-
Notifications
You must be signed in to change notification settings - Fork 0
/
usr_local_bin_debsecan-by-type
executable file
·35 lines (29 loc) · 1.3 KB
/
usr_local_bin_debsecan-by-type
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
#!/bin/bash
# Description:
# Usage:
# License:
# Source:
# TODO optimize
set -o errexit
set -o nounset
log_path="/var/log/debsecan"
mkdir -p "$log_path"
chown -R root:adm "$log_path"
chmod -R u=rwX,g=rX "$log_path"
output=$(/usr/bin/debsecan)
high_remote=$(echo "$output" | grep 'high urgency' | grep 'remotely exploitable' || true)
high_local=$(echo "$output" | grep 'high urgency' | grep -v 'remotely exploitable' || true)
medium_remote=$(echo "$output" | grep 'medium urgency' | grep 'remotely exploitable' || true)
medium_local=$(echo "$output" | grep 'medium urgency' | grep -v 'remotely exploitable' || true)
low_remote=$(echo "$output" | grep 'low urgency' | grep 'remotely exploitable' || true)
low_local=$(echo "$output" | grep 'low urgency' | grep -v 'remotely exploitable' || true)
other=$(echo "$output" | grep -v 'urgency' || true)
echo "$output" > "$log_path/debsecan.log"
echo "$high_remote" > "$log_path/debsecan_high_remote.log"
echo "$high_local" > "$log_path/debsecan_high_local.log"
echo "$medium_remote" > "$log_path/debsecan_medium_remote.log"
echo "$medium_local" > "$log_path/debsecan_medium_local.log"
echo "$low_remote" > "$log_path/debsecan_low_remote.log"
echo "$low_local" > "$log_path/debsecan_low_local.log"
echo "$other" > "$log_path/debsecan_other.log"
chgrp -R netdata /var/log/debsecan/