From f631e18f8bb00b28aacc5a10b204272a74831cea Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bj=C3=B6rn=20Ricks?= <bjoern.ricks@greenbone.net>
Date: Thu, 1 Jul 2021 12:26:43 +0200
Subject: [PATCH 1/4] Use better defaults for for ospd-openvas settings

* Make the service file usable for real scenarios
* Use better file names for configs
* In service file load configs from /etc/gvm
---
 config/ospd-openvas.conf    |  7 +++++++
 config/ospd-openvas.default | 25 -------------------------
 config/ospd-openvas.service | 16 +++++++---------
 config/ospd.conf            |  7 -------
 ospd_openvas/daemon.py      |  2 +-
 pyproject.toml              |  1 -
 6 files changed, 15 insertions(+), 43 deletions(-)
 create mode 100644 config/ospd-openvas.conf
 delete mode 100644 config/ospd-openvas.default
 delete mode 100644 config/ospd.conf

diff --git a/config/ospd-openvas.conf b/config/ospd-openvas.conf
new file mode 100644
index 00000000..57adfd86
--- /dev/null
+++ b/config/ospd-openvas.conf
@@ -0,0 +1,7 @@
+[OSPD - openvas]
+log_level = INFO
+socket_mode = 0o770
+unix_socket = /run/ospd/ospd-openvas.sock
+pid_file = /run/ospd/ospd-openvas.pid
+log_file = /var/log/gvm/ospd-openvas.log
+lock_file_dir = /var/lib/openvas
diff --git a/config/ospd-openvas.default b/config/ospd-openvas.default
deleted file mode 100644
index 35e7b871..00000000
--- a/config/ospd-openvas.default
+++ /dev/null
@@ -1,25 +0,0 @@
-#
-# The installation prefix to find the ospd-openvas binary.
-#
-PATH=<install-prefix>/bin:<install-prefix>/sbin:/usr/local/sbin:/usr/local/bin:/usr/bin:/bin:$PATH
-PYTHONPATH=<install-prefix>/lib/python3.5/site-packages:$PYTHONPATH
-
-#
-# The user for running the OSPD OpenVAS daemon in the ospd-openvas.service systemd file
-#
-OSPD_OPENVAS_USER="gvm"
-
-#
-# The group for running the OSPD OpenVAS daemon in the ospd-openvas.service systemd file
-#
-OSPD_OPENVAS_GROUP="gvm"
-
-#
-# The location of the OSPD OpenVAS daemon PID file
-#
-OSPD_OPENVAS_PID="<install-prefix>/var/run/ospd/ospd-openvas.pid"
-
-#
-# Additional default parameters
-#
-OSPD_OPENVAS_ARGS="--unix-socket <install-prefix>/var/run/ospd/ospd-openvas.sock --pid-file $OSPD_OPENVAS_PID --log-file <install-prefix>/var/log/gvm/ospd-openvas.log --lock-file-dir <install-prefix>/var/run"
diff --git a/config/ospd-openvas.service b/config/ospd-openvas.service
index 0f21c783..6fa57b6f 100644
--- a/config/ospd-openvas.service
+++ b/config/ospd-openvas.service
@@ -1,5 +1,5 @@
 [Unit]
-Description=OpenVAS Wrapper of the Greenbone Vulnerability Management (ospd-openvas)
+Description=OSPd Wrapper for the OpenVAS Scanner (ospd-openvas)
 Documentation=man:ospd-openvas(8) man:openvas(8)
 After=network.target networking.service redis-server@openvas.service
 Wants=redis-server@openvas.service
@@ -7,15 +7,13 @@ ConditionKernelCommandLine=!recovery
 
 [Service]
 Type=forking
-EnvironmentFile=<install-prefix>/etc/default/ospd-openvas.default
-Environment="PATH=$PATH"
-Environment="PYTHONPATH=$PYTHONPATH"
-User=$OSPD_OPENVAS_USER
-Group=$OSPD_OPENVAS_GROUP
-PIDFile=$OSPD_OPENVAS_PID
-ExecStart=<install-prefix>/bin/ospd-openvas $OSPD_OPENVAS_ARGS
+User=gvm
+Group=gvm
+RuntimeDirectory=ospd
+RuntimeDirectoryMode=2775
+PIDFile=/run/ospd/ospd-openvas.pid
+ExecStart=/usr/local/bin/ospd-openvas --config /etc/gvm/ospd-openvas.conf --log-config /etc/gvm/ospd-logging.conf
 SuccessExitStatus=SIGKILL
-# This works asynchronously, but does not take the daemon down during the reload so it's ok.
 Restart=always
 RestartSec=60
 
diff --git a/config/ospd.conf b/config/ospd.conf
deleted file mode 100644
index b58b4031..00000000
--- a/config/ospd.conf
+++ /dev/null
@@ -1,7 +0,0 @@
-[OSPD - openvas]
-log_level = INFO
-socket_mode = 0o770
-unix_socket = <install-prefix>/var/run/ospd/ospd-openvas.sock
-pid_file = <install-prefix>/var/run/ospd/ospd-openvas.pid
-log_file = <install-prefix>/var/log/gvm/ospd-openvas.log
-lock_file_dir = <install-prefix>/var/run
diff --git a/ospd_openvas/daemon.py b/ospd_openvas/daemon.py
index 2ccd0da0..3d982f86 100644
--- a/ospd_openvas/daemon.py
+++ b/ospd_openvas/daemon.py
@@ -438,7 +438,7 @@ class OSPDopenvas(OSPDaemon):
     """ Class for ospd-openvas daemon. """
 
     def __init__(
-        self, *, niceness=None, lock_file_dir='/var/run/ospd', **kwargs
+        self, *, niceness=None, lock_file_dir='/var/lib/openvas', **kwargs
     ):
         """ Initializes the ospd-openvas daemon's internal data. """
         self.main_db = MainDB()
diff --git a/pyproject.toml b/pyproject.toml
index 1ca63dce..58caed64 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -32,7 +32,6 @@ keywords = [
 packages = [
   { include = "ospd_openvas"},
   { include = "docs/ospd-openvas.8", format = "sdist"},
-  { include = "config/ospd-openvas.default", format = "sdist"},
   { include = "config/ospd-openvas.service", format = "sdist"},
   { include = "config/ospd.conf", format = "sdist"},
   { include = "tests", format = "sdist" },

From 3e5543998f88ee1a6855c5f24d79a2211adc0edd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bj=C3=B6rn=20Ricks?= <bjoern.ricks@greenbone.net>
Date: Thu, 1 Jul 2021 12:43:49 +0200
Subject: [PATCH 2/4] Update codeowners to get correct maintainers for a review

---
 .github/CODEOWNERS | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
index e2b986fd..9b4d8a73 100644
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@@ -1,2 +1,2 @@
 # default reviewers
-*                 @jjnicola @bjoernricks
+*                 @greenbone/scanner-maintainers

From aff285467a914651624700d4f959abfd2188d675 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bj=C3=B6rn=20Ricks?= <bjoern.ricks@greenbone.net>
Date: Thu, 1 Jul 2021 12:48:15 +0200
Subject: [PATCH 3/4] Adjust path to config after renaming

---
 pyproject.toml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pyproject.toml b/pyproject.toml
index 58caed64..4e4370e7 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -33,7 +33,7 @@ packages = [
   { include = "ospd_openvas"},
   { include = "docs/ospd-openvas.8", format = "sdist"},
   { include = "config/ospd-openvas.service", format = "sdist"},
-  { include = "config/ospd.conf", format = "sdist"},
+  { include = "config/ospd-openvas.conf", format = "sdist"},
   { include = "tests", format = "sdist" },
   { include = "CHANGELOG.md", format = "sdist"},
   { include = "COPYING", format = "sdist"},

From e92f4b6be30ee886f581771bbaa7cda531938693 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bj=C3=B6rn=20Ricks?= <bjoern.ricks@greenbone.net>
Date: Thu, 1 Jul 2021 12:48:40 +0200
Subject: [PATCH 4/4] Add changelog entry

---
 CHANGELOG.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index b7d3a319..b065e0aa 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -7,6 +7,8 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 ## [Unreleased]
 ### Added
 ### Changed
+- Use better defaults for for ospd-openvas settings [#454](https://github.com/greenbone/ospd-openvas/pull/454)
+
 ### Deprecated
 ### Removed
 ### Fixed