Created attachment 183878 [details] vuls.diff Vuls is an agentless vulnerability scanner written in golang. It can scan localhost or remote hosts via SSH. Vuls has a Terminal-Based User Interface(TUI) to display the scan results.
Created attachment 183879 [details] UIDs.diff
Created attachment 183880 [details] GIDs.diff
Hello Alexandru, I found a couple items that need to be removed/modified. - PORTREVISION should not be set for new ports - The GH_* should come after USE_GITHUB. https://www.freebsd.org/doc/en/books/porters-handbook/porting-samplem.html#porting-samplem-order This program looks interesting! Thanks for creating the port.
Created attachment 183896 [details] Updated vuls.diff
(In reply to Richard Gallamore from comment #3) Hi Richard, Thank you for taking the time to look at this. Please find attached the updated diff. Alex.
Created attachment 183918 [details] No BUILD_DEPENDS USES= yes adds a build-time dependency on lang/go, making BUILD_DEPENDS redundant. This diff removes BUILD_DEPENDS from the Makefile.
There are many very simple patches that could easily be avoided by using a ${REINPLACE_CMD} during the post-patch target. For example, changing Sirupsen to lower case sirupsen. One command could be used to remove 15 patch files. The more complicated patch files, like security/vuls/files/patch-src_gopkg.in_cheggaaa_pb.v2_Gopkg.lock and security/vuls/files/patch-src_gopkg.in_cheggaaa_pb.v2_Gopkg.toml are fine, but if the one liners can easily fix with a sed, please do so. Everything else looks good to me, i'll start running more comprehensive tests once that is fixed.
Created attachment 184139 [details] Simplified patching
(In reply to Alexandru Ciobanu from comment #8) Thanks, this is looking great! One big item that I noticed while testing, the port is reserving a UID/GID but does not have a service script of any kind. Was this just forgotten?
Also, when running vuls, some commands give errors about a missing files. These are relate to working directory the command is running in. Should there be a patch to make the program find the default configuration? For example. running in root home directory root@103amd64-test:~ # vuls configtest ERRO[0000] Load config failedopen /root/config.toml: no such file or directory[Jul 7 00:04:54] ERROR [localhost] Error loading /root/config.toml, open /root/config.toml: no such file or directory [Jul 7 00:04:54] ERROR [localhost] If you update Vuls and get this error, there may be incompatible changes in config.toml [Jul 7 00:04:54] ERROR [localhost] Please check README: https://github.com/future-architect/vuls#configuration It should be checking /usr/local/etc/vuls/config.toml instead of current directory. root@103amd64-test:/usr/local/etc/vuls # cd /var/db/vuls/ root@103amd64-test:/var/db/vuls # vuls tui [Jul 7 00:07:17] INFO [localhost] Validating config... [Jul 7 00:07:17] ERROR [localhost] SQLite3 DB(CVE-Dictionary) is not exist: /var/db/vuls/cve.sqlite3 If setup is required for something like the cve.sqlite3 database, a pkg-message would be helpful for new users.
Created attachment 184181 [details] patches for defaults The CVE databases are provided by vuls-cve-dictionary (bug #220561). I ported vuls-cve-dictionary separately because it provides a utility/service on its own.
Both this port and vuls-cve-dictionary(bug #220561) touch /var/log/vuls. vuls stores scan logs and vuls-cve-dictionary stores service logs. I'm not sure if this is the correct approach.
(In reply to Alexandru Ciobanu from comment #12) This should be okay but the vuls-cve-dictionary will probably need to be added as a depend if this port needs it. The USERS/GROUPS is probably not needed for this port Will start test the other port.
Created attachment 184368 [details] vuls depends I added the dependency and included more configuration examples.
Created attachment 184376 [details] vuls.diff - added SUBDIR entry - USES go 1.7.1+ portlint: OK (looks fine.) testport: OK (poudriere: 10.3-RELEASE-p20, 11.0-RELEASE-p11, 11.1-RC3, amd64 and i386 tested)
Remove @dir /var/log/vuls and the do-install portion that creates this directory. go-cve-dictionary is already handling this and causes it to change to wrong perms. Other than that and some of the items mentioned in bug #220561, this looks good to me.
Created attachment 184701 [details] vuls.diff * added DB_DIR variable * updated do-build and do-install targets * removed /var/log/vuls and hard coded values portlint warnings: WARN: Makefile: possible use of absolute pathname "/var/db/vuls". Is this warning fixable? testport: OK (poudriere: 10.3-RELEASE-p20, 11.0-RELEASE-p11, amd64 and i386 tested)
I've tested the port on 11.1 too, everything builds fine. testport: OK (poudriere: 10.3-RELEASE-p20, 11.0-RELEASE-p11, 11.1-RELEASE amd64 and i386 tested)
This looks good, pending depend for commit.
Created attachment 184761 [details] Review diff Updated diff based on the review, https://reviews.freebsd.org/D11746.
Created attachment 184770 [details] Review diff List files in PLIST_FILES instead of pkg-plist
Updated review, the port requires PORTVERSION to be set. I also removed the the hardcoding that I suggested as Nikolai noted.
Thank you.
A commit references this bug: Author: ultima Date: Fri Jul 28 18:28:42 UTC 2017 New revision: 446844 URL: https://svnweb.freebsd.org/changeset/ports/446844 Log: Vuls is an agentless vulnerability scanner written in golang. It can scan localhost or remote hosts via SSH. Vuls has a Terminal-Based User Interface(TUI) to display the scan results. Vuls' features include: * scan for vulnerabilitie in Ubuntu, Debian, CentOS, Amazon Linux, RHEL, Oracle Linux, FreeBSD and Raspbian; * scan middleware that are not included in OS package management; * nondestructive testing; * email and slack notification. WWW: https://github.com/future-architect/vuls PR: 220328 Submitted by: Alexandru Ciobanu <iscandr@gmail.com> (maintainer) Reviewed by: matthew (mentor), mat Approved by: matthew (mentor) Differential Revision: https://reviews.freebsd.org/D11746 Changes: head/security/Makefile head/security/vuls/ head/security/vuls/Makefile head/security/vuls/distinfo head/security/vuls/files/ head/security/vuls/files/config.toml.sample head/security/vuls/files/patch-commands_configtest.go head/security/vuls/files/patch-commands_report.go head/security/vuls/files/patch-commands_scan.go head/security/vuls/files/patch-commands_tui.go head/security/vuls/files/patch-src_gopkg.in_cheggaaa_pb.v2_Gopkg.lock head/security/vuls/files/patch-src_gopkg.in_cheggaaa_pb.v2_Gopkg.toml head/security/vuls/pkg-descr head/security/vuls/pkg-message
Committed, thanks!