rpms / openscap

Clone
Source Code
GIT

Blame SOURCES/openscap-1.2.12-oscap-docker-incompliance.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8s c9 c9-beta
  1.   1db84f8b0e5379423c6238a07954ca8ca3ff610d
  2.   SOURCES
  3.   openscap-1.2.12-oscap-docker-incompliance.patch
Blob History Raw
1db84f 
From 5ffdcf51b500494ac235a6a0160c126fc6f2144c Mon Sep 17 00:00:00 2001
1db84f 
From: =?UTF-8?q?Jan=20=C4=8Cern=C3=BD?= <jcerny@redhat.com>
1db84f 
Date: Mon, 24 Oct 2016 10:30:07 +0200
1db84f 
Subject: [PATCH] Issue#475: RHBZ#1387248: Fix oscap-docker reporting
1db84f 
 incompliance
1db84f
1db84f 
Compliance scan of a Docker image/container using oscap-docker reported
1db84f 
incorrectly that there had been an error even if scan had been successful
1db84f 
but incompliance of the assessed system had been found.
1db84f 
---
1db84f 
 utils/oscap_docker_python/oscap_docker_util.py | 14 +++++++-------
1db84f 
 1 file changed, 7 insertions(+), 7 deletions(-)
1db84f
1db84f 
diff --git a/utils/oscap_docker_python/oscap_docker_util.py b/utils/oscap_docker_python/oscap_docker_util.py
1db84f 
index 210ac57..8ca31b5 100644
1db84f 
--- a/utils/oscap_docker_python/oscap_docker_util.py
1db84f 
+++ b/utils/oscap_docker_python/oscap_docker_util.py
1db84f 
@@ -119,19 +119,19 @@ def oscap_chroot(self, target, image, chroot_path, *oscap_args):
1db84f 
         os.environ["OSCAP_PROBE_"
1db84f 
                    "PRIMARY_HOST_NAME"] = "{0}-{1}".format(target, image)
1db84f 
         cmd = ['oscap'] + [x for x in oscap_args]
1db84f 
-        try:
1db84f 
-            run = subprocess.check_output(cmd)
1db84f 
-        except Exception as error:
1db84f 
-            print("\nCommand: {0} failed!\n".format(" ".join(cmd)))
1db84f 
-            print("Error was:\n")
1db84f 
-            print(error)
1db84f 
+        oscap_process = subprocess.Popen(cmd, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
1db84f 
+        oscap_stdout, oscap_stderr = oscap_process.communicate()
1db84f 
+        if oscap_process.returncode not in [0, 2]:
1db84f 
+            sys.stderr.write("\nCommand: {0} failed!\n".format(" ".join(cmd)))
1db84f 
+            sys.stderr.write("Command returned exit code {0}.\n".format(oscap_process.returncode))
1db84f 
+            sys.stderr.write(oscap_stderr.decode("utf-8") + "\n")
1db84f
1db84f 
             # Clean up
1db84f 
             self._cleanup_by_path(chroot_path)
1db84f
1db84f 
             sys.exit(1)
1db84f
1db84f 
-        return run.decode("utf-8")
1db84f 
+        return oscap_stdout.decode("utf-8")
1db84f
1db84f 
     def _scan_cve(self, chroot, dist, scan_args):
1db84f 
         '''

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation