Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support for Gentoo Linux #1963

Open
necrose99 opened this issue Jun 11, 2024 · 2 comments
Open

Support for Gentoo Linux #1963

necrose99 opened this issue Jun 11, 2024 · 2 comments

Comments

@necrose99
Copy link

necrose99 commented Jun 11, 2024

https://github.com/necrose99/GLSA-OVAL my parser needs much work ... yet still probably bit off more than i can chew... for now
(hints welcomed)

however if Theirs items to take and intégrate feel free ...
scrape webpages for nvd cve links chat gpt is a help but... still broken bits

Gentoo Security Advisories anyway they have nvd links etc ..

sudo or vuls groupid vuls and vuls sub bits / depends ... gooval etc ... might need other perms ie windows admin etc...
ie systemwide installs its been a while on vuls

//permissions.go
package main

import (
    "fmt"
    "os/exec"
    "os/user"
    "syscall"
)

func permissions) {
    currentUser, err := user.Current()
    if err != nil {
        fmt.Println("Error getting current user:", err)
        return
    }

    inVulsGroup, err := IsUserInGroup(currentUser, "vuls")
    if err != nil {
        fmt.Println("Error checking if user is in vuls group:", err)
        return
    }

    if inVulsGroup || IsSudoUser(currentUser) {
        cmd := exec.Command("vuls", "scan")
        cmd.Stdout = os.Stdout
        cmd.Stderr = os.Stderr
        cmd.SysProcAttr = &syscall.SysProcAttr{Setpgid: true}

        err := cmd.Run()
        if err != nil {
            fmt.Println("Error running Vuls scanner:", err)
            return
        }
    } else {
        fmt.Println("User", currentUser.Username, "is not permitted to run Vuls scanner")
    }
}

func IsUserInGroup(user *user.User, group string) (bool, error) {
    // Logic to check if user is in a specific group
}

func IsSudoUser(user *user.User) bool {
    // Logic to check if user has sudo privileges
}
`
@MaineK00n
Copy link
Collaborator

We are also preparing Gentoo support in the near future.
This is how we start storing raw data.
https://github.com/vulsio/vuls-data-raw-gentoo

@MaineK00n MaineK00n changed the title GLSA Support for Gentoo Linux Jun 12, 2024
@necrose99
Copy link
Author

https://github.com/necrose99/GLSA-OVAL/blob/main/glsa_parser.py
Trying to clean up the go into a clear single file..
Abuse of gpt or cluade.
Python3 seems to nail those , gentoo ebuilds in about 3-5 promts..
Go tends to take an unholy amount then it tends to forget lines of code..

Just having to share a laptop.. since last thunderstorm took out my surge strips, desktop n laptop.. building took a direct hit.. so Wsl2 gentoo is bit limiting..

@mgorny or other gentoo devs could add oval definition files ie glsa.gentoo.org/oval as an option,
Openscap, mageni , vuls , etc vulnerability scanners would have more impact, that use oval files..

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

2 participants