Add offline option to scan and configtest (#588)

Add offline option to scan and configtest
2018-01-19 01:07:44 +09:00
parent a0e0ee6c1e
commit c00404793a
6 changed files with 89 additions and 13 deletions
--- a/scan/debian.go
+++ b/scan/debian.go
@@ -164,7 +164,7 @@ func (o *debian) checkDependencies() error {
 		// https://askubuntu.com/a/742844
 		packNames = append(packNames, "reboot-notifier")

-		if !config.Conf.Deep {
+		if config.Conf.Deep {
 			// Debian needs aptitude to get changelogs.
 			// Because unable to get changelogs via apt-get changelog on Debian.
 			packNames = append(packNames, "aptitude")
@@ -212,6 +212,10 @@ func (o *debian) scanPackages() error {
 	o.Packages = installed
 	o.SrcPackages = srcPacks

+	if config.Conf.Offline {
+		return nil
+	}
+
 	if config.Conf.Deep || o.Distro.Family == config.Raspbian {
 		unsecures, err := o.scanUnsecurePackages(updatable)
 		if err != nil {
@@ -300,6 +304,13 @@ func (o *debian) scanInstalledPackages() (models.Packages, models.Packages, mode
 		delete(srcPacks, name)
 	}

+	if config.Conf.Offline {
+		return installed, updatable, srcPacks, nil
+	}
+
+	if err := o.aptGetUpdate(); err != nil {
+		return nil, nil, nil, err
+	}
 	updatableNames, err := o.getUpdatablePackNames()
 	if err != nil {
 		return nil, nil, nil, err
@@ -346,14 +357,12 @@ func (o *debian) aptGetUpdate() error {
 	o.log.Infof("apt-get update...")
 	cmd := util.PrependProxyEnv("apt-get update")
 	if r := o.exec(cmd, sudo); !r.isSuccess() {
-		return fmt.Errorf("Failed to SSH: %s", r)
+		return fmt.Errorf("Failed to apt-get update: %s", r)
 	}
 	return nil
 }

 func (o *debian) scanUnsecurePackages(updatable models.Packages) (models.VulnInfos, error) {
-	o.aptGetUpdate()
-
 	// Setup changelog cache
 	current := cache.Meta{
 		Name:   o.getServerInfo().GetServerName(),
--- a/scan/redhat.go
+++ b/scan/redhat.go
@@ -177,9 +177,12 @@ func (o *redhat) checkIfSudoNoPasswd() error {
 	return nil
 }

-// - Fast scan mode
+// - Fast offline scan mode
 //    Amazon        ... yum-utils
 //
+// - Fast scan mode
+//    All           ... yum-utils
+//
 // - Deep scan mode
 //    CentOS 6,7    ... yum-utils, yum-plugin-changelog
 //    RHEL 5 (U1-)  ... yum-utils, yum-security, yum-changelog
@@ -203,11 +206,13 @@ func (o *redhat) checkDependencies() error {
 	}

 	packNames := []string{}
-
-	if !config.Conf.Deep {
-		// Fast Scan
+	if config.Conf.Fast {
+		// Online fast scan needs yum-utils to issue repoquery cmd
+		packNames = append(packNames, "yum-utils")
+	} else if config.Conf.Offline {
 		switch o.Distro.Family {
 		case config.Amazon:
+			// Offline scan doesn't support Amazon Linux
 			packNames = append(packNames, "yum-utils")
 		}
 	} else {
@@ -255,7 +260,7 @@ func (o *redhat) scanPackages() error {
 	}
 	o.Kernel.RebootRequired = rebootRequired

-	if !config.Conf.Deep {
+	if config.Conf.Offline {
 		switch o.Distro.Family {
 		case config.Amazon:
 			// nop