cpet/freebsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

security/gvm: update to 21.4.4

Browse Source 
- security/openvas update to 21.4.4
- security/gvmd update to 21.4.5
- security/gvm-libs update to 21.4.4
- security/py-ospd-openvas update to 21.4.4
- security/py-python-gvm update to 21.11.0
- security/gsad was added
- security/gsa was added
- security/py-ospd was removed. Now it is part of security/py-osdp-openvas port
- security/greenbone-security-assistant was removed. gsad and gsa ports was
  added instead of it
This commit is contained in:
Jose Alonso Cardenas Marquez 2022-05-22 00:25:38 -05:00
parent d2a35cd5af
commit fc69056113
2 changed files with 21 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
security/gvm/Makefile
View File

@ -1,5 +1,5 @@
PORTNAME= gvm PORTNAME= gvm
PORTVERSION= 21.4.3 PORTVERSION= 21.4.4
CATEGORIES= security CATEGORIES= security
MAINTAINER= acm@FreeBSD.org MAINTAINER= acm@FreeBSD.org
@ -20,7 +20,8 @@ RUN_DEPENDS+= ${LOCALBASE}/bin/ospd-openvas:security/py-ospd-openvas@${PY_FLAVOR
RUN_DEPENDS+= ${LOCALBASE}/sbin/openvas:security/openvas RUN_DEPENDS+= ${LOCALBASE}/sbin/openvas:security/openvas
# Install GVM Web Interface # Install GVM Web Interface
RUN_DEPENDS+= ${LOCALBASE}/sbin/gsad:security/greenbone-security-assistant RUN_DEPENDS+= ${LOCALBASE}/sbin/gsad:security/gsad
RUN_DEPENDS+= ${LOCALBASE}/share/gvm/gsad/web/index.html:security/gsa
SUB_FILES= pkg-message SUB_FILES= pkg-message

28
security/gvm/files/pkg-message.in
View File

@ -38,7 +38,11 @@ Basic instructions for configure your gvm infraestruture are following:
# sysrc ospd_openvas_enable="YES" # sysrc ospd_openvas_enable="YES"
# sysrc gsad_enable="YES" # sysrc gsad_enable="YES"
5) Currently, ospd_openvas should run as a user without elevated privileges 5) Start redis service
# service redis start
6) Currently, ospd_openvas should run as a user without elevated privileges
(gvm) and use sudo for run openvas scanner but it does not work properly. (gvm) and use sudo for run openvas scanner but it does not work properly.
Like a workaround you must run redis as root and the same with ospd_openvas. Like a workaround you must run redis as root and the same with ospd_openvas.
@ -48,9 +52,13 @@ Basic instructions for configure your gvm infraestruture are following:
ospd_openvas_user="root" ospd_openvas_user="root"
Take in mind it is not the best configuration for run ospd_openvas and Take in mind it is not the best configuration for run ospd_openvas and
openvas. openvas.
6) The following steps are neccessary before of you can access to GVM web The following could avoid some scan issues with openvas
# echo "test_alive_hosts_only = no" >> /usr/local/etc/openvas/openvas.conf
7) The following steps are neccessary before of you can access to GVM web
interface (gsad): interface (gsad):
Start gvmd service. It will listen on /var/run/gvmd/gvmd.sock by default Start gvmd service. It will listen on /var/run/gvmd/gvmd.sock by default
@ -80,7 +88,7 @@ Basic instructions for configure your gvm infraestruture are following:
# su -m gvm -c "gvmd --modify-setting 78eceaec-3385-11ea-b237-28d24461215b --value <uuid_of_user> # su -m gvm -c "gvmd --modify-setting 78eceaec-3385-11ea-b237-28d24461215b --value <uuid_of_user>
7) Start OSPD-OpenVAS Wrapper service. It will listen on /var/run/ospd/ospd.sock by default 8) Start OSPD-OpenVAS Wrapper service. It will listen on /var/run/ospd/ospd.sock by default
# service ospd_openvas start # service ospd_openvas start
@ -93,11 +101,11 @@ Basic instructions for configure your gvm infraestruture are following:
# su -m gvm -c "gvmd --verify-scanner=08b69003-5fc2-4037-a479-93b440211c73" # su -m gvm -c "gvmd --verify-scanner=08b69003-5fc2-4037-a479-93b440211c73"
Scanner version: OpenVAS x.x.x Scanner version: OpenVAS x.x.x
8) Start GVM web interface. It will listen on http://127.0.0.1 by default 9) Start GVM web interface. It will listen on http://127.0.0.1 by default
# service gsad start # service gsad start
9) Some openvas scanner tasks need access to /dev/bpf device. Add the 10) Some openvas scanner tasks need access to /dev/bpf device. Add the
following lines to /etc/devfs.conf following lines to /etc/devfs.conf
own bpf root:gvm own bpf root:gvm
@ -107,15 +115,15 @@ Basic instructions for configure your gvm infraestruture are following:
# service devfs restart # service devfs restart
10) gvm log files are stores to /var/log/gvm directory 11) gvm log files are stores to /var/log/gvm directory
11) gsad can export results to PDF. It needs print/texlive-texmf port 12) gsad can export results to PDF. It needs print/texlive-texmf port
# pkg install texlive-texmf # pkg install texlive-texmf
It will install 1G of data It will install 1G of data
12) If you need more configure information you can look at the following links: 13) If you need more configure information you can look at the following links:
https://github.com/greenbone/gvmd/blob/master/INSTALL.md https://github.com/greenbone/gvmd/blob/master/INSTALL.md
https://github.com/greenbone/openvas/blob/master/INSTALL.md https://github.com/greenbone/openvas/blob/master/INSTALL.md
@ -129,7 +137,7 @@ Basic instructions for configure your gvm infraestruture are following:
# ospd-openvas -h # ospd-openvas -h
# gsad -h # gsad -h
13) Enjoy it 14) Enjoy it
EOM EOM
} }
] ]