lynis - Security and System auditing tool

Property Value
Distribution openSUSE Leap 15.0
Repository Security all
Package name lynis
Package version 2.7.0
Package release lp150.62.1
Package architecture noarch
Package type rpm
Installed size 1.35 MB
Download size 252.86 KB
Official Mirror
Lynis is a security and system auditing tool. It scans a system on the
most interesting parts useful for audits, like:
- Security enhancements
- Logging and auditing options
- Banner identification
- Software availability


Package Version Architecture Repository
lynis-2.7.0-lp150.63.1.noarch.rpm 2.7.0 noarch Network Utilities
lynis-2.6.1-lp150.1.2.noarch.rpm 2.6.1 noarch openSUSE Oss
lynis - - -


Name Value
/bin/bash -
bash -
coreutils -
cron -
diffutils -
fillup -
findutils -
grep -
logrotate -
netcfg -
wget -


Name Value
config(lynis) = 2.7.0-lp150.62.1
lynis = 2.7.0-lp150.62.1


Type URL
Binary Package lynis-2.7.0-lp150.62.1.noarch.rpm
Source Package lynis-2.7.0-lp150.62.1.src.rpm

Install Howto

  1. Add the Security repository:
    # zypper addrepo security
  2. Install lynis rpm package:
    # zypper install lynis




2018-10-27 -
- update to 2.7.0
* added detection of TOMOYO binary (MACF-6240)
* Status of TOMOYO framework updated (MACF-6242)
* OpenSSH server version detected (SSH-7406)
* Check active OSSEC analysis daemon (TOOL-5160)
* Changed several warning labels on screen
* More generic sulogin for systemd rescue (AUTH-9308)
* OS detection now ignores quotes for getting the OS ID
2018-10-09 - Robert Frohl <>
- update to 2.6.9
* Man page has been updated
* Command 'lynis show options' provides up-to-date list
* Option '--dump-options' is deprecated
* Several options and commands have been extended with more examples
* OS detection now supports openSUSE specific distribution names
* Changed command output when using 'lynis audit system remote'
* added /usr/local/redis/etc path and QNAP support
* ignore exception when no vmlinuz file was discovered
2018-09-20 -
- update to 2.6.8:
* improved parsing of boot parameters to init process
* test all PHP files for expose_php and improved logging
* Docker check now tests also for CMD, ENTRYPOINT, and USER configuration
* Improved display in Docker output for showing which keys are used for signing
- includes changes from 2.6.7:
* Added busybox as a service manager
* Limit PAE and no-execute test to AMD64 hardware only
* Ignore /dev/zero and /dev/[aio] as deleted files
* Changed classification of SSH root login with keys
* Docker scan uses new format for maintainer value
- includes chagnes from 2.6.6:
* Improved log text about running kernel version
* Under some condition no hostid2 value was reported
* Solved 'extra operand' issue with tr command
2018-06-27 -
- update to 2.6.5:
* mail: Exim configuration test
* network: Use FQDN to test status of a nameserver instead of own IP address
* ssh: Improved test to allow configurations with a Match block
- includes changes from 2.6.4:
* auth: Made 'sulogin' more generic for systemd rescue shell
* dns: Initial work on DNSSEC validation testing
* network: Added support for local resolver
* php: Suhosin test disbled
* ssh: Removed 'DELAYED' from OpenSSH Compression setting
* time: Improvements to detect step-tickers file and entries
- includes changes from 2.6.3:
* crypt: Do prevalidation for certificates before testing them
* hardening: Enhanced compiler permission test
* name: Improved test to filter out empty lines
* packages: changes to detect yum-utils package and related tooling
* plugins: cron file permissions
- includes changes from 2.6.2:
* Textual changes for several tests
* Update of tests database
2018-01-26 -
- update to 2.6.1:
* New group 'usb' for tests related to USB devices
* Updated and enhanced tests
* Many bug fixes
* output and UI fixes
2017-06-08 -
- Lynis 2.5.1:
* Improved detection of SSL certificate files
* Minor changes to improve logging and results
* Firewall tests: Determine if CSF is in testing mode
- includes changes from Lynis 2.5.0:
* CVE-2017-8108: symlink attack may have allowed arbitrary file
overwrite or privilege escalation (bsc#1043463)
* Deleted unused tests from database file
* Additional sysctls are tested
* Extended test with Symantec components
* Snort detection
* Snort configuration file

See Also

Package Description
makepasswd-0.5.1-lp150.3.1.x86_64.rpm Password Generator
masscan-20171124-lp150.1.29.x86_64.rpm Asynchronous port scanner
microfw-2.0-lp150.17.1.noarch.rpm Tiny and simple firewall
mnkPasswordKeeper-1.1.1a-lp150.1.1.x86_64.rpm Simple Password Manager
monitoring-plugins-fail2ban- Check fail2ban server and how many IPs are currently banned
ndpmon-2.1.0-lp150.2.1.x86_64.rpm IPv6 Neighbor Discovery Protocol Monitor
nikto-2.1.6-lp150.2.1.noarch.rpm Web server scanner
nitrokey-app-1.3.2-lp150.1.1.x86_64.rpm Nitrokey's Application
nkmkpasswd-0.0.2-lp150.2.1.noarch.rpm Create Passwords with various Levels of Strength
nsjail-2.7-lp150.1.1.x86_64.rpm A light-weight process isolation tool
nwipe-0.22-lp150.1.2.x86_64.rpm Standalone secure disk eraser
oath-toolkit-2.6.2-lp150.21.1.i586.rpm Toolkit for one-time password authentication systems
oath-toolkit-2.6.2-lp150.21.1.x86_64.rpm Toolkit for one-time password authentication systems
oath-toolkit-xml-2.6.2-lp150.21.1.noarch.rpm XML data files needed by liboath
openCryptoki-3.11.0-lp150.135.1.x86_64.rpm An Implementation of PKCS#11 (Cryptoki) v2.11 for IBM Cryptographic Hardware