jonsjava
commented
9 years ago The errors are caused by html/client/send_patches.php making a curl call to get package severity. It only works for Ubuntu anyhow (right now), so if you aren't using ubuntu, replace with the following:
<?php
include '../lib/db_config.php';
$client_key = filter_input(INPUT_SERVER, 'HTTP_X_CLIENT_KEY');
$client_check_sql = "SELECT `id`,`server_name` FROM `servers` WHERE `client_key` = '$client_key' AND `trusted`=1 LIMIT 1;";
$link = mysql_connect(DB_HOST, DB_USER, DB_PASS);
mysql_select_db(DB_NAME, $link);
$client_check_res = mysql_query($client_check_sql);
if (mysql_num_rows($client_check_res) == 1) {
$row = mysql_fetch_array($client_check_res);
$server_name = $row['server_name'];
$data = file_get_contents("php://input");
mysql_query("DELETE FROM `patches` WHERE `server_name`='$server_name';");
$package_array = explode("\n", $data);
$suppression_sql = "SELECT * from `supressed` WHERE `server_name` IN('$server_name',0);";
$suppression_res = mysql_query($sql);
if (mysql_num_rows($suppression_res) == 0){
$suppression_array = array("NO_SUPPRESSED_PACKAGES_FOUND");
}
else{
while ($suppression_row = mysql_fetch_assoc($suppression_res)){
$suppression_array[] = $suppression_row['package_name'];
}
}
foreach ($package_array as $val) {
$tmp_array = explode(":::", $val);
$package_name = $tmp_array[0];
$package_from = $tmp_array[1];
$package_to = $tmp_array[2];
$urgency = "unknown";
if (!in_array($package_name, $suppression_array)) {
$sql = "INSERT INTO patches(server_name,package_name,current,new,urgency,bug_url) VALUES('$server_name','$package_name','$package_from','$package_to','$urgency','$the_url');";
mysql_query($sql);
}
}
}
mysql_close();
Also, patch_checker.sh should only run on each node once every 2 hours. The only cron you should have on a node is to check-in every minute.
Let me know if this resolves your issue.
sfue83
First many thanks for this nice tool.
The Patch-Count counts up (apprx. 1 per minute) til it reaches the correct amount of patches needed and somewhen resets to 0 and starts again counting up. Furthermore I get some curl errors in patch-manager _error.log (curl: (7) couldn't connect to host). We have no way to go around the proxy so I've set env_vars for proxy but still this error is there. also shouldn't there be the CVE-link beside the patch? or is this curl error responsible for that one?
Thanks in advance for your help.