From 449b1c3fe75fbf0d94ae4ce03231b05be7b708c4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C5=82awomir=20Nizio?= Date: Mon, 7 Mar 2016 21:00:06 +0100 Subject: [PATCH 1/2] [solo.commands.security] support for package names in oscheck --- client/solo/commands/security.py | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) diff --git a/client/solo/commands/security.py b/client/solo/commands/security.py index 98a32f4a1..12c773cfb 100644 --- a/client/solo/commands/security.py +++ b/client/solo/commands/security.py @@ -72,6 +72,9 @@ System security tools. "oscheck", help=_("verify installed files using stored checksums")) self._setup_verbose_quiet_parser(oscheck_parser) + oscheck_parser.add_argument( + "packages", nargs='*', + help=_("name of package to check")) oscheck_parser.add_argument( "--mtime", action="store_true", default=False, help=_("consider mtime instead of SHA256 " @@ -335,11 +338,11 @@ System security tools. print_table(entropy_client, toc, cell_spacing=3) def _oscheck_scan_unlocked(self, entropy_client, inst_repo, - quiet, verbose, assimilate): + quiet, verbose, assimilate, + pkg_ids): """ Execute the filesystem scan. """ - pkg_ids = inst_repo.listAllPackageIds() total = len(pkg_ids) faulty_pkg_ids = [] @@ -461,6 +464,7 @@ System security tools. ask = self._nsargs.ask pretend = self._nsargs.pretend fetch = self._nsargs.fetch + packages = self._nsargs.packages if not quiet: entropy_client.output( @@ -470,8 +474,16 @@ System security tools. inst_repo = entropy_client.installed_repository() with inst_repo.shared(): + if packages: + packages = entropy_client.packages_expand(packages) + pkg_ids = self._scan_installed_packages( + entropy_client, inst_repo, packages) + else: + pkg_ids = inst_repo.listAllPackageIds() + faulty_pkg_ids = self._oscheck_scan_unlocked( - entropy_client, inst_repo, quiet, verbose, assimilate) + entropy_client, inst_repo, quiet, + verbose, assimilate, pkg_ids) if not faulty_pkg_ids: if not quiet: From b43498596e1eea2eaca281d33940e453551e6b7d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C5=82awomir=20Nizio?= Date: Mon, 7 Mar 2016 22:08:18 +0100 Subject: [PATCH 2/2] [solo.commands.security] repair --mtime in oscheck While testing the change that adds [package ...] to oscheck, I noticed this bug. --- client/solo/commands/security.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/client/solo/commands/security.py b/client/solo/commands/security.py index 12c773cfb..cb01519aa 100644 --- a/client/solo/commands/security.py +++ b/client/solo/commands/security.py @@ -339,7 +339,7 @@ System security tools. def _oscheck_scan_unlocked(self, entropy_client, inst_repo, quiet, verbose, assimilate, - pkg_ids): + mtime_only, pkg_ids): """ Execute the filesystem scan. """ @@ -387,7 +387,7 @@ System security tools. paths_unavailable.append(path) continue - elif not mtime: + elif not mtime_only: # verify sha256 sha256 = entropy.tools.sha256(path) tainted = sha256 != safety_data['sha256'] @@ -483,7 +483,7 @@ System security tools. faulty_pkg_ids = self._oscheck_scan_unlocked( entropy_client, inst_repo, quiet, - verbose, assimilate, pkg_ids) + verbose, assimilate, mtime, pkg_ids) if not faulty_pkg_ids: if not quiet: