Lynis v1.6.2 Released

Lynis v1.6.2 Released

Lynis is an auditing tool which tests and gathers (security) information from Unix based systems. The audience for this tool are security and system auditors, network specialists and system maintainers.

Some of the (future) features and usage options:

  • System and security audit checks
  • File Integrity Assessment
  • System and file forensics
  • Usage of templates/baselines (reporting and monitoring)
  • Extended debugging features

This tool is tested or confirmed to work with at least: AIX, Linux, FreeBSD, OpenBSD, Mac OS X, Solaris. See website for the full list of tested operating systems.



Changelog v1.6.2 (2014-09-22)


  • IsVirtualMachine function to check if system is running in VM.
    VM types: Bochs CPU emulation, IBM z/VM, KVM, Linux Containers, libvirt LXC driver (Linux Containers), Microsoft Virtual PC, OpenVZ, Oracle VM VirtualBox, QEMU, Systemd Namespace container, User-Mode Linux (UML), VMware products, XEN.
  • Detection for SaltStack configuration management tooling
  • ShowSymlinkPath function to check path behind a symlink
  • Check of configuration options of pacman [PKGS-7314]
  • Support for drill binary to check for Lynis update
  • FileIsEmpty function to check for empty files
  • Detect updates for Arch Linux [PKGS-7312]
  • Add detection for machine ID (systemd)
  • Added linux_config_file to report
  • Bash completion script for Lynis
  • Added detection of ss binary


  • Extended system reboot check, to enable it for most Linux versions[KRNL-5830]
  • Improved inetd test to avoid false positive with xinetd process [INSE-8002]
  • Permissions check has been adjusted to allow packaging and pentest mode
  • Added detection for compressed Linux config file [KRNL-5728]
  • Added support for compressed Linux config file [KRNL-5730]
  • Store PID file in home directory of the user, if needed
  • Added usage of ss to gather listening ports [NETW-3012]
  • Additional permission added to CUPS check [PRNT-2307]
  • Extended telnet in inetd test [INSE-8016]
  • Fix for reading at.deny file [SCHD-7720]
  • Removed individual warnings [BOOT-5184]
  • Several improvements for Arch Linux


Changelog v1.6.1 (2014-09-09)


  • Added –pentest parameter to run a non-privileged scans (e.g. for pentesting)
  • Show skipped tests in report if they require root and scan is non-privileged


  • Improved vulnerable packages test on Debian based systems (apt-check) [PKGS-7392]
  • Don’t show warnings for ‘swap’ in 4th column fstab file [FILE-6336]
  • Remove warning for old files in /tmp [FILE-6354]
  • CheckUpdates function will have better output when no connection is available
  • Changes to parameters and functions, to allow penetration tests with Lynis
  • Test for actual files in /etc/modprobe.d before grepping in it
  • Improved chown command when file permissions are incorrect
  • Changed output of update test, show when status is unknown
  • No scanning of symlinked directories (binaries test)
  • Extended SafePerms function to also check for UID
  • Several tests will have root-only bit set now
  • Improved netstat tests on Arch Linux


More Information:

[button size=large style=round color=red align=none url=]Download Lynis v1.6.2[/button]

MaxiSoler @maxisoler