Add local scan mode.

If the scan target server is localhost, Don't use SSH. #210

README.ja.md

@@ -169,6 +169,7 @@ NVDから脆弱性データベースを取得する。
 環境によって異なるが、AWS上では10分程度かかる。
 
 ```bash
+$ cd $HOME
 $ for i in {2002..2016}; do go-cve-dictionary fetchnvd -years $i; done
 ... snip ...
 $ ls -alh cve.sqlite3
@@ -320,8 +321,17 @@ $ vuls tui
 
 # Architecture
 
+## A. Scan via SSH Mode
+
 ![Vuls-Architecture](img/vuls-architecture.png)
 
+## B. Scan without SSH (Local Scan Mode)
+
+Vulsをスキャン対象サーバにデプロイする。Vulsはローカルホストにコマンドを発行する(SSH経由ではない）。スキャン結果のJSONを別サーバに集約する。スキャン結果の詳細化のためにはCVEデータベースへのアクセスが必要なので、事前にgo-cve-dictionaryをserver modeで起動しておく。
+その集約サーバ上で、あなたはWebUIやTUIを用いて各スキャン対象サーバのスキャン結果を参照することが可能。
+
+![Vuls-Architecture Local Scan Mode](img/vuls-architecture-localscan.png)
+
 ## [go-cve-dictionary](https://github.com/kotakanbe/go-cve-dictionary)  
 - NVDとJVN(日本語)から脆弱性データベースを取得し、SQLite3に格納する。
 
@@ -714,6 +724,21 @@ $ vuls scan server1 server2
 - ノーパスワードでsudoが実行可能
 - configで定義されているサーバの中の、server1, server2のみスキャン
 
+## Example: Scan via shell instead of SSH.
+
+ローカルホストのスキャンする場合、SSHではなく直接コマンドの発行が可能。  
+config.tomlのhostに`localhost または 127.0.0.1`かつ、portに`local`を設定する必要がある。  
+For more details, see [Architecture section](https://github.com/future-architect/vuls#architecture)
+
+- config.toml
+  ```
+  [servers]
+
+  [servers.localhost]
+  host         = "localhost" # or "127.0.0.1"
+  port         = "local" 
+  ```
+
 ## Example: Scan Docker containers
 
 DockerコンテナはSSHデーモンを起動しないで運用するケースが一般的。  
@@ -747,9 +772,22 @@ Vulsは、DockerホストにSSHで接続し、`docker exec`でDockerコンテナ
     keyPath     = "/home/username/.ssh/id_rsa"
     containers = ["container_name_a", "4aa37a8b63b9"]
     ```
+
 - コンテナのみをスキャンする場合（ホストはスキャンしない）  
   --containers-onlyオプションを指定する
 
+- LXDコンテナをスキャンする場合  
+    ```
+    [servers]
+
+    [servers.172-31-4-82]
+    host         = "172.31.4.82"
+    user        = "ec2-user"
+    keyPath     = "/home/username/.ssh/id_rsa"
+    containers = ["${running}"]
+    [servers.172-31-4-82.container]
+    type = "lxd"
+    ```
 
 # Usage: Report
 

README.md

@@ -173,6 +173,7 @@ Fetch vulnerability data from NVD.
 It takes about 10 minutes (on AWS).  
 
 ```bash
+$ cd $HOME
 $ for i in {2002..2016}; do go-cve-dictionary fetchnvd -years $i; done
 ... snip ...
 $ ls -alh cve.sqlite3
@@ -319,8 +320,17 @@ see https://github.com/future-architect/vuls/tree/master/setup/docker
 
 # Architecture
 
+## A. Scan via SSH Mode
+
 ![Vuls-Architecture](img/vuls-architecture.png)
 
+## B. Scan without SSH (Local Scan Mode)
+
+Deploy Vuls to the scan target server. Vuls issues a command to the local host (not via SSH). Aggregate the JSON of the scan result into another server. Since it is necessary to access the CVE database in order to refine the scan result, start go-cve-dictionary in server mode beforehand.
+On the aggregation server, you can refer to the scanning result of each scan target server using WebUI or TUI.
+
+![Vuls-Architecture Local Scan Mode](img/vuls-architecture-localscan.png)
+
 ## [go-cve-dictinary](https://github.com/kotakanbe/go-cve-dictionary)  
 - Fetch vulnerability information from NVD and JVN(Japanese), then insert into SQLite3 or MySQL.
 
@@ -721,9 +731,23 @@ With this sample command, it will ..
 - Use SSH Key-Based authentication with empty password (without -ask-key-password option)
 - Scan only 2 servers (server1, server2)
 
-## Example: Scan Docker containers
+## Example: Scan via shell instead of SSH.
+
+Vuls scans localhost instead of SSH if the host address is `localhst or 127.0.0.1` and the port is `local` in config.
+For more details, see [Architecture section](https://github.com/future-architect/vuls#architecture)
+
+- config.toml
+  ```
+  [servers]
+
+  [servers.localhost]
+  host         = "localhost" # or "127.0.0.1"
+  port         = "local" 
+  ```
+
+## Example: Scan containers (Docker/LXD)
 
-It is common that keep Docker containers running without SSHd daemon.  
+It is common that keep containers running without SSHd daemon.  
 see [Docker Blog:Why you don't need to run SSHd in your Docker containers](https://blog.docker.com/2014/06/why-you-dont-need-to-run-sshd-in-docker/)
 
 Vuls scans Docker containers via `docker exec` instead of SSH.  
@@ -758,6 +782,19 @@ For more details, see [Architecture section](https://github.com/future-architect
 - To scan containers only
   - --containers-only option is available.
 
+- To scan LXD Containers
+    ```
+    [servers]
+
+    [servers.172-31-4-82]
+    host         = "172.31.4.82"
+    user        = "ec2-user"
+    keyPath     = "/home/username/.ssh/id_rsa"
+    containers = ["${running}"]
+    [servers.172-31-4-82.container]
+    type = "lxd"
+    ```
+
 ----
 
 # Usage: Report

commands/discover.go

@@ -116,11 +116,12 @@ subjectPrefix = "[vuls]"
 #  "cpe:/a:rubyonrails:ruby_on_rails:4.2.1",
 #]
 #dependencyCheckXMLPath = "/tmp/dependency-check-report.xml"
-#containers = ["${running}"]
 #ignoreCves = ["CVE-2014-6271"]
 #optional = [
 #    ["key", "value"],
 #]
+#containers = ["${running}"]
+
 
 [servers]
 {{- $names:=  .Names}}
@@ -134,11 +135,15 @@ host         = "{{$ip}}"
 #  "cpe:/a:rubyonrails:ruby_on_rails:4.2.1",
 #]
 #dependencyCheckXMLPath = "/tmp/dependency-check-report.xml"
-#containers = ["${running}"]
 #ignoreCves = ["CVE-2014-0160"]
 #optional = [
 #    ["key", "value"],
 #]
+#containers = ["${running}"]
+#[servers.{{index $names $i}}.container]
+#type = "docker" #or "lxd" defualt: docker
+
+
 {{end}}
 
 `

config/tomlloader.go

@@ -62,15 +62,6 @@ func (c TOMLLoader) Load(pathToToml, keyPass string) error {
 
 		s := ServerInfo{ServerName: name}
 
-		switch {
-		case v.User != "":
-			s.User = v.User
-		case d.User != "":
-			s.User = d.User
-		default:
-			return fmt.Errorf("%s is invalid. User is empty", name)
-		}
-
 		s.Host = v.Host
 		if len(s.Host) == 0 {
 			return fmt.Errorf("%s is invalid. host is empty", name)
@@ -85,6 +76,17 @@ func (c TOMLLoader) Load(pathToToml, keyPass string) error {
 			s.Port = "22"
 		}
 
+		switch {
+		case v.User != "":
+			s.User = v.User
+		case d.User != "":
+			s.User = d.User
+		default:
+			if s.Port != "local" {
+				return fmt.Errorf("%s is invalid. User is empty", name)
+			}
+		}
+
 		s.KeyPath = v.KeyPath
 		if len(s.KeyPath) == 0 {
 			s.KeyPath = d.KeyPath