Normation · Normation-Quality-Assistant · May 4, 2023 · Apr 13, 2023
diff --git a/rudder-agent/SOURCES/patches/cfengine/15636-ignore-symlink-check-on-lxc.patch b/rudder-agent/SOURCES/patches/cfengine/15636-ignore-symlink-check-on-lxc.patch
@@ -0,0 +1,142 @@
+--- cfengine-source.orig/libenv/unix_iface.c	2022-11-09 17:33:16.000000000 +0100
++++ cfengine-source/libenv/unix_iface.c	2023-04-19 11:15:16.758412820 +0200
+@@ -1346,12 +1346,17 @@
+ void GetNetworkingInfo(EvalContext *ctx)
+ {
+     const char *procdir_root = GetRelocatedProcdirRoot();
++    int promiser_pid = (int) getpid();
+
+     Buffer *pbuf = BufferNew();
+
+     JsonElement *inet = JsonObjectCreate(2);
+
+-    BufferPrintf(pbuf, "%s/proc/net/netstat", procdir_root);
++    BufferPrintf(pbuf, "%s/proc/%d/net/netstat", procdir_root, promiser_pid);
++    if (!FileCanOpen(BufferData(pbuf), "r"))
++    {
++        BufferPrintf(pbuf, "%s/proc/net/netstat", procdir_root);
++    }
+     JsonElement *inet_stats = GetNetworkingStatsInfo(BufferData(pbuf));
+
+     if (inet_stats != NULL)
+@@ -1359,7 +1364,11 @@
+         JsonObjectAppendElement(inet, "stats", inet_stats);
+     }
+
+-    BufferPrintf(pbuf, "%s/proc/net/route", procdir_root);
++    BufferPrintf(pbuf, "%s/proc/%d/net/route", procdir_root, promiser_pid);
++    if (!FileCanOpen(BufferData(pbuf), "r"))
++    {
++        BufferPrintf(pbuf, "%s/proc/net/route", procdir_root);
++    }
+     JsonElement *routes = GetProcFileInfo(ctx, BufferData(pbuf),  NULL, NULL, &NetworkingRoutesPostProcessInfo, NULL,
+                     // format: Iface	Destination	Gateway 	Flags	RefCnt	Use	Metric	Mask		MTU	Window	IRTT
+                     //         eth0	00000000	0102A8C0	0003	0	0	1024	00000000	0	0	0
+@@ -1407,7 +1416,11 @@
+
+     JsonElement *inet6 = JsonObjectCreate(3);
+
+-    BufferPrintf(pbuf, "%s/proc/net/snmp6", procdir_root);
++    BufferPrintf(pbuf, "%s/proc/%d/net/snmp6", procdir_root, promiser_pid);
++    if (!FileCanOpen(BufferData(pbuf), "r"))
++    {
++        BufferPrintf(pbuf, "%s/proc/net/snmp6", procdir_root);
++    }
+     JsonElement *inet6_stats = GetProcFileInfo(ctx, BufferData(pbuf), NULL, NULL, NULL, NULL,
+                                                "^\\s*(?<key>\\S+)\\s+(?<value>\\d+)");
+
+@@ -1433,7 +1446,11 @@
+         JsonDestroy(inet6_stats);
+     }
+
+-    BufferPrintf(pbuf, "%s/proc/net/ipv6_route", procdir_root);
++    BufferPrintf(pbuf, "%s/proc/%d/net/ipv6_route", procdir_root, promiser_pid);
++    if (!FileCanOpen(BufferData(pbuf), "r"))
++    {
++        BufferPrintf(pbuf, "%s/proc/net/ipv6_route", procdir_root);
++    }
+     JsonElement *inet6_routes = GetProcFileInfo(ctx, BufferData(pbuf),  NULL, NULL, &NetworkingIPv6RoutesPostProcessInfo, NULL,
+                     // format: dest                    dest_prefix source                source_prefix next_hop                         metric   refcnt   use      flags        interface
+                     //         fe800000000000000000000000000000 40 00000000000000000000000000000000 00 00000000000000000000000000000000 00000100 00000000 00000000 00000001     eth0
+@@ -1448,7 +1465,11 @@
+         JsonObjectAppendElement(inet6, "routes", inet6_routes);
+     }
+
+-    BufferPrintf(pbuf, "%s/proc/net/if_inet6", procdir_root);
++    BufferPrintf(pbuf, "%s/proc/%d/net/if_inet6", procdir_root, promiser_pid);
++    if (!FileCanOpen(BufferData(pbuf), "r"))
++    {
++        BufferPrintf(pbuf, "%s/proc/net/if_inet6", procdir_root);
++    }
+     JsonElement *inet6_addresses = GetProcFileInfo(ctx, BufferData(pbuf),  NULL, "interface", &NetworkingIPv6AddressesPostProcessInfo, &NetworkingIPv6AddressesTiebreaker,
+                     // format: address device_number prefix_length scope flags interface_name
+                     // 00000000000000000000000000000001 01 80 10 80       lo
+@@ -1471,7 +1492,11 @@
+     //  face |bytes    packets errs drop fifo frame compressed multicast|bytes    packets errs drop fifo colls carrier compressed
+     //   eth0: 74850544807 75236137    0    0    0     0          0   1108775 63111535625 74696758    0    0    0     0       0          0
+
+-    BufferPrintf(pbuf, "%s/proc/net/dev", procdir_root);
++    BufferPrintf(pbuf, "%s/proc/%d/net/dev", procdir_root, promiser_pid);
++    if (!FileCanOpen(BufferData(pbuf), "r"))
++    {
++        BufferPrintf(pbuf, "%s/proc/net/dev", procdir_root);
++    }
+     JsonElement *interfaces_data =
+     GetProcFileInfo(ctx, BufferData(pbuf), "interfaces_data", "device", NULL, NULL,
+                     "^\\s*(?<device>[^:]+)\\s*:\\s*"
+@@ -1499,34 +1524,51 @@
+ JsonElement* GetNetworkingConnections(EvalContext *ctx)
+ {
+     const char *procdir_root = GetRelocatedProcdirRoot();
++    int promiser_pid = (int) getpid();
+     JsonElement *json = JsonObjectCreate(5);
+     const char* ports_regex = "^\\s*\\d+:\\s+(?<raw_local>[0-9A-F:]+)\\s+(?<raw_remote>[0-9A-F:]+)\\s+(?<raw_state>[0-9]+)";
+
+     JsonElement *data = NULL;
+     Buffer *pbuf = BufferNew();
+
+-    BufferPrintf(pbuf, "%s/proc/net/tcp", procdir_root);
++    BufferPrintf(pbuf, "%s/proc/%d/net/tcp", procdir_root, promiser_pid);
++    if (!FileCanOpen(BufferData(pbuf), "r"))
++    {
++        BufferPrintf(pbuf, "%s/proc/net/tcp", procdir_root);
++    }
+     data = GetProcFileInfo(ctx, BufferData(pbuf), NULL, NULL, &NetworkingPortsPostProcessInfo, NULL, ports_regex);
+     if (data != NULL)
+     {
+         JsonObjectAppendElement(json, "tcp", data);
+     }
+
+-    BufferPrintf(pbuf, "%s/proc/net/tcp6", procdir_root);
++    BufferPrintf(pbuf, "%s/proc/%d/net/tcp6", procdir_root, promiser_pid);
++    if (!FileCanOpen(BufferData(pbuf), "r"))
++    {
++        BufferPrintf(pbuf, "%s/proc/net/tcp6", procdir_root);
++    }
+     data = GetProcFileInfo(ctx, BufferData(pbuf), NULL, NULL, &NetworkingPortsPostProcessInfo, NULL, ports_regex);
+     if (data != NULL)
+     {
+         JsonObjectAppendElement(json, "tcp6", data);
+     }
+
+-    BufferPrintf(pbuf, "%s/proc/net/udp", procdir_root);
++    BufferPrintf(pbuf, "%s/proc/%d/net/udp", procdir_root, promiser_pid);
++    if (!FileCanOpen(BufferData(pbuf), "r"))
++    {
++        BufferPrintf(pbuf, "%s/proc/net/udp", procdir_root);
++    }
+     data = GetProcFileInfo(ctx, BufferData(pbuf), NULL, NULL, &NetworkingPortsPostProcessInfo, NULL, ports_regex);
+     if (data != NULL)
+     {
+         JsonObjectAppendElement(json, "udp", data);
+     }
+
+-    BufferPrintf(pbuf, "%s/proc/net/udp6", procdir_root);
++    BufferPrintf(pbuf, "%s/proc/%d/net/udp6", procdir_root, promiser_pid);
++    if (!FileCanOpen(BufferData(pbuf), "r"))
++    {
++        BufferPrintf(pbuf, "%s/proc/net/udp6", procdir_root);
++    }
+     data = GetProcFileInfo(ctx, BufferData(pbuf), NULL, NULL, &NetworkingPortsPostProcessInfo, NULL, ports_regex);
+     if (data != NULL)
+     {