gentoo resync : 03.11.2019

author: V3n3RiX <venerix@redcorelinux.org> 2019-11-03 16:06:58 +0000
committer: V3n3RiX <venerix@redcorelinux.org> 2019-11-03 16:06:58 +0000
commit: bd4aeefe33e63f613512604e47bfca7b2187697d (patch)
tree: adb35b5a9a00ee7ea591ab0c987f70167c23b597 /net-analyzer/openvas-scanner
parent: 48ece6662cbd443015f5a57ae6d8cbdbd69ef37c (diff)
11 files changed, 409 insertions, 1 deletions
diff --git a/net-analyzer/openvas-scanner/Manifest b/net-analyzer/openvas-scanner/Manifest
index c6890335a0ce..184c0e4075bb 100644
--- a/net-analyzer/openvas-scanner/Manifest
+++ b/net-analyzer/openvas-scanner/Manifest
@@ -1,13 +1,23 @@
+AUX gvm-feed-sync.cron 98 BLAKE2B d0af35e85c0c84e6d848de26fbf3f03e8a7473cea9d46c513fbb0d46f1664a516c334221773309d4f9682187a0f46a447320772d52c9826cc8525df26d0b2c38 SHA512 06526d33017c83c7342d9c356fb80e22f7a145bf8cae9bd49a7c74ae5854f7248b2b3609bc0f423b7a3babaad59a4b92ba14873f7f4e20e4cd5af7eb9c01c5d0
+AUX gvm-feed-sync.sh 1037 BLAKE2B 6ef8a375a06c0ce5a6181ee26eccdfaba09a5d935c56b98bed4435fdaee6b068f8cf87889789d4108361c6c2e83fa1979d533519c47f0d621f63423c43aa96a9 SHA512 a2abb96e268c8d7f74f61cc509730e4949894fe4225b22cb0f9d4fe2b215da70cc96c79405f59f3b05e290a45de2eeeb5d5ecf632cb23da80dd2102d4900b78a
 AUX openvas-scanner-5.1.3-cachedir.patch 1605 BLAKE2B d5e54d1196000fe9f8a65efcf3d71f3ef29af1cfff5fedbfe7cd753a731e6bd4be6c1f24534b87a2194dcfa146d156ed0ddae076e72bfd229e1e01497985d7a1 SHA512 27efb9e318137390592652db1444141910ddf7975ada760bc6914c21c4eb11e4ded1aa377c37f5c7a67dfd145ec723fd77bbdd9b8ac0af6bf317a07d54642d11
 AUX openvas-scanner-5.1.3-gcc8.patch 1253 BLAKE2B ef876d70238b3b0fdaea320fdb9bcffc520bbe6762f220678a39bd99853fcabb27ed3bd44a0e02a7e1e8b93d3af530e4d4b33baaf1060c8b0589593ef5b30e8e SHA512 817e27de3b2d16bce81d3c1abbc6ced63cd6f272762ac00a8bc9ab6c5ccb765c81df1158caed58c64f897712c78fb7f0a02dcb2137dd859c3d48725e6e2699d6
 AUX openvas-scanner-5.1.3-nvt.patch 2576 BLAKE2B fed6211a6c4e9f1bed4abedf218e17f0d863e59de869424398d845e479d037f96758486fc03727c14e036814c2efa4e9dab940e032507339a1b6f2f2cda4c4c6 SHA512 b3f6b8cba51fb6c6d0eab189391a848e8f33d24f3b59bcd8f48b562812b1f79a46f3b92b01a8f231a765616fde6c0b37634f9845a5e4ba453c4aeeafed0ce8c1
+AUX openvas-scanner-6.0.1-sbin.patch 716 BLAKE2B 41883486bfa0cb27c4a05ae7290b69227b166c9179546434aece15d1aa2b380f6f9da9afdbfb684ffc68a93f4dd63093b7ce2308d67ca8f806d2cd8e12433819 SHA512 66e2a99f6c7a6d0053bbb4fa797818681983a07ad66814ae0c577b27b37d41054f6241ddd3c017a0928eddef3f2d342480b4a668402c68d28bbf48c357e65b05
 AUX openvas-scanner-daemon.conf 176 BLAKE2B 9e0a248736617d3d0a163f3586db92da4a5f273b354a472977b411d29ace507977228407a57cf11378af6ce95275a3d72518ba1b069bdc7293c2fe20d7e29e0b SHA512 3b5dcae3d2770769e627e28064e73746f9ad22aca5c9927e04583bfc3907fa538c2010bd0e5de3737979cede63d44175a645adb55391a5e2a71e96e6d31dd1f9
 AUX openvas-scanner.init 620 BLAKE2B a32349eed21d71e4968ee09fdff007aab532943e093e6b1aed9c26c474c2ab419dc5eb2e382300be85d6d34c57a521b3ac67dc1a44dd3c8045bd94aac19ea6e4 SHA512 e77c5e383504817e9ab0a98517f3e5553458b482f576f1f1965d26c5808ec7f2eac836dff0248f0f6be8dfb22aa188232c9df85af4104cc5730ad587dd52a2b0
 AUX openvas-scanner.logrotate 222 BLAKE2B 264e3b0fa47f7d933ee1f9c5d120e267a8387df8c8e5cfb8b09b23d28b983c666684430dc9aa389938dac71bef69480d74ab24fd393134ed33d9a3518314c91e SHA512 1c8b50626de9bcd7d26323d82d28ae4d25f5ce0382cfb0b16b91e58e75c05f565c7cdf19fe441647b5cd3c2ebc312b171eb6fa22c310fac1f76a0629544f030c
 AUX openvas-scanner.service 455 BLAKE2B be6f94c3d383ea1c647effc462aeddac384e4c2507a9f1145d4dc39badcb810cbca7d4c8eba74e64942d2a5895b058cad7ac3fdcfaa4c5de7335cefcb70db366 SHA512 108a13b9cbbb86acc99a4271fa5b1a051022e42f30866bd490ae606c1ffac202c61aa5bf5a1f7ee10b276484135f8f868625debbb142a802c0ff2a4c011a8206
 AUX openvas-scanner.tmpfiles.d 28 BLAKE2B b9343651fc4923451b02a5f72cad7da95e4d790a7b77eb72ca239588568a5d2b88cad1f9f698ad61403c332a44005989e8d6e67ff1ad06cab26abdf67f8d8621 SHA512 b5d98625495353d32bdcaecf5499e2cbe3a8b1a84b067018b61f2ce6e110b0e3a14a061e8791c08891a7058976555a2c7971b48c90f690605129deb457b7b754
+AUX openvassd-daemon.conf 394 BLAKE2B 9dd55e29004d6d55f0cd44568b3b22aab21cb4ed88969934e5b1905cdfb05017843ee46f59297f8cba5d7b9db35a0b9c906d1f00075c4361d57e039d7d0cf601 SHA512 c8076ecaa04824e45d7b9b90e63c530d8bbcec6ca22b4ac4d3f2b661f05b8a684f6bef340f9f4524a311c19efa85013199f2de5088efe799969bde301ebe1e82
 AUX openvassd.conf 1288 BLAKE2B d1ae7db928d797014e0382d8be3a08793efbcaa3663629c0d1c6c2d871ccf16588605fa4be21d71556893092b21ecfef72c31d40411d35dd97f8652eca6232c0 SHA512 5bb499fcd03aac4de981a64a17fa760b29b1f83d0afcdb73cdfdeb0f492b02bc383d32544fd133c6b953e73ea9ff0dc042e8dba76c22def3ee00d6f3bdd980b8
+AUX openvassd.gvm.conf 3577 BLAKE2B dd7452f0c9e63e431cf03553e221f802f7f7463ba36ad64fe18db12a44c3e7c0c4ded80cf4b7ab346a877e95271e5b10b7811d431be533eea2bb98eab53a9cee SHA512 dde7b0fe72e5dd551afdd3817562d785c95a03bbc109465490d65f81dc02a546e9d499a0c937828d2e38d357b9a7deadde12b2408307ea02a47c651c9fff4181
+AUX openvassd.init 480 BLAKE2B 28dfdabe7935ce55615fb36e6ddae3c36c84793ba01f6d3c92274a2fea1e44efe3f96bd3e7016740f4dcabff034173b541058d18f99081bd232a098a56d8e572 SHA512 1b0f13ab77f332708e9efb9cad06c47e61e47f68597c797e3f5140a921acaa2b856c10003938f737a20b534caaee7d3bb446d427373d8be8ef3fe7c83ee11b82
+AUX openvassd.logrotate 330 BLAKE2B faf900a6882bb23c29859080d0c140c9dde8dcab42f31c31bfd43342beedab0bfe711f4e918aba5c7f8e5bb91430e251e270d0bc2e6f49e84ce98cdbbfe6d023 SHA512 397c9fd0d63ab66b463f65b6d235ec3e4e6ca52a3c811ddd4efcaeffc05fed8f9cd97605f439a628c144ecc1cfcfd31290d2a9dc6e57e8197d063b4aee63d73b
+AUX openvassd.service 472 BLAKE2B 528c25dbc32cd742753eb6b155a9221f0adde0e792b1e7af376b714831bcc210a228f5a87089f449f6f0e808f46f45d40fd68d9caed44530d57d99c37dbb8b0d SHA512 3497382e6540ddc341cf17e63f1c8d2250249bb51f8dbe379d48c1f90e81d00fdf03349a4dd08c6c6c2dc7336b385fa892b316ff2315a623952d8a2db33681bd
 AUX redis.conf.example 1351 BLAKE2B ad1a99404360b76144944793b2994554799bcc6624abce68524773b7f748075b8bcec79dcf94d2f400132a424a5147a3675d67f48d23a46e28a6afdca83e50a3 SHA512 b5024c26696f49e5d453cef7a0e3838a3fa557b2339a250f95d5367a30564b8a62733c86901ae000f62e916d73162188fbca1c56ed3a078dd99e8e8db1cc2c64
 DIST openvas-scanner-5.1.3.tar.gz 254159 BLAKE2B d90fa15e143ead53abce66f933a3a4cac327176cca0f23bd88fe771ed7726b1891784ae980644c8335e560d348753115e43cfae83af9704e2d1d02827163563f SHA512 5712ab275058877cfd656e268ed09c81db6617ae247c17092f1fcd037f692f2018daf21b09b82401f99a7361bb485f0e0f7d63f8ff2387839cfdd5a3aaf8424e
+DIST openvas-scanner-6.0.1.tar.gz 522100 BLAKE2B af82b41736329bd90ba1ea73a0ace36d4115375f81a7aaff5d3bd50f21cfa3195cdf4012aa952da52c4103a31475de5c5790ef3e2e36180aa06737371fa0e5a0 SHA512 db4087fffe1d50e232fa1e51325cf7f142237e2bd3cc5dcaa1e7058a4871300f352f2c0e700eae72ea9412c347b072e9d1f2eca508b27cb30f36c6895ec95147
 EBUILD openvas-scanner-5.1.3.ebuild 2142 BLAKE2B 5984c99659d1a41c3739a1de5077f5ca8dd25c668e97c7a1f59a6efceb95fed25daceb8c8f6b5971c842e016d1843dff8527d253d1347ea0d91a67d633c2d859 SHA512 d66a67f3803c071f20e6a1c9132ca771e9286f9c6446e781b6077323ae32417d2061169543c34de91f3a9ca1ec7a4bfaf9472aead66b983a46d163ea88137480
-MISC metadata.xml 435 BLAKE2B 4d40c4dcffe9bfd81d1c1b517b4e6d6e1e658f9d6be65f8ad962ecbbee78bf0cc6bbb5805f2e056375c7371697a453453f8eeae40bae1bdf890be8f3e23ccfbc SHA512 fc802728917b8ebc3c43e3c35ce1fa7b8aa30d89d60abcfcd82eb6baf0152d02384b2e336664942bd89c3ed27a418f37a13699b68a424f36645c51c1310a6e16
+EBUILD openvas-scanner-6.0.1.ebuild 3324 BLAKE2B bc10da8ad9cdef4cc124f0e50879c07120a49cff1ea37d7b99462209104e1a252dc1808033cb1c69bc8010b4cf7620aef3852c9bbae424f90673892042240ad9 SHA512 7d6daa1c624ce54f5b5d683d764d972648289d4837b2f927ad9d39c5fd9149b3db4c267cb2b0d6d3032d4419d57a9881f34ef97ee66f2aefe9f2a1a1f088b1a9
+MISC metadata.xml 951 BLAKE2B 195ec0e9becddea6e9c08103473e7d26670d9fa766ed470a37f85d25a79d771654ec0305fe242d240e1255636657d086eb908f12e94fe934c7b7c66a59af7e50 SHA512 577b533837640c4131ca305e047dd6bbfc5456d19afcd91a71a8fd6b4c6cb4a464f346ac140b7e9505b2a5a4302d281616d762bc11eb123993d507cd0129b8a1
diff --git a/net-analyzer/openvas-scanner/files/gvm-feed-sync.cron b/net-analyzer/openvas-scanner/files/gvm-feed-sync.cron
new file mode 100644
index 000000000000..5563b92929b1
--- /dev/null
+++ b/net-analyzer/openvas-scanner/files/gvm-feed-sync.cron
@@ -0,0 +1 @@
+0 2 * * * gvm [ -x /etc/gvm/gvm-feed-sync.sh ] && /bin/bash /etc/gvm/gvm-feed-sync.sh > /dev/null
diff --git a/net-analyzer/openvas-scanner/files/gvm-feed-sync.sh b/net-analyzer/openvas-scanner/files/gvm-feed-sync.sh
new file mode 100644
index 000000000000..ba21632a4d6c
--- /dev/null
+++ b/net-analyzer/openvas-scanner/files/gvm-feed-sync.sh
@@ -0,0 +1,45 @@
+#!/bin/sh
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+# GVM cron script that updates feed.
+
+# Start to update FEED & First NVT.
+try=0
+until [ $try -ge 5 ]; do
+      greenbone-nvt-sync --curl &>/dev/null && break
+      try=$[$try+1]
+      sleep 30
+done
+
+# Check status
+if [ $? -eq 0 ]; then
+   # Avoid your IP temporary banned because of multiple connection
+   sleep 5
+   # Try to update scapdata.
+   try=0
+   until [ $try -ge 5 ]; do
+         greenbone-scapdata-sync &>/dev/null && break
+         try=$[$try+1]
+         sleep 30
+   done
+
+   # Check status
+   if [ $? -eq 0 ]; then
+      # Avoid your IP temporary banned because of multiple connection
+      sleep 5
+      # Try to update certdata
+      try=0
+      until [ $try -ge 5 ]; do
+            greenbone-certdata-sync &>/dev/null && break
+            try=$[$try+1]
+            sleep 30
+      done
+
+       # Check status
+       if [ $? -eq 0 ]; then
+          exit 0
+          else
+             exit 1
+       fi
+   fi
+fi
diff --git a/net-analyzer/openvas-scanner/files/openvas-scanner-6.0.1-sbin.patch b/net-analyzer/openvas-scanner/files/openvas-scanner-6.0.1-sbin.patch
new file mode 100644
index 000000000000..d5b8a2a6b62f
--- /dev/null
+++ b/net-analyzer/openvas-scanner/files/openvas-scanner-6.0.1-sbin.patch
@@ -0,0 +1,21 @@
+--- a/src/CMakeLists.txt	2019-07-21 23:16:18.608251465 +0300
++++ b/src/CMakeLists.txt	2019-07-21 23:17:08.434210058 +0300
+@@ -175,7 +175,7 @@
+ ## Install
+ 
+ install (TARGETS openvassd
+-         RUNTIME DESTINATION ${SBINDIR}
++         RUNTIME DESTINATION ${BINDIR}
+          PERMISSIONS OWNER_EXECUTE OWNER_READ OWNER_WRITE
+          GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
+ 
+@@ -183,7 +183,7 @@
+          DESTINATION ${OPENVAS_SYSCONF_DIR})
+ 
+ install (FILES ${CMAKE_BINARY_DIR}/tools/greenbone-nvt-sync
+-         DESTINATION ${SBINDIR}
++         DESTINATION ${BINDIR}
+          PERMISSIONS OWNER_EXECUTE OWNER_READ OWNER_WRITE
+                      GROUP_READ GROUP_EXECUTE WORLD_READ WORLD_EXECUTE)
+ 
+
diff --git a/net-analyzer/openvas-scanner/files/openvassd-daemon.conf b/net-analyzer/openvas-scanner/files/openvassd-daemon.conf
new file mode 100644
index 000000000000..6bb70d165355
--- /dev/null
+++ b/net-analyzer/openvas-scanner/files/openvassd-daemon.conf
@@ -0,0 +1,17 @@
+# OpenVAS Scanner command args
+
+# e.g --foreground
+OPENVAS_SCANNER_OPTIONS=""
+
+# Scanner listen socket
+OPENVAS_SCANNER_LISTEN_SOCKET="--unix-socket=/var/run/openvassd.sock" 
+
+# Scanner listen owner
+OPENVAS_SCANNER_LISTEN_OWNER="--listen-owner=gvm"
+
+# Scanner listen group
+OPENVAS_SCANNER_LISTEN_GROUP="--listen-group=gvm"
+
+# Scanner listen mode
+OPENVAS_SCANNER_LISTEN_MODE="--listen-mode=755"
+
diff --git a/net-analyzer/openvas-scanner/files/openvassd.gvm.conf b/net-analyzer/openvas-scanner/files/openvassd.gvm.conf
new file mode 100644
index 000000000000..5dfb8b527454
--- /dev/null
+++ b/net-analyzer/openvas-scanner/files/openvassd.gvm.conf
@@ -0,0 +1,124 @@
+# You can get detailed informations from https://linux.die.net/man/8/openvassd
+# Configuration file of the OpenVAS Security Scanner
+# Every line starting with a '#' is a comment
+
+[Misc]
+
+# Path to the security checks folder:
+plugins_folder = /var/lib/openvas/plugins
+
+# Path to OpenVAS caching folder:
+cache_folder = /var/cache/openvas
+
+# Path to OpenVAS include directories:
+# (multiple entries are separated with colon ':')
+include_folders = /var/lib/openvas/plugins
+
+# Config File
+config_file = /etc/openvas/openvassd.conf
+
+# Maximum number of simultaneous hosts tested :
+max_hosts = 30
+
+# Maximum number of simultaneous checks against each host tested :
+max_checks = 10
+
+# Niceness. If set to 'yes', openvassd will renice itself to 10.
+be_nice = no
+
+# Log file (or 'syslog') :
+logfile = /var/log/gvm/openvassd.log
+
+# Shall we log every details of the attack ? (disk intensive)
+log_whole_attack = no
+
+# Log the name of the plugins that are loaded by the server ?
+log_plugins_name_at_load = no
+
+# Dump file for debugging output, use `-' for stdout
+dumpfile = /var/log/gvm/openvassd.dump
+
+# Rules file :
+rules = /etc/openvas/openvassd.rules
+
+# CGI paths to check for (cgi-bin:/cgi-aws:/ can do)
+cgi_path = /cgi-bin:/scripts
+
+# Range of the ports the port scanners will scan :
+# 'default' means that OpenVAS will scan ports found in its
+# services file.
+port_range = default
+
+# Optimize the test (recommended) :
+# Turn off for push hard but increase false positive and slow down scans
+optimize_test = yes
+
+# Optimization :
+# Read timeout for the sockets of the tests :
+checks_read_timeout = 5
+
+# Ports against which two plugins should not be run simultaneously :
+# non_simult_ports = Services/www, 139, Services/finger
+non_simult_ports = 139, 445
+
+# Maximum lifetime of a plugin (in seconds) :
+plugins_timeout = 320
+
+# Safe checks rely on banner grabbing & If enabled push harder to target:
+safe_checks = yes
+
+# Automatically activate the plugins that are depended on
+auto_enable_dependencies = yes
+
+# Do not echo data from plugins which have been automatically enabled
+silent_dependencies = no
+
+# Designate hosts by MAC address, not IP address (useful for DHCP networks)
+use_mac_addr = no
+
+
+#--- Knowledge base saving (can be configured by the client) :
+# Save the knowledge base on disk :
+save_knowledge_base = no
+
+# Restore the KB for each test :
+kb_restore = no
+
+# Only test hosts whose KB we do not have :
+only_test_hosts_whose_kb_we_dont_have = no
+
+# Only test hosts whose KB we already have :
+only_test_hosts_whose_kb_we_have = no
+
+# KB test replay :
+kb_dont_replay_scanners = no
+kb_dont_replay_info_gathering = no
+kb_dont_replay_attacks = no
+kb_dont_replay_denials = no
+kb_max_age = 864000
+#--- end of the KB section
+
+# Redis socket default setting
+db_address = /tmp/redis.sock
+
+# If this option is set, OpenVAS will not scan a network incrementally
+# (10.0.0.1, then 10.0.0.2, 10.0.0.3 and so on..) but will attempt to
+# slice the workload throughout the whole network (ie: it will scan
+# 10.0.0.1, then 10.0.0.127, then 10.0.0.2, then 10.0.0.128 and so on...
+slice_network_addresses = no
+
+# Should consider all the NASL scripts as being signed ? (unsafe if set to 'yes')
+nasl_no_signature_check = yes
+
+#Certificates
+cert_file=/var/lib/gvm/CA/servercert.pem
+key_file=/var/lib/gvm/private/CA/serverkey.pem
+ca_file=/var/lib/gvm/CA/cacert.pem
+
+# If you decide to protect your private key with a password,
+# uncomment and change next line
+# pem_password=password
+# If you want to force the use of a client certificate, uncomment next line
+# force_pubkey_auth = yes
+
+#end.
diff --git a/net-analyzer/openvas-scanner/files/openvassd.init b/net-analyzer/openvas-scanner/files/openvassd.init
new file mode 100644
index 000000000000..9bd7332134fc
--- /dev/null
+++ b/net-analyzer/openvas-scanner/files/openvassd.init
@@ -0,0 +1,14 @@
+#!/sbin/openrc-run
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+name="Open Vulnerability Assessment Scanner"
+command="/usr/bin/openvassd"
+command_args="${OPENVAS_SCANNER_OPTIONS} ${OPENVAS_SCANNER_LISTEN_SOCKET} ${OPENVAS_SCANNER_LISTEN_OWNER} ${OPENVAS_SCANNER_LISTEN_GROUP} ${OPENVAS_SCANNER_LISTEN_MODE}"
+pidfile="/run/openvassd.pid"
+command_background="true"
+
+depend() {
+	after bootmisc
+	need localmount net redis
+}
diff --git a/net-analyzer/openvas-scanner/files/openvassd.logrotate b/net-analyzer/openvas-scanner/files/openvassd.logrotate
new file mode 100644
index 000000000000..9cf47d54763d
--- /dev/null
+++ b/net-analyzer/openvas-scanner/files/openvassd.logrotate
@@ -0,0 +1,13 @@
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+# Daemon ignore HUP so we use 'copytruncate' instead of 'create' 
+# with safe file size to prevent losing log entries.
+
+/var/log/gvm/openvassd.log {
+	compress
+	missingok
+	notifempty
+	sharedscripts
+	copytruncate
+	maxsize 10M
+}
diff --git a/net-analyzer/openvas-scanner/files/openvassd.service b/net-analyzer/openvas-scanner/files/openvassd.service
new file mode 100644
index 000000000000..b7d7df8bbab0
--- /dev/null
+++ b/net-analyzer/openvas-scanner/files/openvassd.service
@@ -0,0 +1,16 @@
+[Unit]
+Description=Open Vulnerability Assessment Scanner
+After=network.target
+After=redis.service
+Before=gvmd.service
+Requires=redis.service
+
+[Service]
+Type=forking
+EnvironmentFile=-/etc/openvas/sysconfig/openvassd-daemon.conf
+ExecStart=/usr/bin/openvassd $OPENVAS_SCANNER_OPTIONS $OPENVAS_SCANNER_LISTEN_SOCKET $OPENVAS_SCANNER_LISTEN_OWNER $OPENVAS_SCANNER_LISTEN_GROUP $OPENVAS_SCANNER_LISTEN_MODE
+Restart=on-failure
+RestartSec=10
+
+[Install]
+WantedBy=multi-user.target
diff --git a/net-analyzer/openvas-scanner/metadata.xml b/net-analyzer/openvas-scanner/metadata.xml
index fa26aa942e17..50c99b9436cc 100644
--- a/net-analyzer/openvas-scanner/metadata.xml
+++ b/net-analyzer/openvas-scanner/metadata.xml
@@ -10,6 +10,15 @@
 		<name>Proxy Maintainers</name>
 	</maintainer>
 	<use>
+		<flag name="cron">Install a cron job to update GVM's feed daily.</flag>
 		<flag name="extras">Html docs support</flag>
 	</use>
+	<longdescription lang="en">
+	Open Vulnerability Assessment System (OpenVAS) Scanner is the Greenbone Vulnerability Management (GVM) Solution.
+	It is used for the Greenbone Security Manager appliances and is a full-featured scan engine that executes a continuously 
+	updated and extended feed of Network Vulnerability Tests (NVTs).
+	</longdescription>
+	<upstream>
+		<remote-id type="github">greenbone/openvas-scanner</remote-id>
+	</upstream>
 </pkgmetadata>
diff --git a/net-analyzer/openvas-scanner/openvas-scanner-6.0.1.ebuild b/net-analyzer/openvas-scanner/openvas-scanner-6.0.1.ebuild
new file mode 100644
index 000000000000..1700d9421816
--- /dev/null
+++ b/net-analyzer/openvas-scanner/openvas-scanner-6.0.1.ebuild
@@ -0,0 +1,138 @@
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+CMAKE_MAKEFILE_GENERATOR="emake"
+inherit cmake-utils flag-o-matic systemd toolchain-funcs
+
+MY_PN="openvas"
+MY_DN="openvassd"
+
+DESCRIPTION="Open Vulnerability Assessment Scanner"
+HOMEPAGE="https://www.greenbone.net/en/"
+SRC_URI="https://github.com/greenbone/openvas-scanner/archive/v${PV}.tar.gz -> ${P}.tar.gz"
+
+SLOT="0"
+LICENSE="GPL-2 GPL-2+"
+KEYWORDS="~amd64 ~x86"
+IUSE="cron extras"
+
+DEPEND="
+	app-crypt/gpgme:=
+	dev-db/redis
+	dev-libs/libgcrypt:=
+	dev-libs/libksba
+	>=net-analyzer/gvm-libs-10.0.1
+	net-analyzer/net-snmp
+	net-libs/gnutls:=
+	net-libs/libpcap
+	net-libs/libssh:=
+"
+
+RDEPEND="
+	${DEPEND}
+	!~net-analyzer/openvas-scanner-5.1.3
+	!net-analyzer/openvas-tools"
+
+BDEPEND="
+	sys-devel/bison
+	sys-devel/flex
+	virtual/pkgconfig
+	extras? ( app-doc/doxygen[dot]
+		  app-doc/xmltoman
+		  app-text/htmldoc
+		  dev-perl/CGI
+		  dev-perl/SQL-Translator
+	)"
+
+BUILD_DIR="${WORKDIR}/${MY_PN}-${PV}_build"
+S="${WORKDIR}/${MY_PN}-${PV}"
+
+PATCHES=(
+	# Install exec. to /usr/bin instead of /usr/sbin
+	"${FILESDIR}/${P}-sbin.patch"
+)
+
+src_prepare() {
+	cmake-utils_src_prepare
+	# QA-Fix | Correct FHS/Gentoo policy paths for 6.0.1
+	sed -i -e "s*/doc/openvas-scanner/*/doc/openvas-scanner-${PV}/*g" "$S"/src/CMakeLists.txt || die
+	# QA-Fix | Remove !CLANG doxygen warnings for 6.0.1
+	if use extras; then
+		if ! tc-is-clang; then
+		   local f
+		   for f in doc/*.in
+		   do
+			sed -i \
+				-e "s*CLANG_ASSISTED_PARSING = NO*#CLANG_ASSISTED_PARSING = NO*g" \
+				-e "s*CLANG_OPTIONS*#CLANG_OPTIONS*g" \
+				"${f}" || die "couldn't disable CLANG parsing"
+		   done
+		fi
+	fi
+}
+
+src_configure() {
+	local mycmakeargs=(
+		"-DCMAKE_INSTALL_PREFIX=${EPREFIX}/usr"
+		"-DLOCALSTATEDIR=${EPREFIX}/var"
+		"-DSYSCONFDIR=${EPREFIX}/etc"
+	)
+	# Add release hardening flags for 6.0.1
+	append-cflags -Wno-format-truncation -Wformat -Wformat-security -D_FORTIFY_SOURCE=2 -fstack-protector
+	append-ldflags -Wl,-z,relro -Wl,-z,now
+	cmake-utils_src_configure
+}
+
+src_compile() {
+	cmake-utils_src_compile
+	if use extras; then
+		cmake-utils_src_make -C "${BUILD_DIR}" doc
+		cmake-utils_src_make doc-full -C "${BUILD_DIR}" doc
+		HTML_DOCS=( "${BUILD_DIR}"/doc/generated/html/. )
+	fi
+	cmake-utils_src_make rebuild_cache
+}
+
+src_install() {
+	cmake-utils_src_install
+
+	dodir /etc/openvas
+	insinto /etc/openvas
+	newins "${FILESDIR}/${MY_DN}.gvm.conf" openvassd.conf
+
+	insinto /etc/openvas
+	doins "${FILESDIR}"/redis.conf.example
+
+	dodir /etc/openvas/sysconfig
+	insinto /etc/openvas/sysconfig
+	doins "${FILESDIR}/${MY_DN}-daemon.conf"
+
+	if use cron; then
+		# Install the cron job if they want it.
+		exeinto /etc/gvm
+		doexe "${FILESDIR}/gvm-feed-sync.sh"
+		fowners gvm:gvm /etc/gvm/gvm-feed-sync.sh
+
+		insinto /etc/cron.d
+		newins "${FILESDIR}"/gvm-feed-sync.cron gvm
+	fi
+
+	fowners -R gvm:gvm /etc/openvas
+
+	newinitd "${FILESDIR}/${MY_DN}.init" "${MY_DN}"
+	newconfd "${FILESDIR}/${MY_DN}-daemon.conf" "${MY_DN}"
+
+	dodir /etc/logrotate.d
+	insinto /etc/logrotate.d
+	newins "${FILESDIR}/${MY_DN}.logrotate" "${MY_DN}"
+
+	systemd_dounit "${FILESDIR}/${MY_DN}.service"
+
+	# Set proper permissions on required files/directories
+	keepdir /var/log/gvm
+	fowners gvm:gvm /var/log/gvm
+	keepdir /var/lib/openvas/{gnupg,plugins}
+	fowners -R gvm:gvm /var/lib/openvas
+}
author	V3n3RiX <venerix@redcorelinux.org>	2019-11-03 16:06:58 +0000
committer	V3n3RiX <venerix@redcorelinux.org>	2019-11-03 16:06:58 +0000
commit	bd4aeefe33e63f613512604e47bfca7b2187697d (patch)
tree	adb35b5a9a00ee7ea591ab0c987f70167c23b597 /net-analyzer/openvas-scanner
parent	48ece6662cbd443015f5a57ae6d8cbdbd69ef37c (diff)