Hello community, here is the log from the commit of package openvas-scanner for openSUSE:Factory checked in at Mon Apr 4 13:04:37 CEST 2011.
-------- --- openvas-scanner/openvas-scanner.changes 2011-02-21 12:52:24.000000000 +0100 +++ /mounts/work_src_done/STABLE/openvas-scanner/openvas-scanner.changes 2011-02-23 19:52:26.000000000 +0100 @@ -2 +2 @@ -Mon Feb 21 11:52:09 UTC 2011 - [email protected] +Wed Feb 23 18:40:30 UTC 2011 - [email protected] @@ -4,6 +4,142 @@ -- prereq openssl tool for %post script - -------------------------------------------------------------------- -Mon Jul 5 02:58:51 UTC 2010 - [email protected] - -- Fix mktemp since openvas-nvt-sync wont work otherwise. +- Updated to 3.2.2 + * The last bashism has been removed from the openvas-nvt-sync synchronization + script. + * The greenbone-nvt-sync script now logs additional information during + synchronization. + * An unimplemented and superfluous function declaration has been removed. + * The openvassd man page has been updated. + * The build environment has been consolidated. + * The greenbone-nvt-sync script has been improved. + * OpenVAS Scanner now sets a default value for the "unscanned_closed" + preference. + +------------------------------------------------------------------- +Fri Feb 4 20:00:04 UTC 2011 - [email protected] + +- Updated to 3.2.0 + * The sync scripts have been updated. + * OpenVAS Scanner now uses pkg-config to find libraries. + * Installation of the openvas-services file has been moved to openvas-libraries. + * Filesystem Hierarchy Standard (FHS 2.3) compliance has been improved. + +------------------------------------------------------------------- +Wed Jan 26 17:23:26 UTC 2011 - [email protected] + +- Updated to 3.1.99.2 + * Improved output of --version + * Comprehensive code cleanup + * Binary (.nes) plugins we moved to libraries and turned into builtin + NASL methods. + * Removed handling of binary plugins as we don't want to have them ever + again. + * Added preferences for the vhost feature so that clients get them + and can offer them to the user. In other words: unhide the vhost feature. + * Default port is now 9391 where the OpenVAS Manager expects the + Scanner by default. + * Command line options "--dump-cfg" and "--gen-config" are removed. + * openvassd does not need anymore a "openvassd.conf" file. It uses + its defaults and a possibly present conf-file can overwrite settings. + * openvas-mkcert got a additional switch "-f" to force overwriting + certificates. + * openvas-mkcert does not create a openvassd.conf anymore as it shares + the defaults with openvassd. + +------------------------------------------------------------------- +Mon Dec 20 12:38:13 UTC 2010 - [email protected] + +- Updated to 3.1.99.1 + * Debug messages during the use of shared sockets are no longer logged unless + requested during compile time. + * A number of compiler warnings from gcc 4.4 has been addressed. + * Hardening flags are now enabled during compile time to increase code quality. + * openvas-scanner now listens on an IPv4 socket by default, even when IPv6 + support is present. + +------------------------------------------------------------------- +Mon Dec 6 17:51:10 UTC 2010 - [email protected] + +- Updated to 3.1.98.2 + * A compiler warning regarding an incorrect function declaration in + openvas_tcp_scanner has been addressed. + * A compiler warning regarding incorrect pointer casts in find_service has been + addressed. + * A compiler warning regarding the type of a return value in openvassd has been + addressed. + * An issue which caused openvassd to refuse to scan certain hosts even when + permitted by rules has been fixed. + * An issue which caused openvassd to abort the scan process prematurely under + certain circumstances has been fixed. + +------------------------------------------------------------------- +Fri Dec 3 16:27:35 UTC 2010 - [email protected] + +- Updated to 3.1.98.1 + * Network level scan support. + * Removed unnecessary log entries. + * Include paths have been updated to match with openvas-libraries 4.0. + +------------------------------------------------------------------- +Sun Oct 31 18:08:59 UTC 2010 - [email protected] + +- Updated to 3.1.1 + * The code documentation infrastructure has been improved. + * The license situation of the individual source code files has been clarified. + * Obsolete support for systems without entropy generation has been removed. + * A bug which caused the client certificate generation to fail under certain + circumstances has been fixed. + +------------------------------------------------------------------- +Wed Jul 14 17:14:51 UTC 2010 - [email protected] + +- Updated to 3.1.0 + * Support for storing scanner passwords in plaintext has been removed. + * Support for dropping privileges in NASL and NES NVTs had been added. + * Support for scanning virtual web hosts has been added. + * The handling of NVTs with an invalid timestamp has been improved. + * A bug in the openvas-nvt-sync script which prevented synchronization via http + under certain circumstances has been fixed. + * Support for retrieving the version of the NVT collection has been added to the + openvas-nvt-sync and greenbone-nvt-sync scripts. + * Support for soft pausing of scans has been added. + * Support for automatically installing generated certificate file has been added + to the openvas-mkcert-client script. + * The obsolete C based NVT "ssl_cipher" has been removed from the + openvas-scanner module. It has been replaced by the NASL implementation + "secpod_ssl_ciphers.nasl". + * Support for storing an uploaded preference file in memory instead of on disk + has been added. + +------------------------------------------------------------------- +Fri Jul 2 20:52:03 UTC 2010 - [email protected] + +- Updated to 3.1.0.rc3 + * Support for storing scanner passwords in plaintext has been removed. + +------------------------------------------------------------------- +Mon Jun 28 16:41:48 UTC 2010 - [email protected] + +- Updated to 3.1.0.rc2 + * The support scripts for feed synchronization have been updated. + * Support for dropping privileges in NASL and NES NVTs had been added. + * Support for scanning virtual web hosts has been added. + * The handling of NVTs with an invalid timestamp has been improved. + +------------------------------------------------------------------- +Wed May 19 17:53:09 UTC 2010 - [email protected] + +- Updated to 3.1.0.rc1 + * A bug in the openvas-nvt-sync script which prevented synchronization via http + under certain circumstances has been fixed. + * The build environment for C based NVTs has been cleaned up. + * Code formatting has been improved in a number of files to match the coding + style. + * Support for retrieving the version of the NVT collection has been added to the + openvas-nvt-sync and greenbone-nvt-sync scripts. + * Support for soft pausing of scans has been added. + * Support for automatically installing generated certificate file has been added + to the openvas-mkcert-client script. + * The obsolete C based NVT "ssl_cipher" has been removed from the + openvas-scanner module. It has been replaced by the NASL implementation + "secpod_ssl_ciphers.nasl". + * Support for storing an uploaded preference file in memory instead of on disk + has been added. @@ -22 +158 @@ -Fri Feb 5 11:03:16 UTC 2010 - [email protected] +Fri Feb 05 11:03:16 UTC 2010 - [email protected] @@ -39 +175 @@ -Fri Jan 8 11:25:58 UTC 2010 - [email protected] +Fri Jan 08 11:25:58 UTC 2010 - [email protected] @@ -55 +191,17 @@ -Mon Dec 7 18:00:31 CEST 2009 - [email protected] +Mon Dec 07 00:00:00 CET 2009 - [email protected] + +- Added sysconfdir/openvas/gnupg directory to files section. +- Install logrotate and init script to locations that match the package name (suse conditioned). +- Updated to 3.0.0.rc1 +------------------------------------------------------------------- +Thu Dec 03 00:00:00 CET 2009 - [email protected] + +- Added and install configuration file, uncommented cache and log directories. + +------------------------------------------------------------------- +Wed Jun 03 00:00:00 CEST 2009 - [email protected] + +- Updated to 2.0.2 + +------------------------------------------------------------------- +Wed Feb 18 00:00:00 CET 2009 - [email protected] @@ -57 +209 @@ -- Added /etc/openvas/gnupg directory. +- Updated to 2.0.1 @@ -60 +212 @@ -Thu Dec 3 10:35:48 CEST 2009 - [email protected] +Sun Dec 21 00:00:00 CET 2008 - [email protected] @@ -62,2 +214,19 @@ -- Uncommented cache and log directories in spec file. - Added default configuration file, install it. +- Updated to 2.0.0 + +------------------------------------------------------------------- +Mon Aug 25 00:00:00 CEST 2008 - [email protected] + +- Updated to 1.0.2 + +------------------------------------------------------------------- +Mon Aug 11 00:00:00 CEST 2008 - [email protected] + +- Init.d script added + ++++ 9 more lines (skipped) ++++ between openvas-scanner/openvas-scanner.changes ++++ and /mounts/work_src_done/STABLE/openvas-scanner/openvas-scanner.changes calling whatdependson for head-i586 Old: ---- openvas-scanner-3.0.2-MKTEMP.patch openvas-scanner-3.0.2.tar.gz openvassd.conf New: ---- Readme.txt debian.changelog debian.compat debian.control debian.openvas-scanner.dirs debian.openvas-scanner.init debian.openvas-scanner.install debian.openvas-scanner.logrotate debian.openvas-scanner.postinst debian.openvas-scanner.postrm debian.openvas-scanner.prerm debian.rules openvas-scanner-3.2.2.tar.gz openvas-scanner.dsc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ openvas-scanner.spec ++++++ --- /var/tmp/diff_new_pack.X6KRxl/_old 2011-04-04 13:02:31.000000000 +0200 +++ /var/tmp/diff_new_pack.X6KRxl/_new 2011-04-04 13:02:31.000000000 +0200 @@ -19,9 +19,9 @@ Name: openvas-scanner -Version: 3.0.2 -Release: 8 -License: GNU GPLv2 +Version: 3.2.2 +Release: 1 +License: GPLv2 Group: Productivity/Networking/Security Url: http://www.openvas.org Source0: %{name}-%{version}.tar.gz @@ -30,35 +30,26 @@ Source3: openvassd.init.suse Source4: openvassd.init.fedora Source5: openvassd.init.mandriva -Source6: openvassd.conf -Patch0: openvas-scanner-3.0.2-MKTEMP.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build -%if 0%{?suse_version} -BuildRequires: libgpgme-devel -PreReq: %insserv_prereq -PreReq: %fillup_prereq openssl -%endif - %if 0%{?mandriva_version} -BuildRequires: gpgme-devel -%if 0%{?mandriva_version} == 2009 -BuildRequires: pinentry-gtk -%endif -%if 0%{?mandriva_version} > 200900 BuildRequires: pinentry-gtk2 %endif -%endif -%if 0%{?fedora_version} -BuildRequires: gpgme-devel +%if 0%{?suse_version} +PreReq: %insserv_prereq +PreReq: %fillup_prereq +%if 0%{?suse_version} > 1130 +BuildRequires: openssl +%endif %endif +BuildRequires: cmake BuildRequires: glib2-devel -BuildRequires: gnutls-devel >= 2.0.3 -BuildRequires: libopenvas-devel >= 3.0.0 -BuildRequires: libpcap-devel +BuildRequires: libopenvas-devel >= 4.0.0 +BuildRequires: pkgconfig Requires: logrotate +Requires: openssl Requires: rsync Summary: The Scanner Module for OpenVAS @@ -68,25 +59,25 @@ %prep %setup -q -%patch0 %build %if 0%{?mandriva_version} %serverbuild -# Otherwise the .nes plugins don't get build -aclocal -%__autoconf %endif -#prevent the key generation script from putting the keys in /usr/com (sharedstatedir default) -%configure --sharedstatedir=%{_localstatedir}/lib --enable-syslog +export CFLAGS="$RPM_OPT_FLAGS" + +cmake -DCMAKE_VERBOSE_MAKEFILE=ON \ + -DCMAKE_INSTALL_PREFIX=%{_prefix} \ + -DSYSCONFDIR=%{_sysconfdir} \ + -DLIBDIR=%{_libdir} \ + -DLOCALSTATEDIR=%{_localstatedir} \ + -DCMAKE_BUILD_TYPE=release %__make %{?_smp_mflags} %install %__make install DESTDIR=%{buildroot} %__install -Dm 0644 %{_sourcedir}/openvassd.logrotate %{buildroot}%{_sysconfdir}/logrotate.d/openvas-scanner -%__install -Dm 0644 %{_sourcedir}/openvassd.conf %{buildroot}%{_sysconfdir}/openvas/ -%__sed -i -e "s|/usr/lib/openvas/plugins|%{_libdir}/openvas/plugins|g" %{buildroot}%{_sysconfdir}/openvas/openvassd.conf %if 0%{?suse_version} %__install -Dm 0755 %{_sourcedir}/openvassd.init.suse %{buildroot}%{_initrddir}/openvas-scanner @@ -94,7 +85,7 @@ %__install -Dm 0644 %{_sourcedir}/debian.openvas-scanner.default %{buildroot}%{_var}/adm/fillup-templates/sysconfig.openvas-scanner %endif -%if 0%{?fedora_version} +%if 0%{?fedora_version} || 0%{?scientificlinux_version} %__install -Dm 0755 %{_sourcedir}/openvassd.init.fedora %{buildroot}%{_initrddir}/openvas-scanner %__install -Dm 0644 %{_sourcedir}/debian.openvas-scanner.default %{buildroot}%{_sysconfdir}/sysconfig/openvas-scanner %endif @@ -104,6 +95,8 @@ %__install -Dm 0644 %{_sourcedir}/debian.openvas-scanner.default %{buildroot}%{_sysconfdir}/sysconfig/openvas-scanner %endif +%__mkdir_p %{buildroot}%{_localstatedir}/cache/openvas +%__mkdir_p %{buildroot}%{_localstatedir}/lib/openvas %__mkdir_p %{buildroot}%{_localstatedir}/log/openvas touch %{buildroot}%{_localstatedir}/log/openvas/greenbone-nvt-sync.log touch %{buildroot}%{_localstatedir}/log/openvas/openvassd.dump @@ -126,7 +119,7 @@ %_post_service openvas-scanner %endif -%if 0%{?fedora_version} +%if 0%{?fedora_version} || 0%{?scientificlinux_version} # only rpm -i (not rpm {-U|-F}) if [ $1 = 1 ]; then /sbin/chkconfig --add openvas-scanner @@ -142,7 +135,7 @@ %_preun_service openvas-scanner %endif -%if 0%{?fedora_version} +%if 0%{?fedora_version} || 0%{?scientificlinux_version} # only rpm -e (not rpm {-U|-F}) if [ $1 = 0 ]; then /sbin/service openvas-scanner stop > /dev/null 2>&1 || : @@ -156,7 +149,7 @@ %insserv_cleanup %endif -%if 0%{?fedora_version} +%if 0%{?fedora_version} || 0%{?scientificlinux_version} # only rpm {-U|-F} (not rpm -e) if [ $1 = 1 ]; then /sbin/service openvas-scanner condrestart @@ -167,29 +160,22 @@ %defattr(-,root,root) %doc CHANGES COPYING ChangeLog README %config(noreplace) %{_sysconfdir}/logrotate.d/openvas-scanner -%dir %{_sysconfdir}/openvas -%dir %{_sysconfdir}/openvas/gnupg -%config(noreplace) %{_sysconfdir}/openvas/openvassd.conf %{_initrddir}/openvas-scanner -%{_bindir}/openvas-mkcert-client -%{_bindir}/openvas-mkrand %{_sbindir}/greenbone-nvt-sync %{_sbindir}/openvas-adduser %{_sbindir}/openvas-mkcert +%{_sbindir}/openvas-mkcert-client %{_sbindir}/openvas-nvt-sync %{_sbindir}/openvas-rmuser %{_sbindir}/openvassd -%dir %{_libdir}/openvas -%{_libdir}/openvas/plugins -%{_mandir}/man1/openvas-mkcert-client.1* -%{_mandir}/man1/openvas-mkrand.1* +%{_mandir}/man8/greenbone-nvt-sync.8* %{_mandir}/man8/openvas-adduser.8* %{_mandir}/man8/openvas-mkcert.8* %{_mandir}/man8/openvas-nvt-sync.8* %{_mandir}/man8/openvas-rmuser.8* %{_mandir}/man8/openvassd.8* -%dir %{_localstatedir}/cache/openvas -%{_localstatedir}/lib/openvas +%ghost %{_localstatedir}/cache/openvas +%ghost %{_localstatedir}/lib/openvas %dir %{_localstatedir}/log/openvas %ghost %{_localstatedir}/log/openvas/greenbone-nvt-sync.log %ghost %{_localstatedir}/log/openvas/openvassd.dump @@ -201,5 +187,4 @@ %else %config(noreplace) %{_sysconfdir}/sysconfig/openvas-scanner %endif - %changelog ++++++ Readme.txt ++++++ Configuring OpenVAS 1. As a privileged user run openvas-mkcert 3. As a privileged user run openvas-adduser 4. Run openvassd 5. Use a client like openvas-client. Connect and have fun! ++++++ debian.changelog ++++++ openvas-scanner (3.2.2-1) UNRELEASED; urgency=low * New upstream release - The last bashism has been removed from the openvas-nvt-sync synchronization script. - The greenbone-nvt-sync script now logs additional information during synchronization. - An unimplemented and superfluous function declaration has been removed. - The openvassd man page has been updated. - The build environment has been consolidated. - The greenbone-nvt-sync script has been improved. - OpenVAS Scanner now sets a default value for the "unscanned_closed" preference. -- Stephan Kleine <[email protected]> Wed, 23 Feb 2011 19:39:35 +0100 openvas-scanner (3.2.0-1) UNRELEASED; urgency=low * New upstream release - The sync scripts have been updated. - OpenVAS Scanner now uses pkg-config to find libraries. - Installation of the openvas-services file has been moved to openvas-libraries. - Filesystem Hierarchy Standard (FHS 2.3) compliance has been improved. -- Stephan Kleine <[email protected]> Fri, 04 Feb 2011 20:56:40 +0100 openvas-scanner (3.1.99.2-1) UNRELEASED; urgency=low * New upstream release - Improved output of --version - Comprehensive code cleanup - Binary (.nes) plugins we moved to libraries and turned into builtin NASL methods. - Removed handling of binary plugins as we don't want to have them ever again. - Added preferences for the vhost feature so that clients get them and can offer them to the user. In other words: unhide the vhost feature. - Default port is now 9391 where the OpenVAS Manager expects the Scanner by default. - Command line options "--dump-cfg" and "--gen-config" are removed. - openvassd does not need anymore a "openvassd.conf" file. It uses its defaults and a possibly present conf-file can overwrite settings. - openvas-mkcert got a additional switch "-f" to force overwriting certificates. - openvas-mkcert does not create a openvassd.conf anymore as it shares the defaults with openvassd. -- Stephan Kleine <[email protected]> Tue, 25 Jan 2011 18:59:27 +0100 openvas-scanner (3.1.99.1-1) UNRELEASED; urgency=low * New upstream release - Debug messages during the use of shared sockets are no longer logged unless requested during compile time. - A number of compiler warnings from gcc 4.4 has been addressed. - Hardening flags are now enabled during compile time to increase code quality. - openvas-scanner now listens on an IPv4 socket by default, even when IPv6 support is present. -- Stephan Kleine <[email protected]> Mon, 20 Dec 2010 13:39:52 +0100 openvas-scanner (3.1.98.2-1) UNRELEASED; urgency=low * New upstream release - A compiler warning regarding an incorrect function declaration in openvas_tcp_scanner has been addressed. - A compiler warning regarding incorrect pointer casts in find_service has been addressed. - A compiler warning regarding the type of a return value in openvassd has been addressed. - An issue which caused openvassd to refuse to scan certain hosts even when permitted by rules has been fixed. - An issue which caused openvassd to abort the scan process prematurely under certain circumstances has been fixed. -- Stephan Kleine <[email protected]> Mon, 06 Dec 2010 18:51:59 +0100 openvas-scanner (3.1.98.1-1) UNRELEASED; urgency=low * New upstream release - Network level scan support. - Removed unnecessary log entries. - Include paths have been updated to match with openvas-libraries 4.0. -- Stephan Kleine <[email protected]> Fri, 03 Dec 2010 17:26:34 +0100 openvas-scanner (3.1.1-1) UNRELEASED; urgency=low * New upstream release - The code documentation infrastructure has been improved. - The license situation of the individual source code files has been clarified. - Obsolete support for systems without entropy generation has been removed. - A bug which caused the client certificate generation to fail under certain circumstances has been fixed. -- Stephan Kleine <[email protected]> Sun, 31 Oct 2010 19:09:26 +0100 openvas-scanner (3.1.0-1) UNRELEASED; urgency=low * New upstream release - Support for storing scanner passwords in plaintext has been removed. - Support for dropping privileges in NASL and NES NVTs had been added. - Support for scanning virtual web hosts has been added. - The handling of NVTs with an invalid timestamp has been improved. - A bug in the openvas-nvt-sync script which prevented synchronization via http under certain circumstances has been fixed. - Support for retrieving the version of the NVT collection has been added to the openvas-nvt-sync and greenbone-nvt-sync scripts. - Support for soft pausing of scans has been added. - Support for automatically installing generated certificate file has been added to the openvas-mkcert-client script. - The obsolete C based NVT "ssl_cipher" has been removed from the openvas-scanner module. It has been replaced by the NASL implementation "secpod_ssl_ciphers.nasl". - Support for storing an uploaded preference file in memory instead of on disk has been added. -- Stephan Kleine <[email protected]> Wed, 14 Jul 2010 19:13:20 +0100 openvas-scanner (3.1.0.rc3-1) UNRELEASED; urgency=low * New upstream release - Support for storing scanner passwords in plaintext has been removed. -- Stephan Kleine <[email protected]> Fri, 02 Jul 2010 22:52:18 +0100 openvas-scanner (3.1.0.rc2-1) UNRELEASED; urgency=low * New upstream release - The support scripts for feed synchronization have been updated. - Support for dropping privileges in NASL and NES NVTs had been added. - Support for scanning virtual web hosts has been added. - The handling of NVTs with an invalid timestamp has been improved. -- Stephan Kleine <[email protected]> Mon, 28 Jun 2010 18:42:55 +0100 openvas-scanner (3.1.0.rc1-1) UNRELEASED; urgency=low * New upstream release - A bug in the openvas-nvt-sync script which prevented synchronization via http under certain circumstances has been fixed. - The build environment for C based NVTs has been cleaned up. - Code formatting has been improved in a number of files to match the coding style. - Support for retrieving the version of the NVT collection has been added to the openvas-nvt-sync and greenbone-nvt-sync scripts. - Support for soft pausing of scans has been added. - Support for automatically installing generated certificate file has been added to the openvas-mkcert-client script. - The obsolete C based NVT "ssl_cipher" has been removed from the openvas-scanner module. It has been replaced by the NASL implementation "secpod_ssl_ciphers.nasl". - Support for storing an uploaded preference file in memory instead of on disk has been added. -- Stephan Kleine <[email protected]> Wed, 19 May 2010 19:54:49 +0100 openvas-scanner (3.0.2-1) UNRELEASED; urgency=low * New upstream release -- Stephan Kleine <[email protected]> Mon, 22 Mar 2010 22:24:52 +0100 openvas-scanner (3.0.1-1) UNRELEASED; urgency=low * New upstream release -- Stephan Kleine <[email protected]> Tue, 26 Jan 2010 19:14:34 +0100 openvas-scanner (3.0.0-1) UNRELEASED; urgency=low * New upstream release -- Stephan Kleine <[email protected]> Fri, 25 Dec 2009 15:30:15 +0100 ++++++ debian.compat ++++++ 5 ++++++ debian.control ++++++ Source: openvas-scanner Section: admin Priority: optional Maintainer: Stephan Kleine <[email protected]> Build-Depends: debhelper (>= 6), devscripts, dpatch, cmake, hardening-wrapper, libopenvas4-dev, libwrap0-dev, pkg-config, po-debconf Homepage: http://www.openvas.org/ Standards-Version: 3.8.0 Package: openvas-scanner Section: net Architecture: any Depends: ${shlibs:Depends}, ${misc:Depends}, openssl Replaces: openvas-server, openvas-plugins Conflicts: openvas-server, openvas-plugins Recommends: rsync, nmap Suggests: openvas-client, snmp, pnscan, strobe, ike-scan Description: remote network security auditor - scanner The Open Vulnerability Assessment System is a modular security auditing tool, used for testing remote systems for vulnerabilities that should be fixed. . It is made up of two parts: a scan server, and a client. The scanner/daemon, openvassd, is in charge of the attacks, whereas the client, OpenVAS-Client, provides an X11/GTK+ user interface. . This package provides the scanner. Package: openvas-scanner-dbg Section: debug Priority: extra Architecture: any Depends: ${misc:Depends}, openvas-scanner (= ${binary:Version}) Description: remote network security auditor - scanner (debug) The Open Vulnerability Assessment System is a modular security auditing tool, used for testing remote systems for vulnerabilities that should be fixed. . It is made up of two parts: a scan server, and a client. The scanner/daemon, openvassd, is in charge of the attacks, whereas the client, OpenVAS-Client, provides an X11/GTK+ user interface. . This package provides the debugging symbols for the scanner. ++++++ debian.openvas-scanner.default ++++++ --- /var/tmp/diff_new_pack.X6KRxl/_old 2011-04-04 13:02:31.000000000 +0200 +++ /var/tmp/diff_new_pack.X6KRxl/_new 2011-04-04 13:02:31.000000000 +0200 @@ -8,4 +8,4 @@ # The port the OpenVAS Scanner is listening on. # -SCANNER_PORT=9390 +SCANNER_PORT=9391 ++++++ debian.openvas-scanner.dirs ++++++ var/cache/openvas var/lib/openvas var/log/openvas ++++++ debian.openvas-scanner.init ++++++ #!/bin/sh -e # # /etc/init.d/openvas-scanner # # Originally written by Miquel van Smoorenburg <[email protected]>. # Modified for Debian GNU/Linux by Ian Murdock <[email protected]>. # Modified for nessusd by Luca Andreucci <[email protected]> # Further changes by Javier Fernandez-Sanguino <[email protected]> for the # Debian GNU/Linux distribution # Even more changes for Debian GNU/Linux openvas-scanner package by # Tim Brown <[email protected]> # ### BEGIN INIT INFO # Provides: openvas-scanner # Required-Start: $remote_fs # Required-Stop: $remote_fs # Should-Start: # Should-Stop: # Default-Start: # Default-Stop: 0 6 # Short-Description: Start and stop the OpenVAS daemon # Description: Controls the main OpenVAS daemon "openvassd". ### END INIT INFO # time to wait for daemons death, in seconds # don't set it too low or you might not let openvassd die gracefully DODTIME=5 [ -r /etc/default/openvas-scanner ] && . /etc/default/openvas-scanner # daemon options DAEMONOPTS="-q" [ "$SCANNER_ADDRESS" ] && DAEMONOPTS="$DAEMONOPTS --listen=$SCANNER_ADDRESS" [ "$SCANNER_PORT" ] && DAEMONOPTS="$DAEMONOPTS --port=$SCANNER_PORT" DAEMON=/usr/sbin/openvassd PIDFILE=/var/run/openvassd.pid NAME=openvassd LABEL="OpenVAS Scanner" test -x $DAEMON || exit 0 running() { # No pidfile, probably no daemon present # [ ! -f "$PIDFILE" ] && return 1 pid=`cat $PIDFILE` # No pid, probably no daemon present [ -z "$pid" ] && return 1 [ ! -d /proc/$pid ] && return 1 cmd=`cat /proc/$pid/cmdline | tr "\000" "\n"|head -n 1 |cut -d : -f 1` # No openvassd? [ "$cmd" != "$NAME" ] && return 1 return 0 } warn_cert_file() { echo -n "WARN: The (expected) certificate file $1 is not available." >&2 echo -n "The OpenVAS daemon might not start up." >&2 } check_certs() { CERTDIR=/var/lib/openvas/CA/ PRIVCERTDIR=/var/lib/openvas/private/CA/ for cert in cacert.pem servercert.pem; do [ ! -r "$CERTDIR/$cert" ] && warn_cert_file "$CERTDIR/$cert" done for cert in cakey.pem serverkey.pem; do [ ! -r "$PRIVCERTDIR/$cert" ] && warn_cert_file "$CERTDIR/$cert" done } openvas_start() { check_certs start-stop-daemon --start --exec $DAEMON -- $DAEMONOPTS 2>&1 >/dev/null errcode=$? # If we don't sleep then running() might not see the pidfile sleep $DODTIME return $errcode } force_stop() { [ ! -e "$PIDFILE" ] && return if running ; then kill -15 $pid # Is it really dead? sleep "$DODTIME"s if running ; then kill -9 $pid sleep "$DODTIME"s if running ; then echo "Cannot kill $LABEL (pid=$pid)!" exit 1 fi fi fi rm -f $PIDFILE } case "$1" in start) echo -n "Starting $LABEL: " if openvas_start && running ; then echo "openvassd." else echo "ERROR." exit 1 fi ;; stop) echo -n "Stopping $LABEL: " if running ; then start-stop-daemon --stop --pidfile $PIDFILE --quiet --oknodo --exec $DAEMON sleep "$DODTIME"s fi if running; then force_stop fi echo "openvassd." ;; restart) echo -n "Restarting $LABEL: " if running; then start-stop-daemon --stop --pidfile $PIDFILE --quiet --oknodo --exec $DAEMON sleep "$DODTIME"s fi if running; then force_stop fi if openvas_start && running ; then echo "openvassd." else echo "ERROR." exit 1 fi ;; reload|force-reload) echo -n "Reloading $LABEL configuration files: " start-stop-daemon --stop --pidfile $PIDFILE --signal 1 --exec $DAEMON sleep "$DODTIME"s if running ; then echo "done." else echo "ERROR." exit 1 fi ;; status) echo -n "$LABEL is " if running ; then echo "running" else echo " not running." exit 1 fi ;; *) echo "Usage: /etc/init.d/openvas-scanner {start|stop|restart|reload|status}" exit 1 ;; esac exit 0 ++++++ debian.openvas-scanner.install ++++++ usr/sbin/greenbone-nvt-sync usr/*bin/openvas* usr/share/man/man8/greenbone-nvt-sync* usr/share/man/man8/openvas* ++++++ debian.openvas-scanner.logrotate ++++++ /var/log/openvas/openvassd.messages { missingok notifempty create 640 root adm daily rotate 7 compress postrotate if [ -s /var/run/openvassd.pid ]; then kill -1 `cat /var/run/openvassd.pid`; fi openvaslogs=`ls /var/log/openvas/openvassd.messages.*` if [ -n "$openvaslogs" ]; then chown root:adm $openvaslogs chmod 640 $openvaslogs fi endscript } ++++++ debian.openvas-scanner.postinst ++++++ #! /bin/bash # Restart the OpenVAS daemon if running if [ -x /etc/init.d/openvas-scanner ] && \ /etc/init.d/openvas-scanner status 2>&1 >/dev/null; then if which invoke-rc.d >/dev/null 2>&1; then invoke-rc.d openvas-scanner restart else /etc/init.d/openvas-scanner restart fi fi # We don't let dh_installinit touch this so we do it byhand update-rc.d openvas-scanner stop 20 0 6 . >/dev/null ++++++ debian.openvas-scanner.postrm ++++++ #!/bin/sh if [ "$1" = "purge" ]; then update-rc.d openvas-scanner remove >/dev/null fi exit 0 ++++++ debian.openvas-scanner.prerm ++++++ #!/bin/sh set -e if [ "$1" != "upgrade" ]; then if [ -x "/etc/init.d/openvas-scanner" ] ; then if which invoke-rc.d >/dev/null 2>&1; then invoke-rc.d openvas-scanner stop else /etc/init.d/openvas-scanner stop fi else start-stop-daemon --stop --quiet --oknodo --exec /usr/sbin/openvassd fi fi #DEBHELPER# exit 0 ++++++ debian.rules ++++++ #!/usr/bin/make -f # -*- makefile -*- # Sample debian/rules that uses debhelper. # This file was originally written by Joey Hess and Craig Small. # As a special exception, when this file is copied by dh-make into a # dh-make output file, you may use that output file without restriction. # This special exception was added by Craig Small in version 0.37 of dh-make. # Uncomment this to turn on verbose mode. export DH_VERBOSE=1 # Enable hardening-wrapper export DEB_BUILD_HARDENING=1 config: config-stamp config-stamp: dh_testdir # Add here commands to configure the package. cmake -DCMAKE_VERBOSE_MAKEFILE=ON -DCMAKE_INSTALL_PREFIX=/usr -DSYSCONFDIR=/etc -DLOCALSTATEDIR=/var -DCMAKE_BUILD_TYPE=release . touch $@ build: build-stamp build-stamp: config dh_testdir # Add here commands to compile the package. $(MAKE) VERBOSE=1 touch $@ clean: dh_testdir dh_testroot rm -f build-stamp dh_clean install: build dh_testdir dh_testroot dh_clean -k dh_installdirs # Add here commands to install the package into debian/tmp $(MAKE) DESTDIR=$(CURDIR)/debian/tmp install for file in $(CURDIR)/debian/tmp/usr/*bin/openvas-* ; do \ if file $$file | grep -q "POSIX shell script"; then \ echo "Checking $$file for bashisms..." ; \ checkbashisms $$file || true ; \ fi ; \ done # Build architecture-independent files here. binary-indep: build install # We have nothing to do by default. # Build architecture-dependent files here. binary-arch: build install dh_testdir dh_testroot dh_installchangelogs CHANGES dh_installdocs dh_install --sourcedir=debian/tmp dh_installdebconf dh_installlogrotate dh_installinit -n -r -u stop 20 0 6 . dh_installman dh_link dh_strip --dbg-package=openvas-scanner-dbg dh_compress dh_fixperms dh_installdeb dh_shlibdeps dh_gencontrol dh_md5sums dh_builddeb binary: binary-indep binary-arch .PHONY: build clean binary-indep binary-arch binary install ++++++ openvas-scanner-3.0.2.tar.gz -> openvas-scanner-3.2.2.tar.gz ++++++ ++++ 96280 lines of diff (skipped) ++++++ openvas-scanner.dsc ++++++ Format: 1.0 Source: openvas-scanner Binary: openvas-scanner Architecture: any Version: 3.2.2-1 Maintainer: Stephan Kleine <[email protected]> Homepage: http://www.openvas.org/ Standards-Version: 3.8.0 Build-Depends: debhelper (>= 6), devscripts, dpatch, cmake, hardening-wrapper, libopenvas4-dev, libwrap0-dev, pkg-config, po-debconf Files: 776ce4e1000137c9aec7863372c8c876 373800 openvas-scanner-3.2.2.orig.tar.gz 131e6720b0526ade9405eade0d9150ac 56625 openvas-scanner-3.2.2.diff.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
