52 lines
1.9 KiB
Diff
52 lines
1.9 KiB
Diff
From af168dfd4886d994060af0d3a17f417d7d08daa2 Mon Sep 17 00:00:00 2001
|
|
From: young <954906362@qq.com>
|
|
Date: Tue, 9 May 2023 11:07:47 +0800
|
|
Subject: [PATCH] fix hotpatch fail show succeed bug
|
|
MIME-Version: 1.0
|
|
Content-Type: text/plain; charset=UTF-8
|
|
Content-Transfer-Encoding: 8bit
|
|
|
|
---
|
|
ceres/manages/vulnerability_manage.py | 14 ++++++++++----
|
|
1 file changed, 10 insertions(+), 4 deletions(-)
|
|
|
|
diff --git a/ceres/manages/vulnerability_manage.py b/ceres/manages/vulnerability_manage.py
|
|
index 12c3bc1..a353dab 100644
|
|
--- a/ceres/manages/vulnerability_manage.py
|
|
+++ b/ceres/manages/vulnerability_manage.py
|
|
@@ -151,8 +151,10 @@ class VulnerabilityManage:
|
|
scan_result = get_shell_data(
|
|
["dnf", "updateinfo", "list", "cves", "--repo", repo_id])
|
|
is_dnf_command = False
|
|
-
|
|
- for scan_info in scan_result.strip().split("\n")[2:]:
|
|
+ # scan_result e.g.
|
|
+ # Last metadata expiration check: 4:31:51 ago on Tue 09 May 2023 05:50:28 AM CST.
|
|
+ # CVE-2021-32675 Low/sec.- -
|
|
+ for scan_info in scan_result.strip().split("\n")[1:]:
|
|
cve = re.findall(r"CVE-[\d]{4}-[\d]+", scan_info)[0]
|
|
result_list.append({
|
|
"cve_id": cve,
|
|
@@ -221,7 +223,8 @@ class VulnerabilityManage:
|
|
command_execute_result: output from command execution
|
|
|
|
"""
|
|
- if cve.get("hotpatch"):
|
|
+ hotpatch = cve.get("hotpatch")
|
|
+ if hotpatch:
|
|
commond_args = ["dnf", "hotupgrade",
|
|
f"--cve={cve.get('cve_id')}", "-y"]
|
|
else:
|
|
@@ -233,4 +236,7 @@ class VulnerabilityManage:
|
|
LOGGER.error(f"Failed to fix cve {cve.get('cve_id')} by dnf")
|
|
res = 'Host has no command dnf'
|
|
|
|
- return "Apply hot patch succeed" in res or "Complete" in res, res
|
|
+ if hotpatch:
|
|
+ return "Apply hot patch succeed" in res, res
|
|
+ else:
|
|
+ return "Complete" in res, res
|
|
--
|
|
Gitee
|
|
|