Stage/vuls
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
77b5df896a48b31b552c2afc85c134c45c1e05e4
vuls/scan/oracle.go
Kota Kanbe 87ee829e80 fix(scan): exec yum makecache to update metadata on RedHat based linux (#810) 
* fix(scan): exec `yum makecache` to update metadata on RedHat based linux

* sudo
2019-06-12 14:44:42 +09:00

172 lines
3.5 KiB
Go
Raw Blame History

package scan
import (
"github.com/future-architect/vuls/config"
"github.com/future-architect/vuls/models"
"github.com/future-architect/vuls/util"
)
// inherit OsTypeInterface
type oracle struct {
redhatBase
}
// NewAmazon is constructor
func newOracle(c config.ServerInfo) *oracle {
r := &oracle{
redhatBase{
base: base{
osPackages: osPackages{
Packages: models.Packages{},
VulnInfos: models.VulnInfos{},
},
},
sudo: rootPrivOracle{},
},
}
r.log = util.NewCustomLogger(c)
r.setServerInfo(c)
return r
}
func (o *oracle) checkScanMode() error {
return nil
}
func (o *oracle) checkDeps() error {
if o.getServerInfo().Mode.IsFast() {
return o.execCheckDeps(o.depsFast())
} else if o.getServerInfo().Mode.IsFastRoot() {
return o.execCheckDeps(o.depsFastRoot())
} else {
return o.execCheckDeps(o.depsDeep())
}
}
func (o *oracle) depsFast() []string {
if o.getServerInfo().Mode.IsOffline() {
return []string{}
}
// repoquery
return []string{"yum-utils"}
}
func (o *oracle) depsFastRoot() []string {
if o.getServerInfo().Mode.IsOffline() {
//TODO
// return []string{"yum-plugin-ps"}
}
majorVersion, _ := o.Distro.MajorVersion()
switch majorVersion {
case 5:
return []string{
"yum-utils",
"yum-security",
}
case 6:
return []string{
"yum-utils",
"yum-plugin-security",
//TODO
// return []string{"yum-plugin-ps"}
}
default:
return []string{
"yum-utils",
//TODO
// return []string{"yum-plugin-ps"}
}
}
}
func (o *oracle) depsDeep() []string {
majorVersion, _ := o.Distro.MajorVersion()
switch majorVersion {
case 5:
return []string{
"yum-utils",
"yum-security",
"yum-changelog",
}
case 6:
return []string{
"yum-utils",
"yum-plugin-security",
"yum-plugin-changelog",
//TODO
// return []string{"yum-plugin-ps"}
}
default:
return []string{
"yum-utils",
"yum-plugin-changelog",
//TODO
// return []string{"yum-plugin-ps"}
}
}
}
func (o *oracle) checkIfSudoNoPasswd() error {
if o.getServerInfo().Mode.IsFast() {
return o.execCheckIfSudoNoPasswd(o.sudoNoPasswdCmdsFast())
} else if o.getServerInfo().Mode.IsFastRoot() {
return o.execCheckIfSudoNoPasswd(o.sudoNoPasswdCmdsFastRoot())
} else {
return o.execCheckIfSudoNoPasswd(o.sudoNoPasswdCmdsDeep())
}
}
func (o *oracle) sudoNoPasswdCmdsFast() []cmd {
return []cmd{}
}
func (o *oracle) sudoNoPasswdCmdsFastRoot() []cmd {
cmds := []cmd{{"needs-restarting", exitStatusZero}}
if o.getServerInfo().Mode.IsOffline() {
return cmds
}
majorVersion, _ := o.Distro.MajorVersion()
if majorVersion < 6 {
return []cmd{
{"yum repolist --color=never", exitStatusZero},
{"yum list-security --security --color=never", exitStatusZero},
{"yum info-security --color=never", exitStatusZero},
{"repoquery -h", exitStatusZero},
}
}
return append(cmds,
cmd{"yum repolist --color=never", exitStatusZero},
cmd{"yum updateinfo list updates --security --color=never", exitStatusZero},
cmd{"yum updateinfo updates --security --color=never", exitStatusZero},
cmd{"repoquery -h", exitStatusZero})
}
func (o *oracle) sudoNoPasswdCmdsDeep() []cmd {
return o.sudoNoPasswdCmdsFastRoot()
}
type rootPrivOracle struct{}
func (o rootPrivOracle) repoquery() bool {
return true
}
func (o rootPrivOracle) yumRepolist() bool {
return true
}
func (o rootPrivOracle) yumUpdateInfo() bool {
return true
}
// root privilege isn't needed
func (o rootPrivOracle) yumChangelog() bool {
return false
}
func (o rootPrivOracle) yumMakeCache() bool {
return true
}
Reference in New Issue View Git Blame Copy Permalink