Index: head/GIDs =================================================================== --- head/GIDs +++ head/GIDs @@ -829,7 +829,7 @@ # free: 885 # free: 886 # free: 887 -# free: 888 +vuls:*:888: # free: 889 # free: 890 # free: 891 Index: head/UIDs =================================================================== --- head/UIDs +++ head/UIDs @@ -834,7 +834,7 @@ # free: 885 # free: 886 # free: 887 -# free: 888 +vuls:*:888:888::0:0:VULnerability Scanner:/var/db/vuls:/usr/sbin/nologin # free: 889 # free: 890 # free: 891 Index: head/security/Makefile =================================================================== --- head/security/Makefile +++ head/security/Makefile @@ -181,6 +181,7 @@ SUBDIR += gnupg20 SUBDIR += gnutls SUBDIR += go.crypto + SUBDIR += go-cve-dictionary SUBDIR += goptlib SUBDIR += gorilla SUBDIR += govpn Index: head/security/go-cve-dictionary/Makefile =================================================================== --- head/security/go-cve-dictionary/Makefile +++ head/security/go-cve-dictionary/Makefile @@ -0,0 +1,87 @@ +# $FreeBSD$ + +PORTNAME= go-cve-dictionary +DISTVERSIONPREFIX= v +DISTVERSION= 0.1.0-76 +DISTVERSIONSUFFIX= -g0724974 +CATEGORIES= security + +MAINTAINER= iscandr@gmail.com +COMMENT= Build local copies of vulnerabilities from NVD and JVN + +LICENSE= APACHE20 + +RUN_DEPENDS= ca_root_nss>=0:security/ca_root_nss + +USES= go:1.7.1+ + +USE_RC_SUBR= ${PORTNAME} + +USE_GITHUB= yes +GH_ACCOUNT= kotakanbe +GH_SUBDIR= src/github.com/${GH_ACCOUNT_DEFAULT}/${PORTNAME} + +GH_TUPLE+= sirupsen:logrus:v1.0.0:logrus/src/github.com/sirupsen/logrus +GH_TUPLE+= asaskevich:govalidator:v6:govalidator/src/github.com/asaskevich/govalidator +GH_TUPLE+= cheggaaa:pb:v2.0.4:pb/src/gopkg.in/cheggaaa/pb.v2 +GH_TUPLE+= go-redis:redis:v6.5.0:redis/src/github.com/go-redis/redis +GH_TUPLE+= google:subcommands:ce3d4cf:subcommands/src/github.com/google/subcommands +GH_TUPLE+= jinzhu:gorm:eae7f6b:gorm/src/github.com/jinzhu/gorm +GH_TUPLE+= kotakanbe:logrus-prefixed-formatter:e7519b8:logrusprefixedformatter/src/github.com/kotakanbe/logrus-prefixed-formatter +GH_TUPLE+= labstack:echo:bc173df:echo/src/github.com/labstack/echo +GH_TUPLE+= labstack:gommon:1121fd3:gommon/src/github.com/labstack/gommon +GH_TUPLE+= parnurzeal:gorequest:v0.2.15:gorequest/src/github.com/parnurzeal/gorequest +GH_TUPLE+= rifflock:lfshook:1.6:lfshook/src/github.com/rifflock/lfshook +GH_TUPLE+= dgrijalva:jwt-go:v3.0.0:jwtgo/src/github.com/dgrijalva/jwt-go +GH_TUPLE+= go-sql-driver:mysql:v1.3:mysql/src/github.com/go-sql-driver/mysql +GH_TUPLE+= jinzhu:inflection:1c35d90:inflection/src/github.com/jinzhu/inflection +GH_TUPLE+= k0kubun:pp:v2.3.0:pp/src/github.com/k0kubun/pp +GH_TUPLE+= lib:pq:8837942:pq/src/github.com/lib/pq +GH_TUPLE+= mgutz:ansi:9520e82:ansi/src/github.com/mgutz/ansi +GH_TUPLE+= pkg:errors:c605e28:pkgerrors/src/github.com/pkg/errors +GH_TUPLE+= moul:http2curl:4e24498:http2curl/src/github.com/moul/http2curl +GH_TUPLE+= golang:net:5f8847a:golangnet/src/golang.org/x/net +GH_TUPLE+= mattn:go-colorable:v0.0.8:gocolorable/src/github.com/mattn/go-colorable +GH_TUPLE+= mattn:go-runewidth:97311d9:gorunewidth/src/github.com/mattn/go-runewidth +GH_TUPLE+= mattn:go-isatty:v0.0.2:goisatty/src/github.com/mattn/go-isatty +GH_TUPLE+= mattn:go-sqlite3:v1.2.0:gosqlite3/src/github.com/mattn/go-sqlite3 +GH_TUPLE+= valyala:fasttemplate:dcecefd:fasttemplate/src/github.com/valyala/fasttemplate +GH_TUPLE+= camlistore:go4:034d17a:go4syncutil/src/go4.org +GH_TUPLE+= VividCortex:ewma:v1.0:ewma/src/gopkg.in/VividCortex/ewma.v1 +GH_TUPLE+= fatih:color:v1.5.0:colorv1/src/gopkg.in/fatih/color.v1 + +USERS= vuls +GROUPS= vuls + +SUB_FILES= pkg-message +SUB_LIST= PORTNAME=${PORTNAME} USERS=${USERS} GROUPS=${GROUPS} + +post-patch: + @${REINPLACE_CMD} -e 's|Sirupsen|sirupsen|' \ + ${WRKSRC}/log/log.go \ + ${WRKSRC}/src/github.com/kotakanbe/logrus-prefixed-formatter/formatter.go \ + ${WRKSRC}/src/github.com/rifflock/lfshook/lfshook.go + @${REINPLACE_CMD} -e 's|github.com/cheggaaa/pb|gopkg.in/cheggaaa/pb.v2|' \ + ${WRKSRC}/db/rdb.go \ + ${WRKSRC}/db/redis.go \ + ${WRKSRC}/jvn/jvn.go \ + ${WRKSRC}/nvd/nvd.go + @${REINPLACE_CMD} -e 's|gopkg.in/mattn/go-runewidth.v0|github.com/mattn/go-runewidth|' \ + ${WRKSRC}/src/gopkg.in/cheggaaa/pb.v2/util.go + @${REINPLACE_CMD} -e 's|gopkg.in/mattn/go-colorable.v0|github.com/mattn/go-colorable|' \ + ${WRKSRC}/src/gopkg.in/cheggaaa/pb.v2/pb.go + @${REINPLACE_CMD} -e 's|gopkg.in/mattn/go-isatty.v0|github.com/mattn/go-isatty|' \ + ${WRKSRC}/src/gopkg.in/cheggaaa/pb.v2/pb.go + +do-build: + @cd ${GO_WRKSRC} && \ + ${SETENV} ${MAKE_ENV} ${GO_ENV} GOPATH=${WRKSRC} \ + ${GO_CMD} build -v -x -ldflags "-X main.version=${PORTVERSION}" \ + -o ${WRKSRC}/${PORTNAME} + +do-install: + ${INSTALL_PROGRAM} ${WRKSRC}/${PORTNAME} ${STAGEDIR}${PREFIX}/bin/${PORTNAME} + ${MKDIR} ${STAGEDIR}/var/db/vuls + ${MKDIR} ${STAGEDIR}/var/log/vuls + +.include Index: head/security/go-cve-dictionary/distinfo =================================================================== --- head/security/go-cve-dictionary/distinfo +++ head/security/go-cve-dictionary/distinfo @@ -0,0 +1,59 @@ +TIMESTAMP = 1501176587 +SHA256 (kotakanbe-go-cve-dictionary-v0.1.0-76-g0724974_GH0.tar.gz) = fe70e8ca0ed86673d8887793659ec088fca87c95719a299ddd37e1e8cd4c47d7 +SIZE (kotakanbe-go-cve-dictionary-v0.1.0-76-g0724974_GH0.tar.gz) = 25122 +SHA256 (sirupsen-logrus-v1.0.0_GH0.tar.gz) = de40c5f36b126217234cf5d40def87ce26789ce95c8f887b229b9f2ea1e3ed6b +SIZE (sirupsen-logrus-v1.0.0_GH0.tar.gz) = 27996 +SHA256 (asaskevich-govalidator-v6_GH0.tar.gz) = 17ee798f3758885e6ed6f1cfc81033c3aca4c15a9d2b3856a01e648ffb46f0a0 +SIZE (asaskevich-govalidator-v6_GH0.tar.gz) = 39610 +SHA256 (cheggaaa-pb-v2.0.4_GH0.tar.gz) = 21388e5df7bed43ae2b8157a4e17b85ef416ca4925723ddc182f43e3fc719225 +SIZE (cheggaaa-pb-v2.0.4_GH0.tar.gz) = 17205 +SHA256 (go-redis-redis-v6.5.0_GH0.tar.gz) = 992b27dee80639c3605b99525adf76e5e76e4d1acd7e1e97476c5d0446e0d0b8 +SIZE (go-redis-redis-v6.5.0_GH0.tar.gz) = 72475 +SHA256 (google-subcommands-ce3d4cf_GH0.tar.gz) = 660c4a27138acf9f40eb5b69d8f8401521626bd29235f6472f1b1ac457ab4c99 +SIZE (google-subcommands-ce3d4cf_GH0.tar.gz) = 8551 +SHA256 (jinzhu-gorm-eae7f6b_GH0.tar.gz) = aff8d777868e65751deadff1353949cdc1c8c0680e4f687c2fa9311fdb6dfe74 +SIZE (jinzhu-gorm-eae7f6b_GH0.tar.gz) = 79432 +SHA256 (kotakanbe-logrus-prefixed-formatter-e7519b8_GH0.tar.gz) = e14b91af06bc0a752c97519dff4accf4a03547cbb9dd2ba197a9420fb3f14303 +SIZE (kotakanbe-logrus-prefixed-formatter-e7519b8_GH0.tar.gz) = 3862 +SHA256 (labstack-echo-bc173df_GH0.tar.gz) = 130084d65a0fd9fbeba6f2f88b7f6ef0dcf0d42d988b7720a9e158a16afa23f7 +SIZE (labstack-echo-bc173df_GH0.tar.gz) = 322895 +SHA256 (labstack-gommon-1121fd3_GH0.tar.gz) = b2799817a7225c50d37549db05b981cfa416ea7e3ee54aeb53187c3a29f83805 +SIZE (labstack-gommon-1121fd3_GH0.tar.gz) = 10176 +SHA256 (parnurzeal-gorequest-v0.2.15_GH0.tar.gz) = 776fbd9a5ebe79e6e1091cae47d5ace67f7bf49a224a35f2c84e27f3f464817f +SIZE (parnurzeal-gorequest-v0.2.15_GH0.tar.gz) = 25591 +SHA256 (rifflock-lfshook-1.6_GH0.tar.gz) = 64f6a7b085bbceec503f311d9f130436457b996f7260dad7db6638ceb19d9f45 +SIZE (rifflock-lfshook-1.6_GH0.tar.gz) = 3515 +SHA256 (dgrijalva-jwt-go-v3.0.0_GH0.tar.gz) = af12bdfbfb897c4a5c86aeffd11cab35ee18ab0180b1a6e22e1a1a61d9f70543 +SIZE (dgrijalva-jwt-go-v3.0.0_GH0.tar.gz) = 33451 +SHA256 (go-sql-driver-mysql-v1.3_GH0.tar.gz) = 410bcaca471ea38892101464cc8b4a9cf63a9c7f94fce8728243829e36cd865b +SIZE (go-sql-driver-mysql-v1.3_GH0.tar.gz) = 59830 +SHA256 (jinzhu-inflection-1c35d90_GH0.tar.gz) = 9403d9051e6fb253555c83261ce4c9ff9cb0210a4f326b8568b18d3e1bfbed24 +SIZE (jinzhu-inflection-1c35d90_GH0.tar.gz) = 4499 +SHA256 (k0kubun-pp-v2.3.0_GH0.tar.gz) = e411569ac6fe6413b24b63765fd9d6b7cbb03d162068c31186db947aeaf4b0b8 +SIZE (k0kubun-pp-v2.3.0_GH0.tar.gz) = 8778 +SHA256 (lib-pq-8837942_GH0.tar.gz) = a7b8aec65325b03799c5336af3ace1a04ade723a30c9abe927f2b16ffbc61385 +SIZE (lib-pq-8837942_GH0.tar.gz) = 85539 +SHA256 (mgutz-ansi-9520e82_GH0.tar.gz) = eed589c0869270ea90e776fa623a0a29a5973f2acc86fbf305573b4861887140 +SIZE (mgutz-ansi-9520e82_GH0.tar.gz) = 4870 +SHA256 (pkg-errors-c605e28_GH0.tar.gz) = 06fa83babc1d9aa80b0decb6d36504090bbde8a38d9a722a1f7a26616590a0d0 +SIZE (pkg-errors-c605e28_GH0.tar.gz) = 11476 +SHA256 (moul-http2curl-4e24498_GH0.tar.gz) = 48957974315c9689a27e4a65315d4eb0e94cb04e266a59f813ad9e1b99df8e66 +SIZE (moul-http2curl-4e24498_GH0.tar.gz) = 100177 +SHA256 (golang-net-5f8847a_GH0.tar.gz) = 55a46531c8c0fb60ae7566cae1c59681c9869e5df1c4a9a8304448afef65164a +SIZE (golang-net-5f8847a_GH0.tar.gz) = 909712 +SHA256 (mattn-go-colorable-v0.0.8_GH0.tar.gz) = 4f7b0196c6d7a7be96ba394c94860384b537cec6e0da57951bccda0d42c1c23c +SIZE (mattn-go-colorable-v0.0.8_GH0.tar.gz) = 7526 +SHA256 (mattn-go-runewidth-97311d9_GH0.tar.gz) = 8330497728f75464111ee7145fc97cfa588cb0d6561b3af5447aa05d489bca85 +SIZE (mattn-go-runewidth-97311d9_GH0.tar.gz) = 22384 +SHA256 (mattn-go-isatty-v0.0.2_GH0.tar.gz) = c0681d72b185a8d4aa8f6a557d181bf25c6e3e7f3874711de507e550b25408bf +SIZE (mattn-go-isatty-v0.0.2_GH0.tar.gz) = 3258 +SHA256 (mattn-go-sqlite3-v1.2.0_GH0.tar.gz) = ec21a30c397d0d3153d54b3aa71065481dd9702819006fb8bc0443a6ab47caa8 +SIZE (mattn-go-sqlite3-v1.2.0_GH0.tar.gz) = 1998473 +SHA256 (valyala-fasttemplate-dcecefd_GH0.tar.gz) = ba29e16f9b2d6425f500b40747b139c6ce88cdd26b60dcf5967fe9e6cf5f3eb7 +SIZE (valyala-fasttemplate-dcecefd_GH0.tar.gz) = 11627 +SHA256 (camlistore-go4-034d17a_GH0.tar.gz) = 1c9111f937747660e5cee7c6c435d010011d6fe506df5603b88cce4dd102f39c +SIZE (camlistore-go4-034d17a_GH0.tar.gz) = 78850 +SHA256 (VividCortex-ewma-v1.0_GH0.tar.gz) = 7e62b9cc28b336f2496aa98da60f3a8ba6a1f0112f0493c60959e9bcc25709f3 +SIZE (VividCortex-ewma-v1.0_GH0.tar.gz) = 3609 +SHA256 (fatih-color-v1.5.0_GH0.tar.gz) = f22564848cd7d24022413c719bbc9c35d014ba7d19ee802b29ba5a93016d3250 +SIZE (fatih-color-v1.5.0_GH0.tar.gz) = 586937 Index: head/security/go-cve-dictionary/files/go-cve-dictionary.in =================================================================== --- head/security/go-cve-dictionary/files/go-cve-dictionary.in +++ head/security/go-cve-dictionary/files/go-cve-dictionary.in @@ -0,0 +1,64 @@ +#!/bin/sh + +# PROVIDE: %%PORTNAME%% +# REQUIRE: LOGIN +# KEYWORD: shutdown +# +# Add the following lines to /etc/rc.conf.local or /etc/rc.conf +# to enable this service: +# +# go_cve_dictionary_enable (bool): Set to NO by default +# Set it to YES to enable the CVE server +# go_cve_dictionary_user (string): Set user to run go_cve_dictionary +# Default is "%%USERS%%" +# go_cve_dictionary_group (string): Set group to run go_cve_dictionary +# Default is "%%GROUPS%%" +# go_cve_dictionary_db_path (string): Set database path +# Default is "/var/db/vuls/cve.sqlite3" +# go_cve_dictionary_db_type (string): Set database type +# Default is "sqlite3" +# go_cve_dictionary_log_file (string): Set file that go_cve_dictionary will log to +# Default is "/var/log/vuls/go_cve_dictionary.log" +# go_cve_dictionary_args (string): Set additional command line arguments +# Default is "" + +. /etc/rc.subr + +name=go_cve_dictionary +rcvar=go_cve_dictionary_enable + +load_rc_config $name + +: ${go_cve_dictionary_enable:="NO"} +: ${go_cve_dictionary_user:="%%USERS%%"} +: ${go_cve_dictionary_group:="%%GROUPS%%"} +: ${go_cve_dictionary_db_path:="/var/db/vuls/cve.sqlite3"} +: ${go_cve_dictionary_db_type:="sqlite3"} +: ${go_cve_dictionary_log_file:="/var/log/vuls/go_cve_dictionary.log"} +: ${go_cve_dictionary_args:=""} + +pidfile=/var/run/go_cve_dictionary.pid +command="/usr/sbin/daemon" +procname="%%PREFIX%%/bin/%%PORTNAME%%" + +command_args="-p ${pidfile} /usr/bin/env ${procname} server \ + -dbpath=${go_cve_dictionary_db_path} \ + -dbtype=${go_cve_dictionary_db_type} \ + ${go_cve_dictionary_args} >> ${go_cve_dictionary_log_file} 2>&1" + +start_precmd=go_cve_dictionary_startprecmd + +go_cve_dictionary_startprecmd() +{ + if [ ! -e ${pidfile} ]; then + install -o ${go_cve_dictionary_user} -g ${go_cve_dictionary_group} \ + -m 640 /dev/null ${pidfile}; + fi + if [ ! -f "${go_cve_dictionary_log_file}" ]; then + install -o ${go_cve_dictionary_user} -g ${go_cve_dictionary_group} \ + -m 640 /dev/null ${go_cve_dictionary_log_file}; + fi +} + +load_rc_config $name +run_rc_command "$1" Index: head/security/go-cve-dictionary/files/patch-commands_fetchjvn.go =================================================================== --- head/security/go-cve-dictionary/files/patch-commands_fetchjvn.go +++ head/security/go-cve-dictionary/files/patch-commands_fetchjvn.go @@ -0,0 +1,29 @@ +--- commands/fetchjvn.go.orig 2017-06-26 10:39:59 UTC ++++ commands/fetchjvn.go +@@ -3,7 +3,6 @@ package commands + import ( + "context" + "flag" +- "os" + "strconv" + "time" + +@@ -45,7 +44,7 @@ func (*FetchJvnCmd) Usage() string { + [-latest] + [-last2y] + [-years] 1998 1999 ... +- [-dbpath=$PWD/cve.sqlite3 or connection string] ++ [-dbpath=/var/db/vuls/cve.sqlite3 or connection string] + [-dbtype=mysql|postgres|sqlite3|redis] + [-http-proxy=http://192.168.0.1:8080] + [-debug] +@@ -65,8 +64,7 @@ func (p *FetchJvnCmd) SetFlags(f *flag.F + defaultLogDir := util.GetDefaultLogDir() + f.StringVar(&p.logDir, "log-dir", defaultLogDir, "/path/to/log") + +- pwd := os.Getenv("PWD") +- f.StringVar(&p.dbpath, "dbpath", pwd+"/cve.sqlite3", ++ f.StringVar(&p.dbpath, "dbpath", "/var/db/vuls/cve.sqlite3", + "/path/to/sqlite3 or SQL connection string") + + f.StringVar(&p.dbtype, "dbtype", "sqlite3", Index: head/security/go-cve-dictionary/files/patch-commands_fetchnvd.go =================================================================== --- head/security/go-cve-dictionary/files/patch-commands_fetchnvd.go +++ head/security/go-cve-dictionary/files/patch-commands_fetchnvd.go @@ -0,0 +1,29 @@ +--- commands/fetchnvd.go.orig 2017-06-26 10:39:59 UTC ++++ commands/fetchnvd.go +@@ -3,7 +3,6 @@ package commands + import ( + "context" + "flag" +- "os" + "strconv" + "time" + +@@ -43,7 +42,7 @@ func (*FetchNvdCmd) Usage() string { + [-last2y] + [-years] 2015 2016 ... + [-dbtype=mysql|postgres|sqlite3|redis] +- [-dbpath=$PWD/cve.sqlite3 or connection string] ++ [-dbpath=/var/db/vuls/cve.sqlite3 or connection string] + [-http-proxy=http://192.168.0.1:8080] + [-debug] + [-debug-sql] +@@ -65,8 +64,7 @@ func (p *FetchNvdCmd) SetFlags(f *flag.F + defaultLogDir := util.GetDefaultLogDir() + f.StringVar(&p.logDir, "log-dir", defaultLogDir, "/path/to/log") + +- pwd := os.Getenv("PWD") +- f.StringVar(&p.dbpath, "dbpath", pwd+"/cve.sqlite3", ++ f.StringVar(&p.dbpath, "dbpath", "/var/db/vuls/cve.sqlite3", + "/path/to/sqlite3 or SQL connection string") + + f.StringVar(&p.dbtype, "dbtype", "sqlite3", Index: head/security/go-cve-dictionary/files/patch-commands_server.go =================================================================== --- head/security/go-cve-dictionary/files/patch-commands_server.go +++ head/security/go-cve-dictionary/files/patch-commands_server.go @@ -0,0 +1,29 @@ +--- commands/server.go.orig 2017-06-26 10:39:59 UTC ++++ commands/server.go +@@ -3,7 +3,6 @@ package commands + import ( + "context" + "flag" +- "os" + + "github.com/google/subcommands" + c "github.com/kotakanbe/go-cve-dictionary/config" +@@ -37,7 +36,7 @@ func (*ServerCmd) Usage() string { + server + [-bind=127.0.0.1] + [-port=8000] +- [-dbpath=$PWD/cve.sqlite3 or connection string] ++ [-dbpath=/var/db/vuls/cve.sqlite3 or connection string] + [-dbtype=mysql|postgres|sqlite3|redis] + [-debug] + [-debug-sql] +@@ -56,8 +55,7 @@ func (p *ServerCmd) SetFlags(f *flag.Fla + defaultLogDir := util.GetDefaultLogDir() + f.StringVar(&p.logDir, "log-dir", defaultLogDir, "/path/to/log") + +- pwd := os.Getenv("PWD") +- f.StringVar(&p.dbpath, "dbpath", pwd+"/cve.sqlite3", ++ f.StringVar(&p.dbpath, "dbpath", "/var/db/vuls/cve.sqlite3", + "/path/to/sqlite3 or SQL connection string") + + f.StringVar(&p.dbtype, "dbtype", "sqlite3", Index: head/security/go-cve-dictionary/files/pkg-message.in =================================================================== --- head/security/go-cve-dictionary/files/pkg-message.in +++ head/security/go-cve-dictionary/files/pkg-message.in @@ -0,0 +1,19 @@ +=============================================================================== +Congratulations, you have installed %%PORTNAME%%! + +%%PORTNAME%% does not ship any CVE database. +To download CVEs from 2002 until present run: + +for i in `seq 2002 $(date +"%Y")`; \ + do %%PORTNAME%% fetchnvd -years $i; \ + done + +After download, set the permissions of the CVE databases: + +chown %%USERS%%:%%GROUPS%% /var/db/vuls/* /var/log/vuls/* + +To enable %%PORTNAME%% and start: + +sysrc go_cve_dictionary_enable="YES" +service %%PORTNAME%% start +=============================================================================== Index: head/security/go-cve-dictionary/pkg-descr =================================================================== --- head/security/go-cve-dictionary/pkg-descr +++ head/security/go-cve-dictionary/pkg-descr @@ -0,0 +1,7 @@ +go-cve-dictionary builds a a local copy of the National Vulnerabilities +Database(NVD) and Japan Vulnerability Notes(JVN). NVD and JVN contain security +vulnerabilities according to their CVE identifiers including exhaustive +information and a risk score. The local copy is generated in sqlite format. +A server is included for easy querying. + +WWW: https://github.com/kotakanbe/go-cve-dictionary/ Index: head/security/go-cve-dictionary/pkg-plist =================================================================== --- head/security/go-cve-dictionary/pkg-plist +++ head/security/go-cve-dictionary/pkg-plist @@ -0,0 +1,3 @@ +bin/%%GO_PKGNAME%% +@dir(vuls,vuls,0775) /var/db/vuls +@dir(vuls,vuls,0775) /var/log/vuls