fix(cli): vuln host scan-pkg-manifest --local centos 6.10 (#514)

Check for existence of system-releases if os-releases not found Signed-off-by: Darren Murray <[email protected]>
lacework · Aug 13, 2021 · 83f8884 · 83f8884
1 parent fbd9934
commit 83f8884
Show file tree

Hide file tree

Showing 3 changed files with 106 additions and 10 deletions.
diff --git a/cli/cmd/package_manifest.go b/cli/cmd/package_manifest.go
@@ -42,9 +42,10 @@ type OS struct {
 }
 
 var (
-	osReleaseFile = "/etc/os-release"
-	rexNameFromID = regexp.MustCompile(`^ID=(.*)$`)
-	rexVersionID  = regexp.MustCompile(`^VERSION_ID=(.*)$`)
+	osReleaseFile  = "/etc/os-release"
+	sysReleaseFile = "/etc/system-release"
+	rexNameFromID  = regexp.MustCompile(`^ID=(.*)$`)
+	rexVersionID   = regexp.MustCompile(`^VERSION_ID=(.*)$`)
 )
 
 func (c *cliState) GeneratePackageManifest() (*api.PackageManifest, error) {
@@ -258,17 +259,57 @@ func (c *cliState) GetOSInfo() (*OS, error) {
 		"arch", runtime.GOARCH,
 	)
 
-	f, err := os.Open(osReleaseFile)
-	if err != nil {
-		msg := `unsupported platform
+	if fileExists(osReleaseFile) {
+		c.Log.Debugw("parsing os release file", "file", osReleaseFile)
+		return openOsReleaseFile(osReleaseFile)
+	}
+
+	if fileExists(sysReleaseFile) {
+		c.Log.Debugw("parsing system release file", "file", sysReleaseFile)
+		return openSystemReleaseFile(sysReleaseFile)
+	}
+
+	msg := `unsupported platform
 
 For more information about supported platforms, visit:
-    https://support.lacework.com/hc/en-us/articles/360049666194-Host-Vulnerability-Assessment-Overview`
-		return osInfo, errors.New(msg)
+   https://support.lacework.com/hc/en-us/articles/360049666194-Host-Vulnerability-Assessment-Overview`
+	return osInfo, errors.New(msg)
+}
+
+func openSystemReleaseFile(filename string) (*OS, error) {
+	osInfo := new(OS)
+
+	f, err := os.Open(filename)
+
+	if err != nil {
+		return osInfo, err
+	}
+
+	defer f.Close()
+
+	s := bufio.NewScanner(f)
+	for s.Scan() {
+		m := strings.Split(s.Text(), " ")
+		if len(m) > 0 {
+			osInfo.Name = strings.ToLower(m[0])
+			osInfo.Version = strings.ToLower(m[2])
+			break
+		}
 	}
+
+	return osInfo, err
+}
+
+func openOsReleaseFile(filename string) (*OS, error) {
+	osInfo := new(OS)
+
+	f, err := os.Open(filename)
+	if err != nil {
+		return osInfo, err
+	}
+
 	defer f.Close()
 
-	c.Log.Debugw("parsing os release file", "file", osReleaseFile)
 	s := bufio.NewScanner(f)
 	for s.Scan() {
 		if m := rexNameFromID.FindStringSubmatch(s.Text()); m != nil {
@@ -278,7 +319,7 @@ For more information about supported platforms, visit:
 		}
 	}
 
-	return osInfo, nil
+	return osInfo, err
 }
 
 func (c *cliState) DetectPackageManager() (string, error) {

diff --git a/cli/cmd/package_manifest_test.go b/cli/cmd/package_manifest_test.go
@@ -20,6 +20,8 @@ package cmd
 
 import (
 	"fmt"
+	"io/ioutil"
+	"os"
 	"testing"
 
 	"github.com/stretchr/testify/assert"
@@ -222,3 +224,50 @@ func TestMergeHostVulnScanPkgManifestResponses(t *testing.T) {
 		})
 	}
 }
+
+func TestParseOsRelease(t *testing.T) {
+	file, err := ioutil.TempFile("", "os-release")
+	assert.Nil(t, err)
+	_, err = file.WriteString(mockUbuntuOSReleaseFile)
+	assert.Nil(t, err)
+
+	defer os.Remove(file.Name())
+
+	os, err := openOsReleaseFile(file.Name())
+	assert.Nil(t, err)
+	assert.Equal(t, mockUbuntu.Name, os.Name)
+	assert.Equal(t, mockUbuntu.Version, os.Version)
+}
+
+func TestParseSysRelease(t *testing.T) {
+	file, err := ioutil.TempFile("", "system-release")
+	assert.Nil(t, err)
+	_, err = file.WriteString(mockCentosSystemFile)
+	assert.Nil(t, err)
+
+	defer os.Remove(file.Name())
+
+	os, err := openSystemReleaseFile(file.Name())
+	assert.Nil(t, err)
+	assert.Equal(t, mockCentos.Name, os.Name)
+	assert.Equal(t, mockCentos.Version, os.Version)
+}
+
+var (
+	mockCentos              = OS{Name: "centos", Version: "6.10"}
+	mockUbuntu              = OS{Name: "ubuntu", Version: "18.04"}
+	mockCentosSystemFile    = "CentOS release 6.10 (Final)"
+	mockUbuntuOSReleaseFile = `NAME="Ubuntu"
+VERSION="18.04.5 LTS (Bionic Beaver)"
+ID=ubuntu
+ID_LIKE=debian
+PRETTY_NAME="Ubuntu 18.04.5 LTS"
+VERSION_ID="18.04"
+HOME_URL="https://www.ubuntu.com/"
+SUPPORT_URL="https://help.ubuntu.com/"
+BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
+PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
+VERSION_CODENAME=bionic
+UBUNTU_CODENAME=bionic
+`
+)
diff --git a/cli/vagrant/centos-6.10/Vagrantfile b/cli/vagrant/centos-6.10/Vagrantfile
@@ -0,0 +1,6 @@
+Vagrant.configure("2") do |config|
+  config.vm.box = "bento/centos-6.10"
+  config.vm.synced_folder "../../../bin", "/devcli"
+  config.vm.provision "shell", inline: "ln -s /devcli/lacework-cli-linux-amd64 /home/vagrant/lacework"
+end
+