Overview of updates - RHEL version

Latest available version: 18.12.07

Overview of the most recent updates to UNIX Health Check for Red Hat Enterprise Linux:

Version: 18.12.07
  • Update to check script checkoslevel.sh to add an additional check for Red Hat Enterprise Linux version 8.
  • Update to check script checkchronyd.sh to allow it to work with pools of NTP servers as well instead of NTP servers only in /etc/chronyd.conf.
  • Update to check script checkvirshnodeinfo.sh to redirect any errors of the virsh command to /dev/null to avoid reporting any errors.
  • Update to check script checkvirshlist.sh to redirect any errors of the virsh command to /dev/null to avoid reporting any errors.
  • Update to check script checkcrondenyperms.sh to ensure it works on CentOS, Scientific Linux and Oracle Linux.
  • Update to check script checklastlogperms.sh to ensure it works on CentOS, Scientific Linux and Oracle Linux.
  • Update to check script checkvarlogbtmpperms.sh to ensure it works on CentOS, Scientific Linux and Oracle Linux.
  • Update to check script checkyumconfperms.sh to ensure it works on CentOS, Scientific Linux and Oracle Linux.
Version: 18.12.06
  • Update to check script checkcrondenyperms.sh to take into consideration the permissions differences on RHEL 8.0 for /etc/cron.deny.
  • Update to check script checkfsdirwrite.sh to exclude file system mount type bpf from checking.
  • Update to check script checkl11tf.sh to avoid running the check script on RHEL 8.0, as the script was not designed for this version.
  • Update to check script checklastlogperms.sh to take into consideration the permissions and group ownership differences on RHEL 8.0.
  • Update to check script checklocalhost.sh to allow it to work on systems using IPv6.
  • Update to check script checkrhsmcertd.sh to ensure it will run without generating errors on RHEL 8.0.
  • Update to check script checksudoprivilegeescalation.sh to avoid running it on RHEL 8 as the script does not support that version.
  • Update to check script checksyslogconfvsrsyslogconf.sh to avoid alerting on first run of rsyslog.
  • Update to check script checksyslogdactive.sh to ensure it will run without generating errors on RHEL 8.0.
  • Update to check script checksyslogdremote.sh to ensure it will run without generating errors on RHEL 8.0.
  • Update to check script checkusrsbinsestatusperms.sh to avoid alerting on the size of /sbin/sestatus on RHEL 8.0.
  • Update to check script checkvarlogbtmpperms.sh to check for the correct file permissions on RHEL 8.0, which are different compared to earlier versions.
  • Update to check script checkyumconfperms.sh to check for file /etc/dnf/dnf.conf instead of /etc/yum.conf on RHEL 8.0.
  • Update to check script checkyumcron.sh to allow the script to determine the correct operating system level on RHEL 8.0.
Version: 18.12.05
  • New check script checkdnsdomain.sh to determine the domain name of the system through DNS.
  • New check script checkdevrandom.sh to check if devices /dev/random and /dev/urandom exist.
  • New check script checkfsperms.sh to display the file system permissions.
  • New check script checkfsdirwrite.sh to check if a directory can be created within each file system.
  • New check script checkfsmountpoint.sh to check if the mount point for each file system exists.
Version: 18.12.04
  • New check script checknobody.sh to check if user and group nobody exists.
  • New check script checknameservers.sh to display the contents of /etc/resolv.conf.
  • New check script checkmntperms.sh to check if the permissions of the /mnt folder are correctly set.
  • New check script checkrootfolders.sh to check if important folders in the root directory are located in the root file system.
  • Update to check script checklvs.sh to add the -v option which also displays the LV UUID.
  • Update to check script checkpvs.sh to add the -v option which also displays the PV UUID.
  • Update to check script checkvgs.sh to add the -v option which also displays the VG UUID.
  • New check script checkkernel to display the kernel version in use on the system.
  • Support has been added for Red Hat Enterprise Linux 7.6, Scientific Linux 7.6, Oracle Linux 7.6 and Centos 7.6.1810.
  • Update to check script checkoslevel.sh to recommend level 7.6 for Scientific Linux, and level 7.6.1810 for CentOS.
  • Update to check script checksyslogconfvsrsyslogconf.sh to avoid any errors reported by xargs, by redirecting errors of xargs to /dev/null.
Version: 18.12.03
  • New check script checkchangedfilesinetc.sh to check for any changed files in /etc within the last 24 hours.
  • New check script checknetworkadapters.sh to list all the network adapters on the system.
  • New check script checkadapterlink.sh to check if the network adapters that are in use for active network interfaces, and which are not configured in a bond, have an established link.
  • New check script checkmotd.sh to check the contents of /etc/motd.
  • New check script checknroffilesinfilesystems.sh to check for a large number of files in file systems.
  • Update to check script checkpvs.sh to redirect any errors of the pvs command to /dev/null.
  • Update to check script checkpvunallocatable.sh to redirect any errors of the pvs command to /dev/null.
  • Update to check script checkpathfolders.sh to exclude folder /root/bin from checking, as that folder usually does not exist and is already within the protected root directory.
Version: 18.12.02
  • New check script checkpatroluser.sh to check if the BMC Patrol Agent user patagt exists.
  • New check script checkpathfolders.sh to check if all the folders in the $PATH variable exist on the server.
  • New check script checkoradiag.sh to check if there are any oradiag_username folders in home directories of users.
  • New check script checkoratabpaths.sh to check for the existence of paths mentioned in /etc/oratab.
  • New check script checkauthorizedkeysentriesoracle.sh to check for any invalid entries in the authorized keys files for user oracle.
  • New check script checkauthorizedkeysentries.sh to check for any invalid entries in the authorized keys files for user root.
  • New check script checkauthorizedkeysdups.sh to check for duplicate entries or empty lines in the authorized_keys file for user root.
  • New check script checkauthorizedkeysdupsoracle.sh to check for duplicate entries or empty lines in the authorized_keys file for user oracle.
  • New check script checkoratab.sh to display the contents of /etc/oratab, if it exists.
Version: 18.12.01
  • New check script checkostype.sh to check the OS type (AIX, Linux, HP-UX, etcetera).
Version: 18.11.30
  • New check script checkpwd.sh to check if there is a large number of pwd processes running.
  • New check script checkrhosts.sh to display the contents of the ~root/.rhosts file.
  • New check script checkrootrhosts.sh to check the permissions of the rhosts file of root.
  • New check script checkpathperiod.sh to check if there's a period in the $PATH variable.
  • New check script checkrootprofile.sh to check the .profile of user root.
Version: 18.11.29
  • New check script checkroothomesize.sh to check if the home directory of user root is at least 1 GB.
  • New check script checkregularfilesinhome.sh to show if there are any regular files in /home.
  • New check script checksbinperms.sh to check if the permissions, owner, group and link target of the /sbin folder are correctly set.
  • New check script checklvunavailable.sh to check if any logical volumes are unavailable.
  • New check script checkpvunallocatable.sh to check if any physical volumes are un-allocatable.
  • Update to check script checkpacemakerclusterstatus.sh to improve the reporting of any stopped resources.
Version: 18.11.28
  • Update to check script checkusersloggedonlongtime.sh to avoid reporting on user unknown, which is the result of a known GDM bug, which makes the who command report an unkown user account.
Version: 18.11.27
  • New check script checkshadowfile.sh to check if there's a passwd shadow file /etc/shadow.
  • New check script checkscript.sh to check if there are any script processes active without a parent process.
  • New check script checksimpanaactive.sh to check if the simpana client is active.
  • New check script checksimpanalevel.sh to show the level of the CommVault Simpana client.
  • New check script checksimpanastatus.sh to show the status of the CommVault Simpana client.
  • New check script checksudoersusers.sh to check if all users, that are referenced in /etc/sudoers, indeed exist in /etc/passwd. This check script will also very if all referenced groups are known in /etc/group.
  • New check script checkstricthostkeychecking.sh to check if StrictHostKeyChecking isn't disabled in /etc/ssh/ssh_config.
Version: 18.11.26
  • New check script checksudopermissions.sh to check if the owner and permissions of sudo are correctly set.
  • New check script checksudolog.sh to check if the log file is set in /etc/sudoers.
  • New check script checksudovisudopermissions.sh to check if the owner and permissions of visudo are correctly set.
  • New check script checksystemid.sh to check if a one-line system ID can be determined.
  • New check script checksysteminstall.sh to check when the system was installed.
Version: 18.11.25
  • New check script checktsmdsmfiles.sh to check if dsm.opt or dsm.sys files are present when no TSM / IBM Spectrum Protect software is installed.
  • New check script checkyumcorruptdb.sh to check if the yum database is corrupt.
  • Update to check script checktsmlevel.sh to redirect any errors of the rpm command to /dev/null.
  • New check script checktsmtdpoconf.sh to run tdpoconf showenv, to show the TSM / IBM Spectrum Protect TDP for Oracle configuration, if installed.
  • New check script checktsmtdpoerrorlog.sh to check the size of tdpoerror.log, if Tivoli Data Protection for Oracle is used.
  • New check script checkvnbbackup.sh to check the backup by Veritas NetBackup.
  • New check script checkvnbexclude.sh to check the exclude list for Veritas NetBackup.
  • New check script checkvnblogging.sh to check if client logging is enabled for Veritas NetBackup.
  • New check script checkvnbserver.sh to check the server name in use for Veritas NetBackup.
  • New check script checkvnbversion.sh to check the version of Veritas NetBackup, if installed.
  • New check script checkenvironment.sh to check the contents of /etc/environment.
Version: 18.11.23
  • Update to check script checkyumcron.sh to indicate how to enable the optional repository for Oracle Linux 7.
  • Update to check script checksharutils.sh to indicate how to enable the optional repository for Oracle Linux 7.
  • Update to check script checkcleansystems.sh to exclude file /etc/nsswitch.conf.bak from being reported by the script.
  • Update to check script checkhostnamevsdns.sh to check if a fully qualified domain name can be determined through DNS.
  • Update to check script checkrunlevel.sh to avoid running on Scientific Linux as it does not display any runlevel.
Version: 18.11.22
  • Update to check scritp checkspectremeltdown.sh to update the script to version 3.1 of the the Spectre Meltdown diagnosis script.
  • Update to check script checkrunlevel.sh to correct a typo.
  • Update to check script checkcleansystem.sh to avoid reporting duplicate items.
  • Update to check script checkall.sh to improve the HTML output of the report - better consistency of the fonts used; better readability on mobile devices, and better scaling within Microsoft Outlook.
Version: 18.11.21
  • Update to check script checkenv.sh to exclude the output of the LS_COLORS variable, to avoid messing up the HTML output because of this lenghty variable.
Version: 18.11.20
  • Update to check script checkleapvulnerability.sh to avoid writing a file when testing for the correct year.
Version: 18.11.20
  • Update to check script checkhistcontrol.sh to include a check to determine if the script is run within a terminal session or not.
  • Update to check script checkhistsize.sh to include a check to determine if the script is run within a terminal session or not.
  • Update to check script checkhisttimeformat.sh to include a check to determine if the script is run within a terminal session or not.
  • Update to check script checkcoredumps.sh to redirect errors of the df command to /dev/null.
  • Update to check script checkall.sh to redirect errors of the df command to /dev/null.
  • Update to check script checkdf.sh to redirect errors of the df command to /dev/null.
  • Update to check script checkdfsummary.sh to redirect errors of the df command to /dev/null.
  • Update to check script checkfilesystemnumber.sh to redirect errors of the df command to /dev/null.
  • Update to check script checkfreespaceinfs.sh to redirect errors of the df command to /dev/null.
  • Update to check script checkfsdeviceandmountpoint.sh to redirect errors of the df command to /dev/null.
  • Update to check script checkhomesize.sh to redirect errors of the df command to /dev/null.
  • Update to check script checkinodeusage.sh to redirect errors of the df command to /dev/null.
  • Update to check script checkroothomedir.sh to redirect errors of the df command to /dev/null.
  • Update to check script checktmpmounts.sh to redirect errors of the df command to /dev/null.
  • Update to check script checkrootsize.sh to redirect errors of the df command to /dev/null.
  • Update to check script checktmpsize.sh to redirect errors of the df command to /dev/null.
  • Update to check script checktmpusage.sh to redirect errors of the df command to /dev/null.
  • Update to check script checkvarsize.sh to redirect errors of the df command to /dev/null.
  • Update to check script checketcfstabfilesystems.sh to redirect errors of the df command to /dev/null.
  • New check script checkdftransportendpoint to check for a transport endpoint message in the output of df.
Version: 18.11.19
  • Update to check script checkall.sh to ensure the IP address of the system is correctly discovered on Oracle Linux 7.6.
  • Update to check script checkinterface.sh to ensure the IP address of the system is correctly discovered on Oracle Linux 7.6.
  • Update to check script checkoslevel.sh to recommend version 6.10 for RHEL 6.
  • Update to check script checksestatus.sh to avoid printing an empty line when the sestatus command fails.
  • Update to checkoslevel.sh to recommend Red Hat Enterprise Linux 7.6 and Oracle Linux 7.6.
  • New check script checkmemoryminsize.sh to check the minimum amount of memory required for the operating system.
Version: 18.11.17
  • Update to the description of check script checkrpmv.sh to provide additional information on how to determine which package to reinstall, if a certain file has been identified with an issue.
  • Update to check script checkswapusagevsmemory.sh to check if the bc command is available before continuing.
  • New check script checklvm2.sh to check if RPM package lvm2 has been installed on the system.
  • Update to check script checkall.sh to define additional path variables in case the checkall.sh script is run from cron - in which case a different PATH variable may be defined.
  • Update to check script checkhostname.sh to correct a check that matches the contents of /etc/sysconfig/network with the hostname setting.
  • Update to check script checkssb.sh to update the script to version 1.3 of the diagnose script for the Speculative Store Bypass vulnerability.
Version: 18.11.16
  • Update to check script checkall.sh to include the kernel version in the system configuration section.
  • Update to check script checklsscsi.sh to allow it to work on RHEL 6.9.
  • Update to check script checkumask.sh to allow it to work on RHEL 6.9.
  • Update to check script checksystemjournalpermanent.sh to avoid running the script on RHEL 6 and earlier verions.
  • Update to check script checkntpd.sh to provide the correct command to enable ntpd depending on the RHEL version used.
  • Update to check script checkntpdatentppool.sh to account for the sed command to be in a different folder on RHEL 6.
  • Update to check script checkhostname.sh to redirect any errors from the hostname --fqd command to /dev/null, so it won't generate an error when running on RHEL version 6 and earlier.
  • Update to the description of check script checksshsyslogfacility.sh to indicate the commands used to restart sshd and rsyslog on RHEL 7.
  • Update to check script checketchosts.sh to allow a greater number of locally defined entries in /etc/hosts.
  • Update to the description of check script checksystemctldegrades.sh on how to handle failed services that can no longer be found on the system.
  • Update to check script checksubscriptionmanager.sh to check for a true Red Hat system first, before continuing.
  • Update to check script checksubscriptionmanageridentity.sh to check for a true Red Hat system first, before continuing.
Version: 18.11.15
  • Update to check script checksnmputils.sh to remove the -y option for the yum command as suggested command to run.
  • Update to check script checklogrotatedfiles.sh to avoid alerting on log files which are actually directories.
  • Update to check script checkchronyvsntp.sh to recommend starting and enabling chronyd.
  • Update to check script checkntpd.sh to ignore all errors and warnings if chronyd is installed and active.
  • Update to check script checkntpstat.sh to ignore all errors and warnings if chronyd is installed and active.
  • Update to check script checkhostnamevsdns.sh to correct a variable which will result in the script properly identify a difference between the local FQDN versus the name registered in DNS.
Version: 18.11.01
  • New check script checkbondlink.sh to check if all links are up on the configured bonded network interfaces.
  • New check script checkbond.sh to list the bonded network interfaces on this system.
Version: 18.10.29
  • New check script checkthreadsperuser.sh to alert if a user is using a high number of processes and/or threads on the system, and is close to the soft nproc limit.
  • Update to the description of check script checkthreads.sh to indicate how to see the number of threads on the system, and how to increase the soft limit for the number of processes on the system.
Version: 18.10.24
  • Update of the demo version to include the first 100 check scripts of the full version.
Version: 18.10.21
  • Update to the description of check script checkwirelesstools.sh to indicate that the EPEL repository needs to be enabled first before it is possible to install the RPM package wireless-tools on a Red Hat Enterprise Linux system.
Version: 18.10.19
  • Update to check script checkchronydsystemclockoffset.sh to avoid alerting on negative clock offsets.
  • Update to check script checkall.sh to improve determining the fully qualified domain name of the system.
  • Update to check script checksendmailsmtpconnection.sh to prefer the domain entry over the search entry in /etc/resolv.conf for determining the fully qualified domain name.
  • Update to check script checkpostfixsmtpconnection.sh to prefer the domain entry over the search entry in /etc/resolv.conf for determining the fully qualified domain name.
  • Update to check script checkhostnamevsdns.sh to prefer the domain entry over the search entry in /etc/resolv.conf for determining the fully qualified domain name.
  • Update to check script checkresolvconf.sh to prefer the domain entry over the search entry in /etc/resolv.conf for determining the fully qualified domain name.
  • Update to check script checkhostname.sh to prefer the domain entry over the search entry in /etc/resolv.conf for determining the fully qualified domain name.
  • New check script checkswapusagevsmemory.sh to check the swap space usage versus the memory assigned to the system.
  • Update to the description of check script checkyumcron.sh to indicate that the optional RPMs repository may need to be enabled on RHEL systems, before the yum-cron package can be installed.
  • Update to the description of check script checksharutils.sh to indicate that the optional RPMs repository may need to be enabled on RHEL systems, before the sharutils package can be installed.
  • Update to check script checklsusb.sh to avoid alerting if the USB module is not loaded.
Version: 18.10.18
  • New check script checkmemoryutilization.sh to display the current memory utilization of the system, and to warn or alert if the memory is too high or is critical.
  • New check script checktop20memoryprocs.sh to list the top 20 memory using processes.
  • New check script checkwirelesstools.sh to verify if the wireless-tools RPM pacakage is installed, if the system is equipped with wireless devices.
  • New check script checkiwconfig.sh to display the output of the iwconfig command, if wireless devices are installed on the system.
  • New check script checkcleansystem.sh to check if there are any files on the system that can be removed.
  • New check script checkyumcron.sh to check if the yum-cron RPM package is installed and the yum-cron service is enabled.
  • New check script checktmpmount.sh to check if /tmp is in either an actual file system of tmpfs file system.
Version: 18.10.14
  • New check script checklshw.sh to check if the lshw RPM package is installed on the system, and if so, to display the output of lshw -short.
  • New check script checklsscsi.sh to check if the lsscsi RPM package is installed on the system, and if so, to display the output of lsscsi --long --size.
  • New check script checklsusb.sh to check if the usbutils RPM package is installed on the system, and if so, to display the output of lsusb.
Version: 18.10.10
  • Update to check script checksestatu.sh to allow both the enforcing and permissive status of SELinux.
  • New check script checkchronydsystemclockoffset.sh to check the system clock offset reported by the Chrony time service.
  • Renamed check script checktelnet.sh to checktelnetserver, as the script is responsible for checking the telnet server.
  • New check script checktelnet.sh to determine if the telnet tool is installed on the system.
  • New check script checktraceroute.sh to determine if the traceroute RPM package is installed on the system.
  • Update to check script checkpostfixsmtp.sh to allow it work if an IP address was entered in the Postfix main.cf file instead of a hostname.
  • Update to checks cript checksystemjournalpermanent.sh to recommend the correct system group setting for the /var/log/journal directory.
Version: 18.10.04
  • Update to check script checkifconfig.sh to retrieve network information using the ip command instead of ifconfig, if ifconfig is not installed.
  • Update to check script checkoslevel.sh to test if a newer OS level is installed before reporting an issue.
  • Update to check script checkpostfixsmtp.sh to test if the nslookup command is available before checking the DNS entry.
  • Completed testing of UNIX Health Check for Red Hat Enterprise Linux on Red Hat 7.6 beta 1.
  • Update to check script checksendmailsmtp.sh to avoid checking for a DNS entry for the SMTP server, if brackets are used in the DS entry in /etc/sendmail.cf, as using brackets in the DS entry results in sendmail not doing any DNS verification of the SMTP server.
Version: 18.10.03
  • Update to check script checkl1tf.sh to update the script to version 1.3, as released by Red Hat. This check script checks for the L1 Terminal Fault vulnerability.
Version: 18.09.18
  • Update to the description of check script checkopenvmtools.sh to include information available from Red Hat on the open-vm-tools package for VMWare systems.
Version: 18.09.04
  • New check script checkl1tf.sh to check for the L1 Terminal Fault vulnerability.
Version: 18.08.22
  • Update to check script checkall.sh to include the -t check script time-out option.
  • New check script checkdellidracservicemodule.sh to check if the Dell iDRAC Service Module has been installed, enabled and started on Dell PowerEdge systems.
  • New check script checkdelldsufirmware.sh to check if DSU indicates that there are firmware updates available for Dell PowerEdge systems.
  • New check script checkdelldsu.sh to check if DSU (Dell System Update) has been installed on Dell PowerEdge systems.
  • New check script checkomreportchassis.sh to check the chassis component status of Dell PowerEdge systems through OpenManage System Administrator, if installed.
  • New check script checkrpmv.sh to check RPM package consistency.
  • Update to check script checkall.sh to avoid reporting an error on incomplete RPM pacakges installed, if some of the files are expected to be modified.
  • Update to check script checkdellomsa.sh to indicate the commands needed to install Dell OpenManage System Administrator, if not installed on Dell PowerEdge systems.
Version: 18.08.16
  • Update to check script checkall.sh to include the type of virtualization in the configuration section.
  • Update to check script checkvm.sh to include the type of virtualization in the output.
Version: 18.08.14
  • Update to check script checkbindutils.sh to include the command to install the bind-utils RPM package.
Version: 18.08.08
  • Update to check script checkomreportvdisk.sh to include the full name of the omreport command, in case it can't be found within the PATH variable.
  • Update to check script checkomreportpdisk.sh to include the full name of the omreport command, in case it can't be found within the PATH variable.
  • Update to check script checkdellomsa.sh to include a better description of the Dell OpenManage System Administrator in the output.
  • Update to check script checkomreportpdisk.sh to include a listing of the virtual disks known for each controller.
Version: 18.07.30
  • Update to check script checksestatus.sh to correctly indicate if SELinux is in either disabled, permissive or enforcing mode and how to resolve any issues found.
  • New check script checkusrsbinsestatusperms.sh to check the owner, group, permissions and file size of /usr/sbin/sestatus.
  • New check script checketcselinuxconfigperms.sh to check the owner, group and permissions of file /etc/selinux/config.
  • New check script checketcselinuxconfig.sh to display the contents of file /etc/selinux/config, the configuration file for SELinux (Security Enhanced Linux).
Version: 18.07.24
  • Update to check script checkpostfix.sh to provide the command needed to enable Postfix at system boot time.
  • New check script checkrootforward.sh to check if email of user root is forwarded.
Version: 18.07.13
  • Update to check script checkall.sh to allow check scripts to run for 180 seconds instead of 120 seconds.
  • New check script checkabrtdactive.sh to check if the abrtd daemon is running and enabled at boot time if abrt is installed.
  • New check script checkabrtinstalled.sh to check if the abrt RPM package for the Automatic Bug Reporting Tool is installed on the system.
  • Update to check script checksambaactive.sh to check if both the smb and nmb daemons are enabled at system boot time.
  • Update to check script checkklogdactive.sh to check if klogd is enabled at system boot time on RHEL versions 4 and 5.
  • New check script checkabrtconfperms.sh to check the permissions of /etc/abrt/abrt.conf.
Version: 18.07.06
  • New check script checksssdconf.sh to display the contents of file /etc/sssd/sssd.conf.
  • New check script checksssdconfperms.sh to check the permissions, owner and group of /etc/sssd/sssd.conf.
Version: 18.07.03
  • Update to check script checkifconfig.sh to avoid reporting warning messages no the use of the grep command in some configurations.
  • Update to check script checkifconfig.sh to account for possible double quotation marks in /etc/sysconfig/ifcfg-interface files.
Version: 18.06.11
  • New check script checkrhsmconfperms.sh to check the owner, group and permissions of /etc/rhsm/rhsm.conf.
Version: 18.05.30
  • Update to check script checkpacemakerclusterstatus.sh to also display the Pacemaker cluster configuration.
Version: 18.05.29
  • New check script checksnmpd.sh to check if snmpd is running, and enabled at boot.
Version: 18.05.28
  • New check script checksnmpdconfperms.sh to check if the permissions, owner and group of /etc/snmp/snmpd.conf are correctly set and alert if the file is missing or empty.
  • New check script checksnmputils.sh to check if RPM package net-snmp-utils is installed if net-snmp is installed.
  • New check script checksnmp.sh to display a warning if it is possible to retrieve system information through SNMP.
  • New check script checksensorsalarm.sh to display the output of the sensors command, and alert if any temperature is too high.
  • New check scritp checksensors.sh to check if the lm_sensors RPM is installed.
Version: 18.05.27
  • New check script checksambatestparm.sh to run Samba's testparm utility to check the correctness of the the Samba configuration file.
Version: 18.05.22
  • New check script checkrpm.sh to check if the rpm utility is installed.
  • New check script checkssb.sh to check for the Speculative Store Bypass vulnerability.
Version: 18.05.21
  • Update to check script checkoslevel.sh to check for the 7.5 releases of CentOS, Scientific Linux and Oracle Linux.
  • Update to check script checksystemjournalpermanent.sh to include the chown command recommendation when /var/log/journal folder does not exist.
  • Update to check script checksupportpassword.sh to check if a password has been set before proceeding with the rest of the checks.
  • Update to check script checkshutdownpassword.sh to check if a password has been set before proceeding with the rest of the checks.
  • Update to check script checkrootpassword.sh to check if a password has been set before proceeding with the rest of the checks.
  • Update to check script checkadminpassword.sh to check if a password has been set before proceeding with the rest of the checks.
  • Update to check script checkhaltpassword.sh to check if a password has been set before proceeding with the rest of the checks.
  • Update to check script checkmanagerpassword.sh to check if a password has been set before proceeding with the rest of the checks.
  • Update to check script checkoraclepassword.sh to check if a password has been set before proceeding with the rest of the checks.
  • Update to the description of check script checkntpsynchhwclock.sh to remove a typo.
  • Update to check scritp checkhostname.sh to also allow a dash in the hostname.
  • Update to check script checkfswrite.sh to exclued GVFS type file systems from checking.
  • Update to check script checkspectremeltdown.sh to update the script to version 2.5 of Red Hat's detection script.
Version: 18.05.20
  • New check script checkavahiactive.sh to check if the Avahi daemon has been disabled.
  • New check script checknozeroconf.sh to check if NOZEROCONF=yes is present in /etc/sysconfig/network.
Version: 18.05.06
  • New check script checksambasmbconf.sh to display the contents of the smb.conf configuration file of Samba.
  • New check script checksambaactive.sh to check if the Samba smb and nmb daemons are running if Samba is installed.
  • New check script checksambastatus.sh to show the status of Samba.
  • New check script checksambasmbconfperms.sh to check the permissions of /etc/samba/smb.conf.
Version: 18.05.04
  • New check script checkbrctlshow.sh to display the virtual Ethernet bridge configuration.
  • Update to check script checketcdefaultuseraddperms.sh to allow a different set of permissions on file /etc/default/useradd in later releases of RHEL/CentOS.
Version: 18.04.26
  • Update to check script checkfswrite.sh to avoid reporting an issue on type fuse file systems.
  • Update to check script checkomreportstoragebattery.sh to exclude any non-critical alerts.
Version: 18.04.25
  • New check script checkfindmnt.sh to display the output of the findmnt command to show all mounted file systems.
  • Update to the description of check script checkshowmount.sh to add information on the use of the showmount and netstat commands.
Version: 18.04.12
  • Update to check script checkcoredumps.sh to improve the damocles function.
  • Update to check script checkmailq.sh to improve the damocles function.
  • Update to check script checkmissingowners.sh to improve the damocles function.
  • Update to check script checksuid.sh to improve the damocles function.
  • Update to check script checkyumcheckupdate.sh to improve the damocles function.
  • Update to the description of check script checkwheel.sh to remove a typo.
  • Update to check script checkwheel.sh to avoid reporting on the new cloud-user account introduced in RHEL 7.5.
  • Update to check script checkifconfig.sh to avoid reporting an error if the IP address is configured through DHCP.
  • Update to check script checksudoersincludedir.sh to improve checking of the permissions of files in /etc/sudoers.d.
Version: 18.04.11
  • Update to the description of check script checktopcpuusers.sh to include information on how to list the top 20 most CPU using processes.
  • New check script checkbeta.sh to check if a beta release has been installed.
  • Update to check script checkall.sh to redirect the output of the rpm -V command to avoid printing errors.
  • Update to check script checkadmgroup.sh to avoid reporting an error on the cloud-user account known in RHEL 7.5.
  • Update to checkoslevel.sh to recommend level 7.5 of Red Hat Enterprise Linux.
Version: 18.04.10
  • Update to check script checkdnslookup to improve discovery of DNS IP addresses.
  • Update to check script checkchronyc.sh to remove a typo.
  • Update to check script checkresolvconf.sh to include testing the time it takes to perform a nslookup command.
Version: 18.04.09
  • New check script checkcrontabs.sh to check crontabs without existing owners.
  • New check script checkcrontabdups.sh to check if duplicate entries in crontab files exist.
  • New check script checkcrontabcommands.sh to check if the commands that are referenced in crontab files exist.
  • New check script checkcrontabcommandsexec.sh to check if the commands in crontab files are executable.
  • New check script checkcronsystemcronfiles.sh to check if all the files in system cron folders are executable.
  • New check script checkcronsystemfolderperms.sh to check the permissions, owner and group of the system crontab folders.
Version: 18.04.08
  • New check script checkdevperms.sh to check the permissions, owner and group of /dev.
  • New check script checkatd.hs to check if the at daemon is installed and running.
  • New check script checkatallowperms.sh to check the permissions of /etc/at.allow.
  • New check script checkatdenyperms.sh to check the permissions of /etc/at.deny.
  • New check script checkcronallowperms.sh to check the permissions of /etc/cron.allow.
  • New check script checkcrondenyperms.sh to check the permissions of /etc/cron.deny.
  • New check script checkcrond.sh to check if the cron daemon is installed and running.
  • New check script checkcronallowdeny.sh to display the contents of the cron.allow, cron.deny, at.allow and at.deny files.
  • New check script checkcronallow.sh to check the users in /etc/cron.allow.
  • New check script checkcrondeny.sh to check the users in /etc/cron.deny.
  • New check script checkcrontab.sh to display the contents of all the crontab files.
  • New check script checkcrontabsunused.sh to check crontabs that are not used.
Version: 18.04.07
  • New check script checkatl.sh to check if there's a queue of at jobs.
  • New check script checkatallow.sh to check the users in /etc/at.allow.
  • New check script checkatdeny.sh to check the users in /etc/at.deny.
Version: 18.04.06
  • Update to check script checkcoredumps.sh to improve checking for the kernel.core_uses_pid sysctl option.
  • Update to check script checkall.sh to indicate in the System Configuration section if the server is a virtual machine or not.
  • New check script checkvm.sh to check if the server is running as a virtual machine or not.
  • New check script checkvmlinuxfirmware.sh to check if the linux-firmware package is installed on physical systems only.
Version: 18.04.04
  • Update to check script checksudoerrors.sh to ensure it properly removes it's own temporary file from /tmp.
  • Update to check script checkblkid.sh to sort the output.
  • New check script checkrootlinks.sh to check if the links in / exist with the proper owner, group, permissions and targets.
  • New check script checkfstabdevicenames.sh to check if no physical or virtual device names are used in /etc/fstab.
  • New check script checkmlocate.sh to check if the mlocate package has been installed.
  • New check script checkmlocatecron.sh to check if the mlocate cron entry is present.
  • Update to check script checkall.sh to allow for virtualization category check scripts to be run separately.
  • New check script checkvirshlist.sh to display all configured virtual machines.
  • New check script checkvirshnodeinfo.sh to display the node info of the virtualization host, if configured.
Version: 18.04.03
  • Update to check script checknetstat.sh to provide a more descriptive output, and to add the output of the ss command to show TCP sockets.
  • New check script checknmcliconshow.sh to display the active network connections using nmcli.
  • New check script checknmclidevshow.sh to display the network devices using nmcli.
  • Update to the description of check script checksudosh.sh to improve the description.
  • Update to check script checkifconfig.sh to avoid reporting possible errors on bonded network interfaces.
  • New check script checkchronyvsntp.sh to check if either Chrony or NTP is being used for the time service.
Version: 18.04.02
  • New check script checksshpermitrootlogin.sh to check the PermitRootLogin entry in sshd_config.
  • New check script checksshdirfiles.sh to check the file permissions and ownership of files in ~root/.ssh.
  • New check script checksshconfig.sh to display the contents of file /etc/ssh/ssh_config.
  • New check script checksshx11forward.sh to check if X11Forwarding is set to yes in sshd_config.
  • New check script checksshprotocol.sh to check if Protocol is set to 2 in sshd_config.
  • New check script checksshlogingracetime.sh to check if LoginGraceTime is set to 2m (120 seconds) in sshd_config.
  • New check script checksshd.sh to check if user sshd exists.
  • New check script checksshallowusers.sh to check the AllowUsers entry in sshd_config.
  • New check script checkvarlogperms.sh to check if the permissions of the /var/log folder are correctly set.
  • Update to check script checketclogrotatedperms.sh to check as well that folder /etc/logrotate.d exists.
  • New check script checketclogrotatedsyslog.sh to check the existence and permissions of /etc/logrotate.d/syslog.
  • New check script checksystemjournalpermanent.sh to check if the system journal has been set up to be permanent.
  • New check script checktimedatectlntpenabled.sh to check if the timedatectl command reports that ntp is enabled.
  • Update to check script checkntpd.sh to avoid reporting an error if ntp is not installed.
  • Update to check script checkntp.sh to only report an issue when NTP is not installed on RHEL 6 or lower.
  • New check script checkchrony.sh to check if the chrony RPM package is installed.
  • New check script checketcchronyconfperms.sh to check the permissions of /etc/chrony.conf.
  • New check script checkchronyconf.sh to display the contents of /etc/chrony.conf.
  • New check script checkchronyd.sh to check the chronyd time service.
  • New check script checkchronyc.sh to display the output of the chronyc command.
  • Update to check script checktimezone.sh to improve the output of the check script.
Version: 18.03.31
  • New check script checksuid.sh to check for files that have the SUID or GUID bit set, allowing others to run files as a specific user and/or group.
  • New check script checkrootroot.sh to check if the primary group of user root is root.
  • Update to check script checkhomedirs.sh to improve checking the ownership of someone's home directory.
Version: 18.03.30
  • New check script checkrootpwreset.sh to check if the root password has been changed within the last 90 days.
  • New check script checkexpireduseraccounts.sh to list any user accounts that have expired.
  • New check script checkroothomedir.sh to check if the root home directory is /root.
  • New check script checkhomedirswritable.sh to check if all home directories are writeable for their owners, and not for group members or others.
  • New check script checkhomedirssize.sh to check for home directories that contain more than 1 GB of data.
  • New check script checkhomedirs.sh to check for any user home directories without a correct owner.
Version: 18.03.12
  • New check script checkiscsiadmmodesession.sh to display the iscsi session records.
  • New check script checkfsmounted.sh to check if any file systems aren't mounted.
Version: 18.03.11
  • New check script checketcsysconfigperms.sh to check the permissions of folder /etc/sysconfig.
Version: 18.03.10
  • New check script checkcleanetcsysconfig.sh to check for any files in /etc/sysconfig that can be cleaned up.
Version: 18.03.08
  • Update to check script checkmultipathconfperms.sh to allow multiple different permissions to be set for /etc/multipath.conf.
Version: 18.03.06
  • Update to check script checknmapportscan.sh to add a --host-timeout option to the nmap command to avoid running for a long time.
  • Update to check script checkifconfig.sh to display additional details about the IP configuration of the host.
  • Update to check script checkall.sh to add a warning to the logfile output if a check script takes longer than 120 seconds to complete.
  • Update to check script checksystemctldegraded.sh to display any failed services if systemctl is in a degraded status.
  • Update to check script checkntpdate.sh to avoid reporting an error if a network connectivity issue is preventing the ntpdate command to complete successfully.
  • Update to check script checkntpd.sh to avoid reporting an error if a network connectivity issue is preventing the ntpstat command to complete successfully.
Version: 18.03.05
  • Update to check script checkyumcheckupdate.sh to avoid a hang situation when multiple default gateways are configured on different network interfaces.
  • Update to check script checkdefaultgateway.sh to report duplicate default gateways on different network interfaces properly.
Version: 18.03.02
  • Update to check script checkall.sh to list the location and deployment type of the server in the system configuration section, if set.
  • Update to check script checkyumcleanyumreposd.sh to avoid reporting on the total line in the ls command.
  • Update to check script checksysfsutils.sh to add information on how to install the sysfsutils package.
  • Update to check script checkhistappend.sh to correct a typo in the suggested entries to add to /etc/bashrc.
  • Update to check script checkdellomsaactive.sh to add an additional method to check the port that Dell OMSA is listening on.
  • Update to check script checketchosts.sh to check for uppercase listed hostnames in /etc/hosts as well.
  • Update to check script checkhostname.sh to work correctly if uppercase hostnames are used in /etc/hosts.
Version: 18.03.01
  • Update to new computing environment.
Version: 18.02.26
  • Update to the description of check script checkfchostwwpn.sh to correct a typo.
Version: 18.02.22
  • New check script checkethtool.sh to display the output of the ethtool command for all available network interfaces.
  • New check script checketcresolvconf.sh to display the contents of /etc/resolv.conf.
  • Update to check script checknetstat.sh to include the output of ip route and ip neigh.
  • Update to check script checkipaddress.sh to properly list the IP addresses configured on the system.
  • New check script checkiplink.sh to display the link status of the interfaces.
  • Update to check script checklspci.sh to include the -nn option with the lspci code, to also include the vendor and device codes in the output.
Version: 18.02.13
  • Update of check script checkspectremeltdown.sh to update it to version 2.1 of the Spectre and Meltdown detection script provided by Red Hat.
Version: 18.02.08
  • Update of check script checkoslevel.sh to check for the correct level of Oracle Linux Server to be installed as well.
Version: 18.01.26
  • Calculate MD5 has of UNIX Health Check for Red Hat Enterprise Linux pacakage automatically.
Version: 18.01.15
  • New check script checkspectremeltdown.sh to check if the system is vulnerable for the Spectre and Meltdown threats.
Version: 18.01.01
  • New check script checkusersloggedon.sh to display the users that are currently logged on.
  • Copyright update of the UNIX Health Check for Red Hat Enterprise Linux package from 2017 to 2018.
Version: 17.12.31
  • New check script checkdellomsaactive.sh to check if Dell OpenManage Server Administrator is active, if it is installed.
  • New check script checketcrclocallink.sh to check if /etc/rc.local is a symbolic link to /etc/rc.d/rc.local.
  • New check script checketcrclocal.sh to display the contents of /etc/rc.local.
Version: 17.12.24
  • Update to the description of check script checkhistfile.sh to explain in detail why HISTFILE should be set explicitly.
  • Update to check script checkdmidecode.sh to change it to a non-inventory check script.
  • Update to check script checkzip.sh to check for an additional location of the zip command on older versions of RHEL.
  • Update to check script checkvmwaretools.sh to check through an additional method to determine the vendor of the system if demidecode is not available.
  • Update to check script checkresolvconf.sh to correctly report an error when no name server has been defined on the system.
Version: 17.12.23
  • New check script checkdeployment.sh to check the deployment status of the system, and to warn if it is not set.
  • New check script checklocation.sh to check the location of the system, and to warn if it is not set.
Version: 17.12.21
  • New check script checkmailxinstalled.sh to check if the mailx RPM package is installed.
  • New check script checkperlinstalled.sh to check if perl is installed.
  • Update to the description of check script checksharutils.sh to indicate how to install the sharutils RPM pacakage, if it is not installed.
  • Update to check script checkifconfig.sh to allow it to work even if /bin/netstat (part of RPM package net-tools) is not installed.
  • New check script checknfsaccess.sh to check if any NFS mounted file systems can be accessed.
Version: 17.12.20
  • Update to check script checkfswrite.sh to avoid testing writing to file system /sys/firmware/efi/efivars.
  • Update to check script checkusersloggedonlongtime.sh to exit if perl is not available.
  • Update to check script checkuserpassword.sh to exit if perl is not available.
  • Update to check script checksudoerspassword.sh to exit if perl is not available.
  • Update to check script checkshutdownpassword.sh to exit if perl is not available.
  • Update to check script checkrootpassword.sh to exit if perl is not available.
  • Update to check script checkhaltpassword.sh to exit if perl is not available.
Version: 17.12.19
  • Update to the description of check script checksestatus.sh to describe how to disable Selinux, if necessary.
Version: 17.12.15
  • New check script checkpacemakerclusterstatus.sh to check if the status of a Pacemaker cluster, if installed.
Version: 17.12.11
  • Update to the description of check script checklastlogsize.sh to explain how to empty file /var/log/lastlog, if the file is larger than 50 MB.
Version: 17.12.08
  • Update to check script checkfsreadonly.sh to correct an error that may not identify any read-only file systems.
Version: 17.12.07
  • New check script checkvmwaretools.sh to check if VMware Tools is installed on a VMware based system.
  • Update to the description of checkdefaultgateway.sh explaining how to resolve an issue with having multiple default gateways defined on a system.