Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

PKGS-7384 Fedora switched to dnf from yum #111

Closed
ghost opened this issue Jan 6, 2016 · 6 comments
Closed

PKGS-7384 Fedora switched to dnf from yum #111

ghost opened this issue Jan 6, 2016 · 6 comments
Assignees
@mboelen
Labels
enhancement

Comments

@ghost
Copy link

ghost commented Jan 6, 2016

PKGS-7384 test check presence of yum-utils package and issue:

/usr/bin/package-cleanup -q --dupes
/usr/bin/package-cleanup --problems

Since Fedora switched to dnf by default since F22, lynis should not put warnings for missing yum-utils packages in instead try to utilize dnf built-in functions:

/usr/bin/dnf repoquery --duplicated
/usr/bin/dnf repoquery --unsatisfied

See: http://dnf.readthedocs.org/en/latest/cli_vs_yum.html

The same way yum-plugin-security is recommended by lynis, but:

/usr/bin/dnf updateinfo list security

is actually the replacement.
@mboelen
Copy link
Member

mboelen commented Jan 6, 2016

Thanks Martin. Do you feel like submitting a patch yourself?

@ghost
Copy link
Author

ghost commented Jan 6, 2016

I do, I was actually thinking about it. I'm working on ansible playbook to turn default minimal Fedora 23+ / RHEL6/7 / CentOS6/7 installations into Lynis / OpenSCAP / NSA compliant one, so I was running lynis to see what's still missing (or wrongly configured / reported). The same for the other issue I've submitted.
I will dive in and see what I can provide. :)

@mboelen
Copy link
Member

mboelen commented Jan 7, 2016

Great, very much appreciated. If you create a patch with the additions, we will perform the related testingm, and get them into the code.

@mboelen mboelen self-assigned this Jan 7, 2016
@mboelen
Copy link
Member

mboelen commented Jan 25, 2016

Created a first patch. @martinstefany can you please update your version and see if detection works correctly for you?

@ghost
Copy link
Author

ghost commented Feb 14, 2016

All good.

# grep -C 1 dnf /var/log/lynis.log 
[22:17:24]   Found known binary: dig (nameservice tool) - /usr/bin/dig
[22:17:24]   Found known binary: dnf (package manager) - /usr/bin/dnf
[22:17:24]   Found known binary: dnsdomainname (DNS domain) - /usr/bin/dnsdomainname
--
[22:17:32] Performing test ID PKGS-7350 (Checking for installed packages with DNF utility)
[22:17:32] Result: found DNF (Dandified YUM) utility (binary: /usr/bin/dnf)
[22:17:32] Found package: CCfits.x86_64 (version: 2.4-15.fc23)
--
[22:17:33] Found package: dmraid-events.x86_64 (version: 1.0.0.rc16-28.fc23)
[22:17:33] Found package: dnf.noarch (version: 1.1.6-2.fc23)
[22:17:33] Found package: dnf-conf.noarch (version: 1.1.6-2.fc23)
[22:17:33] Found package: dnf-plugin-system-upgrade.noarch (version: 0.7.1-1.fc23)
[22:17:33] Found package: dnf-plugins-core.noarch (version: 0.1.16-1.fc23)
[22:17:33] Found package: dnf-yum.noarch (version: 1.1.6-2.fc23)
[22:17:33] Found package: dnsmasq.x86_64 (version: 2.75-3.fc23)
--
[22:17:37] Found package: python-dmidecode.x86_64 (version: 3.12.2-1.fc23)
[22:17:37] Found package: python-dnf-plugins-core.noarch (version: 0.1.16-1.fc23)
[22:17:37] Found package: python-dnf-plugins-extras-common.noarch (version: )
[22:17:37] Found package: 0.0.12-1.fc23 (version: @updates)
[22:17:37] Found package: python-dnf-plugins-extras-migrate.noarch (version: )
[22:17:37] Found package: 0.0.12-1.fc23 (version: @updates)
--
[22:17:38] Found package: python2-configobj.noarch (version: 5.0.6-3.fc23)
[22:17:38] Found package: python2-dnf.noarch (version: 1.1.6-2.fc23)
[22:17:38] Found package: python2-dnf-plugin-system-upgrade.noarch (version: )
[22:17:38] Found package: 0.7.1-1.fc23 (version: @updates)
--
[22:17:38] Found package: python3-dmidecode.x86_64 (version: 3.12.2-1.fc23)
[22:17:38] Found package: python3-dnf.noarch (version: 1.1.6-2.fc23)
[22:17:38] Found package: python3-dnf-plugin-system-upgrade.noarch (version: )
[22:17:38] Found package: 0.7.1-1.fc23 (version: @updates)
[22:17:38] Found package: python3-dnf-plugins-core.noarch (version: 0.1.16-1.fc23)
[22:17:38] Found package: python3-enchant.noarch (version: 1.6.6-2.fc23)
--
[22:17:51] Test: checking for package audit tool
[22:17:51] Result: found package audit tool: dnf
[22:17:51] ===---------------------------------------------------------------===
--
[22:17:53] Output: File:/var/log/cluster/corosync.log:does_not_exist
[22:17:53] Output: File:/var/log/dnf.plugin.log:does_not_exist
[22:17:53] Output: File:/var/log/iscsiuio.log:does_not_exist
--
[22:17:53] Output: File:/var/log/cups/access_log:exists
[22:17:53] Output: File:/var/log/dnf.librepo.log:exists
[22:17:53] Output: File:/var/log/dnf.log:exists
[22:17:53] Output: File:/var/log/dnf.plugin.log:exists
[22:17:53] Output: File:/var/log/dnf.rpm.log:exists
[22:17:53] Output: File:/var/log/hawkey.log:exists

@mboelen
Copy link
Member

mboelen commented Feb 15, 2016

Thanks again for reporting and the confirmation. Closing this issue.

@mboelen mboelen closed this as completed Feb 15, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@mboelen mboelen

Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@mboelen