Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support Alpine Linux #194 #545

Merged
merged 6 commits into from
Dec 1, 2017
Merged

Support Alpine Linux #194 #545

merged 6 commits into from
Dec 1, 2017

Conversation

kotakanbe
Copy link
Member

@kotakanbe kotakanbe commented Nov 20, 2017
edited
Loading

What did you implement:

  • Support Alpine Linux
  • Change the login shell of the server to be scanned from /bin/bash to /bin/sh

Closes #194

How did you implement it:

see diff

How can we verify it:

  • Alpine Linux v3.6.2 is running on Docker Host
root@u16-kanbe:~# docker ps
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
05b81f5a7f93        alpine              "/bin/sh"           11 days ago         Up 26 hours                             youthful_wozniak
root@u16-kanbe:~# docker exec -it youthful_wozniak /bin/sh
/ # cat /etc/alpine-release
3.6.2
  • Fetch Alpine SecDB
$ cd $GOPATH/src/github.com/kotakanbe/goval-dictionary/
$ ./goval-dictionary fetch-alpine 3.6
[Dec  1 22:20:41]  INFO Fetching... https://git.alpinelinux.org/cgit/alpine-secdb/plain/v3.6/community.yaml

[Dec  1 22:20:41]  INFO Fetching... https://git.alpinelinux.org/cgit/alpine-secdb/plain/v3.6/main.yaml
[Dec  1 22:20:44]  WARN Not supported range access.
community.yaml: 0 B / 5.52 KiB [---------------------------------------------------------------]   0.00%
community.yaml: 5.52 KiB / 5.52 KiB [==========================================================] 100.00%
main.yaml: 18.28 KiB / 18.28 KiB [=============================================================] 100.00%
[Dec  1 22:20:45]  INFO Finished to fetch OVAL definitions.
[Dec  1 22:20:45]  INFO   551 CVEs
  • Scan Alpine Linux
    config.toml
  [servers.u16idcf]
    host = "x.x.x.x"
    port = "22"
    keyPath = "/Users/kotakanbe/.ssh/id_rsa"
    [servers.u16idcf.containers]
      includes = ["youthful_wozniak"]
  • Scan
go build ; and ./vuls scan --containers-only  u16idcf
[Dec  1 22:24:24]  INFO [localhost] Start scanning
[Dec  1 22:24:24]  INFO [localhost] config: /Users/kotakanbe/go/src/github.com/future-architect/vuls/config.toml
[Dec  1 22:24:24]  INFO [localhost] Validating config...
[Dec  1 22:24:24]  INFO [localhost] Detecting Server/Container OS...
[Dec  1 22:24:24]  INFO [localhost] Detecting OS of servers...
[Dec  1 22:24:28]  INFO [localhost] (1/1) Detected: u16idcf: ubuntu 16.04
[Dec  1 22:24:28]  INFO [localhost] Detecting OS of containers...
[Dec  1 22:24:42]  INFO [localhost] Detected: youthful_wozniak@u16idcf: alpine 3.6.2
[Dec  1 22:24:42]  INFO [localhost] Detecting Platforms...
[Dec  1 22:24:46]  INFO [localhost] (1/1) youthful_wozniak on u16idcf is running on other
[Dec  1 22:24:46]  INFO [localhost] Scanning vulnerabilities...
[Dec  1 22:24:46]  INFO [localhost] Scanning vulnerable OS packages...


One Line Summary
================
youthful_wozniak@u16idcf        alpine3.6.2     36 updatable packages
  • report
$ go build ; and ./vuls report --format-one-line-text
[Dec  1 22:28:32]  INFO [localhost] Validating config...
[Dec  1 22:28:32]  INFO [localhost] cve-dictionary: /Users/kotakanbe/go/src/github.com/future-architect/vuls/cve.sqlite3
[Dec  1 22:28:32]  INFO [localhost] Loaded: /Users/kotakanbe/go/src/github.com/future-architect/vuls/results/2017-12-01T22:24:46+09:00


One Line Summary
================
youthful_wozniak@u16idcf        Total: 11 (High:1 Medium:7 Low:0 ?:3)   36 updatable packages

Todos:

You don't have to satisfy all of the following.

  • Write tests
  • Write documentation
  • Check that there aren't other open pull requests for the same issue/feature
  • Format your source code by make fmt
  • Pass the test by make test
  • Provide verification config / commands
  • Enable "Allow edits from maintainers" for this PR
  • Update the messages below

Is this ready for review?: NO
Is it a breaking change?: NO

@kotakanbe kotakanbe force-pushed the support-alpine branch 2 times, most recently from 128da15 to eb70766 Compare November 30, 2017 14:18
@kotakanbe kotakanbe changed the title [WIP]Support Alpine Linux #194 Support Alpine Linux #194 Dec 1, 2017
@kotakanbe kotakanbe merged commit e788e6a into master Dec 1, 2017
@kotakanbe kotakanbe mentioned this pull request Dec 1, 2017
Closed
kotakanbe added a commit that referenced this pull request Dec 4, 2017
@kotakanbe
Merge branch 'master' into v0.5.0
15a4158 
* master:
  Update README (#547)
  Support Alpine Linux #194 (#545)
  Replace strings.HasPrefix with strings.Index for SuSE scanner (#546)
@kotakanbe kotakanbe deleted the support-alpine branch February 19, 2018 04:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@kotakanbe