vuls: 0.19.0 WIP

2025-12-06 08:25:01 +01:00 · 2022-01-03 12:53:20 +08:00 · 2022-01-03 12:53:20 +08:00 · 2c56cac061
commit 2c56cac061
parent e68c197cfa
4 changed files with 5488 additions and 0 deletions
--- a/app-admin/vuls/Manifest
+++ b/app-admin/vuls/Manifest
--- a/app-admin/vuls/vuls-0.19.0-r1.ebuild
+++ b/app-admin/vuls/vuls-0.19.0-r1.ebuild
@ -0,0 +1,268 @@
 # Copyright 1999-2022 Gentoo Authors
 # Distributed under the terms of the GNU General Public License v2
 EAPI=7
 EGO_PN="github.com/future-architect/vuls"
 # Autogenerated by: pentoo/scripts/ego_vendor_generator.sh
 # or go mod vendor && grep "# g" ./vendor/modules.txt
 EGO_VENDOR=(
 	"github.com/andybalholm/cascadia v1.3.1"
 	"github.com/aquasecurity/fanal 69527b46560c"
 	"github.com/aquasecurity/go-dep-parser 76db061b9305"
 	"github.com/aquasecurity/go-gem-version 8eed6fe000ce"
 	"github.com/aquasecurity/go-npm-version 0b796d180798"
 	"github.com/aquasecurity/go-pep440-version 22b2f8951d46"
 	"github.com/aquasecurity/go-version 637058cfe492"
 	"github.com/aquasecurity/trivy-db 726b7b72a47b"
 	"github.com/aquasecurity/trivy v0.20.0"
 	"github.com/asaskevich/govalidator f21760c49a8d"
 	"github.com/aws/aws-sdk-go v1.40.49"
 	"github.com/Azure/azure-sdk-for-go v50.2.0"
 	"github.com/Azure/go-autorest/autorest/adal refs%2Ftags%2Fautorest%2Fadal%2Fv0.9.5 github.com/Azure/go-autorest"
 	"github.com/Azure/go-autorest/autorest/date refs%2Ftags%2Fautorest%2Fdate%2Fv0.3.0 github.com/Azure/go-autorest"
 	"github.com/Azure/go-autorest/autorest refs%2Ftags%2Fautorest%2Fv0.11.1 github.com/Azure/go-autorest"
 	"github.com/Azure/go-autorest/logger refs%2Ftags%2Flogger%2Fv0.2.0 github.com/Azure/go-autorest"
 	"github.com/Azure/go-autorest/tracing refs%2Ftags%2Ftracing%2Fv0.6.0 github.com/Azure/go-autorest"
 	"github.com/Azure/go-autorest refs%2Ftags%2Fv14.2.0  github.com/Azure/go-autorest"
 	"github.com/boltdb/bolt v1.3.1"
 	"github.com/briandowns/spinner v1.16.0"
 	"github.com/BurntSushi/toml v0.4.1"
 	"github.com/caarlos0/env/v6 v6.0.0 github.com/caarlos0/env"
 	"github.com/cenkalti/backoff v2.2.1"
 	"github.com/cespare/xxhash/v2 v2.1.2 github.com/cespare/xxhash"
 	"github.com/cheggaaa/pb/v3 v3.0.8 github.com/cheggaaa/pb"
 	"github.com/d4l3k/messagediff 7e0a312ae40b"
 	"github.com/davecgh/go-spew v1.1.1"
 	"github.com/dgryski/go-rendezvous 9f7001d12a5f"
 	"github.com/emersion/go-sasl 7bfe0ed36a21"
 	"github.com/emersion/go-smtp v0.14.0"
 	"github.com/fatih/color v1.13.0"
 	"github.com/form3tech-oss/jwt-go v3.2.2"
 	"github.com/fsnotify/fsnotify v1.5.1"
 	"github.com/golang/protobuf v1.5.2"
 	"github.com/google/go-containerregistry v0.6.0"
 	"github.com/google/go-github/v33 v33.0.0 github.com/google/go-github"
 	"github.com/google/go-querystring v1.0.0"
 	"github.com/google/subcommands v1.2.0"
 	"github.com/google/uuid v1.3.0"
 	"github.com/google/wire v0.4.0"
 	"github.com/go-redis/redis/v8 v8.11.4 github.com/go-redis/redis"
 	"github.com/gorilla/websocket v1.4.2"
 	"github.com/go-sql-driver/mysql v1.6.0"
 	"github.com/go-stack/stack v1.8.1"
 	"github.com/gosuri/uitable v0.0.4"
 	"github.com/grokify/html-strip-tags-go v0.0.1"
 	"github.com/hashicorp/errwrap v1.1.0"
 	"github.com/hashicorp/go-cleanhttp v0.5.1"
 	"github.com/hashicorp/go-multierror v1.1.1"
 	"github.com/hashicorp/go-retryablehttp v0.7.0"
 	"github.com/hashicorp/go-uuid v1.0.2"
 	"github.com/hashicorp/go-version v1.3.0"
 	"github.com/hashicorp/hcl v1.0.0"
 	"github.com/howeyc/gopass 7cb4b85ec19c"
 	"github.com/htcat/htcat v1.0.2"
 	"github.com/huandu/xstrings v1.3.2"
 	"github.com/imdario/mergo v0.3.12"
 	"github.com/inconshreveable/log15 8562bdadbbac"
 	"github.com/inconshreveable/mousetrap v1.0.0"
 	"github.com/jackc/chunkreader/v2 v2.0.1 github.com/jackc/chunkreader"
 	"github.com/jackc/pgconn v1.10.0"
 	"github.com/jackc/pgio v1.0.0"
 	"github.com/jackc/pgpassfile v1.0.0"
 	"github.com/jackc/pgproto3/v2 v2.1.1 github.com/jackc/pgproto3"
 	"github.com/jackc/pgservicefile 2b9c44734f2b"
 	"github.com/jackc/pgtype v1.8.1"
 	"github.com/jackc/pgx/v4 v4.13.0 github.com/jackc/pgx"
 	"github.com/jesseduffield/gocui v0.3.0"
 	"github.com/jinzhu/inflection v1.0.0"
 	"github.com/jinzhu/now v1.1.3"
 	"github.com/jmespath/go-jmespath v0.4.0"
 	"github.com/k0kubun/pp v3.0.1"
 	"github.com/knqyf263/go-apk-version 041fdbb8563f"
 	"github.com/knqyf263/go-cpe 54f6ab28673f"
 	"github.com/knqyf263/go-deb-version 09fca494f03d"
 	"github.com/knqyf263/go-rpm-version 74609b86c936"
 	"github.com/kotakanbe/go-pingscanner v0.1.0"
 	"github.com/kotakanbe/logrus-prefixed-formatter 928f7356cb96"
 	"github.com/magiconair/properties v1.8.5"
 	"github.com/masahiro331/go-mvn-version d3157d602a08"
 	"github.com/Masterminds/goutils v1.1.1"
 	"github.com/Masterminds/semver v1.5.0"
 	"github.com/Masterminds/sprig v2.22.0"
 	"github.com/mattn/go-colorable v0.1.11"
 	"github.com/mattn/go-isatty v0.0.14"
 	"github.com/mattn/go-runewidth v0.0.13"
 	"github.com/mattn/go-sqlite3 v1.14.9"
 	"github.com/mgutz/ansi d51e80ef957d"
 	"github.com/mitchellh/copystructure v1.1.1"
 	"github.com/mitchellh/go-homedir v1.1.0"
 	"github.com/mitchellh/mapstructure v1.4.2"
 	"github.com/mitchellh/reflectwalk v1.0.1"
 	"github.com/nlopes/slack v0.6.0"
 	"github.com/nsf/termbox-go 38ba6e5628f1"
 	"github.com/olekukonko/tablewriter v0.0.5"
 	"github.com/parnurzeal/gorequest v0.2.16"
 	"github.com/pelletier/go-toml v1.9.4"
 	"github.com/pkg/errors v0.9.1"
 	"github.com/pmezard/go-difflib v1.0.0"
 	"github.com/PuerkitoBio/goquery v1.7.1"
 	"github.com/rifflock/lfshook b9218ef580f5"
 	"github.com/rivo/uniseg v0.2.0"
 	"github.com/satori/go.uuid v1.2.0"
 	"github.com/sirupsen/logrus v1.8.1"
 	"github.com/spf13/afero v1.6.0"
 	"github.com/spf13/cast v1.4.1"
 	"github.com/spf13/cobra v1.2.1"
 	"github.com/spf13/jwalterweatherman v1.1.0"
 	"github.com/spf13/pflag v1.0.5"
 	"github.com/spf13/viper v1.9.0"
 	"github.com/stretchr/objx v0.3.0"
 	"github.com/stretchr/testify v1.7.0"
 	"github.com/subosito/gotenv v1.2.0"
 	"github.com/Ullaakut/nmap/v2 59a52fe80a4f github.com/Ullaakut/nmap"
 	"github.com/VividCortex/ewma v1.2.0"
 	"github.com/vulsio/go-cve-dictionary 0a854f8e8f85"
 	"github.com/vulsio/go-exploitdb 1ebf9c4f6c4d"
 	"github.com/vulsio/go-kev v0.0.1"
 	"github.com/vulsio/go-msfdb 4a9759bd9f14"
 	"github.com/vulsio/gost 7ad032a6ffa8"
 	"github.com/vulsio/goval-dictionary e85e14b91ccc"
 	"github.com/ymomoi/goval-parser 0a0be1dd9d08"
 	"go.etcd.io/bbolt v1.3.6 github.com/etcd-io/bbolt"
 	"golang.org/x/crypto 089bfa567519 github.com/golang/crypto"
 	"golang.org/x/net c6ed85c7a12d github.com/golang/net"
 	"golang.org/x/oauth2 2bc19b11175f github.com/golang/oauth2"
 	"golang.org/x/sync 036812b2e83c github.com/golang/sync"
 	"golang.org/x/sys 7861aae1554b github.com/golang/sys"
 	"golang.org/x/term 2321bbc49cbf github.com/golang/term"
 	"golang.org/x/text v0.3.7 github.com/golang/text"
 	"golang.org/x/xerrors 5ec99f83aff1 github.com/golang/xerrors"
 	"google.golang.org/appengine v1.6.7 github.com/golang/appengine"
 	"google.golang.org/protobuf v1.27.1 github.com/protocolbuffers/protobuf-go"
 	"gopkg.in/cheggaaa/pb.v1 v1.0.28 github.com/cheggaaa/pb"
 	"gopkg.in/ini.v1 v1.64.0 github.com/go-ini/ini"
 	"gopkg.in/yaml.v2 v2.4.0 github.com/go-yaml/yaml"
 	"gopkg.in/yaml.v3 496545a6307b github.com/go-yaml/yaml"
 	"gorm.io/driver/mysql v1.2.0 github.com/go-gorm/mysql"
 	"gorm.io/driver/postgres v1.2.2 github.com/go-gorm/postgres"
 	"gorm.io/driver/sqlite v1.2.4 github.com/go-gorm/sqlite"
 	"gorm.io/gorm v1.22.3 github.com/go-gorm/gorm"
 	"go.uber.org/atomic v1.7.0 github.com/uber-go/atomic"
 	"go.uber.org/multierr v1.6.0 github.com/uber-go/multierr"
 	"go.uber.org/zap v1.19.1 github.com/uber-go/zap"
 	"moul.io/http2curl v1.0.0 github.com/moul/http2curl"
 	"github.com/dgrijalva/jwt-go v3.2.0"
 	"k8s.io/utils fddb29f9d009 github.com/kubernetes/utils"
 )
 inherit eutils golang-vcs-snapshot systemd
 DESCRIPTION="Vulnerability scanner for Linux, agentless, written in Golang"
 HOMEPAGE="https://vuls.io https://github.com/future-architect/vuls"
 SRC_URI="https://github.com/future-architect/vuls/archive/v${PV}.tar.gz -> ${P}.tar.gz
 	${EGO_VENDOR_URI}"
 #KEYWORDS="~amd64"
 LICENSE="GPL-2"
 IUSE="policykit systemd"
 RESTRICT="mirror"
 SLOT=0
 DEPEND="
 	>=dev-lang/go-1.12"
 RDEPEND="
 	dev-go/go-cve-dictionary[policykit=]
 	dev-go/goval-dictionary[policykit=]
 	dev-go/gost[policykit=]
 	dev-go/go-exploitdb[policykit=]
 	policykit? (
 		acct-group/vuls
 		acct-user/vuls
 		sys-auth/polkit
 	)
 	virtual/ssh"
 src_compile() {
 #GO111MODULE=on go build -a -ldflags "-X 'github.com/future-architect/vuls/config.Version='
 # -X 'github.com/future-architect/vuls/config.Revision=build-20220103_121829_'" -o vuls ./cmd/vuls
 	# You may get some errors using distcc
 	GOPATH="${S}:$(get_golibdir_gopath)" \
 		GOCACHE="${T}/go-cache" \
 		go build -a -ldflags "-X 'github.com/future-architect/vuls/config.Version=' \
 			-X 'github.com/future-architect/vuls/config.Revision=build-20220103_121829_'" -o vuls "${EGO_PN}/cmd/vuls"
 #		go build -v -work -x -ldflags="-s -w" -o vuls  "${EGO_PN}"/cmd/vuls || die
 }
 src_install() {
 	GOPATH="${S}:$(get_golibdir_gopath)" \
 		GOCACHE="${T}/go-cache" \
 		go install -v -work -x -ldflags="-s -w" ./... "${EGO_PN}" || die
 	rm -rf "${S}/src/${EGO_PN}/vendor" || die
 	golang_install_pkgs
 	exeinto "$(get_golibdir_gopath)"/bin
 	doexe bin/${PN}
 	insinto "/etc/${PN}"
 	doins "${FILESDIR}"/server-config.toml
 	fowners -R ${PN}:${PN} "/etc/${PN}"
 	fperms 0750 "/etc/${PN}"
 	use systemd && systemd_dounit "${T}"/vuls-server.service
 	newinitd "${T}"/vuls-server.initd vuls-server
 	newconfd "${FILESDIR}"/vuls-server.confd vuls-server
 	if use policykit; then
 		insinto "/usr/share/polkit-1/rules.d"
 		doins "${FILESDIR}"/polkit/10-${PN}.rules
 		insinto "/usr/share/polkit-1/actions"
 		doins "${FILESDIR}"/polkit/io.vuls.pkexec.${PN}.policy
 		dodir "/usr/bin"
 		cat > "${D}/usr/bin/${PN}" <<-_EOF_ || die
 			#!/bin/sh
 			pkexec --user ${PN} "$(get_golibdir_gopath)/bin/${PN}" "\$@"
 		_EOF_
 		fperms 0755 "/usr/bin/${PN}"
 	else
 		dosym "$(get_golibdir_gopath)/bin/${PN}" "/usr/bin/${PN}"
 	fi
 	keepdir "/var/log/${PN}" "/var/lib/${PN}"
 	dodoc \
 		src/"${EGO_PN}"/{README.md,Dockerfile} \
 		"${FILESDIR}"/config.toml.sample
 }
 pkg_postinst() {
 	if use policykit; then
 		chown -R ${PN}:${PN} \
 			"${EROOT%/}/var/log/vuls" || die
 		chmod 0770 \
 			"${EROOT%/}/var/log/vuls" || die
 		ewarn "\n1) Add youself to \"vuls\" group and re-login:"
 		ewarn "    ~# gpasswd -a <username> vuls\n"
 		ewarn "2) If you want to use remote scan via SSH you need to generate a ssh key using:"
 		ewarn "    ~$ pkexec --user ${PN} \"ssh-keygen\""
 		ewarn "    ~$ pkexec --user ${PN} \"ssh-copy-id\" \"user@192.168.10.23\"\n"
 		ewarn "3) Create a config.toml file in /var/lib/${PN}/:"
 		ewarn "    ~$ bzip2 -dc /usr/share/doc/vuls-${PV}/config.toml.sample.bz2 > /var/lib/${PN}/config.toml\n"
 	fi
 	ewarn "\nWARNING!"
 	ewarn "You need to rm /var/lib/${PN}/cve.sqlite3 and re-fetch NVD (and JVN) database\n"
 }
--- a/app-admin/vuls/vuls-0.19.0.ebuild
+++ b/app-admin/vuls/vuls-0.19.0.ebuild
--- a/scripts/ego_vendor_generator.sh
+++ b/scripts/ego_vendor_generator.sh
@ -1,5 +1,13 @@
 #!/usr/bin/env bash
 # alternative:
 # go mod vendor && grep "# g" ./vendor/modules.txt | sort >
 # EGO_VENDOR=(
 # )
 # inherit golang-vcs-snapshot
 # SRC_URI="https://github.com/XXX/archive/v${PV}.tar.gz -> ${P}.tar.gz
 #    ${EGO_VENDOR_URI}"
 TARGET="${1:-go.sum}"
 MODULES=()
 WHITELIST=(