DePriest, Jason R wrote:
> So the question originally asked hasn't really been answered.
I am using the Nessus version that is maintained by Javier
Fernandez-Sanguino for Debian GNU/Linux.
The bundeled installation files are stored on Debian GNU/Linux servers
and their mirrors for download.
(...)
Just to give you a new option you might have not considered. Debian
distributes worldwide both the binary packages (for 11 architectures)
and the sources. The sources distributed include the _original_ nessus
sources (your can run a MD5/ SHA-a checksum check to verify) and the
Debian-specific patches. Just take a look, for example, to the bottom
of http://packages.debian.org/unstable/admin/nessusd
You could do this for every Nessus package in Debian, if you wanted to
use the Nessus sources but download them from www.nessus.org instead
from a Debian mirror:
- download the .dsc and .diff.gz files from Debian (for the example
above that would be
http://ftp.debian.org/debian/pool/main/n/nessus-core/nessus-core_2.2.5-1.dsc
and
http://ftp.debian.org/debian/pool/main/n/nessus-core/nessus-core_2.2.5-1.diff.gz)
- download the original source code from Nessus main site
(ftp://ftp.nessus.org/pub/nessus/nessus-2.2.5/src/nessus-core-2.2.5.tar.gz
in the example)
- run 'dpkg-source -x nessus-core_2.2.5-1.dsc' . That generates a
nessus-core-2.2.5 source tree with the original sources + Debian
patches applied
- run 'dpkg-buildpackage -rfakeroot' in the source code tree. That
generates the nessusd (the server), nessus (the client), and
nessus-dev Debian packages. You _will_ need the build dependancies
(i.e. development libraries) first, dpkg-buildpackage will tell you
which packages you need to download.
You can actually automate all this process (including build
dependencies) as follows:
1.- Run 'apt-get build-dep nessus-core libnasl nessus-libraries
nessus-plugins' to download all the build depencies
2.- Run 'apt-get source nessus-core libnasl nessus-libraries
nessus-plugins' to download all the sources distributed in Debian
3.- Replace the orig.tar.gz files from Debian with the tar.gz files at
ftp://ftp.nessus.org/pub/nessus/
[ Note: They _should_ be byte by byte identical in any case, but it
seems you need to do this to comply with the Tenable license based on
Ron Gula's explanation]
4.- Compile all the sources doing this:
a- cd libnessus-* && dpkg-buildpackage -rfakeroot
[ install libnessus packages ]
b- cd libnasl-* && dpkg-buildpackage -rfakeroot
[ install libnasl packages ]
c- cd nessus-plugins-* && dpkg-buildpackage -rfakeroot
d- cd nessus-core-* && dpkg-buildpackage -rfakeroot
[ install all remaining Nessus packages ]
Note1: you can use 'fakeroot debian/rules binary' instead of
dpkg-buildpackage. The later will produce a warning in the end of the
run since it will not be able to sign the packages with _my_ GPG key
:-) (unless you specify an alternate key with the -k option)
Note2: All the process takes 1-2 hours if you are using a system with
sufficient power and memory and a good (bandwith-wise) Debian mirror.
That's it. I've just shown you how to convert your _binary_ only
Debian package system into something more similar to the BSD ports,
downloading the original source from the Internet, downloading all the
libraries needed to build it, patching it for Debian and compiling it
in your Debian system to generate native packages that will be
generated by the package management system.
Hint: This is even similar to what you can do to build Debian packages
of new sources (when a new version is available and the Debian have
not been updated yet). It's a little bit more tricky, however, take a
look at the 'debian/new-packages.sh' script in the Debian nessus-core
package.
Also, this might be an easier way for people running Debian to
generate packages (even if more steps are involved) that running the
Nessus 2.2.5 installer script from nessus.org as the script will not
be able to automatically download all the library packages you need to
build Nessus (i.e. the 'build dependencies' in Debian).
Hope that helps.
Javier
_______________________________________________
Nessus mailing list
[email protected]
http://mail.nessus.org/mailman/listinfo/nessus
