File openvas-administrator.spec of Package openvas-administrator
#
# spec file for package openvas-administrator
#
# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
Name: openvas-administrator
Version: 1.3.0
Release: 2.2
License: GPL-2.0+
Group: Productivity/Networking/Security
Url: http://www.openvas.org
Source0: %{name}-%{version}.tar.gz
Source1: openvasad.logrotate
Source2: debian.openvas-administrator.default
Source3: openvasad.init.suse
Source4: openvasad.init.fedora
Source5: openvasad.init.mandriva
Source6: openvas-administrator.service
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%if 0%{?mandriva_version}
BuildRequires: pinentry-gtk2
%endif
%if 0%{?suse_version}
PreReq: %insserv_prereq
PreReq: %fillup_prereq
BuildRequires: fdupes
%if 0%{?suse_version} > 1220
BuildRequires: systemd
%systemd_requires
%endif
%endif
BuildRequires: cmake >= 2.6.0
BuildRequires: doxygen
BuildRequires: glib2-devel
BuildRequires: libopenvas-devel
BuildRequires: pkgconfig
BuildRequires: libgcrypt-devel
Requires: logrotate
Summary: Administrator Module of OpenVAS
%description
This is the administrator module for the Open Vulnerability Assessment
System (OpenVAS). It is intended to simplify the configuration and
administration of an OpenVAS server both on a local installation as
well as on a remote system.
%prep
%setup -q
%build
%if 0%{?mandriva_version}
%serverbuild
%endif
export CFLAGS="$RPM_OPT_FLAGS"
%__mkdir build
cd build
cmake .. -DCMAKE_VERBOSE_MAKEFILE=ON \
-DCMAKE_INSTALL_PREFIX=%{_prefix} \
-DSYSCONFDIR=%{_sysconfdir} \
-DLOCALSTATEDIR=%{_localstatedir} \
-DCMAKE_BUILD_TYPE=release
%__make %{?_smp_mflags} VERBOSE=1
%install
cd build
%__make install DESTDIR=%{buildroot}
%__install -D -m 644 %{_sourcedir}/openvasad.logrotate %{buildroot}%{_sysconfdir}/logrotate.d/openvas-administrator
%if 0%{?suse_version}
%__install -D -m 744 %{_sourcedir}/openvasad.init.suse %{buildroot}%{_initrddir}/openvas-administrator
%__ln_s %{_initrddir}/openvas-administrator %{buildroot}%{_sbindir}/rcopenvas-administrator
%__install -D -m 644 %{_sourcedir}/debian.openvas-administrator.default %{buildroot}%{_var}/adm/fillup-templates/sysconfig.openvas-administrator
%if 0%{?suse_version} > 1220
mkdir -p $RPM_BUILD_ROOT/usr/lib/systemd/
mkdir -p $RPM_BUILD_ROOT/usr/lib/systemd/system
install -m 644 $RPM_SOURCE_DIR/openvas-administrator.service $RPM_BUILD_ROOT/usr/lib/systemd/system/openvas-administrator.service
%endif
chmod -R 755 %{buildroot}/usr/share/openvas/openvasad/global_schema_formats
chmod -R 644 %{buildroot}/usr/share/openvas/openvasad/global_schema_formats/*/*.xsl
chmod -R 644 %{buildroot}/usr/share/openvas/openvasad/global_schema_formats/*/*.xml
%fdupes -s $RPM_BUILD_ROOT/usr/share/openvas/openvasad/global_schema_formats/*
%endif
%if 0%{?fedora_version} || 0%{?scientificlinux_version} || 0%{?centos_version}
%__install -D -m 744 %{_sourcedir}/openvasad.init.fedora %{buildroot}%{_initrddir}/openvas-administrator
%__install -D -m 644 %{_sourcedir}/debian.openvas-administrator.default %{buildroot}%{_sysconfdir}/sysconfig/openvas-administrator
%endif
%if 0%{?mandriva_version}
%__install -D -m 744 %{_sourcedir}/openvasad.init.mandriva %{buildroot}%{_initrddir}/openvas-administrator
%__install -D -m 644 %{_sourcedir}/debian.openvas-administrator.default %{buildroot}%{_sysconfdir}/sysconfig/openvas-administrator
%endif
%__mkdir_p %{buildroot}%{_localstatedir}/log/openvas
touch %{buildroot}%{_localstatedir}/log/openvas/openvasad.log
%clean
test "%{buildroot}" != "/" && %__rm -rf %{buildroot}
%pre
%if 0%{?suse_version} > 1220
%service_add_pre openvas-administrator.service
%endif
%post
%if 0%{?suse_version}
%fillup_and_insserv openvas-administrator
%if 0%{?suse_version} > 1220
%service_add_post openvas-administrator.service
%endif
%endif
%if 0%{?mandriva_version}
%_post_service openvas-administrator
%endif
%if 0%{?fedora_version} || 0%{?scientificlinux_version} || 0%{?centos_version}
# only rpm -i (not rpm {-U|-F})
if [ $1 = 1 ]; then
/sbin/chkconfig --add openvas-administrator
fi
%endif
%preun
%if 0%{?suse_version}
%stop_on_removal openvas-administrator
%if 0%{?suse_version} > 1220
%service_del_preun openvas-administrator.service
%endif
%endif
%if 0%{?mandriva_version}
%_preun_service openvas-administrator
%endif
%if 0%{?fedora_version} || 0%{?scientificlinux_version} || 0%{?centos_version}
# only rpm -e (not rpm {-U|-F})
if [ $1 = 0 ]; then
/sbin/service openvas-administrator stop > /dev/null 2>&1 || :
/sbin/chkconfig --del openvas-administrator
fi
%endif
%postun
%if 0%{?suse_version}
%restart_on_update openvas-administrator
%insserv_cleanup
%if 0%{?suse_version} > 1220
%service_del_postun openvas-administrator.service
%endif
%endif
%if 0%{?fedora_version} || 0%{?scientificlinux_version} || 0%{?centos_version}
# only rpm {-U|-F} (not rpm -e)
if [ $1 = 1 ]; then
/sbin/service openvas-administrator condrestart
fi
%endif
%files
%defattr(-,root,root)
%doc CHANGES
%config(noreplace) %{_sysconfdir}/logrotate.d/openvas-administrator
%config %{_sysconfdir}/openvas
%config %{_sysconfdir}/openvas/*
%config(noreplace) %{_sysconfdir}/openvas/openvasad_log.conf
%{_initrddir}/openvas-administrator
%{_sbindir}/openvasad
%{_mandir}/man8/openvasad.8*
%{_datadir}/openvas/openvasad
%dir %{_localstatedir}/log/openvas
%ghost %{_localstatedir}/log/openvas/openvasad.log
%if 0%{?suse_version}
%{_sbindir}/rcopenvas-administrator
%{_var}/adm/fillup-templates/sysconfig.openvas-administrator
%if 0%{?suse_version} > 1220
/usr/lib/systemd/system/openvas-administrator.service
%endif
%else
%config(noreplace) %{_sysconfdir}/sysconfig/openvas-administrator
%endif
%changelog
* Wed Aug 28 2013 johann.luce@wanadoo.fr
- Add systemd init script for openSUSE
fix OBS warning
* Thu Apr 18 2013 johann.luce@wanadoo.fr
- Update to 1.3.0
2013-04-15 Michael Wiegand <michael.wiegand@greenbone.net>
Preparing for the 1.3.0 release.
* CHANGES: Updated.
* CMakeLists.txt: Update version number to 1.3.0. Switch version
scheme.
* INSTALL: Add version to GnuTLS dependency, harmonize list with other
modules.
2013-04-04 Hani Benhabiles <hani.benhabiles@greenbone.net>
* src/oxpd.h: Declare from_buffer_size as extern like other
from_* variables as it is already defined in oxpd.c.
2013-04-04 Werner Koch <wk@gnupg.org>
* src/oapd.c (serve_oap): Check for pending TLS records prior to
calling select.
* src/oxpd.c (read_protocol): Ditto.
2013-03-18 Hani Benhabiles <hani.benhabiles@greenbone.net>
Update changes for 1.3+rc1 release.
* CHANGES: Updated.
2013-03-18 Hani Benhabiles <hani.benhabiles@greenbone.net>
Post release version bump.
* CMakeLists.txt: Updated version number to 1.3+rc2.
2013-03-18 Hani Benhabiles <hani.benhabiles@greenbone.net>
* CMakeLists.txt: Set version number to 1.3+rc1.
2013-03-15 Jan-Oliver Wagner <jan-oliver.wagner@greenbone.net>
* CMakeLists.txt: Set dependency to gnutls to at least 2.8.
2013-03-15 Jan-Oliver Wagner <jan-oliver.wagner@greenbone.net>
* doc/pwpolicy.conf: Comment out all lines in this example.
* CMakeLists.txt: Install the pwpolicy.conf to ensure there
is always one.
2013-03-04 Matthew Mundell <matthew.mundell@greenbone.net>
Remove test framework.
* CMakeLists.txt: Remove testing.
* src/CMakeLists.txt: Remove testing comments.
* src/tests/: Remove.
2013-02-22 Michael Wiegand <michael.wiegand@greenbone.net>
Post release version bump.
* CMakeLists.txt: Updated version number to 1.3+beta2.
2013-02-22 Michael Wiegand <michael.wiegand@greenbone.net>
* CHANGES: Updated.
2013-02-21 Werner Koch <wk@gnupg.org>
* src/admin.c (openvas_admin_add_user): Re-word password
diagnostic.
(openvas_admin_modify_user): Ditto.
2013-02-20 Werner Koch <wk@gnupg.org>
* src/pwpolicy.c: Move to openvas-libraries/base.
* src/admin.h: Remove prototypes of pwpolicy.c.
* src/CMakeLists.txt: Remove pwpolicy.c.
* src/openvasad.c: Include openvas/base/pwpolicy.h.
(main): Use openvas_disable_password_policy.
* src/admin.c: Include openvas/base/pwpolicy.h.
(openvas_admin_add_user): Use openvas_validate_password.
(openvas_admin_modify_user): Ditto.
2013-02-20 Michael Wiegand <michael.wiegand@greenbone.net>
Move "-Werror" flag to the "Debug" build type.
* CMakeLists.txt: Move "-Werror" from CMAKE_C_FLAGS to
CMAKE_C_FLAGS_DEBUG to keep it out of the "Release" build type.
2013-02-19 Werner Koch <wk@gnupg.org>
* src/oap.c (make_xml_error_syntax): Replace custom escaping by
g_markup_escape_text.
2013-02-18 Jan-Oliver Wagner <jan-oliver.wagner@greenbone.net>
Preparing for the 1.3+beta1 release.
* CHANGES: Updated.
* openvassd.c (main): Updated Copyright year.
* CMakeLists.txt: Updated version number to 1.3+beta1 and increased
dependency for openvas-libraries from 5.0.0 to 6.0.0.
* INSTALL: Updated developer reference system to Debian 6 only
and increased dependency for openvas-libraries to 6.0.0.
2013-02-18 Werner Koch <wk@gnupg.org>
* src/admin.c (openvas_admin_add_user): Add arg R_ERRDESC to
return a detailed description for username and password errors.
(openvas_admin_modify_user): Ditto.
* src/admin.h: Update prototypes accordingly.
* src/oap.c (make_xml_error_syntax): New.
(oap_xml_handle_end_element): Use this to return the error from
the extended functions.
* src/openvasad.c (main): Adjust call to openvas_admin_add_user.
* README: Add instruction on how to install pwpolicy.conf.
* src/pwpolicy.c: Document the format of the policy file.
2013-02-18 Werner Koch <wk@gnupg.org>
* doc/pwpolicy.conf: New.
* src/pwpolicy.c: New.
* src/admin.h (openvas_admin_validate_password): New prototype.
(openvas_admin_disable_password_policy): New prototype.
* src/openvasad.c (main): Add option --disable-password-policy.
* src/admin.c (openvas_admin_add_user)
(openvas_admin_modify_user): Validate the password.
* src/CMakeLists.txt (add_library): Add pwpolicy.c.
(add_definitions): Always define OPENVAS_SYSCONF_DIR.
2013-02-14 Werner Koch <wk@gnupg.org>
* src/openvasad.c (main): Make use of read_passphrase more robust.
2013-02-06 Matthew Mundell <matthew.mundell@greenbone.net>
* src/oapd.c (init_oapd): Break line before param instead of before
paren.
2013-02-06 Michael Wiegand <michael.wiegand@greenbone.net>
* doc/CMakeLists.txt: Fix paths for targets "man" and "man-html".
2013-02-06 Timo Pollmeier <timo.pollmeier@greenbone.net>
* doc/oap.html, doc/oap.rnc: Add items for describe_scap, describe_cert,
sync_scap, sync_cert.
* src/admin.c (openvas_get_sync_script_identification): Add CERT_FEED
to comment. Change test of feed identification to include CERT feed.
(openvas_sync_feed): Add CERT_FEED to comment.
* src/admin.h (CERT_FEED): New #define.
* src/oap.c: New OAP commands: describe_cert, sync_cert.
(cert_script): New variable.
(help_text): Change to include new commands.
(client_state_t): Add enum cases CLIENT_DESCRIBE_CERT, CLIENT_SYNC_CERT.
(oap_xml_handle_start_element): In cases CLIENT_AUTHENTIC and
CLIENT_AUTHENTIC_COMMAND add else if branch to for new commands.
New cases CLIENT_DESCRIBE_CERT, CLIENT_SYNC_CERT.
(init_oap): New parameter cert_sync_script to initialize cert_script.
* src/oap.h (init_oap): New parameter cert_sync_script.
* src/oapd.c (init_oapd): New parameter cert_sync_script, passed as new
parameter of init_oap.
* src/oapd.h (init_oapd): New parameter cert_sync_script.
* src/openvasad.c (main): New initialization for cert_script.
New command line options -C --cert-script and default value for
cert_script. Add cert_script as parameter for init_oapd.
* src/schema_formats/OAP.xml (commands, describe_cert, sync_cert): Add
new commands describe_cert and sync_cert.
* src/tests/oap_help_0.c (help_text): Change to reflect changes in
src/oap.c.
2013-02-05 Michael Wiegand <michael.wiegand@greenbone.net>
* README: Fix typo.
2013-02-05 Michael Wiegand <michael.wiegand@greenbone.net>
Update targets for out-of-source builds.
* doc/CMakeLists.txt: Update commands and targets to work with
out-of-source builds.
* doc/Doxyfile.in: Updated to work with out-of-source builds,
harmonized with other modules.
* doc/Doxyfile_full.in: Harmonized with Doxyfile.in.
* doc/footer.html: Removed obsolete file.
* src/CMakeLists.txt: Ensure that the targets "splint", "rats",
"flawfinder", "etags" and "ctags" work with out-of-source builds.
2013-01-30 Hani Benhabiles <hani.benhabiles@greenbone.net>
* src/admin.c: Remove file_utils_rmdir_rf function which is duplicated
from Manager.
(openvas_admin_schema): Use openvas_file_remove_recurse from base
libraries to delete output directory.
2012-11-07 Hani Benhabiles <hani.benhabiles@greenbone.net>
* src/schema_format/XML/OAP.xml: Added describe_scap and sync_scap commands.
* src/tests/oap_help_0.c: Added DESCRIBE_SCAP and SYNC_SCAP help texts.
2012-11-07 Hani Benhabiles <hani.benhabiles@greenbone.net>
* src/admin.h: Added NVT_FEED and SCAP_FEED constants.
(openvas_get_sync_script_identification, openvas_sync_feed): Added third
argument for feed_type.
* src/admin.c (openvas_get_sync_script_identification)
(openvas_sync_feed): Added feed_type parameter and fixed documentation.
* src/oapd.c src/oapd.h (init_oapd): Added scap_sync_script argument.
* src/oap.h (init_oap): Added scap_sync_script argument.
* src/oap.c: Added CLIENT_DESCRIBE_SCAP and CLIENT_SYNC_SCAP xml element
handlers.
(init_oap): Added scap_sync_script argument.
* src/openvasad.c: Added --scap-script argument.
2012-09-19 Michael Wiegand <michael.wiegand@greenbone.net>
* src/openvasad.c (main): Mention the correct options in help text.
Spotted by Michael Meyer.
2012-09-19 Michael Wiegand <michael.wiegand@greenbone.net>
* src/openvasad.c (main): Fix mention of deprecated option in help
text.
2012-08-02 Jan-Oliver Wagner <jan-oliver.wagner@greenbone.net>
Post release version bump.
* CMakeLists.txt: Updated version number to 1.2.2.
2012-08-02 Jan-Oliver Wagner <jan-oliver.wagner@greenbone.net>
* Fri Aug 10 2012 bitshuffler@opensuse.org
- Updated to 1.2.1
* Improve build system to work with newer glib and gcc versions.
* Prevent segfault when sync script does not end properly.
* Sat May 12 2012 bitshuffler@opensuse.org
- Updated to 1.2.0
* Some bug fixes for the per-user ldap authentication.
* Clean up CMake infrastructure and ensure that compilation with modern
gccs works.
* Added support of per-user LDAP authentication
* OAP protocol version now 1.1
* Sat Nov 12 2011 bitshuffler@opensuse.org
- Updated to 1.2+beta1
* Support for task observers has been added.
* Fri Nov 4 2011 bitshuffler@opensuse.org
- Updated to 1.1.2
* Handling of the SIGHUP signal has been made consistent with the other OpenVAS
modules. This means that openvas-administrator will no longer exit upon
receiving a SIGHUP.
* OAP: The GET_VERSION command is now allowed before AUTHENTICATE to be
consistent with OMP.
* Thu Aug 25 2011 crrodriguez@opensuse.org
- Fix build with current factory dependencies and
new linker defaults.
* Wed Feb 23 2011 bitshuffler@opensuse.org
- Updated to 1.1.1
* The build environment has been consolidated.
* The logging behaviour when started with --verbose has been improved.
* The parameter name for the user name has been changed to --username/-u.
* User name validation has been added.
* Fri Feb 4 2011 bitshuffler@opensuse.org
- Updated to 1.1.0
* The default log level has been reduced to avoid logging sensitive information
during normal operation.
* If the password for the new user has not been provided as a command line
parameter, it will be requested interactively.
* OpenVAS Administrator now uses pkg-config to find required libraries.
* OpenVAS Administrator now provides a manual page for the openvasad binary.
* The installation is now compliant with Filesystem Hierarchy Standard (FHS 2.3).
* Thu Jan 20 2011 bitshuffler@opensuse.org
- Updated to 1.0.1
* Fixed behaviour for ldap-based authentication for Admin role.
* Added protocol documentation for OAP (html and rnc format,
can be build with "make doc").
* Code hardening at compile time is now the default.
* Harmonized output of "--version" with other modules.
* Tue Dec 7 2010 bitshuffler@opensuse.org
- Updated to 1.0.0
* Handling of invalid commands in console mode has been made more consistent.
* Wed Nov 24 2010 bitshuffler@opensuse.org
- Updated to 0.99.1
* The build environment has been improved to be more consistent across different
OpenVAS modules and to stay compatible with different openvas-libraries
versions.
* Support for logging user creation, deletion and role changes has been added.
* Wed May 26 2010 bitshuffler@opensuse.org
- Updated to 0.9.0
- A large amount of code which was duplicated from openvas-manager has been to
openvas-libraries.
- The build environment has been further improved.
- Support for providing the authentication configuration via OAP has been added.
- Support for modifying user has been improved, a number of issues and
inconsistencies has been addressed.
- New command line parameters for determining the feed version and the
synchronization status and for starting a feed synchronization have been
added.
* Mon Apr 12 2010 bitshuffler@opensuse.org
- Updated to 0.8.0
* Communication with synchronization scripts launched by openvas-administrator
has been improved; this should prevent synchronization processes from becoming
defunct when they are finished.
* A number of build issues discovered by Stephan Kleine has been fixed.
* Support for retrieving the version of an installed NVT collect has been added.
* Fri Feb 5 2010 bitshuffler@opensuse.org
- Updated to 0.7.0
* When synchronizing with an NVT feed, the administrator now simply starts the
synchronization script in the background instead of waiting for it to finish
before continuing.
* Tue Jan 26 2010 bitshuffler@opensuse.org
- Updated to 0.6.0
* When creating a user, now scan hosts to be denied or
allowed for this user can be specified.
* A user editor has been added and allows to change
the host restrictions and the password
(OAP command MODIFY_USER)
* OAP command CLIENT_GET_USERS now also provides the
host restriction information.
* The log protocol filters entries where potentially
a password may appear, so that passwords do not end
up in a log file.
* uuid's are generated for each user.
* New package build dependency to uuid library.
* Sun Jan 24 2010 bitshuffler@opensuse.org
- Added %%ghost entry for log file.
- Added logrotate file.
- Added init script.
- Fixed cmake arguments.
* Wed Jan 20 2010 bitshuffler@opensuse.org
- Updated to 0.5.0
* Make it possible to sort the list of users.
* Setting retrieval has been improved.
* Feed synchronization has been improved.
* Added support for modifying settings.
* Wed Dec 23 2009 felix.wolfsteller@intevation.de
- Added and apply patch of Vladimir Nadvornik (built libs are
static, no need to install them)
* Tue Dec 22 2009 felix.wolfsteller@intevation.de
- Marked log config file as %%config
* Tue Dec 22 2009 felix.wolfsteller@intevation.de
- Updated to 0.4.0
* A bug which cause defunct administrator processes to remain after
feed synchronization has been fixed.
* Initial support for retrieving settings von configuration files
has been added.
- Adjusted to use bz2 (instead of gz) tarball
* Thu Dec 10 2009 bitshuffler@opensuse.org
- Updated to 0.3.0
* Pidfile handling has been made more robust.
* A number of possible resource leaks have been identified and fixed.
* The configuration and build process has been improved.
* Support for NVT feed synchronization has been added.
* Tue Nov 24 2009 bitshuffler@opensuse.org
- Initial RPM
