action #78230
closedaction #78224: [sle][security][sle15sp3] Integrate the Lynis scanner into OpenQA
[sle][security][sle15sp3] Integrate Lynis into OpenQA - run lynis on Beta1 textmode image, analyse the report , create the Beta1 base line
100%
Description
This poo is a child poo.
Create the first base line on "SLE15SP3 Beta1" "textmode" image.
- run lynis related cmds on "create_hdd_textmode" image of Beta1 version
- analyse the report
- create the base line
- then, compare future runs against this result
NOTE:
- if hit any difficult issue when analyzing the report please contact developer
- the base line need to get the confirmation from developer
Updated by llzhao over 3 years ago
Install:
https://software.opensuse.org/download/package?package=lynis&project=security
For SLE 15 SP2 run the following as root:
zypper addrepo https://download.opensuse.org/repositories/security/SLE_15_SP2/security.repo
zypper refresh
zypper install lynis
Updated by llzhao over 3 years ago
llzhao wrote:
Install:
https://software.opensuse.org/download/package?package=lynis&project=security
For SLE 15 SP2 run the following as root:zypper addrepo https://download.opensuse.org/repositories/security/SLE_15_SP2/security.repo
zypper refresh
zypper install lynis
On "SLE 15 SP2" the lynis can be found in PackageHub.
But on "SLE 15 SP3" the PackageHub is not ready yet, it will be available after Beta1 release.
I tried to install lynis of "SLE 15 SP2" version for "SP3" there is dependence issue during installation and run lynis reports some errors.
Updated by llzhao over 3 years ago
- % Done changed from 0 to 80
phase 1 PR sent out: https://github.com/os-autoinst/os-autoinst-distri-opensuse/pull/11667
Updated by llzhao about 3 years ago
- Status changed from In Progress to Feedback
- % Done changed from 80 to 100
PR merged.
Updated by llzhao about 3 years ago
- Status changed from Feedback to Resolved
The first run of phase 1 in openQA is good: https://openqa.suse.de/tests/5398937