Lynis stuck during testing


Normal Lynis scans take a few minutes to complete, therefore any test taking more than 1 minute, might be stuck during its test. Within this article we have a look at a few things you can do.


When a particular test is taking a long time, the test might be stuck. However, that’s not always the case. To determine what Lynis is doing, open up a second terminal and start with running ps aux to see what processes are active.

Network utility

If host, dig or any other network utility is displayed, the particular test might be waiting for a reply. Especially if the other host is very slow or not reachable, a timeout could be 30 seconds or more, looking like Lynis is stuck. In this case waiting for a little bit more, or testing the host manually to confirm, is the best next step.


Another possibility is that the filesystem has many files, redirects (symbolic links) or other quirks which results in Lynis getting stuck on a file or directory listing. Most often this is seen when find or grep are visible in the process listing and stay there for some time. An additional hint can be found in the log file (/var/log/lynis.log), by using the tail command and see if it moves on, or keeps listing the same line.

Reporting issues

In case the underlying file, process or network system has been found, it might be a quick fix to solve. If you believe that it’s a returning issue and not limited to your system only, then you are advised to report the issue.


Lynis Enterprise

Lynis Enterprise screenshot to help with system hardening

This blog post is part of our Linux security series and the mission to get Linux and Unix-based systems more secure.

Does system hardening take a lot of time, or do you have any compliance in your company? Have a look at Lynis Enterprise.

Or start today with the open source security scanner Lynis (GitHub)