49 KiB
49 KiB
[2025-08-22 22:37:42] [INFO] Starting comprehensive system audit on raspberrypi
[2025-08-22 22:37:42] [INFO] Output directory: /tmp/system_audit_raspberrypi_20250822_223742
[2025-08-22 22:37:42] [INFO] Script version: 2.0
[2025-08-22 22:37:42] [INFO] Validating environment and dependencies...
[2025-08-22 22:37:42] [WARN] Optional tool not found: docker
[2025-08-22 22:37:42] [WARN] Optional tool not found: podman
[2025-08-22 22:37:42] [WARN] Optional tool not found: vnstat
[2025-08-22 22:37:42] [INFO] Environment validation completed
[2025-08-22 22:37:42] [INFO] Running with root privileges
[2025-08-22 22:37:42] [INFO] Running module: collect_system_info
==== SYSTEM INFORMATION ====
--- Basic System Details ---
Hostname: raspberrypi
FQDN: raspberrypi
IP Addresses: 192.168.50.107
Date/Time: Fri Aug 22 22:37:42 EDT 2025
Uptime: 22:37:42 up 30 days, 2:48, 0 user, load average: 0.45, 0.44, 0.35
Load Average: 0.45 0.44 0.35 3/295 247067
Architecture: aarch64
Kernel: 6.12.34+rpt-rpi-v8
Distribution: Debian GNU/Linux 12 (bookworm)
Kernel Version: #1 SMP PREEMPT Debian 1:6.12.34-1+rpt1~bookworm (2025-06-26)
--- Hardware Information ---
Architecture: aarch64
CPU op-mode(s): 32-bit, 64-bit
Byte Order: Little Endian
CPU(s): 4
On-line CPU(s) list: 0-3
Vendor ID: ARM
Model name: Cortex-A72
Model: 3
Thread(s) per core: 1
Core(s) per cluster: 4
Socket(s): -
Cluster(s): 1
Stepping: r0p3
CPU(s) scaling MHz: 100%
CPU max MHz: 1800.0000
CPU min MHz: 600.0000
BogoMIPS: 108.00
Flags: fp asimd evtstrm crc32 cpuid
L1d cache: 128 KiB (4 instances)
L1i cache: 192 KiB (4 instances)
L2 cache: 1 MiB (1 instance)
NUMA node(s): 1
NUMA node0 CPU(s): 0-3
Vulnerability Gather data sampling: Not affected
Vulnerability Indirect target selection: Not affected
Vulnerability Itlb multihit: Not affected
Vulnerability L1tf: Not affected
Vulnerability Mds: Not affected
Vulnerability Meltdown: Not affected
Vulnerability Mmio stale data: Not affected
Vulnerability Reg file data sampling: Not affected
Vulnerability Retbleed: Not affected
Vulnerability Spec rstack overflow: Not affected
Vulnerability Spec store bypass: Vulnerable
Vulnerability Spectre v1: Mitigation; __user pointer sanitization
Vulnerability Spectre v2: Vulnerable
Vulnerability Srbds: Not affected
Vulnerability Tsx async abort: Not affected
total used free shared buff/cache available
Mem: 906Mi 321Mi 233Mi 7.0Mi 422Mi 584Mi
Swap: 511Mi 110Mi 401Mi
Filesystem Size Used Avail Use% Mounted on
udev 188M 0 188M 0% /dev
tmpfs 182M 20M 163M 11% /run
/dev/mmcblk0p2 28G 2.9G 24G 11% /
tmpfs 454M 252K 454M 1% /dev/shm
tmpfs 5.0M 16K 5.0M 1% /run/lock
tmpfs 454M 2.0M 452M 1% /tmp
/dev/mmcblk0p1 510M 72M 439M 15% /boot/firmware
folder2ram 454M 3.2M 451M 1% /var/log
folder2ram 454M 0 454M 0% /var/tmp
folder2ram 454M 268K 454M 1% /var/lib/openmediavault/rrd
folder2ram 454M 3.8M 450M 1% /var/spool
folder2ram 454M 12M 443M 3% /var/lib/rrdcached
folder2ram 454M 4.0K 454M 1% /var/lib/monit
folder2ram 454M 16K 454M 1% /var/cache/samba
/dev/md0 7.3T 306G 7.0T 5% /srv/dev-disk-by-uuid-e91c5052-8b74-4125-9d94-9ec465032240
tmpfs 91M 0 91M 0% /run/user/1000
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS
sda 8:0 0 7.3T 0 disk
└─md0 9:0 0 7.3T 0 raid1 /export/t420_backup
/export/t410_backup
/export/surface_backup
/export/omv800_backup
/export/jonathan_backup
/export/audrey_backup
/srv/dev-disk-by-uuid-e91c5052-8b74-4125-9d94-9ec465032240
sdb 8:16 0 7.3T 0 disk
└─md0 9:0 0 7.3T 0 raid1 /export/t420_backup
/export/t410_backup
/export/surface_backup
/export/omv800_backup
/export/jonathan_backup
/export/audrey_backup
/srv/dev-disk-by-uuid-e91c5052-8b74-4125-9d94-9ec465032240
mmcblk0 179:0 0 28.9G 0 disk
├─mmcblk0p1 179:1 0 512M 0 part /boot/firmware
└─mmcblk0p2 179:2 0 28.4G 0 part /var/folder2ram/var/cache/samba
/var/folder2ram/var/lib/monit
/var/folder2ram/var/lib/rrdcached
/var/folder2ram/var/spool
/var/folder2ram/var/lib/openmediavault/rrd
/var/folder2ram/var/tmp
/var/folder2ram/var/log
/
00:00.0 PCI bridge: Broadcom Inc. and subsidiaries BCM2711 PCIe Bridge (rev 20)
01:00.0 USB controller: VIA Technologies, Inc. VL805/806 xHCI USB 3.0 Controller (rev 01)
Bus 002 Device 002: ID 174c:55aa ASMedia Technology Inc. ASM1051E SATA 6Gb/s bridge, ASM1053E SATA 6Gb/s bridge, ASM1153 SATA 3Gb/s bridge, ASM1153E SATA 6Gb/s bridge
Bus 002 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
Bus 001 Device 002: ID 2109:3431 VIA Labs, Inc. Hub
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
[2025-08-22 22:37:43] [INFO] Running module: collect_network_info
==== NETWORK INFORMATION ====
--- Network Interfaces ---
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host noprefixroute
valid_lft forever preferred_lft forever
2: eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq state DOWN group default qlen 1000
link/ether 2c:cf:67:04:6a:3f brd ff:ff:ff:ff:ff:ff
3: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 2c:cf:67:04:6a:42 brd ff:ff:ff:ff:ff:ff
inet 192.168.50.107/24 brd 192.168.50.255 scope global wlan0
valid_lft forever preferred_lft forever
default via 192.168.50.1 dev wlan0 proto static
192.168.50.0/24 dev wlan0 proto kernel scope link src 192.168.50.107
# This is /run/systemd/resolve/stub-resolv.conf managed by man:systemd-resolved(8).
# Do not edit.
#
# This file might be symlinked as /etc/resolv.conf. If you're looking at
# /etc/resolv.conf and seeing this text, you have followed the symlink.
#
# This is a dynamic resolv.conf file for connecting local clients to the
# internal DNS stub resolver of systemd-resolved. This file lists all
# configured search domains.
#
# Run "resolvectl status" to see details about the uplink DNS servers
# currently in use.
#
# Third party programs should typically not access this file directly, but only
# through the symlink at /etc/resolv.conf. To manage man:resolv.conf(5) in a
# different way, replace this symlink by a static file or a different symlink.
#
# See man:systemd-resolved.service(8) for details about the supported modes of
# operation for /etc/resolv.conf.
nameserver 127.0.0.53
options edns0 trust-ad
search .
Netid State Recv-Q Send-Q Local Address:Port Peer Address:PortProcess
udp UNCONN 0 0 127.0.0.1:8125 0.0.0.0:*
udp UNCONN 0 0 0.0.0.0:54984 0.0.0.0:*
udp UNCONN 0 0 0.0.0.0:5353 0.0.0.0:*
udp UNCONN 0 0 0.0.0.0:58857 0.0.0.0:*
udp UNCONN 0 0 0.0.0.0:5353 0.0.0.0:*
udp UNCONN 0 0 0.0.0.0:5355 0.0.0.0:*
udp UNCONN 0 0 0.0.0.0:2049 0.0.0.0:*
udp UNCONN 0 0 0.0.0.0:55044 0.0.0.0:*
udp UNCONN 0 0 127.0.0.54:53 0.0.0.0:*
udp UNCONN 0 0 127.0.0.53:53 0.0.0.0:*
udp UNCONN 0 0 0.0.0.0:56632 0.0.0.0:*
udp UNCONN 0 0 0.0.0.0:60474 0.0.0.0:*
udp UNCONN 0 0 127.0.0.1:323 0.0.0.0:*
udp UNCONN 0 0 0.0.0.0:111 0.0.0.0:*
udp UNCONN 0 0 192.168.50.107:3702 0.0.0.0:*
udp UNCONN 0 0 239.255.255.250:3702 0.0.0.0:*
udp UNCONN 0 0 0.0.0.0:34941 0.0.0.0:*
udp UNCONN 0 0 127.0.0.1:930 0.0.0.0:*
udp UNCONN 0 0 0.0.0.0:55212 0.0.0.0:*
udp UNCONN 0 0 [::1]:8125 *:*
udp UNCONN 0 0 *:48359 *:*
udp UNCONN 0 0 *:5353 *:*
udp UNCONN 0 0 *:5353 *:*
udp UNCONN 0 0 *:5355 *:*
udp UNCONN 0 0 *:58368 *:*
udp UNCONN 0 0 *:2049 *:*
udp UNCONN 0 0 *:56067 *:*
udp UNCONN 0 0 *:46604 *:*
udp UNCONN 0 0 *:7443 *:*
udp UNCONN 0 0 *:50974 *:*
udp UNCONN 0 0 *:40746 *:*
udp UNCONN 0 0 [::1]:323 *:*
udp UNCONN 0 0 *:35143 *:*
udp UNCONN 0 0 *:37991 *:*
udp UNCONN 0 0 *:111 *:*
udp UNCONN 0 0 *:43932 *:*
tcp LISTEN 0 4096 127.0.0.1:8125 0.0.0.0:*
tcp LISTEN 0 4096 0.0.0.0:40953 0.0.0.0:*
tcp LISTEN 0 4096 0.0.0.0:5355 0.0.0.0:*
tcp LISTEN 0 50 0.0.0.0:139 0.0.0.0:*
tcp LISTEN 0 4096 0.0.0.0:59533 0.0.0.0:*
tcp LISTEN 0 50 0.0.0.0:445 0.0.0.0:*
tcp LISTEN 0 511 0.0.0.0:80 0.0.0.0:*
tcp LISTEN 0 64 0.0.0.0:42055 0.0.0.0:*
tcp LISTEN 0 4096 127.0.0.1:19999 0.0.0.0:*
tcp LISTEN 0 4096 0.0.0.0:51583 0.0.0.0:*
tcp LISTEN 0 4096 0.0.0.0:41341 0.0.0.0:*
tcp LISTEN 0 4096 127.0.0.54:53 0.0.0.0:*
tcp LISTEN 0 4096 0.0.0.0:111 0.0.0.0:*
tcp LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
tcp LISTEN 0 5 192.168.50.107:5357 0.0.0.0:*
tcp LISTEN 0 64 0.0.0.0:2049 0.0.0.0:*
tcp LISTEN 0 4096 127.0.0.53%lo:53 0.0.0.0:*
tcp LISTEN 0 4096 [::]:45291 [::]:*
tcp LISTEN 0 4096 [::]:5355 [::]:*
tcp LISTEN 0 50 [::]:139 [::]:*
tcp LISTEN 0 4096 [::1]:8125 [::]:*
tcp LISTEN 0 50 [::]:445 [::]:*
tcp LISTEN 0 4096 [::]:59555 [::]:*
tcp LISTEN 0 511 [::]:80 [::]:*
tcp LISTEN 0 4096 [::]:36167 [::]:*
tcp LISTEN 0 64 [::]:37743 [::]:*
tcp LISTEN 0 4096 [::]:111 [::]:*
tcp LISTEN 0 4096 *:7443 *:*
tcp LISTEN 0 128 [::]:22 [::]:*
tcp LISTEN 0 4096 [::]:47901 [::]:*
tcp LISTEN 0 64 [::]:2049 [::]:*
tcp LISTEN 0 4096 [::1]:19999 [::]:*
Netid State Recv-Q Send-Q Local Address:Port Peer Address:PortProcess
udp UNCONN 0 0 127.0.0.1:8125 0.0.0.0:* users:(("netdata",pid=4105183,fd=54))
udp UNCONN 0 0 0.0.0.0:54984 0.0.0.0:* users:(("rpc.mountd",pid=1181,fd=4))
udp UNCONN 0 0 0.0.0.0:5353 0.0.0.0:* users:(("orb",pid=722747,fd=8))
udp UNCONN 0 0 0.0.0.0:58857 0.0.0.0:* users:(("rpc.mountd",pid=1181,fd=8))
udp UNCONN 0 0 0.0.0.0:5353 0.0.0.0:* users:(("avahi-daemon",pid=572,fd=12))
udp UNCONN 0 0 0.0.0.0:5355 0.0.0.0:* users:(("systemd-resolve",pid=476,fd=11))
udp UNCONN 0 0 0.0.0.0:2049 0.0.0.0:*
udp UNCONN 0 0 0.0.0.0:55044 0.0.0.0:*
udp UNCONN 0 0 127.0.0.54:53 0.0.0.0:* users:(("systemd-resolve",pid=476,fd=19))
udp UNCONN 0 0 127.0.0.53:53 0.0.0.0:* users:(("systemd-resolve",pid=476,fd=17))
udp UNCONN 0 0 0.0.0.0:56632 0.0.0.0:* users:(("rpc.mountd",pid=1181,fd=12))
udp UNCONN 0 0 0.0.0.0:60474 0.0.0.0:* users:(("rpc.statd",pid=1178,fd=8))
udp UNCONN 0 0 127.0.0.1:323 0.0.0.0:* users:(("chronyd",pid=828,fd=5))
udp UNCONN 0 0 0.0.0.0:111 0.0.0.0:* users:(("rpcbind",pid=1164,fd=5),("systemd",pid=1,fd=119))
udp UNCONN 0 0 192.168.50.107:3702 0.0.0.0:* users:(("python3",pid=1177,fd=9))
udp UNCONN 0 0 239.255.255.250:3702 0.0.0.0:* users:(("python3",pid=1177,fd=7))
udp UNCONN 0 0 0.0.0.0:34941 0.0.0.0:* users:(("avahi-daemon",pid=572,fd=14))
udp UNCONN 0 0 127.0.0.1:930 0.0.0.0:* users:(("rpc.statd",pid=1178,fd=5))
udp UNCONN 0 0 0.0.0.0:55212 0.0.0.0:* users:(("python3",pid=1177,fd=8))
udp UNCONN 0 0 [::1]:8125 *:* users:(("netdata",pid=4105183,fd=41))
udp UNCONN 0 0 *:48359 *:* users:(("rpc.mountd",pid=1181,fd=6))
udp UNCONN 0 0 *:5353 *:* users:(("orb",pid=722747,fd=12))
udp UNCONN 0 0 *:5353 *:* users:(("avahi-daemon",pid=572,fd=13))
udp UNCONN 0 0 *:5355 *:* users:(("systemd-resolve",pid=476,fd=13))
udp UNCONN 0 0 *:58368 *:* users:(("orb",pid=722747,fd=26))
udp UNCONN 0 0 *:2049 *:*
udp UNCONN 0 0 *:56067 *:* users:(("orb",pid=722747,fd=17))
udp UNCONN 0 0 *:46604 *:* users:(("orb",pid=722747,fd=20))
udp UNCONN 0 0 *:7443 *:* users:(("orb",pid=722747,fd=11))
udp UNCONN 0 0 *:50974 *:* users:(("rpc.mountd",pid=1181,fd=14))
udp UNCONN 0 0 *:40746 *:*
udp UNCONN 0 0 [::1]:323 *:* users:(("chronyd",pid=828,fd=6))
udp UNCONN 0 0 *:35143 *:* users:(("rpc.statd",pid=1178,fd=10))
udp UNCONN 0 0 *:37991 *:* users:(("rpc.mountd",pid=1181,fd=10))
udp UNCONN 0 0 *:111 *:* users:(("rpcbind",pid=1164,fd=7),("systemd",pid=1,fd=121))
udp UNCONN 0 0 *:43932 *:* users:(("avahi-daemon",pid=572,fd=15))
tcp LISTEN 0 4096 127.0.0.1:8125 0.0.0.0:* users:(("netdata",pid=4105183,fd=69))
tcp LISTEN 0 4096 0.0.0.0:40953 0.0.0.0:* users:(("rpc.mountd",pid=1181,fd=13))
tcp LISTEN 0 4096 0.0.0.0:5355 0.0.0.0:* users:(("systemd-resolve",pid=476,fd=12))
tcp LISTEN 0 50 0.0.0.0:139 0.0.0.0:* users:(("smbd",pid=1214,fd=32))
tcp LISTEN 0 4096 0.0.0.0:59533 0.0.0.0:* users:(("rpc.statd",pid=1178,fd=9))
tcp LISTEN 0 50 0.0.0.0:445 0.0.0.0:* users:(("smbd",pid=1214,fd=31))
tcp LISTEN 0 511 0.0.0.0:80 0.0.0.0:* users:(("nginx",pid=1189,fd=7),("nginx",pid=1188,fd=7),("nginx",pid=1187,fd=7),("nginx",pid=1186,fd=7),("nginx",pid=1185,fd=7))
tcp LISTEN 0 64 0.0.0.0:42055 0.0.0.0:*
tcp LISTEN 0 4096 127.0.0.1:19999 0.0.0.0:* users:(("netdata",pid=4105183,fd=7))
tcp LISTEN 0 4096 0.0.0.0:51583 0.0.0.0:* users:(("rpc.mountd",pid=1181,fd=5))
tcp LISTEN 0 4096 0.0.0.0:41341 0.0.0.0:* users:(("rpc.mountd",pid=1181,fd=9))
tcp LISTEN 0 4096 127.0.0.54:53 0.0.0.0:* users:(("systemd-resolve",pid=476,fd=20))
tcp LISTEN 0 4096 0.0.0.0:111 0.0.0.0:* users:(("rpcbind",pid=1164,fd=4),("systemd",pid=1,fd=118))
tcp LISTEN 0 128 0.0.0.0:22 0.0.0.0:* users:(("sshd",pid=803,fd=3))
tcp LISTEN 0 5 192.168.50.107:5357 0.0.0.0:* users:(("python3",pid=1177,fd=10))
tcp LISTEN 0 64 0.0.0.0:2049 0.0.0.0:*
tcp LISTEN 0 4096 127.0.0.53%lo:53 0.0.0.0:* users:(("systemd-resolve",pid=476,fd=18))
tcp LISTEN 0 4096 [::]:45291 [::]:* users:(("rpc.mountd",pid=1181,fd=11))
tcp LISTEN 0 4096 [::]:5355 [::]:* users:(("systemd-resolve",pid=476,fd=14))
tcp LISTEN 0 50 [::]:139 [::]:* users:(("smbd",pid=1214,fd=30))
tcp LISTEN 0 4096 [::1]:8125 [::]:* users:(("netdata",pid=4105183,fd=68))
tcp LISTEN 0 50 [::]:445 [::]:* users:(("smbd",pid=1214,fd=29))
tcp LISTEN 0 4096 [::]:59555 [::]:* users:(("rpc.mountd",pid=1181,fd=7))
tcp LISTEN 0 511 [::]:80 [::]:* users:(("nginx",pid=1189,fd=8),("nginx",pid=1188,fd=8),("nginx",pid=1187,fd=8),("nginx",pid=1186,fd=8),("nginx",pid=1185,fd=8))
tcp LISTEN 0 4096 [::]:36167 [::]:* users:(("rpc.mountd",pid=1181,fd=15))
tcp LISTEN 0 64 [::]:37743 [::]:*
tcp LISTEN 0 4096 [::]:111 [::]:* users:(("rpcbind",pid=1164,fd=6),("systemd",pid=1,fd=120))
tcp LISTEN 0 4096 *:7443 *:* users:(("orb",pid=722747,fd=14))
tcp LISTEN 0 128 [::]:22 [::]:* users:(("sshd",pid=803,fd=4))
tcp LISTEN 0 4096 [::]:47901 [::]:* users:(("rpc.statd",pid=1178,fd=11))
tcp LISTEN 0 64 [::]:2049 [::]:*
tcp LISTEN 0 4096 [::1]:19999 [::]:* users:(("netdata",pid=4105183,fd=6))
Inter-| Receive | Transmit
face |bytes packets errs drop fifo frame compressed multicast|bytes packets errs drop fifo colls carrier compressed
lo: 1074671336 1075230 0 0 0 0 0 0 1074671336 1075230 0 0 0 0 0 0
eth0: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
wlan0: 16128419591 113315528 0 1149234 0 0 0 8992541 332813345727 237897725 0 6 0 0 0 0
Interface: eth0
Speed: Unknown!
Duplex: Unknown! (255)
Link detected: no
Interface: wlan0
vnstat not installed
--- Firewall Status ---
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
[2025-08-22 22:37:43] [INFO] Running module: collect_container_info
==== CONTAINER INFORMATION ====
Docker not installed or not in PATH
[2025-08-22 22:37:43] [INFO] Running module: collect_software_info
==== SOFTWARE INFORMATION ====
--- Installed Packages ---
Installed Debian/Ubuntu packages:
Package list saved to packages_dpkg.txt (768 packages)
Available Security Updates:
--- Running Services ---
UNIT LOAD ACTIVE SUB DESCRIPTION
avahi-daemon.service loaded active running Avahi mDNS/DNS-SD Stack
bluetooth.service loaded active running Bluetooth service
chrony.service loaded active running chrony, an NTP client/server
cron.service loaded active running Regular background program processing daemon
dbus.service loaded active running D-Bus System Message Bus
getty@tty1.service loaded active running Getty on tty1
mdmonitor.service loaded active running MD array monitor
monit.service loaded active running LSB: service and resource monitoring daemon
netdata.service loaded active running netdata - Real-time performance monitoring
netplan-wpa-wlan0.service loaded active running WPA supplicant for netplan wlan0
nfs-idmapd.service loaded active running NFSv4 ID-name mapping service
nfs-mountd.service loaded active running NFS Mount Daemon
nfsdcld.service loaded active running NFSv4 Client Tracking Daemon
nginx.service loaded active running A high performance web server and a reverse proxy server
openmediavault-engined.service loaded active running The OpenMediaVault engine daemon that processes the RPC request
orb.service loaded active running Orb Sensor
php8.2-fpm.service loaded active running The PHP 8.2 FastCGI Process Manager
rpc-statd.service loaded active running NFS status monitor for NFSv2/3 locking.
rpcbind.service loaded active running RPC bind portmap service
rsyslog.service loaded active running System Logging Service
smbd.service loaded active running Samba SMB Daemon
ssh.service loaded active running OpenBSD Secure Shell server
systemd-journald.service loaded active running Journal Service
systemd-logind.service loaded active running User Login Management
systemd-networkd.service loaded active running Network Configuration
systemd-resolved.service loaded active running Network Name Resolution
systemd-udevd.service loaded active running Rule-based Manager for Device Events and Files
triggerhappy.service loaded active running triggerhappy global hotkey daemon
unattended-upgrades.service loaded active running Unattended Upgrades Shutdown
user@1000.service loaded active running User Manager for UID 1000
wpa_supplicant.service loaded active running WPA supplicant
wsdd.service loaded active running Web Services Dynamic Discovery host daemon
LOAD = Reflects whether the unit definition was properly loaded.
ACTIVE = The high-level unit activation state, i.e. generalization of SUB.
SUB = The low-level unit activation state, values depend on unit type.
32 loaded units listed.
UNIT FILE STATE PRESET
anacron.service enabled enabled
apparmor.service enabled enabled
avahi-daemon.service enabled enabled
blk-availability.service enabled enabled
bluetooth.service enabled enabled
chrony.service enabled enabled
console-setup.service enabled enabled
cron.service enabled enabled
dphys-swapfile.service enabled enabled
e2scrub_reap.service enabled enabled
fake-hwclock.service enabled enabled
folder2ram_shutdown.service enabled enabled
folder2ram_startup.service enabled enabled
getty@.service enabled enabled
hciuart.service enabled enabled
keyboard-setup.service enabled enabled
lvm2-monitor.service enabled enabled
mdadm-shutdown.service enabled enabled
netdata.service enabled enabled
nfs-server.service enabled enabled
nginx.service enabled enabled
openmediavault-beep-down.service enabled enabled
openmediavault-beep-up.service enabled enabled
openmediavault-cleanup-monit.service enabled enabled
openmediavault-cleanup-php.service enabled enabled
openmediavault-engined.service enabled enabled
openmediavault-issue.service enabled enabled
orb.service enabled enabled
php8.2-fpm.service enabled enabled
rpi-display-backlight.service enabled enabled
rpi-eeprom-update.service enabled enabled
rsyslog.service enabled enabled
samba-ad-dc.service enabled enabled
smartctl-hdparm.service enabled enabled
smbd.service enabled enabled
ssh.service enabled enabled
sshswitch.service enabled enabled
systemd-network-generator.service enabled enabled
systemd-networkd-wait-online.service enabled disabled
systemd-networkd.service enabled enabled
systemd-pstore.service enabled enabled
systemd-resolved.service enabled enabled
triggerhappy.service enabled enabled
unattended-upgrades.service enabled enabled
wpa_supplicant.service enabled enabled
wsdd.service enabled enabled
46 unit files listed.
--- Running Processes ---
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 247242 100 0.4 12740 4504 ? R 22:37 0:00 ps aux --sort=-%cpu
root 246954 9.7 2.6 38136 24464 ? S 22:37 0:00 /usr/bin/python3 /home/jon/.ansible/tmp/ansible-tmp-1755916660.7313373-1106145-205718655528146/AnsiballZ_command.py
openmed+ 246935 8.1 1.6 213376 15180 ? S 22:37 0:00 php-fpm: pool openmediavault-webgui
netdata 4105435 3.3 0.9 134868 8960 ? SNl Aug21 72:05 /usr/lib/netdata/plugins.d/apps.plugin 1
orb 722747 3.0 4.9 2871256 46036 ? Ssl Jul29 1091:48 /usr/bin/orb sensor
jon 246599 1.7 1.0 19776 9912 ? Ss 22:37 0:00 /lib/systemd/systemd --user
netdata 4105183 1.4 1.7 413300 16368 ? SNsl Aug21 30:55 /usr/sbin/netdata -D
root 247018 1.3 0.3 7856 3356 ? S 22:37 0:00 bash /tmp/linux_system_audit.sh
jon 246621 0.8 0.8 20952 7540 ? S 22:37 0:00 sshd: jon@notty
root 207 0.6 0.0 0 0 ? S Jul23 298:46 [md0_raid1]
root 89 0.4 0.0 0 0 ? I< Jul23 194:40 [kworker/u21:0-brcmf_wq/mmc1:0001:1]
root 246595 0.3 1.0 20132 10092 ? Ss 22:37 0:00 sshd: jon [priv]
netdata 237753 0.3 0.3 4060 2832 ? SN 21:55 0:08 bash /usr/lib/netdata/plugins.d/tc-qos-helper.sh 1
root 1088 0.1 0.3 19016 3412 ? Sl Jul23 79:54 /usr/bin/monit -c /etc/monit/monitrc
root 246953 0.1 2.0 38188 18888 ? S 22:37 0:00 /usr/bin/python3 /home/jon/.ansible/tmp/ansible-tmp-1755916660.7313373-1106145-205718655528146/async_wrapper.py j259876869854 1800 /home/jon/.ansible/tmp/ansible-tmp-1755916660.7313373-1106145-205718655528146/AnsiballZ_command.py _
root 57 0.1 0.0 0 0 ? I< Jul23 64:20 [kworker/1:1H-kblockd]
root 245488 0.1 0.0 0 0 ? I 22:33 0:00 [kworker/0:1-events]
root 1733407 0.1 0.0 0 0 ? I< Aug03 35:12 [kworker/3:0H-kblockd]
avahi 572 0.1 0.3 8612 3360 ? Ss Jul23 49:06 avahi-daemon: running [raspberrypi.local]
systemd-+-agetty
|-avahi-daemon---avahi-daemon
|-bluetoothd
|-chronyd---chronyd
|-cron
|-dbus-daemon
|-mdadm
|-monit-+-mountpoint
| `-{monit}
|-netdata-+-apps.plugin---{apps.plugin}
| |-bash
| |-netdata---{netdata}
| |-nfacct.plugin
| `-42*[{netdata}]
|-nfsdcld
|-nginx---4*[nginx]
|-omv-engined
|-orb---22*[{orb}]
|-php-fpm8.2---3*[php-fpm8.2]
|-python3---python3---python3---bash-+-pstree
| `-tee
|-python3
|-rpc.idmapd
|-rpc.mountd
|-rpc.statd
|-rpcbind
|-rsyslogd---3*[{rsyslogd}]
|-smbd-+-cleanupd
| `-smbd-notifyd
|-sshd---sshd---sshd
|-systemd---(sd-pam)
|-systemd-journal
|-systemd-logind
|-systemd-network
|-systemd-resolve
|-systemd-udevd
|-thd
|-unattended-upgr
`-2*[wpa_supplicant]
[2025-08-22 22:37:48] [INFO] Running module: collect_security_info
==== SECURITY ASSESSMENT ====
--- User Accounts ---
root:x:0:0:root:/root:/bin/bash
jon:x:1000:1000:,,,:/home/jon:/bin/bash
orb:x:991:985::/home/orb:/bin/bash
netdata:x:990:984::/var/lib/netdata:/bin/bash
root
sudo:x:27:jon
jon pts/0 192.168.50.225 Fri Aug 22 22:37 - 22:37 (00:00)
jon pts/0 192.168.50.225 Fri Aug 22 22:37 - 22:37 (00:00)
jon pts/0 192.168.50.225 Fri Aug 22 22:37 - 22:37 (00:00)
jon pts/0 192.168.50.225 Fri Aug 22 22:37 - 22:37 (00:00)
jon pts/0 192.168.50.225 Fri Aug 22 22:37 - 22:37 (00:00)
jon pts/0 192.168.50.225 Fri Aug 22 22:37 - 22:37 (00:00)
jon pts/0 192.168.50.225 Fri Aug 22 22:37 - 22:37 (00:00)
jon pts/0 192.168.50.225 Fri Aug 22 22:37 - 22:37 (00:00)
jon pts/0 192.168.50.225 Fri Aug 22 22:37 - 22:37 (00:00)
jon pts/0 192.168.50.225 Fri Aug 22 22:36 - 22:36 (00:00)
wtmp begins Wed Jul 23 19:17:15 2025
--- SSH Configuration ---
Protocol 2
Port 22
PermitRootLogin yes
PasswordAuthentication yes
PubkeyAuthentication yes
--- File Permissions and SUID ---
/etc/collectd/collectd.conf.d/load.conf
/etc/collectd/collectd.conf.d/uptime.conf
/etc/collectd/collectd.conf.d/cpu.conf
/etc/collectd/collectd.conf.d/memory.conf
/etc/collectd/collectd.conf.d/rrdcached.conf
/etc/collectd/collectd.conf.d/df.conf
/etc/collectd/collectd.conf.d/interface.conf
/etc/collectd/collectd.conf.d/unixsock.conf
/etc/collectd/collectd.conf.d/syslog.conf
/srv/pillar/omv/tasks.sls
/var/lib/openmediavault/workbench/localstorage.d/admin
/var/lib/openmediavault/fstab_tasks.json
/var/lib/openmediavault/dirtymodules.json
/var/cache/openmediavault/archives/Packages
/usr/lib/dbus-1.0/dbus-daemon-launch-helper
/usr/lib/polkit-1/polkit-agent-helper-1
/usr/lib/openssh/ssh-keysign
/usr/sbin/postdrop
/usr/sbin/unix_chkpwd
/usr/sbin/mount.cifs
/usr/sbin/postqueue
/usr/sbin/mount.nfs
/usr/sbin/postlog
/usr/bin/gpasswd
/usr/bin/expiry
/usr/bin/pkexec
/usr/bin/fusermount3
/usr/bin/mount
/usr/bin/crontab
/usr/bin/chsh
/usr/bin/ping
/usr/bin/sudo
/usr/bin/su
/usr/bin/umount
/usr/bin/dotlockfile
/usr/bin/ntfs-3g
/usr/bin/passwd
/usr/bin/newgrp
/usr/bin/chfn
/usr/bin/ssh-agent
/usr/bin/chage
WARNING: Potentially dangerous SUID binary found: /bin/su
WARNING: Potentially dangerous SUID binary found: /usr/bin/sudo
WARNING: Potentially dangerous SUID binary found: /usr/bin/passwd
WARNING: Potentially dangerous SUID binary found: /usr/bin/chfn
WARNING: Potentially dangerous SUID binary found: /usr/bin/chsh
WARNING: Potentially dangerous SUID binary found: /usr/bin/gpasswd
WARNING: Potentially dangerous SUID binary found: /usr/bin/newgrp
WARNING: Potentially dangerous SUID binary found: /usr/bin/mount
WARNING: Potentially dangerous SUID binary found: /usr/bin/umount
WARNING: Potentially dangerous SUID binary found: /usr/bin/ping
WARNING: Potentially dangerous SUID binary found: /usr/bin/ping6
/run/lock
/srv/dev-disk-by-uuid-f6f44123-cf98-4252-9603-b7a3cd9dc285
/srv/dev-disk-by-uuid-e91c5052-8b74-4125-9d94-9ec465032240/t410_backup
/srv/dev-disk-by-uuid-e91c5052-8b74-4125-9d94-9ec465032240/audrey_backup
/srv/dev-disk-by-uuid-e91c5052-8b74-4125-9d94-9ec465032240/jonathan_backup
/srv/dev-disk-by-uuid-e91c5052-8b74-4125-9d94-9ec465032240/t420_backup
/srv/dev-disk-by-uuid-e91c5052-8b74-4125-9d94-9ec465032240/surface_backup
/srv/dev-disk-by-uuid-e91c5052-8b74-4125-9d94-9ec465032240/omv800_backup
/var/lib/php/sessions
/var/cache/salt/minion/roots/hash/base/omv/deploy/monit
--- Cron Jobs ---
total 40
drwxr-xr-x 2 root root 4096 Jun 1 15:23 .
drwxr-xr-x 111 root root 12288 Aug 21 08:45 ..
-rw-r--r-- 1 root root 102 Mar 2 2023 .placeholder
-rw-r--r-- 1 root root 285 Jan 10 2023 anacron
-rw-r--r-- 1 root root 202 Mar 4 2023 e2scrub_all
-rw-r--r-- 1 root root 589 Feb 24 2023 mdadm
-rw-r--r-- 1 root root 674 Jun 1 15:23 openmediavault-borgbackup
-rw-r--r-- 1 root root 712 Jul 13 2022 php
# /etc/crontab: system-wide crontab
# Unlike any other crontab you don't have to run the `crontab'
# command to install the new version when you edit this file
# and files in /etc/cron.d. These files also have username fields,
# that none of the other crontabs do.
SHELL=/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
# Example of job definition:
# .---------------- minute (0 - 59)
# | .------------- hour (0 - 23)
# | | .---------- day of month (1 - 31)
# | | | .------- month (1 - 12) OR jan,feb,mar,apr ...
# | | | | .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat
# | | | | |
# * * * * * user-name command to be executed
17 * * * * root cd / && run-parts --report /etc/cron.hourly
25 6 * * * root test -x /usr/sbin/anacron || { cd / && run-parts --report /etc/cron.daily; }
47 6 * * 7 root test -x /usr/sbin/anacron || { cd / && run-parts --report /etc/cron.weekly; }
52 6 1 * * root test -x /usr/sbin/anacron || { cd / && run-parts --report /etc/cron.monthly; }
#
--- Shell History ---
Analyzing: /home/jon/.bash_history
WARNING: Pattern 'token' found in /home/jon/.bash_history
--- Tailscale Configuration ---
Tailscale not installed
[2025-08-22 22:37:59] [INFO] Running module: run_vulnerability_scan
==== VULNERABILITY ASSESSMENT ====
--- Kernel Vulnerabilities ---
6.12.34+rpt-rpi-v8
Current kernel: 6.12.34+rpt-rpi-v8
Kernel major version: 6
Kernel minor version: 12
Risk Level: LOW
Assessment: Kernel version is recent and likely secure
Kernel Security Features:
ASLR (Address Space Layout Randomization): ENABLED
WARNING: Dmesg restriction is disabled
--- Open Ports Security Check ---
Port 53 (DNS) - Ensure properly configured
Port 80 (HTTP) - Consider HTTPS
Port 139 (SMB/NetBIOS) - Potentially risky
Port 445 (SMB/NetBIOS) - Potentially risky
[2025-08-22 22:37:59] [INFO] Running module: collect_env_info
==== ENVIRONMENT AND CONFIGURATION ====
--- Environment Variables ---
SHELL=/bin/bash
HOME=/root
LANG=en_US.UTF-8
USER=root
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
--- Mount Points ---
sysfs on /sys type sysfs (rw,nosuid,nodev,noexec,relatime)
proc on /proc type proc (rw,relatime)
udev on /dev type devtmpfs (rw,nosuid,relatime,size=192068k,nr_inodes=48017,mode=755)
devpts on /dev/pts type devpts (rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000)
tmpfs on /run type tmpfs (rw,nosuid,nodev,noexec,relatime,size=185720k,mode=755)
/dev/mmcblk0p2 on / type ext4 (rw,noatime,nodiratime)
securityfs on /sys/kernel/security type securityfs (rw,nosuid,nodev,noexec,relatime)
tmpfs on /dev/shm type tmpfs (rw,nosuid,nodev)
tmpfs on /run/lock type tmpfs (rw,nosuid,nodev,noexec,relatime,size=5120k)
cgroup2 on /sys/fs/cgroup type cgroup2 (rw,nosuid,nodev,noexec,relatime,nsdelegate,memory_recursiveprot)
pstore on /sys/fs/pstore type pstore (rw,nosuid,nodev,noexec,relatime)
bpf on /sys/fs/bpf type bpf (rw,nosuid,nodev,noexec,relatime,mode=700)
systemd-1 on /proc/sys/fs/binfmt_misc type autofs (rw,relatime,fd=31,pgrp=1,timeout=0,minproto=5,maxproto=5,direct,pipe_ino=6160)
debugfs on /sys/kernel/debug type debugfs (rw,nosuid,nodev,noexec,relatime)
mqueue on /dev/mqueue type mqueue (rw,nosuid,nodev,noexec,relatime)
tracefs on /sys/kernel/tracing type tracefs (rw,nosuid,nodev,noexec,relatime)
nfsd on /proc/fs/nfsd type nfsd (rw,relatime)
fusectl on /sys/fs/fuse/connections type fusectl (rw,nosuid,nodev,noexec,relatime)
configfs on /sys/kernel/config type configfs (rw,nosuid,nodev,noexec,relatime)
ramfs on /run/credentials/systemd-sysctl.service type ramfs (ro,nosuid,nodev,noexec,relatime,mode=700)
ramfs on /run/credentials/systemd-sysusers.service type ramfs (ro,nosuid,nodev,noexec,relatime,mode=700)
ramfs on /run/credentials/systemd-tmpfiles-setup-dev.service type ramfs (ro,nosuid,nodev,noexec,relatime,mode=700)
tmpfs on /tmp type tmpfs (rw,relatime)
/dev/mmcblk0p1 on /boot/firmware type vfat (rw,relatime,fmask=0022,dmask=0022,codepage=437,iocharset=ascii,shortname=mixed,errors=remount-ro)
ramfs on /run/credentials/systemd-tmpfiles-setup.service type ramfs (ro,nosuid,nodev,noexec,relatime,mode=700)
binfmt_misc on /proc/sys/fs/binfmt_misc type binfmt_misc (rw,nosuid,nodev,noexec,relatime)
sunrpc on /run/rpc_pipefs type rpc_pipefs (rw,relatime)
/dev/mmcblk0p2 on /var/folder2ram/var/log type ext4 (rw,noatime,nodiratime)
folder2ram on /var/log type tmpfs (rw,relatime)
/dev/mmcblk0p2 on /var/folder2ram/var/tmp type ext4 (rw,noatime,nodiratime)
folder2ram on /var/tmp type tmpfs (rw,relatime)
/dev/mmcblk0p2 on /var/folder2ram/var/lib/openmediavault/rrd type ext4 (rw,noatime,nodiratime)
folder2ram on /var/lib/openmediavault/rrd type tmpfs (rw,relatime)
/dev/mmcblk0p2 on /var/folder2ram/var/spool type ext4 (rw,noatime,nodiratime)
folder2ram on /var/spool type tmpfs (rw,relatime)
/dev/mmcblk0p2 on /var/folder2ram/var/lib/rrdcached type ext4 (rw,noatime,nodiratime)
folder2ram on /var/lib/rrdcached type tmpfs (rw,relatime)
/dev/mmcblk0p2 on /var/folder2ram/var/lib/monit type ext4 (rw,noatime,nodiratime)
folder2ram on /var/lib/monit type tmpfs (rw,relatime)
/dev/mmcblk0p2 on /var/folder2ram/var/cache/samba type ext4 (rw,noatime,nodiratime)
folder2ram on /var/cache/samba type tmpfs (rw,relatime)
/dev/md0 on /srv/dev-disk-by-uuid-e91c5052-8b74-4125-9d94-9ec465032240 type ext4 (rw,relatime,quota,usrquota,grpquota)
/dev/md0 on /export/audrey_backup type ext4 (rw,relatime,quota,usrquota,grpquota)
/dev/md0 on /export/jonathan_backup type ext4 (rw,relatime,quota,usrquota,grpquota)
/dev/md0 on /export/omv800_backup type ext4 (rw,relatime,quota,usrquota,grpquota)
/dev/md0 on /export/surface_backup type ext4 (rw,relatime,quota,usrquota,grpquota)
/dev/md0 on /export/t410_backup type ext4 (rw,relatime,quota,usrquota,grpquota)
/dev/md0 on /export/t420_backup type ext4 (rw,relatime,quota,usrquota,grpquota)
tracefs on /sys/kernel/debug/tracing type tracefs (rw,nosuid,nodev,noexec,relatime)
tmpfs on /run/user/1000 type tmpfs (rw,nosuid,nodev,relatime,size=92856k,nr_inodes=23214,mode=700,uid=1000,gid=1000)
Filesystem Size Used Avail Use% Mounted on
udev 188M 0 188M 0% /dev
tmpfs 182M 20M 163M 11% /run
/dev/mmcblk0p2 28G 2.9G 24G 11% /
tmpfs 454M 252K 454M 1% /dev/shm
tmpfs 5.0M 16K 5.0M 1% /run/lock
tmpfs 454M 2.2M 452M 1% /tmp
/dev/mmcblk0p1 510M 72M 439M 15% /boot/firmware
folder2ram 454M 3.2M 451M 1% /var/log
folder2ram 454M 0 454M 0% /var/tmp
folder2ram 454M 268K 454M 1% /var/lib/openmediavault/rrd
folder2ram 454M 3.8M 450M 1% /var/spool
folder2ram 454M 12M 443M 3% /var/lib/rrdcached
folder2ram 454M 4.0K 454M 1% /var/lib/monit
folder2ram 454M 16K 454M 1% /var/cache/samba
/dev/md0 7.3T 306G 7.0T 5% /srv/dev-disk-by-uuid-e91c5052-8b74-4125-9d94-9ec465032240
tmpfs 91M 0 91M 0% /run/user/1000
--- System Limits ---
real-time non-blocking time (microseconds, -R) unlimited
core file size (blocks, -c) 0
data seg size (kbytes, -d) unlimited
scheduling priority (-e) 0
file size (blocks, -f) unlimited
pending signals (-i) 1500
max locked memory (kbytes, -l) 116072
max memory size (kbytes, -m) unlimited
open files (-n) 1024
pipe size (512 bytes, -p) 8
POSIX message queues (bytes, -q) 819200
real-time priority (-r) 0
stack size (kbytes, -s) 8192
cpu time (seconds, -t) unlimited
max user processes (-u) 1500
virtual memory (kbytes, -v) unlimited
file locks (-x) unlimited
[2025-08-22 22:37:59] [INFO] Generating JSON summary
==== GENERATING SUMMARY ====
[2025-08-22 22:37:59] [Generating JSON summary...]
ERROR: Failed to generate JSON summary.
[2025-08-22 22:37:59] [WARN] JSON summary generation failed, but continuing...
==== AUDIT COMPLETE ====
[2025-08-22 22:37:59] [INFO] Audit completed successfully in 17 seconds
[2025-08-22 22:37:59] [INFO] Results available in: /tmp/system_audit_raspberrypi_20250822_223742
[2025-08-22 22:37:59] [INFO] Enhanced summary created: /tmp/system_audit_raspberrypi_20250822_223742/SUMMARY.txt
[2025-08-22 22:37:59] [INFO] Compressing audit results...
[2025-08-22 22:37:42] [INFO] Output directory: /tmp/system_audit_raspberrypi_20250822_223742
[2025-08-22 22:37:42] [INFO] Script version: 2.0
[2025-08-22 22:37:42] [INFO] Validating environment and dependencies...
[2025-08-22 22:37:42] [WARN] Optional tool not found: docker
[2025-08-22 22:37:42] [WARN] Optional tool not found: podman
[2025-08-22 22:37:42] [WARN] Optional tool not found: vnstat
[2025-08-22 22:37:42] [INFO] Environment validation completed
[2025-08-22 22:37:42] [INFO] Running with root privileges
[2025-08-22 22:37:42] [INFO] Running module: collect_system_info
==== SYSTEM INFORMATION ====
--- Basic System Details ---
Hostname: raspberrypi
FQDN: raspberrypi
IP Addresses: 192.168.50.107
Date/Time: Fri Aug 22 22:37:42 EDT 2025
Uptime: 22:37:42 up 30 days, 2:48, 0 user, load average: 0.45, 0.44, 0.35
Load Average: 0.45 0.44 0.35 3/295 247067
Architecture: aarch64
Kernel: 6.12.34+rpt-rpi-v8
Distribution: Debian GNU/Linux 12 (bookworm)
Kernel Version: #1 SMP PREEMPT Debian 1:6.12.34-1+rpt1~bookworm (2025-06-26)
--- Hardware Information ---
Architecture: aarch64
CPU op-mode(s): 32-bit, 64-bit
Byte Order: Little Endian
CPU(s): 4
On-line CPU(s) list: 0-3
Vendor ID: ARM
Model name: Cortex-A72
Model: 3
Thread(s) per core: 1
Core(s) per cluster: 4
Socket(s): -
Cluster(s): 1
Stepping: r0p3
CPU(s) scaling MHz: 100%
CPU max MHz: 1800.0000
CPU min MHz: 600.0000
BogoMIPS: 108.00
Flags: fp asimd evtstrm crc32 cpuid
L1d cache: 128 KiB (4 instances)
L1i cache: 192 KiB (4 instances)
L2 cache: 1 MiB (1 instance)
NUMA node(s): 1
NUMA node0 CPU(s): 0-3
Vulnerability Gather data sampling: Not affected
Vulnerability Indirect target selection: Not affected
Vulnerability Itlb multihit: Not affected
Vulnerability L1tf: Not affected
Vulnerability Mds: Not affected
Vulnerability Meltdown: Not affected
Vulnerability Mmio stale data: Not affected
Vulnerability Reg file data sampling: Not affected
Vulnerability Retbleed: Not affected
Vulnerability Spec rstack overflow: Not affected
Vulnerability Spec store bypass: Vulnerable
Vulnerability Spectre v1: Mitigation; __user pointer sanitization
Vulnerability Spectre v2: Vulnerable
Vulnerability Srbds: Not affected
Vulnerability Tsx async abort: Not affected
total used free shared buff/cache available
Mem: 906Mi 321Mi 233Mi 7.0Mi 422Mi 584Mi
Swap: 511Mi 110Mi 401Mi
Filesystem Size Used Avail Use% Mounted on
udev 188M 0 188M 0% /dev
tmpfs 182M 20M 163M 11% /run
/dev/mmcblk0p2 28G 2.9G 24G 11% /
tmpfs 454M 252K 454M 1% /dev/shm
tmpfs 5.0M 16K 5.0M 1% /run/lock
tmpfs 454M 2.0M 452M 1% /tmp
/dev/mmcblk0p1 510M 72M 439M 15% /boot/firmware
folder2ram 454M 3.2M 451M 1% /var/log
folder2ram 454M 0 454M 0% /var/tmp
folder2ram 454M 268K 454M 1% /var/lib/openmediavault/rrd
folder2ram 454M 3.8M 450M 1% /var/spool
folder2ram 454M 12M 443M 3% /var/lib/rrdcached
folder2ram 454M 4.0K 454M 1% /var/lib/monit
folder2ram 454M 16K 454M 1% /var/cache/samba
/dev/md0 7.3T 306G 7.0T 5% /srv/dev-disk-by-uuid-e91c5052-8b74-4125-9d94-9ec465032240
tmpfs 91M 0 91M 0% /run/user/1000
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS
sda 8:0 0 7.3T 0 disk
└─md0 9:0 0 7.3T 0 raid1 /export/t420_backup
/export/t410_backup
/export/surface_backup
/export/omv800_backup
/export/jonathan_backup
/export/audrey_backup
/srv/dev-disk-by-uuid-e91c5052-8b74-4125-9d94-9ec465032240
sdb 8:16 0 7.3T 0 disk
└─md0 9:0 0 7.3T 0 raid1 /export/t420_backup
/export/t410_backup
/export/surface_backup
/export/omv800_backup
/export/jonathan_backup
/export/audrey_backup
/srv/dev-disk-by-uuid-e91c5052-8b74-4125-9d94-9ec465032240
mmcblk0 179:0 0 28.9G 0 disk
├─mmcblk0p1 179:1 0 512M 0 part /boot/firmware
└─mmcblk0p2 179:2 0 28.4G 0 part /var/folder2ram/var/cache/samba
/var/folder2ram/var/lib/monit
/var/folder2ram/var/lib/rrdcached
/var/folder2ram/var/spool
/var/folder2ram/var/lib/openmediavault/rrd
/var/folder2ram/var/tmp
/var/folder2ram/var/log
/
00:00.0 PCI bridge: Broadcom Inc. and subsidiaries BCM2711 PCIe Bridge (rev 20)
01:00.0 USB controller: VIA Technologies, Inc. VL805/806 xHCI USB 3.0 Controller (rev 01)
Bus 002 Device 002: ID 174c:55aa ASMedia Technology Inc. ASM1051E SATA 6Gb/s bridge, ASM1053E SATA 6Gb/s bridge, ASM1153 SATA 3Gb/s bridge, ASM1153E SATA 6Gb/s bridge
Bus 002 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
Bus 001 Device 002: ID 2109:3431 VIA Labs, Inc. Hub
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
[2025-08-22 22:37:43] [INFO] Running module: collect_network_info
==== NETWORK INFORMATION ====
--- Network Interfaces ---
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host noprefixroute
valid_lft forever preferred_lft forever
2: eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc mq state DOWN group default qlen 1000
link/ether 2c:cf:67:04:6a:3f brd ff:ff:ff:ff:ff:ff
3: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 2c:cf:67:04:6a:42 brd ff:ff:ff:ff:ff:ff
inet 192.168.50.107/24 brd 192.168.50.255 scope global wlan0
valid_lft forever preferred_lft forever
default via 192.168.50.1 dev wlan0 proto static
192.168.50.0/24 dev wlan0 proto kernel scope link src 192.168.50.107
# This is /run/systemd/resolve/stub-resolv.conf managed by man:systemd-resolved(8).
# Do not edit.
#
# This file might be symlinked as /etc/resolv.conf. If you're looking at
# /etc/resolv.conf and seeing this text, you have followed the symlink.
#
# This is a dynamic resolv.conf file for connecting local clients to the
# internal DNS stub resolver of systemd-resolved. This file lists all
# configured search domains.
#
# Run "resolvectl status" to see details about the uplink DNS servers
# currently in use.
#
# Third party programs should typically not access this file directly, but only
# through the symlink at /etc/resolv.conf. To manage man:resolv.conf(5) in a
# different way, replace this symlink by a static file or a different symlink.
#
# See man:systemd-resolved.service(8) for details about the supported modes of
# operation for /etc/resolv.conf.
nameserver 127.0.0.53
options edns0 trust-ad
search .
Netid State Recv-Q Send-Q Local Address:Port Peer Address:PortProcess
udp UNCONN 0 0 127.0.0.1:8125 0.0.0.0:*
udp UNCONN 0 0 0.0.0.0:54984 0.0.0.0:*
udp UNCONN 0 0 0.0.0.0:5353 0.0.0.0:*
udp UNCONN 0 0 0.0.0.0:58857 0.0.0.0:*
udp UNCONN 0 0 0.0.0.0:5353 0.0.0.0:*
udp UNCONN 0 0 0.0.0.0:5355 0.0.0.0:*
udp UNCONN 0 0 0.0.0.0:2049 0.0.0.0:*
udp UNCONN 0 0 0.0.0.0:55044 0.0.0.0:*
udp UNCONN 0 0 127.0.0.54:53 0.0.0.0:*
udp UNCONN 0 0 127.0.0.53:53 0.0.0.0:*
udp UNCONN 0 0 0.0.0.0:56632 0.0.0.0:*
udp UNCONN 0 0 0.0.0.0:60474 0.0.0.0:*
udp UNCONN 0 0 127.0.0.1:323 0.0.0.0:*
udp UNCONN 0 0 0.0.0.0:111 0.0.0.0:*
udp UNCONN 0 0 192.168.50.107:3702 0.0.0.0:*
udp UNCONN 0 0 239.255.255.250:3702 0.0.0.0:*
udp UNCONN 0 0 0.0.0.0:34941 0.0.0.0:*
udp UNCONN 0 0 127.0.0.1:930 0.0.0.0:*
udp UNCONN 0 0 0.0.0.0:55212 0.0.0.0:*
udp UNCONN 0 0 [::1]:8125 *:*
udp UNCONN 0 0 *:48359 *:*
udp UNCONN 0 0 *:5353 *:*
udp UNCONN 0 0 *:5353 *:*
udp UNCONN 0 0 *:5355 *:*
udp UNCONN 0 0 *:58368 *:*
udp UNCONN 0 0 *:2049 *:*
udp UNCONN 0 0 *:56067 *:*
udp UNCONN 0 0 *:46604 *:*
udp UNCONN 0 0 *:7443 *:*
udp UNCONN 0 0 *:50974 *:*
udp UNCONN 0 0 *:40746 *:*
udp UNCONN 0 0 [::1]:323 *:*
udp UNCONN 0 0 *:35143 *:*
udp UNCONN 0 0 *:37991 *:*
udp UNCONN 0 0 *:111 *:*
udp UNCONN 0 0 *:43932 *:*
tcp LISTEN 0 4096 127.0.0.1:8125 0.0.0.0:*
tcp LISTEN 0 4096 0.0.0.0:40953 0.0.0.0:*
tcp LISTEN 0 4096 0.0.0.0:5355 0.0.0.0:*
tcp LISTEN 0 50 0.0.0.0:139 0.0.0.0:*
tcp LISTEN 0 4096 0.0.0.0:59533 0.0.0.0:*
tcp LISTEN 0 50 0.0.0.0:445 0.0.0.0:*
tcp LISTEN 0 511 0.0.0.0:80 0.0.0.0:*
tcp LISTEN 0 64 0.0.0.0:42055 0.0.0.0:*
tcp LISTEN 0 4096 127.0.0.1:19999 0.0.0.0:*
tcp LISTEN 0 4096 0.0.0.0:51583 0.0.0.0:*
tcp LISTEN 0 4096 0.0.0.0:41341 0.0.0.0:*
tcp LISTEN 0 4096 127.0.0.54:53 0.0.0.0:*
tcp LISTEN 0 4096 0.0.0.0:111 0.0.0.0:*
tcp LISTEN 0 128 0.0.0.0:22 0.0.0.0:*
tcp LISTEN 0 5 192.168.50.107:5357 0.0.0.0:*
tcp LISTEN 0 64 0.0.0.0:2049 0.0.0.0:*
tcp LISTEN 0 4096 127.0.0.53%lo:53 0.0.0.0:*
tcp LISTEN 0 4096 [::]:45291 [::]:*
tcp LISTEN 0 4096 [::]:5355 [::]:*
tcp LISTEN 0 50 [::]:139 [::]:*
tcp LISTEN 0 4096 [::1]:8125 [::]:*
tcp LISTEN 0 50 [::]:445 [::]:*
tcp LISTEN 0 4096 [::]:59555 [::]:*
tcp LISTEN 0 511 [::]:80 [::]:*
tcp LISTEN 0 4096 [::]:36167 [::]:*
tcp LISTEN 0 64 [::]:37743 [::]:*
tcp LISTEN 0 4096 [::]:111 [::]:*
tcp LISTEN 0 4096 *:7443 *:*
tcp LISTEN 0 128 [::]:22 [::]:*
tcp LISTEN 0 4096 [::]:47901 [::]:*
tcp LISTEN 0 64 [::]:2049 [::]:*
tcp LISTEN 0 4096 [::1]:19999 [::]:*
Netid State Recv-Q Send-Q Local Address:Port Peer Address:PortProcess
udp UNCONN 0 0 127.0.0.1:8125 0.0.0.0:* users:(("netdata",pid=4105183,fd=54))
udp UNCONN 0 0 0.0.0.0:54984 0.0.0.0:* users:(("rpc.mountd",pid=1181,fd=4))
udp UNCONN 0 0 0.0.0.0:5353 0.0.0.0:* users:(("orb",pid=722747,fd=8))
udp UNCONN 0 0 0.0.0.0:58857 0.0.0.0:* users:(("rpc.mountd",pid=1181,fd=8))
udp UNCONN 0 0 0.0.0.0:5353 0.0.0.0:* users:(("avahi-daemon",pid=572,fd=12))
udp UNCONN 0 0 0.0.0.0:5355 0.0.0.0:* users:(("systemd-resolve",pid=476,fd=11))
udp UNCONN 0 0 0.0.0.0:2049 0.0.0.0:*
udp UNCONN 0 0 0.0.0.0:55044 0.0.0.0:*
udp UNCONN 0 0 127.0.0.54:53 0.0.0.0:* users:(("systemd-resolve",pid=476,fd=19))
udp UNCONN 0 0 127.0.0.53:53 0.0.0.0:* users:(("systemd-resolve",pid=476,fd=17))
udp UNCONN 0 0 0.0.0.0:56632 0.0.0.0:* users:(("rpc.mountd",pid=1181,fd=12))
udp UNCONN 0 0 0.0.0.0:60474 0.0.0.0:* users:(("rpc.statd",pid=1178,fd=8))
udp UNCONN 0 0 127.0.0.1:323 0.0.0.0:* users:(("chronyd",pid=828,fd=5))
udp UNCONN 0 0 0.0.0.0:111 0.0.0.0:* users:(("rpcbind",pid=1164,fd=5),("systemd",pid=1,fd=119))
udp UNCONN 0 0 192.168.50.107:3702 0.0.0.0:* users:(("python3",pid=1177,fd=9))
udp UNCONN 0 0 239.255.255.250:3702 0.0.0.0:* users:(("python3",pid=1177,fd=7))
udp UNCONN 0 0 0.0.0.0:34941 0.0.0.0:* users:(("avahi-daemon",pid=572,fd=14))
udp UNCONN 0 0 127.0.0.1:930 0.0.0.0:* users:(("rpc.statd",pid=1178,fd=5))
udp UNCONN 0 0 0.0.0.0:55212 0.0.0.0:* users:(("python3",pid=1177,fd=8))
udp UNCONN 0 0 [::1]:8125 *:* users:(("netdata",pid=4105183,fd=41))
udp UNCONN 0 0 *:48359 *:* users:(("rpc.mountd",pid=1181,fd=6))
udp UNCONN 0 0 *:5353 *:* users:(("orb",pid=722747,fd=12))
udp UNCONN 0 0 *:5353 *:* users:(("avahi-daemon",pid=572,fd=13))
udp UNCONN 0 0 *:5355 *:* users:(("systemd-resolve",pid=476,fd=13))
udp UNCONN 0 0 *:58368 *:* users:(("orb",pid=722747,fd=26))
udp UNCONN 0 0 *:2049 *:*
udp UNCONN 0 0 *:56067 *:* users:(("orb",pid=722747,fd=17))
udp UNCONN 0 0 *:46604 *:* users:(("orb",pid=722747,fd=20))
udp UNCONN 0 0 *:7443 *:* users:(("orb",pid=722747,fd=11))
udp UNCONN 0 0 *:50974 *:* users:(("rpc.mountd",pid=1181,fd=14))
udp UNCONN 0 0 *:40746 *:*
udp UNCONN 0 0 [::1]:323 *:* users:(("chronyd",pid=828,fd=6))
udp UNCONN 0 0 *:35143 *:* users:(("rpc.statd",pid=1178,fd=10))
udp UNCONN 0 0 *:37991 *:* users:(("rpc.mountd",pid=1181,fd=10))
udp UNCONN 0 0 *:111 *:* users:(("rpcbind",pid=1164,fd=7),("systemd",pid=1,fd=121))
udp UNCONN 0 0 *:43932 *:* users:(("avahi-daemon",pid=572,fd=15))
tcp LISTEN 0 4096 127.0.0.1:8125 0.0.0.0:* users:(("netdata",pid=4105183,fd=69))
tcp LISTEN 0 4096 0.0.0.0:40953 0.0.0.0:* users:(("rpc.mountd",pid=1181,fd=13))
tcp LISTEN 0 4096 0.0.0.0:5355 0.0.0.0:* users:(("systemd-resolve",pid=476,fd=12))
tcp LISTEN 0 50 0.0.0.0:139 0.0.0.0:* users:(("smbd",pid=1214,fd=32))
tcp LISTEN 0 4096 0.0.0.0:59533 0.0.0.0:* users:(("rpc.statd",pid=1178,fd=9))
tcp LISTEN 0 50 0.0.0.0:445 0.0.0.0:* users:(("smbd",pid=1214,fd=31))
tcp LISTEN 0 511 0.0.0.0:80 0.0.0.0:* users:(("nginx",pid=1189,fd=7),("nginx",pid=1188,fd=7),("nginx",pid=1187,fd=7),("nginx",pid=1186,fd=7),("nginx",pid=1185,fd=7))
tcp LISTEN 0 64 0.0.0.0:42055 0.0.0.0:*
tcp LISTEN 0 4096 127.0.0.1:19999 0.0.0.0:* users:(("netdata",pid=4105183,fd=7))
tcp LISTEN 0 4096 0.0.0.0:51583 0.0.0.0:* users:(("rpc.mountd",pid=1181,fd=5))
tcp LISTEN 0 4096 0.0.0.0:41341 0.0.0.0:* users:(("rpc.mountd",pid=1181,fd=9))
tcp LISTEN 0 4096 127.0.0.54:53 0.0.0.0:* users:(("systemd-resolve",pid=476,fd=20))
tcp LISTEN 0 4096 0.0.0.0:111 0.0.0.0:* users:(("rpcbind",pid=1164,fd=4),("systemd",pid=1,fd=118))
tcp LISTEN 0 128 0.0.0.0:22 0.0.0.0:* users:(("sshd",pid=803,fd=3))
tcp LISTEN 0 5 192.168.50.107:5357 0.0.0.0:* users:(("python3",pid=1177,fd=10))
tcp LISTEN 0 64 0.0.0.0:2049 0.0.0.0:*
tcp LISTEN 0 4096 127.0.0.53%lo:53 0.0.0.0:* users:(("systemd-resolve",pid=476,fd=18))
tcp LISTEN 0 4096 [::]:45291 [::]:* users:(("rpc.mountd",pid=1181,fd=11))
tcp LISTEN 0 4096 [::]:5355 [::]:* users:(("systemd-resolve",pid=476,fd=14))
tcp LISTEN 0 50 [::]:139 [::]:* users:(("smbd",pid=1214,fd=30))
tcp LISTEN 0 4096 [::1]:8125 [::]:* users:(("netdata",pid=4105183,fd=68))
tcp LISTEN 0 50 [::]:445 [::]:* users:(("smbd",pid=1214,fd=29))
tcp LISTEN 0 4096 [::]:59555 [::]:* users:(("rpc.mountd",pid=1181,fd=7))
tcp LISTEN 0 511 [::]:80 [::]:* users:(("nginx",pid=1189,fd=8),("nginx",pid=1188,fd=8),("nginx",pid=1187,fd=8),("nginx",pid=1186,fd=8),("nginx",pid=1185,fd=8))
tcp LISTEN 0 4096 [::]:36167 [::]:* users:(("rpc.mountd",pid=1181,fd=15))
tcp LISTEN 0 64 [::]:37743 [::]:*
tcp LISTEN 0 4096 [::]:111 [::]:* users:(("rpcbind",pid=1164,fd=6),("systemd",pid=1,fd=120))
tcp LISTEN 0 4096 *:7443 *:* users:(("orb",pid=722747,fd=14))
tcp LISTEN 0 128 [::]:22 [::]:* users:(("sshd",pid=803,fd=4))
tcp LISTEN 0 4096 [::]:47901 [::]:* users:(("rpc.statd",pid=1178,fd=11))
tcp LISTEN 0 64 [::]:2049 [::]:*
tcp LISTEN 0 4096 [::1]:19999 [::]:* users:(("netdata",pid=4105183,fd=6))
Inter-| Receive | Transmit
face |bytes packets errs drop fifo frame compressed multicast|bytes packets errs drop fifo colls carrier compressed
lo: 1074671336 1075230 0 0 0 0 0 0 1074671336 1075230 0 0 0 0 0 0
eth0: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
wlan0: 16128419591 113315528 0 1149234 0 0 0 8992541 332813345727 237897725 0 6 0 0 0 0
Interface: eth0
Speed: Unknown!
Duplex: Unknown! (255)
Link detected: no
Interface: wlan0
vnstat not installed
--- Firewall Status ---
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
[2025-08-22 22:37:43] [INFO] Running module: collect_container_info
==== CONTAINER INFORMATION ====
Docker not installed or not in PATH
[2025-08-22 22:37:43] [INFO] Running module: collect_software_info
==== SOFTWARE INFORMATION ====
--- Installed Packages ---
Installed Debian/Ubuntu packages:
Package list saved to packages_dpkg.txt (768 packages)
Available Security Updates:
--- Running Services ---
UNIT LOAD ACTIVE SUB DESCRIPTION
avahi-daemon.service loaded active running Avahi mDNS/DNS-SD Stack
bluetooth.service loaded active running Bluetooth service
chrony.service loaded active running chrony, an NTP client/server
cron.service loaded active running Regular background program processing daemon
dbus.service loaded active running D-Bus System Message Bus
getty@tty1.service loaded active running Getty on tty1
mdmonitor.service loaded active running MD array monitor
monit.service loaded active running LSB: service and resource monitoring daemon
netdata.service loaded active running netdata - Real-time performance monitoring
netplan-wpa-wlan0.service loaded active running WPA supplicant for netplan wlan0
nfs-idmapd.service loaded active running NFSv4 ID-name mapping service
nfs-mountd.service loaded active running NFS Mount Daemon
nfsdcld.service loaded active running NFSv4 Client Tracking Daemon
nginx.service loaded active running A high performance web server and a reverse proxy server
openmediavault-engined.service loaded active running The OpenMediaVault engine daemon that processes the RPC request
orb.service loaded active running Orb Sensor
php8.2-fpm.service loaded active running The PHP 8.2 FastCGI Process Manager
rpc-statd.service loaded active running NFS status monitor for NFSv2/3 locking.
rpcbind.service loaded active running RPC bind portmap service
rsyslog.service loaded active running System Logging Service
smbd.service loaded active running Samba SMB Daemon
ssh.service loaded active running OpenBSD Secure Shell server
systemd-journald.service loaded active running Journal Service
systemd-logind.service loaded active running User Login Management
systemd-networkd.service loaded active running Network Configuration
systemd-resolved.service loaded active running Network Name Resolution
systemd-udevd.service loaded active running Rule-based Manager for Device Events and Files
triggerhappy.service loaded active running triggerhappy global hotkey daemon
unattended-upgrades.service loaded active running Unattended Upgrades Shutdown
user@1000.service loaded active running User Manager for UID 1000
wpa_supplicant.service loaded active running WPA supplicant
wsdd.service loaded active running Web Services Dynamic Discovery host daemon
LOAD = Reflects whether the unit definition was properly loaded.
ACTIVE = The high-level unit activation state, i.e. generalization of SUB.
SUB = The low-level unit activation state, values depend on unit type.
32 loaded units listed.
UNIT FILE STATE PRESET
anacron.service enabled enabled
apparmor.service enabled enabled
avahi-daemon.service enabled enabled
blk-availability.service enabled enabled
bluetooth.service enabled enabled
chrony.service enabled enabled
console-setup.service enabled enabled
cron.service enabled enabled
dphys-swapfile.service enabled enabled
e2scrub_reap.service enabled enabled
fake-hwclock.service enabled enabled
folder2ram_shutdown.service enabled enabled
folder2ram_startup.service enabled enabled
getty@.service enabled enabled
hciuart.service enabled enabled
keyboard-setup.service enabled enabled
lvm2-monitor.service enabled enabled
mdadm-shutdown.service enabled enabled
netdata.service enabled enabled
nfs-server.service enabled enabled
nginx.service enabled enabled
openmediavault-beep-down.service enabled enabled
openmediavault-beep-up.service enabled enabled
openmediavault-cleanup-monit.service enabled enabled
openmediavault-cleanup-php.service enabled enabled
openmediavault-engined.service enabled enabled
openmediavault-issue.service enabled enabled
orb.service enabled enabled
php8.2-fpm.service enabled enabled
rpi-display-backlight.service enabled enabled
rpi-eeprom-update.service enabled enabled
rsyslog.service enabled enabled
samba-ad-dc.service enabled enabled
smartctl-hdparm.service enabled enabled
smbd.service enabled enabled
ssh.service enabled enabled
sshswitch.service enabled enabled
systemd-network-generator.service enabled enabled
systemd-networkd-wait-online.service enabled disabled
systemd-networkd.service enabled enabled
systemd-pstore.service enabled enabled
systemd-resolved.service enabled enabled
triggerhappy.service enabled enabled
unattended-upgrades.service enabled enabled
wpa_supplicant.service enabled enabled
wsdd.service enabled enabled
46 unit files listed.
--- Running Processes ---
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 247242 100 0.4 12740 4504 ? R 22:37 0:00 ps aux --sort=-%cpu
root 246954 9.7 2.6 38136 24464 ? S 22:37 0:00 /usr/bin/python3 /home/jon/.ansible/tmp/ansible-tmp-1755916660.7313373-1106145-205718655528146/AnsiballZ_command.py
openmed+ 246935 8.1 1.6 213376 15180 ? S 22:37 0:00 php-fpm: pool openmediavault-webgui
netdata 4105435 3.3 0.9 134868 8960 ? SNl Aug21 72:05 /usr/lib/netdata/plugins.d/apps.plugin 1
orb 722747 3.0 4.9 2871256 46036 ? Ssl Jul29 1091:48 /usr/bin/orb sensor
jon 246599 1.7 1.0 19776 9912 ? Ss 22:37 0:00 /lib/systemd/systemd --user
netdata 4105183 1.4 1.7 413300 16368 ? SNsl Aug21 30:55 /usr/sbin/netdata -D
root 247018 1.3 0.3 7856 3356 ? S 22:37 0:00 bash /tmp/linux_system_audit.sh
jon 246621 0.8 0.8 20952 7540 ? S 22:37 0:00 sshd: jon@notty
root 207 0.6 0.0 0 0 ? S Jul23 298:46 [md0_raid1]
root 89 0.4 0.0 0 0 ? I< Jul23 194:40 [kworker/u21:0-brcmf_wq/mmc1:0001:1]
root 246595 0.3 1.0 20132 10092 ? Ss 22:37 0:00 sshd: jon [priv]
netdata 237753 0.3 0.3 4060 2832 ? SN 21:55 0:08 bash /usr/lib/netdata/plugins.d/tc-qos-helper.sh 1
root 1088 0.1 0.3 19016 3412 ? Sl Jul23 79:54 /usr/bin/monit -c /etc/monit/monitrc
root 246953 0.1 2.0 38188 18888 ? S 22:37 0:00 /usr/bin/python3 /home/jon/.ansible/tmp/ansible-tmp-1755916660.7313373-1106145-205718655528146/async_wrapper.py j259876869854 1800 /home/jon/.ansible/tmp/ansible-tmp-1755916660.7313373-1106145-205718655528146/AnsiballZ_command.py _
root 57 0.1 0.0 0 0 ? I< Jul23 64:20 [kworker/1:1H-kblockd]
root 245488 0.1 0.0 0 0 ? I 22:33 0:00 [kworker/0:1-events]
root 1733407 0.1 0.0 0 0 ? I< Aug03 35:12 [kworker/3:0H-kblockd]
avahi 572 0.1 0.3 8612 3360 ? Ss Jul23 49:06 avahi-daemon: running [raspberrypi.local]
systemd-+-agetty
|-avahi-daemon---avahi-daemon
|-bluetoothd
|-chronyd---chronyd
|-cron
|-dbus-daemon
|-mdadm
|-monit-+-mountpoint
| `-{monit}
|-netdata-+-apps.plugin---{apps.plugin}
| |-bash
| |-netdata---{netdata}
| |-nfacct.plugin
| `-42*[{netdata}]
|-nfsdcld
|-nginx---4*[nginx]
|-omv-engined
|-orb---22*[{orb}]
|-php-fpm8.2---3*[php-fpm8.2]
|-python3---python3---python3---bash-+-pstree
| `-tee
|-python3
|-rpc.idmapd
|-rpc.mountd
|-rpc.statd
|-rpcbind
|-rsyslogd---3*[{rsyslogd}]
|-smbd-+-cleanupd
| `-smbd-notifyd
|-sshd---sshd---sshd
|-systemd---(sd-pam)
|-systemd-journal
|-systemd-logind
|-systemd-network
|-systemd-resolve
|-systemd-udevd
|-thd
|-unattended-upgr
`-2*[wpa_supplicant]
[2025-08-22 22:37:48] [INFO] Running module: collect_security_info
==== SECURITY ASSESSMENT ====
--- User Accounts ---
root:x:0:0:root:/root:/bin/bash
jon:x:1000:1000:,,,:/home/jon:/bin/bash
orb:x:991:985::/home/orb:/bin/bash
netdata:x:990:984::/var/lib/netdata:/bin/bash
root
sudo:x:27:jon
jon pts/0 192.168.50.225 Fri Aug 22 22:37 - 22:37 (00:00)
jon pts/0 192.168.50.225 Fri Aug 22 22:37 - 22:37 (00:00)
jon pts/0 192.168.50.225 Fri Aug 22 22:37 - 22:37 (00:00)
jon pts/0 192.168.50.225 Fri Aug 22 22:37 - 22:37 (00:00)
jon pts/0 192.168.50.225 Fri Aug 22 22:37 - 22:37 (00:00)
jon pts/0 192.168.50.225 Fri Aug 22 22:37 - 22:37 (00:00)
jon pts/0 192.168.50.225 Fri Aug 22 22:37 - 22:37 (00:00)
jon pts/0 192.168.50.225 Fri Aug 22 22:37 - 22:37 (00:00)
jon pts/0 192.168.50.225 Fri Aug 22 22:37 - 22:37 (00:00)
jon pts/0 192.168.50.225 Fri Aug 22 22:36 - 22:36 (00:00)
wtmp begins Wed Jul 23 19:17:15 2025
--- SSH Configuration ---
Protocol 2
Port 22
PermitRootLogin yes
PasswordAuthentication yes
PubkeyAuthentication yes
--- File Permissions and SUID ---
/etc/collectd/collectd.conf.d/load.conf
/etc/collectd/collectd.conf.d/uptime.conf
/etc/collectd/collectd.conf.d/cpu.conf
/etc/collectd/collectd.conf.d/memory.conf
/etc/collectd/collectd.conf.d/rrdcached.conf
/etc/collectd/collectd.conf.d/df.conf
/etc/collectd/collectd.conf.d/interface.conf
/etc/collectd/collectd.conf.d/unixsock.conf
/etc/collectd/collectd.conf.d/syslog.conf
/srv/pillar/omv/tasks.sls
/var/lib/openmediavault/workbench/localstorage.d/admin
/var/lib/openmediavault/fstab_tasks.json
/var/lib/openmediavault/dirtymodules.json
/var/cache/openmediavault/archives/Packages
/usr/lib/dbus-1.0/dbus-daemon-launch-helper
/usr/lib/polkit-1/polkit-agent-helper-1
/usr/lib/openssh/ssh-keysign
/usr/sbin/postdrop
/usr/sbin/unix_chkpwd
/usr/sbin/mount.cifs
/usr/sbin/postqueue
/usr/sbin/mount.nfs
/usr/sbin/postlog
/usr/bin/gpasswd
/usr/bin/expiry
/usr/bin/pkexec
/usr/bin/fusermount3
/usr/bin/mount
/usr/bin/crontab
/usr/bin/chsh
/usr/bin/ping
/usr/bin/sudo
/usr/bin/su
/usr/bin/umount
/usr/bin/dotlockfile
/usr/bin/ntfs-3g
/usr/bin/passwd
/usr/bin/newgrp
/usr/bin/chfn
/usr/bin/ssh-agent
/usr/bin/chage
WARNING: Potentially dangerous SUID binary found: /bin/su
WARNING: Potentially dangerous SUID binary found: /usr/bin/sudo
WARNING: Potentially dangerous SUID binary found: /usr/bin/passwd
WARNING: Potentially dangerous SUID binary found: /usr/bin/chfn
WARNING: Potentially dangerous SUID binary found: /usr/bin/chsh
WARNING: Potentially dangerous SUID binary found: /usr/bin/gpasswd
WARNING: Potentially dangerous SUID binary found: /usr/bin/newgrp
WARNING: Potentially dangerous SUID binary found: /usr/bin/mount
WARNING: Potentially dangerous SUID binary found: /usr/bin/umount
WARNING: Potentially dangerous SUID binary found: /usr/bin/ping
WARNING: Potentially dangerous SUID binary found: /usr/bin/ping6
/run/lock
/srv/dev-disk-by-uuid-f6f44123-cf98-4252-9603-b7a3cd9dc285
/srv/dev-disk-by-uuid-e91c5052-8b74-4125-9d94-9ec465032240/t410_backup
/srv/dev-disk-by-uuid-e91c5052-8b74-4125-9d94-9ec465032240/audrey_backup
/srv/dev-disk-by-uuid-e91c5052-8b74-4125-9d94-9ec465032240/jonathan_backup
/srv/dev-disk-by-uuid-e91c5052-8b74-4125-9d94-9ec465032240/t420_backup
/srv/dev-disk-by-uuid-e91c5052-8b74-4125-9d94-9ec465032240/surface_backup
/srv/dev-disk-by-uuid-e91c5052-8b74-4125-9d94-9ec465032240/omv800_backup
/var/lib/php/sessions
/var/cache/salt/minion/roots/hash/base/omv/deploy/monit
--- Cron Jobs ---
total 40
drwxr-xr-x 2 root root 4096 Jun 1 15:23 .
drwxr-xr-x 111 root root 12288 Aug 21 08:45 ..
-rw-r--r-- 1 root root 102 Mar 2 2023 .placeholder
-rw-r--r-- 1 root root 285 Jan 10 2023 anacron
-rw-r--r-- 1 root root 202 Mar 4 2023 e2scrub_all
-rw-r--r-- 1 root root 589 Feb 24 2023 mdadm
-rw-r--r-- 1 root root 674 Jun 1 15:23 openmediavault-borgbackup
-rw-r--r-- 1 root root 712 Jul 13 2022 php
# /etc/crontab: system-wide crontab
# Unlike any other crontab you don't have to run the `crontab'
# command to install the new version when you edit this file
# and files in /etc/cron.d. These files also have username fields,
# that none of the other crontabs do.
SHELL=/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
# Example of job definition:
# .---------------- minute (0 - 59)
# | .------------- hour (0 - 23)
# | | .---------- day of month (1 - 31)
# | | | .------- month (1 - 12) OR jan,feb,mar,apr ...
# | | | | .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat
# | | | | |
# * * * * * user-name command to be executed
17 * * * * root cd / && run-parts --report /etc/cron.hourly
25 6 * * * root test -x /usr/sbin/anacron || { cd / && run-parts --report /etc/cron.daily; }
47 6 * * 7 root test -x /usr/sbin/anacron || { cd / && run-parts --report /etc/cron.weekly; }
52 6 1 * * root test -x /usr/sbin/anacron || { cd / && run-parts --report /etc/cron.monthly; }
#
--- Shell History ---
Analyzing: /home/jon/.bash_history
WARNING: Pattern 'token' found in /home/jon/.bash_history
--- Tailscale Configuration ---
Tailscale not installed
[2025-08-22 22:37:59] [INFO] Running module: run_vulnerability_scan
==== VULNERABILITY ASSESSMENT ====
--- Kernel Vulnerabilities ---
6.12.34+rpt-rpi-v8
Current kernel: 6.12.34+rpt-rpi-v8
Kernel major version: 6
Kernel minor version: 12
Risk Level: LOW
Assessment: Kernel version is recent and likely secure
Kernel Security Features:
ASLR (Address Space Layout Randomization): ENABLED
WARNING: Dmesg restriction is disabled
--- Open Ports Security Check ---
Port 53 (DNS) - Ensure properly configured
Port 80 (HTTP) - Consider HTTPS
Port 139 (SMB/NetBIOS) - Potentially risky
Port 445 (SMB/NetBIOS) - Potentially risky
[2025-08-22 22:37:59] [INFO] Running module: collect_env_info
==== ENVIRONMENT AND CONFIGURATION ====
--- Environment Variables ---
SHELL=/bin/bash
HOME=/root
LANG=en_US.UTF-8
USER=root
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
--- Mount Points ---
sysfs on /sys type sysfs (rw,nosuid,nodev,noexec,relatime)
proc on /proc type proc (rw,relatime)
udev on /dev type devtmpfs (rw,nosuid,relatime,size=192068k,nr_inodes=48017,mode=755)
devpts on /dev/pts type devpts (rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000)
tmpfs on /run type tmpfs (rw,nosuid,nodev,noexec,relatime,size=185720k,mode=755)
/dev/mmcblk0p2 on / type ext4 (rw,noatime,nodiratime)
securityfs on /sys/kernel/security type securityfs (rw,nosuid,nodev,noexec,relatime)
tmpfs on /dev/shm type tmpfs (rw,nosuid,nodev)
tmpfs on /run/lock type tmpfs (rw,nosuid,nodev,noexec,relatime,size=5120k)
cgroup2 on /sys/fs/cgroup type cgroup2 (rw,nosuid,nodev,noexec,relatime,nsdelegate,memory_recursiveprot)
pstore on /sys/fs/pstore type pstore (rw,nosuid,nodev,noexec,relatime)
bpf on /sys/fs/bpf type bpf (rw,nosuid,nodev,noexec,relatime,mode=700)
systemd-1 on /proc/sys/fs/binfmt_misc type autofs (rw,relatime,fd=31,pgrp=1,timeout=0,minproto=5,maxproto=5,direct,pipe_ino=6160)
debugfs on /sys/kernel/debug type debugfs (rw,nosuid,nodev,noexec,relatime)
mqueue on /dev/mqueue type mqueue (rw,nosuid,nodev,noexec,relatime)
tracefs on /sys/kernel/tracing type tracefs (rw,nosuid,nodev,noexec,relatime)
nfsd on /proc/fs/nfsd type nfsd (rw,relatime)
fusectl on /sys/fs/fuse/connections type fusectl (rw,nosuid,nodev,noexec,relatime)
configfs on /sys/kernel/config type configfs (rw,nosuid,nodev,noexec,relatime)
ramfs on /run/credentials/systemd-sysctl.service type ramfs (ro,nosuid,nodev,noexec,relatime,mode=700)
ramfs on /run/credentials/systemd-sysusers.service type ramfs (ro,nosuid,nodev,noexec,relatime,mode=700)
ramfs on /run/credentials/systemd-tmpfiles-setup-dev.service type ramfs (ro,nosuid,nodev,noexec,relatime,mode=700)
tmpfs on /tmp type tmpfs (rw,relatime)
/dev/mmcblk0p1 on /boot/firmware type vfat (rw,relatime,fmask=0022,dmask=0022,codepage=437,iocharset=ascii,shortname=mixed,errors=remount-ro)
ramfs on /run/credentials/systemd-tmpfiles-setup.service type ramfs (ro,nosuid,nodev,noexec,relatime,mode=700)
binfmt_misc on /proc/sys/fs/binfmt_misc type binfmt_misc (rw,nosuid,nodev,noexec,relatime)
sunrpc on /run/rpc_pipefs type rpc_pipefs (rw,relatime)
/dev/mmcblk0p2 on /var/folder2ram/var/log type ext4 (rw,noatime,nodiratime)
folder2ram on /var/log type tmpfs (rw,relatime)
/dev/mmcblk0p2 on /var/folder2ram/var/tmp type ext4 (rw,noatime,nodiratime)
folder2ram on /var/tmp type tmpfs (rw,relatime)
/dev/mmcblk0p2 on /var/folder2ram/var/lib/openmediavault/rrd type ext4 (rw,noatime,nodiratime)
folder2ram on /var/lib/openmediavault/rrd type tmpfs (rw,relatime)
/dev/mmcblk0p2 on /var/folder2ram/var/spool type ext4 (rw,noatime,nodiratime)
folder2ram on /var/spool type tmpfs (rw,relatime)
/dev/mmcblk0p2 on /var/folder2ram/var/lib/rrdcached type ext4 (rw,noatime,nodiratime)
folder2ram on /var/lib/rrdcached type tmpfs (rw,relatime)
/dev/mmcblk0p2 on /var/folder2ram/var/lib/monit type ext4 (rw,noatime,nodiratime)
folder2ram on /var/lib/monit type tmpfs (rw,relatime)
/dev/mmcblk0p2 on /var/folder2ram/var/cache/samba type ext4 (rw,noatime,nodiratime)
folder2ram on /var/cache/samba type tmpfs (rw,relatime)
/dev/md0 on /srv/dev-disk-by-uuid-e91c5052-8b74-4125-9d94-9ec465032240 type ext4 (rw,relatime,quota,usrquota,grpquota)
/dev/md0 on /export/audrey_backup type ext4 (rw,relatime,quota,usrquota,grpquota)
/dev/md0 on /export/jonathan_backup type ext4 (rw,relatime,quota,usrquota,grpquota)
/dev/md0 on /export/omv800_backup type ext4 (rw,relatime,quota,usrquota,grpquota)
/dev/md0 on /export/surface_backup type ext4 (rw,relatime,quota,usrquota,grpquota)
/dev/md0 on /export/t410_backup type ext4 (rw,relatime,quota,usrquota,grpquota)
/dev/md0 on /export/t420_backup type ext4 (rw,relatime,quota,usrquota,grpquota)
tracefs on /sys/kernel/debug/tracing type tracefs (rw,nosuid,nodev,noexec,relatime)
tmpfs on /run/user/1000 type tmpfs (rw,nosuid,nodev,relatime,size=92856k,nr_inodes=23214,mode=700,uid=1000,gid=1000)
Filesystem Size Used Avail Use% Mounted on
udev 188M 0 188M 0% /dev
tmpfs 182M 20M 163M 11% /run
/dev/mmcblk0p2 28G 2.9G 24G 11% /
tmpfs 454M 252K 454M 1% /dev/shm
tmpfs 5.0M 16K 5.0M 1% /run/lock
tmpfs 454M 2.2M 452M 1% /tmp
/dev/mmcblk0p1 510M 72M 439M 15% /boot/firmware
folder2ram 454M 3.2M 451M 1% /var/log
folder2ram 454M 0 454M 0% /var/tmp
folder2ram 454M 268K 454M 1% /var/lib/openmediavault/rrd
folder2ram 454M 3.8M 450M 1% /var/spool
folder2ram 454M 12M 443M 3% /var/lib/rrdcached
folder2ram 454M 4.0K 454M 1% /var/lib/monit
folder2ram 454M 16K 454M 1% /var/cache/samba
/dev/md0 7.3T 306G 7.0T 5% /srv/dev-disk-by-uuid-e91c5052-8b74-4125-9d94-9ec465032240
tmpfs 91M 0 91M 0% /run/user/1000
--- System Limits ---
real-time non-blocking time (microseconds, -R) unlimited
core file size (blocks, -c) 0
data seg size (kbytes, -d) unlimited
scheduling priority (-e) 0
file size (blocks, -f) unlimited
pending signals (-i) 1500
max locked memory (kbytes, -l) 116072
max memory size (kbytes, -m) unlimited
open files (-n) 1024
pipe size (512 bytes, -p) 8
POSIX message queues (bytes, -q) 819200
real-time priority (-r) 0
stack size (kbytes, -s) 8192
cpu time (seconds, -t) unlimited
max user processes (-u) 1500
virtual memory (kbytes, -v) unlimited
file locks (-x) unlimited
[2025-08-22 22:37:59] [INFO] Generating JSON summary
==== GENERATING SUMMARY ====
[2025-08-22 22:37:59] [Generating JSON summary...]
ERROR: Failed to generate JSON summary.
[2025-08-22 22:37:59] [WARN] JSON summary generation failed, but continuing...
==== AUDIT COMPLETE ====
[2025-08-22 22:37:59] [INFO] Audit completed successfully in 17 seconds
[2025-08-22 22:37:59] [INFO] Results available in: /tmp/system_audit_raspberrypi_20250822_223742
[2025-08-22 22:37:59] [INFO] Enhanced summary created: /tmp/system_audit_raspberrypi_20250822_223742/SUMMARY.txt
[2025-08-22 22:37:59] [INFO] Compressing audit results...