lynis
lynis copied to clipboard
Apache: Configurations with Aliases not detected as vhosts
Describe the bug Lynis didn't find any virtual hosts, but I actually have some
Version
- Distribution: openSUSE Tumbleweed
- Lynis version 3.0.6
Expected behavior virtual hosts are detected
Output
[+] Software: webserver
------------------------------------
- Checking Apache (binary /usr/sbin/httpd) [ FOUND ]
Info: Configuration file found (/etc/apache2/httpd.conf)
Info: No virtual hosts found
The log mentions them however:
2021-08-02 09:03:18 ====
2021-08-02 09:03:18 Performing test ID HTTP-6626 (Testing other Apache configuration file)
2021-08-02 09:03:18 Apache config file: /etc/apache2/conf.d/api-apache.conf
2021-08-02 09:03:18 Test: check if we can access /etc/apache2/conf.d/api-apache.conf (escaped: /etc/apache2/conf.d/api-apache.conf)
2021-08-02 09:03:18 Result: file is owned by our current user ID (0), checking if it is readable
2021-08-02 09:03:18 Result: file /etc/apache2/conf.d/api-apache.conf is readable (or directory accessible).
...
2021-08-02 09:03:19 Test: check if we can access /etc/apache2/vhosts.d/intelmq-api.conf (escaped: /etc/apache2/vhosts.d/intelmq-api.conf)
2021-08-02 09:03:19 Action: checking symlink for file /etc/apache2/vhosts.d/intelmq-api.conf
2021-08-02 09:03:19 Note: Using real readlink binary to determine symlink on /etc/apache2/vhosts.d/intelmq-api.conf
2021-08-02 09:03:19 Result: readlink shows /etc/intelmq/api-apache.conf as output
2021-08-02 09:03:19 Result: symlink found, pointing to file /etc/intelmq/api-apache.conf
2021-08-02 09:03:19 Result: file is not owned by current user ID (0), but UID 458
2021-08-02 09:03:19 Result: file /etc/intelmq/api-apache.conf is readable (or directory accessible).
2021-08-02 09:03:19 Apache config file: /etc/apache2/vhosts.d/manager-apache.conf
2021-08-02 09:03:19 Test: check if we can access /etc/apache2/vhosts.d/manager-apache.conf (escaped: /etc/apache2/vhosts.d/manager-apache.conf)
2021-08-02 09:03:19 Result: file is owned by our current user ID (0), checking if it is readable
2021-08-02 09:03:19 Result: file /etc/apache2/vhosts.d/manager-apache.conf is readable (or directory accessible).
2021-08-02 09:03:19 Result: found 0 virtual hosts
2021-08-02 09:03:19 ====
Additional context
# ls /etc/apache2/vhosts.d/
intelmq-api.conf manager-apache.conf vhost-ssl.template vhost.template
Can you show the actual definitions of the virtual host? Looks like the files are readable, but the entries are not correctly parsed.
Here: https://github.com/certtools/intelmq-api/blob/develop/contrib/api-apache.conf https://github.com/certtools/intelmq-manager/blob/develop/contrib/manager-apache.conf
They are not fixed on domains/ports, but just provide Aliases. Maybe this is the reason that the files are not detected?