infothrill.lynis

Panoramica Versioni Approfondimenti

Ansible Role: Lynis

Build status Ansible Role

This is an Ansible role that installs Lynis, a free tool for checking security.

Quick Start Guide

In your requirements.yml:

- src: infothrill.lynis
  version: v4.2.0

To install the role, run:

ansible-galaxy install -r requirements.yml -p ./roles/

Use the role in your playbook like this:

- hosts: servers
  roles:
    - role: infothrill.lynis

Role Variables

Here are some customizable variables:

lynis_version: 3.0.8
lynis_version_sha256sum: 98373a4cc9d0471ab9bebb249e442fcf94b6bf6d4e9c6fc0b22bca1506646c63

This sets the version and sha256sum of Lynis to install. The latest version is on the Lynis download page.

lynis_directory: /opt/lynis

This is the folder where Lynis will be installed.

lynis_log_directory: /var/log/lynis

This is where Lynis will save its logs. By default, it logs to /var/log/lynis.log and /var/log/lynis-report.dat.

lynis_log_group: adm

This defines which Unix group owns the logs.

lynis_config_directory: /etc/lynis

This folder is for scripts and configurations related to cron jobs.

lynis_cron: yes
lynis_cron_month: "*"
lynis_cron_day: "*"
lynis_cron_weekday: "*"
lynis_cron_hour: 3
lynis_cron_minute: 30

This sets up a cron job for Lynis. Reports will be stored in the lynis_log_directory.

lynis_cron_rotate: 14

This defines how many log files to keep (only applies when lynis_cron is set to true).

lynis_cron_initial_run: false

Set this to true to run a cron job immediately after installation or when the version changes.

Dependencies

None.

License

MIT

Author Information

This role was created in 2018 by Paul Kremer and is based on a project by Tom Marshall.

Changes

vxx

  • Added support for Ansible 7 and Python 3.11
  • Removed support for Ansible 5 and Python 3.8

v4.2.0

  • Updated Lynis version to 3.0.8
  • Dropped support for Debian Jessie
  • Added support for Ubuntu 22.04
  • Dropped support for Python before 3.8
  • Dropped support for Ansible before 5
  • Updated linting
  • Switched to Github Actions for CI

v4.1.1

  • Updated Lynis version to 3.0.3
  • Dropped support for Python 3.6
  • Added support for Python 3.7, 3.8, and 3.9
  • Dropped support for Ansible 2.8

v4.1.0

  • Fixed issue #55
  • Updated Lynis version to 3.0.1

v4.0.0

  • Dropped support for Ansible 2.7 and below
  • Added support for Ansible 2.10
  • Upgraded Molecule to 3.x

v3.0.2

  • Updated Lynis version to 3.0.0

v3.0.1

  • Added support for Ubuntu 20.04
  • Updated Lynis version to 2.7.5

v3.0.0

  • Added support for Ansible 2.8 and 2.9
  • Removed support for Ansible 2.4 and Python 2
  • Removed support for Ubuntu 14.04

v2.1.1

  • Used Ansible tempfile module
  • Added ionice to cron job

v2.1.0

  • Log rotation only runs when configured.

v2.0.0

  • Added option to run Lynis on initial install or version change
  • Renamed variable lynis_rotate to lynis_cron_rotate

v1.2.0

  • Expanded cron configuration options
  • Updated Lynis default version to 2.6.8

v1.1

  • Dropped support for outdated Ansible versions 2.2 and 2.3
  • Upgraded Molecule

v1.0

  • Initial release
Informazioni sul progetto

Lynis is a security auditing tool for Unix and Linux systems.

role auditing monitoring security
Installa
ansible-galaxy install infothrill.lynis
GitHub repository
7 stelle
0 fork
8 problemi aperti
Licenza
mit
Download
30k
Proprietario
Paul
I was born in the 20th century and I will die in the 21st century