From b36dc4b220ed5d4bce8a2c688ffebde0436d08c7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bj=C3=B6rn=20Ricks?= Date: Wed, 30 Jun 2021 16:02:56 +0200 Subject: [PATCH 1/6] Use better defaults for installation locations These defaults assume the installation will be system wide either on /usr or /usr/local prefix. If the user wants to separate the installation completely from their system SYSCONFDIR, LOCALSTATEDIR, GSAD_PID_DIR, GVM_RUN_DIR and SYSTEMD_SERVICE_DIR need to be adjusted. --- gsad/CMakeLists.txt | 13 +++++++------ gsad/config/CMakeLists.txt | 6 +++--- 2 files changed, 10 insertions(+), 9 deletions(-) diff --git a/gsad/CMakeLists.txt b/gsad/CMakeLists.txt index 21ec82e7ce..722c13143f 100644 --- a/gsad/CMakeLists.txt +++ b/gsad/CMakeLists.txt @@ -61,7 +61,7 @@ else (CLANG_FORMAT) endif (CLANG_FORMAT) if (NOT SYSCONFDIR) - set (SYSCONFDIR "${CMAKE_INSTALL_PREFIX}/etc") + set (SYSCONFDIR "/etc") endif (NOT SYSCONFDIR) if (NOT EXEC_PREFIX) @@ -81,7 +81,7 @@ if (NOT LIBDIR) endif (NOT LIBDIR) if (NOT LOCALSTATEDIR) - set (LOCALSTATEDIR "${CMAKE_INSTALL_PREFIX}/var") + set (LOCALSTATEDIR "/var") endif (NOT LOCALSTATEDIR) if (NOT INCLUDEDIR) @@ -95,13 +95,14 @@ endif (NOT DATADIR) set (GSAD_DATA_DIR "${DATADIR}/gvm/gsad") set (GSAD_CONFIG_DIR "${SYSCONFDIR}/gvm/") +if (NOT GVM_RUN_DIR) + set (GVM_RUN_DIR "/run/gvm") +endif (NOT GVM_RUN_DIR) + if (NOT GSAD_PID_DIR) - set (GSAD_PID_DIR "${LOCALSTATEDIR}/run") + set (GSAD_PID_DIR "${GVM_RUN_DIR}") endif (NOT GSAD_PID_DIR) -if (NOT GVM_RUN_DIR) - set (GVM_RUN_DIR "${LOCALSTATEDIR}/run") -endif (NOT GVM_RUN_DIR) if (NOT GVM_STATE_DIR) set (GVM_STATE_DIR "${LOCALSTATEDIR}/lib/gvm") diff --git a/gsad/config/CMakeLists.txt b/gsad/config/CMakeLists.txt index 54f22bdbfc..62fb2c9f26 100644 --- a/gsad/config/CMakeLists.txt +++ b/gsad/config/CMakeLists.txt @@ -17,15 +17,15 @@ if (NOT SYSTEMD_SERVICE_DIR) - set (SYSTEMD_SERVICE_DIR "${CMAKE_INSTALL_PREFIX}/lib/systemd/system") + set (SYSTEMD_SERVICE_DIR "/lib/systemd/system") endif (NOT SYSTEMD_SERVICE_DIR) if (NOT DEFAULT_CONFIG_DIR) - set (DEFAULT_CONFIG_DIR "${CMAKE_INSTALL_PREFIX}/etc/default") + set (DEFAULT_CONFIG_DIR "${SYSCONFDIR}/default") endif (NOT DEFAULT_CONFIG_DIR) if (NOT LOGROTATE_DIR) - set (LOGROTATE_DIR "${CMAKE_INSTALL_PREFIX}/etc/logrotate.d") + set (LOGROTATE_DIR "${SYSCONFDIR}/logrotate.d") endif (NOT LOGROTATE_DIR) configure_file (gsad.service.in gsad.service) From d0f5506e4fef41448879e2489ed9839cb508dbdf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bj=C3=B6rn=20Ricks?= Date: Wed, 30 Jun 2021 16:23:49 +0200 Subject: [PATCH 2/6] Use better defaults for service file We just give an example on how to run gsad. Distributions should patch the file accordingly. --- gsad/config/gsad.service.in | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/gsad/config/gsad.service.in b/gsad/config/gsad.service.in index 3809cbf091..61e396da05 100644 --- a/gsad/config/gsad.service.in +++ b/gsad/config/gsad.service.in @@ -6,11 +6,10 @@ ConditionKernelCommandLine=!recovery [Service] Type=forking -User=$GSAD_USER -Group=$GSAD_GROUP -PIDFile=${GVM_RUN_DIR}/gsad.pid -EnvironmentFile=${DEFAULT_CONFIG_DIR}/gsad -ExecStart=${SBINDIR}/gsad --listen $GSAD_ADDRESS --port $GSAD_PORT $GSAD_OPTIONS +User=gvm +Group=gvm +PIDFile=${GVM_PID_DIR}/gsad.pid +ExecStart=${SBINDIR}/gsad --listen 127.0.0.1 --port 9392 --http-only Restart=always TimeoutStopSec=10 From 2b267848166fd7ff7f5ee634f3140b80cba7fc38 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bj=C3=B6rn=20Ricks?= Date: Wed, 30 Jun 2021 16:26:09 +0200 Subject: [PATCH 3/6] Add additional service file settings from debian --- gsad/config/gsad.service.in | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/gsad/config/gsad.service.in b/gsad/config/gsad.service.in index 61e396da05..972af807a7 100644 --- a/gsad/config/gsad.service.in +++ b/gsad/config/gsad.service.in @@ -1,8 +1,9 @@ [Unit] Description=Greenbone Security Assistant daemon (gsad) After=network.target networking.service gvmd.service -Documentation=man:gsad(8) -ConditionKernelCommandLine=!recovery +Documentation=man:gsad(8) https://www.greenbone.net +After=network.target gvmd.service +Wants=gvmd.service [Service] Type=forking @@ -15,3 +16,4 @@ TimeoutStopSec=10 [Install] WantedBy=multi-user.target +Alias=gsad.service From c5c3befb1706a8c71eda536885a27c242708c8e1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bj=C3=B6rn=20Ricks?= Date: Wed, 30 Jun 2021 16:29:06 +0200 Subject: [PATCH 4/6] Change alias for systemd service file We install the file as gsad. Debian packagers are using greenbone-security-assistant.service. --- gsad/config/gsad.service.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gsad/config/gsad.service.in b/gsad/config/gsad.service.in index 972af807a7..d8296caeec 100644 --- a/gsad/config/gsad.service.in +++ b/gsad/config/gsad.service.in @@ -16,4 +16,4 @@ TimeoutStopSec=10 [Install] WantedBy=multi-user.target -Alias=gsad.service +Alias=greenbone-security-assistant.service From 19e71e174f2b07a8abe69ae4b675f689a417a15c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bj=C3=B6rn=20Ricks?= Date: Wed, 30 Jun 2021 16:32:44 +0200 Subject: [PATCH 5/6] Drop the default file The file is not used by Debian therefore we shouldn't use it too. --- gsad/config/CMakeLists.txt | 7 ------- gsad/config/gsad.default | 24 ------------------------ 2 files changed, 31 deletions(-) delete mode 100644 gsad/config/gsad.default diff --git a/gsad/config/CMakeLists.txt b/gsad/config/CMakeLists.txt index 62fb2c9f26..2e8b4cb250 100644 --- a/gsad/config/CMakeLists.txt +++ b/gsad/config/CMakeLists.txt @@ -20,10 +20,6 @@ if (NOT SYSTEMD_SERVICE_DIR) set (SYSTEMD_SERVICE_DIR "/lib/systemd/system") endif (NOT SYSTEMD_SERVICE_DIR) -if (NOT DEFAULT_CONFIG_DIR) - set (DEFAULT_CONFIG_DIR "${SYSCONFDIR}/default") -endif (NOT DEFAULT_CONFIG_DIR) - if (NOT LOGROTATE_DIR) set (LOGROTATE_DIR "${SYSCONFDIR}/logrotate.d") endif (NOT LOGROTATE_DIR) @@ -34,8 +30,5 @@ configure_file (gsad.logrotate.in gsad.logrotate) install (FILES ${CMAKE_CURRENT_BINARY_DIR}/gsad.service DESTINATION ${SYSTEMD_SERVICE_DIR}/) -install (FILES ${CMAKE_CURRENT_SOURCE_DIR}/gsad.default - DESTINATION ${DEFAULT_CONFIG_DIR}/ RENAME gsad) - install (FILES ${CMAKE_CURRENT_BINARY_DIR}/gsad.logrotate DESTINATION ${LOGROTATE_DIR}/ RENAME gsad) diff --git a/gsad/config/gsad.default b/gsad/config/gsad.default deleted file mode 100644 index 529b2d0db6..0000000000 --- a/gsad/config/gsad.default +++ /dev/null @@ -1,24 +0,0 @@ -# -# The address the Greenbone Security Assistant daemon will listen on. -# -GSAD_ADDRESS=127.0.0.1 - -# -# The port the Greenbone Security Assistant daemon will listen on. -# -GSAD_PORT=9392 - -# -# The user for running the Greenbone Security Assistant daemon in the gsad.service systemd file -# -GSAD_USER="gvm" - -# -# The group for running the Greenbone Security Assistant daemon in the gsad.service systemd file -# -GSAD_GROUP="gvm" - -# -# Additional options -# -GSAD_OPTIONS="" From 217b1edbc4a40a03ab0502f7e9d000ddb264de61 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bj=C3=B6rn=20Ricks?= Date: Wed, 30 Jun 2021 16:38:58 +0200 Subject: [PATCH 6/6] Add changelog entries --- CHANGELOG.md | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index f0dee33ac4..1a05c6840a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,8 +7,18 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). ## [21.4.2] (unreleased) ### Added ### Changed +- Changed defaults for installation locations [#3045](https://github.com/greenbone/gsa/pull/3045) + - LOCALSTATEDIR is /var by default now + - SYSCONFDIR is /etc by default now + - GVM_RUN_DIR and GSAD_PID_DIR are /run/gvm by default now + - SYSTEMD_SERVICE_DIR is /lib/systemd/system by default now + ### Deprecated ### Removed +- Removed gsad.default file and adjusted gsad.service file accordingly. + Packagers should patch gsad.service file to adjust it on their requirements or + just ship their own [#3045](https://github.com/greenbone/gsa/pull/3045) + ### Fixed - Initialize severity value with 0 in powerfilter SeverityValuesGroup [#3031](https://github.com/greenbone/gsa/pull/3031)