fix(redhat-based): collect running kernel packages

[MaineK00n]

What did you implement:

Fixes #1916

Type of change

• Bug fix (non-breaking change which fixes an issue)

How Has This Been Tested?

setup

$ cat Vagrantfile
# -*- mode: ruby -*-
# vi: set ft=ruby :

# All Vagrant configuration is done below. The "2" in Vagrant.configure
# configures the configuration version (we support older styles for
# backwards compatibility). Please don't change it unless you know what
# you're doing.
Vagrant.configure("2") do |config|
  # The most common configuration options are documented and commented below.
  # For a complete reference, please see the online documentation at
  # https://docs.vagrantup.com.

  # Every Vagrant development environment requires a box. You can search for
  # boxes at https://vagrantcloud.com/search.
  config.vm.box = "almalinux/9"
  config.vm.box_version = "9.0.20220531"

  # Disable automatic box update checking. If you disable this, then
  # boxes will only be checked for updates when the user runs
  # `vagrant box outdated`. This is not recommended.
  # config.vm.box_check_update = false

  # Create a forwarded port mapping which allows access to a specific port
  # within the machine from a port on the host machine. In the example below,
  # accessing "localhost:8080" will access port 80 on the guest machine.
  # NOTE: This will enable public access to the opened port
  # config.vm.network "forwarded_port", guest: 80, host: 8080

  # Create a forwarded port mapping which allows access to a specific port
  # within the machine from a port on the host machine and only allow access
  # via 127.0.0.1 to disable public access
  # config.vm.network "forwarded_port", guest: 80, host: 8080, host_ip: "127.0.0.1"

  # Create a private network, which allows host-only access to the machine
  # using a specific IP.
  # config.vm.network "private_network", ip: "192.168.33.10"

  # Create a public network, which generally matched to bridged network.
  # Bridged networks make the machine appear as another physical device on
  # your network.
  # config.vm.network "public_network"

  # Share an additional folder to the guest VM. The first argument is
  # the path on the host to the actual folder. The second argument is
  # the path on the guest to mount the folder. And the optional third
  # argument is a set of non-required options.
  # config.vm.synced_folder "../data", "/vagrant_data"

  # Disable the default share of the current code directory. Doing this
  # provides improved isolation between the vagrant box and your host
  # by making sure your Vagrantfile isn't accessible to the vagrant box.
  # If you use this you may want to enable additional shared subfolders as
  # shown above.
  # config.vm.synced_folder ".", "/vagrant", disabled: true

  # Provider-specific configuration so you can fine-tune various
  # backing providers for Vagrant. These expose provider-specific options.
  # Example for VirtualBox:
  #
  # config.vm.provider "virtualbox" do |vb|
  #   # Display the VirtualBox GUI when booting the machine
  #   vb.gui = true
  #
  #   # Customize the amount of memory on the VM:
  #   vb.memory = "1024"
  # end
  #
  # View the documentation for the provider you are using for more
  # information on available options.

  if Vagrant.has_plugin?("vagrant-vbguest")
    config.vbguest.auto_update = false  
  end

  config.vm.provision "shell", privileged: false do |s|
    ssh_pub_key = ""
    if File.file?("../../.ssh/id_rsa.pub")
      ssh_pub_key = File.readlines("../../.ssh/id_rsa.pub").first.strip
    else
      puts "No SSH key found. You will need to remedy this before pushing to the repository."
    end
    s.inline = <<-SHELL
      if grep -sq "#{ssh_pub_key}" /home/vagrant/.ssh/authorized_keys; then
        echo "SSH keys already provisioned."
        exit 0;
      fi
      echo "SSH key provisioning."
      mkdir -p /home/vagrant/.ssh/
      touch /home/vagrant/.ssh/authorized_keys
      echo #{ssh_pub_key} >> /home/vagrant/.ssh/authorized_keys
    SHELL
  end

  # Enable provisioning with a shell script. Additional provisioners such as
  # Ansible, Chef, Docker, Puppet and Salt are also available. Please see the
  # documentation for more information about their specific syntax and use.
  config.vm.provision "shell", inline: <<-SHELL
    dnf install -y openssh-server glibc-langpack-en dnf-utils which lsof procps-ng iproute

    dnf install -y kernel-5.14.0-427.13.1.el9_4.x86_64 
    dnf install -y kernel-debug-5.14.0-427.13.1.el9_4.x86_64 
    dnf install -y kernel-debug-5.14.0-427.18.1.el9_4.x86_64
    grubby --set-default=/boot/vmlinuz-5.14.0-427.13.1.el9_4.x86_64+debug
  SHELL
end

$ vagrant up --provision
$ vagrant reload
$ vagrant ssh
[vagrant@localhost ~]$ uname -a
Linux localhost.localdomain 5.14.0-427.13.1.el9_4.x86_64+debug #1 SMP PREEMPT_DYNAMIC Tue Apr 30 17:53:07 EDT 2024 x86_64 x86_64 x86_64 GNU/Linux
[vagrant@localhost ~]$ rpm -qa --queryformat "%{NAME} %{EPOCHNUM} %{VERSION} %{RELEASE} %{ARCH} %{MODULARITYLABEL}\n" | grep kernel
kernel-tools-libs 0 5.14.0 70.13.1.el9_0 x86_64 (none)
kernel-core 0 5.14.0 70.13.1.el9_0 x86_64 (none)
kernel-modules 0 5.14.0 70.13.1.el9_0 x86_64 (none)
kernel-tools 0 5.14.0 70.13.1.el9_0 x86_64 (none)
kernel 0 5.14.0 70.13.1.el9_0 x86_64 (none)
kernel-srpm-macros 0 1.0 11.el9 noarch (none)
kernel-debug-modules-core 0 5.14.0 427.13.1.el9_4 x86_64 (none)
kernel-debug-core 0 5.14.0 427.13.1.el9_4 x86_64 (none)
kernel-debug-modules 0 5.14.0 427.13.1.el9_4 x86_64 (none)
kernel-debug 0 5.14.0 427.13.1.el9_4 x86_64 (none)
kernel-debug-modules-core 0 5.14.0 427.18.1.el9_4 x86_64 (none)
kernel-debug-core 0 5.14.0 427.18.1.el9_4 x86_64 (none)
kernel-debug-modules 0 5.14.0 427.18.1.el9_4 x86_64 (none)
kernel-debug 0 5.14.0 427.18.1.el9_4 x86_64 (none)
kernel-modules-core 0 5.14.0 427.13.1.el9_4 x86_64 (none)
kernel-core 0 5.14.0 427.13.1.el9_4 x86_64 (none)
kernel-modules 0 5.14.0 427.13.1.el9_4 x86_64 (none)
kernel 0 5.14.0 427.13.1.el9_4 x86_64 (none)

before

$ vuls scan
$ cat results/2024-06-04T00-07-52+0900/vagrant.json | jq '.packages."kernel-debug"'
{
  "name": "kernel-debug",
  "version": "5.14.0",
  "release": "427.18.1.el9_4", // not running kernel release
  "newVersion": "5.14.0",
  "newRelease": "427.18.1.el9_4",
  "arch": "x86_64",
  "repository": "",
  "modularitylabel": ""
}

after

$ vuls scan
$ cat results/2024-06-05T15-11-46+0900/vagrant.json | jq '.packages."kernel-debug"'
{
  "name": "kernel-debug",
  "version": "5.14.0",
  "release": "427.13.1.el9_4",
  "newVersion": "5.14.0",
  "newRelease": "427.13.1.el9_4",
  "arch": "x86_64",
  "repository": "",
  "modularitylabel": ""
}

Checklist:

You don't have to satisfy all of the following.

• Write tests
• Write documentation
• Check that there aren't other open pull requests for the same issue/feature
• Format your source code by make fmt
• Pass the test by make test
• Provide verification config / commands
• Enable "Allow edits from maintainers" for this PR
• Update the messages below

Is this ready for review?: YES

Reference

[shino]

Fabulous!