...
If your environment does not allow sudo, you should set the configuration item (as at 2.0.10) discovery_linux_use_sudo to 'n' (sans quotes). This is set to 'y' by default. This will run the audit script without attempting to use sudo if you are not root.
So what info will you not receive? It is detailed below, by the database table, attribute and required command.
Table | Attributes not retrieved | Required Command |
|---|---|---|
system | uuid, serial, form factor. | dmidecode |
bios | serial, |
smversion |
, revision. | dmidecode | |
processor | socket. | dmidecode |
memory | all. | dmidecode |
motherboard |
all (pre 2.0.12),
serial, processor_type, memory_slot_count |
. |
dmidecode | ||
netstat | program name where process not owned by current user. | netstat |
usb | status | lsusb |
user | status, disabled, password required, password disabled, password expires. | grep "^$name:" /etc/shadow |
As for Windows, some items wont be retrieved or may be different. See below.
Table | Details |
|---|---|
policy | No policies at all. |
partition | Partition encryption Stats and Method. |
services | Quite a few ‘administrative’ services will not be retrieved at all. The name of the service may be different. |
tasks | Quite a few ‘administrative’ tasks will not be retrieved at all. |