Add config files to run gsad as a unix daemon

[bjoernricks]

Add config files for systemd, start arguments and logrotate.

Replaces #760

Checklist:

• [n/a] Tests
• CHANGELOG Entry

[hsntgm]

gsad/config/gsad.logrotate.in

These are controlled globally by logrotate.conf so maybe user doesn't want to override it.

• daily
• rotate 7

copytruncate may cause lost logs, why we don't use create and kill HUP?

/var/log/gvm/gsad.log {
	sharedscripts
	missingok
        compress
        create
	notifempty
	postrotate
		/bin/kill -HUP `cat /var/run/gsad.pid 2>/dev/null` 2>/dev/null || true
	endscript
}

gsad/config/gsad.service.in

Don't we need gvmd & openvas-scanner before gsad ?
Also why we don't use ExecReload=/bin/kill -HUP $MAINPID

[Unit]
Description=Greenbone Security Assistant
After=network.target
After=openvas-scanner.service
After=gvmd.service
Wants=gvmd.service

[Service]
Type=forking
EnvironmentFile=-${DEFAULT_CONFIG_DIR}/gsad
ExecStart=${SBINDIR}/gsad --listen $GSA_ADDRESS --port $GSA_PORT
ExecReload=/bin/kill -HUP $MAINPID
KillMode=mixed
User=root
Group=root
TimeoutSec=1200

[Install]
WantedBy=multi-user.target

[bjoernricks]

daily
rotate 7

I am going to remove them.

copytruncate may cause lost logs, why we don't use create and kill HUP?

Because I didn't wanted to restart the gsad daemon and therefore not answering to requests. Currently SIGHUP is ignored https://github.com/greenbone/gsa/blob/gsa-8.0/gsad/src/gsad.c#L2489

User=root
Group=root

gsad should not run as root.

After=openvas-scanner.service
After=gvmd.service
Wants=gvmd.service

Don't we need gvmd & openvas-scanner before gsad ?

Yes but currently we don't have service files for them.

This PR is intended as a start to get some service files into the releases. I am fine with adding further PRs to improve them.

[bjoernricks]

copytruncate may cause lost logs, why we don't use create and kill HUP?

Just for curiosity how can log be lost in that case?

[hsntgm]

copytruncate
Using copytruncate with size, maxsize options is more secure.

While the truncate operation is very fast, the copy can be quite long (depending of how big is your logfile). Moreover, some log entry can be lost during the time between the copy operation and the truncate.

Also thank you for the info:

Currently SIGHUP is ignored https://github.com/greenbone/gsa/blob/gsa-8.0/gsad/src/gsad.c#L2489

gvmd and open-scanner daemon are in the same situation about SIGHUP ? Then i Hhave to fix all my service files and logrotate files.

[bjoernricks]

gvmd and open-scanner daemon are in the same situation about SIGHUP ?

At least gvmd seems to ignore it too https://github.com/greenbone/gvmd/blob/master/src/gvmd.c#L2605

[codecov]

Codecov Report

Merging #1486 into gsa-8.0 will not change coverage.
The diff coverage is n/a.

@@           Coverage Diff            @@
##           gsa-8.0    #1486   +/-   ##
========================================
  Coverage    37.43%   37.43%           
========================================
  Files          963      963           
  Lines        21812    21812           
  Branches      6068     6089   +21     
========================================
  Hits          8165     8165           
  Misses       12351    12351           
  Partials      1296     1296

Impacted Files	Coverage Δ
gsa/src/web/components/loading/loading.js	100% <0%> (ø)	⬆️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 8fde898...8c249d7. Read the comment docs.