Package Details: arachni 1.5-1

Git Clone URL: https://aur.archlinux.org/arachni.git (read-only)
Package Base: arachni
Description: A feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications.
Upstream URL: http://www.arachni-scanner.com
Licenses: Apache
Submitter: GI_Jack
Maintainer: None
Last Packager: GI_Jack
Votes: 2
Popularity: 0.001931
First Submitted: 2015-08-31 17:12
Last Updated: 2017-03-15 03:49

Dependencies (3)

Required by (0)

Sources (1)

Latest Comments

GI_Jack commented on 2017-03-21 00:29

I'm taking my name off this unholy cluterfuck of a package. I don't have the time or energy to fix this.

1. Its a git build without the -git packagename
2. It bundles and installs ruby as root, into the root filesystem.
3. If this wasn't bad enough, this flaming pile of dogshit put the bundle install instruction in the post install instructions so none of the files are trackable by pacman/libpm. Cleaning up this giant clusterfuck is going to be hard, and require manual intervention.
4. If that wasn't bad enough, those files interfere with the same software packaged correctly, causing other pieces of software to fail.

I moved this from AUR3, then forgot about it. I would like to apologize to the arch community at this time.

GI_Jack commented on 2017-03-20 23:22

tuxayo,

Thank you for bringing this to my attention. I saved the package when they moved to AUR4, for use with OpenVAS, but kinda forgot about it.

This PKGBUILD has been the biggest failwhale I've seen in AUR in a very long time.

As we speak I am re-writing it to put all the files in opt. Since metasploit is also ruby, I am looking at the MSF package for inspiration.

GI_Jack commented on 2017-03-19 00:02

OK, I can fix this, but I need some help

gemfile:

https://github.com/Arachni/arachni/blob/master/Gemfile

so far...

depends=('ruby' 'ruby-bundler' 'ruby-yard' 'ruby-rspec' 'ruby-pry' 'ruby-rake' 'ruby-docs' 'ruby-ruby-prof')

need the faker and simplecov gems. the rest should work like this.

GI_Jack commented on 2017-03-15 03:48

tuxayo, I rescued this package from the old AUR, does this have deps I can strip and re-add in depends=()?

Not sure how I'm going to fix this.

edit: Not a ruby person. If you want this package, or have a fix, let me know.

tuxayo commented on 2016-05-20 16:30

I have this message at install:

> Don't run Bundler as root. Bundler can ask for sudo if it is needed, and installing your bundle as root will break this application for all non-root users on this machine.

I confirm, I need to be root to use arachni which prevent other tools like OpenVAS to use arachni.

And also, as it's installing gem as root, they conflict with the gems installed with pacman. For example I can't install ruby-yard, so I have a undetermined bunch of gems to remove manually now T_T

tuxayo commented on 2016-05-20 15:53

Upstream URL should be corrected to http://www.arachni-scanner.com
Because the website doesn't support HTTPS and redirects to the hosting provider website.