[PATCH] Make naming of default profile consistent
by Šimon Lukašík
From: Simon Lukasik <slukasik(a)redhat.com>
Resolves: trac#170
---
src/ScanningSession.cpp | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/ScanningSession.cpp b/src/ScanningSession.cpp
index 42d6e28..2f3da94 100644
--- a/src/ScanningSession.cpp
+++ b/src/ScanningSession.cpp
@@ -494,7 +494,7 @@ struct xccdf_profile* ScanningSession::tailorCurrentProfile(bool shadowed)
return 0;
// create a new profile, inheriting the currently selected profile
- // or no profile if currently selected profile is the '(default profile)'
+ // or no profile if currently selected profile is the '(default)'
struct xccdf_policy_model* policyModel = xccdf_session_get_policy_model(mSession);
if (!policyModel)
return 0;
@@ -551,7 +551,7 @@ struct xccdf_profile* ScanningSession::tailorCurrentProfile(bool shadowed)
{
struct oscap_text* newTitle = oscap_text_new();
oscap_text_set_lang(newTitle, OSCAP_LANG_ENGLISH_US);
- oscap_text_set_text(newTitle, "(default profile) tailored");
+ oscap_text_set_text(newTitle, "(default) [TAILORED]");
xccdf_profile_add_title(newProfile, newTitle);
}
{
--
1.8.3.1
10 years, 1 month
[PATCH] Document asciidoctor requires
by Šimon Lukašík
From: Simon Lukasik <slukasik(a)redhat.com>
Addressing:
asciidoctor has not been found, user manual won't be rebuilt even though SCAP_WORKBENCH_REBUILD_MANUAL has been enabled.
CMake Error at CMakeLists.txt:34 (message):
You seem to be using scap-workbench from the repository
('doc/user_manual.html' hasn't been found). Please install asciidoctor to
build the manual!
---
README | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/README b/README
index 60cb145..a6c07b0 100644
--- a/README
+++ b/README
@@ -15,7 +15,7 @@ How to run it out of the box
1) Make sure you have installed all prerequisites
required dependencies:
- # yum install cmake gcc-c++ openssh-clients util-linux openscap-devel qt-devel
+ # yum install cmake gcc-c++ openssh-clients util-linux openscap-devel qt-devel rubygem-asciidoctor
optional dependencies:
# yum install qtwebkit-devel
--
1.8.3.1
10 years, 2 months
[PATCH] Make unprivileged cancelation of priviledged process work
by Šimon Lukašík
From: Simon Lukasik <slukasik(a)redhat.com>
Mostly removing a code -- we really ought to keep this simple.
Trying to send the TERMinate signal was very polite of us.
However, we need to also handle the case, when some thirdparty
signals to us in a less polite manner.
Hence, oscap-workbench-wrapper.sh shall finish when any of the
parents is drawn down regardless of the cause. The wrapper shall
not check the input but the availability of input (stdin). For
the wrapper there is no meaning of life without stdin.
That leaves us with oscap-workbench.sh which purpose has been
reduced and it could be rewritten to C++. In future release
we could also make oscap-workbench.sh close the stdin of
oscap-workbench-wrapper.sh when a TERM signal is received.
---
oscap-workbench-wrapper.sh | 20 ++++----------------
oscap-workbench.sh | 10 +++++-----
src/OscapScannerLocal.cpp | 26 ++------------------------
3 files changed, 11 insertions(+), 45 deletions(-)
diff --git a/oscap-workbench-wrapper.sh b/oscap-workbench-wrapper.sh
index ec7e055..67cb128 100755
--- a/oscap-workbench-wrapper.sh
+++ b/oscap-workbench-wrapper.sh
@@ -26,26 +26,14 @@ PARENT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
PKEXEC_PATH="pkexec"
OSCAP_WORKBENCH="$PARENT_DIR/oscap-workbench.sh"
-function pipe_trap()
-{
- trap "echo 0; exit 1" SIGHUP SIGINT SIGTERM
-
- while :
- do
- # noop keep-alive
- echo '1'; sleep 1
- done
-}
-
-(pipe_trap) | { $PKEXEC_PATH --disable-internal-agent $OSCAP_WORKBENCH $uid $gid $@ 2> >(tail -n +2 1>&2); }
+$PKEXEC_PATH --disable-internal-agent $OSCAP_WORKBENCH $uid $gid $@ 2> >(tail -n +2 1>&2)
EC=$?
-EXIT=0
# 126 is a special exit code of pkexec when user dismisses the auth dialog
-# 127 means auth can't be established
-if [ $EC -eq 126 ] || [ $EC -eq 127 ]; then
+# 127 means auth can't be established or something in the script failed. We never know.
+if [ $EC -eq 126 ]; then
# in case of dismissed dialog we run without super user rights
- (pipe_trap) | { $OSCAP_WORKBENCH $uid $gid $@ 2> >(tail -n +2 1>&2); }
+ $OSCAP_WORKBENCH $uid $gid $@ 2> >(tail -n +2 1>&2);
exit $?
fi
diff --git a/oscap-workbench.sh b/oscap-workbench.sh
index 5061be8..b697f38 100755
--- a/oscap-workbench.sh
+++ b/oscap-workbench.sh
@@ -66,15 +66,15 @@ PID=$!
RET=1
while kill -0 $PID 2> /dev/null; do
- # we don't even care what we read, we just read until stdin is closed
- if ! read dummy; then
+ # check if the stdin is still available but return in one second
+ read -t 1 dummy
+ ret=$?
+ if [ 0 -lt $ret -a $ret -lt 128 ]; then
+ # If read failed & it was not due to timeout --> parents are gone.
echo "KILLL $PID"
kill -s SIGINT $PID 2> /dev/null
break
fi
-
- # The protocol sends communication every 1 second
- sleep 0.5
done
wait $PID
diff --git a/src/OscapScannerLocal.cpp b/src/OscapScannerLocal.cpp
index 2c10d23..6becbd1 100644
--- a/src/OscapScannerLocal.cpp
+++ b/src/OscapScannerLocal.cpp
@@ -149,34 +149,12 @@ void OscapScannerLocal::evaluate()
if (mCancelRequested)
{
emit infoMessage("Cancelation was requested! Terminating scanning...");
- // TODO: On Windows we have to kill immediately, terminate() posts WM_CLOSE
- // but oscap doesn't have any event loop running.
- process.terminate();
+ process.kill();
break;
}
}
- if (mCancelRequested)
- {
unsigned int waited = 0;
- bool killed = false;
- while (!process.waitForFinished(pollInterval))
- {
- waited += pollInterval;
- if (waited > 10000) // 10 seconds should be enough for the process to terminate
- {
- emit warningMessage("The oscap process didn't terminate in time, it will be killed instead.");
- // if it didn't terminate, we have to kill it at this point
- process.kill();
- killed = true;
- break;
- }
- }
-
- if (!killed)
- emit infoMessage("Scanning canceled, the oscap tool has been successfuly terminated.");
- }
- else
+ if (!mCancelRequested)
{
if (process.exitCode() == 1) // error happened
{
--
1.8.3.1
10 years, 2 months