Detect processes affected by update using yum-ps

kotakanbe · kotakanbe · commit eb331a4d8d4c · 2017-09-06T18:03:43.000+09:00
diff --git a/models/packages.go b/models/packages.go
@@ -71,7 +71,7 @@ func (ps Packages) FormatUpdatablePacksSummary() string {
 	return fmt.Sprintf("%d updatable packages", nUpdatable)
 }
 
-// FindOne search a element by name-newver-newrel-arch
+// FindOne search a element
 func (ps Packages) FindOne(f func(Package) bool) (string, Package, bool) {
 	for key, p := range ps {
 		if f(p) {
@@ -83,14 +83,15 @@ func (ps Packages) FindOne(f func(Package) bool) (string, Package, bool) {
 
 // Package has installed packages.
 type Package struct {
-	Name       string
-	Version    string
-	Release    string
-	NewVersion string
-	NewRelease string
-	Arch       string
-	Repository string
-	Changelog  Changelog
+	Name          string
+	Version       string
+	Release       string
+	NewVersion    string
+	NewRelease    string
+	Arch          string
+	Repository    string
+	Changelog     Changelog
+	AffectedProcs []AffectedProc `json:",omitempty"`
 }
 
 // FormatVer returns package version-release
@@ -151,3 +152,13 @@ type Changelog struct {
 	Contents string
 	Method   DetectionMethod
 }
+
+// AffectedProc keep a processes information affected by software update
+type AffectedProc struct {
+	PID      string
+	ProcName string
+	CPU      string
+	RSS      string
+	State    string
+	Uptime   string
+}
diff --git a/scan/redhat.go b/scan/redhat.go
@@ -402,7 +402,16 @@ func (o *redhat) parseUpdatablePacksLine(line string) (models.Package, error) {
 
 func (o *redhat) scanUnsecurePackages(updatable models.Packages) (models.VulnInfos, error) {
 	if config.Conf.Deep {
-		//TODO Cache changelogs to bolt
+		packs, err := o.yumPS()
+		if err != nil {
+			return nil, err
+		}
+		for name, pack := range packs {
+			p := o.Packages[name]
+			p.AffectedProcs = pack.AffectedProcs
+			o.Packages[name] = p
+		}
+
 		if err := o.fillChangelogs(updatable); err != nil {
 			return nil, err
 		}
@@ -521,11 +530,9 @@ func (o *redhat) fillDiffChangelogs(packNames []string) error {
 			if index := strings.Index(p.NewVersion, ":"); 0 < index {
 				epoch := p.NewVersion[0:index]
 				ver := p.NewVersion[index+1 : len(p.NewVersion)]
-				epochNameVerRel = fmt.Sprintf("%s:%s-%s",
-					epoch, p.Name, ver)
+				epochNameVerRel = fmt.Sprintf("%s:%s-%s", epoch, p.Name, ver)
 			} else {
-				epochNameVerRel = fmt.Sprintf("%s-%s",
-					p.Name, p.NewVersion)
+				epochNameVerRel = fmt.Sprintf("%s-%s", p.Name, p.NewVersion)
 			}
 			return strings.HasPrefix(s, epochNameVerRel)
 		})
@@ -1038,3 +1045,76 @@ func (o *redhat) sudo() bool {
 		return config.Conf.Deep
 	}
 }
+
+func (o *redhat) yumPS() (models.Packages, error) {
+	cmd := "LANGUAGE=en_US.UTF-8 yum --color=never -q ps all"
+	r := o.exec(util.PrependProxyEnv(cmd), sudo)
+	if !r.isSuccess() {
+		return nil, fmt.Errorf("Failed to SSH: %s", r)
+	}
+	return o.parseYumPS(r.Stdout), nil
+}
+
+func (o *redhat) parseYumPS(stdout string) models.Packages {
+	packs := models.Packages{}
+	scanner := bufio.NewScanner(strings.NewReader(stdout))
+	isPackageLine, needToParseProcline := false, false
+	currentPackName := ""
+	for scanner.Scan() {
+		line := scanner.Text()
+		fields := strings.Fields(line)
+		if len(fields) == 0 ||
+			len(fields) == 1 && fields[0] == "ps" ||
+			len(fields) == 6 && fields[0] == "pid" {
+			continue
+		}
+
+		isPackageLine = !strings.HasPrefix(line, " ")
+		if isPackageLine {
+			if 1 < len(fields) && fields[1] == "Upgrade" {
+				needToParseProcline = true
+
+				// Search o.Packages to divide into name, version, release
+				name, pack, found := o.Packages.FindOne(func(p models.Package) bool {
+					var epochNameVerRel string
+					if index := strings.Index(p.Version, ":"); 0 < index {
+						epoch := p.Version[0:index]
+						ver := p.Version[index+1 : len(p.Version)]
+						epochNameVerRel = fmt.Sprintf("%s:%s-%s-%s.%s",
+							epoch, p.Name, ver, p.Release, p.Arch)
+					} else {
+						epochNameVerRel = fmt.Sprintf("%s-%s-%s.%s",
+							p.Name, p.Version, p.Release, p.Arch)
+					}
+					return strings.HasPrefix(fields[0], epochNameVerRel)
+				})
+				if !found {
+					o.log.Errorf("`yum ps` Package is not found: %s", line)
+					continue
+				}
+				packs[name] = pack
+				currentPackName = name
+			} else {
+				needToParseProcline = false
+			}
+		} else if needToParseProcline {
+			if 6 < len(fields) {
+				proc := models.AffectedProc{
+					PID:      fields[0],
+					ProcName: fields[1],
+					CPU:      fields[2],
+					RSS:      fields[3] + " " + fields[4],
+					State:    strings.TrimSuffix(fields[5], ":"),
+					Uptime:   strings.Join(fields[6:len(fields)], " "),
+				}
+				pack := packs[currentPackName]
+				pack.AffectedProcs = append(pack.AffectedProcs, proc)
+				packs[currentPackName] = pack
+			} else {
+				o.log.Errorf("`yum ps` Unknown Format: %s", line)
+				continue
+			}
+		}
+	}
+	return packs
+}
diff --git a/scan/redhat_test.go b/scan/redhat_test.go
@@ -1297,3 +1297,175 @@ func TestDivideChangelogsIntoEachPackages(t *testing.T) {
 	}
 
 }
+
+func TestParseYumPS(t *testing.T) {
+	r := newRedhat(config.ServerInfo{})
+	r.Distro = config.Distro{Family: "centos"}
+	r.Packages = models.NewPackages(
+		models.Package{
+			Name:    "python",
+			Version: "2.7.5",
+			Release: "34.el7",
+			Arch:    "x86_64",
+		},
+		models.Package{
+			Name:    "util-linux",
+			Version: "2.23.2",
+			Release: "26.el7",
+			Arch:    "x86_64",
+		},
+		models.Package{
+			Name:    "wpa_supplicant",
+			Version: "1:2.0",
+			Release: "17.el7_1",
+			Arch:    "x86_64",
+		},
+		models.Package{
+			Name:    "yum",
+			Version: "3.4.3",
+			Release: "150.el7.centos",
+			Arch:    "noarch",
+		},
+	)
+
+	var tests = []struct {
+		in  string
+		out models.Packages
+	}{
+		{
+			`       pid proc                  CPU      RSS      State uptime
+python-2.7.5-34.el7.x86_64 Upgrade 2.7.5-48.el7.x86_64
+       741 tuned                1:54    16 MB   Sleeping:  14 day(s) 21:52:32
+     38755 yum                  0:00    42 MB    Running:  00:00
+util-linux-2.23.2-26.el7.x86_64 Upgrade 2.23.2-33.el7_3.2.x86_64
+       626 agetty               0:00   848 kB   Sleeping:  14 day(s) 21:52:37
+       628 agetty               0:00   848 kB   Sleeping:  14 day(s) 21:52:37
+1:wpa_supplicant-2.0-17.el7_1.x86_64 Upgrade 1:2.0-21.el7_3.x86_64
+       638 wpa_supplicant       0:00   2.6 MB   Sleeping:  14 day(s) 21:52:37
+yum-3.4.3-150.el7.centos.noarch
+     38755 yum                  0:00    42 MB    Running:  00:00
+ps
+	 `,
+			models.NewPackages(
+				models.Package{
+					Name:    "python",
+					Version: "2.7.5",
+					Release: "34.el7",
+					Arch:    "x86_64",
+					// NewVersion: "2.7.5-",
+					// NewRelease: "48.el7.x86_64",
+					AffectedProcs: []models.AffectedProc{
+						{
+							PID:      "741",
+							ProcName: "tuned",
+							CPU:      "1:54",
+							RSS:      "16 MB",
+							State:    "Sleeping",
+							Uptime:   "14 day(s) 21:52:32",
+						},
+						{
+							PID:      "38755",
+							ProcName: "yum",
+							CPU:      "0:00",
+							RSS:      "42 MB",
+							State:    "Running",
+							Uptime:   "00:00",
+						},
+					},
+				},
+				models.Package{
+					Name:    "util-linux",
+					Version: "2.23.2",
+					Release: "26.el7",
+					Arch:    "x86_64",
+					// NewVersion: "2.7.5",
+					// NewRelease: "48.el7.x86_64",
+					AffectedProcs: []models.AffectedProc{
+						{
+							PID:      "626",
+							ProcName: "agetty",
+							CPU:      "0:00",
+							RSS:      "848 kB",
+							State:    "Sleeping",
+							Uptime:   "14 day(s) 21:52:37",
+						},
+						{
+							PID:      "628",
+							ProcName: "agetty",
+							CPU:      "0:00",
+							RSS:      "848 kB",
+							State:    "Sleeping",
+							Uptime:   "14 day(s) 21:52:37",
+						},
+					},
+				},
+				models.Package{
+					Name:    "wpa_supplicant",
+					Version: "1:2.0",
+					Release: "17.el7_1",
+					Arch:    "x86_64",
+					// NewVersion: "1:2.0",
+					// NewRelease: "21.el7_3.x86_64",
+					AffectedProcs: []models.AffectedProc{
+						{
+							PID:      "638",
+							ProcName: "wpa_supplicant",
+							CPU:      "0:00",
+							RSS:      "2.6 MB",
+							State:    "Sleeping",
+							Uptime:   "14 day(s) 21:52:37",
+						},
+					},
+				},
+			),
+		},
+		{
+			`    pid proc                  CPU      RSS      State uptime
+acpid-2.0.19-6.7.amzn1.x86_64
+      2388 acpid                0:00   1.4 MB   Sleeping:  21:08
+at-3.1.10-48.15.amzn1.x86_64
+      2546 atd                  0:00   164 kB   Sleeping:  21:06
+cronie-anacron-1.4.4-15.8.amzn1.x86_64
+      2637 anacron              0:00   1.5 MB   Sleeping:  13:14
+12:dhclient-4.1.1-51.P1.26.amzn1.x86_64
+      2061 dhclient             0:00   1.4 MB   Sleeping:  21:10
+      2193 dhclient             0:00   2.1 MB   Sleeping:  21:08
+mingetty-1.08-5.9.amzn1.x86_64
+      2572 mingetty             0:00   1.4 MB   Sleeping:  21:06
+      2575 mingetty             0:00   1.4 MB   Sleeping:  21:06
+      2578 mingetty             0:00   1.5 MB   Sleeping:  21:06
+      2580 mingetty             0:00   1.4 MB   Sleeping:  21:06
+      2582 mingetty             0:00   1.4 MB   Sleeping:  21:06
+      2584 mingetty             0:00   1.4 MB   Sleeping:  21:06
+openssh-server-6.6.1p1-33.66.amzn1.x86_64
+      2481 sshd                 0:00   2.6 MB   Sleeping:  21:07
+python27-2.7.12-2.120.amzn1.x86_64
+      2649 yum                  0:00    35 MB    Running:  00:01
+rsyslog-5.8.10-9.26.amzn1.x86_64
+      2261 rsyslogd             0:00   2.6 MB   Sleeping:  21:08
+udev-173-4.13.amzn1.x86_64
+      1528 udevd                0:00   2.5 MB   Sleeping:  21:12
+      1652 udevd                0:00   2.1 MB   Sleeping:  21:12
+      1653 udevd                0:00   2.0 MB   Sleeping:  21:12
+upstart-0.6.5-13.3.13.amzn1.x86_64
+         1 init                 0:00   2.5 MB   Sleeping:  21:13
+util-linux-2.23.2-33.28.amzn1.x86_64
+      2569 agetty               0:00   1.6 MB   Sleeping:  21:06
+yum-3.4.3-150.70.amzn1.noarch
+      2649 yum                  0:00    35 MB    Running:  00:01
+`,
+			models.Packages{},
+		},
+	}
+
+	for _, tt := range tests {
+		packages := r.parseYumPS(tt.in)
+		for name, ePack := range tt.out {
+			if !reflect.DeepEqual(ePack, packages[name]) {
+				e := pp.Sprintf("%v", ePack)
+				a := pp.Sprintf("%v", packages[name])
+				t.Errorf("expected %s, actual %s", e, a)
+			}
+		}
+	}
+}
