Lampas is for generic linux distro package security Scanner.
- the meaning of lampas is came from latin word 'Lampas'
- the word is from Ancient Greek λαμπάς (lampás, “lamp or flambeau”), from λάμπω (lámpō), perhaps from Proto-Indo-European *leh₂p- (“glow”)
Clair Generic Scan Server (HTTP)
-
Lampas is renamed from "clair-generic-scan-server". Lampas is latin words which means lamp or lantern.
-
You can scan any linux system not only docker but also bare-metal.
-
Clair use newest distro's NVD/CVE database. this means clair's DB is very accurated and fastest. There's no false negative or false positive issue.
-
Support Linux Distro.
- Ubuntu / Debian
- Centos / Redhat / Oracle
- Alpine
-
Clair is opensource project by CoreOS(Acquired by RedHat)
-
welcome any pull requests.
- Jioh L. Jung [email protected]: linkedin.com/in/ziozzang
- Clair DB format is 2.0.1 (on Clair Public Release)
- not working with VMWare Harbor or other 3rd party's modified clair release.
- Run with docker-compose. (easist method)
cd compose
docker-compose up -d
# wait for DB updating is complated. (maybe 10-30 min. time depend on network issue)
docker exec -it lampas python /opt/test.py
- You can test on bare-metal using with cli client.
- compatability
- Tested & Working: Centos7 / RHEL 7 / Debian 8,9 / Ubuntu 14.04 or above / Alpine
- Not working: Centos 6 / RHEL 6 / Debian 7
- Python version: python & requests module are required.
- Golang version: Static compiled binary does not need any requirements.
- compatability
# Python version
python ./cli/scanner.py http://127.0.0.1:5000
# Golang version
# - Build Binary
docker run -it --rm \
-v `pwd`/cli:/usr/src/scanner \
-w /usr/src/scanner \
-e "CGO_ENABLED=0" -e "GOOS=linux" \
golang bash -c \
"go get github.com/Jeffail/gabs && go get github.com/go-ini/ini && go build -a -ldflags '-extldflags \"-static\"' ."
# or you can use build scripts
cd cli
curl https://raw.githubusercontent.com/ziozzang/go-static-template/master/install | bash
BIN_NAME=scanner ./build.sh
# - Run
./cli/scanner http://127.0.0.1:5000
- Environments Parameters
- not yet documented
not yet documented.
docker build -t ziozzang/clair-generic-scan-server .
docker run -it --rm -p 5000:5000 --link pgsql:pgsql ziozzang/clair-generic-scan-server
- if no database updated, server return 500.
- no error processing
- no web ui.
- Documents
- API
- BSD.
- You can use any purpose.