search

hubblestack / nova

Hubble's Auditing System. This repo is deprecated in favor of https://github.com/hubblestack/hubble-salt
https://hubblestack.io
Apache License 2.0
50 stars 26 forks source link

cve-scan-v2 KeyError in version comparison #279

Closed cedwards closed 7 years ago

cedwards commented 8 years ago 
[root@hostname.dmz ~]# salt-call hubble.audit show_success=False
[WARNING ] /usr/lib/python2.7/site-packages/salt/grains/core.py:1493: DeprecationWarning: The "osmajorrelease" will be a type of an integer.

[ERROR   ] Exception occurred in nova module:
[ERROR   ] Traceback (most recent call last):
  File "/var/cache/salt/minion/extmods/modules/hubble.py", line 180, in audit
    debug=debug)
  File "/var/cache/salt/minion/files/base/hubblestack_nova/cve_scan_v2.py", line 214, in audit
    if _is_vulnerable(local_version, affected_version, affected_obj.operator):
  File "/var/cache/salt/minion/files/base/hubblestack_nova/cve_scan_v2.py", line 303, in _is_vulnerable
    compare = __salt__['pkg.version_cmp'](local_version, affected_version)
  File "/usr/lib/python2.7/site-packages/salt/modules/yumpkg.py", line 544, in version_cmp
    return __salt__['lowpkg.version_cmp'](pkg1, pkg2, ignore_epoch=ignore_epoch)
  File "/usr/lib/python2.7/site-packages/salt/loader.py", line 1055, in __getitem__
    func = super(LazyLoader, self).__getitem__(item)
  File "/usr/lib/python2.7/site-packages/salt/utils/lazy.py", line 93, in __getitem__
    raise KeyError(key)
KeyError: 'lowpkg.version_cmp'

local:
    ----------
    Compliance:
        62%
    Errors:
        |_
          ----------
          /cve_scan_v2.py:
              ----------
              data:
                  KeyError: 'lowpkg.version_cmp'
              error:
                  exception occurred
[root@git2.dmz ~]# salt-call --versions-report
Salt Version:
           Salt: 2016.3.3

Dependency Versions:
           cffi: Not Installed
       cherrypy: Not Installed
       dateutil: Not Installed
          gitdb: Not Installed
      gitpython: Not Installed
          ioflo: Not Installed
         Jinja2: 2.7.2
        libgit2: Not Installed
        libnacl: Not Installed
       M2Crypto: Not Installed
           Mako: Not Installed
   msgpack-pure: Not Installed
 msgpack-python: 0.4.6
   mysql-python: Not Installed
      pycparser: Not Installed
       pycrypto: 2.6.1
         pygit2: Not Installed
         Python: 2.7.5 (default, Nov 20 2015, 02:00:19)
   python-gnupg: Not Installed
         PyYAML: 3.11
          PyZMQ: 15.3.0
           RAET: Not Installed
          smmap: Not Installed
        timelib: Not Installed
        Tornado: 4.2.1
            ZMQ: 4.1.4

System Versions:
           dist: centos 7.2.1511 Core
        machine: x86_64
        release: 3.10.0-327.el7.x86_64
         system: Linux
        version: CentOS Linux 7.2.1511 Core
cedwards commented 8 years ago

Still running into this, but only on CentOS 7.2. My initial guess is that it's specific to underlying differences in the yumpkg / yum / rpm libraries in Salt.

@jaredhanson11

gmiu commented 7 years ago

@cedwards, @basepi, I am unable to reproduce the issue on CentOS 7.2. The only difference between the two versions report is the kernel release.

# salt-call --versions-report
Salt Version:
           Salt: 2016.3.3

Dependency Versions:
           cffi: Not Installed
       cherrypy: Not Installed
       dateutil: Not Installed
          gitdb: Not Installed
      gitpython: Not Installed
          ioflo: Not Installed
         Jinja2: 2.7.2
        libgit2: Not Installed
        libnacl: Not Installed
       M2Crypto: Not Installed
           Mako: Not Installed
   msgpack-pure: Not Installed
 msgpack-python: 0.4.6
   mysql-python: Not Installed
      pycparser: Not Installed
       pycrypto: 2.6.1
         pygit2: Not Installed
         Python: 2.7.5 (default, Nov 20 2015, 02:00:19)
   python-gnupg: Not Installed
         PyYAML: 3.11
          PyZMQ: 15.3.0
           RAET: Not Installed
          smmap: Not Installed
        timelib: Not Installed
        Tornado: 4.2.1
            ZMQ: 4.1.4

System Versions:
           dist: centos 7.2.1511 Core
        machine: x86_64
        release: 3.10.0-327.36.3.el7.x86_64
         system: Linux
        version: CentOS Linux 7.2.1511 Core
gmiu commented 7 years ago

I forgot to mention that I have installed Nova-2016.10.2.

basepi commented 7 years ago

Yeah, in my experience it doesn't happen everywhere. @cedwards do you have a box that can reproduce this?

cedwards commented 7 years ago

I'm going to close this as I can no longer recreate either.