Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[INSE-8000] The inetd service is not detected #1496

Open
ferorge opened this issue May 14, 2024 · 1 comment
Open

[INSE-8000] The inetd service is not detected #1496

ferorge opened this issue May 14, 2024 · 1 comment
Assignees
@mboelen
Labels
needs-confirmation

Comments

@ferorge
Copy link

ferorge commented May 14, 2024

Is your feature request related to a problem? Please describe.
When lynis runs the test [INSE-8000] it does not detect the inetd service that is running.
Consequently tests [INSE-8002], [INSE-8004] and [INSE-8016] are skipped and test [INSE-8006] returns an improvement suggestion.
OS: ubuntu 24.04
lynis:3.1.2

2024-05-14 05:29:07 ====
2024-05-14 05:29:07 Performing test ID INSE-8000 (Installed inetd package)
2024-05-14 05:29:07 Test: Checking if inetd is installed
2024-05-14 05:29:07 Result: inetd is NOT installed
2024-05-14 05:29:07 ====
2024-05-14 05:29:08 Skipped test INSE-8002 (Check for enabled inet daemon)
2024-05-14 05:29:08 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution)
2024-05-14 05:29:08 ====
2024-05-14 05:29:08 Skipped test INSE-8004 (Presence of inetd configuration file)
2024-05-14 05:29:08 Reason to skip: Prerequisites not met (ie missing tool, other type of Linux distribution)
2024-05-14 05:29:08 ====
2024-05-14 05:29:08 Performing test ID INSE-8006 (Check configuration of inetd when disabled)
2024-05-14 05:29:08 Test: check if all services are disabled when inetd is disabled
2024-05-14 05:29:08 Result: found services in inetd, even though inetd is not running
2024-05-14 05:29:08 Suggestion: Although inetd is not running, make sure no services are enabled in /etc/inetd.conf, or remove inetd service [test:INSE-8006] [details:-] [solution:-]
2024-05-14 05:29:08 ====

# systemctl status inetd
● inetutils-inetd.service - GNU Network Utilities internet superserver
     Loaded: loaded (/usr/lib/systemd/system/inetutils-inetd.service; enabled; preset: enabled)
     Active: active (running) since Mon 2024-05-13 05:29:48 -03; 24h ago
       Docs: man:inetutils-inetd(8)
             https://www.gnu.org/software/inetutils/manual/
   Main PID: 10340 (inetutils-inetd)
      Tasks: 1 (limit: 4425)
     Memory: 416.0K (peak: 1.0M)
        CPU: 67ms
     CGroup: /system.slice/inetutils-inetd.service
             └─10340 /usr/sbin/inetutils-inetd --foreground

may 13 05:29:48 tilde systemd[1]: Starting inetutils-inetd.service - GNU Network Utilities internet superserver...
may 13 05:29:48 tilde systemd[1]: Started inetutils-inetd.service - GNU Network Utilities internet superserver.

Describe the solution you'd like
I would like it to detect the inetd service so that it properly executes all the tests.

Thank you so much!
Greetings!
@mboelen
Copy link
Member

mboelen commented May 14, 2024

Hi @ferorge

Thanks for reporting this. Inetd usage is definitely decreasing, so love to learn your reasoning for using it.

Do you have the chance to do some testing?

  • Fork the project, then update line 64 of include/tests_insecure_services: if IsRunning "inetd" || IsRunning "inetutils-inetd"; then
  • If that corrects the detection, then send it in as a pull request.

@mboelen mboelen self-assigned this May 14, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@mboelen mboelen

Labels
needs-confirmation
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mboelen @ferorge