From nobody Mon Aug 01 21:00:32 2022
X-Original-To: dev-commits-ports-main@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4LxVrd0lzcz4XwWw;
	Mon,  1 Aug 2022 21:00:33 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4LxVrd0LtFz41yg;
	Mon,  1 Aug 2022 21:00:33 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1659387633;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=hqdvFuEod6vBx7sC/Q9hOULBP/yDnxwe4Q7fJ+2s7tU=;
	b=Hbk2CQ6yLk942qPjZgoDiiuCitIvbM8f9eV4CEeOqxMYiu2Rv8cc1XIKuXKAX1CqPXkSww
	mjJtd3CqewcZ0itH5/4dsHMazDR0uHYu1klVo6aKYAO0Tuc90FD74QLtv5N542rVZV6XsI
	vtkSgnZK80+RGZf1YDvlTEnhfnccm6PAKkuT+KLbhEaa70iBEPS7zcxGlH0uLnHbVH8yI+
	4UZlFnWVK9VdVWA/vNRYt1WqTegPKGkw/pYviRQ5VaakKs8WGH4ebWtHHBQjYYbFRIqSeB
	r4t2+ZRS0KYw12nl0SmX+lZeWdj7GvM84XeisdiDPzDw0MXf+sq1jJwQPYKGOA==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4LxVrc6ZVWzn3M;
	Mon,  1 Aug 2022 21:00:32 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 271L0WFg076336;
	Mon, 1 Aug 2022 21:00:32 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 271L0W1S076335;
	Mon, 1 Aug 2022 21:00:32 GMT
	(envelope-from git)
Date: Mon, 1 Aug 2022 21:00:32 GMT
Message-Id: <202208012100.271L0W1S076335@gitrepo.freebsd.org>
To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org,
        dev-commits-ports-main@FreeBSD.org
From: Jose Alonso Cardenas Marquez <acm@FreeBSD.org>
Subject: git: df8e0691ea05 - main - security/gvm: update to 22.4.0
List-Id: Commits to the main branch of the FreeBSD ports repository <dev-commits-ports-main.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-main
List-Help: <mailto:dev-commits-ports-main+help@freebsd.org>
List-Post: <mailto:dev-commits-ports-main@freebsd.org>
List-Subscribe: <mailto:dev-commits-ports-main+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-ports-main+unsubscribe@freebsd.org>
Sender: owner-dev-commits-ports-main@freebsd.org
X-BeenThere: dev-commits-ports-main@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: acm
X-Git-Repository: ports
X-Git-Refname: refs/heads/main
X-Git-Reftype: branch
X-Git-Commit: df8e0691ea05e1297d35ff1ba2677b6115237fe0
Auto-Submitted: auto-generated
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1659387633;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=hqdvFuEod6vBx7sC/Q9hOULBP/yDnxwe4Q7fJ+2s7tU=;
	b=KFBCNIhLuqh/mDgf7k7x/4pHPat+CtN28nxU55I5FF7pMC5/KVowCmX/PKZe3JdobSH1Ol
	tKL+kkGdxPF5gwT8XH027EHAXnQ7bS11QGgeux6maD2xKYuphhoSLXsg8HAxb2bev+elOK
	cnHMxGx/yMTGA8I+/HkyrSEcmQPKJDku7n3A6v18yqpWYi/NtYqk95xxMUgOX3ywLRfQE9
	OCv0dS7CAC/5GRW/JuP0KV0/PQIClQkcBbw5js4/4w9KAV0Jrd4QK+h/dKo6gwcUgJXQbO
	B160Jd7mDytvJkdqV2tat+YcoVCC2gPLlxKPXbUmgE3Mdxlhp+jyClqaoudoGA==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1659387633; a=rsa-sha256; cv=none;
	b=QDHIpVXCwPDZmOOIKbWIQyvGeiH4oWVxZR4uDFB6JuksNCBUu3NFqyLXu6WouQWZDitSqR
	5P7zkCy45Q+QhWAvgXyefwxOG3aqGlkjEGPXoKuNrDahgJYG4JJjb7vRQahYQZtn4Pxans
	vlYUc5ieL4P4eseU3JTcZxfDXZHhaWZLsNIeDXm/w41HvrIU67loqWtH0Mbf6vpgd/+xTi
	wbEZFVmpMJh5wc/c2qlqe07aRdXCaRi1DEP7VC6jdsrMog9JY4VjyG5nimJvmtwJBZbejr
	jevxXVfbZiV0pu8mx7+C0LSO/CjXwlpqiMBzXw9gXZcTcD9vKuz6rxySaFuX5g==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
X-ThisMailContainsUnwantedMimeParts: N

The branch main has been updated by acm:

URL: https://cgit.FreeBSD.org/ports/commit/?id=df8e0691ea05e1297d35ff1ba2677b6115237fe0

commit df8e0691ea05e1297d35ff1ba2677b6115237fe0
Author:     Jose Alonso Cardenas Marquez <acm@FreeBSD.org>
AuthorDate: 2022-08-01 20:58:04 +0000
Commit:     Jose Alonso Cardenas Marquez <acm@FreeBSD.org>
CommitDate: 2022-08-01 20:58:04 +0000

    security/gvm: update to 22.4.0
    
    - Add security/py-notus-scanner like a dependency
    - Modify pkg-message to newest way to config gvm suite
---
 security/gvm/Makefile             |  7 +++--
 security/gvm/files/pkg-message.in | 58 ++++++++++++++++++++++++++++-----------
 2 files changed, 47 insertions(+), 18 deletions(-)

diff --git a/security/gvm/Makefile b/security/gvm/Makefile
index 3a78a7032912..08dd06cf1d99 100644
--- a/security/gvm/Makefile
+++ b/security/gvm/Makefile
@@ -1,11 +1,11 @@
 PORTNAME=	gvm
-PORTVERSION=	21.4.4
+PORTVERSION=	22.4.0
 CATEGORIES=	security
 
 MAINTAINER=	acm@FreeBSD.org
 COMMENT=	Greenbone vulnerability management (metaport)
 
-USES=		metaport python:3.6+
+USES=		metaport python:3.7+
 
 # Install GVM libraries
 RUN_DEPENDS+=	${LOCALBASE}/lib/libgvm_base.so:security/gvm-libs
@@ -19,6 +19,9 @@ RUN_DEPENDS+=	${LOCALBASE}/bin/ospd-openvas:security/py-ospd-openvas@${PY_FLAVOR
 # Install OpenVAS Scanner
 RUN_DEPENDS+=   ${LOCALBASE}/sbin/openvas:security/openvas
 
+# Install Notus Scanner
+RUN_DEPENDS+=	${LOCALBASE}/bin/notus-scanner:security/py-notus-scanner
+
 # Install GVM Web Interface
 RUN_DEPENDS+=	${LOCALBASE}/sbin/gsad:security/gsad
 RUN_DEPENDS+=	${LOCALBASE}/share/gvm/gsad/web/index.html:security/gsa
diff --git a/security/gvm/files/pkg-message.in b/security/gvm/files/pkg-message.in
index fb6fed9cc012..45d9eea2d5e5 100644
--- a/security/gvm/files/pkg-message.in
+++ b/security/gvm/files/pkg-message.in
@@ -15,11 +15,29 @@ Basic instructions for configure your gvm infraestruture are following:
 
   # echo "db_address = /var/run/redis/redis.sock" > /usr/local/etc/openvas/openvas.conf
 
-2) Add user gvm to redis group
+2) Mosquitto broker is a new dependency of GVM. Please configure net/mosquitto
+   service and add the following line to openvas configuration file
+
+  # echo "mqtt_server_uri = localhost:1883" >> /usr/local/etc/openvas/openvas.conf
+
+3) security/py-notus-scanner is a new tool used by GVM. You must create a
+   notus-scanner.toml configuration file at usr/local/etc/gvm/ directory
+
+   # echo "[notus-scanner]" > /usr/local/etc/gvm/notus-scanner.toml
+   # echo 'mqtt-broker-address = "localhost"' >> /usr/local/etc/gvm/notus-scanner.toml
+   # echo 'mqtt-broker-port = "1883"' >> /usr/local/etc/gvm/notus-scanner.toml
+   # echo 'products-directory = "/var/lib/openvas/plugins/notus/products"' >> /usr/local/etc/gvm/notus-scanner.toml
+   # echo 'log-level = "INFO"' >> /usr/local/etc/gvm/notus-scanner.toml
+   # echo "disable-hashsum-verification = false" >> /usr/local/etc/gvm/notus-scanner.toml
+
+   Otherwise it can be defined into notus-scanner startup script. Take a look at 
+   /usr/local/etc/rc.d/notus-scanner file
+
+4) Add user gvm to redis group
 
   # pw groupmod redis -M gvm
 
-3) security/gvmd uses PostgreSQL database. Generally, PostgreSQL must be 
+5) security/gvmd uses PostgreSQL database. Generally, PostgreSQL must be 
    installed in the same server where security/gvmd is running: 
 
   # su postgres
@@ -30,19 +48,21 @@ Basic instructions for configure your gvm infraestruture are following:
   # grant dba to gvm;
   # create extension "uuid-ossp";
   # create extension "pgcrypto";
+  # create extension "pg-gvm";
 
-4) Add the following lines to /etc/rc.conf
+6) Add the following lines to /etc/rc.conf
 
   # sysrc redis_enable="YES"
   # sysrc gvmd_enable="YES"
   # sysrc ospd_openvas_enable="YES"
+  # sysrc notus_scanner_enable="YES"
   # sysrc gsad_enable="YES"
 
-5) Start redis service
+7) Start redis service
 
   # service redis start
 
-6) Currently, ospd_openvas should run as a user without elevated privileges 
+8) Currently, ospd_openvas should run as a user without elevated privileges 
    (gvm) and use sudo for run openvas scanner but it does not work properly. 
    Like a workaround you must run redis as root and the same with ospd_openvas.
 
@@ -58,13 +78,9 @@ Basic instructions for configure your gvm infraestruture are following:
 
    # echo "test_alive_hosts_only = no" >> /usr/local/etc/openvas/openvas.conf
 
-7) The following steps are neccessary before of you can access to GVM web 
+9) The following steps are neccessary before of you can access to GVM web 
    interface (gsad):
 
-  Start gvmd service. It will listen on /var/run/gvmd/gvmd.sock by default
-
-  # service gvmd start
-
   Create certificates
 
   # su -m gvm -c "gvm-manage-certs -a"
@@ -76,6 +92,10 @@ Basic instructions for configure your gvm infraestruture are following:
   # su -m gvm -c "greenbone-feed-sync --type SCAP"
   # su -m gvm -c "greenbone-feed-sync --type CERT"
 
+  Start gvmd service. It will listen on /var/run/gvmd/gvmd.sock by default
+
+  # service gvmd start
+
   Create an admin user and set the Feed Import Owner
 
   # su -m gvm -c "gvmd --create-user=myuser"
@@ -88,7 +108,7 @@ Basic instructions for configure your gvm infraestruture are following:
    
   # su -m gvm -c "gvmd --modify-setting 78eceaec-3385-11ea-b237-28d24461215b --value <uuid_of_user>
 
-8) Start OSPD-OpenVAS Wrapper service. It will listen on /var/run/ospd/ospd.sock by default
+10) Start OSPD-OpenVAS Wrapper service. It will listen on /var/run/ospd/ospd.sock by default
 
   # service ospd_openvas start
 
@@ -101,11 +121,15 @@ Basic instructions for configure your gvm infraestruture are following:
   # su -m gvm -c "gvmd --verify-scanner=08b69003-5fc2-4037-a479-93b440211c73"
   Scanner version: OpenVAS x.x.x
 
-9) Start GVM web interface. It will listen on http://127.0.0.1 by default
+11) Start Notus Scanner service
+
+  # service notus_scanner start
+
+12) Start GVM web interface. It will listen on http://127.0.0.1 by default
 
   # service gsad start
 
-10) Some openvas scanner tasks  need access to /dev/bpf device. Add the 
+13) Some openvas scanner tasks  need access to /dev/bpf device. Add the 
    following lines to /etc/devfs.conf
 
    own     bpf     root:gvm
@@ -115,26 +139,28 @@ Basic instructions for configure your gvm infraestruture are following:
 
    # service devfs restart
 
-11) gvm log files are stores to /var/log/gvm directory
+14) gvm log files are stores to /var/log/gvm directory
 
-12) gsad can export results to PDF. It needs print/texlive-texmf port
+15) gsad can export results to PDF. It needs print/texlive-texmf port
   
   # pkg install texlive-texmf
 
   It will install 1G of data
 
-13) If you need more configure information you can look at the following links:
+16) If you need more configure information you can look at the following links:
 
    https://github.com/greenbone/gvmd/blob/master/INSTALL.md
    https://github.com/greenbone/openvas/blob/master/INSTALL.md
    https://github.com/greenbone/ospd/blob/master/doc/INSTALL-ospd-scanner.md
    https://github.com/greenbone/gsa/blob/master/INSTALL.md
+   https://greenbone.github.io/docs/latest/index.html
 
    and
 
    # gvmd -h
    # openvas -h
    # ospd-openvas -h
+   # notus-scanner -h
    # gsad -h
 
 14) Enjoy it