diff options
Diffstat (limited to 'net-analyzer/gvmd/files')
-rw-r--r-- | net-analyzer/gvmd/files/gvm-sync-all | 31 | ||||
-rw-r--r-- | net-analyzer/gvmd/files/gvm-sync-all.service | 7 | ||||
-rw-r--r-- | net-analyzer/gvmd/files/gvm-sync-all.timer | 9 | ||||
-rw-r--r-- | net-analyzer/gvmd/files/gvmd-21.4.5.init | 30 | ||||
-rw-r--r-- | net-analyzer/gvmd/files/gvmd-22.init | 24 | ||||
-rw-r--r-- | net-analyzer/gvmd/files/gvmd-daemon-22.conf (renamed from net-analyzer/gvmd/files/gvmd-daemon.conf) | 7 | ||||
-rw-r--r-- | net-analyzer/gvmd/files/gvmd.service.conf | 23 |
7 files changed, 52 insertions, 79 deletions
diff --git a/net-analyzer/gvmd/files/gvm-sync-all b/net-analyzer/gvmd/files/gvm-sync-all deleted file mode 100644 index d12b860e7fcb..000000000000 --- a/net-analyzer/gvmd/files/gvm-sync-all +++ /dev/null @@ -1,31 +0,0 @@ -#!/usr/bin/env bash -set -euo pipefail - -case ${USER} in - root) - exec su --shell /bin/bash --command "$0 $@" gvm - ;; - gvm) - ;; - *) - >&2 echo "Must be run as root or gvm user not ${USER}" - exit 1 - ;; -esac - -while getopts d OPTION "$@"; do - case ${OPTION} in - d) - set -x - ;; - esac -done -shift $((OPTIND - 1)) - -greenbone-nvt-sync -# Note that Greenbone recommends to sync CERT *after* SCAP, as the -# former depends on the later. See -# https://github.com/greenbone/gvmd/blob/main/INSTALL.md#keeping-the-feeds-up-to-date -for FEED_TYPE in SCAP CERT GVMD_DATA; do - greenbone-feed-sync --type ${FEED_TYPE} -done diff --git a/net-analyzer/gvmd/files/gvm-sync-all.service b/net-analyzer/gvmd/files/gvm-sync-all.service deleted file mode 100644 index a82e2950f3fd..000000000000 --- a/net-analyzer/gvmd/files/gvm-sync-all.service +++ /dev/null @@ -1,7 +0,0 @@ -[Unit] -Description=Update all feeds of the Greenbone Vulerability Management (GMV) suite -After=network-online.target - -[Service] -ExecStart=/usr/sbin/gvm-sync-all -User=gvm diff --git a/net-analyzer/gvmd/files/gvm-sync-all.timer b/net-analyzer/gvmd/files/gvm-sync-all.timer deleted file mode 100644 index 9faf470e013c..000000000000 --- a/net-analyzer/gvmd/files/gvm-sync-all.timer +++ /dev/null @@ -1,9 +0,0 @@ -[Unit] -Description=Daily update of all feeds of the Greenbone Vulerability Management (GMV) suite - -[Timer] -OnCalendar=daily -RandomizedDelaySec=2hour - -[Install] -WantedBy=timers.target diff --git a/net-analyzer/gvmd/files/gvmd-21.4.5.init b/net-analyzer/gvmd/files/gvmd-21.4.5.init deleted file mode 100644 index 047ad8446a4f..000000000000 --- a/net-analyzer/gvmd/files/gvmd-21.4.5.init +++ /dev/null @@ -1,30 +0,0 @@ -#!/sbin/openrc-run -# Copyright 1999-2022 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -: ${GVMD_USER:=gvm} -: ${GVMD_GROUP:=gvm} -: ${GVMD_TIMEOUT:=30} - -name="Greenbone Vulnerability Manager" -command=/usr/bin/gvmd -command_args="${GVMD_OPTIONS} ${GVMD_LISTEN_ADDRESS_TCP} ${GVMD_PORT} ${GVMD_SCANNER_HOST} ${GVMD_GNUTLS_PRIORITIES}" -command_user="${GVMD_USER}:${GVMD_GROUP}" -pidfile="/run/gvmd/gvmd.pid" -retry="${GVMD_TIMEOUT}" - -depend() { - after bootmisc - need localmount net ospd-openvas -} - -start_pre() { - mkdir /run/gvmd - for p in gvm-checking gvm-create-functions gvm-helping gvm-migrating gvm-serving; do - touch /run/gvmd/${p} - done - chown -R gvm:gvm /run/gvmd/ - - touch /run/feed-update.lock - chown gvm:gvm /run/feed-update.lock -} diff --git a/net-analyzer/gvmd/files/gvmd-22.init b/net-analyzer/gvmd/files/gvmd-22.init new file mode 100644 index 000000000000..fdae00af6317 --- /dev/null +++ b/net-analyzer/gvmd/files/gvmd-22.init @@ -0,0 +1,24 @@ +#!/sbin/openrc-run +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +: ${GVMD_USER:=gvm} +: ${GVMD_GROUP:=$(id -ng ${GVMD_USER})} +: ${GVMD_TIMEOUT:=30} + +name="Greenbone Vulnerability Manager" +command=/usr/bin/gvmd +command_args="${GVMD_VT_UPDATE} ${GVMD_OPTIONS} ${GVMD_LISTEN_ADDRESS_TCP} ${GVMD_PORT} ${GVMD_SCANNER_HOST} ${GVMD_GNUTLS_PRIORITIES}" +command_user="${GVMD_USER}:${GVMD_GROUP}" +pidfile="/run/gvmd/gvmd.pid" +retry="${GVMD_TIMEOUT}" + +depend() { + after bootmisc postgresql postgresql-9.6 postgresql-10 postgresql-11 postgresql-12 postgresql-13 postgresql-14 postgresql-15 postgresql-16 + want postgresql postgresql-9.6 postgresql-10 postgresql-11 postgresql-12 postgresql-13 postgresql-14 postgresql-15 postgresql-16 + need localmount net ospd-openvas +} + +start_pre() { + checkpath -d --owner ${GVMD_USER} /run/gvmd +} diff --git a/net-analyzer/gvmd/files/gvmd-daemon.conf b/net-analyzer/gvmd/files/gvmd-daemon-22.conf index d97da00c7688..061609e1c45c 100644 --- a/net-analyzer/gvmd/files/gvmd-daemon.conf +++ b/net-analyzer/gvmd/files/gvmd-daemon-22.conf @@ -5,7 +5,7 @@ GVMD_OPTIONS="" # Manager listen address unix socket # Failing under non-root user (looking for solution) -GVMD_LISTEN_ADDRESS_UNIX="--unix-socket=/var/run/gvmd.sock" +GVMD_LISTEN_ADDRESS_UNIX="--unix-socket=/run/gvmd/gvmd.sock" # Manager listen address TCP GVMD_LISTEN_ADDRESS_TCP="--listen=127.0.0.1" @@ -23,7 +23,10 @@ GVMD_LISTEN_GROUP="--listen-group=gvm" GVMD_LISTEN_MODE="--listen-mode=755" # Scanner listen address unix socket -GVMD_SCANNER_HOST="--scanner-host=/var/run/openvassd.sock" +GVMD_SCANNER_HOST="--scanner-host=/run/ospd/ospd-openvas.sock" + +# Update vt +GVMD_VT_UPDATE="--osp-vt-update=/run/ospd/ospd-openvas.sock" # TLS settings GVMD_GNUTLS_PRIORITIES="--gnutls-priorities=SECURE256:+SUITEB192:+SECURE192:+SECURE128:+SUITEB128:-MD5:-SHA1:-VERS-TLS1.0:-VERS-TLS1.1:-VERS-SSL3.0" diff --git a/net-analyzer/gvmd/files/gvmd.service.conf b/net-analyzer/gvmd/files/gvmd.service.conf new file mode 100644 index 000000000000..2e22ddab18c3 --- /dev/null +++ b/net-analyzer/gvmd/files/gvmd.service.conf @@ -0,0 +1,23 @@ +[Unit] +After=postgresql-9.6.service +After=postgresql-10.service +After=postgresql-11.service +After=postgresql-12.service +After=postgresql-13.service +After=postgresql-14.service +After=postgresql-15.service +After=postgresql-16.service +Wants=postgresql-9.6.service +Wants=postgresql-10.service +Wants=postgresql-11.service +Wants=postgresql-12.service +Wants=postgresql-13.service +Wants=postgresql-14.service +Wants=postgresql-15.service +Wants=postgresql-16.service +PartOf=gvm.target + +[Service] +Type=exec +ExecStart= +ExecStart=/usr/bin/gvmd --foreground --osp-vt-update=/run/ospd/ospd-openvas.sock --listen-group=gvm |