Summary: The Open Vulnerability Assessment (OpenVAS) Server Name: openvas-scanner Version: 5.0.7 Release: 25 Source0: %{name}-%{version}.tar.gz Source1: openvas-initd.sh Source2: openvassd.conf Source3: openvas.logrotate Source4: openvas-scanner.sysconfig Source5: openvas-nvt-sync-cron Source6: openvas-nvt-sync-cronjob Source7: openvas-scanner.service Patch1: openvas-scanner-5.0.5-Werror.patch License: GNU GPLv2 URL: http://www.openvas.org Group: System Environment/Libraries Vendor: OpenVAS Development Team, http://www.openvas.org Packager: Scott R. Shinn BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root Prefix: %{_prefix} AutoReqProv: no AutoReq: 0 Obsoletes: openvas-plugins, openvas-server, openvas-server-devel BuildRequires: openvas-libraries-devel >= 7.0.0 BuildRequires: flex BuildRequires: automake libtool BuildRequires: cmake >= 2.6.0 BuildRequires: gpgme-devel BuildRequires: doxygen BuildRequires: libgcrypt-devel BuildRequires: redis %if 0%{?rhel} >= 7 || 0%{?fedora} > 15 BuildRequires: systemd BuildRequires: systemd-units Requires(post): systemd Requires(preun): systemd Requires(postun): systemd %else Requires(post): chkconfig Requires(preun): chkconfig Requires(preun): initscripts %endif Requires: openvas-libraries >= 5.0.0 #Required by the openvas-nvt-sync and greenbone-nvt-sync Requires: /usr/bin/md5sum Requires: /usr/bin/rsync Requires: /usr/bin/wget Requires: /usr/bin/curl Requires: which Requires: gpgme Requires: nmap pnscan openldap-clients net-snmp-utils Requires: rsync %if 0%{?fedora} >= 12 || 0%{?rhel} >= 6 %filter_provides_in %{_libdir}/openvas/plugins %filter_setup BuildRequires: libuuid libuuid-devel %else BuildRequires: e2fsprogs e2fsprogs-devel %endif %if 0%{?fedora} >= 15 BuildRequires: libassuan libassuan-devel %endif %if 0%{?fedora} >= 19 BuildRequires: libgcrypt-devel %endif %if 0%{?fedora} >= 12 || 0%{?rhel} >= 6 BuildRequires: libuuid libuuid-devel %else BuildRequires: e2fsprogs e2fsprogs-devel %endif # OV-7 %if 0%{?rhel} == 6 BuildRequires: atomic-gnutls3-gnutls-devel BuildRequires: atomic-glib2-glib2-devel BuildRequires: atomic-libxslt-libxslt-devel BuildConflicts: gnutls gnutls-devel Requires: atomic-gnutls3-gnutls atomic-glib2-glib2 atomic-libxslt-libxslt %else BuildRequires: gnutls-devel BuildRequires: glib2 >= 2.6.0, glib2-devel >= 2.6.0, %endif BuildRequires: libxslt libxslt-devel BuildRequires: libpcap-devel %description openvas-scanner is the server component of the Network Vulnerabilty Scanner suite OpenVAS. %prep %setup -n %{name}-%{version} -b 0 %patch1 -p 1 -b .werror for i in CHANGES ChangeLog; do iconv -f iso8859-1 -t utf-8 $i > $i.utf8 && \ touch -r $i $i.utf8 && \ mv -f $i.utf8 $i; done %build %if 0%{?rhel} == 6 export CC="gcc -Wl,-rpath,/opt/atomic/atomic-gnutls3/root/usr/lib,-rpath,/opt/atomic/atomic-gnutls3/root/usr/lib64,-rpath,/opt/atomic/atomic-glib2/root/usr/lib64/,-rpath,/opt/atomic/atomic-glib2/root/usr/lib/" export LDFLAGS="-L/opt/atomic/atomic-gnutls3/root/usr/lib -L/opt/atomic/atomic-gnutls3/root/usr/lib64 -L/lib -L/usr/openvas/lib/ -L/usr/openvas/lib64/" export CFLAGS="-I/opt/atomic/atomic-gnutls3/root/usr/include -I/usr/openvas/include" export GNUTLS_LIBS=/opt/atomic/atomic-gnutls3/root/usr/lib:/opt/atomic/atomic-gnutls3/root/usr/lib64 export PKG_CONFIG_PATH=/opt/atomic/atomic-glib2/root/usr/lib64/pkgconfig:/opt/atomic/atomic-gnutls3/root/usr/lib/pkgconfig:/opt/atomic/atomic-gnutls3/root/usr/lib64/pkgconfig:/usr/lib/pkgconfig/ %endif export CFLAGS="$RPM_OPT_FLAGS -Werror=unused-but-set-variable -lgpg-error -Wno-error=deprecated-declarations" cmake -DCMAKE_VERBOSE_MAKEFILE=ON \ -DCMAKE_INSTALL_PREFIX=%{_prefix} \ -DSYSCONFDIR=%{_sysconfdir} \ -DLIBDIR=%{_libdir} \ -DLOCALSTATEDIR=%{_localstatedir} %if 0%{?el4}0%{?el5} perl -p -i -e "s[^include= ][include= -I/usr/gnutls2/include -L/usr/gnutls2/lib ]" openvas.tmpl %endif # smp flags will sometimes break on el5 %{__make} %install rm -rf %{buildroot} make install DESTDIR=%{buildroot} INSTALL="install -p" find %{buildroot} -name '*.la' -exec rm -f {} ';' #chmod 755 %{buildroot}/%{_libdir}/openvas/plugins #Make directories for the NVT feeds mkdir -p %{buildroot}/%{_var}/lib/openvas/plugins/nvt mkdir -p %{buildroot}/%{_var}/lib/openvas/plugins/gsf # Make gnupg dir mkdir -p %{buildroot}/%{_var}/lib/openvas/gnupg/ # Make plugin cache directory mkdir -p %{buildroot}/%{_var}/cache/openvas # Make the log dir mkdir -p %{buildroot}/%{_var}/log/openvas # Make the sysconfig dir mkdir -p %{buildroot}/%{_sysconfdir}/openvas/ mkdir -p %{buildroot}/%{_sysconfdir}/openvas/gnupg %if 0%{?rhel} >= 7 || 0%{?fedora} > 15 install -Dp -m 644 %{SOURCE7} %{buildroot}/%{_unitdir}/%{name}.service %else # Install startup script. Dont use %{_initdir} here. This breaks el4 builds install -Dp -m 755 %{SOURCE1} %{buildroot}/%{_initddir}/%{name} %endif # Install initial configuration #install -Dp -m 644 %{SOURCE2} %{buildroot}/%{_sysconfdir}/openvas/ sed -e "s:@@OPENVAS_PLUGINS@@:%{_var}/lib/openvas/plugins:g s:@@OPENVAS_CACHE@@:%{_var}/cache/openvas:g s:@@OPENVAS_LOGDIR@@:%{_var}/log/openvas:g s:@@OPENVAS_SYSCONF@@:%{_sysconfdir}/openvas:g" %{SOURCE2} > openvassd.conf install -Dp -m 644 openvassd.conf %{buildroot}/%{_sysconfdir}/openvas/openvassd.conf # install log rotation stuff install -m 644 -Dp %{SOURCE3} \ %{buildroot}/%{_sysconfdir}/logrotate.d/openvas-scanner # Install sysconfig configration install -Dp -m 644 %{SOURCE4} %{buildroot}/%{_sysconfdir}/sysconfig/openvas-scanner # Install cron script for update install -Dp -m 755 %{SOURCE5} %{buildroot}/%{_sbindir}/openvas-nvt-sync-cron # Install cron jobs to periodically update plugins install -Dp -m 644 %{SOURCE6} %{buildroot}/%{_sysconfdir}/cron.d/openvas-sync-plugins %if 0%{?rhel} >= 7 || 0%{?fedora} > 15 #systemd post %post %systemd_post %{name}.service # Generate cert if [ ! -f /var/lib/openvas/CA/servercert.pem ] ; then /usr/sbin/openvas-mkcert -q >/dev/null 2>&1 fi %preun %systemd_preun %{name}.service %postun %systemd_postun_with_restart %{name}.service %else %post # This adds the proper /etc/rc*.d links for the script if [ $1 = 1 ]; then /sbin/chkconfig --add openvas-scanner fi /sbin/ldconfig >/dev/null 2>&1 /sbin/chkconfig openvas-scanner on # Generate cert if [ ! -f /var/lib/openvas/CA/servercert.pem ] ; then /usr/sbin/openvas-mkcert -q >/dev/null 2>&1 fi %preun if [ $1 = 0 ]; then /sbin/service openvas-scanner stop >/dev/null 2>&1 /sbin/chkconfig --del openvas-scanner fi %postun if [ $1 -ge 1 ]; then /sbin/service openvas-scanner condrestart >/dev/null 2>&1 fi %endif %clean rm -rf $RPM_BUILD_ROOT %files %defattr(-,root,root,-) %doc CHANGES ChangeLog COPYING README #%{_sbindir}/openvas-adduser %{_sbindir}/openvas-mkcert %{_bindir}/openvas-mkcert-client %{_sbindir}/openvas-nvt-sync %{_sbindir}/openvas-nvt-sync-cron %{_sbindir}/greenbone-nvt-sync %{_sbindir}/openvassd %if 0%{?rhel} >= 7 || 0%{?fedora} > 15 %{_unitdir}/%{name}.service %else %{_initddir}/openvas-scanner %endif %dir %{_sysconfdir}/openvas %dir %{_sysconfdir}/openvas/gnupg %config(noreplace) %{_sysconfdir}/openvas/openvassd.conf %config(noreplace) %{_sysconfdir}/sysconfig/openvas-scanner %config(noreplace) %{_sysconfdir}/cron.d/openvas-sync-plugins %config(noreplace) %{_sysconfdir}/logrotate.d/openvas-scanner %{_mandir}/man1/openvas-mkcert-client.1.* %{_mandir}/man8/openvas-mkcert.8.* %{_mandir}/man8/openvassd.8.* %{_mandir}/man8/openvas-nvt-sync.8.* %{_mandir}/man8/greenbone-nvt-sync.8.* %dir %{_var}/log/openvas %dir %{_var}/lib/openvas %dir %{_var}/cache/openvas %dir %{_var}/lib/openvas/plugins %dir %{_var}/lib/openvas/plugins/nvt %dir %{_var}/lib/openvas/plugins/gsf %dir %{_var}/lib/openvas/gnupg /usr/share/doc/openvas-scanner/example_redis_*.conf %changelog * Tue Sep 13 2016 Scott R. Shinn - 5.0.7-24 - Update to 5.0.7 * Wed Aug 31 2016 Scott R. Shinn - 5.0.6-24 - Update to 5.0.6 * Tue Dec 22 2015 Scott R. Shinn - 5.0.5-23 - Update to 5.0.5 * Mon Jul 13 2015 Scott R. Shinn - 5.0.4-22 - Update to 5.0.4 * Wed Jun 3 2015 Scott R. Shinn - 5.0.3-21 - Add systemd logic * Sat May 23 2015 Scott R. Shinn - 5.0.3-20 - Update to 5.0.3 * Tue Mar 17 2015 Scott R. Shinn - 4.0.6-19 - Update to 4.0.6 * Mon Dec 15 2014 Scott R. Shinn - 4.0.5-18 - Update for Fedora 21 * Thu Nov 27 2014 Scott R. Shinn - 4.0.5-17 - Update to 4.0.5 * Mon Nov 17 2014 Scott R. Shinn - 4.0.4-16 - Update to 4.0.4 * Tue Sep 9 2014 Scott R. Shinn - 4.0.3-15 - Update to 4.0.3 * Fri Aug 1 2014 Scott R. Shinn - 4.0.2-14 - Update to 4.0.2 * Wed Jul 30 2014 Scott R. Shinn - 4.0.1-13 - Bugfix: Add gnupg directory (Credits: Nelson Estrada) * Thu Jun 19 2014 Scott R. Shinn - 4.0.1-12 - Force rpath settings on EL6 * Mon Jun 16 2014 Scott R. Shinn - 4.0.1-11 - Add logic for El6 * Mon Jun 9 2014 Scott R. Shinn - 4.0.1-10 - Bugfix #XXX, Update init script * Mon May 5 2014 Scott R. Shinn - 4.0.1-9 - Update to 4.0.1 * Fri Feb 28 2014 Scott R. Shinn - 3.4.1-8 - Update to 3.4.1 * Thu Apr 25 2013 Scott R. Shinn - 3.4.0-7 - Bugfix #XXX, create /etc/openvas/gnupg. This fixes credential support * Thu Apr 18 2013 Scott R. Shinn - 3.4.0-5 - Update to 3.4.0 * Wed Jan 16 2013 Scott R. Shinn - 3.3.1-4 - bugfix #XXX, add PATH to openvas-nvt-sync-cron jobs * Fri Nov 23 2012 Scott R. Shinn - 3.3.1-3 - bugfix #XXX, add PATH to openvas-nvt-sync jobs * Thu May 10 2012 Scott R. Shinn - 3.3.1-2 - Update to 3.3.1 * Tue Apr 24 2012 Scott R. Shinn - 3.3.0-1 - Update to 3.3.0 * Fri Nov 4 2011 Scott R. Shinn - 3.2.5-1 - Update to 3.2.5 * Thu Jun 9 2011 Scott R. Shinn - 3.2.4-1 - Update to 3.2.4 * Mon Apr 11 2011 Scott R. Shinn - 3.2.3-1 - Update to 3.2.3 * Wed Feb 23 2011 Scott R. Shinn - 3.2.2-2 - Minor post config updates * Tue Feb 22 2011 Scott R. Shinn - 3.2.2-1 - Update to 3.2.2 * Thu Feb 17 2011 Scott R. Shinn - 3.2.1-1 - Update to 3.2.1 * Wed Dec 29 2010 Scott R. Shinn - 3.2-0.2 - Update to 3.2 rc1 * Sun Dec 5 2010 Scott R. Shinn - 3.2-0.1 - Update to 3.2 beta1 * Thu Oct 21 2010 Scott R. Shinn - 3.1.0-6 - Added Requires on which - Removed requires on nikto, amap, hydra, and ike-scan - Relinked for wmi client libraries * Mon Aug 30 2010 Scott R. Shinn - 3.1.0-5 - Added OPTIONS support to sysconfig & init scripts - Minor change to openvas.logrotate to focus on just the openvassd log files * Tue Jul 27 2010 Scott R. Shinn - 3.1.0-4 - Update to 3.1.0 final * Thu Jul 1 2010 Scott R. Shinn - 3.1.0-3 - Update to 3.1.0rc3 * Mon Jun 28 2010 Scott R. Shinn - 3.1.0-2 - Update to 3.1.0rc2 * Wed May 19 2010 Scott R. Shinn - 3.1.0-1 - Update to 3.1.0rc1 * Mon Mar 22 2010 Scott R. Shinn - 3.0.2-1 - Update to 3.0.2 * Thu Jan 28 2010 Scott R. Shinn - 3.0.1-1 - Update to 3.0.1 * Wed Jan 13 2010 Scott R. Shinn - 3.0.0-2 - Bugfix #XXX, corrected path in init script to point to the correct openvassd daemon - Bugfix #XXX, configured system to create the /var/cache/openvas dir by default * Fri Dec 18 2009 Scott R. Shinn - 3.0.0-1 - update to 3.0.0 * Wed Aug 19 2009 Scott R. Shinn - 2.0.3-1 - update to 2.0.3 * Wed Jun 3 2009 Scott R. Shinn - 2.0.2-1 - update to 2.0.2 * Thu Feb 26 2009 Scott R. Shinn - 2.0.1-1 - update to 2.0.1 * Tue Dec 30 2008 Scott R. Shinn - 2.0.0-2 - Added init scripts and post install routine - Bugfix #xxx, resolved libopenvas.2 linking issue * Mon Dec 22 2008 Scott R. Shinn - Update to 2.0.0 Final * Fri Dec 12 2008 Scott R. Shinn - Update to 2.0.0.rc1 * Mon Nov 17 2008 Scott R. Shinn - Added Requires for port scanners, ovaldi, and ldapclient - Added Requires for hydra - Update to beta2 * Fri Nov 7 2008 Scott R. Shinn - Update to 2.0.0.beta1 - Import into ART * Fri Apr 18 2008 Jan-Oliver Wagner - Adapated for Fedora 8 (naming) - %post and %postrun changed to apply ldconfig directly instead of using a (SUSE specific?) scriplet. * Wed Apr 16 2008 Jan-Oliver Wagner Initial OpenSUSE 10.2 spec file, tested for i586