From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-commits+bounces-1534285-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (2048 bits))
	(No client certificate requested)
	by finch.gentoo.org (Postfix) with ESMTPS id A74CA15800D
	for <garchives@archives.gentoo.org>; Mon,  3 Jul 2023 08:15:51 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 292A3E07D0;
	Mon,  3 Jul 2023 08:15:50 +0000 (UTC)
Received: from smtp.gentoo.org (woodpecker.gentoo.org [140.211.166.183])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits))
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id 09C41E07D0
	for <gentoo-commits@lists.gentoo.org>; Mon,  3 Jul 2023 08:15:50 +0000 (UTC)
Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits))
	(No client certificate requested)
	by smtp.gentoo.org (Postfix) with ESMTPS id 20B5E33BE34
	for <gentoo-commits@lists.gentoo.org>; Mon,  3 Jul 2023 08:15:49 +0000 (UTC)
Received: from localhost.localdomain (localhost [IPv6:::1])
	by oystercatcher.gentoo.org (Postfix) with ESMTP id 8A793ACC
	for <gentoo-commits@lists.gentoo.org>; Mon,  3 Jul 2023 08:15:46 +0000 (UTC)
From: "Florian Schmaus" <flow@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Content-Transfer-Encoding: 8bit
Content-type: text/plain; charset=UTF-8
Reply-To: gentoo-dev@lists.gentoo.org, "Florian Schmaus" <flow@gentoo.org>
Message-ID: <1688372123.73d0bd24fdc3fc390c94366d704540648c0b9e63.flow@gentoo>
Subject: [gentoo-commits] repo/gentoo:master commit in: net-analyzer/notus-scanner/files/, net-analyzer/notus-scanner/, ...
X-VCS-Repository: repo/gentoo
X-VCS-Files: net-analyzer/notus-scanner/Manifest net-analyzer/notus-scanner/files/notus-scanner.confd net-analyzer/notus-scanner/files/notus-scanner.initd net-analyzer/notus-scanner/files/notus-scanner.service.conf net-analyzer/notus-scanner/files/notus-scanner.toml net-analyzer/notus-scanner/metadata.xml net-analyzer/notus-scanner/notus-scanner-22.5.0.ebuild profiles/features/musl/package.mask
X-VCS-Directories: net-analyzer/notus-scanner/ profiles/features/musl/ net-analyzer/notus-scanner/files/
X-VCS-Committer: flow
X-VCS-Committer-Name: Florian Schmaus
X-VCS-Revision: 73d0bd24fdc3fc390c94366d704540648c0b9e63
X-VCS-Branch: master
Date: Mon,  3 Jul 2023 08:15:46 +0000 (UTC)
Precedence: bulk
List-Post: <mailto:gentoo-commits@lists.gentoo.org>
List-Help: <mailto:gentoo-commits+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-commits+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-commits+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-commits.gentoo.org>
X-BeenThere: gentoo-commits@lists.gentoo.org
X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply
X-Archives-Salt: 7c5ff8dc-25f6-47f1-8fdd-795f732ada79
X-Archives-Hash: e01b170aff3c48d7b53daf4d72e4c6e4

commit:     73d0bd24fdc3fc390c94366d704540648c0b9e63
Author:     Giuseppe Foti <foti.giuseppe <AT> gmail <DOT> com>
AuthorDate: Sat May 20 17:22:43 2023 +0000
Commit:     Florian Schmaus <flow <AT> gentoo <DOT> org>
CommitDate: Mon Jul  3 08:15:23 2023 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=73d0bd24

net-analyzer/notus-scanner: new package, add 22.5.0

Signed-off-by: Giuseppe Foti <foti.giuseppe <AT> gmail.com>
Signed-off-by: Florian Schmaus <flow <AT> gentoo.org>

 net-analyzer/notus-scanner/Manifest                |  1 +
 .../notus-scanner/files/notus-scanner.confd        | 11 ++++
 .../notus-scanner/files/notus-scanner.initd        | 23 ++++++++
 .../notus-scanner/files/notus-scanner.service.conf |  7 +++
 .../notus-scanner/files/notus-scanner.toml         |  8 +++
 net-analyzer/notus-scanner/metadata.xml            | 19 +++++++
 .../notus-scanner/notus-scanner-22.5.0.ebuild      | 63 ++++++++++++++++++++++
 profiles/features/musl/package.mask                |  1 +
 8 files changed, 133 insertions(+)

diff --git a/net-analyzer/notus-scanner/Manifest b/net-analyzer/notus-scanner/Manifest
new file mode 100644
index 000000000000..653ff84e4195
--- /dev/null
+++ b/net-analyzer/notus-scanner/Manifest
@@ -0,0 +1 @@
+DIST notus-scanner-22.5.0.tar.gz 320894 BLAKE2B 3bf0cb633ad2636d9430705459d841b717139b162bd39f30a6bf06dafe1647b94c0e791b05390d340f97a4ff83351cbd71be6d5b1793dda82c6cad9250ce18c2 SHA512 48576d26a65c439fb00b345d97ba9917c3c2bf99ab5c94ed4488e4638c0442fdcd721ed8a08be147481a01bffc3eadec25029c0d6cd1aed2381221250b16c19d

diff --git a/net-analyzer/notus-scanner/files/notus-scanner.confd b/net-analyzer/notus-scanner/files/notus-scanner.confd
new file mode 100644
index 000000000000..5000145abaeb
--- /dev/null
+++ b/net-analyzer/notus-scanner/files/notus-scanner.confd
@@ -0,0 +1,11 @@
+# Notus Scanner command args
+
+NOTUS_SCANNER_OPTIONS="--log-file=/var/log/gvm/notus-scanner.log"
+
+NOTUS_SCANNER_MQTT_BROKER_ADDRESS="--mqtt-broker-address localhost"
+
+NOTUS_SCANNER_MQTT_BROKER_PORT="--mqtt-broker-port 1883"
+
+NOTUS_SCANNER_PRODUCTS_DIRECTORY="--products-directory /var/lib/notus/products"
+
+NOTUS_DISABLE_HASHSUM_VERIFICATION="--disable-hashsum-verification false"

diff --git a/net-analyzer/notus-scanner/files/notus-scanner.initd b/net-analyzer/notus-scanner/files/notus-scanner.initd
new file mode 100644
index 000000000000..e00e9118e32e
--- /dev/null
+++ b/net-analyzer/notus-scanner/files/notus-scanner.initd
@@ -0,0 +1,23 @@
+#!/sbin/openrc-run
+# Copyright 2023Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+name="Greenbone Notus Scanner"
+command=/usr/bin/notus-scanner
+pidfile="/run/notus-scanner/${RC_SVCNAME}.pid"
+command_args="${NOTUS_SCANNER_OPTIONS} \
+	${NOTUS_SCANNER_MQTT_BROKER_ADDRESS} \
+	${NOTUS_SCANNER_MQTT_BROKER_PORT} \
+	${NOTUS_SCANNER_PRODUCTS_DIRECTORY} \
+	${NOTUS_DISABLE_HASHSUM_VERIFICATION} \
+	--pid-file ${pidfile} \
+	--config /etc/gvm/notus-scanner.toml"
+
+depend() {
+	after bootmisc
+	need localmount mosquitto
+}
+
+start_pre() {
+        checkpath -d /var/run/notus-scanner
+}

diff --git a/net-analyzer/notus-scanner/files/notus-scanner.service.conf b/net-analyzer/notus-scanner/files/notus-scanner.service.conf
new file mode 100644
index 000000000000..aea5c10e8fad
--- /dev/null
+++ b/net-analyzer/notus-scanner/files/notus-scanner.service.conf
@@ -0,0 +1,7 @@
+[Unit]
+PartOf=gvm.target
+
+[Service]
+Type=forking
+ExecStart=
+ExecStart=/usr/bin/notus-scanner

diff --git a/net-analyzer/notus-scanner/files/notus-scanner.toml b/net-analyzer/notus-scanner/files/notus-scanner.toml
new file mode 100644
index 000000000000..cff33c77afc8
--- /dev/null
+++ b/net-analyzer/notus-scanner/files/notus-scanner.toml
@@ -0,0 +1,8 @@
+[notus-scanner]
+mqtt-broker-address = "localhost"
+mqtt-broker-port = "1883"
+products-directory = "/var/lib/notus/products"
+pid-file = "/run/notus-scanner/notus-scanner.pid"
+log-file = "/var/log/gvm/notus-scanner.log"
+log-level = "INFO"
+disable-hashsum-verification = false

diff --git a/net-analyzer/notus-scanner/metadata.xml b/net-analyzer/notus-scanner/metadata.xml
new file mode 100644
index 000000000000..06038ba8d06e
--- /dev/null
+++ b/net-analyzer/notus-scanner/metadata.xml
@@ -0,0 +1,19 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+	<maintainer type="person" proxied="yes">
+		<email>foti.giuseppe@gmail.com</email>
+		<name>Giuseppe Foti</name>
+	</maintainer>
+	<maintainer type="project" proxied="proxy">
+		<email>proxy-maint@gentoo.org</email>
+		<name>Proxy Maintainers</name>
+	</maintainer>
+	<longdescription lang="en">
+			This is a new scanner that scans after every regular scan, so no user interaction is necessary.
+			It offers better performance due to less system resource consumption and thus, faster scanning.
+	</longdescription>
+	<upstream>
+		<remote-id type="github">greenbone/notus-scanner</remote-id>
+	</upstream>
+</pkgmetadata>

diff --git a/net-analyzer/notus-scanner/notus-scanner-22.5.0.ebuild b/net-analyzer/notus-scanner/notus-scanner-22.5.0.ebuild
new file mode 100644
index 000000000000..3d2b52bf6bee
--- /dev/null
+++ b/net-analyzer/notus-scanner/notus-scanner-22.5.0.ebuild
@@ -0,0 +1,63 @@
+# Copyright 1999-2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+PYTHON_COMPAT=( python3_{10..11} )
+DISTUTILS_USE_PEP517=poetry
+inherit distutils-r1 systemd
+
+DESCRIPTION="Notus is a vulnerability scanner for creating results from local security checks"
+HOMEPAGE="https://github.com/greenbone/notus-scanner"
+SRC_URI="https://github.com/greenbone/notus-scanner/archive/refs/tags/v${PV}.tar.gz -> ${P}.tar.gz"
+
+SLOT="0"
+LICENSE="AGPL-3 AGPL-3+"
+KEYWORDS="~amd64 ~x86"
+RESTRICT="!test? ( test )"
+
+DEPEND="
+	acct-user/gvm
+	dev-libs/paho-mqtt-c
+	dev-python/psutil[${PYTHON_USEDEP}]
+	>=dev-python/python-gnupg-0.5.0[${PYTHON_USEDEP}]
+	<dev-python/packaging-23.2[${PYTHON_USEDEP}]
+	>=dev-python/sentry-sdk-1.22.2[${PYTHON_USEDEP}]
+	>=dev-python/rope-1.8.0[${PYTHON_USEDEP}]
+	>=dev-python/paho-mqtt-1.5.1[${PYTHON_USEDEP}]
+	<dev-python/tomli-3[${PYTHON_USEDEP}]
+"
+
+RDEPEND="
+	${DEPEND}
+	app-misc/mosquitto
+"
+
+distutils_enable_tests unittest
+
+python_compile() {
+	distutils-r1_python_compile
+}
+
+python_install() {
+	distutils-r1_python_install
+	insinto /etc/gvm
+	doins "${FILESDIR}/${PN}.toml"
+	fowners gvm:gvm "/etc/gvm/${PN}.toml"
+
+	# Set proper permissions on required files/directories
+	keepdir /var/lib/notus
+	keepdir /var/lib/notus/products
+	keepdir /var/lib/notus/advisories
+	if ! use prefix; then
+		fowners -R gvm:gvm /var/lib/notus
+	fi
+
+	newinitd "${FILESDIR}/${PN}.initd" "${PN}"
+	newconfd "${FILESDIR}/${PN}.confd" "${PN}"
+
+	systemd_dounit config/${PN}.service
+
+	systemd_install_serviced "${FILESDIR}/notus-scanner.service.conf" \
+			${PN}.service
+}

diff --git a/profiles/features/musl/package.mask b/profiles/features/musl/package.mask
index 3003915d03db..0e288e530d07 100644
--- a/profiles/features/musl/package.mask
+++ b/profiles/features/musl/package.mask
@@ -73,6 +73,7 @@ sys-apps/noexec
 # Giuseppe Foti <foti.giuseppe@gmail.com> (2023-05-19)
 # New packages that require blocked packages in the previous block.
 dev-db/pg-gvm
+net-analyzer/notus-scanner
 
 # Petr Vaněk <arkamar@atlas.cz> (2022-09-23)
 # Musl does not implement rresvport function, bugs #713810 and #713376.