lynis icon indicating copy to clipboard operation
lynis copied to clipboard

Published 20 hours ago verified publisher icon CISOfy

Exceptions found in PKGS-7328

Open mksipe opened this issue 3 years ago • 8 comments

Describe the bug There are a few issues that are prominent with this bug. The first part is that the --non-interactive argument is being used. Because of this, lynis reports that it is searching ports and packages and immediately returns an error. However, the program does not panic.

Version

Info Version
Program version 3.0.4
Operating System Linux
Operating system name Parrot GNU/Linux
Operating system version 4.11
Kernel Version 5.10.0
Hardware platform x86_64

Expected behavior Typically from other tests that are performed in lynis, it will give a report of what is found along the lines of, for example: - Installed malware scanner [ FOUND]

Output

E: Command line option --non-interactive is not understood in combination with the other options

=================================================================

  Exception found!

  Function/test:  [PKGS-7328]
  Message:        No installed packages found with Zypper

  Help improving the Lynis community with your feedback!

  Steps:
  - Ensure you are running the latest version (/usr/sbin/lynis update check)
  - If so, create a GitHub issue at https://github.com/CISOfy/lynis
  - Include relevant parts of the log file or configuration file

  Thanks!

=================================================================

E: Command line option --non-interactive is not understood in combination with the other options
  - Using Zypper to find vulnerable packages                  [ WARNING ]
E: Command line option --non-interactive is not understood in combination with the other options
    - Searching dpkg package manager                          [ FOUND ]
      - Querying package manager
    - Query unpurged packages                                 [ FOUND ]

\    - debsums utility                                         [ FOUND ]
      - Cron job for debsums                                  [ FOUND ]
  - Checking package audit tool                               [ INSTALLED ]
    Found: zypper

=================================================================

  Exception found!

  Function/test:  [PKGS-7410]
  Message:        Could not find any kernel packages via package manager. Maybe using a different kernel package?

  Help improving the Lynis community with your feedback!

  Steps:
  - Ensure you are running the latest version (/usr/sbin/lynis update check)
  - If so, create a GitHub issue at https://github.com/CISOfy/lynis
  - Include relevant parts of the log file or configuration file

  Thanks!

=================================================================

Additional context Additionally to the initial issue, I can verify that the packages were purged and that there are no packages installed via zypper. Along with the kernel packages, there is only one installed so im not sure why this report is being returned.

mksipe avatar May 12 '21 20:05 mksipe

Is in this case 'zypper' the package manager or is it something else?

mboelen avatar May 13 '21 21:05 mboelen

Zypper is a package manager for the system, but it is not the one in use. The primary package manager is the DPKG system and APT. Zypper is not configured and is installed by default with the system.

mksipe avatar May 14 '21 16:05 mksipe

Did you manually install Zypper or did it come preinstalled? If it is not in use, why not remove it?

mboelen avatar May 20 '21 06:05 mboelen

Here is where it gets a bit weird; it did come preinstalled, but it's technically not necessarily installed by the system. Here is what I have found:

The apt and dpkg package manager does not detect an installation of zypper:

sudo apt purge zypper
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Package 'zypper' is not installed, so not removed

dpkg --get-selections| grep -i zypper
<no output>

which zypper
/usr/bin/zypper

sh /usr/bin/zypper
apt 2.2.3 (amd64)
Usage: apt [options] command
...
This APT has Super Cow Powers.

To explain what I put, There is no installation of zypper. However, it may be a residual install from when parrot originally implemented it. This is possibly an issue with the specific OS, not lynis. I apologize if I have taken up your time.

mksipe avatar May 21 '21 07:05 mksipe

Is it by any chance a symlink to apt?

mboelen avatar Jun 07 '21 13:06 mboelen

I apologize for the delayed response. It is not a symlink. I did a fresh install on a different system to check. It is a built-in shell script by the developers of parrot itself.

-rwxr-xr-x 1 root root 705 Aug 14 2020 /usr/bin/zypper

The script is as follows:

#!/bin/bash

function upgrade {
	echo -e "
apt upgrade is unsafe on rolling release distributions.

using apt full-upgrade instead

use apt upgrade --force to override


"
	/usr/bin/apt update
	/usr/bin/apt full-upgrade
}

case $1 in
	upgrade)
		upgrade
		case $2 in --force)
			/usr/bin/apt upgrade;;
		esac
		exit
	;;
	dup|up|u)
		upgrade
		exit
	;;
	refresh)
		/usr/bin/apt update
		exit
	;;
	in)
		/usr/bin/apt install ${@:2}
		exit
	;;
	rm)
		/usr/bin/apt remove ${@:2}
		exit
	;;
	list-updates|lu)
		/usr/bin/apt list --upgradable
		exit
	;;
	se)
		/usr/bin/apt search ${@:2}
		exit
	;;
	po)
		/usr/bin/apt policy ${@:2}
		exit
	;;
	sh)
		/usr/bin/apt show ${@:2}
		exit
	;;
	
esac

/usr/bin/apt $@

mksipe avatar Jun 17 '21 06:06 mksipe

Stale issue message

github-actions[bot] avatar Jul 02 '21 00:07 github-actions[bot]