diff --git a/commands/configtest.go b/commands/configtest.go index 40809613..02a3ca73 100644 --- a/commands/configtest.go +++ b/commands/configtest.go @@ -36,6 +36,7 @@ type ConfigtestCmd struct { logDir string askKeyPassword bool containersOnly bool + deep bool sshNative bool httpProxy string timeoutSec int @@ -53,6 +54,7 @@ func (*ConfigtestCmd) Synopsis() string { return "Test configuration" } func (*ConfigtestCmd) Usage() string { return `configtest: configtest + [-deep] [-config=/path/to/config.toml] [-log-dir=/path/to/log] [-ask-key-password] @@ -86,6 +88,8 @@ func (p *ConfigtestCmd) SetFlags(f *flag.FlagSet) { "Ask ssh privatekey password before scanning", ) + f.BoolVar(&p.deep, "deep", false, "Config test for deep scan mode") + f.StringVar( &p.httpProxy, "http-proxy", @@ -133,6 +137,7 @@ func (p *ConfigtestCmd) Execute(_ context.Context, f *flag.FlagSet, _ ...interfa c.Conf.SSHNative = p.sshNative c.Conf.HTTPProxy = p.httpProxy c.Conf.ContainersOnly = p.containersOnly + c.Conf.Deep = p.deep var servernames []string if 0 < len(f.Args()) { diff --git a/scan/debian.go b/scan/debian.go index 6cae65cd..31d4bb23 100644 --- a/scan/debian.go +++ b/scan/debian.go @@ -137,6 +137,10 @@ func trim(str string) string { } func (o *debian) checkIfSudoNoPasswd() error { + if !config.Conf.Deep { + o.log.Infof("sudo ... No need") + return nil + } cmd := util.PrependProxyEnv("apt-get update") o.log.Infof("Checking... sudo %s", cmd) r := o.exec(cmd, sudo) @@ -149,6 +153,10 @@ func (o *debian) checkIfSudoNoPasswd() error { } func (o *debian) checkDependencies() error { + if !config.Conf.Deep { + o.log.Infof("Dependencies... No need") + return nil + } switch o.Distro.Family { case config.Ubuntu, config.Raspbian: return nil diff --git a/scan/freebsd.go b/scan/freebsd.go index 2ddec98e..bdcac08c 100644 --- a/scan/freebsd.go +++ b/scan/freebsd.go @@ -73,6 +73,7 @@ func (o *bsd) checkIfSudoNoPasswd() error { } func (o *bsd) checkDependencies() error { + o.log.Infof("Dependencies... No need") return nil } diff --git a/scan/redhat.go b/scan/redhat.go index 13b5cdbc..1fb7b430 100644 --- a/scan/redhat.go +++ b/scan/redhat.go @@ -121,7 +121,7 @@ func detectRedhat(c config.ServerInfo) (itsMe bool, red osTypeInterface) { } func (o *redhat) checkIfSudoNoPasswd() error { - if !o.sudo() { + if !config.Conf.Deep || !o.sudo() { o.log.Infof("sudo ... No need") return nil } @@ -134,11 +134,6 @@ func (o *redhat) checkIfSudoNoPasswd() error { var zero = []int{0} switch o.Distro.Family { - case config.CentOS: - cmds = []cmd{ - {"yum --changelog --assumeno update yum", []int{0, 1}}, - } - case config.RedHat, config.Oracle: majorVersion, err := o.Distro.MajorVersion() if err != nil { @@ -175,12 +170,17 @@ func (o *redhat) checkIfSudoNoPasswd() error { return nil } -// CentOS 6, 7 ... yum-plugin-changelog, yum-utils -// RHEL 5 ... yum-security -// RHEL 6, 7 ... - -// Amazon ... - +// - Fast scan mode +// No additional dependencies needed +// +// - Deep scan mode +// CentOS 6, 7 ... yum-utils +// RHEL 5 ... yum-security +// RHEL 6, 7 ... yum-utils +// Amazon ... yum-utils func (o *redhat) checkDependencies() error { - if o.Distro.Family == config.Amazon { + if !config.Conf.Deep { + o.log.Infof("Dependencies... No need") return nil } @@ -207,14 +207,13 @@ func (o *redhat) checkDependencies() error { } } - //TODO Check if yum-plugin-changelog is installed when scan with --changelog option on Amazon,RHEL, Oracle var packNames []string switch o.Distro.Family { - case config.CentOS: - packNames = []string{"yum-plugin-changelog", "yum-utils"} + case config.CentOS, config.Amazon: + packNames = []string{"yum-utils"} case config.RedHat, config.Oracle: if majorVersion < 6 { - packNames = []string{"yum-security"} + packNames = []string{"yum-utils", "yum-security"} } else { // yum-plugin-security is installed by default on RHEL6, 7 return nil