I have migrated one of my Linux laptops to Silverblue, and am planning to migrate the other one to Budgie Atomic.
On my laptop that currently runs standard Fedora 42 I use Lynis for security audits. I would appreciate the advice of Silverblue users regarding security audit tools and tweaks that work on immutable Fedora distros. Thank you.
You should be able to run those in a (potentially privileged) container / toolbox, depending on what the app needs in terms of access.
If it does not work in a container, you can look at making a sysext for it.
Thank you. I assume all security audit tools nee to be installed to the same container, otherwise a tool would, for example, not detect that Clamav and Rlhunter would be installed?
Probably yes. The tools that should work together should be in the same container.