diff options
| author |   Giuseppe Foti <foti.giuseppe@gmail.com> | 2023-05-20 19:25:01 +0200 |
|---|---|---|
| committer |   Florian Schmaus <flow@gentoo.org> | 2023-07-03 10:15:23 +0200 |
| commit | afc85202ab1b002e5a235b13d7a130d3e2ed7bca (patch) | |
| tree | 3ab03076d45bb9fb0c052d4e0cb4a35dec2877b2 /net-analyzer | |
| parent | net-analyzer/notus-scanner: new package, add 22.5.0 (diff) | |
| download | gentoo-afc85202ab1b002e5a235b13d7a130d3e2ed7bca.tar.gz gentoo-afc85202ab1b002e5a235b13d7a130d3e2ed7bca.tar.bz2 gentoo-afc85202ab1b002e5a235b13d7a130d3e2ed7bca.zip | |
net-analyzer/openvas-scanner: add 22.7.2
Signed-off-by: Giuseppe Foti <foti.giuseppe@gmail.com>
Signed-off-by: Florian Schmaus <flow@gentoo.org>
Diffstat (limited to 'net-analyzer')
9 files changed, 223 insertions, 0 deletions
diff --git a/net-analyzer/openvas-scanner/Manifest b/net-analyzer/openvas-scanner/Manifest index f305491728b5..ccffb76d4e52 100644 --- a/net-analyzer/openvas-scanner/Manifest +++ b/net-analyzer/openvas-scanner/Manifest @@ -1 +1,2 @@ DIST openvas-scanner-21.4.4.tar.gz 460601 BLAKE2B 66d627e76912735539399aed637fdc07a7d13c9e4eb142498dcf181b8ea952dd93107bcc1f2ef577126178ff3dad1e5f6e50d67840692cd49f7352e3a726ce8f SHA512 f2fe1f802b14fc41ee0d7657d031d318b651c3ec9ef554b33379a7459d40c17b44525c8f666ccb9670868576c101766936dd0c700778e46683bf43f0683834b6 +DIST openvas-scanner-22.7.2.tar.gz 924274 BLAKE2B 71b954c717f0be1634cf3561aa82c3b66af160c81b2b403b2be0d1247cad4cdfbd6779677c7d23d35c0f0e4e45b5ab30b4e1687a6b5c1b460cb034a87592b09c SHA512 cced0b3dd56cc85aa69ca7de7229c9e1a1103afd38fbf15776d29a6558c04b3e361acc3fb872f77f7f23c69339ffa25ef5ecd217ef7dafa42534547d039d8f9b diff --git a/net-analyzer/openvas-scanner/files/README.gentoo b/net-analyzer/openvas-scanner/files/README.gentoo new file mode 100644 index 000000000000..16547c23c7b4 --- /dev/null +++ b/net-analyzer/openvas-scanner/files/README.gentoo @@ -0,0 +1,3 @@ +The redis configuration file is located in: +/etc/gvm/redis-openvas.conf +Please apply your changes to the new configuration files. diff --git a/net-analyzer/openvas-scanner/files/openvas.conf-22 b/net-analyzer/openvas-scanner/files/openvas.conf-22 new file mode 100644 index 000000000000..b2d964ff4b53 --- /dev/null +++ b/net-analyzer/openvas-scanner/files/openvas.conf-22 @@ -0,0 +1 @@ +db_address = /run/redis-openvas/redis.sock diff --git a/net-analyzer/openvas-scanner/files/redis-openvas.confd b/net-analyzer/openvas-scanner/files/redis-openvas.confd new file mode 100644 index 000000000000..2e9ec5cfbf16 --- /dev/null +++ b/net-analyzer/openvas-scanner/files/redis-openvas.confd @@ -0,0 +1,20 @@ +# Redis user. +REDIS_USER="gvm" + +# Redis group. +REDIS_GROUP="gvm" + +# Redis configuration file. +REDIS_CONF="/etc/gvm/redis-openvas.conf" + +# Redis dump directory. +REDIS_DIR="/var/lib/gvm/redis" + +# Redis options. +# (Redis expects the first argument to be the configuration file.) +REDIS_OPTS="${REDIS_CONF}" + +# Specify the network service that corresponds to the "bind" setting +# in your redis.conf. For example, if you bind to 127.0.0.1, this should +# be set to "net.lo" which provides the loopback interface. +rc_need="net.lo" diff --git a/net-analyzer/openvas-scanner/files/redis-openvas.initd b/net-analyzer/openvas-scanner/files/redis-openvas.initd new file mode 100644 index 000000000000..5c50d29dae6a --- /dev/null +++ b/net-analyzer/openvas-scanner/files/redis-openvas.initd @@ -0,0 +1,25 @@ +#!/sbin/openrc-run +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +: ${REDIS_DIR:=/var/lib/gvm/redis} +: ${REDIS_CONF:=/etc/gvm/redis-openvas.conf} +: ${REDIS_OPTS:="${REDIS_CONF}"} +: ${REDIS_USER:=gvm} +: ${REDIS_GROUP:=gvm} +: ${REDIS_TIMEOUT:=30} + +# https://bugs.gentoo.org/631002#c10 +# Force '--daemonize no' to override the config file +command="/usr/sbin/redis-server" +command_args="${REDIS_OPTS} --daemonize no" +command_background="true" +command_user="${REDIS_USER}:${REDIS_GROUP}" +pidfile="/run/${RC_SVCNAME}/redis-server.pid" +retry="${REDIS_TIMEOUT}" +start_stop_daemon_args="--chdir \"${REDIS_DIR}\"" + +depend() { + use localmount logger + after keepalived +} diff --git a/net-analyzer/openvas-scanner/files/redis-openvas.service b/net-analyzer/openvas-scanner/files/redis-openvas.service new file mode 100644 index 000000000000..5eb8dd29e287 --- /dev/null +++ b/net-analyzer/openvas-scanner/files/redis-openvas.service @@ -0,0 +1,13 @@ +[Unit] +Description=A persistent key-value database +After=syslog.target network.target +PartOf=gvm.target + +[Service] +Type=forking +PIDFile=/run/redis-openvas/redis-server.pid +ExecStart=/usr/sbin/redis-server /etc/gvm/redis-openvas.conf +User=gvm + +[Install] +WantedBy=multi-user.target diff --git a/net-analyzer/openvas-scanner/files/redis-openvas.tmpfiles b/net-analyzer/openvas-scanner/files/redis-openvas.tmpfiles new file mode 100644 index 000000000000..6dea2932cc0b --- /dev/null +++ b/net-analyzer/openvas-scanner/files/redis-openvas.tmpfiles @@ -0,0 +1,2 @@ +# redis runtime directory +d /run/redis-openvas 0755 gvm root - diff --git a/net-analyzer/openvas-scanner/metadata.xml b/net-analyzer/openvas-scanner/metadata.xml index 20db261053a1..8b98cc0ee111 100644 --- a/net-analyzer/openvas-scanner/metadata.xml +++ b/net-analyzer/openvas-scanner/metadata.xml @@ -2,6 +2,10 @@ <!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> <pkgmetadata> <maintainer type="person" proxied="yes"> + <email>foti.giuseppe@gmail.com</email> + <name>Giuseppe Foti</name> + </maintainer> + <maintainer type="person" proxied="yes"> <email>jonas.licht@gmail.com</email> <name>Jonas Licht</name> </maintainer> diff --git a/net-analyzer/openvas-scanner/openvas-scanner-22.7.2.ebuild b/net-analyzer/openvas-scanner/openvas-scanner-22.7.2.ebuild new file mode 100644 index 000000000000..fec03e1535be --- /dev/null +++ b/net-analyzer/openvas-scanner/openvas-scanner-22.7.2.ebuild @@ -0,0 +1,154 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit cmake systemd tmpfiles toolchain-funcs readme.gentoo-r1 optfeature + +MY_PN="openvas" +MY_DN="openvassd" + +DESCRIPTION="Open Vulnerability Assessment Scanner" +HOMEPAGE="https://www.greenbone.net https://github.com/greenbone/openvas-scanner/" +SRC_URI="https://github.com/greenbone/openvas-scanner/archive/v${PV}.tar.gz -> ${P}.tar.gz" + +SLOT="0" +LICENSE="GPL-2 GPL-2+" +KEYWORDS="~amd64 ~x86" +IUSE="doc snmp test" +RESTRICT="!test? ( test )" + +DEPEND=" + acct-user/gvm + dev-db/redis + dev-libs/glib:2 + >=dev-libs/json-glib-1.4.4 + >=net-libs/gnutls-3.2.15 + >=net-analyzer/gvm-libs-22.4 + net-libs/libpcap + app-crypt/gpgme:= + dev-libs/libgcrypt:= + dev-libs/libgpg-error + >=dev-libs/libksba-1.0.7 + >=net-libs/libssh-0.6.0 + dev-libs/libbsd + snmp? ( net-analyzer/net-snmp:= ) +" +RDEPEND="${DEPEND}" +BDEPEND=" + >=sys-devel/bison-2.5 + sys-devel/flex + virtual/pkgconfig + doc? ( + app-doc/doxygen[dot] + app-doc/xmltoman + app-text/htmldoc + dev-perl/CGI + dev-perl/SQL-Translator + virtual/pandoc + ) + test? ( dev-libs/cgreen ) +" + +src_prepare() { + cmake_src_prepare + # QA-Fix | Correct FHS/Gentoo policy paths for 7.0.0 + sed -i -e "s*/doc/openvas-scanner/*/doc/openvas-scanner-${PV}/*g" "${S}"/src/CMakeLists.txt || die + # QA-Fix | Remove !CLANG doxygen warnings for 7.0.0 + if use doc; then + if ! tc-is-clang; then + local f + for f in doc/*.in + do + sed -i \ + -e "s*CLANG_ASSISTED_PARSING = NO*#CLANG_ASSISTED_PARSING = NO*g" \ + -e "s*CLANG_OPTIONS*#CLANG_OPTIONS*g" \ + "${f}" || die "couldn't disable CLANG parsing" + done + fi + fi + + #Remove tests that doesn't work in the network sandbox + if use test; then + sed -i 's/add_test (pcap-test pcap-test)/ /g' misc/CMakeLists.txt || die + fi +} + +src_configure() { + local mycmakeargs=( + "-DLOCALSTATEDIR=${EPREFIX}/var" + "-DSYSCONFDIR=${EPREFIX}/etc" + "-DSBINDIR=${EPREFIX}/usr/bin" + "-DOPENVAS_FEED_LOCK_PATH=${EPREFIX}/var/lib/openvas/feed-update.lock" + "-DBUILD_WITH_SNMP=$(usex snmp)" + "-DPENVAS_RUN_DIR=/run/ospd" + "-DINSTALL_OLD_SYNC_SCRIPT=OFF" + ) + cmake_src_configure +} + +src_compile() { + cmake_src_compile + if use doc; then + cmake_build -C "${BUILD_DIR}" doxygen-full manual + fi + cmake_build rebuild_cache + if use test; then + cmake_build tests + fi +} + +src_install() { + if use doc; then + mv "${BUILD_DIR}"/doc/html "${BUILD_DIR}"/doc/html-manual || die + local HTML_DOCS=( + "${BUILD_DIR}"/doc/generated/html/. + "${BUILD_DIR}"/doc/html-manual + ) + fi + cmake_src_install + + insinto /etc/logrotate.d + newins "${FILESDIR}/${MY_DN}.logrotate" "${MY_DN}" + + # Set proper permissions on required files/directories + keepdir /var/log/gvm + if ! use prefix; then + fowners gvm:gvm /var/log/gvm + fi + + keepdir /var/lib/openvas/{gnupg,plugins} + if ! use prefix; then + fowners -R gvm:gvm /var/lib/openvas + fi + + insinto /etc/openvas + newins "${FILESDIR}/openvas.conf-22" openvas.conf + + systemd_newunit "${FILESDIR}/redis-openvas.service" redis-openvas.service + newtmpfiles "${FILESDIR}/redis-openvas.tmpfiles" redis-openvas.conf + + insinto /etc/gvm + doins config/redis-openvas.conf + use prefix || fowners -R gvm:gvm /etc/gvm /etc/gvm/redis-openvas.conf + fperms 0750 /etc/gvm + fperms 0644 /etc/gvm/redis-openvas.conf + + newconfd "${FILESDIR}/redis-openvas.confd" redis-openvas + newinitd "${FILESDIR}/redis-openvas.initd" redis-openvas + + if use prefix; then + diropts -m0750 + else + diropts -m0750 -o gvm -g gvm + fi + keepdir /var/lib/openvas/redis + + readme.gentoo_create_doc +} + +pkg_postinst() { + tmpfiles_process redis-openvas.conf + optfeature "port scanner" net-analyzer/nmap + readme.gentoo_print_elog +} |