Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Parse error after check-update. (Unknown format) #359

Closed
rie-w opened this issue Feb 27, 2017 · 2 comments
Closed

Parse error after check-update. (Unknown format) #359

rie-w opened this issue Feb 27, 2017 · 2 comments
Labels
bug
Milestone
v0.3.0

Comments

@rie-w
Copy link

rie-w commented Feb 27, 2017

Environment

Vuls

Hash : 5581a5c

OS

  • Target Server: rhel 5.7
  • Vuls Server: CentOS 7.2

Go

  • Go version: go1.7.1 linux/amd64

Current Output


$ /var/lib/go/bin/vuls scan -config="/home/vuls/testserver.toml" -results-dir="/home/vuls/results_test" -ssh-external  --debug 
[Feb 27 15:05:08]  INFO [localhost] Start scanning
[Feb 27 15:05:08]  INFO [localhost] config: /home/vuls/testserver.toml
[Feb 27 15:05:08]  INFO [localhost] Validating config...
[Feb 27 15:05:08]  INFO [localhost] Detecting Server/Container OS... 
[Feb 27 15:05:08]  INFO [localhost] Detecting OS of servers... 
[Feb 27 15:05:09]  INFO [localhost] (1/1) Detected: testserver: rhel 5.7
[Feb 27 15:05:09]  INFO [localhost] Detecting OS of containers... 
[Feb 27 15:05:09]  INFO [localhost] Checking sudo configuration... 
[Feb 27 15:05:10]  INFO [testserver] sudo ... OK
[Feb 27 15:05:10]  INFO [localhost] Detecting Platforms... 
[Feb 27 15:05:14]  INFO [localhost] (1/1) testserver is running on other
[Feb 27 15:05:14]  INFO [localhost] Scanning vulnerabilities... 
[Feb 27 15:05:14]  INFO [localhost] Check required packages for scanning...
[Feb 27 15:05:14]  INFO [localhost] Scanning vulnerable OS packages...
[Feb 27 15:05:24] DEBUG [testserver] execResult: servername: testserver
  cmd: /bin/ssh -t -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o LogLevel=quiet -o ConnectionAttempts=3 -o ConnectTimeout=10 -o ControlMaster=no -o ControlPath=none vuls@testserver -p 20202 -i /home/vuls/.ssh/id_rsa_vuls -o PasswordAuthentication=no set -o pipefail; sudo -S yum --color=never list-security --security
  exitstatus: 0
  stdout: Loaded plugins: product-id, rhnplugin, security, subscription-manager
Updating Red Hat repositories.
Excluding Packages in global exclude list
Finished
 ...
RHSA-2013:0788 security subscription-manager-1.0.24.1-1.el5_9.x86_64
RHSA-2013:0788 security subscription-manager-firstboot-1.0.24.1-1.el5_9.x86_64
RHSA-2013:0737 security subversion-1.6.11-11.el5_9.x86_64
 ...

  stderr: Killed by signal 1.

  err: %!s(<nil>)
[Feb 27 15:05:29] DEBUG [testserver] execResult: servername: testserver
  cmd: /bin/ssh -t -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o LogLevel=quiet -o ConnectionAttempts=3 -o ConnectTimeout=10 -o ControlMaster=no -o ControlPath=none vuls@testserver -p 20202 -i /home/vuls/.ssh/id_rsa_vuls -o PasswordAuthentication=no set -o pipefail; sudo -S LANGUAGE=en_US.UTF-8 yum --color=never check-update
  exitstatus: 100
  stdout: Loaded plugins: product-id, rhnplugin, security, subscription-manager
Updating Red Hat repositories.
Excluding Packages in global exclude list
Finished
Skipping security plugin, no data

 ...
subscription-manager.x86_64       1.11.3-14.el5_11          rhel-x86_64-server-5
subscription-manager-firstboot.x86_64
                                  1.11.3-14.el5_11          rhel-x86_64-server-5
subscription-manager-gnome.x86_64 0.98.16.3-1.el5_8         rhel-x86_64-server-5
 ...

  stderr: Killed by signal 1.

  err: %!s(<nil>)
[Feb 27 15:05:29] ERROR [testserver] Failed to scan vulnerable packages
[Feb 27 15:05:29] ERROR [localhost] Error: testserver, err: [Failed to parse LANGUAGE=en_US.UTF-8 yum --color=never check-update. err: Unknown format: subscription-manager-firstboot.x86_64]


One Line Summary
================
testserver   Error           Run with --debug to view the details




To view the detail, vuls tui is useful.
To send a report, run vuls report -h.

Addition Details

Expected Behavior

Actual Behavior

Steps to reproduce the behaviour
@kotakanbe kotakanbe modified the milestone: v0.3.0 Feb 28, 2017
@knqyf263
Copy link
Contributor

knqyf263 commented Mar 1, 2017

@rie-w Could you fix the code?

Comment-in this line.
https://github.com/future-architect/vuls/blob/master/scan/executil.go#L288

diff --git a/scan/executil.go b/scan/executil.go
index 4673643..625ca91 100644
--- a/scan/executil.go
+++ b/scan/executil.go
@@ -285,7 +285,7 @@ func sshExecExternal(c conf.ServerInfo, cmd string, sudo bool) (result execResul
        }

        cmd = decorateCmd(c, cmd, sudo)
-       //  cmd = fmt.Sprintf("stty cols 256; set -o pipefail; %s", cmd)
+       cmd = fmt.Sprintf("stty cols 256; set -o pipefail; %s", cmd)

Change the following option.
https://github.com/future-architect/vuls/blob/master/scan/executil.go#L261

--- a/scan/executil.go
+++ b/scan/executil.go
@@ -258,7 +258,7 @@ func sshExecExternal(c conf.ServerInfo, cmd string, sudo bool) (result execResul
        }

        defaultSSHArgs := []string{
-               "-t",
+               "-tt",

After that, could you try again?

@rie-w
Copy link
Author

rie-w commented Mar 3, 2017
edited
Loading

thank you!
Vuls scan successed with fixed code! This is great!!

@knqyf263 knqyf263 mentioned this issue Mar 3, 2017
Merged
8 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
v0.3.0
Development

No branches or pull requests
3 participants
@kotakanbe @knqyf263 @rie-w