FS#47873 - [openvas-{manager,scanner}] [greenbone-security-assistant] use Redhat Systemd units for openvas

Attached to Project: Community Packages
Opened by GI Jack (GI_Jack) - Saturday, 23 January 2016, 19:37 GMT
Last edited by Andreas Radke (AndyRTR) - Sunday, 10 October 2021, 20:04 GMT
Task Type Feature Request
Category Packages
Status Closed
Assigned To Levente Polyak (anthraxx)
Architecture All
Severity Low
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No

Details

Description:
ship the systemd units and related configuration files for community openvas packages. Alternatively, remove the single systemd unit from openvas-scanner, and support openvas-systemd in AUR.

https://aur.archlinux.org/packages/openvas-systemd/

Additional info:
* package version(s)
openvas-manager 6.0.6-1
openvas-scanner 5.0.4-3
greenbone-security-assistant 6.0.6-1

from [community]

a shabby .service file exists for openvas-scanner

modified versions of the RH-based units from atomic corp.

https://aur.archlinux.org/packages/openvas-systemd/
This task depends upon

Closed by  Andreas Radke (AndyRTR)
Sunday, 10 October 2021, 20:04 GMT
Reason for closing:  None
Additional comments about closing:  This is entirely obsolete as the package has been retired and replaced entirely with GSAD which has a systemd unit

Comment by GI Jack (GI_Jack) - Wednesday, 27 January 2016, 19:40 GMT
openvas-scanner done.
Comment by GI Jack (GI_Jack) - Wednesday, 27 January 2016, 20:02 GMT
woops

updated PKG for -scanner and also made one for manager. Tested both compile and put the right files in right locations.

I need to step away from the computer right now, I'll make a new PKG for gsad later.
Comment by GI Jack (GI_Jack) - Tuesday, 16 February 2016, 18:29 GMT
finnished all packages. You should be able to replace current PKGBUILD scripts with the ones attached. These are based off the packages found in ABS, but with the service and logrotate and related files added.

Some noted modifications from the RH versions

* Addition of GNUTLS_PROIRITIES settings, with a secure default. the OpenVAS defaults are terrible, and use broken ciphers for the web interface.

* moved /etc/sysconfig, a redhat-ism, to /etc/default. These scripts are parsed by the systemd units.

Background: These are the same systemd units I helped write for turtle in the atomic corp a few months ago.

Can you please mainline this.
Comment by GI Jack (GI_Jack) - Thursday, 18 February 2016, 01:35 GMT
OK, I did all the work, can you mainline this please?
Comment by Daniel Micay (thestinger) - Thursday, 18 February 2016, 21:38 GMT
I'll get to it when I have some time. I appreciate that you put in the effort to do this.
Comment by GI Jack (GI_Jack) - Thursday, 25 February 2016, 20:18 GMT
anytime, also, you probably want to package this script with one of the packages:

https://svn.wald.intevation.org/svn/openvas/trunk/tools/openvas-check-setup

Its a crucial part of the install proccess.

I do my best, getting OpenVAS running takes about a day(8 full working hours) or more of labor. The systemd units make running an OpenVAS server far easier.

edit: in the meantime, can you delete the existing openvas-scanner.service file from the package in openvas-scanner

rationale: its pretty terrible, and it conflicts with the existing openvas-systemd package in AUR with the good files.
Comment by GI Jack (GI_Jack) - Monday, 28 May 2018, 12:49 GMT
Its been years. Any updates?
Comment by Eli Schwartz (eschwartz) - Thursday, 07 June 2018, 02:58 GMT
The maintainer retired from Arch Linux a while back.

Have there been any updates in opening a pull request with upstream?
Comment by GI Jack (GI_Jack) - Monday, 11 June 2018, 15:27 GMT
No. Anyways, the files are not valid anymore due to changes with OpenVAS 9. New units in the AUR package:

https://aur.archlinux.org/packages/openvas-systemd/
Comment by GI Jack (GI_Jack) - Saturday, 08 September 2018, 20:22 GMT
I tried submitting them upstream, but the maintainers thought this was a distribution error:

https://github.com/greenbone/gvm/pull/142

https://github.com/greenbone/openvas-scanner/pull/131

Can I get an update on this please. Arch Linux is shipping daemons without service files.
Comment by Eli Schwartz (eschwartz) - Sunday, 09 September 2018, 04:23 GMT
I've commented on those pull requests and hopefully they will change their mind. If not, then it is up to Shibumi and anthraxx to decide how to handle this.

Thanks for persevering either way. :)
Comment by GI Jack (GI_Jack) - Thursday, 07 March 2019, 10:29 GMT
Several Months Later?

pwwwweease?
Comment by Christian Rebischke (Shibumi) - Tuesday, 09 April 2019, 21:58 GMT
Hi,
I still wait for systemd service files from upstream. Upstream said they would care about this. We have also to rename our openvas packages.
Comment by Christian Rebischke (Shibumi) - Saturday, 10 August 2019, 13:06 GMT
Hi,
I have updated the openvas / greenbone packages. The only package that still needs a service file is the `gvmd` one. A patch for it is welcome
Comment by GI Jack (GI_Jack) - Sunday, 11 August 2019, 00:51 GMT
Christian gvmd is simply openvas-manager, you can likely use the same files I uploaded just the appropriate renames
Comment by GI Jack (GI_Jack) - Sunday, 25 July 2021, 15:51 GMT
OpenVAS became GSAD, has a systemd unit, so all of this is now obsolete. closing

Loading...