Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/dagwieers/sarah

Track Red Hat Security Advisories (RHSA) and verifying systems for compliance
https://github.com/dagwieers/sarah

Last synced: 3 months ago
JSON representation

Track Red Hat Security Advisories (RHSA) and verifying systems for compliance

Awesome Lists containing this project

README 

        
DOWNLOADING ERRATA

^^^^^^^^^^^^^^^^^^

Sarah currently requires a stuffed directory of advisories from RHN as XML

files.



You can download these files automatically by using the aerrate.py script

from Tim Rupp. Available from:



	svn co http://caphrim.net/svn/fermi/aerrate/trunk aerrate



And issue the following command to scrape the RHN website for the most

up-to-date advisories:



	cd aerrate

	./aerrate.py -r --source=site --type=all --release=enterprise

	cd -



This will copy all errata as XML files into ./aerrata/advisories/



USING SARAH

^^^^^^^^^^^

sarah currently expects the advisories to be available from ./advisories/.

So making a symlink from aerrate/advisories to ./advisories is probably

easiest.



	ln -sf aerrate/advisories .



Then create an sqlite database out of these XML files, by doing:



	./sarahdb.py



You should now have a sarahdb.sqlite file in your current directory.

To create some statistics from this database, use:



	./sarahinfo.py



The sarahinfo utility currently shows how to query the database. Not all

information is currently available in the XML files. Red Hat will be releasing

these XML files in the future with more information we can get out of the 

RHN website.



I also added sarahsql to allow to query the database on the commandline, you

can do queries in bash, like:



        ### Print filenames related to advisory

        ./sarahsql.py 'select distinct filename from rpm where advid == "RHSA-2005:039" order by filename'



        ### Show last 10 updated advisories

        ./sarahsql.py 'select advid, issued, updated, severity, synopsis from adv order by updated' | tail



	### Show last 10 updated security advisories

	./sarahsql.py 'select advid, issued, updated, severity, synopsis from adv where type == "RHSA" order by updated' | tail



	### Show last 10 updates security advisories for 4AS

	./sarahsql.py 'select distinct adv.advid,updated,severity,synopsis from adv,rpm where adv.advid == rpm.advid and type == "RHSA" and prodshort == "4AS" order by updated' | tail



	### Show all files related to 3AS order by issue date

	./sarahsql.py 'select issued,filename from rpm,adv where adv.advid == rpm.advid and prodshort == "3AS" and arch == "i386" order by issued'



Help is welcome to extend sarah much further. The TODO file is the first stop

for interesting parties.



PROXY PROBLEMS ?

^^^^^^^^^^^^^^^^

If you're behind a proxy that only allows SSL Proxy access (CONNECT method)

for HTTPS sites, you're currently out of luck. The urllib2 implementation of

python only has the HTTPS GET method implemented. More information at:



	https://devel.linux.duke.edu/bugzilla/show_bug.cgi?id=543

	http://aspn.activestate.com/ASPN/Cookbook/Python/Recipe/456195



A work-around would be to set up an HTTP-tunnel over your proxy by using

proxytunnel, and then create a dynamic forwarding over SSH. And use

dante or tocks to socksify aerrate's requests.



	http_proxy="" https_proxy="" dsocksify ./aerrate.py -r --source=site --type=all --release=enterprise



MORE INFORMATION

^^^^^^^^^^^^^^^^

You can find more information about errata and errata classification at:



	http://www.redhat.com/security/updates/classification/



A live RSS feed to the latest security errata is available from:



	http://rhn.redhat.com/rpc/recent-errata.pxt



Some information and statistics from the Red Hat security team:



	http://www.redhat.com/security/transparent/oval/

	http://people.redhat.com/mjc/

	http://people.redhat.com/mjc/oval/



General security information:



	http://cve.mitre.org/

	http://oval.mitre.org/