Fix configtest to match fast and deep scan mode

commands/configtest.go

@@ -36,6 +36,7 @@ type ConfigtestCmd struct {
 	logDir         string
 	askKeyPassword bool
 	containersOnly bool
+	deep           bool
 	sshNative      bool
 	httpProxy      string
 	timeoutSec     int
@@ -53,6 +54,7 @@ func (*ConfigtestCmd) Synopsis() string { return "Test configuration" }
 func (*ConfigtestCmd) Usage() string {
 	return `configtest:
 	configtest
+			[-deep]
 			[-config=/path/to/config.toml]
 			[-log-dir=/path/to/log]
 			[-ask-key-password]
@@ -86,6 +88,8 @@ func (p *ConfigtestCmd) SetFlags(f *flag.FlagSet) {
 		"Ask ssh privatekey password before scanning",
 	)
 
+	f.BoolVar(&p.deep, "deep", false, "Config test for deep scan mode")
+
 	f.StringVar(
 		&p.httpProxy,
 		"http-proxy",
@@ -133,6 +137,7 @@ func (p *ConfigtestCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interfa
 	c.Conf.SSHNative = p.sshNative
 	c.Conf.HTTPProxy = p.httpProxy
 	c.Conf.ContainersOnly = p.containersOnly
+	c.Conf.Deep = p.deep
 
 	var servernames []string
 	if 0 < len(f.Args()) {

scan/debian.go

@@ -137,6 +137,10 @@ func trim(str string) string {
 }
 
 func (o *debian) checkIfSudoNoPasswd() error {
+	if !config.Conf.Deep {
+		o.log.Infof("sudo ... No need")
+		return nil
+	}
 	cmd := util.PrependProxyEnv("apt-get update")
 	o.log.Infof("Checking... sudo %s", cmd)
 	r := o.exec(cmd, sudo)
@@ -149,6 +153,10 @@ func (o *debian) checkIfSudoNoPasswd() error {
 }
 
 func (o *debian) checkDependencies() error {
+	if !config.Conf.Deep {
+		o.log.Infof("Dependencies... No need")
+		return nil
+	}
 	switch o.Distro.Family {
 	case config.Ubuntu, config.Raspbian:
 		return nil

scan/freebsd.go

@@ -73,6 +73,7 @@ func (o *bsd) checkIfSudoNoPasswd() error {
 }
 
 func (o *bsd) checkDependencies() error {
+	o.log.Infof("Dependencies... No need")
 	return nil
 }
 

scan/redhat.go

@@ -121,7 +121,7 @@ func detectRedhat(c config.ServerInfo) (itsMe bool, red osTypeInterface) {
 }
 
 func (o *redhat) checkIfSudoNoPasswd() error {
-	if !o.sudo() {
+	if !config.Conf.Deep || !o.sudo() {
 		o.log.Infof("sudo ... No need")
 		return nil
 	}
@@ -134,11 +134,6 @@ func (o *redhat) checkIfSudoNoPasswd() error {
 	var zero = []int{0}
 
 	switch o.Distro.Family {
-	case config.CentOS:
-		cmds = []cmd{
-			{"yum --changelog --assumeno update yum", []int{0, 1}},
-		}
-
 	case config.RedHat, config.Oracle:
 		majorVersion, err := o.Distro.MajorVersion()
 		if err != nil {
@@ -175,12 +170,17 @@ func (o *redhat) checkIfSudoNoPasswd() error {
 	return nil
 }
 
-// CentOS 6, 7 	... yum-plugin-changelog, yum-utils
-// RHEL 5     	... yum-security
-// RHEL 6, 7    ... -
-// Amazon 		... -
+// - Fast scan mode
+//    No additional dependencies needed
+//
+// - Deep scan mode
+//    CentOS 6, 7 	... yum-utils
+//    RHEL 5     	... yum-security
+//    RHEL 6, 7     ... yum-utils
+//    Amazon 		... yum-utils
 func (o *redhat) checkDependencies() error {
-	if o.Distro.Family == config.Amazon {
+	if !config.Conf.Deep {
+		o.log.Infof("Dependencies... No need")
 		return nil
 	}
 
@@ -207,14 +207,13 @@ func (o *redhat) checkDependencies() error {
 		}
 	}
 
-	//TODO Check if yum-plugin-changelog is installed when scan with --changelog option on Amazon,RHEL, Oracle
 	var packNames []string
 	switch o.Distro.Family {
-	case config.CentOS:
-		packNames = []string{"yum-plugin-changelog", "yum-utils"}
+	case config.CentOS, config.Amazon:
+		packNames = []string{"yum-utils"}
 	case config.RedHat, config.Oracle:
 		if majorVersion < 6 {
-			packNames = []string{"yum-security"}
+			packNames = []string{"yum-utils", "yum-security"}
 		} else {
 			// yum-plugin-security is installed by default on RHEL6, 7
 			return nil