[openvas-scanner] migrate from sysvinit to systemd

Tue Apr 10 00:59:15 UTC 2012

commit 40aa2ffa58732c0eaea5eacc26073d00efeba3c2
Author: Michal Ambroz <rebus at seznam.cz>
Date:   Tue Apr 10 02:58:20 2012 +0200

    migrate from sysvinit to systemd

 openvas-scanner.initd     |    6 +-
 openvas-scanner.spec      |   93 +++++++++++++++++++++++++++++++++++++++++----
 openvas-scanner.sysconfig |    6 +-
 3 files changed, 91 insertions(+), 14 deletions(-)
---

diff --git a/openvas-scanner.initd b/openvas-scanner.initd
index 950bfb9..4a529b5 100644
--- a/openvas-scanner.initd
+++ b/openvas-scanner.initd
@@ -42,9 +42,9 @@ rh_status_q() {
 start() {
 
 	# Build parameters
-	[ -n "$SCANNER_LISTEN" ] && PARAMS="$PARAMS --listen=$SCANNER_LISTEN"
-	[ -n "$SCANNER_PORT" ]    && PARAMS="$PARAMS --port=$SCANNER_PORT"
-	[ -n "$SCANNER_SRCIP" ]   && PARAMS="$PARAMS --src-ip=$SCANNER_SRCIP"
+	[ -n "$SCANNER_LISTEN" ] && PARAMS="$PARAMS $SCANNER_LISTEN"
+	[ -n "$SCANNER_PORT" ]   && PARAMS="$PARAMS $SCANNER_PORT"
+	[ -n "$SCANNER_SRCIP" ]  && PARAMS="$PARAMS $SCANNER_SRCIP"
 
 	grep -q ca_file $config >& /dev/null
 	if [ $? -ne 0 ]; then
diff --git a/openvas-scanner.spec b/openvas-scanner.spec
index 2bf848d..81406e7 100644
--- a/openvas-scanner.spec
+++ b/openvas-scanner.spec
@@ -1,18 +1,19 @@
 Name:		openvas-scanner
 Summary:	Open Vulnerability Assessment (OpenVAS) Scanner
 Version:	3.2.5
-Release:	4%{?dist}
+Release:	5%{?dist}
 URL:		http://www.openvas.org
 License:	GPLv2
 Group:		System Environment/Libraries
 
-Source0:	http://wald.intevation.org/frs/download.php/873/%{name}-%{version}.tar.gz
+Source0:	http://wald.intevation.org/frs/download.php/983/%{name}-%{version}.tar.gz
 Source1:	openvas-scanner.initd
 Source2:	openvassd.conf
 Source3:	openvas-scanner.logrotate
 Source4:	openvas-scanner.sysconfig
 Source5:	openvas-nvt-sync-cron
 Source6:	openvas-nvt-sync-cronjob
+Source7:	openvas-scanner.service
 
 #Separate nvt and gsf feeds to separate directories
 #Separation of feeds is currently not possible because nasl script_dependencies doesn't search in all include_folders
@@ -43,6 +44,7 @@ BuildRequires:	libpcap-devel
 BuildRequires:	gnutls-devel
 BuildRequires:	gpgme-devel
 BuildRequires:	pkgconfig
+BuildRequires:	systemd-units
 
 # This is introduced to accomodate difference in RHEL5/CentOS5
 %if %{defined rhel}
@@ -58,9 +60,14 @@ BuildRequires:	libuuid-devel
 BuildRequires:	libuuid-devel
 %endif
 
-Requires(post):		chkconfig
-Requires(preun):	chkconfig
-Requires(preun):	initscripts
+
+Requires(post):		systemd-units
+Requires(preun):	systemd-units
+Requires(postun):	systemd-units
+# This is actually needed for the %triggerun script but Requires(triggerun)
+# is not valid.  We can use %post because this particular %triggerun script
+# should fire just after this package is installed.
+Requires(post):		systemd-sysv
 
 #Required by the openvas-nvt-sync and greenbone-nvt-sync
 Requires:	/usr/bin/md5sum
@@ -74,6 +81,20 @@ Requires:	/usr/bin/curl
 %description
 Scanner module for the Open Vulnerability Assessment System (OpenVAS).
 
+%package sysvinit
+Summary:	SysV style init script for %{name}
+Group:		Documentation
+Requires:	%{name} = %{version}-%{release}
+Requires(post):		chkconfig
+Requires(preun):	chkconfig
+Requires(preun):	initscripts
+
+%description sysvinit
+SysV style init script for %{name}.
+It needs to be installed only if systemd is not used as the system init process.
+
+
+
 %prep
 %setup -q
 #Separation of feeds not possible because nasl script_dependencies doesn't search in all include_folders
@@ -90,12 +111,16 @@ for i in CHANGES ChangeLog; do
 	mv -f $i.utf8 $i;
 done
 
+
+
 %build
 #configure --disable-static
 export CFLAGS=-Werror=unused-but-set-variable
 %cmake -DLOCALSTATEDIR:PATH=%{_var} -DOPENVASSD_RULES:PATH=%{_sysconfdir}/openvas/openvassd.rules
 make %{?_smp_mflags}
 
+
+
 %install
 rm -rf %{buildroot}
 
@@ -130,6 +155,9 @@ mkdir -p %{buildroot}/%{_var}/cache/openvas
 # Install startup script
 install -Dp -m 755 %{SOURCE1} %{buildroot}/%{_initddir}/openvas-scanner
 
+# Install systemd
+install -Dp -m 644 %{SOURCE7} %{buildroot}/%{_unitdir}/%{name}.service
+
 # Install initial configuration
 sed -e "s:@@OPENVAS_PLUGINS@@:%{_var}/lib/openvas/plugins:g
 	s:@@OPENVAS_CACHE@@:%{_var}/cache/openvas:g
@@ -152,26 +180,63 @@ install -Dp -m 755 %{SOURCE5} %{buildroot}/%{_sbindir}/
 # Install cront jobs to periodically update plugins
 install -Dp -m 644 %{SOURCE6} %{buildroot}/%{_sysconfdir}/cron.d/openvas-sync-plugins
 
+
+
 %clean
 rm -rf %{buildroot}
 
+
+
 %post
+if [ $1 -eq 1 ] ; then
+    # Initial installation
+    /bin/systemctl daemon-reload >/dev/null 2>&1 || :
+fi
+
+%preun
+if [ $1 -eq 0 ] ; then
+    # Package removal, not upgrade
+    /bin/systemctl --no-reload disable openvas-scanner.service > /dev/null 2>&1 || :
+    /bin/systemctl stop openvas-scanner.service > /dev/null 2>&1 || :
+fi
+
+%postun
+/bin/systemctl daemon-reload >/dev/null 2>&1 || :
+if [ $1 -ge 1 ] ; then
+    # Package upgrade, not uninstall
+    /bin/systemctl try-restart openvas-scanner >/dev/null 2>&1 || :
+fi
+
+%triggerun -- openvas-scanner < 3.2.5-5
+# Save the current service runlevel info
+# User must manually run systemd-sysv-convert --apply openvas-scanner
+# to migrate them to systemd targets
+/usr/bin/systemd-sysv-convert --save openvas-scanner >/dev/null 2>&1 ||:
+
+# Run these because the SysV package being removed won't do them
+/sbin/chkconfig --del openvas-scanner >/dev/null 2>&1 || :
+/bin/systemctl try-restart openvas-scanner.service >/dev/null 2>&1 || :
+
+
+%post sysvinit
 # This adds the proper /etc/rc*.d links for the script
 if [ "$1" -eq 1 ]; then
 	/sbin/chkconfig --add openvas-scanner
 fi
 
-%preun
+%preun sysvinit
 if [ $1 = 0 ]; then
 	/sbin/service openvas-scanner stop >/dev/null 2>&1
 	/sbin/chkconfig --del openvas-scanner
 fi
 
-%postun
+%postun sysvinit
 if [ $1 -ge 1 ]; then
 	/sbin/service openvas-scanner condrestart >/dev/null 2>&1
 fi
 
+
+
 %files
 %defattr(-,root,root,-)
 %doc CHANGES ChangeLog COPYING README
@@ -191,7 +256,7 @@ fi
 %config(noreplace) %{_sysconfdir}/sysconfig/openvas-scanner
 %config(noreplace) %{_sysconfdir}/cron.d/openvas-sync-plugins
 %config(noreplace) %{_sysconfdir}/logrotate.d/openvas-scanner
-%{_initddir}/openvas-scanner
+%{_unitdir}/%{name}.service
 %{_bindir}/openvas-mkcert-client
 %{_sbindir}/openvas-adduser
 %{_sbindir}/openvas-mkcert
@@ -209,7 +274,19 @@ fi
 %{_mandir}/man8/greenbone-nvt-sync.8.*
 #attr(644,root,root) _{_libdir}/openvas/plugins/*.nes
 
+
+
+%files sysvinit
+%defattr(-,root,root,-)
+%{_initddir}/openvas-scanner
+
+
 %changelog
+* Mon Apr 10 2012 Michal Ambroz <rebus at, seznam.cz> - 3.2.5-5
+- migrate the init scripts to systemd unit
+- not containing the scripts for trigrerun as the whole suite is not functional
+  anyway because of the incompatibility of gnutls
+
 * Mon Jan 23 2012 Michal Ambroz <rebus at, seznam.cz> - 3.2.5-4
 - fixed reporting of missing key file
 
diff --git a/openvas-scanner.sysconfig b/openvas-scanner.sysconfig
index 16431d0..7260b0a 100644
--- a/openvas-scanner.sysconfig
+++ b/openvas-scanner.sysconfig
@@ -1,11 +1,11 @@
 #Listen on given address - by default scanner listens on all addresses
-#SCANNER_LISTEN=127.0.0.1
+#SCANNER_LISTEN=--listen=127.0.0.1
 
 #Listen on given port - by default 9391
-SCANNER_PORT=9391
+SCANNER_PORT=--port=9391
 
 #Send the packets with the source IP of IP1,IP2,IP3....
-#SCANNER_SRCIP=127.0.0.1,192.168.1.2
+#SCANNER_SRCIP=--src-ip=127.0.0.1,192.168.1.2
 
 # Set to yes if plugins should be automatically updated via a cron job
 auto_plugin_update=no
