Provided by: lynis_2.1.1-1_all bug


        Lynis - Run an system and security audit on the system


       lynis --check-all(-c) [other options]


       Lynis  is  a  security  auditing tool for Linux and Unix systems. It checks the system and
       software configurations, to determine any improvements.  All details are logged in  a  log
       file.  Findings  and  other  data  is stored in a report file, which can be used to create
       auditing reports.  Lynis can be run as a cronjob, or from the command line. Lynis  prefers
       root  permissions  (or  sudo),  so  it  can access all parts of the system, however it not
       required (see pentest mode).

       The following system areas may be checked:

              - Boot loader files

              - Configuration files

              - Files part of software packages

              - Directories and files related to logging and auditing


       --auditor <full name>
              Define the name of the auditor/pen-tester. When a full name  is  used,  add  double
              quotes, like "Your Name".

       --checkall (or -c)
              Lynis performs a full check of the system, printing out the results of each test to
              stdout.  Additional  information  will  be  saved  into  a  log  file  (default  is

              In case the outcome of a scan needs to be automated, use the report file.

              Perform automatic scan with cron safe options (no colors, no questions, no breaks).

              Display debug information to screen for troubleshooting purposes.

              Show all available parameters.

       --logfile </path/to/logfile>
              Defines location and name of log file, instead of default /var/log/lynis.log.

              Do not use colors for messages, warnings and sections.

              Redirect  all logging information to /dev/null, prevent sensitive information to be
              written to disk.

              Run a non-privileged scan, usually for penetration testing. Some of the tests  will
              be skipped if they require root permissions.

       --plugin-dir </path/to/plugins>
              Define location where plugins can be found.

       --profile </path/to/profile>
              Provide alternative profile to perform the scan.

       --quick (-Q)
              Do a quick scan (don't wait for user input).

       --quiet (-q)
              Try  to  run  as  silent  as possible, showing only warnings. This option activates
              --quick as well.

       --report-file </path/to/report>
              Provide an alternative name for report file.

              Optimize screen output for light backgrounds.

       --tests TEST-IDs
              Only run the specific test(s). When using multiple tests,  add  quotes  around  the

       --tests-category <category>
              Only  perform tests from particular tests. Use --view-categories to determine valid

              Upload data to Lynis Enterprise server.

              Display all available test categories.

              Multiple parameters are allowed, though some parameters can only be  used  together
              with  others. When running Lynis without any parameters, help will be shown and the
              program will exit.


       Lynis has special helpers to do certain tasks. This way the framework of  Lynis  is  used,
       while  at the same time storing most of the functionality in a separated file. This speeds
       up execution and keeps the code clean.

       audit  Run audit on the system or on other targets

       update Run updater utility

       To use a helper, run Lynis followed by the helper name


       Discovered a bug? Please report them via GitHub:


       Supporting documentation can be found via


       Lynis is licensed as GPL v3, written by Michael Boelen and supported  by  CISOfy.  Plugins
       may have their own license.


       Support  requests  and  project  related  questions  can  be  addressed via e-mail: lynis-