search

Atomicorp / gvm

Greenbone Vulnerability Manager / Openvas packaging project
GNU Affero General Public License v3.0
74 stars 19 forks source link

Error in pre script openvas-scanner-7.0.0-9465.el7.art.x86_64.rpm #24

Closed vodium-vastro closed 4 years ago

vodium-vastro commented 4 years ago

Apologies if this is the wrong place to report this but.....

When attempting to install openvas-scanner-7.0.0-9465.el7.art.x86_64.rpm on a CentOS 7 server the following error is given:

[root@scan x]# rpm -i openvas-scanner-7.0.0-9465.el7.art.x86_64.rpm
Usage: useradd [options] LOGIN
       useradd -D
       useradd -D [options]

Options:
  -b, --base-dir BASE_DIR       base directory for the home directory of the
                                new account
  -c, --comment COMMENT         GECOS field of the new account
  -d, --home-dir HOME_DIR       home directory of the new account
  -D, --defaults                print or change default useradd configuration
  -e, --expiredate EXPIRE_DATE  expiration date of the new account
  -f, --inactive INACTIVE       password inactivity period of the new account
  -g, --gid GROUP               name or ID of the primary group of the new
                                account
  -G, --groups GROUPS           list of supplementary groups of the new
                                account
  -h, --help                    display this help message and exit
  -k, --skel SKEL_DIR           use this alternative skeleton directory
  -K, --key KEY=VALUE           override /etc/login.defs defaults
  -l, --no-log-init             do not add the user to the lastlog and
                                faillog databases
  -m, --create-home             create the user's home directory
  -M, --no-create-home          do not create the user's home directory
  -N, --no-user-group           do not create a group with the same name as
                                the user
  -o, --non-unique              allow to create users with duplicate
                                (non-unique) UID
  -p, --password PASSWORD       encrypted password of the new account
  -r, --system                  create a system account
  -R, --root CHROOT_DIR         directory to chroot into
  -P, --prefix PREFIX_DIR       prefix directory where are located the /etc/* files
  -s, --shell SHELL             login shell of the new account
  -u, --uid UID                 user ID of the new account
  -U, --user-group              create a group with the same name as the user
  -Z, --selinux-user SEUSER     use a specific SEUSER for the SELinux user mapping

error: %pre(openvas-scanner-7.0.0-9465.el7.art.x86_64) scriptlet failed, exit status 2
error: openvas-scanner-7.0.0-9465.el7.art.x86_64: install failed

Looking at the scripts with rpm -qp --scripts openvas-scanner-7.0.0-9465.el7.art.x86_64.rpm the following snippet shows the useradd command:

if ! id -g openvas > /dev/null 2>&1; then
    useradd g openvas -G openvas       \
        -d /var/openvas \
        -r -s /sbin/nologin openvas
fi

I'm presuming the line useradd g openvas -G openvas should be useradd -g openvas -G openvas e.g. dash before the lower g??

Using rpmrebuild and making the above change allows for the package to install without error

vodium-vastro commented 4 years ago

To confirm the package is being installed from the 'atomic' repository:

================================================================================
 Package                          Arch    Version                 Repository
                                                                           Size
================================================================================
Installing:
 greenbone-vulnerability-manager  noarch  11.0.0-9461.el7.art     atomic   20 k
Installing for dependencies:
 openvas-scanner                  x86_64  7.0.0-9465.el7.art      atomic  247 k

Transaction Summary
================================================================================
Install  1 Package (+1 Dependent package)
ShadowNetworks commented 4 years ago

I have legit been hitting my head against the keyboard trying to figure out what's wrong. And it's this.

vodium-vastro commented 4 years ago

@ShadowNetworks Unfortunately I can't find the script in the repo so can't create a push request.

You can try downloading the file to the machine:

wget http://www6.atomicorp.com/channels/atomic/centos/7/x86_64/RPMS/openvas-scanner-7.0.0-9465.el7.art.x86_64.rpm

Install rpmrebuild:

yum install rpmrebuild

Then edit the rpm with:

rpmrebuild -e -p openvas-scanner-7.0.0-9465.el7.art.x86_64.rpm

Edit line 115 (for me) with the change above

When you exit the editor select 'yes' when it asks you to continue.

Then install the rpm from its new location (will be something like this);

rpm -i /root/rpmbuild/RPMS/x86_64/openvas-scanner-7.0.0-9465.el7.art.x86_64.rpm

You can continue to install greenbone-vulnerability-manager from yum after this if needed. openvas-scanner will not be installed as the dependency will have already been met.

atomicturtle commented 4 years ago

I havent tried taking this on for EL7 yet, but the GVM 20.08 update is out now for EL8. Now that GVM-11 and lower are all EOL in a few months any fixes for this are probably better handled by getting GVM 20.08 working on more platforms.

EL7 might not be possible without some help, given the python dependency chain introduced in GVM-11 and up. If anyone is interested, shoot me an email for an invite to our slack: slack@ossec.net

ShadowNetworks commented 4 years ago

Got openvas-scanner installed with no issue following harveydov’s instructions! Thank you! Working on CentOS 7 and RHEL 7 installs. RHEL 7 doesn’t have an EOL date set yet. June 30, 2024 is set for CentOS 7. Hoping we can at least keep GVM support going for a year or two on both.

atomicturtle commented 4 years ago

Oh sorry, I ment that GVM-11 and older are EOL at the end of 2020: "With the end of 2020 both GVM 10 5 and GVM 11 20 will retire and won’t get any additional releases. All users and distributions should switch to GVM 20.08 immediately."

https://community.greenbone.net/t/gvm-20-08-stable-initial-release-2020-08-12/6312

MarthaDelgado commented 4 years ago

Hi,

I'm new with OpenVAS, I'm getting the same error message as @harveydov first reported, and then the message below appeared.

error: %pre(openvas-scanner-7.0.0-9465.el7.art.x86_64) scriptlet failed, exit status 2
Error in PREIN scriptlet in rpm package openvas-scanner-7.0.0-9465.el7.art.x86_64
openvas-scanner-6.0.0-6930.el7.art.x86_64 was supposed to be removed but is not!
  Verifying  : openvas-scanner-6.0.0-6930.el7.art.x86_64                                                        1/2 
  Verifying  : openvas-scanner-7.0.0-9465.el7.art.x86_64                                                        2/2 

Failed:
  openvas-scanner.x86_64 0:6.0.0-6930.el7.art              openvas-scanner.x86_64 0:7.0.0-9465.el7.art             

Complete!

I tried to follow the fix that was suggested, but it didn't work for me. When I edited the file and save it, I get these warnings and I'm not sure if you or anyone else get those same warnings.

warning: Explicit %attr() mode not applicaple to symlink: /root/.tmp/rpmrebuild.9580/work/root/usr/lib64/libopenvas_misc.so
warning: Explicit %attr() mode not applicaple to symlink: /root/.tmp/rpmrebuild.9580/work/root/usr/lib64/libopenvas_misc.so.11
warning: Explicit %attr() mode not applicaple to symlink: /root/.tmp/rpmrebuild.9580/work/root/usr/lib64/libopenvas_nasl.so
warning: Explicit %attr() mode not applicaple to symlink: /root/.tmp/rpmrebuild.9580/work/root/usr/lib64/libopenvas_nasl.so.11
result: /root/rpmbuild/RPMS/x86_64/openvas-scanner-7.0.0-9465.el7.art.x86_64.rpm

I'm not sure if anyone is having the same issue. Every time I tried to run the command below. rpm -i /root/rpmbuild/RPMS/x86_64/openvas-scanner-7.0.0-9465.el7.art.x86_64.rpm

I get this as a result.

        file /usr/bin/openvas-nasl from install of openvas-scanner-7.0.0-9465.el7.art.x86_64 conflicts with file from package openvas-scanner-6.0.0-6930.el7.art.x86_64
        file /usr/bin/openvas-nasl-lint from install of openvas-scanner-7.0.0-9465.el7.art.x86_64 conflicts with file from package openvas-scanner-6.0.0-6930.el7.art.x86_64
        file /usr/lib64/libopenvas_misc.so from install of openvas-scanner-7.0.0-9465.el7.art.x86_64 conflicts with file from package openvas-scanner-6.0.0-6930.el7.art.x86_64
        file /usr/lib64/libopenvas_nasl.so from install of openvas-scanner-7.0.0-9465.el7.art.x86_64 conflicts with file from package openvas-scanner-6.0.0-6930.el7.art.x86_64
        file /usr/share/man/man1/openvas-nasl.1.gz from install of openvas-scanner-7.0.0-9465.el7.art.x86_64 conflicts with file from package openvas-scanner-6.0.0-6930.el7.art.x86_64
        file /usr/share/man/man8/greenbone-nvt-sync.8.gz from install of openvas-scanner-7.0.0-9465.el7.art.x86_64 conflicts with file from package openvas-scanner-6.0.0-6930.el7.art.x86_64

Any suggestions?

atomicturtle commented 4 years ago

Just an update on getting GVM 20.08 for el7, at this point in time its a pretty heavy dependency chain to get in place for a lot of internal packages (uuid, cmake, etc). Seeing that the GVM-11 project is EOL very soon, I'm going to close this bug out since the only fix will be if 20.08 is buildable on el7. Progress for that starts here: https://github.com/Atomicorp/gvm-libs/issues/1

dekumar4 commented 1 year ago

I am also facing similar issue on Oracle Linux 7.9. What is the procedure to download the latest openvas-scanner ?

error: %pre(openvas-scanner-7.0.0-9465.el7.art.x86_64) scriptlet failed, exit status 2 Error in PREIN scriptlet in rpm package openvas-scanner-7.0.0-9465.el7.art.x86_64 Installing : greenbone-vulnerability-manager-11.0.0-9461.el7.art.noarch 2/2 error: openvas-scanner-7.0.0-9465.el7.art.x86_64: install failed Verifying : greenbone-vulnerability-manager-11.0.0-9461.el7.art.noarch 1/2 Verifying : openvas-scanner-7.0.0-9465.el7.art.x86_64 2/2

Installed: greenbone-vulnerability-manager.noarch 0:11.0.0-9461.el7.art

Failed: openvas-scanner.x86_64 0:7.0.0-9465.el7.art

Complete!