Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

vuls scan not running check-update with sudo for Centos 7 #428

Closed
Colbize opened this issue May 9, 2017 · 2 comments
Closed

vuls scan not running check-update with sudo for Centos 7 #428

Colbize opened this issue May 9, 2017 · 2 comments

Comments

@Colbize
Copy link

Colbize commented May 9, 2017
edited
Loading

Environment

Amazon AWS EC2

Vuls

vuls v0.3.0 fecd1ad

OS

  • Target Server: CentOS Linux release 7.2.1511 (Core) - AWS
  • Vuls Server: CentOS Linux release 7.3.1611 (Core) - AWS

Go

  • Go version: go version go1.7.1 linux/amd64

Current Output

vuls scan --debug
[May  9 16:18:45]  INFO [localhost] Start scanning
[May  9 16:18:45]  INFO [localhost] config: /root/config.toml
[May  9 16:18:45] DEBUG [localhost] map[string]config.ServerInfo{}
[May  9 16:18:45]  INFO [localhost] Validating config...
[May  9 16:18:45]  INFO [localhost] Detecting Server/Container OS... 
[May  9 16:18:45]  INFO [localhost] Detecting OS of servers... 
[May  9 16:18:46] DEBUG [localhost] execResult: servername: 10-42-2-59
  cmd: /usr/bin/ssh -tt -o StrictHostKeyChecking=yes -o LogLevel=quiet -o ConnectionAttempts=3 -o ConnectTimeout=10 -o ControlMaster=no -o ControlPath=none [email protected] -p 22 -i /root/.ssh/vuls -o PasswordAuthentication=no stty cols 1000; ls /etc/debian_version
  exitstatus: 2
  stdout: ls: cannot access /etc/debian_version: No such file or directory

  stderr: 
  err: %!s(<nil>)
[May  9 16:18:46] DEBUG [localhost] Not Debian like Linux. execResult: servername: 10-42-2-59
  cmd: /usr/bin/ssh -tt -o StrictHostKeyChecking=yes -o LogLevel=quiet -o ConnectionAttempts=3 -o ConnectTimeout=10 -o ControlMaster=no -o ControlPath=none [email protected] -p 22 -i /root/.ssh/vuls -o PasswordAuthentication=no stty cols 1000; ls /etc/debian_version
  exitstatus: 2
  stdout: ls: cannot access /etc/debian_version: No such file or directory

  stderr: 
  err: %!s(<nil>)
[May  9 16:18:47] DEBUG [localhost] execResult: servername: 10-42-2-59
  cmd: /usr/bin/ssh -tt -o StrictHostKeyChecking=yes -o LogLevel=quiet -o ConnectionAttempts=3 -o ConnectTimeout=10 -o ControlMaster=no -o ControlPath=none [email protected] -p 22 -i /root/.ssh/vuls -o PasswordAuthentication=no stty cols 1000; ls /etc/fedora-release
  exitstatus: 2
  stdout: ls: cannot access /etc/fedora-release: No such file or directory

  stderr: 
  err: %!s(<nil>)
[May  9 16:18:48] DEBUG [localhost] execResult: servername: 10-42-2-59
  cmd: /usr/bin/ssh -tt -o StrictHostKeyChecking=yes -o LogLevel=quiet -o ConnectionAttempts=3 -o ConnectTimeout=10 -o ControlMaster=no -o ControlPath=none [email protected] -p 22 -i /root/.ssh/vuls -o PasswordAuthentication=no stty cols 1000; ls /etc/oracle-release
  exitstatus: 2
  stdout: ls: cannot access /etc/oracle-release: No such file or directory

  stderr: 
  err: %!s(<nil>)
[May  9 16:18:49] DEBUG [localhost] execResult: servername: 10-42-2-59
  cmd: /usr/bin/ssh -tt -o StrictHostKeyChecking=yes -o LogLevel=quiet -o ConnectionAttempts=3 -o ConnectTimeout=10 -o ControlMaster=no -o ControlPath=none [email protected] -p 22 -i /root/.ssh/vuls -o PasswordAuthentication=no stty cols 1000; ls /etc/redhat-release
  exitstatus: 0
  stdout: /etc/redhat-release

  stderr: 
  err: %!s(<nil>)
[May  9 16:18:50] DEBUG [localhost] execResult: servername: 10-42-2-59
  cmd: /usr/bin/ssh -tt -o StrictHostKeyChecking=yes -o LogLevel=quiet -o ConnectionAttempts=3 -o ConnectTimeout=10 -o ControlMaster=no -o ControlPath=none [email protected] -p 22 -i /root/.ssh/vuls -o PasswordAuthentication=no stty cols 1000; cat /etc/redhat-release
  exitstatus: 0
  stdout: CentOS Linux release 7.2.1511 (Core) 

  stderr: 
  err: %!s(<nil>)
[May  9 16:18:50] DEBUG [localhost] Redhat like Linux. Host: 10.42.2.59:22
[May  9 16:18:50]  INFO [localhost] (1/1) Detected: 10-42-2-59: centos 7.2.1511
[May  9 16:18:50]  INFO [localhost] Detecting OS of containers... 
[May  9 16:18:50]  INFO [localhost] Detecting Platforms... 
[May  9 16:18:52] DEBUG [10-42-2-59] execResult: servername: 10-42-2-59
  cmd: /usr/bin/ssh -tt -o StrictHostKeyChecking=yes -o LogLevel=quiet -o ConnectionAttempts=3 -o ConnectTimeout=10 -o ControlMaster=no -o ControlPath=none [email protected] -p 22 -i /root/.ssh/vuls -o PasswordAuthentication=no stty cols 1000; type curl
  exitstatus: 0
  stdout: curl is /usr/bin/curl

  stderr: 
  err: %!s(<nil>)
[May  9 16:18:53] DEBUG [10-42-2-59] execResult: servername: 10-42-2-59
  cmd: /usr/bin/ssh -tt -o StrictHostKeyChecking=yes -o LogLevel=quiet -o ConnectionAttempts=3 -o ConnectTimeout=10 -o ControlMaster=no -o ControlPath=none [email protected] -p 22 -i /root/.ssh/vuls -o PasswordAuthentication=no stty cols 1000; curl --max-time 1 --retry 3 --noproxy 169.254.169.254 http://169.254.169.254/latest/meta-data/instance-id
  exitstatus: 0
  stdout: i-07dbf8907ae66adde
  stderr: 
  err: %!s(<nil>)
[May  9 16:18:53]  INFO [localhost] (1/1) 10-42-2-59 is running on aws
[May  9 16:18:53]  INFO [localhost] Scanning vulnerabilities... 
[May  9 16:18:53]  INFO [localhost] Scanning vulnerable OS packages...
[May  9 16:18:54] DEBUG [10-42-2-59] execResult: servername: 10-42-2-59
  cmd: /usr/bin/ssh -tt -o StrictHostKeyChecking=yes -o LogLevel=quiet -o ConnectionAttempts=3 -o ConnectTimeout=10 -o ControlMaster=no -o ControlPath=none [email protected] -p 22 -i /root/.ssh/vuls -o PasswordAuthentication=no stty cols 1000; rpm -qa --queryformat '%{NAME}	%{VERSION}	%{RELEASE}
'

.......

[May  9 16:18:55] DEBUG [10-42-2-59] execResult: servername: 10-42-2-59
  cmd: /usr/bin/ssh -tt -o StrictHostKeyChecking=yes -o LogLevel=quiet -o ConnectionAttempts=3 -o ConnectTimeout=10 -o ControlMaster=no -o ControlPath=none [email protected] -p 22 -i /root/.ssh/vuls -o PasswordAuthentication=no stty cols 1000; LANGUAGE=en_US.UTF-8 yum --color=never  check-update
  exitstatus: 1
  stdout: Loaded plugins: changelog, fastestmirror, rhnplugin
*Note* Spacewalk repositories are not listed below. You must run this command as root to access Spacewalk repositories.
There are no enabled repos.
 Run "yum repolist all" to see the repos you have.
 You can enable repos with yum-config-manager --enable <repo>

  stderr: 
  err: %!s(<nil>)
[May  9 16:18:55] ERROR [10-42-2-59] Failed to scan vulnerable packages
[May  9 16:18:55] ERROR [localhost] Error: 10-42-2-59, err: [Failed to SSH: execResult: servername: 10-42-2-59
  cmd: /usr/bin/ssh -tt -o StrictHostKeyChecking=yes -o LogLevel=quiet -o ConnectionAttempts=3 -o ConnectTimeout=10 -o ControlMaster=no -o ControlPath=none [email protected] -p 22 -i /root/.ssh/vuls -o PasswordAuthentication=no stty cols 1000; LANGUAGE=en_US.UTF-8 yum --color=never  check-update
  exitstatus: 1
  stdout: Loaded plugins: changelog, fastestmirror, rhnplugin
*Note* Spacewalk repositories are not listed below. You must run this command as root to access Spacewalk repositories.
There are no enabled repos.
 Run "yum repolist all" to see the repos you have.
 You can enable repos with yum-config-manager --enable <repo>

  stderr: 
  err: %!s(<nil>)]


One Line Summary
================
10-42-2-59	Error		Run with --debug to view the details


To view the detail, vuls tui is useful.
To send a report, run vuls report -h.

Addition Details

vuls configtest
[May  9 16:23:10]  INFO [localhost] Validating config...
[May  9 16:23:10]  INFO [localhost] Detecting Server/Container OS... 
[May  9 16:23:10]  INFO [localhost] Detecting OS of servers... 
[May  9 16:23:14]  INFO [localhost] (1/1) Detected: 10-42-2-59: centos 7.2.1511
[May  9 16:23:14]  INFO [localhost] Detecting OS of containers... 
[May  9 16:23:14]  INFO [localhost] Checking dependendies...
[May  9 16:23:16]  INFO [10-42-2-59] Dependencies... Pass
[May  9 16:23:16]  INFO [localhost] Checking sudo settings...
[May  9 16:23:16]  INFO [10-42-2-59] Checking... sudo yum --changelog --assumeno update yum
[May  9 16:23:19]  INFO [10-42-2-59] Sudo... Pass
[May  9 16:23:19]  INFO [localhost] Scannable servers are below...
10-42-2-59

Can you also please fill in each of the remaining sections.

Expected Behavior

sudo yum --color=never check-update

Actual Behavior

yum --color=never check-update

[May  9 16:22:28] ERROR [localhost] Error: 10-42-2-59, err: [Failed to SSH: execResult: servername: 10-42-2-59
  cmd: /usr/bin/ssh -tt -o StrictHostKeyChecking=yes -o LogLevel=quiet -o ConnectionAttempts=3 -o ConnectTimeout=10 -o ControlMaster=no -o ControlPath=none [email protected] -p 22 -i /root/.ssh/vuls -o PasswordAuthentication=no stty cols 1000; LANGUAGE=en_US.UTF-8 yum --color=never  check-update
  exitstatus: 1
  stdout: Loaded plugins: changelog, fastestmirror, rhnplugin
*Note* Spacewalk repositories are not listed below. You must run this command as root to access Spacewalk repositories.
There are no enabled repos.
 Run "yum repolist all" to see the repos you have.
 You can enable repos with yum-config-manager --enable <repo>

Steps to reproduce the behaviour

vuls scan debug on CentOS Linux release 7.2.1511 (Core) - AWS
@eduardohki
Copy link

eduardohki commented Jun 6, 2017
edited
Loading

Hello @Colbize

The problem seems to be related to CentOS itself.

Could you please run this command (LANGUAGE=en_US.UTF-8 yum --color=never check-update) directly in the remote CentOS instance using centos user?

It seems that your host doesn't have any repo configured: There are no enabled repos

@kotakanbe
Copy link
Member

Please re-open if you still have the problem.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@kotakanbe @Colbize @eduardohki