commit: afc85202ab1b002e5a235b13d7a130d3e2ed7bca
Author: Giuseppe Foti <foti.giuseppe <AT> gmail <DOT> com>
AuthorDate: Sat May 20 17:25:01 2023 +0000
Commit: Florian Schmaus <flow <AT> gentoo <DOT> org>
CommitDate: Mon Jul 3 08:15:23 2023 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=afc85202
net-analyzer/openvas-scanner: add 22.7.2
Signed-off-by: Giuseppe Foti <foti.giuseppe <AT> gmail.com>
Signed-off-by: Florian Schmaus <flow <AT> gentoo.org>
net-analyzer/openvas-scanner/Manifest | 1 +
net-analyzer/openvas-scanner/files/README.gentoo | 3 +
net-analyzer/openvas-scanner/files/openvas.conf-22 | 1 +
.../openvas-scanner/files/redis-openvas.confd | 20 +++
.../openvas-scanner/files/redis-openvas.initd | 25 ++++
.../openvas-scanner/files/redis-openvas.service | 13 ++
.../openvas-scanner/files/redis-openvas.tmpfiles | 2 +
net-analyzer/openvas-scanner/metadata.xml | 4 +
.../openvas-scanner/openvas-scanner-22.7.2.ebuild | 154 +++++++++++++++++++++
9 files changed, 223 insertions(+)
diff --git a/net-analyzer/openvas-scanner/Manifest
b/net-analyzer/openvas-scanner/Manifest
index f305491728b5..ccffb76d4e52 100644
--- a/net-analyzer/openvas-scanner/Manifest
+++ b/net-analyzer/openvas-scanner/Manifest
@@ -1 +1,2 @@
DIST openvas-scanner-21.4.4.tar.gz 460601 BLAKE2B
66d627e76912735539399aed637fdc07a7d13c9e4eb142498dcf181b8ea952dd93107bcc1f2ef577126178ff3dad1e5f6e50d67840692cd49f7352e3a726ce8f
SHA512
f2fe1f802b14fc41ee0d7657d031d318b651c3ec9ef554b33379a7459d40c17b44525c8f666ccb9670868576c101766936dd0c700778e46683bf43f0683834b6
+DIST openvas-scanner-22.7.2.tar.gz 924274 BLAKE2B
71b954c717f0be1634cf3561aa82c3b66af160c81b2b403b2be0d1247cad4cdfbd6779677c7d23d35c0f0e4e45b5ab30b4e1687a6b5c1b460cb034a87592b09c
SHA512
cced0b3dd56cc85aa69ca7de7229c9e1a1103afd38fbf15776d29a6558c04b3e361acc3fb872f77f7f23c69339ffa25ef5ecd217ef7dafa42534547d039d8f9b
diff --git a/net-analyzer/openvas-scanner/files/README.gentoo
b/net-analyzer/openvas-scanner/files/README.gentoo
new file mode 100644
index 000000000000..16547c23c7b4
--- /dev/null
+++ b/net-analyzer/openvas-scanner/files/README.gentoo
@@ -0,0 +1,3 @@
+The redis configuration file is located in:
+/etc/gvm/redis-openvas.conf
+Please apply your changes to the new configuration files.
diff --git a/net-analyzer/openvas-scanner/files/openvas.conf-22
b/net-analyzer/openvas-scanner/files/openvas.conf-22
new file mode 100644
index 000000000000..b2d964ff4b53
--- /dev/null
+++ b/net-analyzer/openvas-scanner/files/openvas.conf-22
@@ -0,0 +1 @@
+db_address = /run/redis-openvas/redis.sock
diff --git a/net-analyzer/openvas-scanner/files/redis-openvas.confd
b/net-analyzer/openvas-scanner/files/redis-openvas.confd
new file mode 100644
index 000000000000..2e9ec5cfbf16
--- /dev/null
+++ b/net-analyzer/openvas-scanner/files/redis-openvas.confd
@@ -0,0 +1,20 @@
+# Redis user.
+REDIS_USER="gvm"
+
+# Redis group.
+REDIS_GROUP="gvm"
+
+# Redis configuration file.
+REDIS_CONF="/etc/gvm/redis-openvas.conf"
+
+# Redis dump directory.
+REDIS_DIR="/var/lib/gvm/redis"
+
+# Redis options.
+# (Redis expects the first argument to be the configuration file.)
+REDIS_OPTS="${REDIS_CONF}"
+
+# Specify the network service that corresponds to the "bind" setting
+# in your redis.conf. For example, if you bind to 127.0.0.1, this should
+# be set to "net.lo" which provides the loopback interface.
+rc_need="net.lo"
diff --git a/net-analyzer/openvas-scanner/files/redis-openvas.initd
b/net-analyzer/openvas-scanner/files/redis-openvas.initd
new file mode 100644
index 000000000000..5c50d29dae6a
--- /dev/null
+++ b/net-analyzer/openvas-scanner/files/redis-openvas.initd
@@ -0,0 +1,25 @@
+#!/sbin/openrc-run
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+: ${REDIS_DIR:=/var/lib/gvm/redis}
+: ${REDIS_CONF:=/etc/gvm/redis-openvas.conf}
+: ${REDIS_OPTS:="${REDIS_CONF}"}
+: ${REDIS_USER:=gvm}
+: ${REDIS_GROUP:=gvm}
+: ${REDIS_TIMEOUT:=30}
+
+# https://bugs.gentoo.org/631002#c10
+# Force '--daemonize no' to override the config file
+command="/usr/sbin/redis-server"
+command_args="${REDIS_OPTS} --daemonize no"
+command_background="true"
+command_user="${REDIS_USER}:${REDIS_GROUP}"
+pidfile="/run/${RC_SVCNAME}/redis-server.pid"
+retry="${REDIS_TIMEOUT}"
+start_stop_daemon_args="--chdir \"${REDIS_DIR}\""
+
+depend() {
+ use localmount logger
+ after keepalived
+}
diff --git a/net-analyzer/openvas-scanner/files/redis-openvas.service
b/net-analyzer/openvas-scanner/files/redis-openvas.service
new file mode 100644
index 000000000000..5eb8dd29e287
--- /dev/null
+++ b/net-analyzer/openvas-scanner/files/redis-openvas.service
@@ -0,0 +1,13 @@
+[Unit]
+Description=A persistent key-value database
+After=syslog.target network.target
+PartOf=gvm.target
+
+[Service]
+Type=forking
+PIDFile=/run/redis-openvas/redis-server.pid
+ExecStart=/usr/sbin/redis-server /etc/gvm/redis-openvas.conf
+User=gvm
+
+[Install]
+WantedBy=multi-user.target
diff --git a/net-analyzer/openvas-scanner/files/redis-openvas.tmpfiles
b/net-analyzer/openvas-scanner/files/redis-openvas.tmpfiles
new file mode 100644
index 000000000000..6dea2932cc0b
--- /dev/null
+++ b/net-analyzer/openvas-scanner/files/redis-openvas.tmpfiles
@@ -0,0 +1,2 @@
+# redis runtime directory
+d /run/redis-openvas 0755 gvm root -
diff --git a/net-analyzer/openvas-scanner/metadata.xml
b/net-analyzer/openvas-scanner/metadata.xml
index 20db261053a1..8b98cc0ee111 100644
--- a/net-analyzer/openvas-scanner/metadata.xml
+++ b/net-analyzer/openvas-scanner/metadata.xml
@@ -1,6 +1,10 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd";>
<pkgmetadata>
+ <maintainer type="person" proxied="yes">
+ <email>[email protected]</email>
+ <name>Giuseppe Foti</name>
+ </maintainer>
<maintainer type="person" proxied="yes">
<email>[email protected]</email>
<name>Jonas Licht</name>
diff --git a/net-analyzer/openvas-scanner/openvas-scanner-22.7.2.ebuild
b/net-analyzer/openvas-scanner/openvas-scanner-22.7.2.ebuild
new file mode 100644
index 000000000000..fec03e1535be
--- /dev/null
+++ b/net-analyzer/openvas-scanner/openvas-scanner-22.7.2.ebuild
@@ -0,0 +1,154 @@
+# Copyright 1999-2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit cmake systemd tmpfiles toolchain-funcs readme.gentoo-r1 optfeature
+
+MY_PN="openvas"
+MY_DN="openvassd"
+
+DESCRIPTION="Open Vulnerability Assessment Scanner"
+HOMEPAGE="https://www.greenbone.net
https://github.com/greenbone/openvas-scanner/";
+SRC_URI="https://github.com/greenbone/openvas-scanner/archive/v${PV}.tar.gz ->
${P}.tar.gz"
+
+SLOT="0"
+LICENSE="GPL-2 GPL-2+"
+KEYWORDS="~amd64 ~x86"
+IUSE="doc snmp test"
+RESTRICT="!test? ( test )"
+
+DEPEND="
+ acct-user/gvm
+ dev-db/redis
+ dev-libs/glib:2
+ >=dev-libs/json-glib-1.4.4
+ >=net-libs/gnutls-3.2.15
+ >=net-analyzer/gvm-libs-22.4
+ net-libs/libpcap
+ app-crypt/gpgme:=
+ dev-libs/libgcrypt:=
+ dev-libs/libgpg-error
+ >=dev-libs/libksba-1.0.7
+ >=net-libs/libssh-0.6.0
+ dev-libs/libbsd
+ snmp? ( net-analyzer/net-snmp:= )
+"
+RDEPEND="${DEPEND}"
+BDEPEND="
+ >=sys-devel/bison-2.5
+ sys-devel/flex
+ virtual/pkgconfig
+ doc? (
+ app-doc/doxygen[dot]
+ app-doc/xmltoman
+ app-text/htmldoc
+ dev-perl/CGI
+ dev-perl/SQL-Translator
+ virtual/pandoc
+ )
+ test? ( dev-libs/cgreen )
+"
+
+src_prepare() {
+ cmake_src_prepare
+ # QA-Fix | Correct FHS/Gentoo policy paths for 7.0.0
+ sed -i -e "s*/doc/openvas-scanner/*/doc/openvas-scanner-${PV}/*g"
"${S}"/src/CMakeLists.txt || die
+ # QA-Fix | Remove !CLANG doxygen warnings for 7.0.0
+ if use doc; then
+ if ! tc-is-clang; then
+ local f
+ for f in doc/*.in
+ do
+ sed -i \
+ -e "s*CLANG_ASSISTED_PARSING =
NO*#CLANG_ASSISTED_PARSING = NO*g" \
+ -e "s*CLANG_OPTIONS*#CLANG_OPTIONS*g" \
+ "${f}" || die "couldn't disable CLANG parsing"
+ done
+ fi
+ fi
+
+ #Remove tests that doesn't work in the network sandbox
+ if use test; then
+ sed -i 's/add_test (pcap-test pcap-test)/ /g'
misc/CMakeLists.txt || die
+ fi
+}
+
+src_configure() {
+ local mycmakeargs=(
+ "-DLOCALSTATEDIR=${EPREFIX}/var"
+ "-DSYSCONFDIR=${EPREFIX}/etc"
+ "-DSBINDIR=${EPREFIX}/usr/bin"
+
"-DOPENVAS_FEED_LOCK_PATH=${EPREFIX}/var/lib/openvas/feed-update.lock"
+ "-DBUILD_WITH_SNMP=$(usex snmp)"
+ "-DPENVAS_RUN_DIR=/run/ospd"
+ "-DINSTALL_OLD_SYNC_SCRIPT=OFF"
+ )
+ cmake_src_configure
+}
+
+src_compile() {
+ cmake_src_compile
+ if use doc; then
+ cmake_build -C "${BUILD_DIR}" doxygen-full manual
+ fi
+ cmake_build rebuild_cache
+ if use test; then
+ cmake_build tests
+ fi
+}
+
+src_install() {
+ if use doc; then
+ mv "${BUILD_DIR}"/doc/html "${BUILD_DIR}"/doc/html-manual || die
+ local HTML_DOCS=(
+ "${BUILD_DIR}"/doc/generated/html/.
+ "${BUILD_DIR}"/doc/html-manual
+ )
+ fi
+ cmake_src_install
+
+ insinto /etc/logrotate.d
+ newins "${FILESDIR}/${MY_DN}.logrotate" "${MY_DN}"
+
+ # Set proper permissions on required files/directories
+ keepdir /var/log/gvm
+ if ! use prefix; then
+ fowners gvm:gvm /var/log/gvm
+ fi
+
+ keepdir /var/lib/openvas/{gnupg,plugins}
+ if ! use prefix; then
+ fowners -R gvm:gvm /var/lib/openvas
+ fi
+
+ insinto /etc/openvas
+ newins "${FILESDIR}/openvas.conf-22" openvas.conf
+
+ systemd_newunit "${FILESDIR}/redis-openvas.service"
redis-openvas.service
+ newtmpfiles "${FILESDIR}/redis-openvas.tmpfiles" redis-openvas.conf
+
+ insinto /etc/gvm
+ doins config/redis-openvas.conf
+ use prefix || fowners -R gvm:gvm /etc/gvm /etc/gvm/redis-openvas.conf
+ fperms 0750 /etc/gvm
+ fperms 0644 /etc/gvm/redis-openvas.conf
+
+ newconfd "${FILESDIR}/redis-openvas.confd" redis-openvas
+ newinitd "${FILESDIR}/redis-openvas.initd" redis-openvas
+
+ if use prefix; then
+ diropts -m0750
+ else
+ diropts -m0750 -o gvm -g gvm
+ fi
+ keepdir /var/lib/openvas/redis
+
+ readme.gentoo_create_doc
+}
+
+pkg_postinst() {
+ tmpfiles_process redis-openvas.conf
+ optfeature "port scanner" net-analyzer/nmap
+ readme.gentoo_print_elog
+}
