vuls scan not running check-update with sudo for Centos 7

[Colbize]

Environment

Amazon AWS EC2

Vuls

vuls v0.3.0 fecd1ad

OS

• Target Server: CentOS Linux release 7.2.1511 (Core) - AWS
• Vuls Server: CentOS Linux release 7.3.1611 (Core) - AWS

Go

• Go version: go version go1.7.1 linux/amd64

Current Output

vuls scan --debug
[May  9 16:18:45]  INFO [localhost] Start scanning
[May  9 16:18:45]  INFO [localhost] config: /root/config.toml
[May  9 16:18:45] DEBUG [localhost] map[string]config.ServerInfo{}
[May  9 16:18:45]  INFO [localhost] Validating config...
[May  9 16:18:45]  INFO [localhost] Detecting Server/Container OS... 
[May  9 16:18:45]  INFO [localhost] Detecting OS of servers... 
[May  9 16:18:46] DEBUG [localhost] execResult: servername: 10-42-2-59
  cmd: /usr/bin/ssh -tt -o StrictHostKeyChecking=yes -o LogLevel=quiet -o ConnectionAttempts=3 -o ConnectTimeout=10 -o ControlMaster=no -o ControlPath=none centos@10.42.2.59 -p 22 -i /root/.ssh/vuls -o PasswordAuthentication=no stty cols 1000; ls /etc/debian_version
  exitstatus: 2
  stdout: ls: cannot access /etc/debian_version: No such file or directory

  stderr: 
  err: %!s(<nil>)
[May  9 16:18:46] DEBUG [localhost] Not Debian like Linux. execResult: servername: 10-42-2-59
  cmd: /usr/bin/ssh -tt -o StrictHostKeyChecking=yes -o LogLevel=quiet -o ConnectionAttempts=3 -o ConnectTimeout=10 -o ControlMaster=no -o ControlPath=none centos@10.42.2.59 -p 22 -i /root/.ssh/vuls -o PasswordAuthentication=no stty cols 1000; ls /etc/debian_version
  exitstatus: 2
  stdout: ls: cannot access /etc/debian_version: No such file or directory

  stderr: 
  err: %!s(<nil>)
[May  9 16:18:47] DEBUG [localhost] execResult: servername: 10-42-2-59
  cmd: /usr/bin/ssh -tt -o StrictHostKeyChecking=yes -o LogLevel=quiet -o ConnectionAttempts=3 -o ConnectTimeout=10 -o ControlMaster=no -o ControlPath=none centos@10.42.2.59 -p 22 -i /root/.ssh/vuls -o PasswordAuthentication=no stty cols 1000; ls /etc/fedora-release
  exitstatus: 2
  stdout: ls: cannot access /etc/fedora-release: No such file or directory

  stderr: 
  err: %!s(<nil>)
[May  9 16:18:48] DEBUG [localhost] execResult: servername: 10-42-2-59
  cmd: /usr/bin/ssh -tt -o StrictHostKeyChecking=yes -o LogLevel=quiet -o ConnectionAttempts=3 -o ConnectTimeout=10 -o ControlMaster=no -o ControlPath=none centos@10.42.2.59 -p 22 -i /root/.ssh/vuls -o PasswordAuthentication=no stty cols 1000; ls /etc/oracle-release
  exitstatus: 2
  stdout: ls: cannot access /etc/oracle-release: No such file or directory

  stderr: 
  err: %!s(<nil>)
[May  9 16:18:49] DEBUG [localhost] execResult: servername: 10-42-2-59
  cmd: /usr/bin/ssh -tt -o StrictHostKeyChecking=yes -o LogLevel=quiet -o ConnectionAttempts=3 -o ConnectTimeout=10 -o ControlMaster=no -o ControlPath=none centos@10.42.2.59 -p 22 -i /root/.ssh/vuls -o PasswordAuthentication=no stty cols 1000; ls /etc/redhat-release
  exitstatus: 0
  stdout: /etc/redhat-release

  stderr: 
  err: %!s(<nil>)
[May  9 16:18:50] DEBUG [localhost] execResult: servername: 10-42-2-59
  cmd: /usr/bin/ssh -tt -o StrictHostKeyChecking=yes -o LogLevel=quiet -o ConnectionAttempts=3 -o ConnectTimeout=10 -o ControlMaster=no -o ControlPath=none centos@10.42.2.59 -p 22 -i /root/.ssh/vuls -o PasswordAuthentication=no stty cols 1000; cat /etc/redhat-release
  exitstatus: 0
  stdout: CentOS Linux release 7.2.1511 (Core) 

  stderr: 
  err: %!s(<nil>)
[May  9 16:18:50] DEBUG [localhost] Redhat like Linux. Host: 10.42.2.59:22
[May  9 16:18:50]  INFO [localhost] (1/1) Detected: 10-42-2-59: centos 7.2.1511
[May  9 16:18:50]  INFO [localhost] Detecting OS of containers... 
[May  9 16:18:50]  INFO [localhost] Detecting Platforms... 
[May  9 16:18:52] DEBUG [10-42-2-59] execResult: servername: 10-42-2-59
  cmd: /usr/bin/ssh -tt -o StrictHostKeyChecking=yes -o LogLevel=quiet -o ConnectionAttempts=3 -o ConnectTimeout=10 -o ControlMaster=no -o ControlPath=none centos@10.42.2.59 -p 22 -i /root/.ssh/vuls -o PasswordAuthentication=no stty cols 1000; type curl
  exitstatus: 0
  stdout: curl is /usr/bin/curl

  stderr: 
  err: %!s(<nil>)
[May  9 16:18:53] DEBUG [10-42-2-59] execResult: servername: 10-42-2-59
  cmd: /usr/bin/ssh -tt -o StrictHostKeyChecking=yes -o LogLevel=quiet -o ConnectionAttempts=3 -o ConnectTimeout=10 -o ControlMaster=no -o ControlPath=none centos@10.42.2.59 -p 22 -i /root/.ssh/vuls -o PasswordAuthentication=no stty cols 1000; curl --max-time 1 --retry 3 --noproxy 169.254.169.254 http://169.254.169.254/latest/meta-data/instance-id
  exitstatus: 0
  stdout: i-07dbf8907ae66adde
  stderr: 
  err: %!s(<nil>)
[May  9 16:18:53]  INFO [localhost] (1/1) 10-42-2-59 is running on aws
[May  9 16:18:53]  INFO [localhost] Scanning vulnerabilities... 
[May  9 16:18:53]  INFO [localhost] Scanning vulnerable OS packages...
[May  9 16:18:54] DEBUG [10-42-2-59] execResult: servername: 10-42-2-59
  cmd: /usr/bin/ssh -tt -o StrictHostKeyChecking=yes -o LogLevel=quiet -o ConnectionAttempts=3 -o ConnectTimeout=10 -o ControlMaster=no -o ControlPath=none centos@10.42.2.59 -p 22 -i /root/.ssh/vuls -o PasswordAuthentication=no stty cols 1000; rpm -qa --queryformat '%{NAME}	%{VERSION}	%{RELEASE}
'

.......

[May  9 16:18:55] DEBUG [10-42-2-59] execResult: servername: 10-42-2-59
  cmd: /usr/bin/ssh -tt -o StrictHostKeyChecking=yes -o LogLevel=quiet -o ConnectionAttempts=3 -o ConnectTimeout=10 -o ControlMaster=no -o ControlPath=none centos@10.42.2.59 -p 22 -i /root/.ssh/vuls -o PasswordAuthentication=no stty cols 1000; LANGUAGE=en_US.UTF-8 yum --color=never  check-update
  exitstatus: 1
  stdout: Loaded plugins: changelog, fastestmirror, rhnplugin
*Note* Spacewalk repositories are not listed below. You must run this command as root to access Spacewalk repositories.
There are no enabled repos.
 Run "yum repolist all" to see the repos you have.
 You can enable repos with yum-config-manager --enable <repo>

  stderr: 
  err: %!s(<nil>)
[May  9 16:18:55] ERROR [10-42-2-59] Failed to scan vulnerable packages
[May  9 16:18:55] ERROR [localhost] Error: 10-42-2-59, err: [Failed to SSH: execResult: servername: 10-42-2-59
  cmd: /usr/bin/ssh -tt -o StrictHostKeyChecking=yes -o LogLevel=quiet -o ConnectionAttempts=3 -o ConnectTimeout=10 -o ControlMaster=no -o ControlPath=none centos@10.42.2.59 -p 22 -i /root/.ssh/vuls -o PasswordAuthentication=no stty cols 1000; LANGUAGE=en_US.UTF-8 yum --color=never  check-update
  exitstatus: 1
  stdout: Loaded plugins: changelog, fastestmirror, rhnplugin
*Note* Spacewalk repositories are not listed below. You must run this command as root to access Spacewalk repositories.
There are no enabled repos.
 Run "yum repolist all" to see the repos you have.
 You can enable repos with yum-config-manager --enable <repo>

  stderr: 
  err: %!s(<nil>)]


One Line Summary
================
10-42-2-59	Error		Run with --debug to view the details


To view the detail, vuls tui is useful.
To send a report, run vuls report -h.

Addition Details

vuls configtest
[May  9 16:23:10]  INFO [localhost] Validating config...
[May  9 16:23:10]  INFO [localhost] Detecting Server/Container OS... 
[May  9 16:23:10]  INFO [localhost] Detecting OS of servers... 
[May  9 16:23:14]  INFO [localhost] (1/1) Detected: 10-42-2-59: centos 7.2.1511
[May  9 16:23:14]  INFO [localhost] Detecting OS of containers... 
[May  9 16:23:14]  INFO [localhost] Checking dependendies...
[May  9 16:23:16]  INFO [10-42-2-59] Dependencies... Pass
[May  9 16:23:16]  INFO [localhost] Checking sudo settings...
[May  9 16:23:16]  INFO [10-42-2-59] Checking... sudo yum --changelog --assumeno update yum
[May  9 16:23:19]  INFO [10-42-2-59] Sudo... Pass
[May  9 16:23:19]  INFO [localhost] Scannable servers are below...
10-42-2-59 

Can you also please fill in each of the remaining sections.

Expected Behavior

sudo yum --color=never check-update

Actual Behavior

yum --color=never check-update

[May  9 16:22:28] ERROR [localhost] Error: 10-42-2-59, err: [Failed to SSH: execResult: servername: 10-42-2-59
  cmd: /usr/bin/ssh -tt -o StrictHostKeyChecking=yes -o LogLevel=quiet -o ConnectionAttempts=3 -o ConnectTimeout=10 -o ControlMaster=no -o ControlPath=none centos@10.42.2.59 -p 22 -i /root/.ssh/vuls -o PasswordAuthentication=no stty cols 1000; LANGUAGE=en_US.UTF-8 yum --color=never  check-update
  exitstatus: 1
  stdout: Loaded plugins: changelog, fastestmirror, rhnplugin
*Note* Spacewalk repositories are not listed below. You must run this command as root to access Spacewalk repositories.
There are no enabled repos.
 Run "yum repolist all" to see the repos you have.
 You can enable repos with yum-config-manager --enable <repo>

Steps to reproduce the behaviour

vuls scan debug on CentOS Linux release 7.2.1511 (Core) - AWS

[eduardohki]

Hello @Colbize

The problem seems to be related to CentOS itself.

Could you please run this command (LANGUAGE=en_US.UTF-8 yum --color=never check-update) directly in the remote CentOS instance using centos user?

It seems that your host doesn't have any repo configured: There are no enabled repos

[kotakanbe]

Please re-open if you still have the problem.