10-23 11:20:58 +02:00
Uploaded improved yaml file for version 1.1.0 Added information to readme file and to help cli 2019-01-27 16:12:29 +02:00			Tests are specified in definition files `cfg/<version>/definitions.yaml.`

Initialized basic bench project 2019-01-27 16:12:29 +02:00			Where `<version>` is the version of linux cis for which the test applies.

			`# Contributing`
Fix typos in README.md 2019-10-23 11:20:58 +02:00
			`We welcome PRs and issue reports.`