#!/bin/sh # # Update the CVE database every night. # # daily_go_cve_dictionary_enable - set to YES to enable nightly update of CVE definitions # daily_go_cve_dictionary_databases - This can be a space separated list of databases # Supported databases are: # nvd jvn fortinet # # All other configurations are made in %%PREFIX%%/etc/go-cve-dictionary.yaml. # If there is a global system configuration file, suck it in. # if [ -r /etc/defaults/periodic.conf ] then . /etc/defaults/periodic.conf source_periodic_confs fi : ${daily_go_cve_dictionary_enable:=NO} : ${daily_go_cve_dictionary_databases:=nvd} { # You can add arguments per database, for example # daily_go_cve_dictionary_nvd_args="2020 2021 2022 2023 2024" case "${daily_go_cve_dictionary_enable}" in [Yy][Ee][Ss]) for db in ${daily_go_cve_dictionary_databases}; do eval args="\${daily_go_cve_dictionary_${db}_args}" su -fm %%USERS%% \ -c "/usr/bin/env HOME=/var/db/vuls %%PREFIX%%/bin/go-cve-dictionary fetch ${db} ${args}" \ >> /var/log/vuls/go-cve-dictionary-updates.log 2>&1 done esac