def run_stage_remediation_bash(run_type, formatting, verbose_path):
"""
Returns False on error, or True in case of successful bash scripts
run."""
formatting['output_template'] = _BASH_TEMPLATE
send_arf_to_remote_machine_and_generate_remediations_there(
run_type, formatting, verbose_path)
if not get_file_remote(verbose_path, LogHelper.LOG_DIR,
formatting['domain_ip'],
'/' + formatting['output_file']):
return False
command_string = '/bin/bash -x /{output_file}'.format(**formatting)
returncode, output = common.run_cmd_remote(command_string,
formatting['domain_ip'],
verbose_path)
# Appends output of script execution to the verbose_path file.
with open(verbose_path, 'ab') as f:
f.write('Stdout of "{}":'.format(command_string).encode("utf-8"))
f.write(output.encode("utf-8"))
if returncode != 0:
msg = ('Bash script remediation run has exited with return code {} '
'instead of expected 0'.format(returncode))
LogHelper.preload_log(logging.ERROR, msg, 'fail')
return False
return True
def generate_fixes_remotely(formatting, verbose_path):
command_base = ['oscap', 'xccdf', 'generate', 'fix']
command_options = [
'--benchmark-id',
formatting['benchmark_id'],
'--profile',
formatting['profile'],
'--template',
formatting['output_template'],
'--output',
'/{output_file}'.format(**formatting),
]
command_operands = ['/{arf_file}'.format(**formatting)]
if 'result_id' in formatting:
command_options.extend(['--result-id', formatting['result_id']])
command_components = command_base + command_options + command_operands
command_string = ' '.join(
[single_quote_string(c) for c in command_components])
rc, stdout = common.run_cmd_remote(command_string, formatting['domain_ip'],
verbose_path)
if rc != 0:
msg = ('Command {0} ended with return code {1} (expected 0).'.format(
command_string, rc))
raise RuntimeError(msg)
