[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#1108225: RFS: kernel-hardening-checker/0.6.10.1-1 [ITP] -- Tool for checking Linux kernel security hardening options

Hello,

well I have a completely default debian installed kernel so if it fails with 
debian kernels perhaps it needs some more work before being in debian?

You could try with a sid vm in qemu maybe…

In data mercoledì 9 luglio 2025 16:12:55 Ora legale dell’Europa centrale, 
Kirill Rekhov ha scritto:
> Hi, Salvo
> 
> Yes, we added man with upstream author, in version 0.6.10.2-1 you can do:
> $ man kernel-hardening-checker
> 
> > Am I doing something wrong?
> 
> you are doing everything right, this command works for me:
> $ sudo kernel-hardening-checker --mode verbose -a
> [+] Special report mode: verbose
> [+] Going to autodetect and check the security hardening options of the
> running kernel
> [+] Detected version of the running kernel: (6, 1, 0)
> [+] Detected kconfig file of the running kernel: /boot/config-6.1.0-32-amd64
> [+] Detected cmdline parameters of the running kernel: /proc/cmdline [+]
> Saved sysctls to a temporary file /tmp/sysctl-pyrxvnl5
> [+] Detected architecture: X86_64
> [+] Detected compiler: GCC 120200
> [?] No check for kconfig option CONFIG_CC_VERSION_TEXT ("gcc-12 (Debian
> 12.2.0-14) 12.2.0")
> [?] No check for kconfig option CONFIG_GCC_VERSION (120200)
> [?] No check for kconfig option CONFIG_CLANG_VERSION (0)
> [?] No check for kconfig option CONFIG_AS_IS_GNU (y)
> [?] No check for kconfig option CONFIG_AS_VERSION (24000)
> [?] No check for kconfig option CONFIG_LD_IS_BFD (y)
> ...
> 
> but for some reason it doesn't work for you and I don't know why, you can
> refer
> to https://github.com/a13xp0p0v/kernel-hardening-checker/issues
> 
> ---
> Regards, Kirill Rekhov
> 
> GPG Fingerprint:
> 2640 769D FDA1 AAA0 F863  D1AE 5F2C 5905 519C E0A0
> 
> вт, 8 июл. 2025 г. в 20:52, Salvo Tomaselli <tiposchi@tiscali.it>:
> > Hello,
> > 
> > thanks for packaging this.
> > 
> > I was going to upload but when trying it I couldn't really get it to work:
> > 
> > $ kernel-hardening-checker --mode verbose -a
> > [+] Special report mode: verbose
> > [+] Going to autodetect and check the security hardening options of the
> > running kernel
> > [-] ERROR: parsing /proc/version failed: failed to parse the version
> > "6.12.35+deb13-amd64"
> > 
> > Is this normal?
> > 
> > Am I doing something wrong?
> > 
> > Perhaps you want to add some examples of usage in the manpage before we
> > upload
> > it?
> > 
> > --
> > Salvo Tomaselli
> > 
> > "Io non mi sento obbligato a credere che lo stesso Dio che ci ha dotato di
> > senso, ragione ed intelletto intendesse che noi ne facessimo a meno."
> > 
> >                 -- Galileo Galilei
> > 
> > https://ltworf.codeberg.page/


-- 
Salvo Tomaselli

"Io non mi sento obbligato a credere che lo stesso Dio che ci ha dotato di
senso, ragione ed intelletto intendesse che noi ne facessimo a meno."
                -- Galileo Galilei

https://ltworf.codeberg.page/

Attachment: signature.asc
Description: This is a digitally signed message part.

Reply to: