7 files changed, 78 insertions, 185 deletions
diff --git a/net-analyzer/ospd-openvas/Manifest b/net-analyzer/ospd-openvas/Manifest
index e39ef28e3f60..d5fd5f619295 100644
--- a/net-analyzer/ospd-openvas/Manifest
+++ b/net-analyzer/ospd-openvas/Manifest
@@ -1,10 +1,5 @@
 AUX ospd-openvas.confd 226 BLAKE2B c43d443a83515f8890fd5406741a0e5e48d63fbe4e0a9060ee6c3679138ca406478f584bc8da7e24ec9520385509d3f1de609aaefb54ed36371638b2e0fa2c67 SHA512 ef07f02c3900ee431785b2c2e53f04f4fd114f502526ec509c869dcd3a95e4284fc65f05f5ec85280cc05a29a46fba9c74ef3b0b0d618b9c9c1e62d9bb3fc6fa
 AUX ospd-openvas.initd 491 BLAKE2B 1020cec8fba128547e7d0606c60989b74103b0d324ee72166f6d5d3f872134589f1aa9ef05e4c73215743e4d78db0c8ca4ee909d5503f64246c8b3f186952e67 SHA512 c5ca7fbff20a5f3b85e4f1c7ec22322056dee2e0800689f0fdf252d5b785eaf8db7909867fc4f6f13c53447d60e07f3d904965d7313d4bfaf58e3240f25ef00d
-AUX ospd-openvas.service 512 BLAKE2B 68d3e676ab5ad2bb5f8122de9e8737f29b9bc95ff7d522e61dfbf079402b1525aacb27cbe93d525f732fb1e564858fb782c8a56fd7deb51aefd2d80cc2c99baa SHA512 d1d9610ee65491f9a712f5380471dc6696a1733b5873647731fd53799aa780666c71c84df58432d460cd5be605ec5d6e44eb3fa0c3803b7c91b572348756cf30
-AUX ospd.conf 189 BLAKE2B 7b4e2941b25cbbd4b7d5f913526977c5663640d4b5c208cd48b95b13ae6c3838eb8b2dba3340a2a1adab163f88fbf46ce1016cce793af7a39ace0ba14c3ff735 SHA512 68f19ac2bafa91719bc34db01eb0ac034205fc334a6dcfee8ea4d4eed2e4e0c1da5d14c6cdc78bfc14dd37c3a30c8aeb85bb9aa365566ea74465f04ecead7ca6
-AUX redis.conf.example 1351 BLAKE2B ad1a99404360b76144944793b2994554799bcc6624abce68524773b7f748075b8bcec79dcf94d2f400132a424a5147a3675d67f48d23a46e28a6afdca83e50a3 SHA512 b5024c26696f49e5d453cef7a0e3838a3fa557b2339a250f95d5367a30564b8a62733c86901ae000f62e916d73162188fbca1c56ed3a078dd99e8e8db1cc2c64
-DIST ospd-openvas-1.0.1.tar.gz 50455 BLAKE2B 06a4cdcc2f51351215fffa5517cb2cae620b9b7ffded738d3c63bda11fa8572fe93e0b5fc1c8c9a1bd27cbea65641b0586c329d1d05a022e1fba79c8782d091c SHA512 bdcdb1a8bc08fc27f1a85846ad944b3764a67c153cd75ffa607f69e0c07f223aa0e0965ee081e2398d4d47fc6faf1fd6fad90e6bc724952a0679de783dd2cc87
-DIST ospd-openvas-20.8.1.tar.gz 86733 BLAKE2B 1f747d7409a9b2cef4ea320cdc3fb8714105498ac798c96bb4be243a000985b881e33b56458d1c97b7a0359d51c95a4f975efa97cd4405b359d5a1e7aeaba9e6 SHA512 fb4ceb0a2306255e59948fe2246f9c66adefb4e68e26d3a8f95366a9ef1cb5581a3b036f6982cdd4c8499a9fb1e6acbe72041144e9ff3a057fc253e0684c0c0f
-EBUILD ospd-openvas-1.0.1.ebuild 1109 BLAKE2B 0a734229297237cd501c2656150904e5078116f21ab107d591deb505ed54a7163f916bf3b6a8e958e433390a221570043fcc7b237285f5ea88537692b7186fa6 SHA512 740c37c6ec7f0380e18fc506c170f2edb56247f55bfa975be6e14995ebefd25d0ddcd1e281e7ec4a2d777107fc6cbd50db706afd6d90c850f504690c8a3ac90e
-EBUILD ospd-openvas-20.8.1.ebuild 1147 BLAKE2B f44df7e739901b872cea607ed680cabf5996b8a3e5e08da8d2204368bfda1912ca9a169f95b5460eceb9b2a2bbf2f22c2c98b869b0d42167ced962311d5c95fb SHA512 649965b140fac1c020dead5b98e2e6758c67afb14c98b42b19acb639241767cbceb27be5718130534444acc7b3b2e3e97723f74260cb80b65d4e1e5c2880b933
+DIST ospd-openvas-21.4.4.tar.gz 173368 BLAKE2B 4568eb45bb999d0ff2cf91652dd56000bceb967f5c37c3061735322d1c72165f9b869c8b48694b37fd6d684679fa1bbff4a5550076bbcfcee5936b470cb04700 SHA512 3981b0a9044f90243fe06f15b0d8ee5a6b1a334556f6de76955aecda0404da2f8bd1d39bf547093a31c244f0aabae819f5e45e8c518984fc7d50764a267086e9
+EBUILD ospd-openvas-21.4.4-r4.ebuild 1905 BLAKE2B 5f103b44678f146af5059ba2561c335ad01e61cf83468a15ef0701697d83b413f353981f98246c4c8fbc9f48d0b59cc86a40b0da39e6daa911c073aab6dc573b SHA512 b4ca346df8b0514ba9f5a315659bc76d2ef1f961f5a9cb6b6ca923d1b0c136ea2644a11bd1f9ff59d25b1cee32174c4cb673a7b319c5dfd43716b206728c7bd1
 MISC metadata.xml 726 BLAKE2B d5d1e99e82b0b5762c13cd964c7d5cacab948f3d3062da81f74c1d08b168fc56db606f52f8c13caa2e1fc852aa2b683ded027ffee34b0918b3042b8c1e72056c SHA512 8a2f43de531fedc1ee9f498294fcfa8f30f0a2e7b725b77847d337ae53e8075e7e932f6c453eb39cdc38ad59705468fcbb8e854f7dfb08b92c8d6b243f673da9
diff --git a/net-analyzer/ospd-openvas/files/ospd-openvas.service b/net-analyzer/ospd-openvas/files/ospd-openvas.service
deleted file mode 100644
index f496797d54ff..000000000000
--- a/net-analyzer/ospd-openvas/files/ospd-openvas.service
+++ /dev/null
@@ -1,18 +0,0 @@
-[Unit]
-Description=OSPD OpenVAS
-After=network.target networking.service dnsmasq.service redis-server@openvas.service systemd-tmpfiles.service
-ConditionKernelCommandLine=!recovery
-
-[Service]
-Type=forking
-User=gvm
-Group=gvm
-ExecStart=/usr/bin/ospd-openvas --config /etc/openvas/ospd.conf --foreground
-SuccessExitStatus=SIGKILL
-# This works asynchronously, but does not take the daemon down during the reload so it's ok.
-Restart=always
-RestartSec=60
-
-[Install]
-WantedBy=multi-user.target
-Alias=ospd-openvas.service
diff --git a/net-analyzer/ospd-openvas/files/ospd.conf b/net-analyzer/ospd-openvas/files/ospd.conf
deleted file mode 100644
index bac46565001c..000000000000
--- a/net-analyzer/ospd-openvas/files/ospd.conf
+++ /dev/null
@@ -1,10 +0,0 @@
-[OSPD - openvas]
-
-#required by gvmd
-unix_socket = /tmp/ospd.sock
-
-#socket_mode = 0o770
-#unix_socket = /run/ospd/ospd-openvas.pid
-
-log_level = DEBUG
-log_file = /var/log/gvm/ospd-openvas.log
diff --git a/net-analyzer/ospd-openvas/files/redis.conf.example b/net-analyzer/ospd-openvas/files/redis.conf.example
deleted file mode 100644
index 6a41211aaae8..000000000000
--- a/net-analyzer/ospd-openvas/files/redis.conf.example
+++ /dev/null
@@ -1,57 +0,0 @@
-bind 127.0.0.1
-protected-mode yes
-port 0
-tcp-backlog 511
-unixsocket /tmp/redis.sock
-unixsocketperm 700
-timeout 0
-tcp-keepalive 300
-daemonize no
-supervised no
-pidfile /run/redis/redis.pid
-loglevel notice
-logfile /var/log/redis/redis.log
-databases 16
-always-show-logo yes
-stop-writes-on-bgsave-error yes
-rdbcompression yes
-rdbchecksum yes
-dbfilename dump.rdb
-dir /var/lib/redis/
-slave-serve-stale-data yes
-slave-read-only yes
-repl-diskless-sync no
-repl-diskless-sync-delay 5
-repl-disable-tcp-nodelay no
-slave-priority 100
-lazyfree-lazy-eviction no
-lazyfree-lazy-expire no
-lazyfree-lazy-server-del no
-slave-lazy-flush no
-appendonly no
-appendfilename "appendonly.aof"
-appendfsync everysec
-no-appendfsync-on-rewrite no
-auto-aof-rewrite-percentage 100
-auto-aof-rewrite-min-size 64mb
-aof-load-truncated yes
-aof-use-rdb-preamble no
-lua-time-limit 5000
-slowlog-log-slower-than 10000
-slowlog-max-len 128
-latency-monitor-threshold 0
-notify-keyspace-events ""
-hash-max-ziplist-entries 512
-hash-max-ziplist-value 64
-list-max-ziplist-size -2
-list-compress-depth 0
-set-max-intset-entries 512
-zset-max-ziplist-entries 128
-zset-max-ziplist-value 64
-hll-sparse-max-bytes 3000
-activerehashing yes
-client-output-buffer-limit normal 0 0 0
-client-output-buffer-limit slave 256mb 64mb 60
-client-output-buffer-limit pubsub 32mb 8mb 60
-hz 10
-aof-rewrite-incremental-fsync yes
diff --git a/net-analyzer/ospd-openvas/ospd-openvas-1.0.1.ebuild b/net-analyzer/ospd-openvas/ospd-openvas-1.0.1.ebuild
deleted file mode 100644
index 3e6e76f0659a..000000000000
--- a/net-analyzer/ospd-openvas/ospd-openvas-1.0.1.ebuild
+++ /dev/null
@@ -1,46 +0,0 @@
-# Copyright 2020 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-PYTHON_COMPAT=( python3_{7,8,9} )
-DISTUTILS_USE_SETUPTOOLS=rdepend
-inherit distutils-r1 systemd
-
-DESCRIPTION="This is an OSP server implementation to allow GVM to remotely control OpenVAS"
-HOMEPAGE="https://github.com/greenbone/ospd-openvas"
-SRC_URI="https://github.com/greenbone/ospd-openvas/archive/v${PV}.tar.gz -> ${P}.tar.gz"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="~amd64 ~x86"
-IUSE=""
-
-DEPEND="
-	acct-user/gvm
-	dev-python/packaging[${PYTHON_USEDEP}]
-	dev-python/psutil[${PYTHON_USEDEP}]
-	>=dev-python/redis-py-3.0.1[${PYTHON_USEDEP}]
-	>=net-analyzer/ospd-2.0.0[${PYTHON_USEDEP}]
-"
-RDEPEND="
-	${DEPEND}
-	>=net-analyzer/openvas-scanner-7.0.0"
-BDEPEND=""
-
-distutils_enable_tests unittest
-
-python_install() {
-	distutils-r1_python_install
-
-	insinto /etc/openvas
-	doins "${FILESDIR}"/redis.conf.example
-	doins "${FILESDIR}"/ospd.conf
-
-	fowners -R gvm:gvm /etc/openvas
-
-	newinitd "${FILESDIR}/${PN}.initd" "${PN}"
-	newconfd "${FILESDIR}/${PN}.confd" "${PN}"
-
-	systemd_dounit "${FILESDIR}/${PN}.service"
-}
diff --git a/net-analyzer/ospd-openvas/ospd-openvas-20.8.1.ebuild b/net-analyzer/ospd-openvas/ospd-openvas-20.8.1.ebuild
deleted file mode 100644
index 18cbd96b1442..000000000000
--- a/net-analyzer/ospd-openvas/ospd-openvas-20.8.1.ebuild
+++ /dev/null
@@ -1,47 +0,0 @@
-# Copyright 2020-2021 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=7
-
-PYTHON_COMPAT=( python3_{7,8,9} )
-DISTUTILS_USE_SETUPTOOLS=rdepend
-inherit distutils-r1 systemd
-
-DESCRIPTION="This is an OSP server implementation to allow GVM to remotely control OpenVAS"
-HOMEPAGE="https://github.com/greenbone/ospd-openvas"
-SRC_URI="https://github.com/greenbone/ospd-openvas/archive/v${PV}.tar.gz -> ${P}.tar.gz"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="~amd64 ~x86"
-IUSE=""
-
-DEPEND="
-	acct-group/gvm
-	acct-user/gvm
-	>=dev-python/packaging-20.4[${PYTHON_USEDEP}]
-	>=dev-python/psutil-5.7.0[${PYTHON_USEDEP}]
-	>=dev-python/redis-py-3.5.3[${PYTHON_USEDEP}]
-	>=net-analyzer/ospd-20.8.0[${PYTHON_USEDEP}]
-"
-RDEPEND="
-	${DEPEND}
-	>=net-analyzer/openvas-scanner-20.8.0"
-BDEPEND=""
-
-distutils_enable_tests unittest
-
-python_install() {
-	distutils-r1_python_install
-
-	insinto /etc/openvas
-	doins "${FILESDIR}"/redis.conf.example
-	doins "${FILESDIR}"/ospd.conf
-
-	fowners -R gvm:gvm /etc/openvas
-
-	newinitd "${FILESDIR}/${PN}.initd" "${PN}"
-	newconfd "${FILESDIR}/${PN}.confd" "${PN}"
-
-	systemd_dounit "${FILESDIR}/${PN}.service"
-}
diff --git a/net-analyzer/ospd-openvas/ospd-openvas-21.4.4-r4.ebuild b/net-analyzer/ospd-openvas/ospd-openvas-21.4.4-r4.ebuild
new file mode 100644
index 000000000000..a7791ba4ba27
--- /dev/null
+++ b/net-analyzer/ospd-openvas/ospd-openvas-21.4.4-r4.ebuild
@@ -0,0 +1,76 @@
+# Copyright 2020-2022 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+PYTHON_COMPAT=( python3_{8..10} )
+DISTUTILS_USE_PEP517=poetry
+inherit distutils-r1 systemd
+
+DESCRIPTION="This is an OSP server implementation to allow GVM to remotely control OpenVAS"
+HOMEPAGE="https://www.greenbone.net https://github.com/greenbone/ospd-openvas"
+SRC_URI="https://github.com/greenbone/ospd-openvas/archive/v${PV}.tar.gz -> ${P}.tar.gz"
+
+LICENSE="AGPL-3+ GPL-2+"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="doc"
+
+DEPEND="
+	acct-user/gvm
+	dev-python/defusedxml[${PYTHON_USEDEP}]
+	dev-python/deprecated[${PYTHON_USEDEP}]
+	dev-python/lxml[${PYTHON_USEDEP}]
+	>=dev-python/packaging-20.4[${PYTHON_USEDEP}]
+	dev-python/paramiko[${PYTHON_USEDEP}]
+	>=dev-python/psutil-5.7.0[${PYTHON_USEDEP}]
+	>=dev-python/redis-py-3.5.3[${PYTHON_USEDEP}]
+	!net-analyzer/ospd[${PYTHON_USEDEP}]
+"
+RDEPEND="
+	${DEPEND}
+	app-admin/sudo
+	>=net-analyzer/openvas-scanner-${PV}
+"
+
+distutils_enable_tests unittest
+
+src_prepare() {
+	default
+
+	# https://github.com/greenbone/ospd-openvas/pull/649
+	sed -i '/^Group=gvm/d' config/ospd-openvas.service || die
+
+	# https://github.com/greenbone/ospd-openvas/pull/653
+	sed -i 's;/usr/local/bin/;/usr/bin/;' config/ospd-openvas.service || die
+}
+
+python_compile() {
+	if use doc; then
+		bash "${S}"/docs/generate || die
+		HTML_DOCS=( "${S}"/docs/. )
+	fi
+	distutils-r1_python_compile
+}
+
+python_install() {
+	distutils-r1_python_install
+
+	insinto /etc/gvm
+	doins config/${PN}.conf
+	if ! use prefix; then
+		fowners -R gvm:gvm /etc/gvm
+	fi
+
+	newinitd "${FILESDIR}/${PN}.initd" "${PN}"
+	newconfd "${FILESDIR}/${PN}.confd" "${PN}"
+
+	systemd_dounit config/${PN}.service
+
+	# OSPD OpenVAS attempts to call openvas via sudo as network security
+	# scanning often requires priviliged operations.
+	insinto /etc/sudoers.d
+	newins - openvas <<-EOF
+	gvm  ALL = NOPASSWD: /usr/bin/openvas
+EOF
+}