From 73d0bd24fdc3fc390c94366d704540648c0b9e63 Mon Sep 17 00:00:00 2001 From: Giuseppe Foti Date: Sat, 20 May 2023 19:22:43 +0200 Subject: net-analyzer/notus-scanner: new package, add 22.5.0 Signed-off-by: Giuseppe Foti Signed-off-by: Florian Schmaus --- net-analyzer/notus-scanner/Manifest | 1 + .../notus-scanner/files/notus-scanner.confd | 11 ++++ .../notus-scanner/files/notus-scanner.initd | 23 ++++++++ .../notus-scanner/files/notus-scanner.service.conf | 7 +++ .../notus-scanner/files/notus-scanner.toml | 8 +++ net-analyzer/notus-scanner/metadata.xml | 19 +++++++ .../notus-scanner/notus-scanner-22.5.0.ebuild | 63 ++++++++++++++++++++++ profiles/features/musl/package.mask | 1 + 8 files changed, 133 insertions(+) create mode 100644 net-analyzer/notus-scanner/Manifest create mode 100644 net-analyzer/notus-scanner/files/notus-scanner.confd create mode 100644 net-analyzer/notus-scanner/files/notus-scanner.initd create mode 100644 net-analyzer/notus-scanner/files/notus-scanner.service.conf create mode 100644 net-analyzer/notus-scanner/files/notus-scanner.toml create mode 100644 net-analyzer/notus-scanner/metadata.xml create mode 100644 net-analyzer/notus-scanner/notus-scanner-22.5.0.ebuild diff --git a/net-analyzer/notus-scanner/Manifest b/net-analyzer/notus-scanner/Manifest new file mode 100644 index 000000000000..653ff84e4195 --- /dev/null +++ b/net-analyzer/notus-scanner/Manifest @@ -0,0 +1 @@ +DIST notus-scanner-22.5.0.tar.gz 320894 BLAKE2B 3bf0cb633ad2636d9430705459d841b717139b162bd39f30a6bf06dafe1647b94c0e791b05390d340f97a4ff83351cbd71be6d5b1793dda82c6cad9250ce18c2 SHA512 48576d26a65c439fb00b345d97ba9917c3c2bf99ab5c94ed4488e4638c0442fdcd721ed8a08be147481a01bffc3eadec25029c0d6cd1aed2381221250b16c19d diff --git a/net-analyzer/notus-scanner/files/notus-scanner.confd b/net-analyzer/notus-scanner/files/notus-scanner.confd new file mode 100644 index 000000000000..5000145abaeb --- /dev/null +++ b/net-analyzer/notus-scanner/files/notus-scanner.confd @@ -0,0 +1,11 @@ +# Notus Scanner command args + +NOTUS_SCANNER_OPTIONS="--log-file=/var/log/gvm/notus-scanner.log" + +NOTUS_SCANNER_MQTT_BROKER_ADDRESS="--mqtt-broker-address localhost" + +NOTUS_SCANNER_MQTT_BROKER_PORT="--mqtt-broker-port 1883" + +NOTUS_SCANNER_PRODUCTS_DIRECTORY="--products-directory /var/lib/notus/products" + +NOTUS_DISABLE_HASHSUM_VERIFICATION="--disable-hashsum-verification false" diff --git a/net-analyzer/notus-scanner/files/notus-scanner.initd b/net-analyzer/notus-scanner/files/notus-scanner.initd new file mode 100644 index 000000000000..e00e9118e32e --- /dev/null +++ b/net-analyzer/notus-scanner/files/notus-scanner.initd @@ -0,0 +1,23 @@ +#!/sbin/openrc-run +# Copyright 2023Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +name="Greenbone Notus Scanner" +command=/usr/bin/notus-scanner +pidfile="/run/notus-scanner/${RC_SVCNAME}.pid" +command_args="${NOTUS_SCANNER_OPTIONS} \ + ${NOTUS_SCANNER_MQTT_BROKER_ADDRESS} \ + ${NOTUS_SCANNER_MQTT_BROKER_PORT} \ + ${NOTUS_SCANNER_PRODUCTS_DIRECTORY} \ + ${NOTUS_DISABLE_HASHSUM_VERIFICATION} \ + --pid-file ${pidfile} \ + --config /etc/gvm/notus-scanner.toml" + +depend() { + after bootmisc + need localmount mosquitto +} + +start_pre() { + checkpath -d /var/run/notus-scanner +} diff --git a/net-analyzer/notus-scanner/files/notus-scanner.service.conf b/net-analyzer/notus-scanner/files/notus-scanner.service.conf new file mode 100644 index 000000000000..aea5c10e8fad --- /dev/null +++ b/net-analyzer/notus-scanner/files/notus-scanner.service.conf @@ -0,0 +1,7 @@ +[Unit] +PartOf=gvm.target + +[Service] +Type=forking +ExecStart= +ExecStart=/usr/bin/notus-scanner diff --git a/net-analyzer/notus-scanner/files/notus-scanner.toml b/net-analyzer/notus-scanner/files/notus-scanner.toml new file mode 100644 index 000000000000..cff33c77afc8 --- /dev/null +++ b/net-analyzer/notus-scanner/files/notus-scanner.toml @@ -0,0 +1,8 @@ +[notus-scanner] +mqtt-broker-address = "localhost" +mqtt-broker-port = "1883" +products-directory = "/var/lib/notus/products" +pid-file = "/run/notus-scanner/notus-scanner.pid" +log-file = "/var/log/gvm/notus-scanner.log" +log-level = "INFO" +disable-hashsum-verification = false diff --git a/net-analyzer/notus-scanner/metadata.xml b/net-analyzer/notus-scanner/metadata.xml new file mode 100644 index 000000000000..06038ba8d06e --- /dev/null +++ b/net-analyzer/notus-scanner/metadata.xml @@ -0,0 +1,19 @@ + + + + + foti.giuseppe@gmail.com + Giuseppe Foti + + + proxy-maint@gentoo.org + Proxy Maintainers + + + This is a new scanner that scans after every regular scan, so no user interaction is necessary. + It offers better performance due to less system resource consumption and thus, faster scanning. + + + greenbone/notus-scanner + + diff --git a/net-analyzer/notus-scanner/notus-scanner-22.5.0.ebuild b/net-analyzer/notus-scanner/notus-scanner-22.5.0.ebuild new file mode 100644 index 000000000000..3d2b52bf6bee --- /dev/null +++ b/net-analyzer/notus-scanner/notus-scanner-22.5.0.ebuild @@ -0,0 +1,63 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +PYTHON_COMPAT=( python3_{10..11} ) +DISTUTILS_USE_PEP517=poetry +inherit distutils-r1 systemd + +DESCRIPTION="Notus is a vulnerability scanner for creating results from local security checks" +HOMEPAGE="https://github.com/greenbone/notus-scanner" +SRC_URI="https://github.com/greenbone/notus-scanner/archive/refs/tags/v${PV}.tar.gz -> ${P}.tar.gz" + +SLOT="0" +LICENSE="AGPL-3 AGPL-3+" +KEYWORDS="~amd64 ~x86" +RESTRICT="!test? ( test )" + +DEPEND=" + acct-user/gvm + dev-libs/paho-mqtt-c + dev-python/psutil[${PYTHON_USEDEP}] + >=dev-python/python-gnupg-0.5.0[${PYTHON_USEDEP}] + =dev-python/sentry-sdk-1.22.2[${PYTHON_USEDEP}] + >=dev-python/rope-1.8.0[${PYTHON_USEDEP}] + >=dev-python/paho-mqtt-1.5.1[${PYTHON_USEDEP}] + (2023-05-19) # New packages that require blocked packages in the previous block. dev-db/pg-gvm +net-analyzer/notus-scanner # Petr Vaněk (2022-09-23) # Musl does not implement rresvport function, bugs #713810 and #713376. -- cgit v1.2.3-65-gdbad