diff options
author | Marta Rybczynska <rybczynska@gmail.com> | 2022-05-02 16:25:36 +0200 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2022-05-03 17:49:50 +0100 |
commit | 341a7043c1ae22a5a02e85ffa6e92deb14a4d952 (patch) | |
tree | 42bf31936642d4a11e18e9776bdea53fd1bb5e84 /meta/recipes-core/meta/cve-update-db-native.bb | |
parent | 0fddde5ded54c25e6af6540cf2d1beec78bab77a (diff) | |
download | poky-341a7043c1ae22a5a02e85ffa6e92deb14a4d952.tar.gz |
cve-update-db-native: let the user to drive the update interval
Add a new variable CVE_DB_UPDATE_INTERVAL allowing the user to set
the database update interval.
- a positive value sets an interval (in seconds)
- a zero ("0") forces the database update
(From OE-Core rev: fe7bc6f16184d5ebdb1dd914b6dcb75c9e5e0c9c)
Signed-off-by: Marta Rybczynska <marta.rybczynska@huawei.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-core/meta/cve-update-db-native.bb')
-rw-r--r-- | meta/recipes-core/meta/cve-update-db-native.bb | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/meta/recipes-core/meta/cve-update-db-native.bb b/meta/recipes-core/meta/cve-update-db-native.bb index af39480dda..c8c1cbf115 100644 --- a/meta/recipes-core/meta/cve-update-db-native.bb +++ b/meta/recipes-core/meta/cve-update-db-native.bb | |||
@@ -13,6 +13,9 @@ deltask do_install | |||
13 | deltask do_populate_sysroot | 13 | deltask do_populate_sysroot |
14 | 14 | ||
15 | NVDCVE_URL ?= "https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-" | 15 | NVDCVE_URL ?= "https://nvd.nist.gov/feeds/json/cve/1.1/nvdcve-1.1-" |
16 | # CVE database update interval, in seconds. By default: once a day (24*60*60). | ||
17 | # Use 0 to force the update | ||
18 | CVE_DB_UPDATE_INTERVAL ?= "86400" | ||
16 | 19 | ||
17 | python () { | 20 | python () { |
18 | if not bb.data.inherits_class("cve-check", d): | 21 | if not bb.data.inherits_class("cve-check", d): |
@@ -44,11 +47,16 @@ python do_fetch() { | |||
44 | os.remove(db_file) | 47 | os.remove(db_file) |
45 | 48 | ||
46 | # The NVD database changes once a day, so no need to update more frequently | 49 | # The NVD database changes once a day, so no need to update more frequently |
50 | # Allow the user to force-update | ||
47 | try: | 51 | try: |
48 | import time | 52 | import time |
49 | if time.time() - os.path.getmtime(db_file) < (24*60*60): | 53 | update_interval = int(d.getVar("CVE_DB_UPDATE_INTERVAL")) |
54 | if (update_interval < 0): | ||
55 | update_interval = 0 | ||
56 | if time.time() - os.path.getmtime(db_file) < update_interval: | ||
50 | bb.debug(2, "Recently updated, skipping") | 57 | bb.debug(2, "Recently updated, skipping") |
51 | return | 58 | return |
59 | |||
52 | except OSError: | 60 | except OSError: |
53 | pass | 61 | pass |
54 | 62 | ||