feat(scanner): revert lsof command for futurevuls users (#1770)

2023-10-20 12:07:20 +09:00
parent a1c1f4ce60
commit b9db5411cd
9 changed files with 10 additions and 15 deletions
--- a/scanner/alma.go
+++ b/scanner/alma.go
@@ -90,7 +90,7 @@ func (o *alma) sudoNoPasswdCmdsFastRoot() []cmd {
 			{"stat /proc/1/exe", exitStatusZero},
 			{"ls -l /proc/1/exe", exitStatusZero},
 			{"cat /proc/1/maps", exitStatusZero},
-			{"lsof -i -P -n -V", exitStatusZero},
+			{"lsof -i -P -n", exitStatusZero},
 		}
 	}
 	return []cmd{
--- a/scanner/amazon.go
+++ b/scanner/amazon.go
@@ -102,7 +102,7 @@ func (o *amazon) sudoNoPasswdCmdsFastRoot() []cmd {
 		{"stat /proc/1/exe", exitStatusZero},
 		{"ls -l /proc/1/exe", exitStatusZero},
 		{"cat /proc/1/maps", exitStatusZero},
-		{"lsof -i -P -n -V", exitStatusZero},
+		{"lsof -i -P -n", exitStatusZero},
 	}
 }

--- a/scanner/base.go
+++ b/scanner/base.go
@@ -1328,15 +1328,10 @@ func (l *base) parseGrepProcMap(stdout string) (soPaths []string) {
 	return soPaths
 }

-var errLSOFNoInternetFiles = xerrors.New("no Internet files located")
-
 func (l *base) lsOfListen() (string, error) {
-	cmd := `lsof -i -P -n -V`
+	cmd := `lsof -i -P -n`
 	r := l.exec(util.PrependProxyEnv(cmd), sudo)
 	if !r.isSuccess() {
-		if strings.TrimSpace(r.Stdout) == "lsof: no Internet files located" {
-			return "", xerrors.Errorf("Failed to lsof: %w", errLSOFNoInternetFiles)
-		}
 		return "", xerrors.Errorf("Failed to lsof: %s", r)
 	}
 	return r.Stdout, nil
@@ -1392,7 +1387,7 @@ func (l *base) pkgPs(getOwnerPkgs func([]string) ([]string, error)) error {

 	pidListenPorts := map[string][]models.PortStat{}
 	stdout, err = l.lsOfListen()
-	if err != nil && !xerrors.Is(err, errLSOFNoInternetFiles) {
+	if err != nil {
 		// warning only, continue scanning
 		l.log.Warnf("Failed to lsof: %+v", err)
 	}
--- a/scanner/centos.go
+++ b/scanner/centos.go
@@ -89,7 +89,7 @@ func (o *centos) sudoNoPasswdCmdsFastRoot() []cmd {
 			{"stat /proc/1/exe", exitStatusZero},
 			{"ls -l /proc/1/exe", exitStatusZero},
 			{"cat /proc/1/maps", exitStatusZero},
-			{"lsof -i -P -n -V", exitStatusZero},
+			{"lsof -i -P -n", exitStatusZero},
 		}
 	}
 	return []cmd{
--- a/scanner/debian.go
+++ b/scanner/debian.go
@@ -132,7 +132,7 @@ func (o *debian) checkIfSudoNoPasswd() error {
 		"stat /proc/1/exe",
 		"ls -l /proc/1/exe",
 		"cat /proc/1/maps",
-		"lsof -i -P -n -V",
+		"lsof -i -P -n",
 	}

 	if !o.getServerInfo().Mode.IsOffline() {
--- a/scanner/fedora.go
+++ b/scanner/fedora.go
@@ -88,7 +88,7 @@ func (o *fedora) sudoNoPasswdCmdsFastRoot() []cmd {
 			{"stat /proc/1/exe", exitStatusZero},
 			{"ls -l /proc/1/exe", exitStatusZero},
 			{"cat /proc/1/maps", exitStatusZero},
-			{"lsof -i -P -n -V", exitStatusZero},
+			{"lsof -i -P -n", exitStatusZero},
 		}
 	}
 	return []cmd{
--- a/scanner/rhel.go
+++ b/scanner/rhel.go
@@ -86,7 +86,7 @@ func (o *rhel) sudoNoPasswdCmdsFastRoot() []cmd {
 			{"stat /proc/1/exe", exitStatusZero},
 			{"ls -l /proc/1/exe", exitStatusZero},
 			{"cat /proc/1/maps", exitStatusZero},
-			{"lsof -i -P -n -V", exitStatusZero},
+			{"lsof -i -P -n", exitStatusZero},
 		}
 	}
 	return []cmd{
--- a/scanner/rocky.go
+++ b/scanner/rocky.go
@@ -90,7 +90,7 @@ func (o *rocky) sudoNoPasswdCmdsFastRoot() []cmd {
 			{"stat /proc/1/exe", exitStatusZero},
 			{"ls -l /proc/1/exe", exitStatusZero},
 			{"cat /proc/1/maps", exitStatusZero},
-			{"lsof -i -P -n -V", exitStatusZero},
+			{"lsof -i -P -n", exitStatusZero},
 		}
 	}
 	return []cmd{
--- a/scanner/suse.go
+++ b/scanner/suse.go
@@ -158,7 +158,7 @@ func (o *suse) sudoNoPasswdCmdsFastRoot() []cmd {
 			{"stat /proc/1/exe", exitStatusZero},
 			{"ls -l /proc/1/exe", exitStatusZero},
 			{"cat /proc/1/maps", exitStatusZero},
-			{"lsof -i -P -n -V", exitStatusZero},
+			{"lsof -i -P -n", exitStatusZero},
 		}
 	}
 	return []cmd{