Support local remote files in wrappers

This adds --local-files to oscap-chroot, oscap-ssh and oscap-vm. In oscap-ssh we need to copy the files to the remote machine, which is a similar thing that we do with tailoring and other files.
DoctorPepper12 · Jul 23, 2021 · 66ae271 · 66ae271
1 parent 34ebf46
commit 66ae271
Show file tree

Hide file tree

Showing 6 changed files with 22 additions and 0 deletions.
diff --git a/utils/oscap-chroot b/utils/oscap-chroot
@@ -53,6 +53,7 @@ function usage()
     echo "  --skip-valid"
     echo "  --skip-validation"
     echo "  --fetch-remote-resources"
+    echo "  --local-files"
     echo "  --progress"
     echo "  --datastream-id"
     echo "  --xccdf-id"

diff --git a/utils/oscap-chroot.8 b/utils/oscap-chroot.8
@@ -23,6 +23,7 @@ supported oscap xccdf eval options are:
   --skip-valid
   --skip-validation
   --fetch-remote-resources
+  --local-files
   --progress
   --datastream-id
   --xccdf-id

diff --git a/utils/oscap-ssh b/utils/oscap-ssh
@@ -54,6 +54,7 @@ function usage()
     echo "  --skip-valid"
     echo "  --skip-validation"
     echo "  --fetch-remote-resources"
+    echo "  --local-files"
     echo "  --progress"
     echo "  --datastream-id"
     echo "  --xccdf-id"
@@ -110,6 +111,12 @@ function scp_copy_to_temp_dir {
     scp -o ControlPath="$MASTER_SOCKET" -P "$SSH_PORT" $SSH_ADDITIONAL_OPTIONS "$1" "$SSH_HOST:$REMOTE_TEMP_DIR/$2"
 }
 
+# $1: Local directory name to copy
+# $2: Remote destination
+function scp_copy_dir_to_temp_dir {
+    scp -r -o ControlPath="$MASTER_SOCKET" -P "$SSH_PORT" $SSH_ADDITIONAL_OPTIONS "$1" "$SSH_HOST:$REMOTE_TEMP_DIR/$2"
+}
+
 # $1: Remote filename to get
 # $2: Local destination
 function scp_retreive_from_temp_dir {
@@ -196,6 +203,7 @@ oscap_args=("$@")
 
 LOCAL_CONTENT_PATH=""
 LOCAL_TAILORING_PATH=""
+LOCAL_LOCAL_FILES_PATH=""
 LOCAL_CPE_PATH=""
 LOCAL_VARIABLES_PATH=""
 LOCAL_DIRECTIVES_PATH=""
@@ -214,6 +222,10 @@ for i in $(seq 0 `expr $# - 1`); do
         LOCAL_TAILORING_PATH=${oscap_args[j]}
         oscap_args[j]="$REMOTE_TEMP_DIR/tailoring.xml"
       ;;
+    ("--local-files")
+        LOCAL_LOCAL_FILES_PATH=${oscap_args[j]}
+        oscap_args[j]="$REMOTE_TEMP_DIR/local_files"
+      ;;
     ("--cpe")
         LOCAL_CPE_PATH=${oscap_args[j]}
         oscap_args[j]="$REMOTE_TEMP_DIR/cpe.xml"
@@ -258,6 +270,7 @@ fi
 
 [ "$LOCAL_CONTENT_PATH" == "" ] || [ -f "$LOCAL_CONTENT_PATH" ] || die "Expected the last argument to be an input file, '$LOCAL_CONTENT_PATH' isn't a valid file path or the file doesn't exist!"
 [ "$LOCAL_TAILORING_PATH" == "" ] || [ -f "$LOCAL_TAILORING_PATH" ] || die "Tailoring file path '$LOCAL_TAILORING_PATH' isn't a valid file path or the file doesn't exist!"
+[ "$LOCAL_LOCAL_FILES_PATH" == "" ] || [ -d "$LOCAL_LOCAL_FILES_PATH" ] || die "Directory '$LOCAL_LOCAL_FILES_PATH' isn't a valid directory path or the directory doesn't exist!"
 [ "$LOCAL_CPE_PATH" == "" ] || [ -f "$LOCAL_CPE_PATH" ] || die "CPE file path '$LOCAL_CPE_PATH' isn't a valid file path or the file doesn't exist!"
 [ "$LOCAL_VARIABLES_PATH" == "" ] || [ -f "$LOCAL_VARIABLES_PATH" ] || die "OVAL variables file path '$LOCAL_VARIABLES_PATH' isn't a valid file path or the file doesn't exist!"
 [ "$LOCAL_DIRECTIVES_PATH" == "" ] || [ -f "$LOCAL_DIRECTIVES_PATH" ] || die "OVAL directives file path '$LOCAL_DIRECTIVES_PATH' isn't a valid file path or the file doesn't exist!"
@@ -270,6 +283,10 @@ if [ "$LOCAL_TAILORING_PATH" != "" ]; then
     echo "Copying tailoring file '$LOCAL_TAILORING_PATH' to remote working directory '$REMOTE_TEMP_DIR'..."
     scp_copy_to_temp_dir "$LOCAL_TAILORING_PATH" tailoring.xml || die "Failed to copy tailoring file to remote temporary directory!"
 fi
+if [ "$LOCAL_LOCAL_FILES_PATH" != "" ]; then
+    echo "Copying directory '$LOCAL_LOCAL_FILES_PATH' to remote working directory '$REMOTE_TEMP_DIR'..."
+    scp_copy_dir_to_temp_dir "$LOCAL_LOCAL_FILES_PATH" local_files || die "Failed to copy directory $LOCAL_LOCAL_FILES_PATH to remote temporary directory!"
+fi
 if [ "$LOCAL_CPE_PATH" != "" ]; then
     echo "Copying CPE file '$LOCAL_CPE_PATH' to remote working directory '$REMOTE_TEMP_DIR'..."
     scp_copy_to_temp_dir "$LOCAL_CPE_PATH" cpe.xml || die "Failed to copy CPE file to remote temporary directory!"

diff --git a/utils/oscap-ssh.8 b/utils/oscap-ssh.8
@@ -29,6 +29,7 @@ Supported options are:
   --skip-valid
   --skip-validation
   --fetch-remote-resources
+  --local-files
   --progress
   --datastream-id
   --xccdf-id

diff --git a/utils/oscap-vm b/utils/oscap-vm
@@ -51,6 +51,7 @@ function usage()
     echo "  --skip-valid"
     echo "  --skip-validation"
     echo "  --fetch-remote-resources"
+    echo "  --local-files"
     echo "  --progress"
     echo "  --datastream-id"
     echo "  --xccdf-id"

diff --git a/utils/oscap-vm.8 b/utils/oscap-vm.8
@@ -65,6 +65,7 @@ Supported oscap xccdf eval options are:
   \-\-skip-valid
   \-\-skip-validation
   \-\-fetch-remote-resources
+  \-\-local-files
   \-\-progress
   \-\-datastream-id <id>
   \-\-xccdf-id <id>