Overview of updates - RHEL version

Latest available version: 19.08.09

Overview of the most recent updates to UNIX Health Check for Red Hat Enterprise Linux:

Version: 19.08.09
  • New check script checkiotop.sh to check if the iotop package has been installed.
  • New check script checkcrashkernel.sh to check for the crashkernel entry in /etc/default/grub.
  • New check script checkcrash.sh to check for any kernel dumps present on the system.
  • New check script checkkdumpctl.sh to check that the kdumpctl status command says that kdump is operational.
  • New check script checketckdumpconfperms.sh to check the permissions, owner and group of /etc/kdump.conf.
  • New check script checkkdump.sh to check that the kdump daemon is both started and enabled at system boot.
Version: 19.08.01
  • Update to check script checkcleansystem.sh to remove checking folder /var/tmp, as that folder is already checked through check script checkvartmp.sh.
Version: 19.07.25
  • New check script checkext2.sh to check for any ext2 file systems on the system.
  • New check script checklostfoundsize.sh to check the size of the lost+found subfolders for XFS file systems.
Version: 19.07.23
  • New check script checkmcelog.sh to check if mcelog reports any machine check exceptions (hardware errors).
  • New check script checksystemctllistjobs.sh to check for any systemd unit jobs still running as listed by the systemctl list-jobs command.
  • New check script checkgrub2cfg.sh to check if the GRUB2 configuration file /boot/grub2/grub.cfg has valid contents.
  • New check script checkaudit.sh to check that the audit daemon is both started and enabled at system boot.
  • New check script checkauditrules.sh to check that rules are indeed defined for the audit system.
  • New check script checkauditperms.sh to check if the permissions of the /etc/audit folder are correctly set.
Version: 19.07.18
  • New check script checkpermitemptypasswords.sh to check if the PermitEmptyPasswords entry in /etc/ssh/sshd_config is either commented out or set to no.
  • New check script checksshpubkeyauthentication.sh to check if the PubkeyAuthentication entry in /etc/ssh/sshd_config is either commented out or set to yes.
  • New check script checksshhostbasedauthentication.sh to check if the HostBasedAuthentication entry in /etc/ssh/sshd_config is either commented out or set to no.
  • New check script checksshignorerhosts.sh to check if the IgnoreRhosts entry in /etc/ssh/sshd_config is either commented out or set to yes.
  • New check script checksshmaxauthtries.sh to check if the MaxAuthTries entry in /etc/ssh/sshd_config is either commented out or set within the range 3 to 6.
  • Update to check script checkctrlaltdel.sh to also include a check for the Systemd target ctrl-alt-del, to ensure it is disabled.
  • Update to check script checkvim.sh to also display the recommended version of Vim to be upgraded to.
Version: 19.07.17
  • New check script checketcsecurettyperms.sh to check the permissions of /etc/securetty.
  • Update to check script checketcmotdperms.sh to also check the permissions of folder /etc/motd.d on a RHEL 8 system.
  • New check script checkcleanetcssh.sh to check for any files in /etc/ssh that can be cleaned up.
  • New check script checksshbanner.sh to check the Banner entry in sshd_config.
  • New check script checkpuppetconf.sh to check the configuration of the Puppet agent.
  • New check script checkpuppetconfperms.sh to check the permissions of /etc/puppet/puppet.conf.
  • New check script checkpuppetenabled.sh to check if the Puppet agent is enabled to start at boot.
  • New check script checkpuppetactive.sh to check if the Puppet agent is running.
Version: 19.07.16
  • New check script checksplunkenabled.sh to check if the Splunk forwarder agent is enabled to start at boot.
  • New check script checksplunkactive.sh to check if the Splunk forwarding agent is active.
  • Update to check script checketchostsnonnumeric.sh to correct an issue with checking the correct IP address format, as awk acts differently on RHEL 6, compared to RHEL 7 and RHEL 8.
  • New check script checkrsyslogforwarding.sh to check if the rsyslog messages are forwarded to a central logging server.
Version: 19.07.15
  • New check script checkvim.sh to check for the correct level of vim in regards to RHSA-2019:1619.
  • New check script checklibssh2.sh to check for the correct level of libssh2 in regards to RHSA-2019:1652.
  • Update to check script checkyumutils.sh to update the command to install the dnf-utils package.
  • Update to check script checkneedsrestarting.sh to allow the check script to work correctly on RHEL 8, now that the -r option for needs-restarting has been removed in RHEL 8.
Version: 19.07.14
  • Update to check script checkcleansystem.sh to avoid checking folders in use for either Docker or Podman container storage.
Version: 19.07.09
  • Update to check script checkrpmv.sh to add the --nomtime option for rpm -Va to reduce the amount of CPU used to verify the RPM file integrity.
  • New check script checkrpmdatabase.sh to check for the integrity of the RPM database.
  • Update to check script checkall.sh to update the message in case a check script takes too long too run.
  • Update to check script checkusershell.sh to avoid messages on a system configured with LDAP authentication.
  • Update to check script checkiddsapub.sh to correctly check for the group of file id_dsa.pub.
  • Update to check script checkfswrite.sh to check if a mount point is a directory before attempting to create a file in it.
  • Update to check script checkfsdirwrite.sh to check if a mount point is a directory before attempting to create a folder in it.
  • Update to check script checkexpireduseraccounts.sh to avoid reporting an error if the password_days attribute is not set in /etc/shadow.
  • Update to check script checketcshadowused.sh to avoid checking entries in place for LDAP authentication.
  • Update to check script checketcnamedconfperms.sh to avoid checking the permissions of /etc/named.conf if it is a link to another file.
  • Update to check script checkcleanetc.sh to find several old copies of configuration files in the /etc folder.
Version: 19.07.05
  • Update to check script checkadapterlink.sh to avoid generating errors when Docker interfaces are used on the system.
Version: 19.06.06
  • New check script checkdevurandom.sh to check if device /dev/urandom exists.
  • New check script checkdevurandom.sh to check if the device /dev/urandom exists.
Version: 19.05.28
  • Update to check script checkmemoryutilization.sh to correctly calculate the memory usage both on RHEL6 and RHEL7 systems.
Version: 19.05.22
  • New check script checkpatrolpukserver.sh to check if there's a process pukserver.xpc active using a large amount of CPU.
  • New check script checkpatrolpukremote.sh to check if there's a process pukremotexec.xpc active using a large amount of CPU.
  • New check script checkpatrollevel.sh to check the level of the BMC Patrol Agent.
  • New check script checkpatrolfilesystem.sh to check if /opt/bmc is set up in a separate file system for BMC's Patrol Agent.
  • New check script checkpatrolagent.sh to check if BMC's PatrolAgent is using a lot of CPU.
Version: 19.05.16
  • New check script checkemcpowerpathunlicensed.sh to check for any unlicensed paths for EMC PowerPath.
  • New check script checkemcpowerpathlicense.sh to check if the powerpath license isn't expired or expring.
  • New check script checkemcpowerpathlevel.sh to check the PowerPath level, if installed.
  • New check script checkemcpowerpathdeadpaths.sh to check if there are any EMC PowerPath dead/degraded/failed paths.
  • New check script checkemcpowermttrespass.sh to check for any EMC PowerPath devices that are trespassed.
  • New check script checkemcpowermtpathsvsadapters.sh to check if at least 4 fibre channel adapter ports are used, if available, for EMC PowerPath.
  • New check script checkemcpowermtpaths.sh to check the number of paths for each fibre adapter, in use for EMC storage.
  • New check script checkemcpowermt.sh to run EMC's PowerPath command powermt, if possible.
  • New check script checkemcpowermtafm.sh to check for the array failover mode through powermt.
  • New check script checkemcinq.sh to run the inq utility of EMC, if present on the system.
Version: 19.05.14
  • Update to check script checkoslevel.sh to update comment for RHEL 8.0.
Version: 19.05.13
  • Completed testing of UNIX Health Check for Red Hat Enterprise Linux 8.0.
  • Update to check script checkbusydisks.sh to only list disks and not device mapper logical volume devices.
  • Update to check script checkyumcron.sh to not have this check script run on RHEL 8.0.
  • Update to the description of check script checksharutils.sh to add information on how to install sharutils on RHEL 8.0.
  • Update to check script checketcnsswitchconfperms.sh to check the correct nsswitch.conf file on RHEL 8.0.
Version: 19.04.17
  • Update to check script checksystemid.sh to avoid generating an error when RPM package bind-utils is not installed on the system.
  • Update to check script checkswapusage.sh to alert if no swap space is defined.
  • Update to check script checkrootpassword.sh to allow it to work correctly if no password has been set for user root at all.
Version: 19.04.04
  • New check script checkpostfixsmtpdbanner.sh to check if a proper smtpd_banner is listed in /etc/postfix/main.cf.
Version: 19.04.03
  • New check script checkvarfilesystem.sh to check if /var is a separate file system.
  • New check script checketcissueperms.sh to check the permissions of /etc/issue.
Version: 19.04.02
  • New check script checketchostsnonnumeric.sh to check for non-numeric entries in /etc/hosts.
Version: 19.03.26
  • Update of the package to allow for an RPM build of UNIX Health Check for Red Hat Enterprise Linux.
Version: 19.03.22
  • Update to check script checkenvironment.sh to allow the EXTENDED_HISTORY entry in /etc/environment.
Version: 19.03.21
  • New check script checkchronyservers.sh to check if the configured servers in /etc/chrony.conf can be used for time synchronization.
  • New check script checkntpservers.sh to check if the configured NTP servers can be used for time synchronization.
  • New check script checkextendedhistory.sh to check if environment variable EXTENDED_HISTORY is set to ON in /etc/environment.
  • New check script checkrsh.sh to check if the rsh RPM is not installed.
  • New check script checkrshserver.sh to check if the rsh-server RPM is not installed.
  • New check script checketclogindefsduplicates.sh to check for any duplicate entries in /etc/login.defs.
Version: 19.03.14
  • Update to check script checkusershell.sh to list users with a non-existing shell underneath each other instead of next to each other.
  • Update to check script checkpamunix.sh to recommend changing to the SHA512 algorithm only once, even if it isn't set in both /etc/pam.d/system-auth and in /etc/pam.d/password-auth.
  • Update to check script checkdefaultusersettings.sh to correct a typo in the SHA512 recommendation setting.
  • Update to check script checkcrontabcommands.sh to allow it to work correctly if a crontab file owned by a user that has a home directory in a file system other than /home.
  • Update to check script checkmachineid.sh to correctly display the machine ID for Red Hat Enterprise Linux version 6 (and below) systems.
Version: 19.03.11
  • New check script checktree.sh to check if the tree RPM package has been installed on the system.
  • Addition of the LICENSE file to the package.
Version: 19.03.07
  • Update to check script checksshdirfiles.sh to also allow stricter permissions for ~root/.ssh/known_hosts.
Version: 19.02.25
  • New check script checkuserchars.sh to check for user accounts that use special characters in the user name.
Version: 19.02.03
  • Update to check script checkpacemakerclusterstatus.sh to avoid writing an empty file called "1", due to an error in acommand redirecting stderr to stdout.
Version: 19.01.29
  • Update to check script checkemptyvg.sh to redirect any errors of LVM commands to /dev/null.
  • Update to check script checklvunavailable.sh to redirect any errors of LVM commands to /dev/null.
Version: 19.01.28
  • New check script checklvmconfbackup.sh to check for the correct backup and archive settings in /etc/lvm/lvm.conf.
Version: 19.01.23
  • New check script checkbusydisks.sh to check for any disks that are more than 20% busy on average and currently.
Version: 19.01.18
  • New check script checkguestagent.sh to check if the Guest Agent and drivers have been installed on a Red Hat Virtulization hosted Virtual Machine.
Version: 19.01.17
  • Update to check script checkvarlogbtmpperms.sh to correctly report the permissions on /var/log/btmp on Red Hat Enterprise Linux version 8.
Version: 19.01.02
  • Copyright update of the UNIX Health Check for Red Hat Enterprise Linux package from 2018 to 2019.
  • Update to check script checkpostfixmyorigin.sh to avoid alerting if myorigin in the Postfix main.cf configuration file is set to part of the domain name.
  • Update to check script checkfswrite.sh to avoid checking CIFS mounted file systems.
  • Update to check script checkfsdirwrite.sh to avoid checking CIFS mounted file systems.
  • Update to check script checketcfstabfilesystems.sh to avoid reporting a file system, which is actually a file system mounted on top of a LVM snapshot.
  • Update to check script checkvarlogbtmpperms.sh to correctly report the permissions on /var/log/btmp on Red Hat Enterprise Linux version 8.
Version: 18.12.30
  • Update to check script checkcleansystem.sh to exclude .cache/imsettings/log.bak files in home directories from being reported.
Version: 18.12.23
  • Update to check script checketcfstabfilesystems.sh to avoid reporting an error when a file system is NFS mounted through autofs.
  • Update to check script checkhomesize.sh to avoid checking the size of the /home file system, if the file system is auto-mounted through NFS.
Version: 18.12.22
  • Update to check script checkntpdate.sh to avoid reporting any errors when chronyd is active instead of ntpd.
  • Update to check script checkntpoptions.sh to avoid reporting any errors when chronyd is active instead of ntpd.
  • Update to check script checkntpslewing.sh to avoid reporting any errors when chronyd is active instead of ntpd.
  • Update to check script checkntpsteptickers.sh to avoid reporting any errors when chronyd is active instead of ntpd.
  • Update to check script checkntpsynchwclock.sh to avoid reporting any errors when chronyd is active instead of ntpd.
  • Update to check script checkfirewallstate.sh to avoid reporting a color coded error, as generated by the firewall-cmd, when the firewalld has an error status.
  • New check script checkhomedirperms.sh to check the permissions, owner and group of the home directory of root.
  • Update to check script checkroothomedir.sh to exit if the home directory of user root does not exist.
Version: 18.12.21
  • Update to check script checkfswrite.sh to avoid alerting on file systems mounted through autofs.
  • New check script checkdebugshell.sh to check if the debug-shell service is active and/or enabled.
  • New check script checkfirewallpermanent.sh to check the current vs the permanent settings of the firewall daemon.
  • New check script checkfirewallzone.sh to display the default zone used bye the firewall daemon.
  • New check script checkfirewallstate.sh to check the current state of the firewall daemon.
  • New check script checksystemctlgetdefault.sh to display the default target configured on the system.
Version: 18.12.17
  • New check script checklsof.sh to check if the lsof tool has been installed on the system.
  • New check script checksubscriptionmanagerinstalled.sh to check if the subscription-manager tools are installed.
  • Removed check script checkkernel.sh, as it is a duplicate of check script checkkernelrelease.sh.
  • New check script checkrsync.sh to check if the rsync tool has been installed on the system.
Version: 18.12.16
  • Update to check script checksubscriptionmanager.sh to add additional text to explain the status of the subscription.
Version: 18.12.14
  • New check script checkdevconsole.sh to check if /dev/console exists and is not a regular file, and has the correct permissions.
  • New check script checkdfhang.sh to check for any hanging df commands.
  • New check script checkpoodle.sh to check if this system is vulnerable for the known Poodle vulnerability in SSLv3.
Version: 18.12.13
  • New check script checkfirewallenabledentries.sh to display the enabled and added entries in the firewall, if the firewalld daemon is running.
  • New check script checkfirewalld.sh to display the the current status of the firewalld daemon.
  • New check script checkyumrepolist.sh to display the enabled repositories on the system.
  • Update to check script checkfswrite.sh to exclude any Docker overlay file systems from checking.
  • Update to check script checketcfstabfilesystems.sh to exclude any Docker overlay file systems from checking.
  • Update to check script checkpvunallocatable.sh to include information on how to add a LVM2 type disk to a volume group.
Version: 18.12.12
  • New check script checkuid.sh to check if all UIDs are not negative and not greater than 2147483646, in response to CVE-2018-19788.
Version: 18.12.11
  • Update to check script checkhighcpu.sh to ensure an error is reported if processes with high CPU usage are detected.
Version: 18.12.10
  • New check script checknfsnodename.sh to check if the nodename for any NFS file system can be pinged.
  • New check script checknfsconfig.sh to display the NFS configuration (exported and mounted NFS file systems)
  • New check script checkemptyvg.sh to check if a volume group is empty.
  • New check script checkpsmisc.sh to check if the psmisc RPM package is installed.
  • New check script checkhighcpu.sh to check if there are any processes using more than 20% of CPU.
  • Update to check script checkpostfix.sh to alert if Postfix is not installed on the system.
  • New check script checktar.sh to check if the tar RPM package is installed.
Version: 18.12.07
  • Update to check script checkoslevel.sh to add an additional check for Red Hat Enterprise Linux version 8.
  • Update to check script checkchronyd.sh to allow it to work with pools of NTP servers as well instead of NTP servers only in /etc/chronyd.conf.
  • Update to check script checkvirshnodeinfo.sh to redirect any errors of the virsh command to /dev/null to avoid reporting any errors.
  • Update to check script checkvirshlist.sh to redirect any errors of the virsh command to /dev/null to avoid reporting any errors.
  • Update to check script checkcrondenyperms.sh to ensure it works on CentOS, Scientific Linux and Oracle Linux.
  • Update to check script checklastlogperms.sh to ensure it works on CentOS, Scientific Linux and Oracle Linux.
  • Update to check script checkvarlogbtmpperms.sh to ensure it works on CentOS, Scientific Linux and Oracle Linux.
  • Update to check script checkyumconfperms.sh to ensure it works on CentOS, Scientific Linux and Oracle Linux.
Version: 18.12.06
  • Update to check script checkcrondenyperms.sh to take into consideration the permissions differences on RHEL 8.0 for /etc/cron.deny.
  • Update to check script checkfsdirwrite.sh to exclude file system mount type bpf from checking.
  • Update to check script checkl11tf.sh to avoid running the check script on RHEL 8.0, as the script was not designed for this version.
  • Update to check script checklastlogperms.sh to take into consideration the permissions and group ownership differences on RHEL 8.0.
  • Update to check script checklocalhost.sh to allow it to work on systems using IPv6.
  • Update to check script checkrhsmcertd.sh to ensure it will run without generating errors on RHEL 8.0.
  • Update to check script checksudoprivilegeescalation.sh to avoid running it on RHEL 8 as the script does not support that version.
  • Update to check script checksyslogconfvsrsyslogconf.sh to avoid alerting on first run of rsyslog.
  • Update to check script checksyslogdactive.sh to ensure it will run without generating errors on RHEL 8.0.
  • Update to check script checksyslogdremote.sh to ensure it will run without generating errors on RHEL 8.0.
  • Update to check script checkusrsbinsestatusperms.sh to avoid alerting on the size of /sbin/sestatus on RHEL 8.0.
  • Update to check script checkvarlogbtmpperms.sh to check for the correct file permissions on RHEL 8.0, which are different compared to earlier versions.
  • Update to check script checkyumconfperms.sh to check for file /etc/dnf/dnf.conf instead of /etc/yum.conf on RHEL 8.0.
  • Update to check script checkyumcron.sh to allow the script to determine the correct operating system level on RHEL 8.0.
Version: 18.12.05
  • New check script checkdnsdomain.sh to determine the domain name of the system through DNS.
  • New check script checkdevrandom.sh to check if devices /dev/random and /dev/urandom exist.
  • New check script checkfsperms.sh to display the file system permissions.
  • New check script checkfsdirwrite.sh to check if a directory can be created within each file system.
  • New check script checkfsmountpoint.sh to check if the mount point for each file system exists.
Version: 18.12.04
  • New check script checknobody.sh to check if user and group nobody exists.
  • New check script checknameservers.sh to display the contents of /etc/resolv.conf.
  • New check script checkmntperms.sh to check if the permissions of the /mnt folder are correctly set.
  • New check script checkrootfolders.sh to check if important folders in the root directory are located in the root file system.
  • Update to check script checklvs.sh to add the -v option which also displays the LV UUID.
  • Update to check script checkpvs.sh to add the -v option which also displays the PV UUID.
  • Update to check script checkvgs.sh to add the -v option which also displays the VG UUID.
  • New check script checkkernel to display the kernel version in use on the system.
  • Support has been added for Red Hat Enterprise Linux 7.6, Scientific Linux 7.6, Oracle Linux 7.6 and Centos 7.6.1810.
  • Update to check script checkoslevel.sh to recommend level 7.6 for Scientific Linux, and level 7.6.1810 for CentOS.
  • Update to check script checksyslogconfvsrsyslogconf.sh to avoid any errors reported by xargs, by redirecting errors of xargs to /dev/null.
Version: 18.12.03
  • New check script checkchangedfilesinetc.sh to check for any changed files in /etc within the last 24 hours.
  • New check script checknetworkadapters.sh to list all the network adapters on the system.
  • New check script checkadapterlink.sh to check if the network adapters that are in use for active network interfaces, and which are not configured in a bond, have an established link.
  • New check script checkmotd.sh to check the contents of /etc/motd.
  • New check script checknroffilesinfilesystems.sh to check for a large number of files in file systems.
  • Update to check script checkpvs.sh to redirect any errors of the pvs command to /dev/null.
  • Update to check script checkpvunallocatable.sh to redirect any errors of the pvs command to /dev/null.
  • Update to check script checkpathfolders.sh to exclude folder /root/bin from checking, as that folder usually does not exist and is already within the protected root directory.
Version: 18.12.02
  • New check script checkpatroluser.sh to check if the BMC Patrol Agent user patagt exists.
  • New check script checkpathfolders.sh to check if all the folders in the $PATH variable exist on the server.
  • New check script checkoradiag.sh to check if there are any oradiag_username folders in home directories of users.
  • New check script checkoratabpaths.sh to check for the existence of paths mentioned in /etc/oratab.
  • New check script checkauthorizedkeysentriesoracle.sh to check for any invalid entries in the authorized keys files for user oracle.
  • New check script checkauthorizedkeysentries.sh to check for any invalid entries in the authorized keys files for user root.
  • New check script checkauthorizedkeysdups.sh to check for duplicate entries or empty lines in the authorized_keys file for user root.
  • New check script checkauthorizedkeysdupsoracle.sh to check for duplicate entries or empty lines in the authorized_keys file for user oracle.
  • New check script checkoratab.sh to display the contents of /etc/oratab, if it exists.
Version: 18.12.01
  • New check script checkostype.sh to check the OS type (AIX, Linux, HP-UX, etcetera).
Version: 18.11.30
  • New check script checkpwd.sh to check if there is a large number of pwd processes running.
  • New check script checkrhosts.sh to display the contents of the ~root/.rhosts file.
  • New check script checkrootrhosts.sh to check the permissions of the rhosts file of root.
  • New check script checkpathperiod.sh to check if there's a period in the $PATH variable.
  • New check script checkrootprofile.sh to check the .profile of user root.
Version: 18.11.29
  • New check script checkroothomesize.sh to check if the home directory of user root is at least 1 GB.
  • New check script checkregularfilesinhome.sh to show if there are any regular files in /home.
  • New check script checksbinperms.sh to check if the permissions, owner, group and link target of the /sbin folder are correctly set.
  • New check script checklvunavailable.sh to check if any logical volumes are unavailable.
  • New check script checkpvunallocatable.sh to check if any physical volumes are un-allocatable.
  • Update to check script checkpacemakerclusterstatus.sh to improve the reporting of any stopped resources.
Version: 18.11.28
  • Update to check script checkusersloggedonlongtime.sh to avoid reporting on user unknown, which is the result of a known GDM bug, which makes the who command report an unkown user account.
Version: 18.11.27
  • New check script checkshadowfile.sh to check if there's a passwd shadow file /etc/shadow.
  • New check script checkscript.sh to check if there are any script processes active without a parent process.
  • New check script checksimpanaactive.sh to check if the simpana client is active.
  • New check script checksimpanalevel.sh to show the level of the CommVault Simpana client.
  • New check script checksimpanastatus.sh to show the status of the CommVault Simpana client.
  • New check script checksudoersusers.sh to check if all users, that are referenced in /etc/sudoers, indeed exist in /etc/passwd. This check script will also very if all referenced groups are known in /etc/group.
  • New check script checkstricthostkeychecking.sh to check if StrictHostKeyChecking isn't disabled in /etc/ssh/ssh_config.
Version: 18.11.26
  • New check script checksudopermissions.sh to check if the owner and permissions of sudo are correctly set.
  • New check script checksudolog.sh to check if the log file is set in /etc/sudoers.
  • New check script checksudovisudopermissions.sh to check if the owner and permissions of visudo are correctly set.
  • New check script checksystemid.sh to check if a one-line system ID can be determined.
  • New check script checksysteminstall.sh to check when the system was installed.
Version: 18.11.25
  • New check script checktsmdsmfiles.sh to check if dsm.opt or dsm.sys files are present when no TSM / IBM Spectrum Protect software is installed.
  • New check script checkyumcorruptdb.sh to check if the yum database is corrupt.
  • Update to check script checktsmlevel.sh to redirect any errors of the rpm command to /dev/null.
  • New check script checktsmtdpoconf.sh to run tdpoconf showenv, to show the TSM / IBM Spectrum Protect TDP for Oracle configuration, if installed.
  • New check script checktsmtdpoerrorlog.sh to check the size of tdpoerror.log, if Tivoli Data Protection for Oracle is used.
  • New check script checkvnbbackup.sh to check the backup by Veritas NetBackup.
  • New check script checkvnbexclude.sh to check the exclude list for Veritas NetBackup.
  • New check script checkvnblogging.sh to check if client logging is enabled for Veritas NetBackup.
  • New check script checkvnbserver.sh to check the server name in use for Veritas NetBackup.
  • New check script checkvnbversion.sh to check the version of Veritas NetBackup, if installed.
  • New check script checkenvironment.sh to check the contents of /etc/environment.
Version: 18.11.23
  • Update to check script checkyumcron.sh to indicate how to enable the optional repository for Oracle Linux 7.
  • Update to check script checksharutils.sh to indicate how to enable the optional repository for Oracle Linux 7.
  • Update to check script checkcleansystems.sh to exclude file /etc/nsswitch.conf.bak from being reported by the script.
  • Update to check script checkhostnamevsdns.sh to check if a fully qualified domain name can be determined through DNS.
  • Update to check script checkrunlevel.sh to avoid running on Scientific Linux as it does not display any runlevel.
Version: 18.11.22
  • Update to check script checkspectremeltdown.sh to update the script to version 3.1 of the the Spectre Meltdown diagnosis script.
  • Update to check script checkrunlevel.sh to correct a typo.
  • Update to check script checkcleansystem.sh to avoid reporting duplicate items.
  • Update to check script checkall.sh to improve the HTML output of the report - better consistency of the fonts used; better readability on mobile devices, and better scaling within Microsoft Outlook.
Version: 18.11.21
  • Update to check script checkenv.sh to exclude the output of the LS_COLORS variable, to avoid messing up the HTML output because of this lenghty variable.
Version: 18.11.20
  • Update to check script checkleapvulnerability.sh to avoid writing a file when testing for the correct year.
Version: 18.11.20
  • Update to check script checkhistcontrol.sh to include a check to determine if the script is run within a terminal session or not.
  • Update to check script checkhistsize.sh to include a check to determine if the script is run within a terminal session or not.
  • Update to check script checkhisttimeformat.sh to include a check to determine if the script is run within a terminal session or not.
  • Update to check script checkcoredumps.sh to redirect errors of the df command to /dev/null.
  • Update to check script checkall.sh to redirect errors of the df command to /dev/null.
  • Update to check script checkdf.sh to redirect errors of the df command to /dev/null.
  • Update to check script checkdfsummary.sh to redirect errors of the df command to /dev/null.
  • Update to check script checkfilesystemnumber.sh to redirect errors of the df command to /dev/null.
  • Update to check script checkfreespaceinfs.sh to redirect errors of the df command to /dev/null.
  • Update to check script checkfsdeviceandmountpoint.sh to redirect errors of the df command to /dev/null.
  • Update to check script checkhomesize.sh to redirect errors of the df command to /dev/null.
  • Update to check script checkinodeusage.sh to redirect errors of the df command to /dev/null.
  • Update to check script checkroothomedir.sh to redirect errors of the df command to /dev/null.
  • Update to check script checktmpmounts.sh to redirect errors of the df command to /dev/null.
  • Update to check script checkrootsize.sh to redirect errors of the df command to /dev/null.
  • Update to check script checktmpsize.sh to redirect errors of the df command to /dev/null.
  • Update to check script checktmpusage.sh to redirect errors of the df command to /dev/null.
  • Update to check script checkvarsize.sh to redirect errors of the df command to /dev/null.
  • Update to check script checketcfstabfilesystems.sh to redirect errors of the df command to /dev/null.
  • New check script checkdftransportendpoint to check for a transport endpoint message in the output of df.
Version: 18.11.19
  • Update to check script checkall.sh to ensure the IP address of the system is correctly discovered on Oracle Linux 7.6.
  • Update to check script checkinterface.sh to ensure the IP address of the system is correctly discovered on Oracle Linux 7.6.
  • Update to check script checkoslevel.sh to recommend version 6.10 for RHEL 6.
  • Update to check script checksestatus.sh to avoid printing an empty line when the sestatus command fails.
  • Update to checkoslevel.sh to recommend Red Hat Enterprise Linux 7.6 and Oracle Linux 7.6.
  • New check script checkmemoryminsize.sh to check the minimum amount of memory required for the operating system.
Version: 18.11.17
  • Update to the description of check script checkrpmv.sh to provide additional information on how to determine which package to reinstall, if a certain file has been identified with an issue.
  • Update to check script checkswapusagevsmemory.sh to check if the bc command is available before continuing.
  • New check script checklvm2.sh to check if RPM package lvm2 has been installed on the system.
  • Update to check script checkall.sh to define additional path variables in case the checkall.sh script is run from cron - in which case a different PATH variable may be defined.
  • Update to check script checkhostname.sh to correct a check that matches the contents of /etc/sysconfig/network with the hostname setting.
  • Update to check script checkssb.sh to update the script to version 1.3 of the diagnose script for the Speculative Store Bypass vulnerability.
Version: 18.11.16
  • Update to check script checkall.sh to include the kernel version in the system configuration section.
  • Update to check script checklsscsi.sh to allow it to work on RHEL 6.9.
  • Update to check script checkumask.sh to allow it to work on RHEL 6.9.
  • Update to check script checksystemjournalpermanent.sh to avoid running the script on RHEL 6 and earlier verions.
  • Update to check script checkntpd.sh to provide the correct command to enable ntpd depending on the RHEL version used.
  • Update to check script checkntpdatentppool.sh to account for the sed command to be in a different folder on RHEL 6.
  • Update to check script checkhostname.sh to redirect any errors from the hostname --fqd command to /dev/null, so it won't generate an error when running on RHEL version 6 and earlier.
  • Update to the description of check script checksshsyslogfacility.sh to indicate the commands used to restart sshd and rsyslog on RHEL 7.
  • Update to check script checketchosts.sh to allow a greater number of locally defined entries in /etc/hosts.
  • Update to the description of check script checksystemctldegrades.sh on how to handle failed services that can no longer be found on the system.
  • Update to check script checksubscriptionmanager.sh to check for a true Red Hat system first, before continuing.
  • Update to check script checksubscriptionmanageridentity.sh to check for a true Red Hat system first, before continuing.
Version: 18.11.15
  • Update to check script checksnmputils.sh to remove the -y option for the yum command as suggested command to run.
  • Update to check script checklogrotatedfiles.sh to avoid alerting on log files which are actually directories.
  • Update to check script checkchronyvsntp.sh to recommend starting and enabling chronyd.
  • Update to check script checkntpd.sh to ignore all errors and warnings if chronyd is installed and active.
  • Update to check script checkntpstat.sh to ignore all errors and warnings if chronyd is installed and active.
  • Update to check script checkhostnamevsdns.sh to correct a variable which will result in the script properly identify a difference between the local FQDN versus the name registered in DNS.
Version: 18.11.01
  • New check script checkbondlink.sh to check if all links are up on the configured bonded network interfaces.
  • New check script checkbond.sh to list the bonded network interfaces on this system.
Version: 18.10.29
  • New check script checkthreadsperuser.sh to alert if a user is using a high number of processes and/or threads on the system, and is close to the soft nproc limit.
  • Update to the description of check script checkthreads.sh to indicate how to see the number of threads on the system, and how to increase the soft limit for the number of processes on the system.
Version: 18.10.24
  • Update of the demo version to include the first 100 check scripts of the full version.
Version: 18.10.21
  • Update to the description of check script checkwirelesstools.sh to indicate that the EPEL repository needs to be enabled first before it is possible to install the RPM package wireless-tools on a Red Hat Enterprise Linux system.
Version: 18.10.19
  • Update to check script checkchronydsystemclockoffset.sh to avoid alerting on negative clock offsets.
  • Update to check script checkall.sh to improve determining the fully qualified domain name of the system.
  • Update to check script checksendmailsmtpconnection.sh to prefer the domain entry over the search entry in /etc/resolv.conf for determining the fully qualified domain name.
  • Update to check script checkpostfixsmtpconnection.sh to prefer the domain entry over the search entry in /etc/resolv.conf for determining the fully qualified domain name.
  • Update to check script checkhostnamevsdns.sh to prefer the domain entry over the search entry in /etc/resolv.conf for determining the fully qualified domain name.
  • Update to check script checkresolvconf.sh to prefer the domain entry over the search entry in /etc/resolv.conf for determining the fully qualified domain name.
  • Update to check script checkhostname.sh to prefer the domain entry over the search entry in /etc/resolv.conf for determining the fully qualified domain name.
  • New check script checkswapusagevsmemory.sh to check the swap space usage versus the memory assigned to the system.
  • Update to the description of check script checkyumcron.sh to indicate that the optional RPMs repository may need to be enabled on RHEL systems, before the yum-cron package can be installed.
  • Update to the description of check script checksharutils.sh to indicate that the optional RPMs repository may need to be enabled on RHEL systems, before the sharutils package can be installed.
  • Update to check script checklsusb.sh to avoid alerting if the USB module is not loaded.
Version: 18.10.18
  • New check script checkmemoryutilization.sh to display the current memory utilization of the system, and to warn or alert if the memory is too high or is critical.
  • New check script checktop20memoryprocs.sh to list the top 20 memory using processes.
  • New check script checkwirelesstools.sh to verify if the wireless-tools RPM pacakage is installed, if the system is equipped with wireless devices.
  • New check script checkiwconfig.sh to display the output of the iwconfig command, if wireless devices are installed on the system.
  • New check script checkcleansystem.sh to check if there are any files on the system that can be removed.
  • New check script checkyumcron.sh to check if the yum-cron RPM package is installed and the yum-cron service is enabled.
  • New check script checktmpmount.sh to check if /tmp is in either an actual file system of tmpfs file system.
Version: 18.10.14
  • New check script checklshw.sh to check if the lshw RPM package is installed on the system, and if so, to display the output of lshw -short.
  • New check script checklsscsi.sh to check if the lsscsi RPM package is installed on the system, and if so, to display the output of lsscsi --long --size.
  • New check script checklsusb.sh to check if the usbutils RPM package is installed on the system, and if so, to display the output of lsusb.
Version: 18.10.10
  • Update to check script checksestatu.sh to allow both the enforcing and permissive status of SELinux.
  • New check script checkchronydsystemclockoffset.sh to check the system clock offset reported by the Chrony time service.
  • Renamed check script checktelnet.sh to checktelnetserver, as the script is responsible for checking the telnet server.
  • New check script checktelnet.sh to determine if the telnet tool is installed on the system.
  • New check script checktraceroute.sh to determine if the traceroute RPM package is installed on the system.
  • Update to check script checkpostfixsmtp.sh to allow it work if an IP address was entered in the Postfix main.cf file instead of a hostname.
  • Update to checks cript checksystemjournalpermanent.sh to recommend the correct system group setting for the /var/log/journal directory.
Version: 18.10.04
  • Update to check script checkifconfig.sh to retrieve network information using the ip command instead of ifconfig, if ifconfig is not installed.
  • Update to check script checkoslevel.sh to test if a newer OS level is installed before reporting an issue.
  • Update to check script checkpostfixsmtp.sh to test if the nslookup command is available before checking the DNS entry.
  • Completed testing of UNIX Health Check for Red Hat Enterprise Linux on Red Hat 7.6 beta 1.
  • Update to check script checksendmailsmtp.sh to avoid checking for a DNS entry for the SMTP server, if brackets are used in the DS entry in /etc/sendmail.cf, as using brackets in the DS entry results in sendmail not doing any DNS verification of the SMTP server.
Version: 18.10.03
  • Update to check script checkl1tf.sh to update the script to version 1.3, as released by Red Hat. This check script checks for the L1 Terminal Fault vulnerability.
Version: 18.09.18
  • Update to the description of check script checkopenvmtools.sh to include information available from Red Hat on the open-vm-tools package for VMWare systems.
Version: 18.09.04
  • New check script checkl1tf.sh to check for the L1 Terminal Fault vulnerability.
Version: 18.08.22
  • Update to check script checkall.sh to include the -t check script time-out option.
  • New check script checkdellidracservicemodule.sh to check if the Dell iDRAC Service Module has been installed, enabled and started on Dell PowerEdge systems.
  • New check script checkdelldsufirmware.sh to check if DSU indicates that there are firmware updates available for Dell PowerEdge systems.
  • New check script checkdelldsu.sh to check if DSU (Dell System Update) has been installed on Dell PowerEdge systems.
  • New check script checkomreportchassis.sh to check the chassis component status of Dell PowerEdge systems through OpenManage System Administrator, if installed.
  • New check script checkrpmv.sh to check RPM package consistency.
  • Update to check script checkall.sh to avoid reporting an error on incomplete RPM pacakges installed, if some of the files are expected to be modified.
  • Update to check script checkdellomsa.sh to indicate the commands needed to install Dell OpenManage System Administrator, if not installed on Dell PowerEdge systems.
Version: 18.08.16
  • Update to check script checkall.sh to include the type of virtualization in the configuration section.
  • Update to check script checkvm.sh to include the type of virtualization in the output.
Version: 18.08.14
  • Update to check script checkbindutils.sh to include the command to install the bind-utils RPM package.
Version: 18.08.08
  • Update to check script checkomreportvdisk.sh to include the full name of the omreport command, in case it can't be found within the PATH variable.
  • Update to check script checkomreportpdisk.sh to include the full name of the omreport command, in case it can't be found within the PATH variable.
  • Update to check script checkdellomsa.sh to include a better description of the Dell OpenManage System Administrator in the output.
  • Update to check script checkomreportpdisk.sh to include a listing of the virtual disks known for each controller.
Version: 18.07.30
  • Update to check script checksestatus.sh to correctly indicate if SELinux is in either disabled, permissive or enforcing mode and how to resolve any issues found.
  • New check script checkusrsbinsestatusperms.sh to check the owner, group, permissions and file size of /usr/sbin/sestatus.
  • New check script checketcselinuxconfigperms.sh to check the owner, group and permissions of file /etc/selinux/config.
  • New check script checketcselinuxconfig.sh to display the contents of file /etc/selinux/config, the configuration file for SELinux (Security Enhanced Linux).
Version: 18.07.24
  • Update to check script checkpostfix.sh to provide the command needed to enable Postfix at system boot time.
  • New check script checkrootforward.sh to check if email of user root is forwarded.
Version: 18.07.13
  • Update to check script checkall.sh to allow check scripts to run for 180 seconds instead of 120 seconds.
  • New check script checkabrtdactive.sh to check if the abrtd daemon is running and enabled at boot time if abrt is installed.
  • New check script checkabrtinstalled.sh to check if the abrt RPM package for the Automatic Bug Reporting Tool is installed on the system.
  • Update to check script checksambaactive.sh to check if both the smb and nmb daemons are enabled at system boot time.
  • Update to check script checkklogdactive.sh to check if klogd is enabled at system boot time on RHEL versions 4 and 5.
  • New check script checkabrtconfperms.sh to check the permissions of /etc/abrt/abrt.conf.
Version: 18.07.06
  • New check script checksssdconf.sh to display the contents of file /etc/sssd/sssd.conf.
  • New check script checksssdconfperms.sh to check the permissions, owner and group of /etc/sssd/sssd.conf.
Version: 18.07.03
  • Update to check script checkifconfig.sh to avoid reporting warning messages no the use of the grep command in some configurations.
  • Update to check script checkifconfig.sh to account for possible double quotation marks in /etc/sysconfig/ifcfg-interface files.
Version: 18.06.11
  • New check script checkrhsmconfperms.sh to check the owner, group and permissions of /etc/rhsm/rhsm.conf.
Version: 18.05.30
  • Update to check script checkpacemakerclusterstatus.sh to also display the Pacemaker cluster configuration.
Version: 18.05.29
  • New check script checksnmpd.sh to check if snmpd is running, and enabled at boot.
Version: 18.05.28
  • New check script checksnmpdconfperms.sh to check if the permissions, owner and group of /etc/snmp/snmpd.conf are correctly set and alert if the file is missing or empty.
  • New check script checksnmputils.sh to check if RPM package net-snmp-utils is installed if net-snmp is installed.
  • New check script checksnmp.sh to display a warning if it is possible to retrieve system information through SNMP.
  • New check script checksensorsalarm.sh to display the output of the sensors command, and alert if any temperature is too high.
  • New check script checksensors.sh to check if the lm_sensors RPM is installed.
Version: 18.05.27
  • New check script checksambatestparm.sh to run Samba's testparm utility to check the correctness of the the Samba configuration file.
Version: 18.05.22
  • New check script checkrpm.sh to check if the rpm utility is installed.
  • New check script checkssb.sh to check for the Speculative Store Bypass vulnerability.
Version: 18.05.21
  • Update to check script checkoslevel.sh to check for the 7.5 releases of CentOS, Scientific Linux and Oracle Linux.
  • Update to check script checksystemjournalpermanent.sh to include the chown command recommendation when /var/log/journal folder does not exist.
  • Update to check script checksupportpassword.sh to check if a password has been set before proceeding with the rest of the checks.
  • Update to check script checkshutdownpassword.sh to check if a password has been set before proceeding with the rest of the checks.
  • Update to check script checkrootpassword.sh to check if a password has been set before proceeding with the rest of the checks.
  • Update to check script checkadminpassword.sh to check if a password has been set before proceeding with the rest of the checks.
  • Update to check script checkhaltpassword.sh to check if a password has been set before proceeding with the rest of the checks.
  • Update to check script checkmanagerpassword.sh to check if a password has been set before proceeding with the rest of the checks.
  • Update to check script checkoraclepassword.sh to check if a password has been set before proceeding with the rest of the checks.
  • Update to the description of check script checkntpsynchhwclock.sh to remove a typo.
  • Update to check script checkhostname.sh to also allow a dash in the hostname.
  • Update to check script checkfswrite.sh to exclued GVFS type file systems from checking.
  • Update to check script checkspectremeltdown.sh to update the script to version 2.5 of Red Hat's detection script.
Version: 18.05.20
  • New check script checkavahiactive.sh to check if the Avahi daemon has been disabled.
  • New check script checknozeroconf.sh to check if NOZEROCONF=yes is present in /etc/sysconfig/network.
Version: 18.05.06
  • New check script checksambasmbconf.sh to display the contents of the smb.conf configuration file of Samba.
  • New check script checksambaactive.sh to check if the Samba smb and nmb daemons are running if Samba is installed.
  • New check script checksambastatus.sh to show the status of Samba.
  • New check script checksambasmbconfperms.sh to check the permissions of /etc/samba/smb.conf.