From 9e5c86e796d08f9306b04c0cfe0b48262a086ece Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bj=C3=B6rn=20Ricks?= <bjoern.ricks@greenbone.net>
Date: Thu, 23 Jan 2025 10:46:23 +0100
Subject: [PATCH] Change: Update Install docs for Debian stable

* Use to use Debian stable (bookworm)
* Fix formatting
* Sort dependencies
* Use `postgresql-server-dev-all` as version independent package
---
 INSTALL.md | 88 +++++++++++++++++++++++++++++++++---------------------
 1 file changed, 54 insertions(+), 34 deletions(-)

diff --git a/INSTALL.md b/INSTALL.md
index a7b36c2bf..c3ddd19c1 100644
--- a/INSTALL.md
+++ b/INSTALL.md
@@ -1,40 +1,54 @@
-# INSTALLATION INSTRUCTIONS FOR GREENBONE VULNERABILITY MANAGER
+# Installation Instructions for Greenbone Vulnerability Manager Daemon
 
 Please note: The reference system used by most of the developers is Debian
-GNU/Linux 'Buster' 10. The build might fail on any other system. Also, it is
-necessary to install dependent development packages.
+stable. The build might fail on any other system. Also, it is necessary to
+install dependent development packages.
 
-## Prerequisites for Greenbone Vulnerability Manager
+## Prerequisites for Greenbone Vulnerability Manager Daemon
 
 Prerequisites:
-* GCC (Debian package: gcc)
-* cmake >= 3.0 (Debian package: cmake)
-* cJSON >= 1.7.14 (Debian package: libcjson-dev)
-* glib-2.0 >= 2.42 (Debian package: libglib2.0-dev)
-* gnutls >= 3.2.15 (Debian package: libgnutls28-dev)
-* libgvm_base, libgvm_util, libgvm_osp, libgvm_gmp >= 20.08.0 ([gvm-libs](https://github.com/greenbone/gvm-libs/tree/gvm-libs-20.08) component)
-* PostgreSQL database >= 9.6 (Debian packages: libpq-dev postgresql-server-dev-11)
-* pkg-config (Debian package: pkg-config)
-* libical >= 1.0.0 (Debian package: libical-dev)
-* xsltproc (Debian package: xsltproc)
-* gpgme
 
-Install these prerequisites on Debian GNU/Linux 'Buster' 10:
+* cJSON >= 1.7.14
+* cmake >= 3.0
+* GCC
+* glib-2.0 >= 2.42
+* gnutls >= 3.2.15
+* gpgme
+* [gvm-libs](https://github.com/greenbone/gvm-libs/) >= 22.12
+* libical >= 1.0.0
+* libbsd
+* pkg-config
+* PostgreSQL database >= 9.6
+* xsltproc
 
-    apt-get install gcc cmake libcjson-dev libglib2.0-dev libgnutls28-dev libpq-dev postgresql-server-dev-11 pkg-config libical-dev xsltproc libgpgme-dev
+Install these prerequisites on Debian stable:
+
+    apt-get install \
+      cmake \
+      gcc \
+      libcjson-dev \
+      libglib2.0-dev \
+      libgnutls28-dev \
+      libgpgme-dev \
+      libical-dev \
+      libpq-dev \
+      pkg-config \
+      postgresql-server-dev-all \
+      xsltproc
 
 Prerequisites for building documentation:
+
 * Doxygen
 * xsltproc (for building the GMP HTML documentation)
 * xmltoman (optional, for building man page)
 
 Prerequisites for building tests:
+
 * Cgreen (optional, for building tests)
 
 Please see the section "Prerequisites for Optional Features" below additional
 optional prerequisites.
 
-
 ## Compiling Greenbone Vulnerability Manager
 
 If you have installed required libraries to a non-standard location, remember to
@@ -73,7 +87,6 @@ you have specified a prefix for which your user does not have full permissions.
 To clean up the build environment, simply remove the contents of the `build`
 directory you created above.
 
-
 ## Choosing the Connection Type
 
 Greenbone Vulnerability Manager can serve client connections on either a TCP
@@ -91,7 +104,6 @@ To use a TCP socket, call gvmd with the --listen option, for example:
 
     gvmd --listen=127.0.0.1
 
-
 ## Certificate Generation
 
 All TCP-based communication with Greenbone Vulnerability Manager uses the TLS
@@ -116,7 +128,6 @@ If certificates have expired or in other ways there is need to update
 certificates for scanners, please see also section `Updating Scanner
 Certificates`.
 
-
 ## Configure PostgreSQL Database Backend
 
 ### Setting up the PostgreSQL database
@@ -220,7 +231,6 @@ SELECT nspname || '.' || relname AS "relation",
 
 These queries were taken from https://wiki.postgresql.org/wiki/Disk_Usage
 
-
 ## Migrating the Database (e.g. during an upgrade of GVM)
 
 If you have used Manager before (e.g. an older version which got upgraded to
@@ -234,7 +244,6 @@ Use this command to run the migration:
 
     gvmd --migrate
 
-
 ## Creating an administrator user for GVM
 
 You can create an administrator user with the `--create-user` option of `gvmd`:
@@ -248,7 +257,6 @@ clients like the Greenbone Security Assistant (GSA).
 
 Also, the new user can change their password via GSA.
 
-
 ## Set the Feed Import Owner
 
 Certain resources that were previously part of the gvmd source code are now
@@ -262,7 +270,6 @@ The UUIDs of all created users can be found using
 
     gvmd --get-users --verbose
 
-
 ## Keeping the feeds up-to-date
 
 The `gvmd Data`, `SCAP` and `CERT` Feeds should be kept up-to-date by calling the
@@ -300,9 +307,9 @@ Please note: The `CERT` feed sync depends on data provided by the `SCAP` feed
 and should be called after syncing the latter.
 You will need the `rsync` tool for a successful synchronization.
 
-## Configure the default OSPD scanner socket path
+## Configure the default ospd scanner socket path
 
-By default, Manager tries to connect to the default OSPD scanner via the following path:
+By default, Manager tries to connect to the default ospd scanner via the following path:
 
     /var/run/ospd/ospd.sock
 
@@ -316,7 +323,6 @@ Update the path (example, path needs to be adapted accordingly):
 
     gvmd --modify-scanner=<uuid of OpenVAS Default scanner> --scanner-host=<install-prefix>/var/run/ospd/ospd-openvas.sock
 
-
 ## Logging Configuration
 
 By default, Manager writes logs to the file
@@ -360,7 +366,6 @@ Logging to `syslog` can be enabled in each domain like:
     syslog_facility=daemon
     level=128
 
-
 ## Optimizing the database
 
 Greenbone Vulnerability Manager offers the command line option
@@ -460,7 +465,6 @@ supported values for `<name>` are:
   This creates the cache containing the unfiltered result counts of all reports
   that are not cached yet.
 
-
 ## Encrypted Credentials
 
 By default, the Manager stores private key and password parts of target
@@ -521,7 +525,6 @@ No encryption: If for backward compatibility reasons encrypted credentials
 are not desired, the manager must _always_ be started with the option
 `--disable-encrypted-credentials`.
 
-
 ## Resetting Credentials Encryption Key
 
 If you lost some part of the encryption key, neither a regular migration nor
@@ -549,7 +552,6 @@ Create a new key:
 
 Finally, reset all credentials, by hand.
 
-
 ## Updating Scanner Certificates
 
 If you have changed the CA certificate used to sign the server and client
@@ -598,7 +600,6 @@ Replace the path to the pem-file with the one of your setup. The
 UUID is the fixed one of the immutable global setting for the default
 CA certificate and thus does not need to be changed.
 
-
 ## Changing the Maximum Number of Rows per Page
 
 The maximum number of rows returned by the GMP `GET` commands, like `GET_TARGETS`,
@@ -618,12 +619,12 @@ This changes the global value of the setting, and so applies to all users.
 Adding `--user` to the command will set a value for maximum rows only for that
 user.
 
-
 ## Prerequisites for Optional Features
 
 Certain features of the Manager also require some programs at run time:
 
 Prerequisites for generating PDF reports:
+
 * pdflatex
 
   On Debian GNU/Linux 'Stretch' 9 the following packages can be installed to
@@ -633,23 +634,29 @@ Prerequisites for generating PDF reports:
       apt-get install texlive-fonts-recommended
 
 Prerequisites for generating HTML reports:
+
 * xsltproc
 
 Prerequisites for generating verinice reports:
+
 * xsltproc, xmlstarlet, zip
 
 Prerequisites for generating credential RPM packages:
+
 * rpm
 * fakeroot
 
 Prerequisites for generating credential DEB packages:
+
 * dpkg
 * fakeroot
 
 Prerequisites for generating credentials .exe packages:
+
 * makensis (usually distributed as part of nsis)
 
 Prerequisites for generating system reports:
+
 * A program in the `PATH`, with usage `gvmcg seconds type`, where
   seconds is the number of seconds before now that the report covers,
   and type is the type of report.  When called with type `titles` the
@@ -662,48 +669,61 @@ Prerequisites for generating system reports:
   indicate failure by simply refraining from printing.
 
 Prerequisites for signature verification:
+
 * gnupg
 
 Prerequisites for HTTP alerts:
+
 * wget
 
 Prerequisites for Alemba vFire alert:
+
 * A program in the `PATH` called `greenbone_vfire_connector` that takes the
   path to an XML file as described by doc/vfire-data-xml.rnc as an argument.
 
 Prerequisites for Sourcefire Connector alert:
+
 * A program in the `PATH` called `greenbone_sourcefire_connector` that takes
   args IP, port, PKCS12 file and report file in Sourcefire format.
 
 Prerequisites for verinice .PRO Connector alert:
+
 * A program in the `PATH` called `greenbone_verinice_connector` that takes args
   IP, port, username, password and report file in verinice .PRO format.
 
 Prerequisites for SCP alert:
+
 * sshpass
 * scp
 
 Prerequisites for Send alert:
+
 * socat
 
 Prerequisites for SNMP alert:
+
 * snmp
 
 Prerequisites for SMB alert:
+
 * python3
 * smbclient
 
 Prerequisites for Tipping Point alert:
+
 * python3
 * python3-lxml
 
 Prerequisites for key generation on systems with low entropy:
+
 * haveged (or a similar tool)
 
 Prerequisites for S/MIME support (e.g. email encryption):
+
 * GNU privacy guard - S/MIME version (Debian package: gpgsm)
 
 Prerequisites for certificate generation:
+
 * GnuTLS certtool (Debian package: gnutls-bin)
 
 ## Static code analysis with the Clang Static Analyzer