diff -Nru ospd-openvas-1.0.1/debian/changelog ospd-openvas-1.0.1/debian/changelog --- ospd-openvas-1.0.1/debian/changelog 2020-07-31 14:11:01.000000000 +0000 +++ ospd-openvas-1.0.1/debian/changelog 2020-08-06 13:19:13.000000000 +0000 @@ -1,3 +1,13 @@ +ospd-openvas (1.0.1-2) unstable; urgency=medium + + * Team upload + + [ Sophie Brun ] + * Change the adapt-ospd-openvas.service.patch (Closes: #966715) + * Add /etc/sudoers.d/ospd-openvas (Closes: #967046) + + -- Raphaƫl Hertzog Thu, 06 Aug 2020 15:19:13 +0200 + ospd-openvas (1.0.1-1) unstable; urgency=medium * Team upload diff -Nru ospd-openvas-1.0.1/debian/control ospd-openvas-1.0.1/debian/control --- ospd-openvas-1.0.1/debian/control 2020-07-31 14:11:01.000000000 +0000 +++ ospd-openvas-1.0.1/debian/control 2020-08-06 13:19:13.000000000 +0000 @@ -21,7 +21,7 @@ Package: ospd-openvas Architecture: all -Depends: openvas-scanner (>= 7.0.0), ${misc:Depends}, ${python3:Depends} +Depends: openvas-scanner (>= 7.0.0), ${misc:Depends}, ${python3:Depends}, sudo Description: OSP server implementation to allow GVM to remotely control an OpenVAS Scanner This package contains an OSP server implementation to allow GVM to remotely control OpenVAS. diff -Nru ospd-openvas-1.0.1/debian/ospd-openvas.install ospd-openvas-1.0.1/debian/ospd-openvas.install --- ospd-openvas-1.0.1/debian/ospd-openvas.install 2020-07-31 14:11:01.000000000 +0000 +++ ospd-openvas-1.0.1/debian/ospd-openvas.install 2020-08-06 13:19:13.000000000 +0000 @@ -1 +1,2 @@ config/ospd-openvas.service lib/systemd/system/ +debian/sudoers.d/* etc/sudoers.d diff -Nru ospd-openvas-1.0.1/debian/patches/adapt-ospd-openvas.service.patch ospd-openvas-1.0.1/debian/patches/adapt-ospd-openvas.service.patch --- ospd-openvas-1.0.1/debian/patches/adapt-ospd-openvas.service.patch 2020-07-31 14:11:01.000000000 +0000 +++ ospd-openvas-1.0.1/debian/patches/adapt-ospd-openvas.service.patch 2020-08-06 13:19:13.000000000 +0000 @@ -1,27 +1,29 @@ From: Sophie Brun -Date: Thu, 13 Feb 2020 14:48:09 +0100 +Date: Mon, 3 Aug 2020 16:11:54 +0200 Subject: Adapt ospd-openvas.service -The Debian gvmd.service creates directories that we use (/run/ospd) so -this service should run afterwards. Also ensures that redis is running. +Add the RuntimeDirectory ospd to create the dir /var/un/ospd for the +socket and pid +User and group are specific to Debian: _gvm +Add PIDFIle and unix-socket to the command line to use the path specific +to Debian +Ensures that redis is running. -Also use the Debian path for the sockets. Forwarded: not-needed --- - config/ospd-openvas.service | 13 ++++++------- - 1 file changed, 6 insertions(+), 7 deletions(-) + config/ospd-openvas.service | 13 +++++++------ + 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/config/ospd-openvas.service b/config/ospd-openvas.service -index 36d02ad..e774a74 100644 +index 36d02ad..6cc0fe3 100644 --- a/config/ospd-openvas.service +++ b/config/ospd-openvas.service -@@ -1,16 +1,15 @@ +@@ -1,16 +1,17 @@ [Unit] Description=OSPD OpenVAS --After=network.target networking.service dnsmasq.service redis-server@openvas.service systemd-tmpfiles.service -+After=network.target networking.service dnsmasq.service redis-server@openvas.service systemd-tmpfiles.service gvmd.service -+Wants=redis-server@openvas.service gvmd.service + After=network.target networking.service dnsmasq.service redis-server@openvas.service systemd-tmpfiles.service ++Wants=redis-server@openvas.service ConditionKernelCommandLine=!recovery [Service] @@ -34,6 +36,8 @@ -ExecStart=/bin/ospd-openvas +User=_gvm +Group=_gvm ++RuntimeDirectory=ospd ++RuntimeDirectoryMode=2775 +PIDFile=/run/ospd/ospd-openvas.pid +ExecStart=/usr/bin/ospd-openvas --unix-socket=/run/ospd/ospd.sock --pid-file=/run/ospd/ospd-openvas.pid SuccessExitStatus=SIGKILL diff -Nru ospd-openvas-1.0.1/debian/sudoers.d/ospd-openvas ospd-openvas-1.0.1/debian/sudoers.d/ospd-openvas --- ospd-openvas-1.0.1/debian/sudoers.d/ospd-openvas 1970-01-01 00:00:00.000000000 +0000 +++ ospd-openvas-1.0.1/debian/sudoers.d/ospd-openvas 2020-08-06 13:19:13.000000000 +0000 @@ -0,0 +1 @@ +_gvm ALL = NOPASSWD: /usr/sbin/openvas