From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 99382158090 for ; Mon, 9 May 2022 12:07:27 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 672BFE08F7; Mon, 9 May 2022 12:07:26 +0000 (UTC) Received: from smtp.gentoo.org (woodpecker.gentoo.org [140.211.166.183]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 4C3BCE08F7 for ; Mon, 9 May 2022 12:07:26 +0000 (UTC) Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 383C634166A for ; Mon, 9 May 2022 12:07:25 +0000 (UTC) Received: from localhost.localdomain (localhost [IPv6:::1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id 8AAE0455 for ; Mon, 9 May 2022 12:07:23 +0000 (UTC) From: "Florian Schmaus" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Florian Schmaus" Message-ID: <1652098036.123dc0e869f647b8d0009e5fdd2152a74ec11227.flow@gentoo> Subject: [gentoo-commits] repo/gentoo:master commit in: net-analyzer/gvmd/, net-analyzer/gvmd/files/ X-VCS-Repository: repo/gentoo X-VCS-Files: net-analyzer/gvmd/files/gvm-sync-all net-analyzer/gvmd/files/gvm-sync-all.service net-analyzer/gvmd/files/gvm-sync-all.timer net-analyzer/gvmd/gvmd-21.4.5-r3.ebuild net-analyzer/gvmd/gvmd-21.4.5-r4.ebuild X-VCS-Directories: net-analyzer/gvmd/files/ net-analyzer/gvmd/ X-VCS-Committer: flow X-VCS-Committer-Name: Florian Schmaus X-VCS-Revision: 123dc0e869f647b8d0009e5fdd2152a74ec11227 X-VCS-Branch: master Date: Mon, 9 May 2022 12:07:23 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply X-Archives-Salt: b9106bf5-440e-491b-a704-f2250d6a48e9 X-Archives-Hash: bd384e02b40ff7fbf15bcc668f259fd9 commit: 123dc0e869f647b8d0009e5fdd2152a74ec11227 Author: Florian Schmaus gentoo org> AuthorDate: Mon May 9 11:50:33 2022 +0000 Commit: Florian Schmaus gentoo org> CommitDate: Mon May 9 12:07:16 2022 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=123dc0e8 net-analyzer/gvmd: fix LICENSE, gvm-sync-all helper, GVM_DEFAULT_DROP_USER Signed-off-by: Florian Schmaus gentoo.org> net-analyzer/gvmd/files/gvm-sync-all | 31 ++++++++++++++++++++++ net-analyzer/gvmd/files/gvm-sync-all.service | 7 +++++ net-analyzer/gvmd/files/gvm-sync-all.timer | 9 +++++++ ...gvmd-21.4.5-r3.ebuild => gvmd-21.4.5-r4.ebuild} | 6 ++++- 4 files changed, 52 insertions(+), 1 deletion(-) diff --git a/net-analyzer/gvmd/files/gvm-sync-all b/net-analyzer/gvmd/files/gvm-sync-all new file mode 100644 index 000000000000..d12b860e7fcb --- /dev/null +++ b/net-analyzer/gvmd/files/gvm-sync-all @@ -0,0 +1,31 @@ +#!/usr/bin/env bash +set -euo pipefail + +case ${USER} in + root) + exec su --shell /bin/bash --command "$0 $@" gvm + ;; + gvm) + ;; + *) + >&2 echo "Must be run as root or gvm user not ${USER}" + exit 1 + ;; +esac + +while getopts d OPTION "$@"; do + case ${OPTION} in + d) + set -x + ;; + esac +done +shift $((OPTIND - 1)) + +greenbone-nvt-sync +# Note that Greenbone recommends to sync CERT *after* SCAP, as the +# former depends on the later. See +# https://github.com/greenbone/gvmd/blob/main/INSTALL.md#keeping-the-feeds-up-to-date +for FEED_TYPE in SCAP CERT GVMD_DATA; do + greenbone-feed-sync --type ${FEED_TYPE} +done diff --git a/net-analyzer/gvmd/files/gvm-sync-all.service b/net-analyzer/gvmd/files/gvm-sync-all.service new file mode 100644 index 000000000000..a82e2950f3fd --- /dev/null +++ b/net-analyzer/gvmd/files/gvm-sync-all.service @@ -0,0 +1,7 @@ +[Unit] +Description=Update all feeds of the Greenbone Vulerability Management (GMV) suite +After=network-online.target + +[Service] +ExecStart=/usr/sbin/gvm-sync-all +User=gvm diff --git a/net-analyzer/gvmd/files/gvm-sync-all.timer b/net-analyzer/gvmd/files/gvm-sync-all.timer new file mode 100644 index 000000000000..9faf470e013c --- /dev/null +++ b/net-analyzer/gvmd/files/gvm-sync-all.timer @@ -0,0 +1,9 @@ +[Unit] +Description=Daily update of all feeds of the Greenbone Vulerability Management (GMV) suite + +[Timer] +OnCalendar=daily +RandomizedDelaySec=2hour + +[Install] +WantedBy=timers.target diff --git a/net-analyzer/gvmd/gvmd-21.4.5-r3.ebuild b/net-analyzer/gvmd/gvmd-21.4.5-r4.ebuild similarity index 95% rename from net-analyzer/gvmd/gvmd-21.4.5-r3.ebuild rename to net-analyzer/gvmd/gvmd-21.4.5-r4.ebuild index ea09acaeeeb5..5b5e6ab83497 100644 --- a/net-analyzer/gvmd/gvmd-21.4.5-r3.ebuild +++ b/net-analyzer/gvmd/gvmd-21.4.5-r4.ebuild @@ -10,7 +10,7 @@ HOMEPAGE="https://www.greenbone.net https://github.com/greenbone/gvmd/" SRC_URI="https://github.com/greenbone/gvmd/archive/v${PV}.tar.gz -> ${P}.tar.gz" SLOT="0" -LICENSE="GPL-2+" +LICENSE="AGPL-3+" KEYWORDS="~amd64 ~x86" IUSE="doc test" RESTRICT="!test? ( test )" @@ -87,6 +87,7 @@ src_configure() { "-DLIBDIR=${EPREFIX}/usr/$(get_libdir)" "-DSBINDIR=${EPREFIX}/usr/bin" "-DSYSTEMD_SERVICE_DIR=$(systemd_get_systemunitdir)" + "-DGVM_DEFAULT_DROP_USER=gvm" ) cmake_src_configure } @@ -123,4 +124,7 @@ src_install() { if ! use prefix; then fowners -R gvm:gvm /var/lib/gvm fi + + dosbin "${FILESDIR}"/gvm-sync-all + systemd_dounit "${FILESDIR}"/gvm-sync-all.{service,timer} }