├── .gitlab-ci.yml
├── CHANGELOG.md
├── LICENSE
├── README.md
├── SOURCES
├── openvas-cert-sync-cronjob
├── openvas-check-setup
├── openvas-nvt-sync-cronjob
└── openvas-scap-sync-cronjob
├── contrib
└── openvas
│ └── debian
│ ├── .git-dpm
│ ├── changelog
│ ├── compat
│ ├── control
│ ├── copyright
│ ├── openvas.install
│ ├── rules
│ └── source
│ └── format
├── docker
├── jessie
│ ├── Dockerfile
│ └── builder.sh
├── kali
│ ├── Dockerfile
│ └── builder.sh
├── mint
│ ├── .Dockerfile.swp
│ ├── Dockerfile
│ └── builder.sh
├── stretch
│ ├── .Dockerfile.swp
│ ├── Dockerfile
│ └── builder.sh
├── trusty
│ ├── Dockerfile
│ └── builder.sh
└── xenial
│ ├── .Dockerfile.swp
│ ├── Dockerfile
│ └── builder.sh
├── gvm.spec
├── mock
├── el6-i386.cfg
├── el6-x86_64.cfg
├── el7-x86_64.cfg
├── el8-x86_64.cfg
├── el9-x86_64.cfg
├── fc30-x86_64.cfg
├── fc32-x86_64.cfg
├── fc33-x86_64.cfg
├── fc34-x86_64.cfg
├── fc35-x86_64.cfg
├── fc36-x86_64.cfg
├── fc37-x86_64.cfg
└── logging.ini
├── src
└── gvm
│ ├── LICENSE
│ ├── comment.sty
│ ├── gvm.cron
│ ├── gvm.sudo
│ ├── openvas-cert-sync
│ ├── openvas-check-setup
│ ├── openvas-nvt-sync
│ ├── openvas-scap-sync
│ ├── openvas-setup
│ └── openvas.service
├── tests
├── Dockerfile
├── config
│ ├── comment.sty
│ ├── gsad
│ ├── internal-testing.repo
│ ├── redis.conf
│ └── texlive.repo
└── run.sh
└── version
/.gitlab-ci.yml:
--------------------------------------------------------------------------------
1 | stages:
2 | - prep
3 | - build
4 | - test
5 |
6 |
7 |
8 | # Ubuntu 16
9 | # EOL: 04/01/2021
10 | #build-kali-x86_64:
11 | # stage: build
12 | # before_script:
13 | # - mkdir -p ~/rpmbuild/{BUILD,RPMS,SOURCES,SPECS,SRPMS}
14 | # - rm -rf ~/rpmbuild/BUILD/* || true
15 | # - cp *.spec ~/rpmbuild/SPECS/
16 | # - rm -rf ~/rpmbuild/SOURCES/*
17 | # - cp SOURCES/* ~/rpmbuild/SOURCES/
18 | # - cd src/ && tar zcvf ~/rpmbuild/SOURCES/gvm-20.8.0.tar.gz gvm-20.8.0/ && cd ..
19 | # - git clone https://gitlab.dev.atomicorp.com/atomicrocketturtle/buildsys-tools
20 | # - cp buildsys-tools/* ~/bin/
21 | # - chmod +x ~/bin/build-debian.sh
22 | #
23 | # script:
24 | # - (if [[ $CI_BUILD_REF_NAME == "master" ]]; then dist=kali arch=amd64 ~/bin/build-debian.sh -b gvm.spec /mnt/repo/atomic-testing/debian/; else dist=kali arch=amd64 ~/bin/build-debian.sh -b gvm.spec /mnt/repo/atomic-bleeding/debian/; fi )
25 |
26 |
27 |
28 | #build-el7-x86_64:
29 | # stage: build
30 | # before_script:
31 | # - mkdir -p ~/rpmbuild/{BUILD,RPMS,SOURCES,SPECS,SRPMS}
32 | # - mkdir -p ~/mock
33 | # - cp mock/* ~/mock/
34 | # - cp *.spec ~/rpmbuild/SPECS/
35 | # - cp SOURCES/* ~/rpmbuild/SOURCES/
36 | # - cd src/ && tar zcvf ~/rpmbuild/SOURCES/gvm-20.8.0.tar.gz gvm-20.8.0/ && cd ..
37 | #
38 | #
39 | # script:
40 | # - (if [[ $CI_BUILD_REF_NAME == "master" ]]; then gitlab-build.sh el7-x86_64 gvm.spec /mnt/repo/atomic-testing/centos/7/x86_64/ ; else gitlab-build.sh el7-x86_64 gvm.spec /mnt/repo/atomic-bleeding/centos/7/x86_64/ ; fi )
41 | #
42 |
43 | build-el9-x86_64:
44 | stage: prep
45 | before_script:
46 | - mkdir -p ~/rpmbuild/{BUILD,RPMS,SOURCES,SPECS,SRPMS}
47 | - mkdir -p ~/mock
48 | - cp mock/* ~/mock/
49 | - cp *.spec ~/rpmbuild/SPECS/
50 | - cp SOURCES/* ~/rpmbuild/SOURCES/
51 | - cd src/ && tar zcvf ~/rpmbuild/SOURCES/gvm.tar.gz gvm/ && cd ..
52 |
53 |
54 | script:
55 | - (if [[ $CI_BUILD_REF_NAME == "master" ]]; then gitlab-build.sh el9-x86_64 gvm.spec /mnt/repo/atomic-testing/rocky/9/x86_64/ ; else gitlab-build.sh el9-x86_64 gvm.spec /mnt/repo/atomic-bleeding/rocky/9/x86_64/ ; fi )
56 |
57 |
58 | build-el8-x86_64:
59 | stage: build
60 | before_script:
61 | - mkdir -p ~/rpmbuild/{BUILD,RPMS,SOURCES,SPECS,SRPMS}
62 | - mkdir -p ~/mock
63 | - cp mock/* ~/mock/
64 | - cp *.spec ~/rpmbuild/SPECS/
65 | - cp SOURCES/* ~/rpmbuild/SOURCES/
66 | - cd src/ && tar zcvf ~/rpmbuild/SOURCES/gvm.tar.gz gvm/ && cd ..
67 |
68 |
69 | script:
70 | - (if [[ $CI_BUILD_REF_NAME == "master" ]]; then gitlab-build.sh el8-x86_64 gvm.spec /mnt/repo/atomic-testing/centos/8/x86_64/ ; else gitlab-build.sh el8-x86_64 gvm.spec /mnt/repo/atomic-bleeding/centos/8/x86_64/ ; fi )
71 |
72 | #build-fc32-x86_64:
73 | # stage: build
74 | # before_script:
75 | # - mkdir -p ~/rpmbuild/{BUILD,RPMS,SOURCES,SPECS,SRPMS}
76 | # - mkdir -p ~/mock
77 | # - cp mock/* ~/mock/
78 | # - cp gvm.spec ~/rpmbuild/SPECS/
79 | # - cp SOURCES/* ~/rpmbuild/SOURCES/
80 | # - cd src/ && tar zcvf ~/rpmbuild/SOURCES/gvm-20.8.0.tar.gz gvm-20.8.0/ && cd ..
81 | #
82 | #
83 | # script:
84 | # - (if [[ $CI_BUILD_REF_NAME == "master" ]]; then gitlab-build.sh fc32-x86_64 gvm.spec /mnt/repo/atomic-testing/fedora/32/x86_64 ; else gitlab-build.sh fc32-x86_64 gvm.spec /mnt/repo/atomic-bleeding/fedora/32/x86_64 ; fi )
85 | #
86 |
87 |
88 | build-fc35-x86_64:
89 | stage: build
90 | before_script:
91 | - mkdir -p ~/rpmbuild/{BUILD,RPMS,SOURCES,SPECS,SRPMS}
92 | - mkdir -p ~/mock
93 | - cp mock/* ~/mock/
94 | - cp gvm.spec ~/rpmbuild/SPECS/
95 | - cp SOURCES/* ~/rpmbuild/SOURCES/
96 | - cd src/ && tar zcvf ~/rpmbuild/SOURCES/gvm.tar.gz gvm/ && cd ..
97 |
98 |
99 | script:
100 | - (if [[ $CI_BUILD_REF_NAME == "master" ]]; then gitlab-build.sh fc35-x86_64 gvm.spec /mnt/repo/atomic-testing/fedora/35/x86_64 ; else gitlab-build.sh fc35-x86_64 gvm.spec /mnt/repo/atomic-bleeding/fedora/35/x86_64 ; fi )
101 |
102 | build-fc36-x86_64:
103 | stage: build
104 | before_script:
105 | - mkdir -p ~/rpmbuild/{BUILD,RPMS,SOURCES,SPECS,SRPMS}
106 | - mkdir -p ~/mock
107 | - cp mock/* ~/mock/
108 | - cp gvm.spec ~/rpmbuild/SPECS/
109 | - cp SOURCES/* ~/rpmbuild/SOURCES/
110 | - cd src/ && tar zcvf ~/rpmbuild/SOURCES/gvm.tar.gz gvm/ && cd ..
111 |
112 |
113 | script:
114 | - (if [[ $CI_BUILD_REF_NAME == "master" ]]; then gitlab-build.sh fc36-x86_64 gvm.spec /mnt/repo/atomic-testing/fedora/36/x86_64 ; else gitlab-build.sh fc36-x86_64 gvm.spec /mnt/repo/atomic-bleeding/fedora/36/x86_64 ; fi )
115 |
116 | build-fc37-x86_64:
117 | stage: build
118 | before_script:
119 | - mkdir -p ~/rpmbuild/{BUILD,RPMS,SOURCES,SPECS,SRPMS}
120 | - mkdir -p ~/mock
121 | - cp mock/* ~/mock/
122 | - cp gvm.spec ~/rpmbuild/SPECS/
123 | - cp SOURCES/* ~/rpmbuild/SOURCES/
124 | - cd src/ && tar zcvf ~/rpmbuild/SOURCES/gvm.tar.gz gvm/ && cd ..
125 |
126 |
127 | script:
128 | - (if [[ $CI_BUILD_REF_NAME == "master" ]]; then gitlab-build.sh fc37-x86_64 gvm.spec /mnt/repo/atomic-testing/fedora/37/x86_64 ; else gitlab-build.sh fc37-x86_64 gvm.spec /mnt/repo/atomic-bleeding/fedora/37/x86_64 ; fi )
129 |
130 |
131 |
132 |
133 | #test-el7-x86_65:
134 | # stage: test
135 | # script:
136 | # #- cd tests && docker build --build-arg HTTP_PROXY=http://10.66.6.1:3128 --build-arg http_proxy=http://10.66.6.1:3128 --build-arg RSYNC_PROXY=10.66.6.1:3128 .
137 | # - cd tests && docker build .
138 |
139 |
140 |
--------------------------------------------------------------------------------
/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | [20.08.0-14930]
2 | - Add PDF generation fixes
3 |
--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
1 | GNU AFFERO GENERAL PUBLIC LICENSE
2 | Version 3, 19 November 2007
3 |
4 | Copyright © 2007 Free Software Foundation, Inc.
5 | Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed.
6 |
7 | Preamble
8 | The GNU Affero General Public License is a free, copyleft license for software and other kinds of works, specifically designed to ensure cooperation with the community in the case of network server software.
9 |
10 | The licenses for most software and other practical works are designed to take away your freedom to share and change the works. By contrast, our General Public Licenses are intended to guarantee your freedom to share and change all versions of a program--to make sure it remains free software for all its users.
11 |
12 | When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for them if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs, and that you know you can do these things.
13 |
14 | Developers that use our General Public Licenses protect your rights with two steps: (1) assert copyright on the software, and (2) offer you this License which gives you legal permission to copy, distribute and/or modify the software.
15 |
16 | A secondary benefit of defending all users' freedom is that improvements made in alternate versions of the program, if they receive widespread use, become available for other developers to incorporate. Many developers of free software are heartened and encouraged by the resulting cooperation. However, in the case of software used on network servers, this result may fail to come about. The GNU General Public License permits making a modified version and letting the public access it on a server without ever releasing its source code to the public.
17 |
18 | The GNU Affero General Public License is designed specifically to ensure that, in such cases, the modified source code becomes available to the community. It requires the operator of a network server to provide the source code of the modified version running there to the users of that server. Therefore, public use of a modified version, on a publicly accessible server, gives the public access to the source code of the modified version.
19 |
20 | An older license, called the Affero General Public License and published by Affero, was designed to accomplish similar goals. This is a different license, not a version of the Affero GPL, but Affero has released a new version of the Affero GPL which permits relicensing under this license.
21 |
22 | The precise terms and conditions for copying, distribution and modification follow.
23 |
24 | TERMS AND CONDITIONS
25 | 0. Definitions.
26 | "This License" refers to version 3 of the GNU Affero General Public License.
27 |
28 | "Copyright" also means copyright-like laws that apply to other kinds of works, such as semiconductor masks.
29 |
30 | "The Program" refers to any copyrightable work licensed under this License. Each licensee is addressed as "you". "Licensees" and "recipients" may be individuals or organizations.
31 |
32 | To "modify" a work means to copy from or adapt all or part of the work in a fashion requiring copyright permission, other than the making of an exact copy. The resulting work is called a "modified version" of the earlier work or a work "based on" the earlier work.
33 |
34 | A "covered work" means either the unmodified Program or a work based on the Program.
35 |
36 | To "propagate" a work means to do anything with it that, without permission, would make you directly or secondarily liable for infringement under applicable copyright law, except executing it on a computer or modifying a private copy. Propagation includes copying, distribution (with or without modification), making available to the public, and in some countries other activities as well.
37 |
38 | To "convey" a work means any kind of propagation that enables other parties to make or receive copies. Mere interaction with a user through a computer network, with no transfer of a copy, is not conveying.
39 |
40 | An interactive user interface displays "Appropriate Legal Notices" to the extent that it includes a convenient and prominently visible feature that (1) displays an appropriate copyright notice, and (2) tells the user that there is no warranty for the work (except to the extent that warranties are provided), that licensees may convey the work under this License, and how to view a copy of this License. If the interface presents a list of user commands or options, such as a menu, a prominent item in the list meets this criterion.
41 |
42 | 1. Source Code.
43 | The "source code" for a work means the preferred form of the work for making modifications to it. "Object code" means any non-source form of a work.
44 |
45 | A "Standard Interface" means an interface that either is an official standard defined by a recognized standards body, or, in the case of interfaces specified for a particular programming language, one that is widely used among developers working in that language.
46 |
47 | The "System Libraries" of an executable work include anything, other than the work as a whole, that (a) is included in the normal form of packaging a Major Component, but which is not part of that Major Component, and (b) serves only to enable use of the work with that Major Component, or to implement a Standard Interface for which an implementation is available to the public in source code form. A "Major Component", in this context, means a major essential component (kernel, window system, and so on) of the specific operating system (if any) on which the executable work runs, or a compiler used to produce the work, or an object code interpreter used to run it.
48 |
49 | The "Corresponding Source" for a work in object code form means all the source code needed to generate, install, and (for an executable work) run the object code and to modify the work, including scripts to control those activities. However, it does not include the work's System Libraries, or general-purpose tools or generally available free programs which are used unmodified in performing those activities but which are not part of the work. For example, Corresponding Source includes interface definition files associated with source files for the work, and the source code for shared libraries and dynamically linked subprograms that the work is specifically designed to require, such as by intimate data communication or control flow between those subprograms and other parts of the work.
50 |
51 | The Corresponding Source need not include anything that users can regenerate automatically from other parts of the Corresponding Source.
52 |
53 | The Corresponding Source for a work in source code form is that same work.
54 |
55 | 2. Basic Permissions.
56 | All rights granted under this License are granted for the term of copyright on the Program, and are irrevocable provided the stated conditions are met. This License explicitly affirms your unlimited permission to run the unmodified Program. The output from running a covered work is covered by this License only if the output, given its content, constitutes a covered work. This License acknowledges your rights of fair use or other equivalent, as provided by copyright law.
57 |
58 | You may make, run and propagate covered works that you do not convey, without conditions so long as your license otherwise remains in force. You may convey covered works to others for the sole purpose of having them make modifications exclusively for you, or provide you with facilities for running those works, provided that you comply with the terms of this License in conveying all material for which you do not control copyright. Those thus making or running the covered works for you must do so exclusively on your behalf, under your direction and control, on terms that prohibit them from making any copies of your copyrighted material outside their relationship with you.
59 |
60 | Conveying under any other circumstances is permitted solely under the conditions stated below. Sublicensing is not allowed; section 10 makes it unnecessary.
61 |
62 | 3. Protecting Users' Legal Rights From Anti-Circumvention Law.
63 | No covered work shall be deemed part of an effective technological measure under any applicable law fulfilling obligations under article 11 of the WIPO copyright treaty adopted on 20 December 1996, or similar laws prohibiting or restricting circumvention of such measures.
64 |
65 | When you convey a covered work, you waive any legal power to forbid circumvention of technological measures to the extent such circumvention is effected by exercising rights under this License with respect to the covered work, and you disclaim any intention to limit operation or modification of the work as a means of enforcing, against the work's users, your or third parties' legal rights to forbid circumvention of technological measures.
66 |
67 | 4. Conveying Verbatim Copies.
68 | You may convey verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice; keep intact all notices stating that this License and any non-permissive terms added in accord with section 7 apply to the code; keep intact all notices of the absence of any warranty; and give all recipients a copy of this License along with the Program.
69 |
70 | You may charge any price or no price for each copy that you convey, and you may offer support or warranty protection for a fee.
71 |
72 | 5. Conveying Modified Source Versions.
73 | You may convey a work based on the Program, or the modifications to produce it from the Program, in the form of source code under the terms of section 4, provided that you also meet all of these conditions:
74 |
75 | a) The work must carry prominent notices stating that you modified it, and giving a relevant date.
76 | b) The work must carry prominent notices stating that it is released under this License and any conditions added under section 7. This requirement modifies the requirement in section 4 to "keep intact all notices".
77 | c) You must license the entire work, as a whole, under this License to anyone who comes into possession of a copy. This License will therefore apply, along with any applicable section 7 additional terms, to the whole of the work, and all its parts, regardless of how they are packaged. This License gives no permission to license the work in any other way, but it does not invalidate such permission if you have separately received it.
78 | d) If the work has interactive user interfaces, each must display Appropriate Legal Notices; however, if the Program has interactive interfaces that do not display Appropriate Legal Notices, your work need not make them do so.
79 | A compilation of a covered work with other separate and independent works, which are not by their nature extensions of the covered work, and which are not combined with it such as to form a larger program, in or on a volume of a storage or distribution medium, is called an "aggregate" if the compilation and its resulting copyright are not used to limit the access or legal rights of the compilation's users beyond what the individual works permit. Inclusion of a covered work in an aggregate does not cause this License to apply to the other parts of the aggregate.
80 |
81 | 6. Conveying Non-Source Forms.
82 | You may convey a covered work in object code form under the terms of sections 4 and 5, provided that you also convey the machine-readable Corresponding Source under the terms of this License, in one of these ways:
83 |
84 | a) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by the Corresponding Source fixed on a durable physical medium customarily used for software interchange.
85 | b) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by a written offer, valid for at least three years and valid for as long as you offer spare parts or customer support for that product model, to give anyone who possesses the object code either (1) a copy of the Corresponding Source for all the software in the product that is covered by this License, on a durable physical medium customarily used for software interchange, for a price no more than your reasonable cost of physically performing this conveying of source, or (2) access to copy the Corresponding Source from a network server at no charge.
86 | c) Convey individual copies of the object code with a copy of the written offer to provide the Corresponding Source. This alternative is allowed only occasionally and noncommercially, and only if you received the object code with such an offer, in accord with subsection 6b.
87 | d) Convey the object code by offering access from a designated place (gratis or for a charge), and offer equivalent access to the Corresponding Source in the same way through the same place at no further charge. You need not require recipients to copy the Corresponding Source along with the object code. If the place to copy the object code is a network server, the Corresponding Source may be on a different server (operated by you or a third party) that supports equivalent copying facilities, provided you maintain clear directions next to the object code saying where to find the Corresponding Source. Regardless of what server hosts the Corresponding Source, you remain obligated to ensure that it is available for as long as needed to satisfy these requirements.
88 | e) Convey the object code using peer-to-peer transmission, provided you inform other peers where the object code and Corresponding Source of the work are being offered to the general public at no charge under subsection 6d.
89 | A separable portion of the object code, whose source code is excluded from the Corresponding Source as a System Library, need not be included in conveying the object code work.
90 |
91 | A "User Product" is either (1) a "consumer product", which means any tangible personal property which is normally used for personal, family, or household purposes, or (2) anything designed or sold for incorporation into a dwelling. In determining whether a product is a consumer product, doubtful cases shall be resolved in favor of coverage. For a particular product received by a particular user, "normally used" refers to a typical or common use of that class of product, regardless of the status of the particular user or of the way in which the particular user actually uses, or expects or is expected to use, the product. A product is a consumer product regardless of whether the product has substantial commercial, industrial or non-consumer uses, unless such uses represent the only significant mode of use of the product.
92 |
93 | "Installation Information" for a User Product means any methods, procedures, authorization keys, or other information required to install and execute modified versions of a covered work in that User Product from a modified version of its Corresponding Source. The information must suffice to ensure that the continued functioning of the modified object code is in no case prevented or interfered with solely because modification has been made.
94 |
95 | If you convey an object code work under this section in, or with, or specifically for use in, a User Product, and the conveying occurs as part of a transaction in which the right of possession and use of the User Product is transferred to the recipient in perpetuity or for a fixed term (regardless of how the transaction is characterized), the Corresponding Source conveyed under this section must be accompanied by the Installation Information. But this requirement does not apply if neither you nor any third party retains the ability to install modified object code on the User Product (for example, the work has been installed in ROM).
96 |
97 | The requirement to provide Installation Information does not include a requirement to continue to provide support service, warranty, or updates for a work that has been modified or installed by the recipient, or for the User Product in which it has been modified or installed. Access to a network may be denied when the modification itself materially and adversely affects the operation of the network or violates the rules and protocols for communication across the network.
98 |
99 | Corresponding Source conveyed, and Installation Information provided, in accord with this section must be in a format that is publicly documented (and with an implementation available to the public in source code form), and must require no special password or key for unpacking, reading or copying.
100 |
101 | 7. Additional Terms.
102 | "Additional permissions" are terms that supplement the terms of this License by making exceptions from one or more of its conditions. Additional permissions that are applicable to the entire Program shall be treated as though they were included in this License, to the extent that they are valid under applicable law. If additional permissions apply only to part of the Program, that part may be used separately under those permissions, but the entire Program remains governed by this License without regard to the additional permissions.
103 |
104 | When you convey a copy of a covered work, you may at your option remove any additional permissions from that copy, or from any part of it. (Additional permissions may be written to require their own removal in certain cases when you modify the work.) You may place additional permissions on material, added by you to a covered work, for which you have or can give appropriate copyright permission.
105 |
106 | Notwithstanding any other provision of this License, for material you add to a covered work, you may (if authorized by the copyright holders of that material) supplement the terms of this License with terms:
107 |
108 | a) Disclaiming warranty or limiting liability differently from the terms of sections 15 and 16 of this License; or
109 | b) Requiring preservation of specified reasonable legal notices or author attributions in that material or in the Appropriate Legal Notices displayed by works containing it; or
110 | c) Prohibiting misrepresentation of the origin of that material, or requiring that modified versions of such material be marked in reasonable ways as different from the original version; or
111 | d) Limiting the use for publicity purposes of names of licensors or authors of the material; or
112 | e) Declining to grant rights under trademark law for use of some trade names, trademarks, or service marks; or
113 | f) Requiring indemnification of licensors and authors of that material by anyone who conveys the material (or modified versions of it) with contractual assumptions of liability to the recipient, for any liability that these contractual assumptions directly impose on those licensors and authors.
114 | All other non-permissive additional terms are considered "further restrictions" within the meaning of section 10. If the Program as you received it, or any part of it, contains a notice stating that it is governed by this License along with a term that is a further restriction, you may remove that term. If a license document contains a further restriction but permits relicensing or conveying under this License, you may add to a covered work material governed by the terms of that license document, provided that the further restriction does not survive such relicensing or conveying.
115 |
116 | If you add terms to a covered work in accord with this section, you must place, in the relevant source files, a statement of the additional terms that apply to those files, or a notice indicating where to find the applicable terms.
117 |
118 | Additional terms, permissive or non-permissive, may be stated in the form of a separately written license, or stated as exceptions; the above requirements apply either way.
119 |
120 | 8. Termination.
121 | You may not propagate or modify a covered work except as expressly provided under this License. Any attempt otherwise to propagate or modify it is void, and will automatically terminate your rights under this License (including any patent licenses granted under the third paragraph of section 11).
122 |
123 | However, if you cease all violation of this License, then your license from a particular copyright holder is reinstated (a) provisionally, unless and until the copyright holder explicitly and finally terminates your license, and (b) permanently, if the copyright holder fails to notify you of the violation by some reasonable means prior to 60 days after the cessation.
124 |
125 | Moreover, your license from a particular copyright holder is reinstated permanently if the copyright holder notifies you of the violation by some reasonable means, this is the first time you have received notice of violation of this License (for any work) from that copyright holder, and you cure the violation prior to 30 days after your receipt of the notice.
126 |
127 | Termination of your rights under this section does not terminate the licenses of parties who have received copies or rights from you under this License. If your rights have been terminated and not permanently reinstated, you do not qualify to receive new licenses for the same material under section 10.
128 |
129 | 9. Acceptance Not Required for Having Copies.
130 | You are not required to accept this License in order to receive or run a copy of the Program. Ancillary propagation of a covered work occurring solely as a consequence of using peer-to-peer transmission to receive a copy likewise does not require acceptance. However, nothing other than this License grants you permission to propagate or modify any covered work. These actions infringe copyright if you do not accept this License. Therefore, by modifying or propagating a covered work, you indicate your acceptance of this License to do so.
131 |
132 | 10. Automatic Licensing of Downstream Recipients.
133 | Each time you convey a covered work, the recipient automatically receives a license from the original licensors, to run, modify and propagate that work, subject to this License. You are not responsible for enforcing compliance by third parties with this License.
134 |
135 | An "entity transaction" is a transaction transferring control of an organization, or substantially all assets of one, or subdividing an organization, or merging organizations. If propagation of a covered work results from an entity transaction, each party to that transaction who receives a copy of the work also receives whatever licenses to the work the party's predecessor in interest had or could give under the previous paragraph, plus a right to possession of the Corresponding Source of the work from the predecessor in interest, if the predecessor has it or can get it with reasonable efforts.
136 |
137 | You may not impose any further restrictions on the exercise of the rights granted or affirmed under this License. For example, you may not impose a license fee, royalty, or other charge for exercise of rights granted under this License, and you may not initiate litigation (including a cross-claim or counterclaim in a lawsuit) alleging that any patent claim is infringed by making, using, selling, offering for sale, or importing the Program or any portion of it.
138 |
139 | 11. Patents.
140 | A "contributor" is a copyright holder who authorizes use under this License of the Program or a work on which the Program is based. The work thus licensed is called the contributor's "contributor version".
141 |
142 | A contributor's "essential patent claims" are all patent claims owned or controlled by the contributor, whether already acquired or hereafter acquired, that would be infringed by some manner, permitted by this License, of making, using, or selling its contributor version, but do not include claims that would be infringed only as a consequence of further modification of the contributor version. For purposes of this definition, "control" includes the right to grant patent sublicenses in a manner consistent with the requirements of this License.
143 |
144 | Each contributor grants you a non-exclusive, worldwide, royalty-free patent license under the contributor's essential patent claims, to make, use, sell, offer for sale, import and otherwise run, modify and propagate the contents of its contributor version.
145 |
146 | In the following three paragraphs, a "patent license" is any express agreement or commitment, however denominated, not to enforce a patent (such as an express permission to practice a patent or covenant not to sue for patent infringement). To "grant" such a patent license to a party means to make such an agreement or commitment not to enforce a patent against the party.
147 |
148 | If you convey a covered work, knowingly relying on a patent license, and the Corresponding Source of the work is not available for anyone to copy, free of charge and under the terms of this License, through a publicly available network server or other readily accessible means, then you must either (1) cause the Corresponding Source to be so available, or (2) arrange to deprive yourself of the benefit of the patent license for this particular work, or (3) arrange, in a manner consistent with the requirements of this License, to extend the patent license to downstream recipients. "Knowingly relying" means you have actual knowledge that, but for the patent license, your conveying the covered work in a country, or your recipient's use of the covered work in a country, would infringe one or more identifiable patents in that country that you have reason to believe are valid.
149 |
150 | If, pursuant to or in connection with a single transaction or arrangement, you convey, or propagate by procuring conveyance of, a covered work, and grant a patent license to some of the parties receiving the covered work authorizing them to use, propagate, modify or convey a specific copy of the covered work, then the patent license you grant is automatically extended to all recipients of the covered work and works based on it.
151 |
152 | A patent license is "discriminatory" if it does not include within the scope of its coverage, prohibits the exercise of, or is conditioned on the non-exercise of one or more of the rights that are specifically granted under this License. You may not convey a covered work if you are a party to an arrangement with a third party that is in the business of distributing software, under which you make payment to the third party based on the extent of your activity of conveying the work, and under which the third party grants, to any of the parties who would receive the covered work from you, a discriminatory patent license (a) in connection with copies of the covered work conveyed by you (or copies made from those copies), or (b) primarily for and in connection with specific products or compilations that contain the covered work, unless you entered into that arrangement, or that patent license was granted, prior to 28 March 2007.
153 |
154 | Nothing in this License shall be construed as excluding or limiting any implied license or other defenses to infringement that may otherwise be available to you under applicable patent law.
155 |
156 | 12. No Surrender of Others' Freedom.
157 | If conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot convey a covered work so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not convey it at all. For example, if you agree to terms that obligate you to collect a royalty for further conveying from those to whom you convey the Program, the only way you could satisfy both those terms and this License would be to refrain entirely from conveying the Program.
158 |
159 | 13. Remote Network Interaction; Use with the GNU General Public License.
160 | Notwithstanding any other provision of this License, if you modify the Program, your modified version must prominently offer all users interacting with it remotely through a computer network (if your version supports such interaction) an opportunity to receive the Corresponding Source of your version by providing access to the Corresponding Source from a network server at no charge, through some standard or customary means of facilitating copying of software. This Corresponding Source shall include the Corresponding Source for any work covered by version 3 of the GNU General Public License that is incorporated pursuant to the following paragraph.
161 |
162 | Notwithstanding any other provision of this License, you have permission to link or combine any covered work with a work licensed under version 3 of the GNU General Public License into a single combined work, and to convey the resulting work. The terms of this License will continue to apply to the part which is the covered work, but the work with which it is combined will remain governed by version 3 of the GNU General Public License.
163 |
164 | 14. Revised Versions of this License.
165 | The Free Software Foundation may publish revised and/or new versions of the GNU Affero General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns.
166 |
167 | Each version is given a distinguishing version number. If the Program specifies that a certain numbered version of the GNU Affero General Public License "or any later version" applies to it, you have the option of following the terms and conditions either of that numbered version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of the GNU Affero General Public License, you may choose any version ever published by the Free Software Foundation.
168 |
169 | If the Program specifies that a proxy can decide which future versions of the GNU Affero General Public License can be used, that proxy's public statement of acceptance of a version permanently authorizes you to choose that version for the Program.
170 |
171 | Later license versions may give you additional or different permissions. However, no additional obligations are imposed on any author or copyright holder as a result of your choosing to follow a later version.
172 |
173 | 15. Disclaimer of Warranty.
174 | THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
175 |
176 | 16. Limitation of Liability.
177 | IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
178 |
179 | 17. Interpretation of Sections 15 and 16.
180 | If the disclaimer of warranty and limitation of liability provided above cannot be given local legal effect according to their terms, reviewing courts shall apply local law that most closely approximates an absolute waiver of all civil liability in connection with the Program, unless a warranty or assumption of liability accompanies a copy of the Program in return for a fee.
181 |
182 | END OF TERMS AND CONDITIONS
183 |
184 | How to Apply These Terms to Your New Programs
185 | If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms.
186 |
187 | To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively state the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found.
188 |
189 |
190 | Copyright (C)
191 |
192 | This program is free software: you can redistribute it and/or modify
193 | it under the terms of the GNU Affero General Public License as
194 | published by the Free Software Foundation, either version 3 of the
195 | License, or (at your option) any later version.
196 |
197 | This program is distributed in the hope that it will be useful,
198 | but WITHOUT ANY WARRANTY; without even the implied warranty of
199 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
200 | GNU Affero General Public License for more details.
201 |
202 | You should have received a copy of the GNU Affero General Public License
203 | along with this program. If not, see .
204 | Also add information on how to contact you by electronic and paper mail.
205 |
206 | If your software can interact with users remotely through a computer network, you should also make sure that it provides a way for users to get its source. For example, if your program is a web application, its interface could display a "Source" link that leads users to an archive of the code. There are many ways you could offer source, and different solutions will be better for different programs; see section 13 for the specific requirements.
207 |
208 | You should also get your employer (if you work as a programmer) or school, if any, to sign a "copyright disclaimer" for the program, if necessary. For more information on this, and how to apply and follow the GNU AGPL, see .
209 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # GVM / Openvas Packaging Project
2 |
3 | The GVM (Formerly: Openvas) project is an Atomicorp designed effort to install and configure the [Openvas](http://www.openvas.org) vulnerability scanner Version 21.04 on a Redhat, Rocky, Centos or Fedora Linux platforms.
4 |
5 |
6 | Visit our website for the latest information. [www.atomicorp.com](http://www.atomicorp.com)
7 |
8 |
9 | ## Currently Supported Platforms
10 |
11 | * RHEL 8/9
12 | * Rocky 8/9
13 | * Fedora 36
14 | * Fedora 37
15 |
16 |
17 |
18 | ## Yum/DNF Automatic Installation ##
19 |
20 |
21 | 1) Install the Atomic Yum Repository
22 |
23 | ```
24 | wget -q -O - https://updates.atomicorp.com/installers/atomic | sudo sh
25 | ```
26 |
27 | 2) Install the GVM/openvas package
28 |
29 | ```
30 | # Redhat/Rocky/Centos 8 Only
31 | yum config-manager --set-enabled powertools
32 | yum install epel-release
33 |
34 | # Redhat/Rocky 9 Only
35 | yum config-manager --set-enabled crb
36 | yum install epel-release
37 |
38 | #
39 | yum install gvm
40 | ```
41 |
42 |
43 | 3) Configure openvas
44 | ```
45 | gvm-setup
46 | ```
47 |
48 |
49 | ## Docker Installation ##
50 |
51 | The [Atomicorp Openvas Docker Project](https://github.com/atomicorp/openvas-docker) is available from docker hub:
52 |
53 | ```
54 | docker pull atomicorp/openvas
55 | ```
56 |
57 |
58 | ## Join us on Slack ##
59 |
60 | Need help? Want to collaborate?
61 |
62 | [Join Atomicorp Slack](https://atomicorp-support.slack.com/)
63 |
64 |
65 | ## Credits and Thanks ##
66 |
67 | * Michael Meyer @Greenbone
68 |
69 | * Jan-Oliver Wagner @Greenbone
70 |
71 | * Everyone at Greenbone that made this project possible
72 |
73 | * Fredrik Hilmersson https://libellux.com
74 |
75 | * Cody Woods @hcw2016
76 |
77 |
--------------------------------------------------------------------------------
/SOURCES/openvas-cert-sync-cronjob:
--------------------------------------------------------------------------------
1 | # start plugin sync daily at 130am
2 |
3 | PATH=/bin:/usr/bin:/sbin:/usr/sbin
4 | 30 1 * * * root /usr/sbin/greenbone-certdata-sync
5 |
--------------------------------------------------------------------------------
/SOURCES/openvas-check-setup:
--------------------------------------------------------------------------------
1 | #!/bin/sh
2 |
3 | ###############################################################################
4 | # OpenVAS
5 | # $Id$
6 | #
7 | # Script for checking completeness and readiness of OpenVAS.
8 | #
9 | # Authors:
10 | # Jan-Oliver Wagner
11 | # Michael Wiegand
12 | #
13 | # Copyright:
14 | # Copyright (C) 2011-2016 Greenbone Networks GmbH
15 | #
16 | # This program is free software; you can redistribute it and/or modify
17 | # it under the terms of the GNU General Public License version 2,
18 | # or at your option any later version, as published by the
19 | # Free Software Foundation
20 | #
21 | # This program is distributed in the hope that it will be useful,
22 | # but WITHOUT ANY WARRANTY; without even the implied warranty of
23 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
24 | # GNU General Public License for more details.
25 | #
26 | # You should have received a copy of the GNU General Public License
27 | # along with this program; if not, write to the Free Software
28 | # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
29 | ###############################################################################
30 |
31 | LOG=/tmp/openvas-check-setup.log
32 | CHECKVERSION=2.3.7
33 |
34 | if [ "$1" = "--server" -o "$2" = "--server" -o "$3" = "--server" ]
35 | then
36 | MODE="server"
37 | else
38 | MODE="desktop"
39 | fi
40 |
41 | if [ "$1" = "--skip-nmap" -o "$2" = "--skip-nmap" -o "$3" = "--skip-nmap" ]
42 | then
43 | SKIP_NMAP="1"
44 | else
45 | SKIP_NMAP="0"
46 | fi
47 |
48 | # Current default is OpenVAS-8:
49 | VER="8"
50 | SCANNER_MAJOR="5"
51 | SCANNER_MINOR="0"
52 | MANAGER_MAJOR="6"
53 | MANAGER_MINOR="0"
54 | ADMINISTRATOR_MAJOR="0"
55 | ADMINISTRATOR_MINOR="0"
56 | GSA_MAJOR="6"
57 | GSA_MINOR="0"
58 | CLI_MAJOR="1"
59 | CLI_MINOR="4"
60 |
61 | if [ "$1" = "--v9" -o "$2" = "--v9" -o "$3" = "--v9" ]
62 | then
63 | VER="9"
64 | SCANNER_MAJOR="5"
65 | SCANNER_MINOR="1"
66 | MANAGER_MAJOR="7"
67 | MANAGER_MINOR="0"
68 | ADMINISTRATOR_MAJOR="0"
69 | ADMINISTRATOR_MINOR="0"
70 | GSA_MAJOR="7"
71 | GSA_MINOR="0"
72 | CLI_MAJOR="1"
73 | CLI_MINOR="4"
74 | elif [ "$1" = "--v8" -o "$2" = "--v8" -o "$3" = "--v8" ]
75 | then
76 | VER="8"
77 | SCANNER_MAJOR="5"
78 | SCANNER_MINOR="0"
79 | MANAGER_MAJOR="6"
80 | MANAGER_MINOR="0"
81 | ADMINISTRATOR_MAJOR="0"
82 | ADMINISTRATOR_MINOR="0"
83 | GSA_MAJOR="6"
84 | GSA_MINOR="0"
85 | CLI_MAJOR="1"
86 | CLI_MINOR="4"
87 | elif [ "$1" = "--v7" -o "$2" = "--v7" -o "$3" = "--v7" ]
88 | then
89 | VER="7"
90 | SCANNER_MAJOR="4"
91 | SCANNER_MINOR="0"
92 | MANAGER_MAJOR="5"
93 | MANAGER_MINOR="0"
94 | ADMINISTRATOR_MAJOR="0"
95 | ADMINISTRATOR_MINOR="0"
96 | GSA_MAJOR="5"
97 | GSA_MINOR="0"
98 | CLI_MAJOR="1"
99 | CLI_MINOR="3"
100 | elif [ "$1" = "--v6" -o "$2" = "--v6" -o "$3" = "--v6" ]
101 | then
102 | VER="6"
103 | SCANNER_MAJOR="3"
104 | SCANNER_MINOR="4"
105 | MANAGER_MAJOR="4"
106 | MANAGER_MINOR="0"
107 | ADMINISTRATOR_MAJOR="1"
108 | ADMINISTRATOR_MINOR="3"
109 | GSA_MAJOR="4"
110 | GSA_MINOR="0"
111 | CLI_MAJOR="1"
112 | CLI_MINOR="2"
113 | GSD_MAJOR="1"
114 | GSD_MINOR="2"
115 | fi
116 |
117 | echo "openvas-check-setup $CHECKVERSION"
118 | echo " Test completeness and readiness of OpenVAS-$VER"
119 | if [ "$VER" = "8" ]
120 | then
121 | echo " (add '--v6' or '--v7' or '--v9'"
122 | echo " if you want to check for another OpenVAS version)"
123 | fi
124 | echo ""
125 | echo " Please report us any non-detected problems and"
126 | echo " help us to improve this check routine:"
127 | echo " http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss"
128 | echo ""
129 | echo " Send us the log-file ($LOG) to help analyze the problem."
130 | echo ""
131 |
132 | if [ "$MODE" = "desktop" ]
133 | then
134 | echo " Use the parameter --server to skip checks for client tools"
135 | echo " like GSD and OpenVAS-CLI."
136 | echo ""
137 | fi
138 |
139 | log_and_print ()
140 | {
141 | echo " " $1
142 | echo " " $1 >> $LOG
143 | }
144 |
145 | check_failed ()
146 | {
147 | echo ""
148 | echo " ERROR: Your OpenVAS-$VER installation is not yet complete!"
149 | echo ""
150 | echo "Please follow the instructions marked with FIX above and run this"
151 | echo "script again."
152 | echo ""
153 | echo "If you think this result is wrong, please report your observation"
154 | echo "and help us to improve this check routine:"
155 | echo "http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss"
156 | echo "Please attach the log-file ($LOG) to help us analyze the problem."
157 | echo ""
158 | exit 1
159 | }
160 |
161 |
162 | # LOG start
163 | echo "openvas-check-setup $CHECKVERSION" > $LOG
164 | echo " Mode: $MODE" >> $LOG
165 | echo " Date: " `date -R` >> $LOG
166 | echo "" >> $LOG
167 |
168 |
169 | echo "Step 1: Checking OpenVAS Scanner ... "
170 |
171 | echo "Checking for old OpenVAS Scanner <= 2.0 ..." >> $LOG
172 | openvasd -V >> $LOG 2>&1
173 | if [ $? -eq 0 ]
174 | then
175 | log_and_print "ERROR: Old version of OpenVAS Scanner detected."
176 | log_and_print "FIX: Please remove the installation of the old OpenVAS Scanner (openvasd)."
177 | check_failed
178 | fi
179 | echo "" >> $LOG
180 |
181 | echo "Checking presence of OpenVAS Scanner ..." >> $LOG
182 | openvassd --version >> $LOG 2>&1
183 | if [ $? -ne 0 ]
184 | then
185 | log_and_print "ERROR: No OpenVAS Scanner (openvassd) found."
186 | log_and_print "FIX: Please install OpenVAS Scanner."
187 | check_failed
188 | fi
189 | echo "" >> $LOG
190 |
191 | echo "Checking OpenVAS Scanner version ..." >> $LOG
192 |
193 | VERSION=`openvassd --version 2>>$LOG | head -1 | sed -e "s/OpenVAS Scanner //"`
194 |
195 | if [ `echo $VERSION | grep "^$SCANNER_MAJOR\.$SCANNER_MINOR" | wc -l` -ne "1" ]
196 | then
197 | log_and_print "ERROR: OpenVAS Scanner too old or too new: $VERSION"
198 | log_and_print "FIX: Please install OpenVAS Scanner $SCANNER_MAJOR.$SCANNER_MINOR."
199 | log_and_print "HINT: Please see the --v6/7/8/9 command line options to check other major versions."
200 | check_failed
201 | fi
202 | echo "" >> $LOG
203 |
204 | log_and_print "OK: OpenVAS Scanner is present in version $VERSION."
205 |
206 | openvassd -s >> $LOG 2>&1
207 |
208 | OPENVASSD_CONFIG_FILE=$(openvassd -s | awk '/^config_file/ { print $3 }')
209 | if [ -n "$OPENVASSD_CONFIG_FILE" ]
210 | then
211 | if [ -e "$OPENVASSD_CONFIG_FILE" ] && [ ! -O "$OPENVASSD_CONFIG_FILE" ]
212 | then
213 | log_and_print "WARNING: The config file used by OpenVAS Scanner is not owned by the current user."
214 | log_and_print " Some of the following tests may produce incorrect results."
215 | log_and_print "SUGGEST: Run 'openvas-check-setup' as the user owning the OpenVAS Scanner installation"
216 | log_and_print " to ensure correct results."
217 | fi
218 | fi
219 |
220 | if [ $VER -lt 9 ]
221 | then
222 | echo "Checking OpenVAS Scanner CA cert ..." >> $LOG
223 | CAFILE=`openvassd -s 2>>$LOG | grep ca_file | sed -e "s/^ca_file = //"`
224 | if [ ! -e $CAFILE ]
225 | then
226 | log_and_print "ERROR: No CA certificate file of OpenVAS Scanner found."
227 | log_and_print "FIX: Run 'openvas-mkcert'."
228 | check_failed
229 | fi
230 | echo "" >> $LOG
231 |
232 | log_and_print "OK: OpenVAS Scanner CA Certificate is present as $CAFILE."
233 | fi
234 |
235 | if [ "$VER" -ge 8 ]
236 | then
237 | echo "Checking presence of redis ..." >> $LOG
238 | BINARY=`redis-server --version`
239 |
240 | if [ $? -ne 0 ]
241 | then
242 | log_and_print "ERROR: No redis-server installation found."
243 | log_and_print "FIX: You should install redis-server for improved scalability and ability to trace/debug the KB"
244 | check_failed
245 | else
246 | VERSION=`redis-server --version | awk '{ print $4 }'`
247 | if [ `echo $VERSION | grep sha` ]
248 | then
249 | VERSION=`redis-server --version | awk '{ print $3 }'`
250 | fi
251 | log_and_print "OK: redis-server is present in version $VERSION."
252 | HAVE_REDIS=1
253 | fi
254 | echo "" >> $LOG
255 |
256 | if [ $HAVE_REDIS -eq 1 ]
257 | then
258 | echo "Checking if redis-server is configured properly to run with openVAS ..." >> $LOG
259 | REDISSOCKET=`openvassd -s 2>>$LOG | grep kb_location | sed -e "s/^kb_location = //"`
260 | if [ -z "$REDISSOCKET" ]
261 | then
262 | log_and_print "ERROR: scanner is not configured to use a redis-server socket."
263 | log_and_print "FIX: Configure the kb_location setting of the scanner to the path of the redis-server socket."
264 | check_failed
265 | else
266 | log_and_print "OK: scanner (kb_location setting) is configured properly using the redis-server socket: $REDISSOCKET"
267 | echo "Checking if redis-server is running ..." >> $LOG
268 | if [ -e $REDISSOCKET ]
269 | then
270 | log_and_print "OK: redis-server is running and listening on socket: $REDISSOCKET."
271 | else
272 | log_and_print "ERROR: redis-server is not running or not listening on socket: $REDISSOCKET"
273 | log_and_print "FIX: You should start the redis-server or configure it to listen on socket: $REDISSOCKET"
274 | check_failed
275 | fi
276 | fi
277 | log_and_print "OK: redis-server configuration is OK and redis-server is running."
278 | fi
279 |
280 | echo "" >> $LOG
281 | fi
282 |
283 | echo "Checking NVT collection ..." >> $LOG
284 | PLUGINSFOLDER=`openvassd -s 2>>$LOG | grep plugins_folder | sed -e "s/^plugins_folder = //"`
285 | if [ ! -d $PLUGINSFOLDER ]
286 | then
287 | log_and_print "ERROR: Directory containing the NVT collection not found."
288 | log_and_print "FIX: Run a NVT synchronization script like openvas-nvt-sync or greenbone-nvt-sync."
289 | check_failed
290 | fi
291 | OLDPLUGINSFOLDER=`echo "$PLUGINSFOLDER" | grep -q -v "/var/" 2>&1`
292 | if [ $? -eq 0 ]
293 | then
294 | CONFFILE=`openvassd -s 2>>$LOG | grep config_file | sed -e "s/^config_file = //"`
295 | log_and_print "ERROR: Your OpenVAS Scanner configuration seems to be from a pre-OpenVAS-4 installation and contains non-FHS compliant paths."
296 | log_and_print "FIX: Delete your OpenVAS Scanner Configuration file ($CONFFILE)."
297 | check_failed
298 | fi
299 | NVTCOUNT=`find $PLUGINSFOLDER -name "*nasl" | wc -l`
300 | if [ $NVTCOUNT -lt 10 ]
301 | then
302 | log_and_print "ERROR: The NVT collection is very small."
303 | if [ $VER -ge 9 ]
304 | then
305 | log_and_print "FIX: Run a synchronization script like greenbone-nvt-sync."
306 | else
307 | log_and_print "FIX: Run a synchronization script like openvas-nvt-sync or greenbone-nvt-sync."
308 | fi
309 | check_failed
310 | fi
311 | echo "" >> $LOG
312 |
313 | log_and_print "OK: NVT collection in $PLUGINSFOLDER contains $NVTCOUNT NVTs."
314 |
315 | echo "Checking status of signature checking in OpenVAS Scanner ..." >> $LOG
316 | NOSIGCHECK=`openvassd -s 2>>$LOG | grep nasl_no_signature_check | sed -e "s/^nasl_no_signature_check = //"`
317 | if [ $NOSIGCHECK != "no" ]
318 | then
319 | log_and_print "WARNING: Signature checking of NVTs is not enabled in OpenVAS Scanner."
320 | log_and_print "SUGGEST: Enable signature checking (see http://www.openvas.org/trusted-nvts.html)."
321 | else
322 | log_and_print "OK: Signature checking of NVTs is enabled in OpenVAS Scanner."
323 | fi
324 | echo "" >> $LOG
325 |
326 | CACHEFOLDER=`openvassd -s 2>>$LOG | grep cache_folder | sed -e "s/^cache_folder = //"`
327 | CACHECOUNT=`find $CACHEFOLDER -name "*nvti" | wc -l`
328 | if [ $CACHECOUNT -lt $NVTCOUNT ]
329 | then
330 | log_and_print "WARNING: The initial NVT cache has not yet been generated."
331 | log_and_print "SUGGEST: Start OpenVAS Scanner for the first time to generate the cache."
332 | else
333 | log_and_print "OK: The NVT cache in $CACHEFOLDER contains $CACHECOUNT files for $NVTCOUNT NVTs."
334 | fi
335 | echo "" >> $LOG
336 |
337 | echo "Step 2: Checking OpenVAS Manager ... "
338 |
339 | echo "Checking presence of OpenVAS Manager ..." >> $LOG
340 | openvasmd --version >> $LOG 2>&1
341 | if [ $? -ne 0 ]
342 | then
343 | log_and_print "ERROR: No OpenVAS Manager (openvasmd) found."
344 | log_and_print "FIX: Please install OpenVAS Manager."
345 | check_failed
346 | fi
347 | echo "" >> $LOG
348 |
349 | VERSION=`openvasmd --version | head -1 | sed -e "s/OpenVAS Manager //"`
350 |
351 | if [ `echo $VERSION | grep "^$MANAGER_MAJOR\.$MANAGER_MINOR" | wc -l` -ne "1" ]
352 | then
353 | log_and_print "ERROR: OpenVAS Manager too old or too new: $VERSION"
354 | log_and_print "FIX: Please install OpenVAS Manager $MANAGER_MAJOR.$MANAGER_MINOR."
355 | log_and_print "HINT: Please see the --v6/7/8/9 command line options to check other major versions."
356 | check_failed
357 | fi
358 | echo "" >> $LOG
359 |
360 | log_and_print "OK: OpenVAS Manager is present in version $VERSION."
361 |
362 | if [ $VER -lt 9 ]
363 | then
364 | echo "Checking OpenVAS Manager client certificate ..." >> $LOG
365 | CERTDIR=`dirname $CAFILE`
366 | CLIENTCERTFILE="$CERTDIR/clientcert.pem"
367 | if [ ! -e $CLIENTCERTFILE ]
368 | then
369 | log_and_print "ERROR: No client certificate file of OpenVAS Manager found."
370 | if [ $VER -ge 7 ]
371 | then
372 | log_and_print "FIX: Run 'openvas-mkcert-client -n -i'"
373 | else
374 | log_and_print "FIX: Run 'openvas-mkcert-client -n om -i'"
375 | fi
376 | check_failed
377 | fi
378 | echo "" >> $LOG
379 |
380 | log_and_print "OK: OpenVAS Manager client certificate is present as $CLIENTCERTFILE."
381 | fi
382 |
383 | echo "Checking OpenVAS Manager database ..." >> $LOG
384 | # Guess openvas state dir from $PLUGINSFOLDER
385 | STATEDIR=`dirname $PLUGINSFOLDER`
386 | TASKSDB="$STATEDIR/mgr/tasks.db"
387 | if [ ! -e $TASKSDB ]
388 | then
389 | log_and_print "ERROR: No OpenVAS Manager database found. (Tried: $TASKSDB)"
390 | log_and_print "FIX: Run 'openvasmd --rebuild' while OpenVAS Scanner is running."
391 |
392 | OPENVASSD_RUNNING=`ps -Af | grep -ic "[o]penvassd: waiting for incoming connections"`
393 | if [ $OPENVASSD_RUNNING -eq 0 ]
394 | then
395 | log_and_print "WARNING: OpenVAS Scanner is NOT running!" ;
396 | log_and_print "SUGGEST: Start OpenVAS Scanner (openvassd)." ;
397 | fi
398 |
399 | check_failed
400 | fi
401 | echo "" >> $LOG
402 |
403 | log_and_print "OK: OpenVAS Manager database found in $TASKSDB."
404 |
405 | echo "Checking access rights of OpenVAS Manager database ..." >> $LOG
406 | TASKSDBPERMS=`stat -c "%a" "$TASKSDB"`
407 | if [ "$TASKSDBPERMS" != "600" ]
408 | then
409 | log_and_print "ERROR: The access rights of the OpenVAS Manager database are incorrect."
410 | log_and_print "FIX: Run 'chmod 600 $TASKSDB'."
411 | check_failed
412 | fi
413 | echo "" >> $LOG
414 |
415 | log_and_print "OK: Access rights for the OpenVAS Manager database are correct."
416 |
417 | echo "Checking sqlite3 presence ..." >> $LOG
418 | SQLITE3=`type sqlite3 2> /dev/null`
419 | if [ $? -ne 0 ]
420 | then
421 | log_and_print "WARNING: Could not find sqlite3 binary, extended manager checks of the OpenVAS Manager installation are disabled."
422 | log_and_print "SUGGEST: Install sqlite3."
423 | HAVE_SQLITE=0
424 | else
425 | log_and_print "OK: sqlite3 found, extended checks of the OpenVAS Manager installation enabled."
426 | HAVE_SQLITE=1
427 | fi
428 | echo "" >> $LOG
429 |
430 | if [ $HAVE_SQLITE -eq 1 ]
431 | then
432 | echo "Checking OpenVAS Manager database revision ..." >> $LOG
433 | TASKSDBREV=`sqlite3 $TASKSDB "select value from meta where name='database_version';"`
434 | if [ -z $TASKSDBREV ]
435 | then
436 | log_and_print "ERROR: Could not determine database revision, database corrupt or in invalid format."
437 | log_and_print "FIX: Delete database at $TASKSDB and rebuild it."
438 | check_failed
439 | else
440 | log_and_print "OK: OpenVAS Manager database is at revision $TASKSDBREV."
441 | fi
442 | echo "Checking database revision expected by OpenVAS Manager ..." >> $LOG
443 | MANAGERDBREV=`openvasmd --version | grep "Manager DB revision" | sed -e "s/.*\ //"`
444 | if [ -z $MANAGERDBREV ]
445 | then
446 | log_and_print "ERROR: Could not determine database revision expected by OpenVAS Manager."
447 | log_and_print "FIX: Ensure OpenVAS Manager is installed correctly."
448 | check_failed
449 | else
450 | log_and_print "OK: OpenVAS Manager expects database at revision $MANAGERDBREV."
451 | fi
452 | if [ $TASKSDBREV -lt $MANAGERDBREV ]
453 | then
454 | log_and_print "ERROR: Database schema is out of date."
455 | log_and_print "FIX: Run 'openvasmd --migrate'."
456 | check_failed
457 | else
458 | log_and_print "OK: Database schema is up to date."
459 | fi
460 | echo "Checking OpenVAS Manager database (NVT data) ..." >> $LOG
461 | DBNVTCOUNT=`sqlite3 $TASKSDB "select count(*) from nvts;"`
462 | if [ $DBNVTCOUNT -lt 20000 ]
463 | then
464 | log_and_print "ERROR: The number of NVTs in the OpenVAS Manager database is too low."
465 | log_and_print "FIX: Make sure OpenVAS Scanner is running with an up-to-date NVT collection and run 'openvasmd --rebuild'."
466 |
467 | OPENVASSD_RUNNING=`ps -Af | grep -ic "[o]penvassd: waiting for incoming connections"`
468 | if [ $OPENVASSD_RUNNING -eq 0 ]
469 | then
470 | log_and_print "WARNING: OpenVAS Scanner is NOT running!" ;
471 | log_and_print "SUGGEST: Start OpenVAS Scanner (openvassd)." ;
472 | fi
473 |
474 | check_failed
475 | else
476 | log_and_print "OK: OpenVAS Manager database contains information about $DBNVTCOUNT NVTs."
477 | fi
478 | fi
479 |
480 | if [ $ADMINISTRATOR_MAJOR = "0" ]
481 | then
482 | echo "Checking if users exist ..." >> $LOG
483 | if [ $VER != "7" ]
484 | then
485 | USERCOUNT=`openvasmd --get-users | sed -e "/^$/d" | wc -l`
486 | else
487 | USERCOUNT=`openvasmd --list-users | sed -e "/^$/d" | wc -l`
488 | fi
489 | if [ $USERCOUNT -eq 0 ]
490 | then
491 | log_and_print "ERROR: No users found. You need to create at least one user to log in."
492 | log_and_print " It is recommended to have at least one user with role Admin."
493 | log_and_print "FIX: create a user by running 'openvasmd --create-user= --role=Admin && openvasmd --user= --new-password='"
494 | check_failed
495 | else
496 | log_and_print "OK: At least one user exists."
497 | fi
498 | echo "" >> $LOG
499 | fi
500 |
501 | # TODO: Do a check for presence of at least one Admin user.
502 |
503 | echo "Checking OpenVAS SCAP database ..." >> $LOG
504 | # Guess openvas state dir from $PLUGINSFOLDER
505 | STATEDIR=`dirname $PLUGINSFOLDER`
506 | SCAPDB="$STATEDIR/scap-data/scap.db"
507 | if [ ! -e $SCAPDB ]
508 | then
509 | log_and_print "ERROR: No OpenVAS SCAP database found. (Tried: $SCAPDB)"
510 | if [ $VER -ge 9 ]
511 | then
512 | log_and_print "FIX: Run a SCAP synchronization script like greenbone-scapdata-sync."
513 | else
514 | log_and_print "FIX: Run a SCAP synchronization script like openvas-scapdata-sync or greenbone-scapdata-sync."
515 | fi
516 | check_failed
517 | fi
518 | echo "" >> $LOG
519 |
520 | log_and_print "OK: OpenVAS SCAP database found in $SCAPDB."
521 |
522 | if [ "$VER" -ge 6 ]
523 | then
524 | echo "Checking OpenVAS CERT database ..." >> $LOG
525 | # Guess openvas state dir from $PLUGINSFOLDER
526 | STATEDIR=`dirname $PLUGINSFOLDER`
527 | CERTDB="$STATEDIR/cert-data/cert.db"
528 | if [ ! -e $CERTDB ]
529 | then
530 | log_and_print "ERROR: No OpenVAS CERT database found. (Tried: $CERTDB)"
531 | if [ $VER -ge 9 ]
532 | then
533 | log_and_print "FIX: Run a CERT synchronization script like greenbone-certdata-sync."
534 | else
535 | log_and_print "FIX: Run a CERT synchronization script like openvas-certdata-sync or greenbone-certdata-sync."
536 | fi
537 | check_failed
538 | fi
539 | echo "" >> $LOG
540 |
541 | log_and_print "OK: OpenVAS CERT database found in $CERTDB."
542 | fi
543 |
544 | echo "Checking xsltproc presence ..." >> $LOG
545 | XSLTPROC=`type xsltproc 2> /dev/null`
546 | if [ $? -ne 0 ]
547 | then
548 | log_and_print "WARNING: Could not find xsltproc binary, most report formats will not work."
549 | log_and_print "SUGGEST: Install xsltproc."
550 | else
551 | log_and_print "OK: xsltproc found."
552 | fi
553 | echo "" >> $LOG
554 |
555 |
556 | if [ $ADMINISTRATOR_MAJOR != "0" ]
557 | then
558 | echo "Step 3: Checking OpenVAS Administrator ... "
559 |
560 | echo "Checking presence of OpenVAS Administrator ..." >> $LOG
561 | openvasad --version >> $LOG 2>&1
562 | if [ $? -ne 0 ]
563 | then
564 | log_and_print "ERROR: No OpenVAS Administrator (openvasad) found."
565 | log_and_print "FIX: Please install OpenVAS Administrator."
566 | check_failed
567 | fi
568 | echo "" >> $LOG
569 |
570 | VERSION=`openvasad --version | head -1 | sed -e "s/OpenVAS Administrator //"`
571 |
572 | if [ `echo $VERSION | grep "^$ADMINISTRATOR_MAJOR\.$ADMINISTRATOR_MINOR" | wc -l` -ne "1" ]
573 | then
574 | log_and_print "ERROR: OpenVAS Administrator too old or too new: $VERSION"
575 | log_and_print "FIX: Please install OpenVAS Administrator $ADMINISTRATOR_MAJOR.$ADMINISTRATOR_MINOR."
576 | log_and_print "HINT: Please see the --v6/7/8/9 command line options to check other major versions."
577 | check_failed
578 | fi
579 | echo "" >> $LOG
580 |
581 | log_and_print "OK: OpenVAS Administrator is present in version $VERSION."
582 |
583 | echo "Checking if users exist ..." >> $LOG
584 | USERCOUNT=`openvasad -c "list_users" | sed -e "/^$/d" | wc -l`
585 | if [ $USERCOUNT -eq 0 ]
586 | then
587 | log_and_print "ERROR: No users found. You need to create at least one user to log in."
588 | log_and_print " It is recommended to have at least one user with role Admin."
589 | log_and_print "FIX: Create a user using 'openvasad -c 'add_user' -n --role=Admin'"
590 | check_failed
591 | else
592 | log_and_print "OK: At least one user exists."
593 | fi
594 | echo "" >> $LOG
595 |
596 | echo "Checking if at least one admin user exists ..." >> $LOG
597 | ADMINEXISTS=`ls $STATEDIR/users/*/isadmin 2> /dev/null`
598 | if [ $? -ne 0 ]
599 | then
600 | log_and_print "ERROR: No admin user found. You need to create at least one admin user to log in."
601 | log_and_print "FIX: Create a user using 'openvasad -c 'add_user' -n -r Admin'"
602 | check_failed
603 | else
604 | log_and_print "OK: At least one admin user exists."
605 | fi
606 | echo "" >> $LOG
607 | else
608 | echo "Step 3: Checking user configuration ... "
609 | # TODO: Here we need new tests for presense of user and admin. Possibly based
610 | # on sqlite3 calls (which in turn means to check for sqlite3 which isn't a runtime
611 | # requirement for OpenVAS).
612 | fi
613 |
614 | if [ $VER -ge 6 ]
615 | then
616 | echo "Checking status of password policy ..." >> $LOG
617 | CONFFILE=`openvassd -s 2>>$LOG | grep config_file | sed -e "s/^config_file = //"`
618 | CONFDIR=`dirname $CONFFILE`
619 | grep -v "^[#]" $CONFDIR/pwpolicy.conf | grep -v "^$" > /dev/null 2>&1
620 | if [ $? -ne 0 ]
621 | then
622 | log_and_print "WARNING: Your password policy is empty."
623 | log_and_print "SUGGEST: Edit the $CONFDIR/pwpolicy.conf file to set a password policy."
624 | else
625 | log_and_print "OK: The password policy file at $CONFDIR/pwpolicy.conf contains entries."
626 | fi
627 | echo "" >> $LOG
628 | fi
629 |
630 | echo "Step 4: Checking Greenbone Security Assistant (GSA) ... "
631 |
632 | echo "Checking presence of Greenbone Security Assistant ..." >> $LOG
633 | gsad --version >> $LOG 2>&1
634 | if [ $? -ne 0 ]
635 | then
636 | log_and_print "ERROR: No Greenbone Security Assistant (gsad) found."
637 | log_and_print "FIX: Please install Greenbone Security Assistant."
638 | check_failed
639 | fi
640 | echo "" >> $LOG
641 |
642 | VERSION=`gsad --version | head -1 | sed -e "s/Greenbone Security Assistant //"`
643 |
644 | if [ `echo $VERSION | grep "^$GSA_MAJOR\.$GSA_MINOR" | wc -l` -ne "1" ]
645 | then
646 | log_and_print "ERROR: Greenbone Security Assistant too old or too new: $VERSION"
647 | log_and_print "FIX: Please install Greenbone Security Assistant $GSA_MAJOR.$GSA_MINOR."
648 | log_and_print "HINT: Please see the --v6/7/8/9 command line options to check other major versions."
649 | check_failed
650 | fi
651 | echo "" >> $LOG
652 |
653 | log_and_print "OK: Greenbone Security Assistant is present in version $VERSION."
654 |
655 | if [ "$VER" -ge 9 ]
656 | then
657 | echo "Verifying certificate infrastructure ..." >> $LOG
658 | openvas-manage-certs -V >> $LOG 2>&1
659 | if [ $? -ne 0 ]
660 | then
661 | log_and_print "ERROR: Your OpenVAS certificate infrastructure did NOT pass validation."
662 | log_and_print "FIX: Run 'openvas-manage-certs -a'."
663 | check_failed
664 | fi
665 | echo "" >> $LOG
666 |
667 | log_and_print "OK: Your OpenVAS certificate infrastructure passed validation."
668 | fi
669 |
670 |
671 | echo "Step 5: Checking OpenVAS CLI ... "
672 |
673 | if [ "$MODE" != "server" ]
674 | then
675 | echo "Checking presence of OpenVAS CLI ..." >> $LOG
676 | omp --version >> $LOG 2>&1
677 | if [ $? -ne 0 ]
678 | then
679 | log_and_print "ERROR: No OpenVAS CLI (omp) found."
680 | log_and_print "FIX: Please install OpenVAS CLI."
681 | log_and_print "HINT: Please see the --server command line option to skip this check."
682 | check_failed
683 | fi
684 | echo "" >> $LOG
685 |
686 | VERSION=`omp --version | head -1 | sed -e "s/OMP Command Line Interface //"`
687 |
688 | if [ `echo $VERSION | grep "^$CLI_MAJOR\.$CLI_MINOR" | wc -l` -ne "1" ]
689 | then
690 | log_and_print "ERROR: OpenVAS CLI too old or too new: $VERSION"
691 | log_and_print "FIX: Please install OpenVAS CLI $CLI_MAJOR.$CLI_MINOR."
692 | log_and_print "HINT: Please see the --v6/7/8/9 command line options to check other major versions."
693 | check_failed
694 | fi
695 | echo "" >> $LOG
696 |
697 | log_and_print "OK: OpenVAS CLI version $VERSION."
698 | else
699 | log_and_print "SKIP: Skipping check for OpenVAS CLI."
700 | fi
701 |
702 |
703 | echo "Step 6: Checking Greenbone Security Desktop (GSD) ... "
704 |
705 | if [ "$MODE" != "server" -a "$VER" -le 6 ]
706 | then
707 | echo "Checking presence of Greenbone Security Desktop ..." >> $LOG
708 |
709 | DISPLAY=fake gsd --version >> $LOG 2>&1
710 | if [ $? -ne 0 ]
711 | then
712 | if [ "$VER" -ge 6 ]
713 | then
714 | log_and_print "WARNING: No Greenbone Security Desktop (gsd) found or too old."
715 | log_and_print "SUGGEST: Please install Greenbone Security Desktop $GSD_MAJOR.$GSD_MINOR."
716 | else
717 | log_and_print "ERROR: No Greenbone Security Desktop (gsd) found or too old."
718 | log_and_print "FIX: Please install Greenbone Security Desktop $GSD_MAJOR.$GSD_MINOR."
719 | check_failed
720 | fi
721 | log_and_print "SKIP: Skipping further check for Greenbone Security Desktop."
722 | else
723 | echo "" >> $LOG
724 |
725 | VERSION=`gsd --version | head -1 | sed -e "s/Greenbone Security Desktop //"`
726 |
727 | if [ `echo $VERSION | grep "^$GSD_MAJOR\.$GSD_MINOR" | wc -l` -ne "1" ]
728 | then
729 | if [ $VER -lt "6" ]
730 | then
731 | log_and_print "ERROR: Greenbone Security Desktop too old or too new: $VERSION"
732 | log_and_print "FIX: Please install Greenbone Security Desktop $GSD_MAJOR.$GSD_MINOR."
733 | log_and_print "HINT: Please see the --v6/7/8/9 command line options to check other major versions."
734 | check_failed
735 | else
736 | log_and_print "WARNING: Greenbone Security Desktop too old or too new: $VERSION"
737 | log_and_print "SUGGEST: Please install Greenbone Security Desktop $GSD_MAJOR.$GSD_MINOR."
738 | log_and_print "HINT: Please see the --v6/7/8/9 command line options to check other major versions."
739 | fi
740 | fi
741 | echo "" >> $LOG
742 |
743 | log_and_print "OK: Greenbone Security Desktop is present in Version $VERSION."
744 | fi
745 | else
746 | log_and_print "SKIP: Skipping check for Greenbone Security Desktop."
747 | fi
748 |
749 |
750 | echo "Step 7: Checking if OpenVAS services are up and running ... "
751 |
752 | echo "Checking netstat presence ..." >> $LOG
753 | NETSTAT=`type netstat 2> /dev/null`
754 | if [ $? -ne 0 ]
755 | then
756 | log_and_print "WARNING: Could not find netstat binary, checks of the OpenVAS services are disabled."
757 | log_and_print "SUGGEST: Install netstat."
758 | HAVE_NETSTAT=0
759 | else
760 | log_and_print "OK: netstat found, extended checks of the OpenVAS services enabled."
761 | HAVE_NETSTAT=1
762 | fi
763 | echo "" >> $LOG
764 |
765 | if [ $HAVE_NETSTAT -eq 1 ]
766 | then
767 | netstat -A inet -A inet6 -ntlp 2> /dev/null >> $LOG
768 | OPENVASSD_HOST=`netstat -A inet -A inet6 -ntlp 2> /dev/null | grep openvassd | awk -F\ '{print $4}' | awk -F: 'sub(FS $NF,x)'`
769 | OPENVASSD_PORT=`netstat -A inet -A inet6 -ntlp 2> /dev/null | grep openvassd | awk -F\ '{print $4}' | awk -F: '{print $NF}'`
770 | OPENVASMD_HOST=`netstat -A inet -A inet6 -ntlp 2> /dev/null | grep openvasmd | awk -F\ '{print $4}' | awk -F: 'sub(FS $NF,x)'`
771 | OPENVASMD_PORT=`netstat -A inet -A inet6 -ntlp 2> /dev/null | grep openvasmd | awk -F\ '{print $4}' | awk -F: '{print $NF}'`
772 | OPENVASAD_HOST=`netstat -A inet -A inet6 -ntlp 2> /dev/null | grep openvasad | awk -F\ '{print $4}' | awk -F: 'sub(FS $NF,x)'`
773 | OPENVASAD_PORT=`netstat -A inet -A inet6 -ntlp 2> /dev/null | grep openvasad | awk -F\ '{print $4}' | awk -F: '{print $NF}'`
774 | GSAD_HOST=`netstat -A inet -A inet6 -ntlp 2> /dev/null | grep gsad | awk -F\ '{print $4}' | awk -F: 'sub(FS $NF,x)'`
775 | GSAD_PORT=`netstat -A inet -A inet6 -ntlp 2> /dev/null | grep gsad | awk -F\ '{print $4}' | awk -F: '{print $NF}' | tail -1`
776 |
777 | if [ $VER -ge 9 ]
778 | then
779 | OPENVASSD_SOCKET_FOUND=0
780 | if netstat -A unix -nlp 2> /dev/null | grep "openvassd\.sock" > /dev/null
781 | then
782 | OPENVASSD_SOCKET_FOUND=1
783 | fi
784 | if [ $OPENVASSD_SOCKET_FOUND -eq 1 ]
785 | then
786 | log_and_print "OK: OpenVAS Scanner is running and listening on a Unix domain socket."
787 | OPENVASSD_PORT=1 ;
788 | else
789 | log_and_print "ERROR: OpenVAS Scanner is NOT running!"
790 | log_and_print "FIX: Start OpenVAS Scanner (openvassd)."
791 | OPENVASSD_PORT=-1 ;
792 | fi
793 | else
794 | case "$OPENVASSD_HOST" in
795 | "0.0.0.0"|"::") log_and_print "OK: OpenVAS Scanner is running and listening on all interfaces." ;;
796 | "127.0.0.1") log_and_print "OK: OpenVAS Scanner is running and listening only on the local interface." ;;
797 | "") OPENVASSD_PROC=`ps -Af | grep -ic "[o]penvassd: waiting for incoming connections"`
798 | if [ $OPENVASSD_PROC -eq 0 ]
799 | then
800 | log_and_print "ERROR: OpenVAS Scanner is NOT running!" ;
801 | log_and_print "FIX: Start OpenVAS Scanner (openvassd)." ;
802 | OPENVASSD_PORT=-1 ;
803 | else
804 | log_and_print "WARNING: OpenVAS Scanner seems to be run by another user!" ;
805 | log_and_print "FIX: If intended this is OK (e.g. as root). But we can not determine the port." ;
806 | log_and_print "FIX: You might face subsequent problems if not intended." ;
807 | OPENVASSD_PORT=1 ;
808 | fi
809 | ;;
810 | esac
811 | case $OPENVASSD_PORT in
812 | -1) ;;
813 | 9391) log_and_print "OK: OpenVAS Scanner is listening on port 9391, which is the default port." ;;
814 | *) log_and_print "WARNING: OpenVAS Scanner is listening on port $OPENVASSD_PORT, which is NOT the default port!"
815 | log_and_print "SUGGEST: Ensure OpenVAS Scanner is listening on port 9391." ;;
816 | esac
817 | fi
818 |
819 | if [ $VER -ge 9 ]
820 | then
821 | OPENVASMD_SOCKET_FOUND=0
822 | if netstat -A unix -nlp 2> /dev/null | grep "openvasmd\.sock" > /dev/null
823 | then
824 | OPENVASMD_SOCKET_FOUND=1
825 | fi
826 | if [ $OPENVASMD_SOCKET_FOUND -eq 1 ]
827 | then
828 | log_and_print "OK: OpenVAS Manager is running and listening on a Unix domain socket."
829 | OPENVASMD_PORT=1
830 | else
831 | case "$OPENVASMD_HOST" in
832 | "0.0.0.0"|"::") log_and_print "OK: OpenVAS Manager is running and listening on all interfaces." ;;
833 | "127.0.0.1") log_and_print "WARNING: OpenVAS Manager is running and listening only on the local interface."
834 | log_and_print "This means that you will not be able to access the OpenVAS Manager from the"
835 | log_and_print "outside using GSD or OpenVAS CLI."
836 | log_and_print "SUGGEST: Ensure that OpenVAS Manager listens on all interfaces unless you want"
837 | log_and_print "a local service only."
838 | OPENVASMD_PORT=1 ;;
839 | "") log_and_print "ERROR: OpenVAS Manager is NOT running!"
840 | log_and_print "FIX: Start OpenVAS Manager (openvasmd)."
841 | OPENVASMD_PORT=-1 ;;
842 | esac
843 | fi
844 | else
845 | case "$OPENVASMD_HOST" in
846 | "0.0.0.0"|"::") log_and_print "OK: OpenVAS Manager is running and listening on all interfaces." ;;
847 | "127.0.0.1") log_and_print "WARNING: OpenVAS Manager is running and listening only on the local interface."
848 | log_and_print "This means that you will not be able to access the OpenVAS Manager from the"
849 | log_and_print "outside using GSD or OpenVAS CLI."
850 | log_and_print "SUGGEST: Ensure that OpenVAS Manager listens on all interfaces unless you want"
851 | log_and_print "a local service only." ;;
852 | "") log_and_print "ERROR: OpenVAS Manager is NOT running!"
853 | log_and_print "FIX: Start OpenVAS Manager (openvasmd)."
854 | OPENVASMD_PORT=-1 ;;
855 | esac
856 | case $OPENVASMD_PORT in
857 | -1) ;;
858 | 9390) log_and_print "OK: OpenVAS Manager is listening on port 9390, which is the default port." ;;
859 | *) log_and_print "WARNING: OpenVAS Manager is listening on port $OPENVASMD_PORT, which is NOT the default port!"
860 | log_and_print "SUGGEST: Ensure OpenVAS Manager is listening on port 9390." ;;
861 | esac
862 | fi
863 |
864 | if [ $ADMINISTRATOR_MAJOR != "0" ]
865 | then
866 | case "$OPENVASAD_HOST" in
867 | "0.0.0.0") log_and_print "OK: OpenVAS Administrator is running and listening on all interfaces." ;;
868 | "127.0.0.1") log_and_print "OK: OpenVAS Administrator is running and listening only on the local interface." ;;
869 | "") log_and_print "ERROR: OpenVAS Administrator is NOT running!"
870 | log_and_print "FIX: Start OpenVAS Administrator (openvasad)."
871 | OPENVASAD_PORT=-1 ;;
872 | esac
873 | case $OPENVASAD_PORT in
874 | -1) ;;
875 | 9393) log_and_print "OK: OpenVAS Administrator is listening on port 9393, which is the default port." ;;
876 | *) log_and_print "WARNING: OpenVAS Administrator is listening on port $OPENVASAD_PORT, which is NOT the default port!"
877 | log_and_print "SUGGEST: Ensure OpenVAS Administrator is listening on port 9393." ;;
878 | esac
879 | else
880 | OPENVASAD_PORT=1; # to make this not a failure because we do not need openvasad at all
881 | fi
882 |
883 | case "$GSAD_HOST" in
884 | "0.0.0.0"|"::") log_and_print "OK: Greenbone Security Assistant is running and listening on all interfaces." ;;
885 | "127.0.0.1") log_and_print "WARNING: Greenbone Security Assistant is running and listening only on the local interface."
886 | log_and_print "This means that you will not be able to access the Greenbone Security Assistant from the"
887 | log_and_print "outside using a web browser."
888 | log_and_print "SUGGEST: Ensure that Greenbone Security Assistant listens on all interfaces." ;;
889 | "") log_and_print "ERROR: Greenbone Security Assistant is NOT running!"
890 | log_and_print "FIX: Start Greenbone Security Assistant (gsad)."
891 | GSAD_PORT=-1 ;;
892 | esac
893 | case $GSAD_PORT in
894 | -1) ;;
895 | 80|443|9392) log_and_print "OK: Greenbone Security Assistant is listening on port $GSAD_PORT, which is the default port." ;;
896 | *) log_and_print "WARNING: Greenbone Security Assistant is listening on port $GSAD_PORT, which is NOT the default port!"
897 | log_and_print "SUGGEST: Ensure Greenbone Security Assistant is listening on one of the following ports: 80, 443, 9392." ;;
898 | esac
899 |
900 | if [ $OPENVASSD_PORT -eq -1 ] || [ $OPENVASMD_PORT -eq -1 ] || [ $OPENVASAD_PORT -eq -1 ] || [ $GSAD_PORT -eq -1 ]
901 | then
902 | check_failed
903 | fi
904 |
905 | fi
906 |
907 | echo "Step 8: Checking nmap installation ..."
908 |
909 | echo "Checking presence of nmap ..." >> $LOG
910 | NMAP=`type nmap 2> /dev/null`
911 | if [ $? -ne 0 ]
912 | then
913 | if [ $SKIP_NMAP -eq 0 ]
914 | then
915 | log_and_print "ERROR: No nmap installation found."
916 | log_and_print "FIX: The predefined scan configurations needs nmap as a port scanner. You should install nmap (see http://nmap.org)."
917 | log_and_print "HINT: Please see the --skip-nmap command line option to skip this check."
918 | check_failed
919 | else
920 | log_and_print "WARNING: No nmap installation found."
921 | log_and_print "WARNING: You need to add a port scanner from the 'Port scanners' family to your custom scan config and install this port scanner on your system."
922 | fi
923 | else
924 | VERSION=`nmap --version | awk '/Nmap version/ { print $3 }'`
925 | if [ `echo $VERSION | grep "5\.51" | wc -l` -ne "1" ]
926 | then
927 | log_and_print "WARNING: Your version of nmap is not fully supported: $VERSION"
928 | log_and_print "SUGGEST: You should install nmap 5.51 if you plan to use the nmap NSE NVTs."
929 | else
930 | log_and_print "OK: nmap is present in version $VERSION."
931 | fi
932 | fi
933 | echo "" >> $LOG
934 |
935 | echo "Step 10: Checking presence of optional tools ..."
936 |
937 | echo "Checking presence of pdflatex ..." >> $LOG
938 | PDFLATEX=`type pdflatex 2> /dev/null`
939 | if [ $? -ne 0 ]
940 | then
941 | log_and_print "WARNING: Could not find pdflatex binary, the PDF report format will not work."
942 | log_and_print "SUGGEST: Install pdflatex."
943 | HAVE_PDFLATEX=0
944 | else
945 | log_and_print "OK: pdflatex found."
946 | HAVE_PDFLATEX=1
947 | fi
948 | echo "" >> $LOG
949 |
950 | if [ $HAVE_PDFLATEX -eq 1 ]
951 | then
952 | echo "Checking presence of LaTeX packages required for PDF report generation ..." >> $LOG
953 | PDFTMPDIR=`mktemp -d -t openvas-check-setup-tmp.XXXXXXXXXX`
954 | TEXFILE="$PDFTMPDIR/test.tex"
955 | cat < $TEXFILE
956 | \documentclass{article}
957 | \pagestyle{empty}
958 |
959 | %\usepackage{color}
960 | \usepackage{tabularx}
961 | \usepackage{geometry}
962 | \usepackage{comment}
963 | \usepackage{longtable}
964 | \usepackage{titlesec}
965 | \usepackage{chngpage}
966 | \usepackage{calc}
967 | \usepackage{url}
968 | \usepackage[utf8x]{inputenc}
969 |
970 | \DeclareUnicodeCharacter {135}{{\textascii ?}}
971 | \DeclareUnicodeCharacter {129}{{\textascii ?}}
972 | \DeclareUnicodeCharacter {128}{{\textascii ?}}
973 |
974 | \usepackage{colortbl}
975 |
976 | % must come last
977 | \usepackage{hyperref}
978 | \definecolor{linkblue}{rgb}{0.11,0.56,1}
979 | \definecolor{inactive}{rgb}{0.56,0.56,0.56}
980 | \definecolor{openvas_debug}{rgb}{0.78,0.78,0.78}
981 | \definecolor{openvas_false_positive}{rgb}{0.2275,0.2275,0.2275}
982 | \definecolor{openvas_log}{rgb}{0.2275,0.2275,0.2275}
983 | \definecolor{openvas_hole}{rgb}{0.7960,0.1137,0.0902}
984 | \definecolor{openvas_note}{rgb}{0.3255,0.6157,0.7961}
985 | \definecolor{openvas_report}{rgb}{0.68,0.74,0.88}
986 | \definecolor{openvas_user_note}{rgb}{1.0,1.0,0.5625}
987 | \definecolor{openvas_user_override}{rgb}{1.0,1.0,0.5625}
988 | \definecolor{openvas_warning}{rgb}{0.9764,0.6235,0.1922}
989 | \hypersetup{colorlinks=true,linkcolor=linkblue,urlcolor=blue,bookmarks=true,bookmarksopen=true}
990 | \usepackage[all]{hypcap}
991 |
992 | %\geometry{verbose,a4paper,tmargin=24mm,bottom=24mm}
993 | \geometry{verbose,a4paper}
994 | \setlength{\parskip}{\smallskipamount}
995 | \setlength{\parindent}{0pt}
996 |
997 | \title{PDF Report Test}
998 | \pagestyle{headings}
999 | \pagenumbering{arabic}
1000 | \begin{document}
1001 | This is a test of the PDF generation capabilities of your OpenVAS installation. Please ignore.
1002 | \end{document}
1003 | EOT
1004 | pdflatex -interaction batchmode -output-directory $PDFTMPDIR $TEXFILE > /dev/null 2>&1
1005 | if [ ! -f "$PDFTMPDIR/test.pdf" ]
1006 | then
1007 | log_and_print "WARNING: PDF generation failed, most likely due to missing LaTeX packages. The PDF report format will not work."
1008 | log_and_print "SUGGEST: Install required LaTeX packages."
1009 | else
1010 | log_and_print "OK: PDF generation successful. The PDF report format is likely to work."
1011 | fi
1012 | if [ -f "$PDFTMPDIR/test.log" ]
1013 | then
1014 | cat $PDFTMPDIR/test.log >> $LOG
1015 | fi
1016 | rm -rf $PDFTMPDIR
1017 | fi
1018 |
1019 | echo "Checking presence of ssh-keygen ..." >> $LOG
1020 | SSHKEYGEN=`type ssh-keygen 2> /dev/null`
1021 | if [ $? -ne 0 ]
1022 | then
1023 | log_and_print "WARNING: Could not find ssh-keygen binary, LSC credential generation for GNU/Linux targets will not work."
1024 | log_and_print "SUGGEST: Install ssh-keygen."
1025 | HAVE_SSHKEYGEN=0
1026 | else
1027 | log_and_print "OK: ssh-keygen found, LSC credential generation for GNU/Linux targets is likely to work."
1028 | HAVE_SSHKEYGEN=1
1029 | fi
1030 | echo "" >> $LOG
1031 |
1032 | if [ $HAVE_SSHKEYGEN -eq 1 ]
1033 | then
1034 | echo "Checking presence of rpm ..." >> $LOG
1035 | RPM=`type rpm 2> /dev/null`
1036 | if [ $? -ne 0 ]
1037 | then
1038 | log_and_print "WARNING: Could not find rpm binary, LSC credential package generation for RPM and DEB based targets will not work."
1039 | log_and_print "SUGGEST: Install rpm."
1040 | HAVE_RPM=0
1041 | else
1042 | log_and_print "OK: rpm found, LSC credential package generation for RPM based targets is likely to work."
1043 | HAVE_RPM=1
1044 | fi
1045 | echo "" >> $LOG
1046 |
1047 | if [ $HAVE_RPM -eq 1 ]
1048 | then
1049 | echo "Checking presence of alien ..." >> $LOG
1050 | ALIEN=`type alien 2> /dev/null`
1051 | if [ $? -ne 0 ]
1052 | then
1053 | log_and_print "WARNING: Could not find alien binary, LSC credential package generation for DEB based targets will not work."
1054 | log_and_print "SUGGEST: Install alien."
1055 | HAVE_ALIEN=0
1056 | else
1057 | log_and_print "OK: alien found, LSC credential package generation for DEB based targets is likely to work."
1058 | HAVE_ALIEN=1
1059 | fi
1060 | echo "" >> $LOG
1061 | fi
1062 | fi
1063 |
1064 | echo "Checking presence of nsis ..." >> $LOG
1065 | NSIS=`type makensis 2> /dev/null`
1066 | if [ $? -ne 0 ]
1067 | then
1068 | log_and_print "WARNING: Could not find makensis binary, LSC credential package generation for Microsoft Windows targets will not work."
1069 | log_and_print "SUGGEST: Install nsis."
1070 | HAVE_NSIS=0
1071 | else
1072 | log_and_print "OK: nsis found, LSC credential package generation for Microsoft Windows targets is likely to work."
1073 | HAVE_NSIS=1
1074 | fi
1075 |
1076 | echo "Checking for SELinux ..." >> $LOG
1077 | selinux=`getenforce 2>/dev/null`
1078 | if [ $? -eq 0 ]
1079 | then
1080 | if [ $selinux != "Disabled" ]
1081 | then
1082 | log_and_print "ERROR: SELinux is enabled. For a working OpenVAS installation you need to disable it."
1083 | log_and_print "FIX: Please disable SELinux."
1084 | check_failed
1085 | else
1086 | log_and_print "OK: SELinux is disabled."
1087 | fi
1088 | fi
1089 |
1090 | echo "" >> $LOG
1091 |
1092 | echo ""
1093 | echo "It seems like your OpenVAS-$VER installation is OK."
1094 | echo ""
1095 | echo "If you think it is not OK, please report your observation"
1096 | echo "and help us to improve this check routine:"
1097 | echo "http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss"
1098 | echo "Please attach the log-file ($LOG) to help us analyze the problem."
1099 | echo ""
1100 |
--------------------------------------------------------------------------------
/SOURCES/openvas-nvt-sync-cronjob:
--------------------------------------------------------------------------------
1 | # start plugin sync daily at 1am
2 | PATH=/bin:/usr/bin:/sbin:/usr/sbin
3 | 0 1 * * * root /usr/sbin/greenbone-nvt-sync
4 |
--------------------------------------------------------------------------------
/SOURCES/openvas-scap-sync-cronjob:
--------------------------------------------------------------------------------
1 | # start plugin sync daily at 1am
2 | PATH=/bin:/usr/bin:/sbin:/usr/sbin
3 | 0 1 * * * root /usr/sbin/greenbone-scapdata-sync
4 |
--------------------------------------------------------------------------------
/contrib/openvas/debian/.git-dpm:
--------------------------------------------------------------------------------
1 | # see git-dpm(1) from git-dpm package
2 | a9c4adca386b7a6906c1958b45c60f55dbf61234
3 | a9c4adca386b7a6906c1958b45c60f55dbf61234
4 | a9c4adca386b7a6906c1958b45c60f55dbf61234
5 | 7d14286a4e93d96e3a4cd96d7811669bb38cd6cb
6 | openvas_9.0.1.orig.tar.gz
7 | 4c5b2ee17d5a38af8a964a242605501b72511f25
8 | 9040
9 | debianTag="debian/%e%v"
10 | patchedTag="patched/%e%v"
11 | upstreamTag="upstream/%e%u"
12 |
--------------------------------------------------------------------------------
/contrib/openvas/debian/changelog:
--------------------------------------------------------------------------------
1 | openvas (9.0.2) unstable; urgency=medium
2 |
3 | * Fix binary name in openvas-feed-update (Closes: #881485)
4 |
5 | -- SZ Lin (林上智) Mon, 13 Nov 2017 13:03:31 +0800
6 |
7 | openvas (9.0.1) unstable; urgency=medium
8 |
9 | [ Sophie Brun ]
10 | * Fix openvas-setup (unix socket for redis is /var/run/redis/redis.sock)
11 | * openvas-setup: replace openvas-mkcert* with openvas-manage-certs
12 |
13 | [ SZ Lin (林上智) ]
14 | * Remove openvas.postinst (Closes: #866017)
15 | * Bump standards version to 4.1.1
16 | * d/control: Replace the priority from extra to optional
17 | * d/copyright: Replace "http" with "https"
18 |
19 | -- SZ Lin (林上智) Wed, 01 Nov 2017 13:20:10 +0800
20 |
21 | openvas (9.0.0) unstable; urgency=medium
22 |
23 | * Move package from experimental to sid archive
24 | * Bump standards version to 4.0.0
25 |
26 | -- SZ Lin (林上智) Tue, 20 Jun 2017 11:31:42 +0800
27 |
28 | openvas (9.0.0~exp1) experimental; urgency=low
29 |
30 | * Package new version to Debian (Closes: #848973)
31 |
32 | -- SZ Lin (林上智) Tue, 21 Feb 2017 13:02:55 +0800
33 |
34 | openvas (8.0) kali; urgency=medium
35 |
36 | * Fix debian/control with minimal versions
37 |
38 | -- Sophie Brun Fri, 17 Apr 2015 09:37:34 +0200
39 |
40 | openvas (1.8) kali; urgency=medium
41 |
42 | * Update openvas-check-setup for openvas current version 8 with file from
43 | upstream and keep last changes for certificates checks
44 | * Update debian/copyright
45 | * Replace openvasmd --list-users by openvasmd --get-users as commande line
46 | has been renamed
47 | * Add a postinst: configure redis as needed and create a openvassd.conf to
48 | use the socket /var/lib/redis.sock instead of /tmp/redis.sock
49 |
50 | -- Sophie Brun Fri, 10 Apr 2015 10:19:56 +0200
51 |
52 | openvas (1.7.2) kali; urgency=medium
53 |
54 | * Add a certificates check in openvas-setup and openvas-check-setup to
55 | detect invalid certificate
56 | * Update openvas-setup: use "service" instead of the /etc/init.d/ scripts.
57 |
58 | -- Sophie Brun Tue, 10 Mar 2015 11:43:43 +0100
59 |
60 | openvas (1.7.1) kali; urgency=low
61 |
62 | * Fix typo in admin username
63 |
64 | -- Mati Aharoni Fri, 10 Oct 2014 04:41:06 -0400
65 |
66 | openvas (1.7) kali; urgency=medium
67 |
68 | * Add openvas-certdata-sync call to openvas-setup.
69 |
70 | -- Raphaël Hertzog Mon, 04 Aug 2014 14:01:22 +0200
71 |
72 | openvas (1.6) kali; urgency=medium
73 |
74 | * Add openvas-scapdata-sync call to openvas-setup.
75 | * Add rsync to Depends since it's needed by the above call.
76 |
77 | -- Raphaël Hertzog Mon, 04 Aug 2014 12:17:20 +0200
78 |
79 | openvas (1.5) kali; urgency=medium
80 |
81 | * Try to adapt openvas-setup for openvas 7:
82 | - use openvasmd --list-users to verify if there's an admin user
83 | - use openvasmd --create-user to create the admin user
84 | - drop the "om" parameter to openvas-mkcert-client so that the
85 | certificates are created in their newly expected location
86 | (/var/lib/openvas/CA/clientcert.pem +
87 | /var/lib/openvas/private/CA/clientkey.pem) and adjust the
88 | check accordingly
89 |
90 | -- Raphaël Hertzog Mon, 04 Aug 2014 11:56:26 +0200
91 |
92 | openvas (1.4) kali; urgency=medium
93 |
94 | * Update openvas-check-setup for openvas current version 7
95 | * Drop mention to openvas-administrator in files setup, start and stop
96 | * Update for compatibility with debhelper 9
97 | * control: Drop depends to openvas-administrator and update Vcs-git
98 | * Add copyright of file openvas-check-setup
99 | * Drop file docs as it's empty
100 | * Drop depends gsd (not supported anymore) and shlibs (architecture: all)
101 | * Update description
102 | * Add gsd in conflicts as it's not suppported anymore
103 |
104 | -- Sophie Brun Mon, 04 Aug 2014 08:35:46 +0200
105 |
106 | openvas (1.3) kali; urgency=low
107 |
108 | * Added openvas-check-setup
109 |
110 | -- Mati Aharoni Fri, 09 Aug 2013 08:07:51 -0400
111 |
112 | openvas (1.2) kali; urgency=low
113 |
114 | * Added check-openvas script
115 |
116 | -- Mati Aharoni Fri, 09 Aug 2013 07:43:28 -0400
117 |
118 | openvas (1.1) kali; urgency=low
119 |
120 | * Added openvas setup
121 |
122 | -- Mati Aharoni Fri, 14 Dec 2012 11:18:40 -0500
123 |
124 | openvas (1.0) kali; urgency=low
125 |
126 | * Initial Release.
127 |
128 | -- Mati Aharoni Fri, 14 Dec 2012 10:49:47 -0500
129 |
--------------------------------------------------------------------------------
/contrib/openvas/debian/compat:
--------------------------------------------------------------------------------
1 | 10
2 |
--------------------------------------------------------------------------------
/contrib/openvas/debian/control:
--------------------------------------------------------------------------------
1 | Source: openvas
2 | Section: net
3 | Priority: optional
4 | Maintainer: Atomicorp
5 | Build-Depends: debhelper (>= 10)
6 | Standards-Version: 4.1.1
7 | Homepage: http://www.atomicorp.com/
8 |
9 | Package: openvas
10 | Architecture: all
11 | Depends: ${misc:Depends},
12 | openvas-manager (>= 7.0.0),
13 | openvas-scanner (>= 5.1.0),
14 | greenbone-security-assistant(>= 7.0.0),
15 | openvas-cli (>= 1.4.5),
16 | rng-tools,
17 | Recommends: sqlite3, xsltproc, rsync
18 | Description: remote network security auditor - dummy package
19 | The Open Vulnerability Assessment System is a modular security auditing tool,
20 | used for testing remote systems for vulnerabilities that should be fixed.
21 | .
22 | It is made up of several parts: a manager i.e. the main server openvasmd.
23 | A scanner openvassd that execute vulnerability checking scripts. A cli and
24 | a web interface called Greenbone Security Assistant gsad.
25 |
--------------------------------------------------------------------------------
/contrib/openvas/debian/copyright:
--------------------------------------------------------------------------------
1 | Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
2 | Upstream-Name: openvas
3 | Source: http://www.openvas.org
4 |
5 | Files: openvas-feed-update openvas-setup openvas-start openvas-stop
6 | Copyright: 2012 - 2016 Kali Linux
7 | License: GPL-3
8 |
9 | Files: openvas-check-setup
10 | Copyright: 2011-2016 Greenbone Networks GmbH
11 | License: GPL-2+
12 |
13 | Files: debian/*
14 | Copyright: 2012 Mati Aharoni
15 | 2012 dookie
16 | 2014-2016 Sophie Brun
17 | 2016 ChangZhuo Chen (陳昌倬)
18 | 2016-2017 SZ Lin (林上智)
19 | License: GPL-2+
20 |
21 | License: GPL-2+
22 | This package is free software; you can redistribute it and/or modify
23 | it under the terms of the GNU General Public License as published by
24 | the Free Software Foundation; either version 2 of the License, or
25 | (at your option) any later version.
26 | .
27 | This package is distributed in the hope that it will be useful,
28 | but WITHOUT ANY WARRANTY; without even the implied warranty of
29 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
30 | GNU General Public License for more details.
31 | .
32 | You should have received a copy of the GNU General Public License
33 | along with this program. If not, see
34 | .
35 | On Debian systems, the complete text of the GNU General
36 | Public License version 2 can be found in "/usr/share/common-licenses/GPL-2".
37 |
38 |
39 | License: GPL-3
40 | This program is free software: you can redistribute it and/or modify it under
41 | the terms of the GNU General Public License as published by the Free Software
42 | Foundation, either version 3 of the License.
43 | .
44 | This program is distributed in the hope that it will be useful, but WITHOUT ANY
45 | WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
46 | PARTICULAR PURPOSE. See the GNU General Public License for more details.
47 | .
48 | You should have received a copy of the GNU General Public License along with
49 | this program. If not, see .
50 | .
51 | On Debian systems, the complete text of the GNU General Public License
52 | can be found in `/usr/share/common-licenses/GPL-3'.
53 |
--------------------------------------------------------------------------------
/contrib/openvas/debian/openvas.install:
--------------------------------------------------------------------------------
1 | openvas-setup usr/bin/
2 | openvas-check-setup usr/bin/
3 | openvas-cert-sync etc/cron.daily/
4 | openvas-nvt-sync etc/cron.daily/
5 | openvas-scap-sync etc/cron.daily/
6 | openvas.service lib/systemd/system/
7 |
8 |
--------------------------------------------------------------------------------
/contrib/openvas/debian/rules:
--------------------------------------------------------------------------------
1 | #!/usr/bin/make -f
2 |
3 | %:
4 | dh $@ --parallel --with systemd
5 |
--------------------------------------------------------------------------------
/contrib/openvas/debian/source/format:
--------------------------------------------------------------------------------
1 | 3.0 (native)
2 |
--------------------------------------------------------------------------------
/docker/jessie/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM debian:jessie
2 |
3 | MAINTAINER support
4 |
5 | RUN \
6 | apt-get update && \
7 | apt-get -y upgrade
8 |
9 | RUN \
10 | apt-get install -y fakeroot devscripts && \
11 | apt-get clean
12 |
13 | RUN \
14 | install --directory -m 0755 /data
15 |
16 |
17 | WORKDIR /data
18 |
19 | VOLUME /data
20 | VOLUME /patches
21 |
22 | RUN groupadd -r gitlab-runner -g 478
23 | RUN useradd -u 480 -r -g gitlab-runner gitlab-runner
24 |
25 | # we have to run as root so that we can apt-get update
26 | ENTRYPOINT ["/data/builder.sh"]
27 |
--------------------------------------------------------------------------------
/docker/jessie/builder.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | if [ ! -f package/version ]; then
4 | echo
5 | echo "Error: version not detected $(pwd)"
6 | echo
7 | ls -la
8 | exit 1
9 | fi
10 |
11 | source package/version
12 | CI_PIPELINE_ID=$(cat package/release)
13 |
14 | pushd package
15 | dch -c debian/changelog -b -v $DEB_VERSION-$CI_PIPELINE_ID$DIST -D $(awk -F'=' '/_CODENAME/{print$NF}' /etc/lsb-release) "$CHANGELOG"
16 |
17 | fakeroot debian/rules clean
18 | fakeroot debian/rules binary
19 | popd
20 |
--------------------------------------------------------------------------------
/docker/kali/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM kalilinux/kali-linux-docker
2 |
3 | MAINTAINER support
4 |
5 | #RUN sed -i 's/^# deb-src \(.*xenial.* main restricted\)$/deb-src \1/g' /etc/apt/sources.list
6 | RUN echo "deb http://http.kali.org/kali kali-rolling main contrib non-free" > /etc/apt/sources.list && \
7 | echo "deb-src http://http.kali.org/kali kali-rolling main contrib non-free" >> /etc/apt/sources.list
8 | ENV DEBIAN_FRONTEND noninteractive
9 |
10 | RUN apt-get update
11 |
12 | RUN apt-get build-dep -y linux
13 | RUN apt-get install -y fakeroot devscripts bc debhelper bison cmake doxygen libgcrypt-dev libglib2.0-dev libgnutls28-dev libgpgme11-dev libhiredis-dev libksba-dev libldap2-dev libpcap-dev libssh-dev uuid-dev libsnmp-dev
14 | RUN apt-get clean
15 |
16 | RUN install --directory -m 0755 /data && \
17 | install --directory -m 0755 /patches
18 |
19 |
20 | WORKDIR /data
21 |
22 | VOLUME /data
23 | VOLUME /patches
24 |
25 | RUN groupadd -r gitlab-runner -g 478
26 | RUN useradd -u 480 -r -g gitlab-runner gitlab-runner
27 |
28 | # we have to run as root so that we can apt-get update
29 | ENTRYPOINT ["/data/builder.sh"]
30 |
--------------------------------------------------------------------------------
/docker/kali/builder.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | if [ ! -f package/version ]; then
4 | echo
5 | echo "Error: version not detected $(pwd)"
6 | echo
7 | ls -la
8 | exit 1
9 | fi
10 |
11 | source package/version
12 | CI_PIPELINE_ID=$(cat package/release)
13 |
14 | pushd package
15 | dch -c debian/changelog -b -v $DEB_VERSION-$CI_PIPELINE_ID$DIST -D $(awk -F'=' '/_CODENAME/{print$NF}' /etc/lsb-release) "$CHANGELOG"
16 |
17 | fakeroot debian/rules clean
18 | fakeroot debian/rules binary
19 | popd
20 |
--------------------------------------------------------------------------------
/docker/mint/.Dockerfile.swp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Atomicorp/gvm/368af3199fa41369da2266db9791bd0b3106d9ca/docker/mint/.Dockerfile.swp
--------------------------------------------------------------------------------
/docker/mint/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM vcatechnology/ubuntu:16.04
2 | MAINTAINER support
3 |
4 |
5 | RUN REPO_LIST=/etc/apt/sources.list.d/mint.list \
6 | && echo "deb http://packages.linuxmint.com/ sonya main upstream import backport " > ${REPO_LIST} \
7 | && LINUX_MINT_KEY=$(apt update 2>&1 | grep -o '[0-9A-Z]\{16\}$' | xargs) \
8 | && apt-key adv --recv-keys --keyserver keyserver.ubuntu.com ${LINUX_MINT_KEY} \
9 | && vca-install-package --allow-unauthenticated linuxmint-keyring \
10 | && unset LINUX_MINT_KEY REPO_LIST
11 |
12 | # Install the necessary packages to convert to Linux Mint
13 | RUN vca-install-package base-files
14 |
15 | # Update all packages
16 | RUN apt-get -q update \
17 | && echo console-setup console-setup/charmap select UTF-8 | debconf-set-selections \
18 | && apt-get -fqy -o Dpkg::Options::="--force-confnew" -o APT::Immediate-Configure=false dist-upgrade \
19 | && apt-get -qy autoremove \
20 | && apt-get -q clean
21 |
22 |
23 | RUN apt-get build-dep -y linux
24 | RUN apt-get install -y fakeroot devscripts bc
25 | RUN apt-get clean
26 |
27 | RUN install --directory -m 0755 /data && \
28 | install --directory -m 0755 /patches
29 |
30 |
31 | WORKDIR /data
32 |
33 | VOLUME /data
34 | VOLUME /patches
35 |
36 | RUN groupadd -r gitlab-runner -g 478
37 | RUN useradd -u 480 -r -g gitlab-runner gitlab-runner
38 |
39 | # we have to run as root so that we can apt-get update
40 | ENTRYPOINT ["/data/builder.sh"]
41 |
--------------------------------------------------------------------------------
/docker/mint/builder.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | if [ ! -f package/version ]; then
4 | echo
5 | echo "Error: version not detected $(pwd)"
6 | echo
7 | ls -la
8 | exit 1
9 | fi
10 |
11 | source package/version
12 | CI_PIPELINE_ID=$(cat package/release)
13 |
14 | pushd package
15 | dch -c debian/changelog -b -v $DEB_VERSION-$CI_PIPELINE_ID$DIST -D $(awk -F'=' '/_CODENAME/{print$NF}' /etc/lsb-release) "$CHANGELOG"
16 |
17 | fakeroot debian/rules clean
18 | fakeroot debian/rules binary
19 | popd
20 |
--------------------------------------------------------------------------------
/docker/stretch/.Dockerfile.swp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Atomicorp/gvm/368af3199fa41369da2266db9791bd0b3106d9ca/docker/stretch/.Dockerfile.swp
--------------------------------------------------------------------------------
/docker/stretch/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM debian:stretch
2 |
3 | MAINTAINER support
4 |
5 | RUN \
6 | apt-get update && \
7 | apt-get -y upgrade
8 |
9 | RUN \
10 | apt-get install -y fakeroot devscripts && \
11 | apt-get clean
12 |
13 | RUN \
14 | install --directory -m 0755 /data
15 |
16 |
17 | WORKDIR /data
18 |
19 | VOLUME /data
20 | VOLUME /patches
21 |
22 | RUN groupadd -r gitlab-runner -g 478
23 | RUN useradd -u 480 -r -g gitlab-runner gitlab-runner
24 |
25 | # we have to run as root so that we can apt-get update
26 | ENTRYPOINT ["/data/builder.sh"]
27 |
--------------------------------------------------------------------------------
/docker/stretch/builder.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | if [ ! -f package/version ]; then
4 | echo
5 | echo "Error: version not detected $(pwd)"
6 | echo
7 | ls -la
8 | exit 1
9 | fi
10 |
11 | source package/version
12 | CI_PIPELINE_ID=$(cat package/release)
13 |
14 | pushd package
15 | dch -c debian/changelog -b -v $DEB_VERSION-$CI_PIPELINE_ID$DIST -D $(awk -F'=' '/_CODENAME/{print$NF}' /etc/lsb-release) "$CHANGELOG"
16 |
17 | fakeroot debian/rules clean
18 | fakeroot debian/rules binary
19 | popd
20 |
--------------------------------------------------------------------------------
/docker/trusty/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM ubuntu:14.04
2 |
3 | MAINTAINER support
4 |
5 | RUN sed -i 's/^# deb-src \(.*trusty.* main restricted\)$/deb-src \1/g' /etc/apt/sources.list
6 |
7 | RUN apt-get update
8 |
9 | RUN apt-get build-dep -y linux
10 | RUN apt-get install -y fakeroot devscripts bc
11 | RUN apt-get clean
12 |
13 | RUN install --directory -m 0755 /data && \
14 | install --directory -m 0755 /patches
15 |
16 |
17 | WORKDIR /data
18 |
19 | VOLUME /data
20 | VOLUME /patches
21 |
22 | RUN groupadd -r gitlab-runner -g 478
23 | RUN useradd -u 480 -r -g gitlab-runner gitlab-runner
24 |
25 | # we have to run as root so that we can apt-get update
26 | ENTRYPOINT ["/data/builder.sh"]
27 |
--------------------------------------------------------------------------------
/docker/trusty/builder.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | if [ ! -f package/version ]; then
4 | echo
5 | echo "Error: version not detected $(pwd)"
6 | echo
7 | ls -la
8 | exit 1
9 | fi
10 |
11 | source package/version
12 | CI_PIPELINE_ID=$(cat package/release)
13 |
14 | pushd package
15 | dch -c debian/changelog -b -v $DEB_VERSION-$CI_PIPELINE_ID$DIST -D $(awk -F'=' '/_CODENAME/{print$NF}' /etc/lsb-release) "$CHANGELOG"
16 |
17 | fakeroot debian/rules clean
18 | fakeroot debian/rules binary
19 | popd
20 |
--------------------------------------------------------------------------------
/docker/xenial/.Dockerfile.swp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/Atomicorp/gvm/368af3199fa41369da2266db9791bd0b3106d9ca/docker/xenial/.Dockerfile.swp
--------------------------------------------------------------------------------
/docker/xenial/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM ubuntu:16.04
2 |
3 | MAINTAINER support
4 |
5 | RUN sed -i 's/^# deb-src \(.*xenial.* main restricted\)$/deb-src \1/g' /etc/apt/sources.list
6 | # Adding atomic repo
7 | #RUN echo "deb http://10.66.6.13/channels/atomic/ubuntu/ xenial main" >> /etc/apt/sources.list
8 |
9 | # Adding atomic-testing repo
10 | RUN echo "deb http://10.66.6.13/channels/atomic-testing/ubuntu/ xenial main" >> /etc/apt/sources.list
11 |
12 | # Adding atomic-bleeding repo
13 | #RUN echo "deb http://10.66.6.13/channels/atomic-bleeding/ubuntu/ xenial main" > /etc/apt/sources.list
14 |
15 |
16 | RUN apt-get --allow-unauthenticated update
17 |
18 | RUN apt-get build-dep -y linux
19 | RUN apt-get install -y fakeroot devscripts bc debhelper bison cmake doxygen libgcrypt-dev libglib2.0-dev libgnutls28-dev libgpgme11-dev libhiredis-dev libksba-dev libldap2-dev libpcap-dev libssh-dev uuid-dev libsnmp-dev
20 |
21 | RUN apt-get install --allow-unauthenticated -y libopenvas-dev openvas-nasl
22 | RUN apt-get clean
23 |
24 | RUN install --directory -m 0755 /data && \
25 | install --directory -m 0755 /patches
26 |
27 |
28 | WORKDIR /data
29 |
30 | VOLUME /data
31 | VOLUME /patches
32 |
33 | RUN groupadd -r gitlab-runner -g 478
34 | RUN useradd -u 480 -r -g gitlab-runner gitlab-runner
35 |
36 | # we have to run as root so that we can apt-get update
37 | ENTRYPOINT ["/data/builder.sh"]
38 |
--------------------------------------------------------------------------------
/docker/xenial/builder.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | if [ ! -f package/version ]; then
4 | echo
5 | echo "Error: version not detected $(pwd)"
6 | echo
7 | ls -la
8 | exit 1
9 | fi
10 |
11 | source package/version
12 | CI_PIPELINE_ID=$(cat package/release)
13 |
14 | pushd package
15 | dch -c debian/changelog -b -v $DEB_VERSION-$CI_PIPELINE_ID$DIST -D $(awk -F'=' '/_CODENAME/{print$NF}' /etc/lsb-release) "$CHANGELOG"
16 |
17 | fakeroot debian/rules clean
18 | fakeroot debian/rules binary
19 | popd
20 |
--------------------------------------------------------------------------------
/gvm.spec:
--------------------------------------------------------------------------------
1 | %define _prefix /usr
2 |
3 |
4 | Summary: The Greenbone Vulnerability Management (GVM) suite
5 | Name: gvm
6 | Version: 22.04
7 | Release: RELEASE-AUTO%{?dist}.art
8 | Source0: gvm.tar.gz
9 | License: AGPL
10 | URL: http://www.openvas.org
11 | Vendor: Greenbone https://www.greenbone.net
12 | Packager: https://www.atomicorp.com
13 | Group: System Environment/Libraries
14 | BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
15 | Prefix: %{_prefix}
16 | BuildArch: noarch
17 | Obsoletes: openvas
18 | Provides: openvas
19 | Obsoletes: greenbone-vulnerability-manager
20 | Provides: greenbone-vulnerability-manager
21 | Provides: greenbone-vulnerability-management
22 |
23 |
24 | Requires: mosquitto
25 | Requires: pg-gvm
26 | Requires: texlive-collection-fontsrecommended texlive-collection-latexrecommended texlive-changepage texlive-titlesec
27 | Requires: postgresql-server postgresql-contrib
28 | Requires: python3
29 | Requires: openvas-scanner
30 | # Manual building now
31 | #Requires: OSPd
32 | Requires: OSPd-openvas
33 | Requires: gvmd
34 | Requires: greenbone-security-assistant
35 | Requires: redis
36 | Requires: psmisc
37 | Requires: nmap
38 | # move to script, this is from epel
39 | #Requires: haveged
40 | Requires: gnutls-utils
41 | Requires: rng-tools
42 | Requires: bzip2
43 | Requires: openvas-smb
44 | # possibly fixes something
45 | Requires: perl-XML-Twig
46 |
47 | %if 0%{!?rhel} >= 6
48 | # PDF reports
49 | Requires: texlive-texconfig texlive-metafont-bin
50 | %else
51 | Requires: texlive-texmf-latex
52 | #Requires: texlive-collection-latexextra
53 | %endif
54 |
55 | %if 0%{?fedora} >= 21
56 | Requires: texlive-comment
57 | Requires: texlive-collection-latexextra
58 | %endif
59 |
60 |
61 |
62 | %description
63 | Greenbone Vulnerability Management (GVM) is a meta-package encompassing all of the components from GVM including OpenVAS.
64 |
65 | %prep
66 |
67 | %autosetup -n gvm
68 |
69 | %build
70 |
71 | %install
72 | mkdir -p %{buildroot}/usr/bin/
73 | mkdir -p %{buildroot}/usr/share/licenses/greenbone-vulnerability-management/
74 | mkdir -p %{buildroot}/etc/sudoers.d/
75 | mkdir -p %{buildroot}/etc/cron.daily/
76 | mkdir -p %{buildroot}/usr/share/texlive/texmf-local/tex/latex/comment
77 | install -m0700 openvas-setup %{buildroot}/usr/bin/openvas-setup
78 | install -m0700 openvas-setup %{buildroot}/usr/bin/gvm-setup
79 | install -m0600 gvm.sudo %{buildroot}/etc/sudoers.d/gvm
80 | install -m0644 LICENSE %{buildroot}/usr/share/licenses/greenbone-vulnerability-management/
81 | install -m700 gvm.cron %{buildroot}/etc/cron.daily/gvm
82 | install -m0644 comment.sty %{buildroot}/usr/share/texlive/texmf-local/tex/latex/comment/comment.sty
83 |
84 |
85 | %post
86 | /usr/bin/texhash >/dev/null 2>&1 ||:
87 |
88 |
89 | %clean
90 | rm -rf $RPM_BUILD_ROOT
91 |
92 | %files
93 | %defattr(-,root,root,-)
94 | %license LICENSE
95 | /usr/bin/openvas-setup
96 | /usr/bin/gvm-setup
97 | /etc/sudoers.d/gvm
98 | /etc/cron.daily/gvm
99 | /usr/share/licenses/greenbone-vulnerability-management/LICENSE
100 | /usr/share/texlive/texmf-local/tex/latex/comment/comment.sty
101 |
102 |
103 |
104 | %changelog
105 | * Sat Sep 12 2020 Scott R. Shinn - 20.08.0-RELEASE-AUTO
106 | - Add fixes for pdf generation
107 |
108 | * Sat Aug 1 2020 Scott R. Shinn - 11.0.0-RELEASE-AUTO
109 | - Update loader for GVM/Openvas 11.0.0
110 |
111 | * Mon Apr 8 2019 Scott R. Shinn - 10.0.0-RELEASE-AUTO
112 | - Update loader for Openvas 10.0.0
113 |
114 | * Thu Dec 22 2016 Scott R. Shinn - 1.0-24
115 | - Add PATH to cron jobs (Credit: Edwin Eefting)
116 |
117 | * Tue Dec 13 2016 Scott R. Shinn - 1.0-23
118 | - Update openvas-check-setup to 2.3.7
119 |
120 | * Mon Aug 3 2015 Scott R. Shinn - 1.0-21
121 | - Add redis setup step
122 |
123 | * Fri May 29 2015 Scott R. Shinn - 1.0-20
124 | - Add redis dependency
125 | - Add systemctl logic to openvas-setup
126 | - Add wget/curl/rsync dialog to openvas-setup
127 |
128 | * Fri May 29 2015 Scott R. Shinn - 1.0-17
129 | - Update openvas-setup to 2.3.0
130 |
131 | * Thu Apr 23 2015 Scott R. Shinn - 1.0-16
132 | - Openvas 8 support
133 |
134 | * Thu Jun 19 2014 Scott R. Shinn - 1.0-11
135 | - Drop openvas-administrator requires
136 |
137 | * Tue Jun 10 2014 Scott R. Shinn - 1.0-10
138 | - Updates for Openvas 7
139 |
140 | * Tue Sep 17 2013 Scott R. Shinn - 1.0-9
141 | - Add havegd dependency
142 | - Add openvas-certdata-sync to setup and cron
143 |
144 | * Thu Apr 18 2013 Scott R. Shinn - 1.0-8
145 | - Drop gsd dependency
146 | - Update openvas-check-setup
147 |
148 | * Wed Feb 13 2013 Scott R. Shinn - 1.0-6
149 | - Add dirb dependency
150 | - Update openvas-setup to return output on the lengthy nvt update
151 |
152 | * Wed Jan 16 2013 Scott R. Shinn - 1.0-5
153 | - Exit 1 if download fails on either NVT or SCAP data during setup
154 |
155 | * Fri Nov 23 2012 Scott R. Shinn - 1.0-3
156 | - Disable output suppression in openvas-scapdata cron by request (Devin Walsh)
157 |
158 | * Thu Jun 21 2012 Scott R. Shinn - 1.0-2
159 | - Add openvas-sync-scap routine to setup
160 | - Add openvas-sync-scap cron job
161 |
162 | * Wed Jun 6 2012 Scott R. Shinn - 1.0-1
163 | - Add wapiti dependency
164 | - Update openvas-check-setup
165 | - Add administrator password validation dialog to setup
166 | - Fixes for openvasmd db creation
167 |
168 |
169 | * Tue Mar 20 2012 Scott R. Shinn - 1.0-0.8
170 | - Bugfix for initializing the openvas manager database correctly. Routine duplicated from openvas-manager package
171 | - Add startup routine for openvas-administrator
172 |
173 | * Thu Feb 17 2011 Scott R. Shinn - 1.0-0.2
174 | - Dropped requires on openvas-administrator
175 |
--------------------------------------------------------------------------------
/mock/el6-i386.cfg:
--------------------------------------------------------------------------------
1 | config_opts['root'] = 'el6-i386'
2 | config_opts['target_arch'] = 'i686'
3 | config_opts['legal_host_arches'] = ('i386', 'i586', 'i686', 'x86_64')
4 | config_opts['chroot_setup_cmd'] = 'groupinstall buildsys-build'
5 | config_opts['dist'] = 'el6' # only useful for --resultdir variable subst
6 |
7 | config_opts['yum.conf'] = """
8 | [main]
9 | cachedir=/var/cache/yum
10 | debuglevel=1
11 | reposdir=/dev/null
12 | logfile=/var/log/yum.log
13 | retries=20
14 | obsoletes=1
15 | gpgcheck=0
16 | assumeyes=1
17 | syslog_ident=mock
18 | syslog_device=
19 |
20 | # repos
21 | [base]
22 | name=BaseOS
23 | enabled=1
24 | mirrorlist=http://mirrorlist.centos.org/?release=6&arch=i386&repo=os
25 | failovermethod=priority
26 |
27 | [updates]
28 | name=updates
29 | enabled=1
30 | mirrorlist=http://mirrorlist.centos.org/?release=6&arch=i386&repo=updates
31 | failovermethod=priority
32 |
33 | [epel]
34 | name=epel
35 | mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=epel-6&arch=i386
36 | failovermethod=priority
37 |
38 | [testing]
39 | name=epel-testing
40 | enabled=0
41 | mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=testing-epel6&arch=i386
42 | failovermethod=priority
43 |
44 | [local]
45 | name=local
46 | baseurl=http://kojipkgs.fedoraproject.org/repos/dist-6E-epel-build/latest/i386/
47 | cost=2000
48 | enabled=0
49 |
50 | [atomic]
51 | name=Atomic
52 | baseurl=http://10.66.6.13/channels/atomic/centos/6/i386/
53 | ##exclude=mysql*,qmail*,sqlite*,php*,mariadb*
54 | #exclude=sqlite*,mariadb*,mysql*
55 |
56 |
57 | """
58 |
59 |
60 |
61 |
--------------------------------------------------------------------------------
/mock/el6-x86_64.cfg:
--------------------------------------------------------------------------------
1 | config_opts['root'] = 'el6-x86_64'
2 | config_opts['target_arch'] = 'x86_64'
3 | config_opts['legal_host_arches'] = ('x86_64')
4 | config_opts['chroot_setup_cmd'] = 'groupinstall buildsys-build'
5 | config_opts['dist'] = 'el6' # only useful for --resultdir variable subst
6 |
7 | config_opts['yum.conf'] = """
8 | [main]
9 | cachedir=/var/cache/yum
10 | debuglevel=1
11 | reposdir=/dev/null
12 | logfile=/var/log/yum.log
13 | retries=20
14 | obsoletes=1
15 | gpgcheck=0
16 | assumeyes=1
17 | syslog_ident=mock
18 | syslog_device=
19 |
20 | # repos
21 | [base]
22 | name=BaseOS
23 | enabled=1
24 | mirrorlist=http://mirrorlist.centos.org/?release=6&arch=x86_64&repo=os
25 | failovermethod=priority
26 |
27 | [updates]
28 | name=updates
29 | enabled=1
30 | mirrorlist=http://mirrorlist.centos.org/?release=6&arch=x86_64&repo=updates
31 | failovermethod=priority
32 |
33 | [epel]
34 | name=epel
35 | mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=epel-6&arch=x86_64
36 | failovermethod=priority
37 | enabled=1
38 |
39 | [testing]
40 | name=epel-testing
41 | enabled=0
42 | mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=testing-epel6&arch=x86_64
43 | failovermethod=priority
44 |
45 | [local]
46 | name=local
47 | baseurl=http://kojipkgs.fedoraproject.org/repos/dist-6E-epel-build/latest/x86_64/
48 | cost=2000
49 | enabled=0
50 |
51 | [atomic]
52 | name=Atomic
53 | baseurl=http://10.66.6.13/channels/atomic/centos/6/x86_64/
54 | ##exclude=mysql*,qmail*,sqlite*,php*,mariadb*
55 | #exclude=sqlite*,mariadb*,mysql*
56 |
57 |
58 |
59 | """
60 |
61 |
62 |
63 |
--------------------------------------------------------------------------------
/mock/el7-x86_64.cfg:
--------------------------------------------------------------------------------
1 | config_opts['root'] = 'el7-x86_64'
2 | config_opts['target_arch'] = 'x86_64'
3 | config_opts['legal_host_arches'] = ('x86_64',)
4 | config_opts['chroot_setup_cmd'] = 'install @buildsys-build scl-utils-build'
5 | config_opts['dist'] = 'el7' # only useful for --resultdir variable subst
6 | config_opts['macros']['%dist']=".el7"
7 |
8 |
9 | config_opts['yum.conf'] = """
10 | [main]
11 | cachedir=/var/cache/yum
12 | debuglevel=1
13 | reposdir=/dev/null
14 | logfile=/var/log/yum.log
15 | retries=20
16 | obsoletes=1
17 | gpgcheck=0
18 | assumeyes=1
19 | syslog_ident=mock
20 | syslog_device=
21 |
22 | # repos
23 | [base]
24 | name=el
25 | #mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=rhel-7&arch=x86_64
26 | mirrorlist=http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=os
27 | failovermethod=priority
28 |
29 | [updates]
30 | name=updates
31 | mirrorlist=http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=updates
32 | failovermethod=priority
33 |
34 | [epel]
35 | name=epel
36 | mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=epel-7&arch=x86_64
37 | failovermethod=priority
38 |
39 | [testing]
40 | name=epel-testing
41 | enabled=0
42 | mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=testing-epel7&arch=x86_64
43 | failovermethod=priority
44 |
45 | [local]
46 | name=local
47 | baseurl=http://kojipkgs.fedoraproject.org/repos/epel7-build/latest/x86_64/
48 | cost=2000
49 | enabled=0
50 |
51 | [epel-debug]
52 | name=epel-debug
53 | mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=epel-debug-7&arch=x86_64
54 | failovermethod=priority
55 | enabled=0
56 |
57 | [atomic]
58 | name=Atomic
59 | baseurl=http://10.66.6.13/channels/atomic/centos/7/x86_64/
60 |
61 | [atomic-testing]
62 | name=Atomic testing
63 | baseurl=http://10.66.6.13/channels/atomic-testing/centos/7/x86_64/
64 |
65 |
66 |
67 |
68 | """
69 |
--------------------------------------------------------------------------------
/mock/el8-x86_64.cfg:
--------------------------------------------------------------------------------
1 | include('/etc/mock/templates/rocky-8.tpl')
2 | include('/etc/mock/templates/epel-8.tpl')
3 |
4 | #config_opts['root'] = 'epel-8-x86_64'
5 | #config_opts['target_arch'] = 'x86_64'
6 | #config_opts['legal_host_arches'] = ('x86_64',)
7 |
8 | config_opts['chroot_setup_cmd'] += ' scl-utils-build'
9 | config_opts['root'] = 'el8-x86_64'
10 | config_opts['target_arch'] = 'x86_64'
11 | config_opts['legal_host_arches'] = ('x86_64',)
12 | config_opts['dist'] = 'el8' # only useful for --resultdir variable subst
13 | config_opts['releasever'] = '8'
14 | config_opts['print_main_output'] = True
15 |
16 | config_opts['yum.conf'] += """
17 | [atomic]
18 | name=Atomic
19 | baseurl=http://build/channels/atomic/centos/8/x86_64/
20 |
21 | [atomic-testing]
22 | name=Atomic
23 | baseurl=http://build/channels/atomic-testing/centos/8/x86_64/
24 |
25 | """
26 |
27 |
--------------------------------------------------------------------------------
/mock/el9-x86_64.cfg:
--------------------------------------------------------------------------------
1 | config_opts['root'] = 'el9-x86_64'
2 | config_opts['target_arch'] = 'x86_64'
3 | config_opts['legal_host_arches'] = ('x86_64',)
4 | config_opts['chroot_setup_cmd'] = 'install bash bzip2 coreutils cpio diffutils redhat-release findutils gawk glibc-minimal-langpack grep gzip info patch redhat-rpm-config rpm-build sed shadow-utils tar unzip util-linux which xz'
5 | config_opts['dist'] = 'el9' # only useful for --resultdir variable subst
6 | config_opts['extra_chroot_dirs'] = [ '/run/lock', ]
7 | config_opts['releasever'] = '9'
8 | config_opts['package_manager'] = 'dnf'
9 |
10 |
11 | config_opts['yum.conf'] = """
12 | [main]
13 | keepcache=1
14 | debuglevel=2
15 | reposdir=/dev/null
16 | logfile=/var/log/yum.log
17 | retries=20
18 | obsoletes=1
19 | gpgcheck=0
20 | assumeyes=1
21 | install_weak_deps=0
22 | syslog_ident=mock
23 | syslog_device=
24 | mdpolicy=group:primary
25 | best=1
26 | metadata_expire=0
27 | module_platform_id=platform:el9
28 |
29 | # repos
30 | [baseos]
31 | name=Rocky Linux $releasever - BaseOS
32 | mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=BaseOS-$releasever
33 | #baseurl=http://dl.rockylinux.org/$contentdir/$releasever/BaseOS/$basearch/os/
34 | gpgcheck=0
35 | enabled=1
36 | countme=1
37 | metadata_expire=6h
38 | gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9
39 |
40 |
41 | [appstream]
42 | name=Rocky Linux $releasever - AppStream
43 | mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=AppStream-$releasever
44 | #baseurl=http://dl.rockylinux.org/$contentdir/$releasever/AppStream/$basearch/os/
45 | gpgcheck=0
46 | enabled=1
47 | countme=1
48 | metadata_expire=6h
49 | gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9
50 |
51 | [extras]
52 | name=Rocky Linux $releasever - Extras
53 | mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=extras-$releasever
54 | #baseurl=http://dl.rockylinux.org/$contentdir/$releasever/extras/$basearch/os/
55 | gpgcheck=0
56 | enabled=1
57 | countme=1
58 | metadata_expire=6h
59 | gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9
60 |
61 |
62 | [epel]
63 | name=Extra Packages for Enterprise Linux $releasever - $basearch
64 | # It is much more secure to use the metalink, but if you wish to use a local mirror
65 | # place its address here.
66 | #baseurl=https://download.example/pub/epel/$releasever/Everything/$basearch/
67 | metalink=https://mirrors.fedoraproject.org/metalink?repo=epel-$releasever&arch=$basearch
68 | enabled=1
69 | gpgcheck=0
70 | countme=1
71 | gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-$releasever
72 |
73 |
74 | [crb]
75 | name=Rocky Linux $releasever - CRB
76 | mirrorlist=https://mirrors.rockylinux.org/mirrorlist?arch=$basearch&repo=CRB-$releasever
77 | #baseurl=http://dl.rockylinux.org/$contentdir/$releasever/CRB/$basearch/os/
78 | gpgcheck=0
79 | enabled=1
80 | countme=1
81 | metadata_expire=6h
82 | gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9
83 |
84 | [atomic]
85 | name=Atomic
86 | baseurl=http://build/channels/atomic/rocky/9/x86_64/
87 |
88 | [atomic-testing]
89 | name=Atomic
90 | baseurl=http://build/channels/atomic-testing/rocky/9/x86_64/
91 |
92 |
93 |
94 | """
95 |
--------------------------------------------------------------------------------
/mock/fc30-x86_64.cfg:
--------------------------------------------------------------------------------
1 | config_opts['root'] = 'fc30-x86_64'
2 | config_opts['target_arch'] = 'x86_64'
3 | config_opts['legal_host_arches'] = ('x86_64',)
4 | # config_opts['module_enable'] = ['list', 'of', 'modules']
5 | # config_opts['module_install'] = ['module1/profile', 'module2/profile']
6 | config_opts['chroot_setup_cmd'] = 'install @buildsys-build gcc scl-utils-build'
7 | config_opts['dist'] = 'fc30' # only useful for --resultdir variable subst
8 | config_opts['extra_chroot_dirs'] = [ '/run/lock', ]
9 | config_opts['releasever'] = '30'
10 | config_opts['package_manager'] = 'dnf'
11 |
12 | config_opts['yum.conf'] = """
13 | [main]
14 | keepcache=1
15 | debuglevel=2
16 | reposdir=/dev/null
17 | logfile=/var/log/yum.log
18 | retries=20
19 | obsoletes=1
20 | gpgcheck=0
21 | assumeyes=1
22 | syslog_ident=mock
23 | syslog_device=
24 | install_weak_deps=0
25 | metadata_expire=0
26 | best=1
27 | module_platform_id=platform:f30
28 |
29 | # repos
30 |
31 | [fedora]
32 | name=fedora
33 | metalink=https://mirrors.fedoraproject.org/metalink?repo=fedora-$releasever&arch=$basearch
34 | gpgkey=file:///usr/share/distribution-gpg-keys/fedora/RPM-GPG-KEY-fedora-30-primary
35 | gpgcheck=1
36 | skip_if_unavailable=False
37 |
38 | [updates]
39 | name=updates
40 | metalink=https://mirrors.fedoraproject.org/metalink?repo=updates-released-f$releasever&arch=$basearch
41 | gpgkey=file:///usr/share/distribution-gpg-keys/fedora/RPM-GPG-KEY-fedora-30-primary
42 | gpgcheck=1
43 | skip_if_unavailable=False
44 |
45 | [updates-testing]
46 | name=updates-testing
47 | metalink=https://mirrors.fedoraproject.org/metalink?repo=updates-testing-f$releasever&arch=$basearch
48 | enabled=0
49 | gpgkey=file:///usr/share/distribution-gpg-keys/fedora/RPM-GPG-KEY-fedora-30-primary
50 | gpgcheck=1
51 | skip_if_unavailable=False
52 |
53 | [local]
54 | name=local
55 | baseurl=https://kojipkgs.fedoraproject.org/repos/f30-build/latest/x86_64/
56 | cost=2000
57 | enabled=0
58 | skip_if_unavailable=False
59 |
60 | [fedora-debuginfo]
61 | name=fedora-debuginfo
62 | metalink=https://mirrors.fedoraproject.org/metalink?repo=fedora-debug-$releasever&arch=$basearch
63 | enabled=0
64 | gpgkey=file:///usr/share/distribution-gpg-keys/fedora/RPM-GPG-KEY-fedora-30-primary
65 | gpgcheck=1
66 | skip_if_unavailable=False
67 |
68 | [updates-debuginfo]
69 | name=updates-debuginfo
70 | metalink=https://mirrors.fedoraproject.org/metalink?repo=updates-released-debug-f$releasever&arch=$basearch
71 | enabled=0
72 | gpgkey=file:///usr/share/distribution-gpg-keys/fedora/RPM-GPG-KEY-fedora-30-primary
73 | gpgcheck=1
74 | skip_if_unavailable=False
75 |
76 | [updates-testing-debuginfo]
77 | name=updates-testing-debuginfo
78 | metalink=https://mirrors.fedoraproject.org/metalink?repo=updates-testing-debug-f$releasever&arch=$basearch
79 | enabled=0
80 | gpgkey=file:///usr/share/distribution-gpg-keys/fedora/RPM-GPG-KEY-fedora-30-primary
81 | gpgcheck=1
82 | skip_if_unavailable=False
83 |
84 | [fedora-source]
85 | name=fedora-source
86 | metalink=https://mirrors.fedoraproject.org/metalink?repo=fedora-source-$releasever&arch=$basearch
87 | gpgkey=file:///usr/share/distribution-gpg-keys/fedora/RPM-GPG-KEY-fedora-30-primary
88 | gpgcheck=1
89 | enabled=0
90 | skip_if_unavailable=False
91 |
92 | [updates-source]
93 | name=updates-source
94 | metalink=https://mirrors.fedoraproject.org/metalink?repo=updates-released-source-f$releasever&arch=$basearch
95 | gpgkey=file:///usr/share/distribution-gpg-keys/fedora/RPM-GPG-KEY-fedora-30-primary
96 | gpgcheck=1
97 | enabled=0
98 | skip_if_unavailable=False
99 |
100 | # modular
101 |
102 | [fedora-modular]
103 | name=Fedora Modular $releasever - $basearch
104 | metalink=https://mirrors.fedoraproject.org/metalink?repo=fedora-modular-$releasever&arch=$basearch
105 | enabled=0
106 | repo_gpgcheck=0
107 | type=rpm
108 | gpgcheck=1
109 | gpgkey=file:///usr/share/distribution-gpg-keys/fedora/RPM-GPG-KEY-fedora-$releasever-primary
110 | skip_if_unavailable=False
111 |
112 | [fedora-modular-debuginfo]
113 | name=Fedora Modular $releasever - $basearch - Debug
114 | metalink=https://mirrors.fedoraproject.org/metalink?repo=fedora-modular-debug-$releasever&arch=$basearch
115 | enabled=0
116 | repo_gpgcheck=0
117 | type=rpm
118 | gpgcheck=1
119 | gpgkey=file:///usr/share/distribution-gpg-keys/fedora/RPM-GPG-KEY-fedora-$releasever-primary
120 | skip_if_unavailable=False
121 |
122 | [fedora-modular-source]
123 | name=Fedora Modular $releasever - Source
124 | metalink=https://mirrors.fedoraproject.org/metalink?repo=fedora-modular-source-$releasever&arch=$basearch
125 | enabled=0
126 | repo_gpgcheck=0
127 | type=rpm
128 | gpgcheck=1
129 | gpgkey=file:///usr/share/distribution-gpg-keys/fedora/RPM-GPG-KEY-fedora-$releasever-primary
130 | skip_if_unavailable=False
131 |
132 |
133 | [atomic]
134 | name=atomic
135 | baseurl=http://10.66.6.13/atomicorp/atomic/fedora/$releasever/$basearch
136 | enabled=1
137 |
138 | [atomic-testing]
139 | name=atomic testing
140 | baseurl=http://10.66.6.13/atomicorp/atomic-testing/fedora/$releasever/$basearch
141 | enabled=1
142 |
143 |
144 |
145 | """
146 |
--------------------------------------------------------------------------------
/mock/fc32-x86_64.cfg:
--------------------------------------------------------------------------------
1 | include('/etc/mock/templates/fedora-branched.tpl')
2 |
3 | config_opts['chroot_setup_cmd'] += ' scl-utils-build'
4 | config_opts['releasever'] = '32'
5 | config_opts['target_arch'] = 'x86_64'
6 | config_opts['legal_host_arches'] = ('x86_64',)
7 |
8 | config_opts['yum.conf'] += """
9 | [atomic]
10 | name=Atomic
11 | baseurl=http://build/channels/atomic/fedora/32/x86_64/
12 |
13 | [atomic-testing]
14 | name=Atomic
15 | baseurl=http://build/channels/atomic-testing/fedora/32/x86_64/
16 |
17 | """
18 |
19 |
20 |
21 |
--------------------------------------------------------------------------------
/mock/fc33-x86_64.cfg:
--------------------------------------------------------------------------------
1 | include('/etc/mock/templates/fedora-branched.tpl')
2 |
3 | config_opts['chroot_setup_cmd'] += ' scl-utils-build'
4 | config_opts['releasever'] = '33'
5 | config_opts['target_arch'] = 'x86_64'
6 | config_opts['legal_host_arches'] = ('x86_64',)
7 |
8 | config_opts['yum.conf'] += """
9 | [atomic]
10 | name=Atomic
11 | baseurl=http://build/channels/atomic/fedora/33/x86_64/
12 |
13 | [atomic-testing]
14 | name=Atomic
15 | baseurl=http://build/channels/atomic-testing/fedora/33/x86_64/
16 |
17 | """
18 |
19 |
20 |
21 |
--------------------------------------------------------------------------------
/mock/fc34-x86_64.cfg:
--------------------------------------------------------------------------------
1 | include('/etc/mock/templates/fedora-branched.tpl')
2 |
3 | config_opts['chroot_setup_cmd'] += ' scl-utils-build'
4 | config_opts['releasever'] = '34'
5 | config_opts['target_arch'] = 'x86_64'
6 | config_opts['legal_host_arches'] = ('x86_64',)
7 |
8 | config_opts['yum.conf'] += """
9 | [atomic]
10 | name=Atomic
11 | baseurl=http://build/channels/atomic/fedora/34/x86_64/
12 |
13 | [atomic-testing]
14 | name=Atomic
15 | baseurl=http://build/channels/atomic-testing/fedora/34/x86_64/
16 |
17 | """
18 |
19 |
20 |
21 |
--------------------------------------------------------------------------------
/mock/fc35-x86_64.cfg:
--------------------------------------------------------------------------------
1 | config_opts['releasever'] = '35'
2 | config_opts['target_arch'] = 'x86_64'
3 | config_opts['legal_host_arches'] = ('x86_64',)
4 |
5 | include('/etc/mock/templates/fedora-branched.tpl')
6 |
7 | config_opts['yum.conf'] += """
8 | [atomic]
9 | name=Atomic
10 | baseurl=http://build/channels/atomic/fedora/35/x86_64/
11 |
12 | [atomic-testing]
13 | name=Atomic
14 | baseurl=http://build/channels/atomic-testing/fedora/35/x86_64/
15 |
16 | """
17 |
18 |
--------------------------------------------------------------------------------
/mock/fc36-x86_64.cfg:
--------------------------------------------------------------------------------
1 | config_opts['releasever'] = '36'
2 | config_opts['target_arch'] = 'x86_64'
3 | config_opts['legal_host_arches'] = ('x86_64',)
4 |
5 | include('/etc/mock/templates/fedora-branched.tpl')
6 |
--------------------------------------------------------------------------------
/mock/fc37-x86_64.cfg:
--------------------------------------------------------------------------------
1 | config_opts['releasever'] = '37'
2 | config_opts['target_arch'] = 'x86_64'
3 | config_opts['legal_host_arches'] = ('x86_64',)
4 |
5 | include('/etc/mock/templates/fedora-branched.tpl')
6 |
7 | config_opts['yum.conf'] += """
8 | [atomic]
9 | name=Atomic
10 | baseurl=http://build/channels/atomic/fedora/37/x86_64/
11 |
12 | [atomic-testing]
13 | name=Atomic
14 | baseurl=http://build/channels/atomic-testing/fedora/37/x86_64/
15 |
16 | """
17 |
18 |
--------------------------------------------------------------------------------
/mock/logging.ini:
--------------------------------------------------------------------------------
1 | [formatters]
2 | keys: detailed,simple,unadorned,state
3 |
4 | [handlers]
5 | keys: simple_console,detailed_console,unadorned_console,simple_console_warnings_only
6 |
7 | [loggers]
8 | keys: root,build,state,mockbuild
9 |
10 | [formatter_state]
11 | format: %(asctime)s - %(message)s
12 |
13 | [formatter_unadorned]
14 | format: %(message)s
15 |
16 | [formatter_simple]
17 | format: %(levelname)s: %(message)s
18 |
19 | ;useful for debugging:
20 | [formatter_detailed]
21 | format: %(levelname)s %(filename)s:%(lineno)d: %(message)s
22 |
23 | [handler_unadorned_console]
24 | class: StreamHandler
25 | args: []
26 | formatter: unadorned
27 | level: INFO
28 |
29 | [handler_simple_console]
30 | class: StreamHandler
31 | args: []
32 | formatter: simple
33 | level: INFO
34 |
35 | [handler_simple_console_warnings_only]
36 | class: StreamHandler
37 | args: []
38 | formatter: simple
39 | level: WARNING
40 |
41 | [handler_detailed_console]
42 | class: StreamHandler
43 | args: []
44 | formatter: detailed
45 | level: WARNING
46 |
47 | ; usually dont want to set a level for loggers
48 | ; this way all handlers get all messages, and messages can be filtered
49 | ; at the handler level
50 | ;
51 | ; all these loggers default to a console output handler
52 | ;
53 | [logger_root]
54 | level: NOTSET
55 | handlers: simple_console
56 |
57 | ; mockbuild logger normally has no output
58 | ; catches stuff like mockbuild.trace_decorator and mockbuild.util
59 | ; dont normally want to propagate to root logger, either
60 | [logger_mockbuild]
61 | level: NOTSET
62 | handlers:
63 | qualname: mockbuild
64 | propagate: 1
65 |
66 | [logger_state]
67 | level: NOTSET
68 | ; unadorned_console only outputs INFO or above
69 | handlers: unadorned_console
70 | qualname: mockbuild.Root.state
71 | propagate: 0
72 |
73 | [logger_build]
74 | level: NOTSET
75 | handlers: simple_console_warnings_only
76 | qualname: mockbuild.Root.build
77 | propagate: 0
78 |
79 | ; the following is a list mock logger qualnames used within the code:
80 | ;
81 | ; qualname: mockbuild.util
82 | ; qualname: mockbuild.uid
83 | ; qualname: mockbuild.trace_decorator
84 |
85 |
--------------------------------------------------------------------------------
/src/gvm/LICENSE:
--------------------------------------------------------------------------------
1 | TERMS AND CONDITIONS
2 | 0. Definitions.
3 | "This License" refers to version 3 of the GNU Affero General Public License.
4 |
5 | "Copyright" also means copyright-like laws that apply to other kinds of works, such as semiconductor masks.
6 |
7 | "The Program" refers to any copyrightable work licensed under this License. Each licensee is addressed as "you". "Licensees" and "recipients" may be individuals or organizations.
8 |
9 | To "modify" a work means to copy from or adapt all or part of the work in a fashion requiring copyright permission, other than the making of an exact copy. The resulting work is called a "modified version" of the earlier work or a work "based on" the earlier work.
10 |
11 | A "covered work" means either the unmodified Program or a work based on the Program.
12 |
13 | To "propagate" a work means to do anything with it that, without permission, would make you directly or secondarily liable for infringement under applicable copyright law, except executing it on a computer or modifying a private copy. Propagation includes copying, distribution (with or without modification), making available to the public, and in some countries other activities as well.
14 |
15 | To "convey" a work means any kind of propagation that enables other parties to make or receive copies. Mere interaction with a user through a computer network, with no transfer of a copy, is not conveying.
16 |
17 | An interactive user interface displays "Appropriate Legal Notices" to the extent that it includes a convenient and prominently visible feature that (1) displays an appropriate copyright notice, and (2) tells the user that there is no warranty for the work (except to the extent that warranties are provided), that licensees may convey the work under this License, and how to view a copy of this License. If the interface presents a list of user commands or options, such as a menu, a prominent item in the list meets this criterion.
18 |
19 | 1. Source Code.
20 | The "source code" for a work means the preferred form of the work for making modifications to it. "Object code" means any non-source form of a work.
21 |
22 | A "Standard Interface" means an interface that either is an official standard defined by a recognized standards body, or, in the case of interfaces specified for a particular programming language, one that is widely used among developers working in that language.
23 |
24 | The "System Libraries" of an executable work include anything, other than the work as a whole, that (a) is included in the normal form of packaging a Major Component, but which is not part of that Major Component, and (b) serves only to enable use of the work with that Major Component, or to implement a Standard Interface for which an implementation is available to the public in source code form. A "Major Component", in this context, means a major essential component (kernel, window system, and so on) of the specific operating system (if any) on which the executable work runs, or a compiler used to produce the work, or an object code interpreter used to run it.
25 |
26 | The "Corresponding Source" for a work in object code form means all the source code needed to generate, install, and (for an executable work) run the object code and to modify the work, including scripts to control those activities. However, it does not include the work's System Libraries, or general-purpose tools or generally available free programs which are used unmodified in performing those activities but which are not part of the work. For example, Corresponding Source includes interface definition files associated with source files for the work, and the source code for shared libraries and dynamically linked subprograms that the work is specifically designed to require, such as by intimate data communication or control flow between those subprograms and other parts of the work.
27 |
28 | The Corresponding Source need not include anything that users can regenerate automatically from other parts of the Corresponding Source.
29 |
30 | The Corresponding Source for a work in source code form is that same work.
31 |
32 | 2. Basic Permissions.
33 | All rights granted under this License are granted for the term of copyright on the Program, and are irrevocable provided the stated conditions are met. This License explicitly affirms your unlimited permission to run the unmodified Program. The output from running a covered work is covered by this License only if the output, given its content, constitutes a covered work. This License acknowledges your rights of fair use or other equivalent, as provided by copyright law.
34 |
35 | You may make, run and propagate covered works that you do not convey, without conditions so long as your license otherwise remains in force. You may convey covered works to others for the sole purpose of having them make modifications exclusively for you, or provide you with facilities for running those works, provided that you comply with the terms of this License in conveying all material for which you do not control copyright. Those thus making or running the covered works for you must do so exclusively on your behalf, under your direction and control, on terms that prohibit them from making any copies of your copyrighted material outside their relationship with you.
36 |
37 | Conveying under any other circumstances is permitted solely under the conditions stated below. Sublicensing is not allowed; section 10 makes it unnecessary.
38 |
39 | 3. Protecting Users' Legal Rights From Anti-Circumvention Law.
40 | No covered work shall be deemed part of an effective technological measure under any applicable law fulfilling obligations under article 11 of the WIPO copyright treaty adopted on 20 December 1996, or similar laws prohibiting or restricting circumvention of such measures.
41 |
42 | When you convey a covered work, you waive any legal power to forbid circumvention of technological measures to the extent such circumvention is effected by exercising rights under this License with respect to the covered work, and you disclaim any intention to limit operation or modification of the work as a means of enforcing, against the work's users, your or third parties' legal rights to forbid circumvention of technological measures.
43 |
44 | 4. Conveying Verbatim Copies.
45 | You may convey verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice; keep intact all notices stating that this License and any non-permissive terms added in accord with section 7 apply to the code; keep intact all notices of the absence of any warranty; and give all recipients a copy of this License along with the Program.
46 |
47 | You may charge any price or no price for each copy that you convey, and you may offer support or warranty protection for a fee.
48 |
49 | 5. Conveying Modified Source Versions.
50 | You may convey a work based on the Program, or the modifications to produce it from the Program, in the form of source code under the terms of section 4, provided that you also meet all of these conditions:
51 |
52 | a) The work must carry prominent notices stating that you modified it, and giving a relevant date.
53 | b) The work must carry prominent notices stating that it is released under this License and any conditions added under section 7. This requirement modifies the requirement in section 4 to "keep intact all notices".
54 | c) You must license the entire work, as a whole, under this License to anyone who comes into possession of a copy. This License will therefore apply, along with any applicable section 7 additional terms, to the whole of the work, and all its parts, regardless of how they are packaged. This License gives no permission to license the work in any other way, but it does not invalidate such permission if you have separately received it.
55 | d) If the work has interactive user interfaces, each must display Appropriate Legal Notices; however, if the Program has interactive interfaces that do not display Appropriate Legal Notices, your work need not make them do so.
56 | A compilation of a covered work with other separate and independent works, which are not by their nature extensions of the covered work, and which are not combined with it such as to form a larger program, in or on a volume of a storage or distribution medium, is called an "aggregate" if the compilation and its resulting copyright are not used to limit the access or legal rights of the compilation's users beyond what the individual works permit. Inclusion of a covered work in an aggregate does not cause this License to apply to the other parts of the aggregate.
57 |
58 | 6. Conveying Non-Source Forms.
59 | You may convey a covered work in object code form under the terms of sections 4 and 5, provided that you also convey the machine-readable Corresponding Source under the terms of this License, in one of these ways:
60 |
61 | a) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by the Corresponding Source fixed on a durable physical medium customarily used for software interchange.
62 | b) Convey the object code in, or embodied in, a physical product (including a physical distribution medium), accompanied by a written offer, valid for at least three years and valid for as long as you offer spare parts or customer support for that product model, to give anyone who possesses the object code either (1) a copy of the Corresponding Source for all the software in the product that is covered by this License, on a durable physical medium customarily used for software interchange, for a price no more than your reasonable cost of physically performing this conveying of source, or (2) access to copy the Corresponding Source from a network server at no charge.
63 | c) Convey individual copies of the object code with a copy of the written offer to provide the Corresponding Source. This alternative is allowed only occasionally and noncommercially, and only if you received the object code with such an offer, in accord with subsection 6b.
64 | d) Convey the object code by offering access from a designated place (gratis or for a charge), and offer equivalent access to the Corresponding Source in the same way through the same place at no further charge. You need not require recipients to copy the Corresponding Source along with the object code. If the place to copy the object code is a network server, the Corresponding Source may be on a different server (operated by you or a third party) that supports equivalent copying facilities, provided you maintain clear directions next to the object code saying where to find the Corresponding Source. Regardless of what server hosts the Corresponding Source, you remain obligated to ensure that it is available for as long as needed to satisfy these requirements.
65 | e) Convey the object code using peer-to-peer transmission, provided you inform other peers where the object code and Corresponding Source of the work are being offered to the general public at no charge under subsection 6d.
66 | A separable portion of the object code, whose source code is excluded from the Corresponding Source as a System Library, need not be included in conveying the object code work.
67 |
68 | A "User Product" is either (1) a "consumer product", which means any tangible personal property which is normally used for personal, family, or household purposes, or (2) anything designed or sold for incorporation into a dwelling. In determining whether a product is a consumer product, doubtful cases shall be resolved in favor of coverage. For a particular product received by a particular user, "normally used" refers to a typical or common use of that class of product, regardless of the status of the particular user or of the way in which the particular user actually uses, or expects or is expected to use, the product. A product is a consumer product regardless of whether the product has substantial commercial, industrial or non-consumer uses, unless such uses represent the only significant mode of use of the product.
69 |
70 | "Installation Information" for a User Product means any methods, procedures, authorization keys, or other information required to install and execute modified versions of a covered work in that User Product from a modified version of its Corresponding Source. The information must suffice to ensure that the continued functioning of the modified object code is in no case prevented or interfered with solely because modification has been made.
71 |
72 | If you convey an object code work under this section in, or with, or specifically for use in, a User Product, and the conveying occurs as part of a transaction in which the right of possession and use of the User Product is transferred to the recipient in perpetuity or for a fixed term (regardless of how the transaction is characterized), the Corresponding Source conveyed under this section must be accompanied by the Installation Information. But this requirement does not apply if neither you nor any third party retains the ability to install modified object code on the User Product (for example, the work has been installed in ROM).
73 |
74 | The requirement to provide Installation Information does not include a requirement to continue to provide support service, warranty, or updates for a work that has been modified or installed by the recipient, or for the User Product in which it has been modified or installed. Access to a network may be denied when the modification itself materially and adversely affects the operation of the network or violates the rules and protocols for communication across the network.
75 |
76 | Corresponding Source conveyed, and Installation Information provided, in accord with this section must be in a format that is publicly documented (and with an implementation available to the public in source code form), and must require no special password or key for unpacking, reading or copying.
77 |
78 | 7. Additional Terms.
79 | "Additional permissions" are terms that supplement the terms of this License by making exceptions from one or more of its conditions. Additional permissions that are applicable to the entire Program shall be treated as though they were included in this License, to the extent that they are valid under applicable law. If additional permissions apply only to part of the Program, that part may be used separately under those permissions, but the entire Program remains governed by this License without regard to the additional permissions.
80 |
81 | When you convey a copy of a covered work, you may at your option remove any additional permissions from that copy, or from any part of it. (Additional permissions may be written to require their own removal in certain cases when you modify the work.) You may place additional permissions on material, added by you to a covered work, for which you have or can give appropriate copyright permission.
82 |
83 | Notwithstanding any other provision of this License, for material you add to a covered work, you may (if authorized by the copyright holders of that material) supplement the terms of this License with terms:
84 |
85 | a) Disclaiming warranty or limiting liability differently from the terms of sections 15 and 16 of this License; or
86 | b) Requiring preservation of specified reasonable legal notices or author attributions in that material or in the Appropriate Legal Notices displayed by works containing it; or
87 | c) Prohibiting misrepresentation of the origin of that material, or requiring that modified versions of such material be marked in reasonable ways as different from the original version; or
88 | d) Limiting the use for publicity purposes of names of licensors or authors of the material; or
89 | e) Declining to grant rights under trademark law for use of some trade names, trademarks, or service marks; or
90 | f) Requiring indemnification of licensors and authors of that material by anyone who conveys the material (or modified versions of it) with contractual assumptions of liability to the recipient, for any liability that these contractual assumptions directly impose on those licensors and authors.
91 | All other non-permissive additional terms are considered "further restrictions" within the meaning of section 10. If the Program as you received it, or any part of it, contains a notice stating that it is governed by this License along with a term that is a further restriction, you may remove that term. If a license document contains a further restriction but permits relicensing or conveying under this License, you may add to a covered work material governed by the terms of that license document, provided that the further restriction does not survive such relicensing or conveying.
92 |
93 | If you add terms to a covered work in accord with this section, you must place, in the relevant source files, a statement of the additional terms that apply to those files, or a notice indicating where to find the applicable terms.
94 |
95 | Additional terms, permissive or non-permissive, may be stated in the form of a separately written license, or stated as exceptions; the above requirements apply either way.
96 |
97 | 8. Termination.
98 | You may not propagate or modify a covered work except as expressly provided under this License. Any attempt otherwise to propagate or modify it is void, and will automatically terminate your rights under this License (including any patent licenses granted under the third paragraph of section 11).
99 |
100 | However, if you cease all violation of this License, then your license from a particular copyright holder is reinstated (a) provisionally, unless and until the copyright holder explicitly and finally terminates your license, and (b) permanently, if the copyright holder fails to notify you of the violation by some reasonable means prior to 60 days after the cessation.
101 |
102 | Moreover, your license from a particular copyright holder is reinstated permanently if the copyright holder notifies you of the violation by some reasonable means, this is the first time you have received notice of violation of this License (for any work) from that copyright holder, and you cure the violation prior to 30 days after your receipt of the notice.
103 |
104 | Termination of your rights under this section does not terminate the licenses of parties who have received copies or rights from you under this License. If your rights have been terminated and not permanently reinstated, you do not qualify to receive new licenses for the same material under section 10.
105 |
106 | 9. Acceptance Not Required for Having Copies.
107 | You are not required to accept this License in order to receive or run a copy of the Program. Ancillary propagation of a covered work occurring solely as a consequence of using peer-to-peer transmission to receive a copy likewise does not require acceptance. However, nothing other than this License grants you permission to propagate or modify any covered work. These actions infringe copyright if you do not accept this License. Therefore, by modifying or propagating a covered work, you indicate your acceptance of this License to do so.
108 |
109 | 10. Automatic Licensing of Downstream Recipients.
110 | Each time you convey a covered work, the recipient automatically receives a license from the original licensors, to run, modify and propagate that work, subject to this License. You are not responsible for enforcing compliance by third parties with this License.
111 |
112 | An "entity transaction" is a transaction transferring control of an organization, or substantially all assets of one, or subdividing an organization, or merging organizations. If propagation of a covered work results from an entity transaction, each party to that transaction who receives a copy of the work also receives whatever licenses to the work the party's predecessor in interest had or could give under the previous paragraph, plus a right to possession of the Corresponding Source of the work from the predecessor in interest, if the predecessor has it or can get it with reasonable efforts.
113 |
114 | You may not impose any further restrictions on the exercise of the rights granted or affirmed under this License. For example, you may not impose a license fee, royalty, or other charge for exercise of rights granted under this License, and you may not initiate litigation (including a cross-claim or counterclaim in a lawsuit) alleging that any patent claim is infringed by making, using, selling, offering for sale, or importing the Program or any portion of it.
115 |
116 | 11. Patents.
117 | A "contributor" is a copyright holder who authorizes use under this License of the Program or a work on which the Program is based. The work thus licensed is called the contributor's "contributor version".
118 |
119 | A contributor's "essential patent claims" are all patent claims owned or controlled by the contributor, whether already acquired or hereafter acquired, that would be infringed by some manner, permitted by this License, of making, using, or selling its contributor version, but do not include claims that would be infringed only as a consequence of further modification of the contributor version. For purposes of this definition, "control" includes the right to grant patent sublicenses in a manner consistent with the requirements of this License.
120 |
121 | Each contributor grants you a non-exclusive, worldwide, royalty-free patent license under the contributor's essential patent claims, to make, use, sell, offer for sale, import and otherwise run, modify and propagate the contents of its contributor version.
122 |
123 | In the following three paragraphs, a "patent license" is any express agreement or commitment, however denominated, not to enforce a patent (such as an express permission to practice a patent or covenant not to sue for patent infringement). To "grant" such a patent license to a party means to make such an agreement or commitment not to enforce a patent against the party.
124 |
125 | If you convey a covered work, knowingly relying on a patent license, and the Corresponding Source of the work is not available for anyone to copy, free of charge and under the terms of this License, through a publicly available network server or other readily accessible means, then you must either (1) cause the Corresponding Source to be so available, or (2) arrange to deprive yourself of the benefit of the patent license for this particular work, or (3) arrange, in a manner consistent with the requirements of this License, to extend the patent license to downstream recipients. "Knowingly relying" means you have actual knowledge that, but for the patent license, your conveying the covered work in a country, or your recipient's use of the covered work in a country, would infringe one or more identifiable patents in that country that you have reason to believe are valid.
126 |
127 | If, pursuant to or in connection with a single transaction or arrangement, you convey, or propagate by procuring conveyance of, a covered work, and grant a patent license to some of the parties receiving the covered work authorizing them to use, propagate, modify or convey a specific copy of the covered work, then the patent license you grant is automatically extended to all recipients of the covered work and works based on it.
128 |
129 | A patent license is "discriminatory" if it does not include within the scope of its coverage, prohibits the exercise of, or is conditioned on the non-exercise of one or more of the rights that are specifically granted under this License. You may not convey a covered work if you are a party to an arrangement with a third party that is in the business of distributing software, under which you make payment to the third party based on the extent of your activity of conveying the work, and under which the third party grants, to any of the parties who would receive the covered work from you, a discriminatory patent license (a) in connection with copies of the covered work conveyed by you (or copies made from those copies), or (b) primarily for and in connection with specific products or compilations that contain the covered work, unless you entered into that arrangement, or that patent license was granted, prior to 28 March 2007.
130 |
131 | Nothing in this License shall be construed as excluding or limiting any implied license or other defenses to infringement that may otherwise be available to you under applicable patent law.
132 |
133 | 12. No Surrender of Others' Freedom.
134 | If conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot convey a covered work so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not convey it at all. For example, if you agree to terms that obligate you to collect a royalty for further conveying from those to whom you convey the Program, the only way you could satisfy both those terms and this License would be to refrain entirely from conveying the Program.
135 |
136 | 13. Remote Network Interaction; Use with the GNU General Public License.
137 | Notwithstanding any other provision of this License, if you modify the Program, your modified version must prominently offer all users interacting with it remotely through a computer network (if your version supports such interaction) an opportunity to receive the Corresponding Source of your version by providing access to the Corresponding Source from a network server at no charge, through some standard or customary means of facilitating copying of software. This Corresponding Source shall include the Corresponding Source for any work covered by version 3 of the GNU General Public License that is incorporated pursuant to the following paragraph.
138 |
139 | Notwithstanding any other provision of this License, you have permission to link or combine any covered work with a work licensed under version 3 of the GNU General Public License into a single combined work, and to convey the resulting work. The terms of this License will continue to apply to the part which is the covered work, but the work with which it is combined will remain governed by version 3 of the GNU General Public License.
140 |
141 | 14. Revised Versions of this License.
142 | The Free Software Foundation may publish revised and/or new versions of the GNU Affero General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns.
143 |
144 | Each version is given a distinguishing version number. If the Program specifies that a certain numbered version of the GNU Affero General Public License "or any later version" applies to it, you have the option of following the terms and conditions either of that numbered version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of the GNU Affero General Public License, you may choose any version ever published by the Free Software Foundation.
145 |
146 | If the Program specifies that a proxy can decide which future versions of the GNU Affero General Public License can be used, that proxy's public statement of acceptance of a version permanently authorizes you to choose that version for the Program.
147 |
148 | Later license versions may give you additional or different permissions. However, no additional obligations are imposed on any author or copyright holder as a result of your choosing to follow a later version.
149 |
150 | 15. Disclaimer of Warranty.
151 | THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
152 |
153 | 16. Limitation of Liability.
154 | IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
155 |
156 | 17. Interpretation of Sections 15 and 16.
157 | If the disclaimer of warranty and limitation of liability provided above cannot be given local legal effect according to their terms, reviewing courts shall apply local law that most closely approximates an absolute waiver of all civil liability in connection with the Program, unless a warranty or assumption of liability accompanies a copy of the Program in return for a fee.
158 |
159 | END OF TERMS AND CONDITIONS
160 |
161 | How to Apply These Terms to Your New Programs
162 | If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms.
163 |
164 | To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively state the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found.
165 |
166 |
167 | Copyright (C)
168 |
169 | This program is free software: you can redistribute it and/or modify
170 | it under the terms of the GNU Affero General Public License as
171 | published by the Free Software Foundation, either version 3 of the
172 | License, or (at your option) any later version.
173 |
174 | This program is distributed in the hope that it will be useful,
175 | but WITHOUT ANY WARRANTY; without even the implied warranty of
176 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
177 | GNU Affero General Public License for more details.
178 |
179 | You should have received a copy of the GNU Affero General Public License
180 | along with this program. If not, see .
181 | Also add information on how to contact you by electronic and paper mail.
182 |
183 | If your software can interact with users remotely through a computer network, you should also make sure that it provides a way for users to get its source. For example, if your program is a web application, its interface could display a "Source" link that leads users to an archive of the code. There are many ways you could offer source, and different solutions will be better for different programs; see section 13 for the specific requirements.
184 |
185 | You should also get your employer (if you work as a programmer) or school, if any, to sign a "copyright disclaimer" for the program, if necessary. For more information on this, and how to apply and follow the GNU AGPL, see .
186 |
--------------------------------------------------------------------------------
/src/gvm/comment.sty:
--------------------------------------------------------------------------------
1 | %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
2 | % Comment.sty version 3.8, July 2016
3 | % copyright 1998-2016 Victor Eijkhout
4 | %
5 | % Purpose:
6 | % selectively in/exclude pieces of text: the user can define new
7 | % comment versions, and each is controlled separately.
8 | % Special comments can be defined where the user specifies the
9 | % action that is to be taken with each comment line.
10 | %
11 | % Author
12 | % Victor Eijkhout
13 | % Texas Advanced Computing Center
14 | % The University of Texas at Austin
15 | % Austin TX 78758
16 | % USA
17 | %
18 | % victor@eijkhout.net
19 | %
20 | % This program is free software; you can redistribute it and/or
21 | % modify it under the terms of the GNU General Public License
22 | % as published by the Free Software Foundation; either version 2
23 | % of the License, or (at your option) any later version.
24 | %
25 | % This program is distributed in the hope that it will be useful,
26 | % but WITHOUT ANY WARRANTY; without even the implied warranty of
27 | % MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
28 | % GNU General Public License for more details.
29 | %
30 | % For a copy of the GNU General Public License, write to the
31 | % Free Software Foundation, Inc.,
32 | % 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA,
33 | % or find it on the net, for instance at
34 | % http://www.gnu.org/copyleft/gpl.html
35 | %
36 | %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
37 | %
38 | % Usage: all text included between
39 | % \begin{comment}
40 | % ...
41 | % \end{comment}
42 | % is discarded.
43 | %
44 | % The opening and closing commands should appear on a line
45 | % of their own. No starting spaces, nothing after it.
46 | % This environment should work with arbitrary amounts
47 | % of comment, and the comment can be arbitrary text.
48 | %
49 | % Other `comment' environments are defined by
50 | % and are selected/deselected with
51 | % \includecomment{versiona}
52 | % \excludecoment{versionb}
53 | %
54 | % These environments are used as
55 | % \begin{versiona} ... \end{versiona}
56 | % with the opening and closing commands again on a line of
57 | % their own.
58 | %
59 | % This is not a LaTeX environment: for an included comment, the
60 | % \begin and \end lines act as if they don't exist.
61 | % In particular, they don't imply grouping, so assignments
62 | % &c are not local.
63 | %
64 | %%
65 | %% Guide to special effects
66 | %%
67 | % To understand what happens here, you need to know just a bit about
68 | % the implementation. Lines inside a comment are scooped up one at a
69 | % time, and written to an external file. This file can then be
70 | % included, or ignored. Or you can do stuff with it as you'll see now.
71 | %
72 | % Special comments are defined as
73 | % \specialcomment{name}{before commands}{after commands}
74 | % where the second and third arguments are executed before
75 | % and after each comment block. You can use this for global
76 | % formatting commands.
77 | % To keep definitions &c local, you can include \begingroup
78 | % in the `before commands' and \endgroup in the `after commands'.
79 | % ex:
80 | % \specialcomment{smalltt}
81 | % {\begingroup\ttfamily\footnotesize}{\endgroup}
82 | % Of course, in this case you could probably have used the standard
83 | % LaTeX \newenvironment.
84 | %
85 | % With \specialcomment you do *not* have to do an additional
86 | % \includecomment{smalltt}
87 | % To remove 'smalltt' blocks, give \excludecomment{smalltt}
88 | % after the definition.
89 | %
90 | % The comment environments use two auxiliary commands. You can get
91 | % nifty special effects by redefining them.
92 | % 1/ the commented text is written to an external file. Default definition:
93 | % \def\CommentCutFile{comment.cut}
94 | % 2/ included comments are processed like this:
95 | % \def\ProcessCutFile{\input{\CommentCutFile}\relax}
96 | % and excluded files have
97 | % \def\ProcessCutFile{}
98 | %
99 | % Fun use of special comments: the inclusion of the comment is done
100 | % by \ProcessCutFile, so you can redefine that:
101 | % \specialcomment{mathexamplewithcode}
102 | % {\begingroup\def\ProcessCutFile{}} %1
103 | % {\verbatiminput{\CommentCutFile} %2
104 | % \endgroup
105 | % This gives:
106 | % \begin{equation} \input{\CommentCutFile} \end{equation}
107 | % }
108 | % 1: do not standard include the file
109 | % 2: input it verbatim, then again inside display math
110 | %
111 | % You can also apply processing to each line.
112 | % By defining a control sequence
113 | % \def\Thiscomment##1{...} in the before commands the user can
114 | % specify what is to be done with each comment line. If something
115 | % needs to be written to file, use \WriteCommentLine{the stuff}
116 | % Example:
117 | % \specialcomment{underlinecomment}
118 | % {\def\ThisComment##1{\WriteCommentLine{\underline{##1}\par}}
119 | % \par}
120 | % {\par}
121 | %
122 | % Trick for short in/exclude macros (such as \maybe{this snippet}):
123 | %\includecomment{cond}
124 | %\newcommand{\maybe}[1]{}
125 | %\begin{cond}
126 | %\renewcommand{\maybe}[1]{#1}
127 | %\end{cond}
128 | %
129 | % Changes in 3.8
130 | % - utf8 is now correctly handled, at least if you use eTeX.
131 | % (Thanks Henry Gregory for the solution)
132 | % Changes in 3.7
133 | % - only LaTeX support from now on
134 | % - code cleanup, and improvements on \specialcomment
135 | % - cleanup of the docs.
136 | % Changed in 3.6
137 | % - documentation update
138 | % - comment file inclusion is now a customizable command
139 | % Changes in 3.5
140 | % - corrected typo in header.
141 | % - changed author email
142 | % - corrected \specialcomment yet again.
143 | % - fixed excludecomment of an earlier defined environment.
144 | % Changes in 3.4
145 | % - added GNU public license
146 | % - added \processcomment, because Ivo's fix (above) brought an
147 | % inconsistency to light.
148 | % Changes in 3.3
149 | % - updated author's address again
150 | % - parametrised \CommentCutFile
151 | % Changes in 3.2
152 | % - \specialcomment brought up to date (thanks to Ivo Welch).
153 | % Changes in version 3.1
154 | % - updated author's address
155 | % - cleaned up some code
156 | % - trailing contents on \begin{env} line is always discarded
157 | % even if you've done \includecomment{env}
158 | % - comments no longer define grouping!! you can even
159 | % \includecomment{env}
160 | % \begin{env}
161 | % \begin{itemize}
162 | % \end{env}
163 | % Isn't that something ...
164 | % - included comments are written to file and input again.
165 | %
166 | % Known bugs:
167 | % - excludecomment leads to one superfluous space
168 | % - processcomment leads to a superfluous line break at the start
169 | %
170 | \def\makeinnocent#1{\catcode`#1=12 }
171 | \def\csarg#1#2{\expandafter#1\csname#2\endcsname}
172 | \def\latexname{lplain}\def\latexename{LaTeX2e}
173 | \newwrite\CommentStream
174 | \def\DefaultCutFileName{\def\CommentCutFile{comment.cut}}
175 | \DefaultCutFileName
176 |
177 | % begin / end processing
178 | %
179 | % this contains the only real begin/endgroup commands, to keep the
180 | % catcode changes local.
181 | \def\ProcessComment#1% start it all of
182 | {\def\CurrentComment{#1}%
183 | \begingroup
184 | \let\do\makeinnocent \dospecials
185 | \makeinnocent\^^L% and whatever other special cases
186 | \endlinechar`\^^M\relax \catcode`\^^M=12\relax \xComment}
187 | {\catcode`\^^M=12 \endlinechar=-1 %
188 | \gdef\xComment#1^^M{\ProcessCommentLine}
189 | \gdef\ProcessCommentLine#1^^M{\def\test{#1}
190 | \csarg\ifx{End\CurrentComment Test}\test
191 | \edef\next{\endgroup\noexpand\EndOfComment{\CurrentComment}}%
192 | \else \ThisComment{#1}\let\next\ProcessCommentLine
193 | \fi \next}
194 | }
195 |
196 | %%
197 | %% Initial action: SetUpCutFile opens the CommentCutFile
198 | %% hook for initial actions: PrepareCutFile, default null
199 | %%
200 | \def\SetUpCutFile
201 | {\immediate\openout\CommentStream=\CommentCutFile
202 | \PrepareCutFile}
203 | \def\PrepareCutFile{}
204 |
205 | %%
206 | %% Each line action: ThisComment,
207 | %% default: WriteCommentLine on line contents
208 | %% version 3.8: write unexpanded if using eTeX
209 | %%
210 | \expandafter\ifx\csname eTeXversion\endcsname\relax
211 | \long\def\WriteCommentLine#1{\immediate\write\CommentStream{#1}}
212 | \else
213 | \long\def\WriteCommentLine#1{\immediate\write\CommentStream{\unexpanded{#1}}}
214 | \fi
215 | \let\ThisComment\WriteCommentLine
216 |
217 | %%
218 | %% Final action: ProcessCutFile
219 | %% hook for final action before file closing: FinalizeCutFile, default null
220 | %%
221 | \def\ProcessCutFile
222 | {\message{Straight input of \CommentCutFile.}%
223 | \input{\CommentCutFile}\relax}
224 | \def\CloseAndInputCutFile
225 | {\FinalizeCutFile
226 | \immediate\closeout\CommentStream
227 | \ProcessCutFile}
228 | \def\FinalizeCutFile{}
229 |
230 | %%
231 | %% Define the different comment types
232 | %%
233 | % included comments: all the default actions
234 | \def\includecomment
235 | #1{\message{Include comment '#1'}%
236 | \csarg\def{After#1Comment}{\CloseAndInputCutFile}
237 | \csarg\def{#1}{\endgroup \message{Including '#1' comment.}%
238 | \DefaultCutFileName \SetUpCutFile \ProcessComment{#1}}%
239 | \CommentEndDef{#1}}
240 | % excluded comment: also default
241 | \def\excludecomment
242 | #1{\message{Excluding comment '#1'}%
243 | \csarg\def{#1}{\endgroup \message{Excluding '#1' comment.}%
244 | \begingroup
245 | \DefaultCutFileName \def\ProcessCutFile{}%
246 | \def\ThisComment####1{}\ProcessComment{#1}}%
247 | \csarg\def{After#1Comment}{\CloseAndInputCutFile \endgroup}
248 | \CommentEndDef{#1}}
249 | % special comment
250 | \long\def\specialcomment
251 | #1#2#3{\message{Special comment '#1'}%
252 | \csarg\def{#1}{\endgroup \message{Processing '#1' comment.}%
253 | \DefaultCutFileName
254 | #2\relax \SetUpCutFile
255 | % #2 before SetUp, so we can do renaming.
256 | \message{Comment '#1' writing to \CommentCutFile.}%
257 | \ProcessComment{#1}}%
258 | \csarg\def{After#1Comment}{\CloseAndInputCutFile #3}%
259 | \CommentEndDef{#1}}
260 | \long\def\generalcomment
261 | #1#2#3{\message{General comment '#1'}%
262 | \csarg\def{#1}{\endgroup % counter the environment open of LaTeX
263 | #2 \relax \SetUpCutFile \ProcessComment{#1}}%
264 | \csarg\def{After#1Comment}{\CloseAndInputCutFile #3}%
265 | \CommentEndDef{#1}}
266 | \long\def\processcomment
267 | #1#2#3#4{\message{Lines-Processing comment '#1'}%
268 | \csarg\def{#1}{\endgroup \SetUpCutFile #2\relax
269 | \ProcessComment{#1}}%
270 | \csarg\def{After#1Comment}{#3\CloseAndInputCutFile #4}%
271 | \CommentEndDef{#1}}
272 | \def\leveledcomment
273 | #1#2{\message{Include comment '#1' up to level '#2'}%
274 | %\csarg\newif{if#1IsStreamingComment}
275 | %\csarg\newif{if#1IsLeveledComment}
276 | %\csname #1IsLeveledCommenttrue\endcsname
277 | \csarg\let{After#1Comment}\CloseAndInputCutFile
278 | \csarg\def{#1}{\SetUpCutFile
279 | \ProcessCommentWithArg{#1}}%
280 | \CommentEndDef{#1}}
281 |
282 | \makeatletter
283 | \def\EndOfComment#1{%
284 | \csname After#1Comment\endcsname
285 | % sabotage LaTeX's environment testing
286 | \begingroup\def\@currenvir{#1}\end{#1}}
287 | \def\CommentEndDef#1{{\escapechar=-1\relax
288 | \csarg\xdef{End#1Test}{\string\\end\string\{#1\string\}}%
289 | }}
290 | \makeatother
291 |
292 | \excludecomment{comment}
293 |
294 | \endinput
295 |
--------------------------------------------------------------------------------
/src/gvm/gvm.cron:
--------------------------------------------------------------------------------
1 | #!/bin/sh
2 | #
3 | # Author: Scott R. Shinn
4 | # https://www.atomicorp.com
5 | #
6 | # This program is free software; you can redistribute it and/or modify
7 | # it under the terms of the Affero GNU General Public License (AGPL)
8 | #
9 |
10 |
11 | su - gvm -c "/usr/bin/greenbone-nvt-sync"
12 | su - gvm -c "/usr/sbin/greenbone-feed-sync --type GVMD_DATA"
13 | su - gvm -c "/usr/sbin/greenbone-feed-sync --type SCAP"
14 | su - gvm -c "/usr/sbin/greenbone-feed-sync --type CERT"
15 | su - gvm -c "openvas --update-vt-info"
16 |
17 | # Cleanup event for /tmp
18 | rm -rf /tmp/gvmd-split-xml-file-* >/dev/null 2>&1
19 |
20 |
21 |
--------------------------------------------------------------------------------
/src/gvm/gvm.sudo:
--------------------------------------------------------------------------------
1 | gvm ALL = NOPASSWD: /sbin/openvas
2 | gvm ALL = NOPASSWD: /sbin/gsad
3 |
--------------------------------------------------------------------------------
/src/gvm/openvas-cert-sync:
--------------------------------------------------------------------------------
1 | # start plugin sync daily at 130am
2 |
3 | PATH=/bin:/usr/bin:/sbin:/usr/sbin
4 | 30 1 * * * root /usr/sbin/greenbone-certdata-sync
5 |
--------------------------------------------------------------------------------
/src/gvm/openvas-nvt-sync:
--------------------------------------------------------------------------------
1 | # start plugin sync daily at 1am
2 | PATH=/bin:/usr/bin:/sbin:/usr/sbin
3 | 0 1 * * * root /usr/sbin/greenbone-nvt-sync
4 |
--------------------------------------------------------------------------------
/src/gvm/openvas-scap-sync:
--------------------------------------------------------------------------------
1 | # start plugin sync daily at 1am
2 | PATH=/bin:/usr/bin:/sbin:/usr/sbin
3 | 0 1 * * * root /usr/sbin/greenbone-scapdata-sync
4 |
--------------------------------------------------------------------------------
/src/gvm/openvas-setup:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 | #
3 | # Author: Scott R. Shinn
4 | # https://www.atomicorp.com
5 | #
6 | # This program is free software; you can redistribute it and/or modify
7 | # it under the terms of the Affero GNU General Public License (AGPL)
8 | #
9 |
10 | VERSION=6.1.0
11 | GVM_VERSION=22.04
12 |
13 | # Functions
14 |
15 | # Input validation function
16 | # check_input
17 | # if is passed on as null, then there is no default
18 | # Example: check_input "Some question (yes/no) " "yes|no" "yes"
19 | function check_input {
20 | message=$1
21 | validate=$2
22 | default=$3
23 |
24 | while [ $? -ne 1 ]; do
25 | echo -n "$message "
26 | read INPUTTEXT < /dev/tty
27 | if [ "$INPUTTEXT" == "" -a "$default" != "" ]; then
28 | INPUTTEXT=$default
29 | return 1
30 | fi
31 | echo $INPUTTEXT | egrep -q "$validate" && return 1
32 | echo "Invalid input"
33 | done
34 | }
35 |
36 | function download_update() {
37 | RETRIES=0
38 | DOWNLOAD_SUCCESS=0
39 | COMMAND=$1
40 | TEST=$2
41 | MSG=$3
42 |
43 |
44 | echo "$COMMAND"
45 |
46 | while [ $DOWNLOAD_SUCCESS -lt 1 ]; do
47 | if [ $RETRIES -gt 50 ]; then
48 | echo "Download not successful: too many failed attempts"
49 | echo " rerun $COMMAND manually"
50 | return
51 | fi
52 |
53 | su - gvm -c "$COMMAND"
54 |
55 | if [ -f $TEST ] ; then
56 | echo "$COMMAND success"
57 | DOWNLOAD_SUCCESS=1
58 | else
59 | echo "Retrying in 60 seconds..."
60 | sleep 60
61 | RETRIES=$(( $RETRIES + 1 ))
62 | fi
63 | done
64 |
65 | }
66 |
67 |
68 | echo
69 | echo "#####################################"
70 | echo "GVM Setup, Version: $VERSION"
71 | echo "Atomicorp, Inc."
72 | echo "#####################################"
73 | echo
74 |
75 | # Test for selinux
76 | if [ -f /usr/sbin/getenforce ]; then
77 | SELINUX=$(getenforce 2>/dev/null)
78 | if [ $? -eq 0 ] ; then
79 | if [ "$SELINUX" != "Disabled" ]; then
80 | echo "Error: Selinux is set to ($SELINUX)"
81 | echo " selinux must be disabled in order to use openvas"
82 | echo " exiting...."
83 | exit 1
84 | fi
85 | fi
86 | fi
87 |
88 | #Python
89 | alternatives --set python /usr/bin/python3
90 |
91 | # Set up postgres
92 | if [ ! -f /var/lib/pgsql/initdb_postgresql.log ]; then
93 | postgresql-setup --initdb --unit postgresql
94 |
95 | systemctl enable postgresql
96 | systemctl start postgresql
97 |
98 | su - postgres -c "createuser -DRS gvm"
99 | su - postgres -c "createdb -O gvm gvmd"
100 | su - postgres -c "psql gvmd -q --command='create role dba with superuser noinherit;'"
101 | su - postgres -c "psql gvmd -q --command='grant dba to gvm;'"
102 | su - postgres -c "psql gvmd -q --command='create extension \"uuid-ossp\";'"
103 | su - postgres -c "psql gvmd -q --command='create extension \"pgcrypto\";'"
104 | su - postgres -c "psql gvmd -q --command='create extension \"pg-gvm\";'"
105 | systemctl restart postgresql
106 | fi
107 |
108 |
109 |
110 |
111 | # redis setup
112 | if [ -f /etc/redis.conf ]; then
113 | REDIS_CONF=/etc/redis.conf
114 | elif [ -f /etc/redis/redis.conf ]; then
115 | REDIS_CONF=/etc/redis/redis.conf
116 | else
117 | echo "Error: Redis configuration was not detected"
118 | exit 1
119 | fi
120 |
121 |
122 | if ! grep -q "^unixsocket /var/run/redis/redis.sock" $REDIS_CONF ; then
123 | sed -i -e 's/^\(#.\)\?unixsocket \/.*$/unixsocket \/var\/run\/redis\/redis.sock/' $REDIS_CONF
124 | fi
125 |
126 |
127 | if ! grep -q ^unixsocketperm.*770 $REDIS_CONF; then
128 | sed -i -e 's/^\(#.\)\?unixsocketperm.*$/unixsocketperm 770/' $REDIS_CONF
129 | sed -i -e 's/^\(#.\)\?port.*$/port 0/' $REDIS_CONF
130 | fi
131 |
132 | # Bugfix for openvas (temporary)
133 | sed -i "s/^save/#save/g" $REDIS_CONF
134 |
135 | if grep ^db_address /etc/openvas/openvassd.conf 2>/dev/null; then
136 | sed -i -e 's/db_address=.*$/db_address=\/var\/run\/redis\/redis.sock/' /etc/openvas/openvas.conf
137 | else
138 | echo "db_address=/var/run/redis/redis.sock" >> /etc/openvas/openvas.conf
139 | fi
140 |
141 | if ! grep -q "^databases 512" $REDIS_CONF; then
142 | sed -i "s/^databases.*/databases 512/g" $REDIS_CONF
143 | fi
144 |
145 | # Add uer to redis socket
146 | if ! groups gvm |grep -q redis ; then
147 | usermod -aG redis gvm
148 | fi
149 |
150 | systemctl enable redis
151 | systemctl start redis
152 |
153 | #Set sysctl
154 | sysctl -w net.core.somaxconn=1024
155 | sysctl vm.overcommit_memory=1
156 | #
157 | if ! grep -q "net.core.somaxconn=1024" /etc/sysctl.conf; then
158 | echo "net.core.somaxconn=1024" >> /etc/sysctl.conf
159 | fi
160 | if ! grep -q "vm.overcommit_memory=1" /etc/sysctl.conf; then
161 | echo "vm.overcommit_memory=1" >> /etc/sysctl.conf
162 | fi
163 |
164 | #Disable transparent hugepages
165 | if ! $(grub2-editenv - list | grep -q transparent_hugepage=never) ; then
166 | grub2-editenv - set "$(grub2-editenv - list | grep kernelopts) transparent_hugepage=never"
167 | fi
168 |
169 |
170 |
171 | # Download NVT updates
172 | echo
173 | echo "Update NVT, CERT, and SCAP data"
174 | echo "Please note this step could take some time."
175 | echo "Once completed, this will be updated automatically every 24 hours"
176 | echo
177 |
178 | echo
179 | echo "Updating NVTs...."
180 | download_update /usr/bin/greenbone-nvt-sync /var/lib/gvm/plugins/plugin_feed_info.inc
181 |
182 | echo
183 | echo "Updating GVMD_DATA..."
184 | download_update "/usr/sbin/greenbone-feed-sync --type GVMD_DATA" /var/lib/gvm/data-objects/gvmd/${GVM_VERSION}/timestamp
185 |
186 | echo
187 | echo "Updating SCAP data..."
188 | download_update "/usr/sbin/greenbone-feed-sync --type SCAP" /var/lib/gvm/scap-data/official-cpe-dictionary_v2.2.xml
189 |
190 |
191 | echo
192 | echo "Updating CERT data..."
193 | download_update "/usr/sbin/greenbone-feed-sync --type CERT" /var/lib/gvm/cert-data/timestamp
194 |
195 |
196 | su - gvm -c "openvas --update-vt-info"
197 |
198 |
199 | # Handle certs
200 | echo
201 | echo -n "Updating OpenVAS Manager certificates: "
202 | su - gvm -c "/usr/bin/gvm-manage-certs -V >/dev/null 2>&1"
203 | if [ $? -ne 0 ]; then
204 | su - gvm -c "/usr/bin/gvm-manage-certs -a >/dev/null 2>&1"
205 | echo "Complete"
206 | else
207 | echo "Already Exists"
208 | fi
209 | echo
210 |
211 |
212 | # Start ospd
213 | systemctl start ospd-openvas
214 |
215 | # Start gvmd
216 | systemctl start gvmd
217 |
218 | if [ ! -f /var/lib/gvm/data-objects/gvmd/${GVM_VERSION}/timestamp ]; then
219 | echo "Error: GVMD Private data not found. "
220 | echo " exiting..."
221 | exit 1
222 | fi
223 |
224 |
225 | echo -n "GVMD startup: "
226 | until $(su - gvm -c "/usr/sbin/gvmd --get-users" >/dev/null 2>&1); do
227 | echo -n .
228 | sleep 3
229 | done
230 | echo Done
231 |
232 | if ! $(su - gvm -c "/usr/sbin/gvmd --get-users | grep -q ^admin$") ; then
233 |
234 |
235 |
236 |
237 | # Configure Admin user
238 | echo
239 | echo "Set the GSAD admin users password."
240 | echo "The admin user is used to configure accounts,"
241 | echo "Update NVT's manually, and manage roles."
242 | echo
243 |
244 | USERNAME=admin
245 |
246 | # Suppress output of password.
247 | if [[ -t 0 ]]; then
248 | stty -echo
249 | fi
250 |
251 | # Prompt the user for the desired password and verify its accuracy.
252 | PASSCONFIRMED=0
253 | while [ $PASSCONFIRMED -lt 1 ]; do
254 | read -s -p "Enter Administrator Password: " PASSWORD
255 | echo
256 |
257 | read -s -p "Verify Administrator Password: " PASSWORD2
258 | echo
259 |
260 |
261 | if [ "$PASSWORD" == "$PASSWORD2" ]; then
262 | if [ "$PASSWORD" == "" ]; then
263 | echo "Empty password not allowed."
264 | PASSCONFIRMED=0
265 | else
266 | PASSCONFIRMED=1
267 | fi
268 | echo
269 | else
270 | echo "Passwords do not match"
271 | echo
272 | fi
273 | done
274 | stty echo
275 |
276 |
277 | # Create admin user
278 | su - gvm -c "/usr/sbin/gvmd --create-user=${USERNAME}>/dev/null 2>&1"
279 | su - gvm -c "/usr/sbin/gvmd --user=${USERNAME} --new-password=\"${PASSWORD}\""
280 |
281 | # Set the feed owner
282 | FEED_OWNER=$(su - gvm -c "/usr/sbin/gvmd --get-users --verbose" | awk '/^admin / {print $2}')
283 | if [[ $FEED_OWNER == "" ]]; then
284 | echo "Error: Feed owner could not be found"
285 | exit 1
286 | fi
287 | su - gvm -c "/usr/sbin/gvmd --modify-setting 78eceaec-3385-11ea-b237-28d24461215b --value $FEED_OWNER"
288 |
289 | fi
290 |
291 | # Mosquitto setup
292 | if ! grep -q mqtt_server_uri /etc/openvas/openvas.conf; then
293 | echo "mqtt_server_uri = localhost:1883" >> /etc/openvas/openvas.conf
294 | fi
295 |
296 | systemctl start mosquitto
297 | systemctl start gsad
298 | systemctl start notus-scanner
299 | systemctl enable ospd-openvas
300 | systemctl enable notus-scanner
301 | systemctl enable gvmd
302 | systemctl enable gsad
303 | systemctl enable mosquitto
304 |
305 | # Set firewall rules
306 | DEFAULT_ZONE=$(firewall-cmd --get-default-zone)
307 | firewall-cmd --zone=$DEFAULT_ZONE --permanent --add-service=https
308 | firewall-cmd --reload
309 |
310 | # Planned, this is not multi-run safe yet
311 | #if ! grep -q "Updating CERT info succeeded" /var/log/gvm/gvmd.log; then
312 | # echo "GVMD startup can take some time to complete. Please be patient"
313 | # echo
314 | # echo -n "GVMD initializing: "
315 | # COUNTER=0
316 | # tail -f /var/log/gvm/gvmd.log | while read LOGLINE; do
317 | # if [ $COUNTER -ge 600 ]; then
318 | # echo "Error: gvmd startup was not detected successfully"
319 | # echo " exiting..."
320 | # exit 1
321 | # fi
322 | #
323 | # if [[ "${LOGLINE}" == *"sync_cert: Updating CERT info succeeded"* ]]; then
324 | # echo "Complete"
325 | # break
326 | # else
327 | # echo -n .
328 | # fi
329 | #
330 | # ((COUNTER++))
331 | # done
332 | #fi
333 |
334 |
335 |
336 | echo
337 | echo
338 | echo "#####################################"
339 | echo "Setup complete"
340 | echo " Log in to GSAD at https://localhost"
341 | echo "#####################################"
342 | echo
343 | echo
344 |
345 | # End
346 |
347 |
--------------------------------------------------------------------------------
/src/gvm/openvas.service:
--------------------------------------------------------------------------------
1 | [Unit]
2 | Description=Openvas Security Scanner
3 | After=network.target
4 | Requires=openvas-scanner.service
5 | Requires=openvas-manager.service
6 | Requires=greenbone-security-assistant.service
7 |
8 | [Service]
9 | Type=oneshot
10 | ExecStart=/bin/true
11 | RemainAfterExit=yes
12 |
13 | [Install]
14 | WantedBy=multi-user.target
15 |
16 |
--------------------------------------------------------------------------------
/tests/Dockerfile:
--------------------------------------------------------------------------------
1 | # Build tester
2 | FROM centos:latest
3 | MAINTAINER Support
4 |
5 | #VOLUME ["/var/lib/openvas"]
6 |
7 | ADD run.sh /run.sh
8 | ADD config/gsad /etc/sysconfig/gsad
9 | ADD config/redis.conf /etc/redis.conf
10 | # This is only used for pdf reports, something we cant test in here anyway
11 | # Its a massive download
12 | #ADD config/texlive.repo /etc/yum.repos.d/texlive.repo
13 |
14 | # Uses the internal atomic-testing repo
15 | ADD config/internal-testing.repo /etc/yum.repos.d/internal-testing.repo
16 |
17 | RUN yum -y install wget
18 | RUN cd /root; NON_INT=1 wget -q -O - https://updates.atomicorp.com/installers/atomic |sh
19 |
20 |
21 | RUN \
22 | yum clean all && \
23 | yum -y update && \
24 | yum -y install deltarpm yum-plugin-fastestmirror && \
25 | yum -y install alien bzip2 useradd net-tools openssh texlive-changepage texlive-titlesec texlive-collection-latexextra
26 |
27 | # PDF fixes
28 | RUN mkdir -p /usr/share/texlive/texmf-local/tex/latex/comment
29 | ADD config/comment.sty /usr/share/texlive/texmf-local/tex/latex/comment/comment.sty
30 | RUN texhash
31 |
32 | # Scanners
33 | RUN yum -y install openvas OSPd-nmap OSPd
34 |
35 |
36 | #RUN \
37 | # /usr/sbin/greenbone-nvt-sync && \
38 | # /usr/sbin/greenbone-certdata-sync && \
39 | # /usr/sbin/greenbone-scapdata-sync && \
40 | # BUILD=true /run.sh
41 |
42 |
43 | RUN rm -rf /var/cache/yum/*
44 |
45 | CMD /run.sh
46 | EXPOSE 443
47 |
--------------------------------------------------------------------------------
/tests/config/comment.sty:
--------------------------------------------------------------------------------
1 | %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
2 | % Comment.sty version 3.8, July 2016
3 | % copyright 1998-2016 Victor Eijkhout
4 | %
5 | % Purpose:
6 | % selectively in/exclude pieces of text: the user can define new
7 | % comment versions, and each is controlled separately.
8 | % Special comments can be defined where the user specifies the
9 | % action that is to be taken with each comment line.
10 | %
11 | % Author
12 | % Victor Eijkhout
13 | % Texas Advanced Computing Center
14 | % The University of Texas at Austin
15 | % Austin TX 78758
16 | % USA
17 | %
18 | % victor@eijkhout.net
19 | %
20 | % This program is free software; you can redistribute it and/or
21 | % modify it under the terms of the GNU General Public License
22 | % as published by the Free Software Foundation; either version 2
23 | % of the License, or (at your option) any later version.
24 | %
25 | % This program is distributed in the hope that it will be useful,
26 | % but WITHOUT ANY WARRANTY; without even the implied warranty of
27 | % MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
28 | % GNU General Public License for more details.
29 | %
30 | % For a copy of the GNU General Public License, write to the
31 | % Free Software Foundation, Inc.,
32 | % 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA,
33 | % or find it on the net, for instance at
34 | % http://www.gnu.org/copyleft/gpl.html
35 | %
36 | %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
37 | %
38 | % Usage: all text included between
39 | % \begin{comment}
40 | % ...
41 | % \end{comment}
42 | % is discarded.
43 | %
44 | % The opening and closing commands should appear on a line
45 | % of their own. No starting spaces, nothing after it.
46 | % This environment should work with arbitrary amounts
47 | % of comment, and the comment can be arbitrary text.
48 | %
49 | % Other `comment' environments are defined by
50 | % and are selected/deselected with
51 | % \includecomment{versiona}
52 | % \excludecoment{versionb}
53 | %
54 | % These environments are used as
55 | % \begin{versiona} ... \end{versiona}
56 | % with the opening and closing commands again on a line of
57 | % their own.
58 | %
59 | % This is not a LaTeX environment: for an included comment, the
60 | % \begin and \end lines act as if they don't exist.
61 | % In particular, they don't imply grouping, so assignments
62 | % &c are not local.
63 | %
64 | %%
65 | %% Guide to special effects
66 | %%
67 | % To understand what happens here, you need to know just a bit about
68 | % the implementation. Lines inside a comment are scooped up one at a
69 | % time, and written to an external file. This file can then be
70 | % included, or ignored. Or you can do stuff with it as you'll see now.
71 | %
72 | % Special comments are defined as
73 | % \specialcomment{name}{before commands}{after commands}
74 | % where the second and third arguments are executed before
75 | % and after each comment block. You can use this for global
76 | % formatting commands.
77 | % To keep definitions &c local, you can include \begingroup
78 | % in the `before commands' and \endgroup in the `after commands'.
79 | % ex:
80 | % \specialcomment{smalltt}
81 | % {\begingroup\ttfamily\footnotesize}{\endgroup}
82 | % Of course, in this case you could probably have used the standard
83 | % LaTeX \newenvironment.
84 | %
85 | % With \specialcomment you do *not* have to do an additional
86 | % \includecomment{smalltt}
87 | % To remove 'smalltt' blocks, give \excludecomment{smalltt}
88 | % after the definition.
89 | %
90 | % The comment environments use two auxiliary commands. You can get
91 | % nifty special effects by redefining them.
92 | % 1/ the commented text is written to an external file. Default definition:
93 | % \def\CommentCutFile{comment.cut}
94 | % 2/ included comments are processed like this:
95 | % \def\ProcessCutFile{\input{\CommentCutFile}\relax}
96 | % and excluded files have
97 | % \def\ProcessCutFile{}
98 | %
99 | % Fun use of special comments: the inclusion of the comment is done
100 | % by \ProcessCutFile, so you can redefine that:
101 | % \specialcomment{mathexamplewithcode}
102 | % {\begingroup\def\ProcessCutFile{}} %1
103 | % {\verbatiminput{\CommentCutFile} %2
104 | % \endgroup
105 | % This gives:
106 | % \begin{equation} \input{\CommentCutFile} \end{equation}
107 | % }
108 | % 1: do not standard include the file
109 | % 2: input it verbatim, then again inside display math
110 | %
111 | % You can also apply processing to each line.
112 | % By defining a control sequence
113 | % \def\Thiscomment##1{...} in the before commands the user can
114 | % specify what is to be done with each comment line. If something
115 | % needs to be written to file, use \WriteCommentLine{the stuff}
116 | % Example:
117 | % \specialcomment{underlinecomment}
118 | % {\def\ThisComment##1{\WriteCommentLine{\underline{##1}\par}}
119 | % \par}
120 | % {\par}
121 | %
122 | % Trick for short in/exclude macros (such as \maybe{this snippet}):
123 | %\includecomment{cond}
124 | %\newcommand{\maybe}[1]{}
125 | %\begin{cond}
126 | %\renewcommand{\maybe}[1]{#1}
127 | %\end{cond}
128 | %
129 | % Changes in 3.8
130 | % - utf8 is now correctly handled, at least if you use eTeX.
131 | % (Thanks Henry Gregory for the solution)
132 | % Changes in 3.7
133 | % - only LaTeX support from now on
134 | % - code cleanup, and improvements on \specialcomment
135 | % - cleanup of the docs.
136 | % Changed in 3.6
137 | % - documentation update
138 | % - comment file inclusion is now a customizable command
139 | % Changes in 3.5
140 | % - corrected typo in header.
141 | % - changed author email
142 | % - corrected \specialcomment yet again.
143 | % - fixed excludecomment of an earlier defined environment.
144 | % Changes in 3.4
145 | % - added GNU public license
146 | % - added \processcomment, because Ivo's fix (above) brought an
147 | % inconsistency to light.
148 | % Changes in 3.3
149 | % - updated author's address again
150 | % - parametrised \CommentCutFile
151 | % Changes in 3.2
152 | % - \specialcomment brought up to date (thanks to Ivo Welch).
153 | % Changes in version 3.1
154 | % - updated author's address
155 | % - cleaned up some code
156 | % - trailing contents on \begin{env} line is always discarded
157 | % even if you've done \includecomment{env}
158 | % - comments no longer define grouping!! you can even
159 | % \includecomment{env}
160 | % \begin{env}
161 | % \begin{itemize}
162 | % \end{env}
163 | % Isn't that something ...
164 | % - included comments are written to file and input again.
165 | %
166 | % Known bugs:
167 | % - excludecomment leads to one superfluous space
168 | % - processcomment leads to a superfluous line break at the start
169 | %
170 | \def\makeinnocent#1{\catcode`#1=12 }
171 | \def\csarg#1#2{\expandafter#1\csname#2\endcsname}
172 | \def\latexname{lplain}\def\latexename{LaTeX2e}
173 | \newwrite\CommentStream
174 | \def\DefaultCutFileName{\def\CommentCutFile{comment.cut}}
175 | \DefaultCutFileName
176 |
177 | % begin / end processing
178 | %
179 | % this contains the only real begin/endgroup commands, to keep the
180 | % catcode changes local.
181 | \def\ProcessComment#1% start it all of
182 | {\def\CurrentComment{#1}%
183 | \begingroup
184 | \let\do\makeinnocent \dospecials
185 | \makeinnocent\^^L% and whatever other special cases
186 | \endlinechar`\^^M\relax \catcode`\^^M=12\relax \xComment}
187 | {\catcode`\^^M=12 \endlinechar=-1 %
188 | \gdef\xComment#1^^M{\ProcessCommentLine}
189 | \gdef\ProcessCommentLine#1^^M{\def\test{#1}
190 | \csarg\ifx{End\CurrentComment Test}\test
191 | \edef\next{\endgroup\noexpand\EndOfComment{\CurrentComment}}%
192 | \else \ThisComment{#1}\let\next\ProcessCommentLine
193 | \fi \next}
194 | }
195 |
196 | %%
197 | %% Initial action: SetUpCutFile opens the CommentCutFile
198 | %% hook for initial actions: PrepareCutFile, default null
199 | %%
200 | \def\SetUpCutFile
201 | {\immediate\openout\CommentStream=\CommentCutFile
202 | \PrepareCutFile}
203 | \def\PrepareCutFile{}
204 |
205 | %%
206 | %% Each line action: ThisComment,
207 | %% default: WriteCommentLine on line contents
208 | %% version 3.8: write unexpanded if using eTeX
209 | %%
210 | \expandafter\ifx\csname eTeXversion\endcsname\relax
211 | \long\def\WriteCommentLine#1{\immediate\write\CommentStream{#1}}
212 | \else
213 | \long\def\WriteCommentLine#1{\immediate\write\CommentStream{\unexpanded{#1}}}
214 | \fi
215 | \let\ThisComment\WriteCommentLine
216 |
217 | %%
218 | %% Final action: ProcessCutFile
219 | %% hook for final action before file closing: FinalizeCutFile, default null
220 | %%
221 | \def\ProcessCutFile
222 | {\message{Straight input of \CommentCutFile.}%
223 | \input{\CommentCutFile}\relax}
224 | \def\CloseAndInputCutFile
225 | {\FinalizeCutFile
226 | \immediate\closeout\CommentStream
227 | \ProcessCutFile}
228 | \def\FinalizeCutFile{}
229 |
230 | %%
231 | %% Define the different comment types
232 | %%
233 | % included comments: all the default actions
234 | \def\includecomment
235 | #1{\message{Include comment '#1'}%
236 | \csarg\def{After#1Comment}{\CloseAndInputCutFile}
237 | \csarg\def{#1}{\endgroup \message{Including '#1' comment.}%
238 | \DefaultCutFileName \SetUpCutFile \ProcessComment{#1}}%
239 | \CommentEndDef{#1}}
240 | % excluded comment: also default
241 | \def\excludecomment
242 | #1{\message{Excluding comment '#1'}%
243 | \csarg\def{#1}{\endgroup \message{Excluding '#1' comment.}%
244 | \begingroup
245 | \DefaultCutFileName \def\ProcessCutFile{}%
246 | \def\ThisComment####1{}\ProcessComment{#1}}%
247 | \csarg\def{After#1Comment}{\CloseAndInputCutFile \endgroup}
248 | \CommentEndDef{#1}}
249 | % special comment
250 | \long\def\specialcomment
251 | #1#2#3{\message{Special comment '#1'}%
252 | \csarg\def{#1}{\endgroup \message{Processing '#1' comment.}%
253 | \DefaultCutFileName
254 | #2\relax \SetUpCutFile
255 | % #2 before SetUp, so we can do renaming.
256 | \message{Comment '#1' writing to \CommentCutFile.}%
257 | \ProcessComment{#1}}%
258 | \csarg\def{After#1Comment}{\CloseAndInputCutFile #3}%
259 | \CommentEndDef{#1}}
260 | \long\def\generalcomment
261 | #1#2#3{\message{General comment '#1'}%
262 | \csarg\def{#1}{\endgroup % counter the environment open of LaTeX
263 | #2 \relax \SetUpCutFile \ProcessComment{#1}}%
264 | \csarg\def{After#1Comment}{\CloseAndInputCutFile #3}%
265 | \CommentEndDef{#1}}
266 | \long\def\processcomment
267 | #1#2#3#4{\message{Lines-Processing comment '#1'}%
268 | \csarg\def{#1}{\endgroup \SetUpCutFile #2\relax
269 | \ProcessComment{#1}}%
270 | \csarg\def{After#1Comment}{#3\CloseAndInputCutFile #4}%
271 | \CommentEndDef{#1}}
272 | \def\leveledcomment
273 | #1#2{\message{Include comment '#1' up to level '#2'}%
274 | %\csarg\newif{if#1IsStreamingComment}
275 | %\csarg\newif{if#1IsLeveledComment}
276 | %\csname #1IsLeveledCommenttrue\endcsname
277 | \csarg\let{After#1Comment}\CloseAndInputCutFile
278 | \csarg\def{#1}{\SetUpCutFile
279 | \ProcessCommentWithArg{#1}}%
280 | \CommentEndDef{#1}}
281 |
282 | \makeatletter
283 | \def\EndOfComment#1{%
284 | \csname After#1Comment\endcsname
285 | % sabotage LaTeX's environment testing
286 | \begingroup\def\@currenvir{#1}\end{#1}}
287 | \def\CommentEndDef#1{{\escapechar=-1\relax
288 | \csarg\xdef{End#1Test}{\string\\end\string\{#1\string\}}%
289 | }}
290 | \makeatother
291 |
292 | \excludecomment{comment}
293 |
294 | \endinput
295 |
--------------------------------------------------------------------------------
/tests/config/gsad:
--------------------------------------------------------------------------------
1 | OPTIONS=""
2 | #
3 | # The address the Greenbone Security Assistant will listen on.
4 | #
5 | GSA_ADDRESS=0.0.0.0
6 | #
7 | # The port the Greenbone Security Assistant will listen on.
8 | #
9 | GSA_PORT=443
10 |
11 |
12 |
--------------------------------------------------------------------------------
/tests/config/internal-testing.repo:
--------------------------------------------------------------------------------
1 | [internal-atomic-testing]
2 | name=Internal Atomic testing el7
3 | baseurl=http://loggerhead/channels/atomic-testing/centos/7/x86_64/
4 | enabled=1
5 | # not working?
6 | gpgcheck=0
7 | file=https://www.atomicorp.com/RPM-GPG-KEY.art.txt
8 |
9 | [internal-atomic-bleeding]
10 | name=Internal Atomic bleeding el7
11 | baseurl=http://loggerhead/channels/atomic-bleeding/centos/7/x86_64/
12 | enabled=1
13 | # not working?
14 | gpgcheck=0
15 | file=https://www.atomicorp.com/RPM-GPG-KEY.art.txt
16 |
17 |
--------------------------------------------------------------------------------
/tests/config/texlive.repo:
--------------------------------------------------------------------------------
1 | [TeXLive]
2 | name=TeXLive Packages for CentOS 7 - $basearch
3 | baseurl=https://raw.githubusercontent.com/FluidityProject/yum-centos7-texlive/master/$basearch
4 | enabled=1
5 | gpgcheck=0
6 |
7 |
--------------------------------------------------------------------------------
/tests/run.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | DATAVOL=/var/lib/openvas/
4 | OV_PASSWORD=${OV_PASSWORD:-admin}
5 | OV_UPDATE=${OV_UPDATE:0}
6 | ADDRESS=127.0.0.1
7 | KEY_FILE=/var/lib/openvas/private/CA/clientkey.pem
8 | CERT_FILE=/var/lib/openvas/CA/clientcert.pem
9 | CA_FILE=/var/lib/openvas/CA/cacert.pem
10 |
11 |
12 | redis-server /etc/redis.conf &
13 |
14 | echo "Testing redis status..."
15 | X="$(redis-cli ping)"
16 | while [ "${X}" != "PONG" ]; do
17 | echo "Redis not yet ready..."
18 | sleep 1
19 | X="$(redis-cli ping)"
20 | done
21 | echo "Redis ready."
22 |
23 | #echo
24 | #echo "Initializing persistent directory layout"
25 | #pushd /var/lib/openvas
26 | #
27 | #DATA_DIRS="CA cert-data mgr private/CA plugins scap-data"
28 | #for dir in $DATA_DIRS; do
29 | # if [ ! -d $dir ]; then
30 | # mkdir $dir
31 | # fi
32 | #done
33 | #popd
34 |
35 |
36 | # Check certs
37 | if [ ! -f /var/lib/openvas/CA/cacert.pem ]; then
38 | /usr/bin/openvas-manage-certs -a
39 | fi
40 |
41 | if [ "$OV_UPDATE" == "yes" ];then
42 | /usr/sbin/greenbone-nvt-sync
43 | /usr/sbin/greenbone-certdata-sync
44 | /usr/sbin/greenbone-scapdata-sync
45 | fi
46 |
47 | if [ ! -d /usr/share/openvas/gsa/locale ]; then
48 | mkdir -p /usr/share/openvas/gsa/locale
49 | fi
50 |
51 | echo "Restarting services"
52 | /usr/sbin/openvassd
53 | /usr/sbin/openvasmd
54 | /usr/sbin/gsad
55 |
56 | echo
57 | echo -n "Checking for scanners: "
58 | SCANNER=$(/usr/sbin/openvasmd --get-scanners)
59 | echo "Done"
60 |
61 | if ! echo $SCANNER | grep -q nmap ; then
62 | echo "Adding nmap scanner"
63 | /usr/bin/ospd-nmap --bind-address $ADDRESS --port 40001 --key-file $KEY_FILE --cert-file $CERT_FILE --ca-file $CA_FILE &
64 | /usr/sbin/openvasmd --create-scanner=ospd-nmap --scanner-host=localhost --scanner-port=40001 --scanner-type=OSP --scanner-ca-pub=/var/lib/openvas/CA/cacert.pem --scanner-key-pub=/var/lib/openvas/CA/clientcert.pem --scanner-key-priv=/var/lib/openvas/private/CA/clientkey.pem
65 | echo
66 | else
67 | /usr/bin/ospd-nmap --bind-address $ADDRESS --port 40001 --key-file $KEY_FILE --cert-file $CERT_FILE --ca-file $CA_FILE &
68 |
69 | fi
70 |
71 |
72 | echo "Reloading NVTs"
73 | openvasmd --rebuild --progress
74 |
75 | # Check for users, and create admin
76 | if ! [[ $(openvasmd --get-users) ]] ; then
77 | /usr/sbin/openvasmd openvasmd --create-user=admin
78 | /usr/sbin/openvasmd --user=admin --new-password=$OV_PASSWORD
79 | fi
80 |
81 | if [ -n "$OV_PASSWORD" ]; then
82 | echo "Setting admin password"
83 | /usr/sbin/openvasmd --user=admin --new-password=$OV_PASSWORD
84 | fi
85 |
86 | echo "Checking setup"
87 | /usr/bin/openvas-check-setup --v9
88 |
89 |
90 | if [ -z "$BUILD" ]; then
91 | echo "Tailing logs"
92 | tail -F /var/log/openvas/*
93 | fi
94 |
95 |
--------------------------------------------------------------------------------
/version:
--------------------------------------------------------------------------------
1 | RELEASE_VERSION=22.4.1
2 | DEB_PACKAGES="openvas"
3 | DEB_VERSION="$RELEASE_VERSION"
4 | CHANGELOG="Initial Release"
5 |
6 |
--------------------------------------------------------------------------------