rpms / openvas-scanner

Clone
Source Code
GIT

Files

  1.   4571c406eb80177996b9fd7a4c2efd26f78c078f
  2.   openvas-scanner.spec
Blob Blame History Raw 
#This number is the sequence number on intevation.org to download a file
%global		tar_download 1959
#%global	tar_version 4.0.6

Name:		openvas-scanner
Version:	4.0.6
Release:	1%{?dist}
Summary:	Open Vulnerability Assessment (OpenVAS) Scanner

License:	GPLv2
URL:		http://www.openvas.org

Source0:	http://wald.intevation.org/frs/download.php/%{tar_download}/%{name}-%{version}.tar.gz
#Source0:	http://wald.intevation.org/frs/download.php/%{tar_download}/%{name}-%{tar_version}.tar.gz
%if 0%{?rhel} >= 7 || 0%{?fedora} > 15
Source7:	openvas-scanner.service
%else
Source1:	openvas-scanner.initd
%endif
Source2:	openvassd.conf
Source3:	openvas-scanner.logrotate
Source4:	openvas-scanner.sysconfig
Source5:	openvas-nvt-sync-cron
Source6:	openvas-nvt-sync-cronjob

# Put certs to /etc/pki as suggested by http://fedoraproject.org/wiki/PackagingDrafts/Certificates
# Not reported upstream as it is RedHat/Fedora specific
Patch1:		openvas-scanner-pki.patch

# Put openvas-mkcert-client to bin directory instead of sbin and install its man page
# Reported upstream http://wald.intevation.org/tracker/?func=detail&aid=1941&group_id=29&atid=220
Patch2:		openvas-scanner-mkcertclient.patch

# Allow compile time definition of the directory to store openvassd.rules
# Reported upstream http://wald.intevation.org/tracker/?func=detail&aid=1940&group_id=29&atid=220
Patch3:		openvas-scanner-rulesdir.patch

# Replace _BSD_SOURCE and _SVID_SOURCE with _DEFAULT_SOURCE otherwise build fails with Werror
Patch4:		openvas-scanner-bsdsource.patch

BuildRequires:	openvas-libraries-devel >= 7.0
BuildRequires:	cmake >= 2.6.0
BuildRequires:	glib2-devel
BuildRequires:	libpcap-devel
BuildRequires:	gnutls-devel
BuildRequires:	gpgme-devel
BuildRequires:	libksba-devel
BuildRequires:	pkgconfig
BuildRequires:	libgcrypt-devel
BuildRequires:	doxygen

# This is introduced to accomodate difference in RHEL5/CentOS5
%if %{defined rhel}
%if 0%{?rhel} <= 5
# RHEL5
BuildRequires:	e2fsprogs-libs-devel
%else
#RHEL6
BuildRequires:	libuuid-devel
%endif
%else
# Fedora 14 doesn't have "rhel" defined
BuildRequires:	libuuid-devel
%endif

%if 0%{?rhel} >= 7 || 0%{?fedora} > 15
BuildRequires:	systemd
BuildRequires:	systemd-units
Requires(post):	systemd
Requires(preun):	systemd
Requires(postun):	systemd
%else
Requires(post):	chkconfig
Requires(preun):	chkconfig
Requires(preun):	initscripts
%endif


# Required by the openvas-nvt-sync and greenbone-nvt-sync
Requires:	/usr/bin/md5sum
Requires:	/usr/bin/rsync
Requires:	/usr/bin/wget
Requires:	/usr/bin/curl

%filter_provides_in %{_libdir}/openvas/plugins
%filter_setup

%description
Scanner module for the Open Vulnerability Assessment System (OpenVAS).

%prep
%setup -q
#%setup -q -n %{name}-%{tar_version}
# Separation of feeds not possible because nasl script_dependencies doesn't search in all include_folders
#patch0 -p 1 -b .nvtfeed
%patch1 -p 1 -b .pkipath
%patch2 -p 1 -b .mkcert
%patch3 -p 1 -b .rules

#Patch for bsdsource seems to be needed only in 21/devel branch
%if 0%{?fedora} >= 21
%patch4 -p 1 -b .bsdsource
%endif

for i in CHANGES ChangeLog; do
	iconv -f iso8859-1 -t utf-8 $i > $i.utf8 && \
	touch -r $i $i.utf8 && \
	mv -f $i.utf8 $i;
done

%build
#configure --disable-static
export CFLAGS=-Werror=unused-but-set-variable
%cmake -DLOCALSTATEDIR:PATH=%{_var} -DOPENVASSD_RULES:PATH=%{_sysconfdir}/openvas/openvassd.rules
make %{?_smp_mflags}

%install
make install DESTDIR=%{buildroot} INSTALL="install -p"
find %{buildroot} -name '*.la' -exec rm -f {} ';'

# Config directory
mkdir -p %{buildroot}/%{_sysconfdir}/openvas
chmod 755 %{buildroot}/%{_sysconfdir}/openvas

# Make directories for the certificates
mkdir -p %{buildroot}/%{_sysconfdir}/pki/openvas/CA
chmod 755 %{buildroot}/%{_sysconfdir}/pki/openvas
chmod 755 %{buildroot}/%{_sysconfdir}/pki/openvas/CA
mkdir -p %{buildroot}/%{_sysconfdir}/pki/openvas/private/CA
chmod 700 %{buildroot}/%{_sysconfdir}/pki/openvas/private
chmod 700 %{buildroot}/%{_sysconfdir}/pki/openvas/private/CA

# Make directories for the NVT feeds
mkdir -p  %{buildroot}/%{_var}/lib/openvas/plugins
chmod 755 %{buildroot}/%{_var}/lib/openvas/plugins
# Separation of feeds not possible because nasl script_dependencies doesn't search in all include_folders
#mkdir -p  _{buildroot}/_{_var}/lib/openvas/plugins/nvt
#mkdir -p  _{buildroot}/_{_var}/lib/openvas/plugins/gsf

# Log direcotry
mkdir -p %{buildroot}/%{_var}/log/openvas

# Make plugin cache directory
mkdir -p %{buildroot}/%{_var}/cache/openvas


%if 0%{?rhel} >= 7 || 0%{?fedora} > 15
# Install systemd
install -Dp -m 644 %{SOURCE7} %{buildroot}/%{_unitdir}/%{name}.service
%else
# Install startup script
install -Dp -m 755 %{SOURCE1} %{buildroot}/%{_initddir}/openvas-scanner
%endif

# Install initial configuration
sed -e "s:@@OPENVAS_PLUGINS@@:%{_var}/lib/openvas/plugins:g
	s:@@OPENVAS_CACHE@@:%{_var}/cache/openvas:g
	s:@@OPENVAS_LOGDIR@@:%{_var}/log/openvas:g
	s:@@OPENVAS_SYSCONF@@:%{_sysconfdir}/openvas:g
	s:@@OPENVAS_CERT@@:%{_sysconfdir}/pki/openvas:g" %{SOURCE2} > openvassd.conf

install -Dp -m 644 openvassd.conf %{buildroot}/%{_sysconfdir}/openvas/

# Install log rotation stuff
install -m 644 -Dp %{SOURCE3} %{buildroot}/%{_sysconfdir}/logrotate.d/openvas-scanner

# Install sysconfig configration
install -Dp -m 644 %{SOURCE4} %{buildroot}/%{_sysconfdir}/sysconfig/openvas-scanner

# Install cron script for update
install -Dp -m 755 %{SOURCE5} %{buildroot}/%{_sbindir}/

# Install cront jobs to periodically update plugins
install -Dp -m 644 %{SOURCE6} %{buildroot}/%{_sysconfdir}/cron.d/openvas-sync-plugins

%if 0%{?rhel} >= 7 || 0%{?fedora} > 15
#systemd post
%post
%systemd_post %{name}.service

%preun
%systemd_preun %{name}.service

%postun
%systemd_postun_with_restart %{name}.service 

%else
#initv post
%post
# This adds the proper /etc/rc*.d links for the script
if [ "$1" -eq 1 ]; then
	/sbin/chkconfig --add openvas-scanner
fi

%preun
if [ $1 = 0 ]; then
	/sbin/service openvas-scanner stop >/dev/null 2>&1
	/sbin/chkconfig --del openvas-scanner
fi

%postun
if [ $1 -ge 1 ]; then
	/sbin/service openvas-scanner condrestart >/dev/null 2>&1
fi
%endif


%files
%doc CHANGES ChangeLog COPYING COPYING.GPLv2 README
%dir %{_sysconfdir}/openvas/
%dir %{_sysconfdir}/pki/openvas/
%dir %{_sysconfdir}/pki/openvas/CA/
%dir %{_sysconfdir}/pki/openvas/private/
%dir %{_sysconfdir}/pki/openvas/private/CA/
%dir %{_var}/lib/openvas/
%dir %{_var}/lib/openvas/plugins/
#Separation of feeds not possible because nasl script_dependencies doesn't search in all include_folders
#_dir _{_var}/lib/openvas/plugins/nvt/
#_dir _{_var}/lib/openvas/plugins/gsf/
%dir %{_var}/log/openvas/
%dir %{_var}/cache/openvas/
%config(noreplace) %{_sysconfdir}/openvas/openvassd.conf
%config(noreplace) %{_sysconfdir}/sysconfig/openvas-scanner
%config(noreplace) %{_sysconfdir}/cron.d/openvas-sync-plugins
%config(noreplace) %{_sysconfdir}/logrotate.d/openvas-scanner
%if 0%{?rhel} >= 7 || 0%{?fedora} > 15
%{_unitdir}/%{name}.service
%else
%{_initddir}/openvas-scanner
%endif
%{_bindir}/openvas-mkcert-client
%{_sbindir}/openvas-mkcert
%{_sbindir}/openvas-nvt-sync
%{_sbindir}/openvas-nvt-sync-cron
%{_sbindir}/greenbone-nvt-sync
%{_sbindir}/openvassd
%{_mandir}/man1/*.1.*
%{_mandir}/man8/*.8.*
#attr(644,root,root) _{_libdir}/openvas/plugins/*.nes

%changelog
* Sat Apr 04 2015 Michal Ambroz <rebus at, seznam.cz> - 4.0.6-1
- Update to OpenVAS-7 openvas-scanner release 4.0.6

* Sat Dec 06 2014 Michal Ambroz <rebus at, seznam.cz> - 4.0.5-1
- Update to OpenVAS-7 openvas-scanner release 4.0.5

* Fri Nov 07 2014 Michal Ambroz <rebus at, seznam.cz> - 4.0.4-2
- removed sysvinit subpackage - not needed anymore

* Wed Nov 05 2014 Michal Ambroz <rebus at, seznam.cz> - 4.0.4-1
- Update to OpenVAS-7 openvas-scanner release 4.0.4

* Fri Sep 12 2014 Michal Ambroz <rebus at, seznam.cz> - 4.0.3-1
- Update to OpenVAS-7 openvas-scanner release 4.0.3

* Tue Sep 02 2014 Michal Ambroz <rebus at, seznam.cz> - 4.0.2-1
- Update to OpenVAS-7 openvas-scanner release 4.0.2

* Sun Aug 17 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 4.0.1-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild

* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 4.0.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild

* Wed May 28 2014 Michal Ambroz <rebus at, seznam.cz> - 4.0.1-2
- fix startscripts due to -q (quiet) option removed

* Mon May 26 2014 Fabian Affolter <mail@fabian-affolter.ch> - 4.0.1-1
- Spec file update
- Update to lastest upstream release 4.0.1

* Thu Apr 24 2014 Tomáš Mráz <tmraz@redhat.com> - 3.4-4.beta2
- Rebuild for new libgcrypt

* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3.4-3.beta2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild

* Tue Mar 12 2013 Michal Ambroz <rebus at, seznam.cz> - 3.4-2.beta2
- bump to OpenVas-6 version 3.4+beta2

* Thu Mar 07 2013 Tomáš Mráz <tmraz@redhat.com> - 3.4-1.beta1
- rebuilt with new GnuTLS

* Wed Feb 06 2013 Michal Ambroz <rebus at, seznam.cz> - 3.4-0.beta1
- bump to OpenVas-6 version 3.4+beta1

* Thu Nov 15 2012 Michal Ambroz <rebus at, seznam.cz> - 3.3.1-1
- bump to OpenVas-5 version 3.3.1

* Fri Jul 20 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3.2.5-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild

* Tue Apr 10 2012 Michal Ambroz <rebus at, seznam.cz> - 3.2.5-5
- migrate the init scripts to systemd unit
- not containing the scripts for trigrerun as the whole suite is not functional
  anyway because of the incompatibility of gnutls

* Mon Jan 23 2012 Michal Ambroz <rebus at, seznam.cz> - 3.2.5-4
- fixed reporting of missing key file

* Mon Jan 23 2012 Michal Ambroz <rebus at, seznam.cz> - 3.2.5-3
- changed init.d script to display hints about openvas-mkcert in syslog

* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3.2.5-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild

* Sat Nov 05 2011 Michal Ambroz <rebus at, seznam.cz> - 3.2.5-1
- bump to bugfix release 3.2.5

* Tue Oct 04 2011 Michal Ambroz <rebus at, seznam.cz> - 3.2.4-1
- bump to bugfix release 3.2.4

* Mon Apr 11 2011 Michal Ambroz <rebus at, seznam.cz> - 3.2.3-1
- bump to bugfix release 3.2.3

* Mon Mar 28 2011 Michal Ambroz <rebus at, seznam.cz> - 3.2.2-4
- more strict dependencies to new openvas-libraries for OpenVAS 4

* Mon Mar 28 2011 Michal Ambroz <rebus at, seznam.cz> - 3.2.2-3
- rename intrd and logrotate to allow same naming convention for openvas-manager

* Sat Mar 26 2011 Michal Ambroz <rebus at, seznam.cz> - 3.2.2-2
- patch to fix compile time errors about set but not used variables

* Fri Mar 18 2011 Michal Ambroz <rebus at, seznam.cz> - 3.2.2-1
- Bump to latest stable release 4

* Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3.1.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild

* Thu Dec  9 2010 Stjepan Gros <stjepan.gros@gmail.com> - 3.1.2-2
- Changed BR so that it works for both RHEL5/CentOS5 and Fedora
- Changed startup script so that it works for both RHEL5/CentOS5 and Fedora

* Tue Nov 23 2010 Stjepan Gros <stjepan.gros@gmail.com> - 3.1.1-1
- synced with upstream version

* Fri Apr 16 2010 Stjepan Gros <stjepan.gros@gmail.com> - 3.0.2-3
- Reverted plugin permissions to 644
- Removed non-existing provides

* Wed Apr 14 2010 Stjepan Gros <stjepan.gros@gmail.com> - 3.0.2-2
- Changes based on the comments in the following review
  https://bugzilla.redhat.com/show_bug.cgi?id=562469#c24
- Included missed modifications to openvassd.conf by Michal Ambroz

* Tue Apr 13 2010 Stjepan Gros <stjepan.gros@gmail.com> - 3.0.2-1
- bump to a new upstream release

* Thu Mar 25 2010 Michal Ambroz <rebus at, seznam.cz> - 3.0.1-6
- fix config on 32bit architecture, double includes in specfile, permissions
- usage of macros/shell variables

* Fri Mar 12 2010 Stjepan Gros <stjepan.gros@gmail.com> - 3.0.1-5
- cron job shouldn't be replaced upon upgrade
- better alignment with Fedora's SysVInitScript guidelines
- Moved cronjob to cron.d directory
- Changed init.d name from openvassd into openvas-scanner
- Don't strip binary plugins in install phase to properly generate debuginfo

* Tue Mar  9 2010 Stjepan Gros <stjepan.gros@gmail.com> - 3.0.1-4
- Added cron job to periodically update plugins
- Added new option to init.d script to reload plugins

* Wed Mar  3 2010 Stjepan Gros <stjepan.gros@gmail.com> - 3.0.1-3
- Changes based on the comments in
  https://bugzilla.redhat.com/show_bug.cgi?id=562469#c5
- Fixed a small bug in postun scriptlet
- Ownership of /etc/openvas directory moved to libraries
- Modified init.d script to change openvassd into openvas-scanner

* Fri Feb 26 2010 Stjepan Gros <stjepan.gros@gmail.com> - 3.0.1-2
- Added cmake BR
- Changes based on the comments in
  https://bugzilla.redhat.com/show_bug.cgi?id=562469#c3

* Sat Feb  6 2010 Stjepan Gros <stjepan.gros@gmail.com> - 3.0.1-1
- Upgraded spec file for scanner version 3

* Tue Nov 17 2009 Stjepan Gros <stjepan.gros@gmail.com> - 2.0.3-1
- Minor changes from taken from Xavier Bachelot <xavier@bachelot.org>
- Initial spec file
Powered by Pagure 5.13.3
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.