scan vulnerabilities of the debian environment

[erickeller]

Issue Type

• Enhancement

Environment detail

N./A.

Desired Behaviour

scan the debian environement and list vulnerabilities using the debsecan tool like following:

ROOTFS=...
DISTRIBUTION_CODENAME=$(grep "VERSION=" ${ROOTFS}/etc/os-release | sed -e "s/.* [(]\(.*\)[)].*/\1/g")
mkdir -p ${ROOTFS}/tmp/security
chroot ${ROOTFS} bash -x << EOF
debsecan --suite ${DISTRIBUTION_CODENAME} --format detail --only-fixed > /tmp/security/output.debsecan
EOF

[lueschem]

This would be a cool "selling feature": edi lxc scan CONTAINER_NAME or edi target scan IP_ADDRESS I did not know about debsecan - it looks like a useful tool.