static char *rpm_get_nvr_by_pkg_name(const char *pkg_name)
{
int status = rpmReadConfigFiles((const char *) NULL, (const char *) NULL);
if (status)
error_msg_and_die("error reading RPM rc files");
char *nvr = NULL;
rpmts ts = rpmtsCreate();
rpmdbMatchIterator iter = rpmtsInitIterator(ts, RPMTAG_NAME, pkg_name, 0);
Header header = rpmdbNextIterator(iter);
if (!header)
goto error;
const char *errmsg = NULL;
nvr = headerFormat(header, "%{name}-%{version}-%{release}", &errmsg);
if (!nvr && errmsg)
error_msg("cannot get nvr. reason: %s", errmsg);
error:
rpmdbFreeIterator(iter);
rpmtsFree(ts);
rpmFreeRpmrc();
rpmFreeCrypto();
rpmFreeMacros(NULL);
return nvr;
}
QueryData genRpmPackages(QueryContext& context) {
QueryData results;
auto dropper = DropPrivileges::get();
if (!dropper->dropTo("nobody") && isUserAdmin()) {
LOG(WARNING) << "Cannot drop privileges for rpm_packages";
return results;
}
// Isolate RPM/package inspection to the canonical: /usr/lib/rpm.
RpmEnvironmentManager env_manager;
// The following implementation uses http://rpm.org/api/4.11.1/
rpmInitCrypto();
if (rpmReadConfigFiles(nullptr, nullptr) != 0) {
TLOG << "Cannot read RPM configuration files";
return results;
}
rpmts ts = rpmtsCreate();
rpmdbMatchIterator matches;
if (context.constraints["name"].exists(EQUALS)) {
auto name = (*context.constraints["name"].getAll(EQUALS).begin());
matches = rpmtsInitIterator(ts, RPMTAG_NAME, name.c_str(), name.size());
} else {
matches = rpmtsInitIterator(ts, RPMTAG_NAME, nullptr, 0);
}
Header header;
while ((header = rpmdbNextIterator(matches)) != nullptr) {
Row r;
rpmtd td = rpmtdNew();
r["name"] = getRpmAttribute(header, RPMTAG_NAME, td);
r["version"] = getRpmAttribute(header, RPMTAG_VERSION, td);
r["release"] = getRpmAttribute(header, RPMTAG_RELEASE, td);
r["source"] = getRpmAttribute(header, RPMTAG_SOURCERPM, td);
r["size"] = getRpmAttribute(header, RPMTAG_SIZE, td);
r["sha1"] = getRpmAttribute(header, RPMTAG_SHA1HEADER, td);
r["arch"] = getRpmAttribute(header, RPMTAG_ARCH, td);
rpmtdFree(td);
results.push_back(r);
}
rpmdbFreeIterator(matches);
rpmtsFree(ts);
rpmFreeCrypto();
rpmFreeRpmrc();
return results;
}
void probe_fini (void *ptr)
{
struct rpm_probe_global *r = (struct rpm_probe_global *)ptr;
rpmFreeCrypto();
rpmFreeRpmrc();
rpmFreeMacros(NULL);
rpmlogClose();
// If probe_init() failed r->rpmts and r->mutex were not initialized
if (r == NULL)
return;
rpmtsFree(r->rpmts);
pthread_mutex_destroy (&(r->mutex));
return;
}
QueryData genRpmPackages(QueryContext& context) {
QueryData results;
// The following implementation uses http://rpm.org/api/4.11.1/
rpmInitCrypto();
if (rpmReadConfigFiles(nullptr, nullptr) != 0) {
TLOG << "Cannot read RPM configuration files.";
return results;
}
rpmts ts = rpmtsCreate();
rpmdbMatchIterator matches;
if (context.constraints["name"].exists()) {
auto name = (*context.constraints["name"].getAll(EQUALS).begin());
matches = rpmtsInitIterator(ts, RPMTAG_NAME, name.c_str(), name.size());
} else {
matches = rpmtsInitIterator(ts, RPMTAG_NAME, nullptr, 0);
}
Header header;
while ((header = rpmdbNextIterator(matches)) != nullptr) {
Row r;
rpmtd td = rpmtdNew();
r["name"] = getRpmAttribute(header, RPMTAG_NAME, td);
r["version"] = getRpmAttribute(header, RPMTAG_VERSION, td);
r["release"] = getRpmAttribute(header, RPMTAG_RELEASE, td);
r["source"] = getRpmAttribute(header, RPMTAG_SOURCERPM, td);
r["size"] = getRpmAttribute(header, RPMTAG_SIZE, td);
r["sha1"] = getRpmAttribute(header, RPMTAG_SHA1HEADER, td);
r["arch"] = getRpmAttribute(header, RPMTAG_ARCH, td);
rpmtdFree(td);
results.push_back(r);
}
rpmdbFreeIterator(matches);
rpmtsFree(ts);
rpmFreeCrypto();
rpmFreeRpmrc();
return results;
}
void rpm_destroy()
{
#ifdef HAVE_LIBRPM
/* Mirroring the order of deinit calls in rpm-4.11.1/lib/poptALL.c::rpmcliFini() */
rpmFreeCrypto();
rpmFreeMacros(NULL);
rpmFreeRpmrc();
/* rpm >= 4.14 handles this automatically on exit */
#if 0
/* RPM doc says "clean up any open iterators and databases".
* Observed to eliminate these Berkeley DB warnings:
* "BDB2053 Freeing read locks for locker 0x1e0: 28718/139661746636736"
*/
rpmdbCheckTerminate(1);
#endif
#endif
list_free_with_free(list_fingerprints);
list_fingerprints = NULL;
}
/**
* \brief main function for the pkgagent
*
* There are 2 ways to use the pkgagent agent:
* 1. Command Line Analysis :: test a rpm file from the command line
* 2. Agent Based Analysis :: run from the scheduler
*
* +-----------------------+
* | Command Line Analysis |
* +-----------------------+
*
* To analyze a rpm file from the command line:
* file :: if files are rpm package listed, display their meta data
* -v :: verbose (-vv = more verbose)
*
* example:
* $ ./pkgagent rpmfile
*
* +----------------------+
* | Agent Based Analysis |
* +----------------------+
*
* To run the pkgagent as an agent simply run with no command line args
* no file :: process data from the scheduler
* -i :: initialize the database, then exit
*
* example:
* $ upload_pk | ./pkgagent
*
* \param argc the number of command line arguments
* \param argv the command line arguments
* \return 0 on a successful program execution
*/
int main (int argc, char *argv[])
{
int c;
char *agent_desc = "Pulls metadata out of RPM or DEBIAN packages";
//struct rpmpkginfo *glb_rpmpi;
//struct debpkginfo *glb_debpi;
int Agent_pk;
int ars_pk = 0;
int upload_pk = 0; // the upload primary key
int user_pk = 0; // the upload primary key
char *AgentARSName = "pkgagent_ars";
int rv;
PGresult *ars_result;
char sqlbuf[1024];
char *COMMIT_HASH;
char *VERSION;
char agent_rev[MAXCMD];
int CmdlineFlag = 0; /* run from command line flag, 1 yes, 0 not */
fo_scheduler_connect(&argc, argv, &db_conn);
//glb_rpmpi = (struct rpmpkginfo *)malloc(sizeof(struct rpmpkginfo));
//glb_debpi = (struct debpkginfo *)malloc(sizeof(struct debpkginfo));
COMMIT_HASH = fo_sysconfig("pkgagent", "COMMIT_HASH");
VERSION = fo_sysconfig("pkgagent", "VERSION");
sprintf(agent_rev, "%s.%s", VERSION, COMMIT_HASH);
Agent_pk = fo_GetAgentKey(db_conn, basename(argv[0]), 0, agent_rev, agent_desc);
/* Process command-line */
while((c = getopt(argc,argv,"ic:CvVh")) != -1)
{
switch(c)
{
case 'i':
PQfinish(db_conn); /* DB was opened above, now close it and exit */
exit(0);
case 'v':
Verbose++;
break;
case 'c':
break; /* handled by fo_scheduler_connect() */
case 'C':
CmdlineFlag = 1;
break;
case 'V':
printf("%s", BuildVersion);
PQfinish(db_conn);
return(0);
default:
Usage(argv[0]);
PQfinish(db_conn);
exit(-1);
}
}
/* If no args, run from scheduler! */
if (CmdlineFlag == 0)
{
user_pk = fo_scheduler_userID(); /* get user_pk for user who queued the agent */
while(fo_scheduler_next())
{
upload_pk = atoi(fo_scheduler_current());
/* Check Permissions */
if (GetUploadPerm(db_conn, upload_pk, user_pk) < PERM_WRITE)
{
LOG_ERROR("You have no update permissions on upload %d", upload_pk);
continue;
}
if (Verbose) {
printf("PKG: pkgagent read %d\n", upload_pk);
}
if (upload_pk ==0) continue;
/* check if pkgagent ars table exist?
* if exist, check duplicate request
* if not exist, don't check duplicate request
*/
rv = fo_tableExists(db_conn, AgentARSName);
if (rv)
{
/* check ars table to see if this is duplicate request*/
snprintf(sqlbuf, sizeof(sqlbuf),
"select ars_pk from pkgagent_ars,agent \
where agent_pk=agent_fk and ars_success=true \
and upload_fk='%d' and agent_fk='%d'",
upload_pk, Agent_pk);
ars_result = PQexec(db_conn, sqlbuf);
if (fo_checkPQresult(db_conn, ars_result, sqlbuf, __FILE__, __LINE__)) exit(-1);
if (PQntuples(ars_result) > 0)
{
PQclear(ars_result);
LOG_WARNING("Ignoring requested pkgagent analysis of upload %d - Results are already in database.\n",upload_pk);
continue;
}
PQclear(ars_result);
}
/* Record analysis start in pkgagent_ars, the pkgagent audit trail. */
ars_pk = fo_WriteARS(db_conn, ars_pk, upload_pk, Agent_pk, AgentARSName, 0, 0);
/* process the upload_pk pkgagent */
if(ProcessUpload(upload_pk) != 0) return -1;
/* Record analysis success in pkgagent_ars. */
if (ars_pk) fo_WriteARS(db_conn, ars_pk, upload_pk, Agent_pk, AgentARSName, 0, 1);
}
}
else
{
if (Verbose) {
printf("DEBUG: running in cli mode, processing file(s)\n");
}
for (; optind < argc; optind++)
{
struct rpmpkginfo *rpmpi;
rpmpi = (struct rpmpkginfo *)malloc(sizeof(struct rpmpkginfo));
rpmReadConfigFiles(NULL, NULL);
//if(ProcessUpload(atoi(argv[optind])) == 0)
if(GetMetadata(argv[optind],rpmpi) != -1)
printf("OK\n");
else
printf("Fail\n");
#ifdef _RPM_4_4_COMPAT
rpmFreeCrypto();
int i;
for(i=0; i< rpmpi->req_size; i++)
free(rpmpi->requires[i]);
#endif /* After RPM4.4 version*/
free(rpmpi->requires);
free(rpmpi);
rpmFreeMacros(NULL);
}
}
PQfinish(db_conn);
fo_scheduler_disconnect(0);
return(0);
} /* main() */
