[openvas-scanner] migrate from sysvinit to systemd
rebus
rebus at fedoraproject.org
Tue Apr 10 00:59:15 UTC 2012
commit 40aa2ffa58732c0eaea5eacc26073d00efeba3c2
Author: Michal Ambroz <rebus at seznam.cz>
Date: Tue Apr 10 02:58:20 2012 +0200
migrate from sysvinit to systemd
openvas-scanner.initd | 6 +-
openvas-scanner.spec | 93 +++++++++++++++++++++++++++++++++++++++++----
openvas-scanner.sysconfig | 6 +-
3 files changed, 91 insertions(+), 14 deletions(-)
---
diff --git a/openvas-scanner.initd b/openvas-scanner.initd
index 950bfb9..4a529b5 100644
--- a/openvas-scanner.initd
+++ b/openvas-scanner.initd
@@ -42,9 +42,9 @@ rh_status_q() {
start() {
# Build parameters
- [ -n "$SCANNER_LISTEN" ] && PARAMS="$PARAMS --listen=$SCANNER_LISTEN"
- [ -n "$SCANNER_PORT" ] && PARAMS="$PARAMS --port=$SCANNER_PORT"
- [ -n "$SCANNER_SRCIP" ] && PARAMS="$PARAMS --src-ip=$SCANNER_SRCIP"
+ [ -n "$SCANNER_LISTEN" ] && PARAMS="$PARAMS $SCANNER_LISTEN"
+ [ -n "$SCANNER_PORT" ] && PARAMS="$PARAMS $SCANNER_PORT"
+ [ -n "$SCANNER_SRCIP" ] && PARAMS="$PARAMS $SCANNER_SRCIP"
grep -q ca_file $config >& /dev/null
if [ $? -ne 0 ]; then
diff --git a/openvas-scanner.spec b/openvas-scanner.spec
index 2bf848d..81406e7 100644
--- a/openvas-scanner.spec
+++ b/openvas-scanner.spec
@@ -1,18 +1,19 @@
Name: openvas-scanner
Summary: Open Vulnerability Assessment (OpenVAS) Scanner
Version: 3.2.5
-Release: 4%{?dist}
+Release: 5%{?dist}
URL: http://www.openvas.org
License: GPLv2
Group: System Environment/Libraries
-Source0: http://wald.intevation.org/frs/download.php/873/%{name}-%{version}.tar.gz
+Source0: http://wald.intevation.org/frs/download.php/983/%{name}-%{version}.tar.gz
Source1: openvas-scanner.initd
Source2: openvassd.conf
Source3: openvas-scanner.logrotate
Source4: openvas-scanner.sysconfig
Source5: openvas-nvt-sync-cron
Source6: openvas-nvt-sync-cronjob
+Source7: openvas-scanner.service
#Separate nvt and gsf feeds to separate directories
#Separation of feeds is currently not possible because nasl script_dependencies doesn't search in all include_folders
@@ -43,6 +44,7 @@ BuildRequires: libpcap-devel
BuildRequires: gnutls-devel
BuildRequires: gpgme-devel
BuildRequires: pkgconfig
+BuildRequires: systemd-units
# This is introduced to accomodate difference in RHEL5/CentOS5
%if %{defined rhel}
@@ -58,9 +60,14 @@ BuildRequires: libuuid-devel
BuildRequires: libuuid-devel
%endif
-Requires(post): chkconfig
-Requires(preun): chkconfig
-Requires(preun): initscripts
+
+Requires(post): systemd-units
+Requires(preun): systemd-units
+Requires(postun): systemd-units
+# This is actually needed for the %triggerun script but Requires(triggerun)
+# is not valid. We can use %post because this particular %triggerun script
+# should fire just after this package is installed.
+Requires(post): systemd-sysv
#Required by the openvas-nvt-sync and greenbone-nvt-sync
Requires: /usr/bin/md5sum
@@ -74,6 +81,20 @@ Requires: /usr/bin/curl
%description
Scanner module for the Open Vulnerability Assessment System (OpenVAS).
+%package sysvinit
+Summary: SysV style init script for %{name}
+Group: Documentation
+Requires: %{name} = %{version}-%{release}
+Requires(post): chkconfig
+Requires(preun): chkconfig
+Requires(preun): initscripts
+
+%description sysvinit
+SysV style init script for %{name}.
+It needs to be installed only if systemd is not used as the system init process.
+
+
+
%prep
%setup -q
#Separation of feeds not possible because nasl script_dependencies doesn't search in all include_folders
@@ -90,12 +111,16 @@ for i in CHANGES ChangeLog; do
mv -f $i.utf8 $i;
done
+
+
%build
#configure --disable-static
export CFLAGS=-Werror=unused-but-set-variable
%cmake -DLOCALSTATEDIR:PATH=%{_var} -DOPENVASSD_RULES:PATH=%{_sysconfdir}/openvas/openvassd.rules
make %{?_smp_mflags}
+
+
%install
rm -rf %{buildroot}
@@ -130,6 +155,9 @@ mkdir -p %{buildroot}/%{_var}/cache/openvas
# Install startup script
install -Dp -m 755 %{SOURCE1} %{buildroot}/%{_initddir}/openvas-scanner
+# Install systemd
+install -Dp -m 644 %{SOURCE7} %{buildroot}/%{_unitdir}/%{name}.service
+
# Install initial configuration
sed -e "s:@@OPENVAS_PLUGINS@@:%{_var}/lib/openvas/plugins:g
s:@@OPENVAS_CACHE@@:%{_var}/cache/openvas:g
@@ -152,26 +180,63 @@ install -Dp -m 755 %{SOURCE5} %{buildroot}/%{_sbindir}/
# Install cront jobs to periodically update plugins
install -Dp -m 644 %{SOURCE6} %{buildroot}/%{_sysconfdir}/cron.d/openvas-sync-plugins
+
+
%clean
rm -rf %{buildroot}
+
+
%post
+if [ $1 -eq 1 ] ; then
+ # Initial installation
+ /bin/systemctl daemon-reload >/dev/null 2>&1 || :
+fi
+
+%preun
+if [ $1 -eq 0 ] ; then
+ # Package removal, not upgrade
+ /bin/systemctl --no-reload disable openvas-scanner.service > /dev/null 2>&1 || :
+ /bin/systemctl stop openvas-scanner.service > /dev/null 2>&1 || :
+fi
+
+%postun
+/bin/systemctl daemon-reload >/dev/null 2>&1 || :
+if [ $1 -ge 1 ] ; then
+ # Package upgrade, not uninstall
+ /bin/systemctl try-restart openvas-scanner >/dev/null 2>&1 || :
+fi
+
+%triggerun -- openvas-scanner < 3.2.5-5
+# Save the current service runlevel info
+# User must manually run systemd-sysv-convert --apply openvas-scanner
+# to migrate them to systemd targets
+/usr/bin/systemd-sysv-convert --save openvas-scanner >/dev/null 2>&1 ||:
+
+# Run these because the SysV package being removed won't do them
+/sbin/chkconfig --del openvas-scanner >/dev/null 2>&1 || :
+/bin/systemctl try-restart openvas-scanner.service >/dev/null 2>&1 || :
+
+
+%post sysvinit
# This adds the proper /etc/rc*.d links for the script
if [ "$1" -eq 1 ]; then
/sbin/chkconfig --add openvas-scanner
fi
-%preun
+%preun sysvinit
if [ $1 = 0 ]; then
/sbin/service openvas-scanner stop >/dev/null 2>&1
/sbin/chkconfig --del openvas-scanner
fi
-%postun
+%postun sysvinit
if [ $1 -ge 1 ]; then
/sbin/service openvas-scanner condrestart >/dev/null 2>&1
fi
+
+
%files
%defattr(-,root,root,-)
%doc CHANGES ChangeLog COPYING README
@@ -191,7 +256,7 @@ fi
%config(noreplace) %{_sysconfdir}/sysconfig/openvas-scanner
%config(noreplace) %{_sysconfdir}/cron.d/openvas-sync-plugins
%config(noreplace) %{_sysconfdir}/logrotate.d/openvas-scanner
-%{_initddir}/openvas-scanner
+%{_unitdir}/%{name}.service
%{_bindir}/openvas-mkcert-client
%{_sbindir}/openvas-adduser
%{_sbindir}/openvas-mkcert
@@ -209,7 +274,19 @@ fi
%{_mandir}/man8/greenbone-nvt-sync.8.*
#attr(644,root,root) _{_libdir}/openvas/plugins/*.nes
+
+
+%files sysvinit
+%defattr(-,root,root,-)
+%{_initddir}/openvas-scanner
+
+
%changelog
+* Mon Apr 10 2012 Michal Ambroz <rebus at, seznam.cz> - 3.2.5-5
+- migrate the init scripts to systemd unit
+- not containing the scripts for trigrerun as the whole suite is not functional
+ anyway because of the incompatibility of gnutls
+
* Mon Jan 23 2012 Michal Ambroz <rebus at, seznam.cz> - 3.2.5-4
- fixed reporting of missing key file
diff --git a/openvas-scanner.sysconfig b/openvas-scanner.sysconfig
index 16431d0..7260b0a 100644
--- a/openvas-scanner.sysconfig
+++ b/openvas-scanner.sysconfig
@@ -1,11 +1,11 @@
#Listen on given address - by default scanner listens on all addresses
-#SCANNER_LISTEN=127.0.0.1
+#SCANNER_LISTEN=--listen=127.0.0.1
#Listen on given port - by default 9391
-SCANNER_PORT=9391
+SCANNER_PORT=--port=9391
#Send the packets with the source IP of IP1,IP2,IP3....
-#SCANNER_SRCIP=127.0.0.1,192.168.1.2
+#SCANNER_SRCIP=--src-ip=127.0.0.1,192.168.1.2
# Set to yes if plugins should be automatically updated via a cron job
auto_plugin_update=no
More information about the scm-commits
mailing list