lynis
lynis copied to clipboard
Kernel module checks fail when module not present
Describe the bug Kernel module checks (e.g. STRG-1846 and NETW-3200) still fail despite the modules not being built / installed.
Version
- Distribution: Any
- Lynis version: 3.0.9
Expected behavior I did not expect to see warnings about firewire, sctp etc. when the kernel has been compiled without these options.
Additional context It might be worth checking an authoritative source if the module is even available on the host before alerting:
-
gzip -d /proc/config.gz -c
-
/boot/config-$(uname -a)
-
/lib/modules/<x>/modules.builtin
-
/lib/modules/<x>/modules.dep