diff options
author | V3n3RiX <venerix@redcorelinux.org> | 2019-11-03 16:06:58 +0000 |
---|---|---|
committer | V3n3RiX <venerix@redcorelinux.org> | 2019-11-03 16:06:58 +0000 |
commit | bd4aeefe33e63f613512604e47bfca7b2187697d (patch) | |
tree | adb35b5a9a00ee7ea591ab0c987f70167c23b597 /net-analyzer/gvmd/files | |
parent | 48ece6662cbd443015f5a57ae6d8cbdbd69ef37c (diff) |
gentoo resync : 03.11.2019
Diffstat (limited to 'net-analyzer/gvmd/files')
-rw-r--r-- | net-analyzer/gvmd/files/greenbone-certdata-sync.conf | 1 | ||||
-rw-r--r-- | net-analyzer/gvmd/files/greenbone-nvt-sync.conf | 1 | ||||
-rw-r--r-- | net-analyzer/gvmd/files/greenbone-scapdata-sync.conf | 1 | ||||
-rw-r--r-- | net-analyzer/gvmd/files/gvmd-8.0.1-sbin.patch | 56 | ||||
-rw-r--r-- | net-analyzer/gvmd/files/gvmd-8.0.1-tmplock.patch | 34 | ||||
-rw-r--r-- | net-analyzer/gvmd/files/gvmd-daemon.conf | 29 | ||||
-rw-r--r-- | net-analyzer/gvmd/files/gvmd-startpre.sh | 5 | ||||
-rw-r--r-- | net-analyzer/gvmd/files/gvmd.init | 24 | ||||
-rw-r--r-- | net-analyzer/gvmd/files/gvmd.logrotate | 13 | ||||
-rw-r--r-- | net-analyzer/gvmd/files/gvmd.service | 21 |
10 files changed, 185 insertions, 0 deletions
diff --git a/net-analyzer/gvmd/files/greenbone-certdata-sync.conf b/net-analyzer/gvmd/files/greenbone-certdata-sync.conf new file mode 100644 index 000000000000..d31a7331d341 --- /dev/null +++ b/net-analyzer/gvmd/files/greenbone-certdata-sync.conf @@ -0,0 +1 @@ +COMMUNITY_CERT_RSYNC_FEED="rsync://feed.openvas.org:/cert-data" diff --git a/net-analyzer/gvmd/files/greenbone-nvt-sync.conf b/net-analyzer/gvmd/files/greenbone-nvt-sync.conf new file mode 100644 index 000000000000..967c41dec2e3 --- /dev/null +++ b/net-analyzer/gvmd/files/greenbone-nvt-sync.conf @@ -0,0 +1 @@ +COMMUNITY_NVT_RSYNC_FEED="rsync://feed.openvas.org:/nvt-feed" diff --git a/net-analyzer/gvmd/files/greenbone-scapdata-sync.conf b/net-analyzer/gvmd/files/greenbone-scapdata-sync.conf new file mode 100644 index 000000000000..4a7426bc8057 --- /dev/null +++ b/net-analyzer/gvmd/files/greenbone-scapdata-sync.conf @@ -0,0 +1 @@ +COMMUNITY_SCAP_RSYNC_FEED="rsync://feed.openvas.org:/scap-data" diff --git a/net-analyzer/gvmd/files/gvmd-8.0.1-sbin.patch b/net-analyzer/gvmd/files/gvmd-8.0.1-sbin.patch new file mode 100644 index 000000000000..bf21acb7b01f --- /dev/null +++ b/net-analyzer/gvmd/files/gvmd-8.0.1-sbin.patch @@ -0,0 +1,56 @@ +--- a/src/CMakeLists.txt 2019-07-17 17:11:52.000000000 +0300 ++++ b/src/CMakeLists.txt 2019-07-21 22:43:17.299106863 +0300 +@@ -248,12 +248,12 @@ + ## Install + + install (TARGETS ${BINARY_NAME} +- RUNTIME DESTINATION ${SBINDIR} ++ RUNTIME DESTINATION ${BINDIR} + LIBRARY DESTINATION ${LIBDIR} + ARCHIVE DESTINATION ${LIBDIR}/static) + + install (FILES ${CMAKE_CURRENT_BINARY_DIR}/gvmd +- DESTINATION ${SBINDIR}) ++ DESTINATION ${BINDIR}) + + if (BACKEND STREQUAL POSTGRESQL) + install (TARGETS gvm-pg-server +--- a/CMakeLists.txt 2019-07-22 11:31:13.430827400 +0300 ++++ b/CMakeLists.txt 2019-07-22 11:32:29.034765809 +0300 +@@ -571,17 +571,17 @@ + PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ) + + install (FILES ${CMAKE_BINARY_DIR}/tools/gvm-portnames-update +- DESTINATION ${SBINDIR} ++ DESTINATION ${BINDIR} + PERMISSIONS OWNER_EXECUTE OWNER_READ OWNER_WRITE + GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) + + install (FILES ${CMAKE_BINARY_DIR}/tools/greenbone-scapdata-sync +- DESTINATION ${SBINDIR} ++ DESTINATION ${BINDIR} + PERMISSIONS OWNER_EXECUTE OWNER_READ OWNER_WRITE + GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) + + install (FILES ${CMAKE_BINARY_DIR}/tools/greenbone-certdata-sync +- DESTINATION ${SBINDIR} ++ DESTINATION ${BINDIR} + PERMISSIONS OWNER_EXECUTE OWNER_READ OWNER_WRITE + GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) + +@@ -593,13 +593,13 @@ + WORLD_READ WORLD_EXECUTE) + + install (FILES ${CMAKE_BINARY_DIR}/tools/gvm-migrate-to-postgres +- DESTINATION ${SBINDIR} ++ DESTINATION ${BINDIR} + PERMISSIONS OWNER_EXECUTE OWNER_READ OWNER_WRITE + GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) + + if (BACKEND STREQUAL SQLITE3) + install (FILES ${CMAKE_SOURCE_DIR}/tools/database-statistics-sqlite +- DESTINATION ${SBINDIR} ++ DESTINATION ${BINDIR} + PERMISSIONS OWNER_EXECUTE OWNER_READ OWNER_WRITE + GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE) + endif (BACKEND STREQUAL SQLITE3) diff --git a/net-analyzer/gvmd/files/gvmd-8.0.1-tmplock.patch b/net-analyzer/gvmd/files/gvmd-8.0.1-tmplock.patch new file mode 100644 index 000000000000..40b1e0095578 --- /dev/null +++ b/net-analyzer/gvmd/files/gvmd-8.0.1-tmplock.patch @@ -0,0 +1,34 @@ +--- a/tools/greenbone-certdata-sync.in 2019-07-17 17:11:52.000000000 +0300 ++++ b/tools/greenbone-certdata-sync.in 2019-07-22 21:11:36.173099530 +0300 +@@ -494,13 +494,11 @@ + fi + ( + flock -n 9 +- date > $LOCK_FILE + if [ $? -eq 1 ] ; then + log_notice "Sync in progress, exiting." + exit 1 + fi + sync_certdata +- echo -n > $LOCK_FILE +-) 9>$LOCK_FILE ++) + + exit 0 +--- a/tools/greenbone-scapdata-sync.in 2019-07-17 17:11:52.000000000 +0300 ++++ b/tools/greenbone-scapdata-sync.in 2019-07-22 21:12:49.193161531 +0300 +@@ -517,13 +517,11 @@ + fi + ( + flock -n 9 +- date > $LOCK_FILE + if [ $? -eq 1 ] ; then + log_notice "Sync in progress, exiting." + exit 1 + fi + sync_scapdata +- echo -n > $LOCK_FILE +-) 9>$LOCK_FILE ++) + + exit 0 diff --git a/net-analyzer/gvmd/files/gvmd-daemon.conf b/net-analyzer/gvmd/files/gvmd-daemon.conf new file mode 100644 index 000000000000..d97da00c7688 --- /dev/null +++ b/net-analyzer/gvmd/files/gvmd-daemon.conf @@ -0,0 +1,29 @@ +# GVMD command args + +# e.g --foreground +GVMD_OPTIONS="" + +# Manager listen address unix socket +# Failing under non-root user (looking for solution) +GVMD_LISTEN_ADDRESS_UNIX="--unix-socket=/var/run/gvmd.sock" + +# Manager listen address TCP +GVMD_LISTEN_ADDRESS_TCP="--listen=127.0.0.1" + +# Manager listen port +GVMD_PORT="--port=9390" + +# Manager unix socket listen owner +GVMD_LISTEN_OWNER="--listen-owner=gvm" + +# Manager unix socket listen group +GVMD_LISTEN_GROUP="--listen-group=gvm" + +# Manager unix socket listen mode +GVMD_LISTEN_MODE="--listen-mode=755" + +# Scanner listen address unix socket +GVMD_SCANNER_HOST="--scanner-host=/var/run/openvassd.sock" + +# TLS settings +GVMD_GNUTLS_PRIORITIES="--gnutls-priorities=SECURE256:+SUITEB192:+SECURE192:+SECURE128:+SUITEB128:-MD5:-SHA1:-VERS-TLS1.0:-VERS-TLS1.1:-VERS-SSL3.0" diff --git a/net-analyzer/gvmd/files/gvmd-startpre.sh b/net-analyzer/gvmd/files/gvmd-startpre.sh new file mode 100644 index 000000000000..d04daa09b0a2 --- /dev/null +++ b/net-analyzer/gvmd/files/gvmd-startpre.sh @@ -0,0 +1,5 @@ +#!/bin/sh + +# Greenbone Vulnerability Manager Systemd ExecStartPre +touch /var/run/gvm-{checking,create-functions,helping,migrating,serving} +chown -R gvm:gvm /var/run/gvm-{checking,create-functions,helping,migrating,serving} diff --git a/net-analyzer/gvmd/files/gvmd.init b/net-analyzer/gvmd/files/gvmd.init new file mode 100644 index 000000000000..9686c9b5398e --- /dev/null +++ b/net-analyzer/gvmd/files/gvmd.init @@ -0,0 +1,24 @@ +#!/sbin/openrc-run +# Copyright 1999-2019 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +: ${GVMD_USER:=gvm} +: ${GVMD_GROUP:=gvm} +: ${GVMD_TIMEOUT:=30} + +name="Greenbone Vulnerability Manager" +command=/usr/bin/gvmd +command_args="${GVMD_OPTIONS} ${GVMD_LISTEN_ADDRESS_TCP} ${GVMD_PORT} ${GVMD_SCANNER_HOST} ${GVMD_GNUTLS_PRIORITIES}" +command_background="true" +command_user="${GVMD_USER}:${GVMD_GROUP}" +pidfile="/run/gvmd.pid" +retry="${GVMD_TIMEOUT}" + +depend() { + after bootmisc + need localmount net openvassd +} + +start_pre() { + /bin/bash /etc/gvm/gvmd-startpre.sh +} diff --git a/net-analyzer/gvmd/files/gvmd.logrotate b/net-analyzer/gvmd/files/gvmd.logrotate new file mode 100644 index 000000000000..453462575f8b --- /dev/null +++ b/net-analyzer/gvmd/files/gvmd.logrotate @@ -0,0 +1,13 @@ +# Copyright 1999-2019 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 +# Daemon ignore HUP so we use 'copytruncate' instead of 'create' +# with safe file size to prevent losing log entries. + +/var/log/gvm/gvmd.log { + compress + missingok + notifempty + sharedscripts + copytruncate + maxsize 10M +} diff --git a/net-analyzer/gvmd/files/gvmd.service b/net-analyzer/gvmd/files/gvmd.service new file mode 100644 index 000000000000..2e3ad84c85a5 --- /dev/null +++ b/net-analyzer/gvmd/files/gvmd.service @@ -0,0 +1,21 @@ +[Unit] +Description=Greenbone Vulnerability Manager +After=network.target +After=openvassd.service +Wants=openvassd.service +Before=gsad.service + +[Service] +Type=forking +PrivateTmp=yes +User=gvm +Group=gvm +PermissionsStartOnly=true +EnvironmentFile=-/etc/gvm/sysconfig/gvmd-daemon.conf +ExecStartPre=-/etc/gvm/gvmd-startpre.sh +ExecStart=/usr/bin/gvmd $GVMD_OPTIONS $GVMD_LISTEN_ADDRESS_TCP $GVMD_PORT $GVMD_SCANNER_HOST $GVMD_GNUTLS_PRIORITIES +Restart=on-failure +RestartSec=10 + +[Install] +WantedBy=multi-user.target |