lynis Enhancement to Determine if dealing with a containerised environment ( LXC )

Enhancement to Determine if dealing with a containerised environment ( LXC )

Open Glowsome opened this issue 2 years ago • 1 comments

Is your feature request related to a problem? Please describe.

While running the default audit system on a LXC containerised (Via ProxMox) RockyLinux 8.6 host the reports shows:

Exception found!

Function/test:  [KRNL-5830:2]
Message:        Can not find any vmlinuz or kernel files in /boot, which is unexpected

Describe the solution you'd like A method to determine if we are dealing with a containerized (LXC) environment.

Required changes Skipping this detection when it encounters a LXC container, therefore avoiding the above exception.

Additional context In quick testing on this particular machine/OS i was able to retrieve the state of the machine via the command systemd-detect-virt Which then returns the string 'lxc'

# systemd-detect-virt
lxc

So i think some logic needs to be added to detect this.

Jun 07 '22 23:06 Glowsome

Further analysis on this theme:

a full VM seems to report

#  systemd-detect-virt
kvm

Tested on ProxMox VM, and a commercially provided VPS from TransIP

the ProxMox VM runs SuSE Linux Enterprise Server 15SP2
the TransIP VPS runs Ubuntu 20.04.4 LTS

Jun 07 '22 23:06 Glowsome

lynis lynis copied to clipboard

Enhancement to Determine if dealing with a containerised environment ( LXC )

lynis
lynis copied to clipboard