oss/syft
2
0
Fork 0
mirror of https://github.com/anchore/syft.git synced 2025-11-17 08:23:15 +01:00
Code Issues Packages Projects Releases Wiki Activity

Search /usr/share for rpmdb to fix scan on ostree-managed images (#1756)

Browse Source 
Fixes: https://github.com/anchore/syft/issues/1755

Signed-off-by: Filip Pytloun <filip@pytloun.cz>
Co-authored-by: Alex Goodman <alex.goodman@anchore.com>
This commit is contained in:
Filip Pytloun 2023-05-02 22:43:52 +02:00 committed by GitHub
parent dd458a2b33
commit 95a04cadea
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 9 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
syft/pkg/cataloger/rpm/cataloger_test.go
View File

@ -16,6 +16,9 @@ func Test_DBCataloger_Globs(t *testing.T) {
name: "obtain DB files", name: "obtain DB files",
fixture: "test-fixtures/glob-paths", fixture: "test-fixtures/glob-paths",
expected: []string{ expected: []string{
"usr/share/rpm/Packages",
"usr/share/rpm/Packages.db",
"usr/share/rpm/rpmdb.sqlite",
"var/lib/rpm/Packages", "var/lib/rpm/Packages",
"var/lib/rpm/Packages.db", "var/lib/rpm/Packages.db",
"var/lib/rpm/rpmdb.sqlite", "var/lib/rpm/rpmdb.sqlite",

1
syft/pkg/cataloger/rpm/test-fixtures/glob-paths/usr/share/rpm/Packages Normal file
View File

@ -0,0 +1 @@
bogus

1
syft/pkg/cataloger/rpm/test-fixtures/glob-paths/usr/share/rpm/Packages.db Normal file
View File

@ -0,0 +1 @@
bogus

1
syft/pkg/cataloger/rpm/test-fixtures/glob-paths/usr/share/rpm/rpmdb.sqlite Normal file
View File

@ -0,0 +1 @@
bogus

4
syft/pkg/rpm_metadata.go
View File

@ -8,10 +8,12 @@ import (
"github.com/anchore/syft/syft/file" "github.com/anchore/syft/syft/file"
) )
// /var/lib/rpm/... is the typical path for most distributions
// /usr/share/rpm/... is common for rpm-ostree distributions (coreos-like)
// Packages is the legacy Berkely db based format // Packages is the legacy Berkely db based format
// Packages.db is the "ndb" format used in SUSE // Packages.db is the "ndb" format used in SUSE
// rpmdb.sqlite is the sqlite format used in fedora + derivates // rpmdb.sqlite is the sqlite format used in fedora + derivates
const RpmDBGlob = "**/var/lib/rpm/{Packages,Packages.db,rpmdb.sqlite}" const RpmDBGlob = "**/{var/lib,usr/share}/rpm/{Packages,Packages.db,rpmdb.sqlite}"
// Used in CBL-Mariner distroless images // Used in CBL-Mariner distroless images
const RpmManifestGlob = "**/var/lib/rpmmanifest/container-manifest-2" const RpmManifestGlob = "**/var/lib/rpmmanifest/container-manifest-2"