[Openvas-devel] OpenVAS NVT Feed as Tarball

Vlatko Kosturjak kost at linux.hr
Thu Oct 22 21:54:49 CEST 2009


Hello Dirk!

Thanks on looking and reviewing the script.

Dirk Jagdmann wrote:
> Hello Vlatko,
> your new script looks good, but I don't like the concatenation of multiple
> program invocations with &&, because if one of them fails, nobody knows which
> one failed. I suggest replacing something like:
> 
> mkdir -p "$NVT_DIR" \
> && wget "$OVHTTPFEED" -O $TMPNVT \
> && cd "$NVT_DIR" \
> && tar xvjf $TMPNVT \
> && rm -f $TMPVNT \
> && echo "[i] Download complete"

It's GPL. Feel free to patch it :)

> Further I don't understand why you use eval "..." when checking the md5sums of
> the tarball, with a function like errexit() you can check the chdir and md5sum
> invocation in two steps.

It's same part from the old script. There is thousands way to do it, I 
took the way from the old script...

> And as a third point, your parsing of the command line arguments to your script
> only works when a single argument is given. If I invoke something like
> "openvas-nvt-sync --check --curl" it's not going to work. What you need here is

I know. It's on purpose as every command option have sense (stand)alone. 
Because --check and --curl is invalid anyway. Keep Simple and Stupid 
design....

As the most of your comments are "about (not) likings", and not bugs, I 
won't change the script myself :) Feel free to send/submit the patch :)

Kost


More information about the Openvas-devel mailing list