fix(scan): warning if lsof command not found (#1167)
This commit is contained in:
Kota Kanbe
22
scan/base.go
22
scan/base.go
@@ -322,7 +322,7 @@ func (l *base) detectPlatform() {
|
||||
|
||||
var dsFingerPrintPrefix = "AgentStatus.agentCertHash: "
|
||||
|
||||
func (l *base) detectDeepSecurity() (fingerprint string, err error) {
|
||||
func (l *base) detectDeepSecurity() (string, error) {
|
||||
// only work root user
|
||||
if l.getServerInfo().Mode.IsFastRoot() {
|
||||
if r := l.exec("test -f /opt/ds_agent/dsa_query", sudo); r.isSuccess() {
|
||||
@@ -621,7 +621,7 @@ func (d *DummyFileInfo) IsDir() bool { return false }
|
||||
//Sys is
|
||||
func (d *DummyFileInfo) Sys() interface{} { return nil }
|
||||
|
||||
func (l *base) scanWordPress() (err error) {
|
||||
func (l *base) scanWordPress() error {
|
||||
if l.ServerInfo.WordPress.IsZero() || l.ServerInfo.Type == config.ServerTypePseudo {
|
||||
return nil
|
||||
}
|
||||
@@ -835,7 +835,7 @@ func (l *base) findPortTestSuccessOn(listenIPPorts []string, searchListenPort mo
|
||||
return addrs
|
||||
}
|
||||
|
||||
func (l *base) ps() (stdout string, err error) {
|
||||
func (l *base) ps() (string, error) {
|
||||
cmd := `LANGUAGE=en_US.UTF-8 ps --no-headers --ppid 2 -p 2 --deselect -o pid,comm`
|
||||
r := l.exec(util.PrependProxyEnv(cmd), noSudo)
|
||||
if !r.isSuccess() {
|
||||
@@ -858,7 +858,7 @@ func (l *base) parsePs(stdout string) map[string]string {
|
||||
return pidNames
|
||||
}
|
||||
|
||||
func (l *base) lsProcExe(pid string) (stdout string, err error) {
|
||||
func (l *base) lsProcExe(pid string) (string, error) {
|
||||
cmd := fmt.Sprintf("ls -l /proc/%s/exe", pid)
|
||||
r := l.exec(util.PrependProxyEnv(cmd), sudo)
|
||||
if !r.isSuccess() {
|
||||
@@ -875,7 +875,7 @@ func (l *base) parseLsProcExe(stdout string) (string, error) {
|
||||
return ss[10], nil
|
||||
}
|
||||
|
||||
func (l *base) grepProcMap(pid string) (stdout string, err error) {
|
||||
func (l *base) grepProcMap(pid string) (string, error) {
|
||||
cmd := fmt.Sprintf(`cat /proc/%s/maps 2>/dev/null | grep -v " 00:00 " | awk '{print $6}' | sort -n | uniq`, pid)
|
||||
r := l.exec(util.PrependProxyEnv(cmd), sudo)
|
||||
if !r.isSuccess() {
|
||||
@@ -894,10 +894,10 @@ func (l *base) parseGrepProcMap(stdout string) (soPaths []string) {
|
||||
return soPaths
|
||||
}
|
||||
|
||||
func (l *base) lsOfListen() (stdout string, err error) {
|
||||
cmd := `lsof -i -P -n | grep LISTEN`
|
||||
func (l *base) lsOfListen() (string, error) {
|
||||
cmd := `lsof -i -P -n`
|
||||
r := l.exec(util.PrependProxyEnv(cmd), sudo)
|
||||
if !r.isSuccess(0, 1) {
|
||||
if !r.isSuccess() {
|
||||
return "", xerrors.Errorf("Failed to lsof: %s", r)
|
||||
}
|
||||
return r.Stdout, nil
|
||||
@@ -907,7 +907,11 @@ func (l *base) parseLsOf(stdout string) map[string][]string {
|
||||
portPids := map[string][]string{}
|
||||
scanner := bufio.NewScanner(strings.NewReader(stdout))
|
||||
for scanner.Scan() {
|
||||
ss := strings.Fields(scanner.Text())
|
||||
line := scanner.Text()
|
||||
if !strings.Contains(line, "LISTEN") {
|
||||
continue
|
||||
}
|
||||
ss := strings.Fields(line)
|
||||
if len(ss) < 10 {
|
||||
continue
|
||||
}
|
||||
|
||||
@@ -257,6 +257,7 @@ sshd 644 root 4u IPv6 16716 0t0 TCP *:22 (LISTEN)
|
||||
squid 959 proxy 11u IPv6 16351 0t0 TCP *:3128 (LISTEN)
|
||||
node 1498 ubuntu 21u IPv6 20132 0t0 TCP *:35401 (LISTEN)
|
||||
node 1498 ubuntu 22u IPv6 20133 0t0 TCP *:44801 (LISTEN)
|
||||
rpcbind 568 rpc 7u IPv6 15149 0t0 UDP *:111
|
||||
docker-pr 9135 root 4u IPv6 297133 0t0 TCP *:6379 (LISTEN)`,
|
||||
},
|
||||
wantPortPid: map[string][]string{
|
||||
|
||||
@@ -1297,7 +1297,8 @@ func (o *debian) dpkgPs() error {
|
||||
pidListenPorts := map[string][]models.PortStat{}
|
||||
stdout, err = o.lsOfListen()
|
||||
if err != nil {
|
||||
return xerrors.Errorf("Failed to ls of: %w", err)
|
||||
// warning only, continue scanning
|
||||
o.log.Warnf("Failed to lsof: %+v", err)
|
||||
}
|
||||
portPids := o.parseLsOf(stdout)
|
||||
for ipPort, pids := range portPids {
|
||||
@@ -1332,7 +1333,8 @@ func (o *debian) dpkgPs() error {
|
||||
for _, n := range pkgNames {
|
||||
p, ok := o.Packages[n]
|
||||
if !ok {
|
||||
return xerrors.Errorf("pkg not found %s", n)
|
||||
o.log.Warnf("Failed to FindByFQPN: %+v", err)
|
||||
continue
|
||||
}
|
||||
p.AffectedProcs = append(p.AffectedProcs, proc)
|
||||
o.Packages[p.Name] = p
|
||||
|
||||
@@ -492,7 +492,8 @@ func (o *redhatBase) yumPs() error {
|
||||
pidListenPorts := map[string][]models.PortStat{}
|
||||
stdout, err = o.lsOfListen()
|
||||
if err != nil {
|
||||
return xerrors.Errorf("Failed to lsof: %w", err)
|
||||
// warning only, continue scanning
|
||||
o.log.Warnf("Failed to lsof: %+v", err)
|
||||
}
|
||||
portPids := o.parseLsOf(stdout)
|
||||
for ipPort, pids := range portPids {
|
||||
@@ -532,7 +533,8 @@ func (o *redhatBase) yumPs() error {
|
||||
for pkgNameVerRel := range uniq {
|
||||
p, err := o.Packages.FindByFQPN(pkgNameVerRel)
|
||||
if err != nil {
|
||||
return err
|
||||
o.log.Warnf("Failed to FindByFQPN: %+v", err)
|
||||
continue
|
||||
}
|
||||
p.AffectedProcs = append(p.AffectedProcs, proc)
|
||||
o.Packages[p.Name] = *p
|
||||
@@ -604,7 +606,7 @@ func (o *redhatBase) parseNeedsRestarting(stdout string) (procs []models.NeedRes
|
||||
cmd := fmt.Sprintf("LANGUAGE=en_US.UTF-8 which %s", path)
|
||||
r := o.exec(cmd, sudo)
|
||||
if !r.isSuccess() {
|
||||
o.log.Warnf("Failed to exec which %s: %s", path, r)
|
||||
o.log.Debugf("Failed to exec which %s: %s", path, r)
|
||||
continue
|
||||
}
|
||||
path = strings.TrimSpace(r.Stdout)
|
||||
|
||||
Reference in New Issue
Block a user