test: skip long peass checks in PR-tests for workflow-chain validation

.github/workflows/CI-master_tests.yml

@@ -371,8 +371,8 @@ jobs:
       # Build linpeas
       - name: Build macpeas
         run: |
-          python3 -m pip install PyYAML
+          python3 -m pip install PyYAML --break-system-packages
-          python3 -m pip install requests
+          python3 -m pip install requests --break-system-packages
           cd linPEAS
           python3 -m builder.linpeas_builder --all --output linpeas_fat.sh
       

.github/workflows/PR-tests.yml

@@ -161,9 +161,11 @@ jobs:
         run: linPEAS/linpeas_fat.sh -o software_information -a
       
       - name: Run linpeas interesting_perms_files
+        if: ${{ false }}
         run: linPEAS/linpeas_fat.sh -o interesting_perms_files -a
       
       - name: Run linpeas interesting_files
+        if: ${{ false }}
         run: linPEAS/linpeas_fat.sh -o interesting_files -a
 
   Build_and_test_macpeas_pr:
@@ -178,8 +180,8 @@ jobs:
       # Build linpeas (macpeas)
       - name: Build macpeas
         run: |
-          python3 -m pip install PyYAML
+          python3 -m pip install PyYAML --break-system-packages
-          python3 -m pip install requests
+          python3 -m pip install requests --break-system-packages
           cd linPEAS
           python3 -m builder.linpeas_builder --all --output linpeas_fat.sh
       
@@ -207,4 +209,5 @@ jobs:
         run: linPEAS/linpeas_fat.sh -o users_information -a
       
       - name: Run macpeas software_information
+        if: ${{ false }}
         run: linPEAS/linpeas_fat.sh -o software_information -a

.github/workflows/chack-agent-pr-triage.yml

@@ -30,10 +30,15 @@ jobs:
       - name: Resolve PR context
         id: gate
         env:
+          PR_NUMBER: ${{ github.event.workflow_run.pull_requests[0].number }}
+          HEAD_BRANCH: ${{ github.event.workflow_run.head_branch }}
           GH_REPO: ${{ github.repository }}
           GH_TOKEN: ${{ github.token }}
         run: |
-          pr_number="${{ github.event.workflow_run.pull_requests[0].number }}"
+          pr_number="${PR_NUMBER}"
+          if [ -z "$pr_number" ] && [ -n "$HEAD_BRANCH" ]; then
+            pr_number="$(gh pr list --state open --head "$HEAD_BRANCH" --json number --jq '.[0].number')"
+          fi
           if [ -z "$pr_number" ]; then
             echo "No pull request found for this workflow_run; skipping."
             echo "should_run=false" >> "$GITHUB_OUTPUT"

.github/workflows/pr-failure-chack-agent-dispatch.yml

@@ -9,9 +9,7 @@ jobs:
   resolve_pr_context:
     if: >
       ${{ github.event.workflow_run.conclusion == 'failure' &&
-          github.event.workflow_run.pull_requests &&
+          !startsWith(github.event.workflow_run.head_commit.message || '', 'Fix CI failures for PR #') }}
-          github.event.workflow_run.pull_requests[0] &&
-          !startsWith(github.event.workflow_run.head_commit.message, 'Fix CI failures for PR #') }}
     runs-on: ubuntu-latest
     permissions:
       pull-requests: read
@@ -27,8 +25,23 @@ jobs:
         id: pr_context
         env:
           PR_NUMBER: ${{ github.event.workflow_run.pull_requests[0].number }}
+          HEAD_BRANCH: ${{ github.event.workflow_run.head_branch }}
           GH_TOKEN: ${{ github.token }}
         run: |
+          if [ -z "$PR_NUMBER" ] && [ -n "$HEAD_BRANCH" ]; then
+            PR_NUMBER="$(gh pr list --state open --head "$HEAD_BRANCH" --json number --jq '.[0].number')"
+          fi
+          if [ -z "$PR_NUMBER" ]; then
+            echo "No pull request found for workflow_run; skipping."
+            {
+              echo "number="
+              echo "author="
+              echo "head_repo="
+              echo "head_branch=${HEAD_BRANCH}"
+              echo "should_run=false"
+            } >> "$GITHUB_OUTPUT"
+            exit 0
+          fi
           pr_author=$(gh api -H "Accept: application/vnd.github+json" \
             /repos/${{ github.repository }}/pulls/${PR_NUMBER} \
             --jq '.user.login')
@@ -63,7 +76,7 @@ jobs:
       contents: write
       pull-requests: write
       issues: write
-      actions: read
+      actions: write
     env:
       CHACK_LOGS_HTTP_URL: ${{ secrets.CHACK_LOGS_HTTP_URL }}
     steps:
@@ -186,6 +199,7 @@ jobs:
         env:
           TARGET_BRANCH: ${{ needs.resolve_pr_context.outputs.head_branch }}
           PR_NUMBER: ${{ needs.resolve_pr_context.outputs.number }}
+          GH_TOKEN: ${{ github.token }}
         run: |
           if git diff --quiet; then
             echo "No changes to commit."
@@ -211,6 +225,7 @@ jobs:
             echo "Push failed (likely token workflow permission limits); leaving run successful without push."
             exit 0
           fi
+          gh workflow run PR-tests.yml --ref "${TARGET_BRANCH}"
 
       - name: Comment with Chack Agent result
         if: ${{ steps.run_chack.outputs.final-message != '' }}

linPEAS/builder/linpeas_builder.py

@@ -51,5 +51,5 @@ if __name__ == "__main__":
         print("You must specify one of the following options: --all, --all-no-fat, --small or --include")
         parser.print_help()
         exit(1)
-    
+
     main(all_modules, all_no_fat_modules, no_network_scanning, small, include_modules, exclude_modules, output)

linPEAS/builder/linpeas_parts/6_users_information/16_Subuid_subgid_mappings.sh

@@ -0,0 +1,36 @@
+# Title: Users Information - subuid/subgid mappings
+# ID: UG_Subuid_subgid_mappings
+# Author: Carlos Polop
+# Last Update: 13-02-2026
+# Description: Show delegated user namespace ID ranges from /etc/subuid and /etc/subgid.
+# License: GNU GPL
+# Version: 1.0
+# Functions Used: print_2title
+# Global Variables: $MACPEAS
+# Initial Functions:
+# Generated Global Variables:
+# Fat linpeas: 0
+# Small linpeas: 1
+
+
+print_2title "User namespace mappings (subuid/subgid)"
+if [ "$MACPEAS" ]; then
+  echo "Not applicable on macOS"
+else
+  if [ -r /etc/subuid ]; then
+    echo "subuid:"
+    grep -v -E '^\s*#|^\s*$' /etc/subuid 2>/dev/null
+  else
+    echo "/etc/subuid not readable or not present"
+  fi
+
+  if [ -r /etc/subgid ]; then
+    echo ""
+    echo "subgid:"
+    grep -v -E '^\s*#|^\s*$' /etc/subgid 2>/dev/null
+  else
+    echo "/etc/subgid not readable or not present"
+  fi
+fi
+echo ""
+