commit: 73d0bd24fdc3fc390c94366d704540648c0b9e63
Author: Giuseppe Foti <foti.giuseppe <AT> gmail <DOT> com>
AuthorDate: Sat May 20 17:22:43 2023 +0000
Commit: Florian Schmaus <flow <AT> gentoo <DOT> org>
CommitDate: Mon Jul 3 08:15:23 2023 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=73d0bd24
net-analyzer/notus-scanner: new package, add 22.5.0
Signed-off-by: Giuseppe Foti <foti.giuseppe <AT> gmail.com>
Signed-off-by: Florian Schmaus <flow <AT> gentoo.org>
net-analyzer/notus-scanner/Manifest | 1 +
.../notus-scanner/files/notus-scanner.confd | 11 ++++
.../notus-scanner/files/notus-scanner.initd | 23 ++++++++
.../notus-scanner/files/notus-scanner.service.conf | 7 +++
.../notus-scanner/files/notus-scanner.toml | 8 +++
net-analyzer/notus-scanner/metadata.xml | 19 +++++++
.../notus-scanner/notus-scanner-22.5.0.ebuild | 63 ++++++++++++++++++++++
profiles/features/musl/package.mask | 1 +
8 files changed, 133 insertions(+)
diff --git a/net-analyzer/notus-scanner/Manifest
b/net-analyzer/notus-scanner/Manifest
new file mode 100644
index 000000000000..653ff84e4195
--- /dev/null
+++ b/net-analyzer/notus-scanner/Manifest
@@ -0,0 +1 @@
+DIST notus-scanner-22.5.0.tar.gz 320894 BLAKE2B
3bf0cb633ad2636d9430705459d841b717139b162bd39f30a6bf06dafe1647b94c0e791b05390d340f97a4ff83351cbd71be6d5b1793dda82c6cad9250ce18c2
SHA512
48576d26a65c439fb00b345d97ba9917c3c2bf99ab5c94ed4488e4638c0442fdcd721ed8a08be147481a01bffc3eadec25029c0d6cd1aed2381221250b16c19d
diff --git a/net-analyzer/notus-scanner/files/notus-scanner.confd
b/net-analyzer/notus-scanner/files/notus-scanner.confd
new file mode 100644
index 000000000000..5000145abaeb
--- /dev/null
+++ b/net-analyzer/notus-scanner/files/notus-scanner.confd
@@ -0,0 +1,11 @@
+# Notus Scanner command args
+
+NOTUS_SCANNER_OPTIONS="--log-file=/var/log/gvm/notus-scanner.log"
+
+NOTUS_SCANNER_MQTT_BROKER_ADDRESS="--mqtt-broker-address localhost"
+
+NOTUS_SCANNER_MQTT_BROKER_PORT="--mqtt-broker-port 1883"
+
+NOTUS_SCANNER_PRODUCTS_DIRECTORY="--products-directory /var/lib/notus/products"
+
+NOTUS_DISABLE_HASHSUM_VERIFICATION="--disable-hashsum-verification false"
diff --git a/net-analyzer/notus-scanner/files/notus-scanner.initd
b/net-analyzer/notus-scanner/files/notus-scanner.initd
new file mode 100644
index 000000000000..e00e9118e32e
--- /dev/null
+++ b/net-analyzer/notus-scanner/files/notus-scanner.initd
@@ -0,0 +1,23 @@
+#!/sbin/openrc-run
+# Copyright 2023Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+name="Greenbone Notus Scanner"
+command=/usr/bin/notus-scanner
+pidfile="/run/notus-scanner/${RC_SVCNAME}.pid"
+command_args="${NOTUS_SCANNER_OPTIONS} \
+ ${NOTUS_SCANNER_MQTT_BROKER_ADDRESS} \
+ ${NOTUS_SCANNER_MQTT_BROKER_PORT} \
+ ${NOTUS_SCANNER_PRODUCTS_DIRECTORY} \
+ ${NOTUS_DISABLE_HASHSUM_VERIFICATION} \
+ --pid-file ${pidfile} \
+ --config /etc/gvm/notus-scanner.toml"
+
+depend() {
+ after bootmisc
+ need localmount mosquitto
+}
+
+start_pre() {
+ checkpath -d /var/run/notus-scanner
+}
diff --git a/net-analyzer/notus-scanner/files/notus-scanner.service.conf
b/net-analyzer/notus-scanner/files/notus-scanner.service.conf
new file mode 100644
index 000000000000..aea5c10e8fad
--- /dev/null
+++ b/net-analyzer/notus-scanner/files/notus-scanner.service.conf
@@ -0,0 +1,7 @@
+[Unit]
+PartOf=gvm.target
+
+[Service]
+Type=forking
+ExecStart=
+ExecStart=/usr/bin/notus-scanner
diff --git a/net-analyzer/notus-scanner/files/notus-scanner.toml
b/net-analyzer/notus-scanner/files/notus-scanner.toml
new file mode 100644
index 000000000000..cff33c77afc8
--- /dev/null
+++ b/net-analyzer/notus-scanner/files/notus-scanner.toml
@@ -0,0 +1,8 @@
+[notus-scanner]
+mqtt-broker-address = "localhost"
+mqtt-broker-port = "1883"
+products-directory = "/var/lib/notus/products"
+pid-file = "/run/notus-scanner/notus-scanner.pid"
+log-file = "/var/log/gvm/notus-scanner.log"
+log-level = "INFO"
+disable-hashsum-verification = false
diff --git a/net-analyzer/notus-scanner/metadata.xml
b/net-analyzer/notus-scanner/metadata.xml
new file mode 100644
index 000000000000..06038ba8d06e
--- /dev/null
+++ b/net-analyzer/notus-scanner/metadata.xml
@@ -0,0 +1,19 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd";>
+<pkgmetadata>
+ <maintainer type="person" proxied="yes">
+ <email>[email protected]</email>
+ <name>Giuseppe Foti</name>
+ </maintainer>
+ <maintainer type="project" proxied="proxy">
+ <email>[email protected]</email>
+ <name>Proxy Maintainers</name>
+ </maintainer>
+ <longdescription lang="en">
+ This is a new scanner that scans after every regular
scan, so no user interaction is necessary.
+ It offers better performance due to less system
resource consumption and thus, faster scanning.
+ </longdescription>
+ <upstream>
+ <remote-id type="github">greenbone/notus-scanner</remote-id>
+ </upstream>
+</pkgmetadata>
diff --git a/net-analyzer/notus-scanner/notus-scanner-22.5.0.ebuild
b/net-analyzer/notus-scanner/notus-scanner-22.5.0.ebuild
new file mode 100644
index 000000000000..3d2b52bf6bee
--- /dev/null
+++ b/net-analyzer/notus-scanner/notus-scanner-22.5.0.ebuild
@@ -0,0 +1,63 @@
+# Copyright 1999-2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+PYTHON_COMPAT=( python3_{10..11} )
+DISTUTILS_USE_PEP517=poetry
+inherit distutils-r1 systemd
+
+DESCRIPTION="Notus is a vulnerability scanner for creating results from local
security checks"
+HOMEPAGE="https://github.com/greenbone/notus-scanner";
+SRC_URI="https://github.com/greenbone/notus-scanner/archive/refs/tags/v${PV}.tar.gz
-> ${P}.tar.gz"
+
+SLOT="0"
+LICENSE="AGPL-3 AGPL-3+"
+KEYWORDS="~amd64 ~x86"
+RESTRICT="!test? ( test )"
+
+DEPEND="
+ acct-user/gvm
+ dev-libs/paho-mqtt-c
+ dev-python/psutil[${PYTHON_USEDEP}]
+ >=dev-python/python-gnupg-0.5.0[${PYTHON_USEDEP}]
+ <dev-python/packaging-23.2[${PYTHON_USEDEP}]
+ >=dev-python/sentry-sdk-1.22.2[${PYTHON_USEDEP}]
+ >=dev-python/rope-1.8.0[${PYTHON_USEDEP}]
+ >=dev-python/paho-mqtt-1.5.1[${PYTHON_USEDEP}]
+ <dev-python/tomli-3[${PYTHON_USEDEP}]
+"
+
+RDEPEND="
+ ${DEPEND}
+ app-misc/mosquitto
+"
+
+distutils_enable_tests unittest
+
+python_compile() {
+ distutils-r1_python_compile
+}
+
+python_install() {
+ distutils-r1_python_install
+ insinto /etc/gvm
+ doins "${FILESDIR}/${PN}.toml"
+ fowners gvm:gvm "/etc/gvm/${PN}.toml"
+
+ # Set proper permissions on required files/directories
+ keepdir /var/lib/notus
+ keepdir /var/lib/notus/products
+ keepdir /var/lib/notus/advisories
+ if ! use prefix; then
+ fowners -R gvm:gvm /var/lib/notus
+ fi
+
+ newinitd "${FILESDIR}/${PN}.initd" "${PN}"
+ newconfd "${FILESDIR}/${PN}.confd" "${PN}"
+
+ systemd_dounit config/${PN}.service
+
+ systemd_install_serviced "${FILESDIR}/notus-scanner.service.conf" \
+ ${PN}.service
+}
diff --git a/profiles/features/musl/package.mask
b/profiles/features/musl/package.mask
index 3003915d03db..0e288e530d07 100644
--- a/profiles/features/musl/package.mask
+++ b/profiles/features/musl/package.mask
@@ -73,6 +73,7 @@ sys-apps/noexec
# Giuseppe Foti <[email protected]> (2023-05-19)
# New packages that require blocked packages in the previous block.
dev-db/pg-gvm
+net-analyzer/notus-scanner
# Petr Vaněk <[email protected]> (2022-09-23)
# Musl does not implement rresvport function, bugs #713810 and #713376.
