From 0eb9883b5a8a53c253c98d1c77438c39c27c8c97 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Mon, 3 Jul 2023 10:05:34 +0100 Subject: gentoo auto-resync : 03:07:2023 - 10:05:34 --- net-analyzer/ospd-openvas/Manifest | 7 +- .../ospd-openvas/files/ospd-openvas-22.initd | 21 ++++++ .../ospd-openvas/files/ospd-openvas.service.conf | 7 ++ .../files/ospd-openvas.service_notus.conf | 9 +++ net-analyzer/ospd-openvas/metadata.xml | 10 +++ .../ospd-openvas/ospd-openvas-22.5.1.ebuild | 77 ++++++++++++++++++++++ 6 files changed, 130 insertions(+), 1 deletion(-) create mode 100644 net-analyzer/ospd-openvas/files/ospd-openvas-22.initd create mode 100644 net-analyzer/ospd-openvas/files/ospd-openvas.service.conf create mode 100644 net-analyzer/ospd-openvas/files/ospd-openvas.service_notus.conf create mode 100644 net-analyzer/ospd-openvas/ospd-openvas-22.5.1.ebuild (limited to 'net-analyzer/ospd-openvas') diff --git a/net-analyzer/ospd-openvas/Manifest b/net-analyzer/ospd-openvas/Manifest index 57ba52358d94..c0b6823343f2 100644 --- a/net-analyzer/ospd-openvas/Manifest +++ b/net-analyzer/ospd-openvas/Manifest @@ -1,5 +1,10 @@ +AUX ospd-openvas-22.initd 499 BLAKE2B 413a85a48aa9812bbac9b647906a8445b6f0d7c69876cbb2cd6f9713cb4d48584672ce1d3a8c0fd8ac451a49d6106ba6c7cb58ed78947913345c5e2367ca333a SHA512 1b2122d36a851d7d810cf599a37eb40a5775ff5d084d6a31110f7c7f2d183348f99b0e4eb8adc89eb7f30c5644344c7c6116b8e90463345965fafbb9431aca4e AUX ospd-openvas.confd 226 BLAKE2B c43d443a83515f8890fd5406741a0e5e48d63fbe4e0a9060ee6c3679138ca406478f584bc8da7e24ec9520385509d3f1de609aaefb54ed36371638b2e0fa2c67 SHA512 ef07f02c3900ee431785b2c2e53f04f4fd114f502526ec509c869dcd3a95e4284fc65f05f5ec85280cc05a29a46fba9c74ef3b0b0d618b9c9c1e62d9bb3fc6fa AUX ospd-openvas.initd 491 BLAKE2B 1020cec8fba128547e7d0606c60989b74103b0d324ee72166f6d5d3f872134589f1aa9ef05e4c73215743e4d78db0c8ca4ee909d5503f64246c8b3f186952e67 SHA512 c5ca7fbff20a5f3b85e4f1c7ec22322056dee2e0800689f0fdf252d5b785eaf8db7909867fc4f6f13c53447d60e07f3d904965d7313d4bfaf58e3240f25ef00d +AUX ospd-openvas.service.conf 208 BLAKE2B b392bddb4caa281087a238c79c368bdf38439c9ddaf470e034db60d9847269966e19d6a111218fe92e6c5f05dc414ab88c0fefd1916c0d5c5bca28b30d92824a SHA512 ea1e59e1c4e6d98ca0058f42bd7454768cafb8c410611350eaaa7e232d7c580f61986f41de5fdeb752b73bd9cafd04c1e9ab44975b8d177e63537ed991418fc4 +AUX ospd-openvas.service_notus.conf 479 BLAKE2B f0c63fdd48396c39001823890aafe08228b2b37d14b81b02350b9ab0c31c02905c4b407785ca7b325f1ef48f92e38bf6f4bba287c406a274974c51d402a35dce SHA512 5d95f366f7b139717897b668e86d3f98ef98d7744106ecf456e5ba6bcf37ea6baa19a7925a46853a5f31a76c94a2537309fd944d5b99b07da19c020128937153 DIST ospd-openvas-21.4.4.tar.gz 173368 BLAKE2B 4568eb45bb999d0ff2cf91652dd56000bceb967f5c37c3061735322d1c72165f9b869c8b48694b37fd6d684679fa1bbff4a5550076bbcfcee5936b470cb04700 SHA512 3981b0a9044f90243fe06f15b0d8ee5a6b1a334556f6de76955aecda0404da2f8bd1d39bf547093a31c244f0aabae819f5e45e8c518984fc7d50764a267086e9 +DIST ospd-openvas-22.5.1.tar.gz 253605 BLAKE2B 6f4ecc31f1c47941154973bfca92818fdfe6942b5091d84234d81e287c0871f91deefc25f16790015ab1c57366b92ae42e236673c44848fdaab491caa042693f SHA512 2f92a09b4b9abced9f122eb2ac2dedf652b8c673e3d4ce5676a356da573816cd0f20769540a94919b35d6612ffb8a86b75dc704eae75c1e63150255e564e3349 EBUILD ospd-openvas-21.4.4-r4.ebuild 1902 BLAKE2B 67a71298b7506ca6906599d8e7c9edb8b6f98337f267913849a5cc112dc949559114914c0e8116cf8945e4b344ff2e15e1f4bcdab4980fa9bf849405b8b02c2f SHA512 f636d9181d96010c7367912d6421f2ab12d55df26bed987e77ab77e26d745002775ff2236c5325950e8ceaf6fc3b3746c9e0944602c0547f31b213bf8347afe3 -MISC metadata.xml 726 BLAKE2B d5d1e99e82b0b5762c13cd964c7d5cacab948f3d3062da81f74c1d08b168fc56db606f52f8c13caa2e1fc852aa2b683ded027ffee34b0918b3042b8c1e72056c SHA512 8a2f43de531fedc1ee9f498294fcfa8f30f0a2e7b725b77847d337ae53e8075e7e932f6c453eb39cdc38ad59705468fcbb8e854f7dfb08b92c8d6b243f673da9 +EBUILD ospd-openvas-22.5.1.ebuild 1952 BLAKE2B 2f172ac7eb7212ae18a6466646715e8e03cb3650260adf0cd75343c2e348b35ee25b49f491a2bc1dc7f95a1fc20811eda471a7a16cf2252bcdf77ad5cfc0564f SHA512 f4312c3fc63a87d615a2daaf78c245b662a7efcde939460a62aa7da02a2522137466f87e793c61923b755d671dc5e38f3a874bffb1f3992cd6e8dfbf0aa67af1 +MISC metadata.xml 1029 BLAKE2B 603e12bc771225baa50afc6e5254b64215055d9399c9d1862611150a49a74f397af610676ca273506f2359513b42d91786ef9f7c9100789437c00b8e59f6ccb2 SHA512 bf49f3444f277ae4b798a5c01d4c4dc5804187479774e85a9ea7481bae3b596df6f330979560ed43aa310cab72ba50dae4eeefe65a8e7dc6ada14659122ccaf7 diff --git a/net-analyzer/ospd-openvas/files/ospd-openvas-22.initd b/net-analyzer/ospd-openvas/files/ospd-openvas-22.initd new file mode 100644 index 000000000000..f43f75802729 --- /dev/null +++ b/net-analyzer/ospd-openvas/files/ospd-openvas-22.initd @@ -0,0 +1,21 @@ +#!/sbin/openrc-run +# Copyright 2020 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +name="remotely control an OpenVAS Scanner" +command=/usr/bin/ospd-openvas +pidfile="/run/${RC_SVCNAME}.pid" +command_args="${OSPD_OPENVAS_OPTIONS} \ + ${OSPD_OPENVAS_UNIX_SOCKET} \ + ${OSPD_OPENVAS_SOCKET_MODE} \ + --pid-file ${pidfile} \ + --config /etc/openvas/ospd.conf" + +depend() { + after bootmisc + need localmount redis-openvas +} + +start_pre() { + checkpath -d /var/run/ospd +} diff --git a/net-analyzer/ospd-openvas/files/ospd-openvas.service.conf b/net-analyzer/ospd-openvas/files/ospd-openvas.service.conf new file mode 100644 index 000000000000..976d81bc72bc --- /dev/null +++ b/net-analyzer/ospd-openvas/files/ospd-openvas.service.conf @@ -0,0 +1,7 @@ +[Unit] +After=network.target networking.service redis-openvas.service mosquitto.service +Wants=redis-openvas.service +PartOf=gvm.target + +[Service] +ExecStartPre=+setfacl -m u:gvm:rw /run/redis-openvas/redis.sock diff --git a/net-analyzer/ospd-openvas/files/ospd-openvas.service_notus.conf b/net-analyzer/ospd-openvas/files/ospd-openvas.service_notus.conf new file mode 100644 index 000000000000..cd8b7d8d0e70 --- /dev/null +++ b/net-analyzer/ospd-openvas/files/ospd-openvas.service_notus.conf @@ -0,0 +1,9 @@ +[Unit] +After=network.target networking.service redis-openvas.service mosquitto.service +Wants=redis-openvas.service +PartOf=gvm.target + +[Service] +ExecStartPre=+setfacl -m u:gvm:rw /run/redis-openvas/redis.sock +ExecStart= +ExecStart=/usr/bin/ospd-openvas --config /etc/gvm/ospd-openvas.conf --log-config /etc/gvm/ospd-logging.conf --lock-file-dir /var/lib/openvas --socket-mode 0o770 --mqtt-broker-address localhost --mqtt-broker-port 1883 --notus-feed-dir /var/lib/notus/advisories diff --git a/net-analyzer/ospd-openvas/metadata.xml b/net-analyzer/ospd-openvas/metadata.xml index 3f6d058084e3..18eb90f3e699 100644 --- a/net-analyzer/ospd-openvas/metadata.xml +++ b/net-analyzer/ospd-openvas/metadata.xml @@ -1,6 +1,10 @@ + + foti.giuseppe@gmail.com + Giuseppe Foti + jonas.licht@gmail.com Jonas Licht @@ -13,4 +17,10 @@ This is an OSP server implementation to allow GVM to remotely control OpenVAS. Once running, you need to configure OpenVAS for the Greenbone Vulnerability Manager, for example via the web interface Greenbone Security Assistant. Then you can create scan tasks to use OpenVAS. + + Set systemd service file to use notus-scanner + + + greenbone/ospd-openvas + diff --git a/net-analyzer/ospd-openvas/ospd-openvas-22.5.1.ebuild b/net-analyzer/ospd-openvas/ospd-openvas-22.5.1.ebuild new file mode 100644 index 000000000000..5aa80f75d415 --- /dev/null +++ b/net-analyzer/ospd-openvas/ospd-openvas-22.5.1.ebuild @@ -0,0 +1,77 @@ +# Copyright 2020-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +PYTHON_COMPAT=( python3_{10..11} ) +DISTUTILS_USE_PEP517=poetry +inherit distutils-r1 systemd + +DESCRIPTION="This is an OSP server implementation to allow GVM to remotely control OpenVAS" +HOMEPAGE="https://www.greenbone.net https://github.com/greenbone/ospd-openvas" +SRC_URI="https://github.com/greenbone/ospd-openvas/archive/v${PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="AGPL-3+ GPL-2+" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="doc +notus" + +DEPEND=" + acct-user/gvm + dev-python/defusedxml[${PYTHON_USEDEP}] + dev-python/deprecated[${PYTHON_USEDEP}] + dev-python/lxml[${PYTHON_USEDEP}] + >=dev-python/packaging-20.4[${PYTHON_USEDEP}] + dev-python/paramiko[${PYTHON_USEDEP}] + >=dev-python/psutil-5.7.0[${PYTHON_USEDEP}] + >=dev-python/redis-3.5.3[${PYTHON_USEDEP}] + >=dev-python/python-gnupg-0.5.0[${PYTHON_USEDEP}] + dev-libs/paho-mqtt-c + app-misc/mosquitto +" +RDEPEND=" + ${DEPEND} + app-admin/sudo + >=net-analyzer/openvas-scanner-${PV} + notus? ( >=net-analyzer/notus-scanner-22.4 ) +" + +distutils_enable_tests unittest + +python_compile() { + if use doc; then + bash "${S}"/docs/generate || die + HTML_DOCS=( "${S}"/docs/. ) + fi + distutils-r1_python_compile +} + +python_install() { + distutils-r1_python_install + + insinto /etc/gvm + doins config/${PN}.conf + if ! use prefix; then + fowners -R gvm:gvm /etc/gvm + fi + + newinitd "${FILESDIR}/${PN}-22.initd" "${PN}" + newconfd "${FILESDIR}/${PN}.confd" "${PN}" + + systemd_dounit config/${PN}.service + + if use notus; then + systemd_install_serviced "${FILESDIR}/ospd-openvas.service_notus.conf" \ + ${PN}.service + else + systemd_install_serviced "${FILESDIR}/ospd-openvas.service.conf" \ + ${PN}.service + fi + + # OSPD OpenVAS attempts to call openvas via sudo as network security + # scanning often requires priviliged operations. + insinto /etc/sudoers.d + newins - openvas <<-EOF + gvm ALL = NOPASSWD: /usr/bin/openvas +EOF +} -- cgit v1.2.3