def run_scanner(host, port, user, localkey, nodetype):
import connect
scantype = cfgparse.get(nodetype, 'scantype')
profile = cfgparse.get(nodetype, 'profile')
results = cfgparse.get(nodetype, 'results')
report = cfgparse.get(nodetype, 'report')
secpolicy = cfgparse.get(nodetype, 'secpolicy')
# Here is where we contruct the actual scan command
if scantype == 'xccdf':
cpe = cfgparse.get(nodetype, 'cpe')
com = '{0} xccdf eval --profile {1} --results {2}/{3}' \
' --report {2}/{4}' \
' --cpe {5} {6}'.format(oscapbin,
profile,
GlobalVariables.tmpdir.rstrip(),
results,
report,
cpe,
secpolicy)
connect = connect.ConnectionManager(host, port, user, localkey, com)
connect.remotecmd()
elif scantype == 'oval':
com = '{0} oval eval --results {1}/{2} '
'--report {1}/{3} {4}'.format(oscapbin,
GlobalVariables.tmpdir.rstrip(), results,
report, secpolicy)
connect = connect.ConnectionManager(host, port, user, localkey, com)
connect.remotecmd()
else:
com = '{0} oval-collect '.format(oscapbin)
connect = connect.ConnectionManager(host, port, user, localkey, com)
connect.remotecmd()
def cleandir(host, port, user, localkey, nodetype):
import connect
com = 'sudo rm -r {0}'.format(GlobalVariables.tmpdir.rstrip())
connect = connect.ConnectionManager(host, port, user, localkey, com)
connect.remotecmd()
def removepkg(host, port, user, localkey, nodetype):
import connect
com = 'sudo yum -y remove openscap-scanner scap-security-guide'
connect = connect.ConnectionManager(host, port, user, localkey, com)
connect.remotecmd()
def install_pkg(host, port, user, localkey):
import connect
com = 'sudo yum -y install openscap-scanner scap-security-guide'
connect = connect.ConnectionManager(host, port, user, localkey, com)
connect.remotecmd()