commit: db4a3bd39e18f891e661f1815a2c95b722a22359 Author: Giuseppe Foti <foti.giuseppe <AT> gmail <DOT> com> AuthorDate: Mon Jun 19 08:05:09 2023 +0000 Commit: Florian Schmaus <flow <AT> gentoo <DOT> org> CommitDate: Mon Jul 3 08:15:26 2023 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=db4a3bd3
net-analyzer/greenbone-feed-sync: new package, add 23.6.0 Signed-off-by: Giuseppe Foti <foti.giuseppe <AT> gmail.com> Closes: https://github.com/gentoo/gentoo/pull/31106 Signed-off-by: Florian Schmaus <flow <AT> gentoo.org> net-analyzer/greenbone-feed-sync/Manifest | 1 + .../files/greenbone-feed-sync.cron | 7 +++ .../files/greenbone-feed-sync.service | 11 ++++ .../files/greenbone-feed-sync.timer | 9 +++ .../greenbone-feed-sync-23.6.0.ebuild | 71 ++++++++++++++++++++++ net-analyzer/greenbone-feed-sync/metadata.xml | 22 +++++++ profiles/features/musl/package.mask | 1 + 7 files changed, 122 insertions(+) diff --git a/net-analyzer/greenbone-feed-sync/Manifest b/net-analyzer/greenbone-feed-sync/Manifest new file mode 100644 index 000000000000..04427bbb47c1 --- /dev/null +++ b/net-analyzer/greenbone-feed-sync/Manifest @@ -0,0 +1 @@ +DIST greenbone-feed-sync-23.6.0.tar.gz 65420 BLAKE2B f5f30867ff47f10832b175de1c04136d9b42d7662f679f1f87d00684aacde575093a7c199566c04959faa8b26373d4b3e64cc6e7afaf6bca0f80aab095b0d40f SHA512 20427f183ef2c278c96d39ff9ad82e8cbadae12fb2ef4518186993b67dd4c0f5de4a11f375684154daa530c8807dfda07d654a15e580f7886fcedf285531829d diff --git a/net-analyzer/greenbone-feed-sync/files/greenbone-feed-sync.cron b/net-analyzer/greenbone-feed-sync/files/greenbone-feed-sync.cron new file mode 100644 index 000000000000..5b3755982966 --- /dev/null +++ b/net-analyzer/greenbone-feed-sync/files/greenbone-feed-sync.cron @@ -0,0 +1,7 @@ +#!/bin/sh +# +# To enable sync via cron, execute "sudo -u gvm touch /etc/gvm/cron-feed-sync-enabled" +if [[ ! -f /etc/gvm/cron-feed-sync-enabled ]]; then + exit +fi +sudo -u gvm /usr/bin/greenbone-feed-sync --quiet --type all diff --git a/net-analyzer/greenbone-feed-sync/files/greenbone-feed-sync.service b/net-analyzer/greenbone-feed-sync/files/greenbone-feed-sync.service new file mode 100644 index 000000000000..987fe731d47b --- /dev/null +++ b/net-analyzer/greenbone-feed-sync/files/greenbone-feed-sync.service @@ -0,0 +1,11 @@ +[Unit] +Description=sync the Greenbone Community Feed + +[Service] +Type=oneshot +ExecStart=/usr/bin/greenbone-feed-sync --quiet --type all +SyslogIdentifier=greenbone-feed-sync +User=gvm + +[Install] +WantedBy=multi-user.target diff --git a/net-analyzer/greenbone-feed-sync/files/greenbone-feed-sync.timer b/net-analyzer/greenbone-feed-sync/files/greenbone-feed-sync.timer new file mode 100644 index 000000000000..9faf470e013c --- /dev/null +++ b/net-analyzer/greenbone-feed-sync/files/greenbone-feed-sync.timer @@ -0,0 +1,9 @@ +[Unit] +Description=Daily update of all feeds of the Greenbone Vulerability Management (GMV) suite + +[Timer] +OnCalendar=daily +RandomizedDelaySec=2hour + +[Install] +WantedBy=timers.target diff --git a/net-analyzer/greenbone-feed-sync/greenbone-feed-sync-23.6.0.ebuild b/net-analyzer/greenbone-feed-sync/greenbone-feed-sync-23.6.0.ebuild new file mode 100644 index 000000000000..ade285666c24 --- /dev/null +++ b/net-analyzer/greenbone-feed-sync/greenbone-feed-sync-23.6.0.ebuild @@ -0,0 +1,71 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +PYTHON_COMPAT=( python3_{9..11} ) +DISTUTILS_USE_PEP517=poetry +inherit distutils-r1 systemd + +DESCRIPTION="New script for syncing the Greenbone Community Feed" +HOMEPAGE="https://github.com/greenbone/greenbone-feed-sync"; +SRC_URI="https://github.com/greenbone/greenbone-feed-sync/archive/refs/tags/v${PV}.tar.gz -> ${P}.tar.gz" + +SLOT="0" +LICENSE="GPL-3+" +KEYWORDS="~amd64 ~x86" +IUSE="cron" +RESTRICT="test" + +DEPEND=" + acct-user/gvm + net-misc/rsync + >=net-analyzer/gvmd-22.5.0 + dev-python/tomli[${PYTHON_USEDEP}] + dev-python/rich[${PYTHON_USEDEP}] +" + +RDEPEND=" + ${DEPEND} + cron? ( virtual/cron ) +" + +python_compile() { + distutils-r1_python_compile +} + +python_install() { + distutils-r1_python_install + + #greenbone-feed-sync should not be run as root to avoid changing file permissions + insinto /etc/sudoers.d + newins - greenbone-feed-sync <<-EOF + gvm ALL = NOPASSWD: /usr/bin/greenbone-feed-sync +EOF + + if use cron ; then + exeinto /etc/cron.daily + newexe "${FILESDIR}"/${PN}.cron ${PN} + fi + + systemd_dounit "${FILESDIR}/${PN}.timer" "${FILESDIR}/${PN}.service" +} + +pkg_postinst() { + if [[ -n ${REPLACING_VERSIONS} ]]; then + return + fi + + if use cron ; then + elog + elog "Edit ${EROOT}/etc/cron.weekly/greenbone-feed-sync to activate daily feed update!" + elog + fi + + if systemd_is_booted; then + elog + elog "To enable the systemd timer, run the following command:" + elog " systemctl enable --now greenbone-feed-sync.timer" + elog + fi +} diff --git a/net-analyzer/greenbone-feed-sync/metadata.xml b/net-analyzer/greenbone-feed-sync/metadata.xml new file mode 100644 index 000000000000..7f358764088e --- /dev/null +++ b/net-analyzer/greenbone-feed-sync/metadata.xml @@ -0,0 +1,22 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd";> +<pkgmetadata> + <maintainer type="person" proxied="yes"> + <email>foti.giuse...@gmail.com</email> + <name>Giuseppe Foti</name> + </maintainer> + <maintainer type="project" proxied="proxy"> + <email>proxy-ma...@gentoo.org</email> + <name>Proxy Maintainers</name> + </maintainer> + <use> + <flag name="cron">Adds file to enable daily cron job to update Greenbone Community Feed's data"</flag> + </use> + <longdescription lang="en"> + This is the new script for syncing the Greenbone Community Feed. + The greenbone-nvt-sync script was previously installed by net-analyzer/openvas-scanner. + </longdescription> + <upstream> + <remote-id type="github">greenbone/greenbone-feed-sync</remote-id> + </upstream> +</pkgmetadata> diff --git a/profiles/features/musl/package.mask b/profiles/features/musl/package.mask index f539037e9028..f6248dd0f9c2 100644 --- a/profiles/features/musl/package.mask +++ b/profiles/features/musl/package.mask @@ -74,6 +74,7 @@ sys-apps/noexec # New packages that require packages masked by the previous block. dev-db/pg-gvm net-analyzer/notus-scanner +net-analyzer/greenbone-feed-sync # Petr Vaněk <arka...@atlas.cz> (2022-09-23) # Musl does not implement rresvport function, bugs #713810 and #713376.
