diff options
Diffstat (limited to 'net-analyzer/notus-scanner')
-rw-r--r-- | net-analyzer/notus-scanner/Manifest | 7 | ||||
-rw-r--r-- | net-analyzer/notus-scanner/files/notus-scanner.confd | 11 | ||||
-rw-r--r-- | net-analyzer/notus-scanner/files/notus-scanner.initd | 23 | ||||
-rw-r--r-- | net-analyzer/notus-scanner/files/notus-scanner.service.conf | 7 | ||||
-rw-r--r-- | net-analyzer/notus-scanner/files/notus-scanner.toml | 8 | ||||
-rw-r--r-- | net-analyzer/notus-scanner/metadata.xml | 19 | ||||
-rw-r--r-- | net-analyzer/notus-scanner/notus-scanner-22.5.0.ebuild | 63 |
7 files changed, 138 insertions, 0 deletions
diff --git a/net-analyzer/notus-scanner/Manifest b/net-analyzer/notus-scanner/Manifest new file mode 100644 index 000000000000..925dab0ceaa7 --- /dev/null +++ b/net-analyzer/notus-scanner/Manifest @@ -0,0 +1,7 @@ +AUX notus-scanner.confd 379 BLAKE2B 23aec44c8b7f20246bfb407fe5b79c0a229ea58c2a9965390db6ddb4dff9a8097b37599ac6cf4730aa32214d9b009970ccf1ca39d988b182421f0fb30a4985a2 SHA512 3fe1a15fa6ba6ac926a9449f88d632267dccef4099e0f1b66d06674518cdaea6ed624199afbe6558e3cb97c5ad912ea29d81de02d9e38d5a5e67f43caf966d03 +AUX notus-scanner.initd 607 BLAKE2B 230e0e6e6abb3e52a4af52e71a793d73537342d0583e28a1ac53c91c3ed13b250092e47e50b114d991209249a8281ff3cf80c753225ae7e0c1dfb912ad8613ab SHA512 680838ce4a0590448b5518d430c22e67305d9eea85cda18175303df5524b1b20ba95f7156502dd5b20afb0c070a7f3fb1f5c28094b5246ad7efa01a1092a4798 +AUX notus-scanner.service.conf 93 BLAKE2B 17030f4836aa96f45fdc9be67fb1b1924680ec29193bfc03d470bc45bf973542ca1b2bbb13253eb20c1618132b4b07c3fcaadd39451cb583d4c8f6fcd6e26c65 SHA512 36d5fbe95cd02b728d048a0baeed03448899696d0b3344a166afc9eecd6620e8af347ecc86c014ec9211ce72cc55a202a84b9ea68a7662c268378c37a734b08f +AUX notus-scanner.toml 273 BLAKE2B 742fd2f07418e020f37313fc275cf3ba44b3b3a701de7982eff3d5ebc74cdfe6618104799221d842bb2b7088b3444ecc4ce98aa28175da4a57876ea0c33e311a SHA512 bfa21bd4ee4c0cbcf8613a0fe5bcf31507aed94a74ddc139a6c1a5b1858f417ac40d00d0f8f1e849802632430b0a52c05231585237fbc397ffff03d1f013e5b6 +DIST notus-scanner-22.5.0.tar.gz 320894 BLAKE2B 3bf0cb633ad2636d9430705459d841b717139b162bd39f30a6bf06dafe1647b94c0e791b05390d340f97a4ff83351cbd71be6d5b1793dda82c6cad9250ce18c2 SHA512 48576d26a65c439fb00b345d97ba9917c3c2bf99ab5c94ed4488e4638c0442fdcd721ed8a08be147481a01bffc3eadec25029c0d6cd1aed2381221250b16c19d +EBUILD notus-scanner-22.5.0.ebuild 1597 BLAKE2B 54afbd677c4e8f8ef3df2ab383dfd458548eb0357ff56dbc0c9b8f1cdd62fde563bde3e20293be11614d4e62c7d1dc3f85e5cfab5a33720b643b376be7b76c29 SHA512 a0ee11cc90ff7e129cebef3b51cc5b8d30493857288d9e3dd56d647cab5f3c95b4499e74bdc958fd42c12ecb9e488462e280f6f342f9e020fd59ddb4e38afeb7 +MISC metadata.xml 735 BLAKE2B 78af413540fe6af7214b65b50b50aaf9cf59280037ada5228d38e529d90752b0516bf1d7514e7d9436edd93b50cd8a9dadc1e9fbf84a5c57a0ff0cb45b712cc8 SHA512 fdb4ce92c1eede58fe267ed2a4832dd1d4e7a1694591efb3d2ff372a621320275c4090317cb57c50724ceb7e386fa28965e45b724b311127ecd8665e2908cf92 diff --git a/net-analyzer/notus-scanner/files/notus-scanner.confd b/net-analyzer/notus-scanner/files/notus-scanner.confd new file mode 100644 index 000000000000..5000145abaeb --- /dev/null +++ b/net-analyzer/notus-scanner/files/notus-scanner.confd @@ -0,0 +1,11 @@ +# Notus Scanner command args + +NOTUS_SCANNER_OPTIONS="--log-file=/var/log/gvm/notus-scanner.log" + +NOTUS_SCANNER_MQTT_BROKER_ADDRESS="--mqtt-broker-address localhost" + +NOTUS_SCANNER_MQTT_BROKER_PORT="--mqtt-broker-port 1883" + +NOTUS_SCANNER_PRODUCTS_DIRECTORY="--products-directory /var/lib/notus/products" + +NOTUS_DISABLE_HASHSUM_VERIFICATION="--disable-hashsum-verification false" diff --git a/net-analyzer/notus-scanner/files/notus-scanner.initd b/net-analyzer/notus-scanner/files/notus-scanner.initd new file mode 100644 index 000000000000..e00e9118e32e --- /dev/null +++ b/net-analyzer/notus-scanner/files/notus-scanner.initd @@ -0,0 +1,23 @@ +#!/sbin/openrc-run +# Copyright 2023Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +name="Greenbone Notus Scanner" +command=/usr/bin/notus-scanner +pidfile="/run/notus-scanner/${RC_SVCNAME}.pid" +command_args="${NOTUS_SCANNER_OPTIONS} \ + ${NOTUS_SCANNER_MQTT_BROKER_ADDRESS} \ + ${NOTUS_SCANNER_MQTT_BROKER_PORT} \ + ${NOTUS_SCANNER_PRODUCTS_DIRECTORY} \ + ${NOTUS_DISABLE_HASHSUM_VERIFICATION} \ + --pid-file ${pidfile} \ + --config /etc/gvm/notus-scanner.toml" + +depend() { + after bootmisc + need localmount mosquitto +} + +start_pre() { + checkpath -d /var/run/notus-scanner +} diff --git a/net-analyzer/notus-scanner/files/notus-scanner.service.conf b/net-analyzer/notus-scanner/files/notus-scanner.service.conf new file mode 100644 index 000000000000..aea5c10e8fad --- /dev/null +++ b/net-analyzer/notus-scanner/files/notus-scanner.service.conf @@ -0,0 +1,7 @@ +[Unit] +PartOf=gvm.target + +[Service] +Type=forking +ExecStart= +ExecStart=/usr/bin/notus-scanner diff --git a/net-analyzer/notus-scanner/files/notus-scanner.toml b/net-analyzer/notus-scanner/files/notus-scanner.toml new file mode 100644 index 000000000000..cff33c77afc8 --- /dev/null +++ b/net-analyzer/notus-scanner/files/notus-scanner.toml @@ -0,0 +1,8 @@ +[notus-scanner] +mqtt-broker-address = "localhost" +mqtt-broker-port = "1883" +products-directory = "/var/lib/notus/products" +pid-file = "/run/notus-scanner/notus-scanner.pid" +log-file = "/var/log/gvm/notus-scanner.log" +log-level = "INFO" +disable-hashsum-verification = false diff --git a/net-analyzer/notus-scanner/metadata.xml b/net-analyzer/notus-scanner/metadata.xml new file mode 100644 index 000000000000..06038ba8d06e --- /dev/null +++ b/net-analyzer/notus-scanner/metadata.xml @@ -0,0 +1,19 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer type="person" proxied="yes"> + <email>foti.giuseppe@gmail.com</email> + <name>Giuseppe Foti</name> + </maintainer> + <maintainer type="project" proxied="proxy"> + <email>proxy-maint@gentoo.org</email> + <name>Proxy Maintainers</name> + </maintainer> + <longdescription lang="en"> + This is a new scanner that scans after every regular scan, so no user interaction is necessary. + It offers better performance due to less system resource consumption and thus, faster scanning. + </longdescription> + <upstream> + <remote-id type="github">greenbone/notus-scanner</remote-id> + </upstream> +</pkgmetadata> diff --git a/net-analyzer/notus-scanner/notus-scanner-22.5.0.ebuild b/net-analyzer/notus-scanner/notus-scanner-22.5.0.ebuild new file mode 100644 index 000000000000..3d2b52bf6bee --- /dev/null +++ b/net-analyzer/notus-scanner/notus-scanner-22.5.0.ebuild @@ -0,0 +1,63 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +PYTHON_COMPAT=( python3_{10..11} ) +DISTUTILS_USE_PEP517=poetry +inherit distutils-r1 systemd + +DESCRIPTION="Notus is a vulnerability scanner for creating results from local security checks" +HOMEPAGE="https://github.com/greenbone/notus-scanner" +SRC_URI="https://github.com/greenbone/notus-scanner/archive/refs/tags/v${PV}.tar.gz -> ${P}.tar.gz" + +SLOT="0" +LICENSE="AGPL-3 AGPL-3+" +KEYWORDS="~amd64 ~x86" +RESTRICT="!test? ( test )" + +DEPEND=" + acct-user/gvm + dev-libs/paho-mqtt-c + dev-python/psutil[${PYTHON_USEDEP}] + >=dev-python/python-gnupg-0.5.0[${PYTHON_USEDEP}] + <dev-python/packaging-23.2[${PYTHON_USEDEP}] + >=dev-python/sentry-sdk-1.22.2[${PYTHON_USEDEP}] + >=dev-python/rope-1.8.0[${PYTHON_USEDEP}] + >=dev-python/paho-mqtt-1.5.1[${PYTHON_USEDEP}] + <dev-python/tomli-3[${PYTHON_USEDEP}] +" + +RDEPEND=" + ${DEPEND} + app-misc/mosquitto +" + +distutils_enable_tests unittest + +python_compile() { + distutils-r1_python_compile +} + +python_install() { + distutils-r1_python_install + insinto /etc/gvm + doins "${FILESDIR}/${PN}.toml" + fowners gvm:gvm "/etc/gvm/${PN}.toml" + + # Set proper permissions on required files/directories + keepdir /var/lib/notus + keepdir /var/lib/notus/products + keepdir /var/lib/notus/advisories + if ! use prefix; then + fowners -R gvm:gvm /var/lib/notus + fi + + newinitd "${FILESDIR}/${PN}.initd" "${PN}" + newconfd "${FILESDIR}/${PN}.confd" "${PN}" + + systemd_dounit config/${PN}.service + + systemd_install_serviced "${FILESDIR}/notus-scanner.service.conf" \ + ${PN}.service +} |