Hi, after a long journey I could finally release a first version of a "build from source" guide at https://greenbone.github.io/docs/ It includes an installation procedure and setup on how we currently think our software stack should be deployed in a multi user setup. Feel free to ask questions and provide feedback!
Wherever possible I tried to be as close to the current Debian packages from https://salsa.debian.org/pkg-security-team/ During writing the guide it has become obvious that several defaults on our side didn't make sense. Therefore I've changes a lot of default paths and also the systemd service files. These changes will be included in the next bugfix releases. While writing the documentation some questions came up * Why do you use sudo runuser instead of sudo -u directly? * Is it safe or even allowed in Debian to use suid/sgid bits with specific owner and group? * Should /run be used directly or via /var/run indirectly? * When to use /usr/sbin and /usr/bin? The question about /usr/sbin and /usr/bin is most interesting for me at the moment because I just found out that we are mixing the installation paths in the different components. There seems to be no consistency at the moment. In the meeting with Raphael I talked about offline node modules installation by using the provided tarballs (for example https://github.com/greenbone/gsa/releases/download/v21.4.1/gsa-node-modules-21.4.1.tar.gz) and the yarn offline mode (https://github.com/greenbone/gsa/blob/gsa-21.04/gsa/CMakeLists.txt#L67). Sadly this doesn't work as expected because yarn includes specific metadata into the node_modules directory (.yarn-integrity file) that depends on the platform and nodejs version. It would be possible to patch that file for the correct platform and nodejs version but I am not sure if it is worth the effort. As a side node we tried to automate our release processes which resulted in some issues and changes I wanted to mention. Because our tooling for the releases is written in Python and Python versioning strips leading zeros version 21.04 is exchangeable with 21.4. Therefore the leading zeros got removed. But it seems to be an issue with your tooling at the moment. Sorry for that! Also because we couldn't automate the gsa repository for releases yet we did create releases that always display ~dev1 versions by mistake. This will be fixed with new releases latest in the last week of July. At the end I want to give to some outline for the planned changes of our 21.10 release: * We stripped the binary postgres parts into an own library at https://github.com/greenbone/pg-gvm This library is installed in a postgres versioned path for example /usr/lib/postgresql/13/lib. Therefore it should be possible to build and install the library for different postgres versions. * The scanner architecture will change (again) to useq MQTT message queue (paho-mqtt). Additionally at least one new component will be added written in golang (https://github.com/greenbone/eulabeia). It could be possible that the ospd part will not be needed anymore. * GSA (the web application) and gsad (the web server) will be split into two separate repositories. This should have been done from the beginning but currently creates serious issues for the automatic releases. * We will release bugfix versions at least every month * After the 21.10 release the next 1.5 to 2 years we will only ship minor changes even in major releases Best regards Björn > Hi, > > after an online meeting with Raphael two weeks ago I promised to provide > an installation and setup documentation for our GVM software stack. > > First of all I really underestimated my personal work load and the time > it requires to write a satisfying documentation. Therefore I couldn't > hold my promises and the documentation isn't really ready yet. > > But nevertheless you can find a first draft at > https://greenbone.github.io/docs/ The docs are hosted at GitHub and > build from https://github.com/greenbone/docs At the moment we are using > sphinx-doc and restructuredtext for the sources. > > Feel free to give me early feedback and things you want to read in the > docs. I'll try my best to get a "ready" version for the docs in the next > two weeks. > > Best regards > Björn > -- Bjoern Ricks | Greenbone Networks GmbH | https://www.greenbone.net Neumarkt 12, 49074 Osnabrueck, Germany | AG Osnabrueck, HR B 202460 Chief Executive Officer: Dr. Jan-Oliver Wagner
