Community Packages

Please read this before reporting a bug:

Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.

REPEAT: Do NOT report bugs for outdated packages!

FS#47873 - [openvas-{manager,scanner}] [greenbone-security-assistant] use Redhat Systemd units for openvas

Attached to Project: Community Packages
Opened by GI Jack (GI_Jack) - Saturday, 23 January 2016, 19:37 GMT
Last edited by Christian Rebischke (Shibumi) - Saturday, 04 April 2020, 12:08 GMT
Task Type Feature Request
Category Packages
Status Assigned
Assigned To Levente Polyak (anthraxx)
Architecture All
Severity Low
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 0%
Votes 1
Private No


ship the systemd units and related configuration files for community openvas packages. Alternatively, remove the single systemd unit from openvas-scanner, and support openvas-systemd in AUR.

Additional info:
* package version(s)
openvas-manager 6.0.6-1
openvas-scanner 5.0.4-3
greenbone-security-assistant 6.0.6-1

from [community]

a shabby .service file exists for openvas-scanner

modified versions of the RH-based units from atomic corp.
This task depends upon

Comment by GI Jack (GI_Jack) - Wednesday, 27 January 2016, 19:40 GMT
openvas-scanner done.
Comment by GI Jack (GI_Jack) - Wednesday, 27 January 2016, 20:02 GMT

updated PKG for -scanner and also made one for manager. Tested both compile and put the right files in right locations.

I need to step away from the computer right now, I'll make a new PKG for gsad later.
Comment by GI Jack (GI_Jack) - Tuesday, 16 February 2016, 18:29 GMT
finnished all packages. You should be able to replace current PKGBUILD scripts with the ones attached. These are based off the packages found in ABS, but with the service and logrotate and related files added.

Some noted modifications from the RH versions

* Addition of GNUTLS_PROIRITIES settings, with a secure default. the OpenVAS defaults are terrible, and use broken ciphers for the web interface.

* moved /etc/sysconfig, a redhat-ism, to /etc/default. These scripts are parsed by the systemd units.

Background: These are the same systemd units I helped write for turtle in the atomic corp a few months ago.

Can you please mainline this.
Comment by GI Jack (GI_Jack) - Thursday, 18 February 2016, 01:35 GMT
OK, I did all the work, can you mainline this please?
Comment by Daniel Micay (thestinger) - Thursday, 18 February 2016, 21:38 GMT
I'll get to it when I have some time. I appreciate that you put in the effort to do this.
Comment by GI Jack (GI_Jack) - Thursday, 25 February 2016, 20:18 GMT
anytime, also, you probably want to package this script with one of the packages:

Its a crucial part of the install proccess.

I do my best, getting OpenVAS running takes about a day(8 full working hours) or more of labor. The systemd units make running an OpenVAS server far easier.

edit: in the meantime, can you delete the existing openvas-scanner.service file from the package in openvas-scanner

rationale: its pretty terrible, and it conflicts with the existing openvas-systemd package in AUR with the good files.
Comment by GI Jack (GI_Jack) - Monday, 28 May 2018, 12:49 GMT
Its been years. Any updates?
Comment by Eli Schwartz (eschwartz) - Thursday, 07 June 2018, 02:58 GMT
The maintainer retired from Arch Linux a while back.

Have there been any updates in opening a pull request with upstream?
Comment by GI Jack (GI_Jack) - Monday, 11 June 2018, 15:27 GMT
No. Anyways, the files are not valid anymore due to changes with OpenVAS 9. New units in the AUR package:
Comment by GI Jack (GI_Jack) - Saturday, 08 September 2018, 20:22 GMT
I tried submitting them upstream, but the maintainers thought this was a distribution error:

Can I get an update on this please. Arch Linux is shipping daemons without service files.
Comment by Eli Schwartz (eschwartz) - Sunday, 09 September 2018, 04:23 GMT
I've commented on those pull requests and hopefully they will change their mind. If not, then it is up to Shibumi and anthraxx to decide how to handle this.

Thanks for persevering either way. :)
Comment by GI Jack (GI_Jack) - Thursday, 07 March 2019, 10:29 GMT
Several Months Later?

Comment by Christian Rebischke (Shibumi) - Tuesday, 09 April 2019, 21:58 GMT
I still wait for systemd service files from upstream. Upstream said they would care about this. We have also to rename our openvas packages.
Comment by Christian Rebischke (Shibumi) - Saturday, 10 August 2019, 13:06 GMT
I have updated the openvas / greenbone packages. The only package that still needs a service file is the `gvmd` one. A patch for it is welcome
Comment by GI Jack (GI_Jack) - Sunday, 11 August 2019, 00:51 GMT
Christian gvmd is simply openvas-manager, you can likely use the same files I uploaded just the appropriate renames