-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Include Macports applications in the syscollector (inventory) and vulnerability detector #15726
Comments
Overview MacPorts package managerEnvironmentMacos Catalina 10.15.7 MacPorts package dataDatabase structureThe installed packages (ports in MacPorts slang) are stored in an SQLite database in the following path As a quick test, the following packages were installed
The database tables are:Where the most important is the The information for those 3 packages is shown below: Syscollector package fields.Click to expandname TranslationClick to expand
Note: The fields represented by "-" are for internal use.
https://guide.macports.org/#internals.images Table schemasports tableClick to expand
sys_programs tableClick to expand
Attributes data types
Note: It must be checked that archs can have multiple values and whether or not that affects the implementation. APIThe direct manipulation of the database may compromise its integrity, the MacPorts project exposes an API that performs the locks and unlocks of the database. The API is implemented with the TCL script language being the important one for this task, the MacPorts API (https://guide.macports.org/#internals.apis.macports). The implementation is under The approach is to use the TCL library and the MacPorts TCL module. This small script works to obtain the available package information in the registry database. Simple TCL scriptClick to expand#!/opt/local/libexec/macports/bin/tclsh8.6
package require macports
if {[catch {mportinit} result]} {
puts $::errorInfo
fatal "Failed to initialize MacPorts, $result"
}
set ivariable [registry::installed]
foreach i $ivariable {
set iname [lindex $i 0]
set iversion [lindex $i 1]
set irevision [lindex $i 2]
set ivariants [lindex $i 3]
set ref [registry::open_entry $iname $iversion $irevision $ivariants]
set location [registry::property_retrieve $ref location]
set archs [registry::property_retrieve $ref archs]
set date [registry::property_retrieve $ref date]
puts "Package name: $iname"
puts "Version: $iversion"
puts "Location: $location"
puts "Arch: $archs"
puts "Date: $date"
puts ""
} Information about TCL API for C can be found here: https://www.tcl.tk/man/tcl8.6/TclLib/contents.html ConclusionAn internal library is used while executing the command
But it was found that during the execution of that command, no locker was acquired like the one mentioned here.
The Lock was only acquired during the use of This leads us to notice that the database is in WAL mode, which allows more concurrency since writers do not block readers and vice-versa. https://www.sqlite.org/wal.html This lets us implement a feature that directly queries the database without compromising the integrity of the database or the data received. POCThe following code was used to test whether the approach is valid or not. Expand code#include<iostream>
#include<sqlite3.h>
const std::string dbName {"/opt/local/var/macports/registry/registry.db"};
const std::string TABLE {"PORTS"};
const std::string QUERY {"SELECT name, version, date, location, archs FROM " + TABLE};
int main(int argc, char **argv){
sqlite3 *db = nullptr;
sqlite3_stmt *stmt = nullptr;
sqlite3_open_v2(dbName.c_str(), &db, SQLITE_OPEN_READONLY, nullptr);
sqlite3_prepare_v2(db, QUERY.c_str(), -1, &stmt, NULL);
while(sqlite3_step(stmt) == SQLITE_ROW) {
std::cout << sqlite3_column_text(stmt, 0) << std::endl;
std::cout << sqlite3_column_text(stmt, 1) << std::endl;
std::cout << sqlite3_column_text(stmt, 2) << std::endl;
std::cout << sqlite3_column_text(stmt, 3) << std::endl;
std::cout << sqlite3_column_text(stmt, 4) << std::endl;
}
sqlite3_finalize(stmt);
sqlite3_close(db);
return 0;
} demo.mp4As the SQLite documentation reports, it is possible to get More information here: https://guide.macports.org/ |
The implementation will be covered by: |
I'd like that syscollector be able to learn Macports-pased packages (https://www.macports.org/), and that the package list/versions be employed by the vulnerability detector.
I blieve the issue is similar to the current issues with "brew"?
The text was updated successfully, but these errors were encountered: