8000 Check os-release file for rhel or centos string by grantseltzer · Pull Request #1001 · aquasecurity/tracee · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

Check os-release file for rhel or centos string #1001

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Sep 10, 2021
Merged

Check os-release file for rhel or centos string #1001

merged 3 commits into from
Sep 10, 2021

Conversation

grantseltzer
Copy link
Contributor

This attempts to fix #942

My rationale here is that this is only to make centos8 and rhel8 work, so I normalize the content of /usr/lib/os-release (even this has variance from centos to rhel) and only set RHEL_RELEASE_CODE if the value of VERSION_ID is rhel or centos.

This isn't necessary for fedora as all supported versions have kernel version 5.8+

Signed-off-by: grantseltzer grantseltzer@gmail.com

@grantseltzer
Check os-release file for rhel or centos string
45f6d65 
Signed-off-by: grantseltzer <grantseltzer@gmail.com>
rafaeldtinoco
rafaeldtinoco reviewed Sep 8, 2021
View reviewed changes
@grantseltzer
Second major is minor
2e96b30 
Signed-off-by: grantseltzer <grantseltzer@gmail.com>
@rafaeldtinoco
Copy link
Contributor

There are some issues here I'm afraid:

  • This change requires /usr/lib/os-release to exist and it does not exist by default in Fedora 33 and 34 cloud images, for example. That file is created by a package called generic-release while /etc/os-release is created by a package, automatically installed, called fedora-release-common. Checking all other distros, they all have a link from /etc/os-release to /usr/lib/os-release BUT fedora 33 and 34 (did not check 32, 31, 30). I think it is safer for us to use /etc/os-release instead of /usr/lib/os-release.

The other issues are related to supported building environments outside docker. I'm able to compile tracee-ebpf in Ubuntu and Archlinux, for example, but not in Fedoras. I'll create an issue for us to enable all supported environments as building environments as well.

@grantseltzer
Copy link
Contributor Author
grantseltzer commented Sep 9, 2021 via email
edited
Loading

@rafaeldtinoco
Copy link
Contributor

Ah ok, I figured it's safer to explicitly name the file that symlinks point to but thanks for the insight. How do you typically check what packages create that file?

ubuntu/debian way:

  • apt-get install apt-file ; apt-file update ; apt-file search __

redhat/centos/alma/stream way:

  • from dnf-utils / yum-utils : repoquery -f __ (includes non-installed packages, complete repo query tool)
  • yum provides __ (includes non-installed packages)
  • rpm -qf __ (for installed packages)

archlinux way:

  • pacman -S pkgfile ; sudo pkgfile -s __

@rafaeldtinoco rafaeldtinoco mentioned this pull request Sep 10, 2021
Closed
@grantseltzer
Use /etc/os-release instead of /usr/lib
3575ff3 
Signed-off-by: grantseltzer <grantseltzer@gmail.com>
rafaeldtinoco
rafaeldtinoco approved these changes Sep 10, 2021
View reviewed changes
Copy link
Contributor
@rafaeldtinoco rafaeldtinoco left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@grantseltzer grantseltzer merged commit 11e8451 into aquasecurity:main Sep 10, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rafaeldtinoco rafaeldtinoco rafaeldtinoco approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Broken makefile because of RHEL_RELEASE_CODE
2 participants
@grantseltzer @rafaeldtinoco
0