community/gvmd: fix to make gvmd work again

8 files changed, 187 insertions, 73 deletions

diff --git a/community/gvmd/APKBUILD b/community/gvmd/APKBUILD
index 6b94bac328..522954dd0b 100644
--- a/community/gvmd/APKBUILD
+++ b/community/gvmd/APKBUILD
@@ -2,43 +2,60 @@
 # Maintainer: Francesco Colista <fcolista@alpinelinux.org>
 pkgname=gvmd
 pkgver=9.0.0
-pkgrel=0
+pkgrel=1
 pkgdesc="Greenbone Vulnerability Manager"
 url="http://www.openvas.org/"
 arch="all"
 license="GPL-2.0"
-depends="rsync sqlite libxslt sed gnutls-utils"
-makedepends="cmake gvm-libs-dev sqlite-dev clang-dev
-	libxslt-dev doxygen xmltoman perl-sql-translator glib-dev
-	gpgme-dev libgcrypt-dev graphviz libical-dev postgresql-dev"
+pkgusers="gvm"
+pkggroups="gvm"
+depends="rsync postgresql postgresql-contrib libxslt sed gnutls-utils gvm-libs"
+makedepends="cmake gvm-libs-dev clang-dev glib-dev
+	gpgme-dev libgcrypt-dev graphviz libical-dev
+	postgresql-dev gnutls-dev
+	doxygen libxslt xmltoman perl-sql-translator"
 checkdepends="cppcheck"
 subpackages="$pkgname-doc $pkgname-openrc"
-replaces="gvm"
 source="$pkgname-$pkgver.tar.gz::https://github.com/greenbone/gvmd/archive/v$pkgver.tar.gz
 	$pkgname.initd
 	$pkgname.confd
 	$pkgname.logrotate
-	greenbone-nvt-sync.conf
+
 	greenbone-certdata-sync.conf
 	greenbone-scapdata-sync.conf
+	greenbone-nvt-sync.conf
+
 	added-missing-includes.patch
-	sys-siglist.patch"
-builddir="$srcdir"/$pkgname-$pkgver
+	bin-openvas-change.patch
+	fix-alpine-sql-syntax.patch
+	sys-siglist.patch
+	fix-gvm-port-update-name-and-backend.patch
+	lockfile.patch"
+
+prepare() {
+	default_prepare
+	mkdir build
+}
 
 build() {
+	cd "$builddir"/build
 	cmake -DCMAKE_BUILD_TYPE=Release \
 		-DSBINDIR=/usr/bin \
 		-DCMAKE_INSTALL_PREFIX=/usr \
 		-DSYSCONFDIR=/etc \
-		-DLOCALSTATEDIR=/var .
+		-DLOCALSTATEDIR=/var \
+		-DGVM_RUN_DIR=/var/run/gvmd \
+	..
 	make
 }
 
 check() {
+	cd "$builddir"/build
 	make check
 }
 
 package() {
+	cd "$builddir"/build
 	make DESTDIR="$pkgdir" install
 	install -Dm644 "$srcdir/$pkgname.logrotate" "$pkgdir/etc/logrotate.d/$pkgname"
 	install -Dm755 "$srcdir/$pkgname.initd" "$pkgdir/etc/init.d/$pkgname"
@@ -46,14 +63,37 @@ package() {
 	for f in nvt certdata scapdata; do
 		install -Dm755 "$srcdir"/greenbone-$f-sync.conf "$pkgdir"/etc/gvm/greenbone-$f-sync.conf
 	done
+	mkdir -p "$pkgdir"/var/log/gvm
+	mkdir -p "$pkgdir"/var/lib/gvm
+	mkdir -p "$pkgdir"/var/lib/openvas
+	mkdir -p "$pkgdir"/var/run/gvmd
+	chown -R $pkgusers:$pkggroups "$pkgdir"/var/log/gvm/
+	chown -R $pkgusers:$pkggroups "$pkgdir"/var/lib/gvm/
+	chown -R $pkgusers:$pkggroups "$pkgdir"/var/lib/openvas
+	chown -R $pkgusers:$pkggroups "$pkgdir"/var/run/gvmd
+
+}
+
+doc() {
+	default_doc
+	mkdir -p "$subpkgdir"/usr/share/doc/$pkgname
+	cat >"$subpkgdir"/usr/share/doc/$pkgname/README.alpine <<EOF
+	** Add texlive to generate PDF reports with
+	** apk add texlive
+EOF
 }
 
+
 sha512sums="ffb6a61eefd3cf6514fea4030275d24f0f5c23514498a4d828c5f5ffc5344bf20452cbc7a09cd750adc237c036f30f002036c94292822d50cd9cba4b5db07458  gvmd-9.0.0.tar.gz
-41e45352ef98f7183171c3889fcefe192e530be6b2eecd4e4dde4c0f333f3741481c744592285917da313262e6fb2665a75f813b38bca7a9330765bc5da8b5f3  gvmd.initd
-5946db68bb5f7b3bf7cbae208a0fea6c9e023631d9fcd610539d2cf7c6290c8f7c2f55e0b4c7011c2263584b9eb42c7eae07db338917e8cc49acb63eb3950e1f  gvmd.confd
-0988482eb3223309eeafd1abc3f3dd94c08d2b273de00a546f598af5e8c90023410218d15e5cc289eeae611e4bc16e2536782b24c645854e8ffa51d19efb5550  gvmd.logrotate
-964779adc39cbed191bccf02ccc408a263860002d2dbddee755cf0d015336814b0b3c83f88a02cc0c5959657be5c49eb94380cd6ba15844e4b6088e49cd7a3f0  greenbone-nvt-sync.conf
+71c329f425c92159882dec37317e80d3e5c93abba04ea92b735d2a1d6a156ab5c379fdca5fa9b2816ae1e0f961dbac55b17452d6d1ad41f1dfb317976679cb32  gvmd.initd
+63ca41e839e40292e4e6eb93947866ae2626f375353dfc142a9618f5bfb87e843f924e5a2ab3f24b5c30ac1c7c8791a5b323cbe2e88fb3c4cfc9713647f8eec2  gvmd.confd
+e1eeef173bfab7c750efcc7faa42cf7a1cfb9e6b137716063f273bc709c1346f11262dadbdb0c49822d885dc00177d8ccb91c0491ddc33cfee0a3827f11908f6  gvmd.logrotate
 17df9386fc1dccf2fbe3b8d1fd499171f6681b61afe7b4c11ff9debc008798b31d1d02d59463031482d94e10833f0e71bde27cbbe422f23738c77b7c6ada79d2  greenbone-certdata-sync.conf
 37dbbd3f92f8baee8e89c274d820e03cba5ed5469a826f118897035c2f7719a915a71a6069eb6bf7f9a72e798b7837af9a6f25709215683d9d264292b5ccad66  greenbone-scapdata-sync.conf
+964779adc39cbed191bccf02ccc408a263860002d2dbddee755cf0d015336814b0b3c83f88a02cc0c5959657be5c49eb94380cd6ba15844e4b6088e49cd7a3f0  greenbone-nvt-sync.conf
 b5411a618e62e5a64fae3441d7f8a4db1fb7675200d8ce5f8208b09c6459b33920f3a65519c8d17781929917eeb4966e60701e64612c6cfcb77101130f779992  added-missing-includes.patch
-682ae0efb02c565ed28d67c3adc5d181fb0ac43d670573f0d9587cb6ff9d4dd89eaf1f43f0fab3928e447bee735958afec0f31c70f5ceffac3c68633469ff71a  sys-siglist.patch"
+8d711e7411c92aaa1fb7d2cb3bce1aae80e8843703fca15dcac202619907589e43ef0575e26470e075d6517bca150b777b1fa1afd32f900ca3e36537bacb17e4  bin-openvas-change.patch
+5b7645912e107f67e1cc64cdb817404bc5212c41328201cfcc048a3ee73cf3c135b5128f1da6e84946ddc9361751b3da92518e493d940c2bbbda0c8ada8f3d5f  fix-alpine-sql-syntax.patch
+682ae0efb02c565ed28d67c3adc5d181fb0ac43d670573f0d9587cb6ff9d4dd89eaf1f43f0fab3928e447bee735958afec0f31c70f5ceffac3c68633469ff71a  sys-siglist.patch
+981c4cb32e5ef46be97b0c2d3cb24ab8b49226212104eb56c49216d976a5ae3cda3518e7629c0417dd22c94cf2fe19c34b6a5d4efd291c06747db84e7be76596  fix-gvm-port-update-name-and-backend.patch
+ef23f5bb64371f4e11eae0830a0c7a6a6463b792b2907cbc0527b1cf5a273927f676a254634ee3228315b44b6ca56716d3dce122dd43937fed79f2a443ae2d3d  lockfile.patch"
diff --git a/community/gvmd/bin-openvas-change.patch b/community/gvmd/bin-openvas-change.patch
new file mode 100644
index 0000000000..4ae7bb4f5a
--- /dev/null
+++ b/community/gvmd/bin-openvas-change.patch
@@ -0,0 +1,19 @@
+diff --git a/tools/gvm-portnames-update.in b/tools/gvm-portnames-update.in
+index ab49349..b2889ee 100644
+--- a/tools/gvm-portnames-update.in
++++ b/tools/gvm-portnames-update.in
+@@ -49,12 +49,12 @@ fi
+ 
+ # Configure DB_DIR where our DB is located.
+ if [ -z "$DB_DIR" ]; then
+-  OPENVASSD=`which openvassd`
++  OPENVASSD=`which openvas`
+   if [ -z "$OPENVASSD" ] ; then
+     echo "[e] Error: openvassd is not in the path, could not determine the Manager directory."
+     exit 1
+   else
+-    OV_DIR=`openvassd -s | awk -F" = " '/^plugins_folder/ { print $2 }' | sed -s 's/\(^.*\)\/plugins/\1/'`
++    OV_DIR=`openvas -s | awk -F" = " '/^plugins_folder/ { print $2 }' | sed -s 's/\(^.*\)\/plugins/\1/'`
+   fi
+   DB_DIR="$OV_DIR/gvmd"
+ fi
diff --git a/community/gvmd/fix-alpine-sql-syntax.patch b/community/gvmd/fix-alpine-sql-syntax.patch
index 796c623192..09fd9b2dd7 100644
--- a/community/gvmd/fix-alpine-sql-syntax.patch
+++ b/community/gvmd/fix-alpine-sql-syntax.patch
@@ -1,36 +1,22 @@
-From a1633b5a54456b2b152abef24db19ae3587c8dae Mon Sep 17 00:00:00 2001
-From: 7ym0n <bb.qnyd@gmail.com>
-Date: Fri, 27 Sep 2019 04:31:27 -0400
-Subject: [PATCH 1/2] fixed start task failed
-
----
- src/manage_sql.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/manage_sql.c b/src/manage_sql.c
-index 1fc9582bb..c03e800b4 100644
---- a/src/manage_sql.c
-+++ b/src/manage_sql.c
-@@ -38041,7 +38041,7 @@ init_otp_pref_iterator (iterator_t* iterator,
-                  " WHERE config_preferences.config = %llu"
-                  " AND config_preferences.type = '%s'"
-                  " AND (config_preferences.name = nvt_preferences.name"
--                 "      OR config_preferences.name LIKE 'timeout.%')"
-+                 "      OR config_preferences.name LIKE 'timeout.%%')"
-                  " AND config_preferences.name != 'max_checks'"
-                  " AND config_preferences.name != 'max_hosts'"
-                  " UNION"
-
-diff --git a/src/manage_sql.c b/src/manage_sql.c
-index 99ee86f..3ce495c 100644
---- a/src/manage_sql.c
-+++ b/src/manage_sql.c
-@@ -28550,7 +28550,7 @@ report_port_count (report_t report)
- {
-   return sql_int ("SELECT count (DISTINCT port) FROM results"
-                   " WHERE report = %llu AND port != ''"
--                  "  AND port NOT %s 'general/%';",
-+                  "  AND port NOT %s 'general/%%';",
-                   report,
-                   sql_ilike_op ());
- }
+diff --git a/src/manage_pg.c b/src/manage_pg.c
+index e91b9f9..d6aa3b9 100644
+--- a/src/manage_pg.c
++++ b/src/manage_pg.c
+@@ -679,7 +679,7 @@ manage_create_sql_functions ()
+            " BEGIN"
+            "   CASE"
+            "   WHEN NOT valid_db_resource_type ($1)"
+-           "   THEN RAISE EXCEPTION 'Invalid resource type argument: %', $1;"
++           "   THEN RAISE EXCEPTION 'Invalid resource type argument: %%', $1;"
+            "   WHEN $1 = 'note'"
+            "        AND $3 = "  G_STRINGIFY (LOCATION_TABLE)
+            "   THEN RETURN (SELECT 'Note for: '"
+@@ -942,7 +942,7 @@ manage_create_sql_functions ()
+        "   ELSIF $1 > 0.0 AND $1 <= 10.0 THEN"
+        "     RETURN 'Alarm';"
+        "   ELSE"
+-       "     RAISE EXCEPTION 'Invalid severity score given: %', $1;"
++       "     RAISE EXCEPTION 'Invalid severity score given: %%', $1;"
+        "   END IF;"
+        " END;"
+        "$$ LANGUAGE plpgsql"
diff --git a/community/gvmd/fix-gvm-port-update-name-and-backend.patch b/community/gvmd/fix-gvm-port-update-name-and-backend.patch
new file mode 100644
index 0000000000..b10f52c12a
--- /dev/null
+++ b/community/gvmd/fix-gvm-port-update-name-and-backend.patch
@@ -0,0 +1,24 @@
+diff --git a/tools/gvm-portnames-update.in b/tools/gvm-portnames-update.in
+index ab49349..4d71471 100644
+--- a/tools/gvm-portnames-update.in
++++ b/tools/gvm-portnames-update.in
+@@ -20,9 +20,7 @@
+ # Update Port Names data.
+ 
+ POSTGRES=0
+-if [ "@BACKEND@" = "POSTGRESQL" ]; then
+-  POSTGRES=1
+-fi
++psql -d gvmd -c '\q' && POSTGRES=1;
+ 
+ do_help () {
+   echo "Update port names data from a port names XML file.";
+@@ -31,7 +29,7 @@ do_help () {
+   echo "In order to update the DB, download the port names list and";
+   echo "provide its path as an argument to this script.";
+   echo " $ wget http://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xml";
+-  echo " $ openvas-portnames-update service-names-port-numbers.xml";
++  echo " $ gvm-portnames-update service-names-port-numbers.xml";
+   echo " $ rm service-names-port-numbers.xml";
+   exit 0
+ }
diff --git a/community/gvmd/gvmd.confd b/community/gvmd/gvmd.confd
index 261836037d..59c3ef6a96 100644
--- a/community/gvmd/gvmd.confd
+++ b/community/gvmd/gvmd.confd
@@ -1,13 +1,16 @@
-#Manager listens on given address - by default manager listens on all addresses
-MANAGER_LISTEN=--listen=127.0.0.1
+# e.g --foreground
+GVMD_OPTIONS=""
 
-#Manager listens on given port - by default 9390
-MANAGER_PORT=--port=9390
+GVMD_LISTEN_ADDRESS_UNIX="--unix-socket=/var/run/gvmd.sock"
+GVMD_SCANNER_HOST="--scanner-host=/tmp/ospd.sock"
+GVMD_LISTEN_OWNER="--listen-owner=gvm"
+GVMD_LISTEN_GROUP="--listen-group=gvm"
+GVMD_LISTEN_MODE="--listen-mode=755"
+GVMD_GNUTLS_PRIORITIES="--gnutls-priorities=SECURE256:+SUITEB192:+SECURE192:+SECURE128:+SUITEB128:-MD5:-SHA1:-VERS-TLS1.0:-VERS-TLS1.1:-VERS-SSL3.0"
 
-MANAGER_EXTRA_ARGS=""
+#Manager listens on given address - by default manager listens on all addresses
+GVMD_LISTEN_ADDRESS_TCP="--listen=127.0.0.1"
 
-#Contact scanner on given address
-SCANNER_LISTEN="--scanner-host=127.0.0.1"
+#Manager listens on given port - by default 9390
+GVMD_PORT="--port=9390"
 
-#Scanner listens on given port - by default 9391
-SCANNER_PORT="--scanner-port=9391"
diff --git a/community/gvmd/gvmd.initd b/community/gvmd/gvmd.initd
index 021f7937ad..72f2067e48 100644
--- a/community/gvmd/gvmd.initd
+++ b/community/gvmd/gvmd.initd
@@ -5,15 +5,17 @@
 
 name="Greenbone Vulnerability Manager"
 command=/usr/bin/gvmd
-command_args="${MANAGER_LISTEN} ${MANAGER_PORT} ${SCANNER_LISTEN} ${SCANNER_PORT} ${MANAGER_EXTRA_ARGS}"
-pidfile="/run/gvmd.pid"
+command_args="${GVMD_OPTIONS} ${GVMD_LISTEN_ADDRESS_TCP} ${GVMD_PORT} ${GVMD_SCANNER_HOST} ${GVMD_GNUTLS_PRIORITIES}"
+command_user="gvm"
+pidfile="/var/lib/gvm/${RC_SVCNAME}.pid"
 
 depend() {
 	after bootmisc
-	need localmount net openvassd
+	need localmount net ospd-openvas
 }
 
 start_pre() {
-	checkpath --directory --mode 0775 --quiet /var/cache/openvas
+	checkpath --directory --owner $command_user:$command_user --mode 0775 \
+		/var/lib/gvm
 }
 
diff --git a/community/gvmd/gvmd.logrotate b/community/gvmd/gvmd.logrotate
index c7708289d0..453462575f 100644
--- a/community/gvmd/gvmd.logrotate
+++ b/community/gvmd/gvmd.logrotate
@@ -1,11 +1,13 @@
-# logrotate for gvmd
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+# Daemon ignore HUP so we use 'copytruncate' instead of 'create' 
+# with safe file size to prevent losing log entries.
+
 /var/log/gvm/gvmd.log {
-    rotate 4
-    weekly
-    compress
-    delaycompress
-    missingok
-    postrotate
-    /bin/kill -HUP `pidof gvmd`
-    endscript
+	compress
+	missingok
+	notifempty
+	sharedscripts
+	copytruncate
+	maxsize 10M
 }
diff --git a/community/gvmd/lockfile.patch b/community/gvmd/lockfile.patch
new file mode 100644
index 0000000000..492675295e
--- /dev/null
+++ b/community/gvmd/lockfile.patch
@@ -0,0 +1,38 @@
+diff --git a/tools/greenbone-certdata-sync.in b/tools/greenbone-certdata-sync.in
+index 97bccf9..a89a3ce 100644
+--- a/tools/greenbone-certdata-sync.in
++++ b/tools/greenbone-certdata-sync.in
+@@ -494,13 +494,11 @@ then
+ fi
+ (
+   flock -n 9
+-  date > $LOCK_FILE
+   if [ $? -eq 1 ] ; then
+     log_notice "Sync in progress, exiting."
+     exit 1
+   fi
+   sync_certdata
+-  echo -n > $LOCK_FILE
+-) 9>$LOCK_FILE
++)
+ 
+ exit 0
+diff --git a/tools/greenbone-scapdata-sync.in b/tools/greenbone-scapdata-sync.in
+index b54e251..7aec26d 100644
+--- a/tools/greenbone-scapdata-sync.in
++++ b/tools/greenbone-scapdata-sync.in
+@@ -517,13 +517,11 @@ then
+ fi
+ (
+   flock -n 9
+-  date > $LOCK_FILE
+   if [ $? -eq 1 ] ; then
+     log_notice "Sync in progress, exiting."
+     exit 1
+   fi
+   sync_scapdata
+-  echo -n > $LOCK_FILE
+-) 9>$LOCK_FILE
++)
+ 
+ exit 0