-
Notifications
You must be signed in to change notification settings - Fork 2
/
check-system.py
executable file
·56 lines (44 loc) · 2.1 KB
/
check-system.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
#!/usr/bin/python
import sys, os , re, sqlite
import rpm
import sarahlib
def vercmp((e1, v1, r1), (e2, v2, r2)):
return rpm.labelCompare((e1, v1, r1), (e2, v2, r2))
sys.stdout = os.fdopen(1, 'w', 0)
hostname = sys.argv[1]
rpmqa = {}
for rpmfile in open('rpmqa-%s.txt' % hostname).readlines():
rpmfile = rpmfile.rstrip()
try:
rec = re.search('(?P<name>[^/]+)-(?P<version>[\w\.]+)-(?P<release>[\w\.]+)\.(?P<arch>\w+)$', rpmfile).groupdict()
except:
try:
rec = re.search('(?P<name>[^/]+)-(?P<version>[\w\.]+)-(?P<release>[\w\.]+)$', rpmfile).groupdict()
except:
rec = re.search('(?P<name>[^/]+)-(?P<version>[\w\.]+)-(?P<release>[\w\.]+)\.(?P<arch>\w+).rpm$', rpmfile).groupdict()
rpmqa[rec['name']] = {'version': rec['version'], 'release': rec['release'], 'arch': rec['arch']}
if rec['name'] == 'redhat-release':
release = rec['version']
arch = rec['arch']
con, cur = sarahlib.opendb()
upd = {}
adv = {}
cur.execute('select filename,rpm.advid,severity,synopsis from rpm,adv where prodshort == "%s" and arch == "%s" and rpm.advid == adv.advid and adv.type == "RHSA" order by rpm.advid' % (release, arch))
for rpmfile, advid, severity, synopsis in cur.fetchall():
rec = re.search('(?P<name>[^/]+)-(?P<version>[\w\.]+)-(?P<release>[\w\.]+)\.(?P<arch>\w+).rpm$', rpmfile).groupdict()
if rec['name'] in rpmqa.keys():
ins = rpmqa[rec['name']]
if vercmp(('0', rec['version'], rec['release']), ('0', ins['version'], ins['release'])) >= 0:
if advid not in adv.keys():
adv[advid] = {'severity': severity, 'synopsis': synopsis}
if rec['name'] in upd.keys():
sec = upd[rec['name']]
if vercmp(('0', rec['version'], rec['release']), ('0', sec['version'], sec['release'])) >= 0:
upd[rec['name']] = {'version': rec['version'], 'release': rec['release'], 'arch': rec['arch']}
else:
upd[rec['name']] = {'version': rec['version'], 'release': rec['release'], 'arch': rec['arch']}
#for rec in upd.keys():
# print '%s: %s' % (rec, upd[rec])
print 'System %s is susceptible for the following advisories:' % hostname
for advid in adv.keys():
print advid, adv[advid]['synopsis'], "(%s)" % adv[advid]['severity']