Tutorial

The grep command is one of the oldest tools for Linux and other platforms. Actually, it is older than Linux itself. It was written by Ken Thompson more than 45 years ago! The name grep stands for “globally regular expression print”. This name comes from its predecessor ed and the specific mode in which you would globally search, using a regular expression, and print the output. The related command was “g/re/p”. For more history, have a look at the Wikipedia entry. Otherwise, let’s dive into the tool and get to know some practical grep examples for daily usage.

Security of Linux systems and applications can be greatly improved by using hardening measures. One of these measures is called Linux capabilities. Capabilities are supported by the kernel for some while now. Using capabilities we can strengthen applications and containers. Unfortunately, this powerful tool is still underutilized. Time to change that! This article helps to understand and apply them.

What are Linux capabilities?

Normally the root user (or any ID with UID of 0) gets a special treatment when running processes. The kernel and applications are usually programmed to skip the restriction of some activities when seeing this user ID. In other words, this user is allowed to do (almost) anything.

This article explains in a few quick steps how to start with using Lynis. A more extensive explanation can be found in the documentation of Lynis.

Download Lynis

wget http://cisofy.com/files/lynis-**version**.tar.gz

Unpack tarball

tar xfvz lynis-version.tar.gz

This will unpack the tarball with a Lynis directory.

Run Lynis

Go to the newly created directory named lynis.