mirrors/linux-bench
1
0
Fork 1
mirror of https://github.com/aquasecurity/linux-bench.git synced 2025-02-23 06:35:33 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge pull request #1 from aquasecurity/improved-yaml-version-1.1.0

Browse source 
Improved yaml - 1.1.0
This commit is contained in:
Liz Rice 2019-02-05 14:33:57 +00:00 committed by GitHub
commit 9e295a64c4
Failed to generate hash of commit
3 changed files with 1587 additions and 1537 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
README.md
View file

@ -1,14 +1,20 @@
[![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0)
Linux-bench is a Go application that checks whether The linux operating system is configured securely by running the checks documented in the CIS Linux Benchmark. Linux-bench is a Go application that checks whether The linux operating system is configured securely by running the checks documented in the CIS Distribution Independent Linux Benchmark.
Tests are configured with YAML files, making this tool easy to update as test specifications evolve. Tests are configured with YAML files, making this tool easy to update as test specifications evolve.
## CIS Linux Benchmark support ## CIS Linux Benchmark support
linux-bench currently supports tests for multiple platforms of Linux (ubntu, rhel and debian). linux-bench currently supports tests for benchmark version 1.1.0 only.
linux-bench will determine the test set to run based on the operating system and the boot loader running on the host machine.
linux-bench will determine the test set to run on the host machine based on the following:
##### Operating system platform - ubuntu/debian/rhel/coreos
##### Boot loader - grub/grub2
##### System logging tool - rsyslog/syslog-ng
##### Lsm - selinux/apparmor
## Installation ## Installation
### Installing from sources ### Installing from sources
@ -28,12 +34,12 @@ go build -o linux-bench .
./linux-bench ./linux-bench
# Run checks for specified linux cis version # Run checks for specified linux cis version
./linux-bench ./linux-bench --version <version>
``` ```
# Tests # Tests
Tests are specified in definition files `cfg/<version>/definitions.yaml. Tests are specified in definition files `cfg/<version>/definitions.yaml.`
Where `<version>` is the version of linux cis for which the test applies. Where `<version>` is the version of linux cis for which the test applies.
# Contributing # Contributing

3104
cfg/1.1.0/definitions.yaml
View file

File diff suppressed because it is too large Load diff

2
root.go
View file

@ -41,7 +41,7 @@ var (
var RootCmd = &cobra.Command{ var RootCmd = &cobra.Command{
Use: "linux-bench", Use: "linux-bench",
Short: "linux-bench is a Go application that checks whether the linux operating system is deployed securely", Short: "linux-bench is a Go application that checks whether the linux operating system is deployed securely",
Long: `This tool runs the CIS Linux Benchmark (https://www.cisecurity.org/benchmark/linux/)`, Long: `This tool runs the CIS Linux Benchmark (https://www.cisecurity.org/cis-benchmarks)`,
Run: app, Run: app,
} }