Atomicorp / gvm

Greenbone Vulnerability Manager / Openvas packaging project
GNU Affero General Public License v3.0
74 stars 19 forks source link

Report Formats and Portlists are created but not scan configs #35

Closed 5h0ut closed 3 years ago

5h0ut commented 4 years ago

Hi,

I tried to create a openvas 20.8 docker image based on CentOS8 using your repositories.

However I managed to start all services, and perform additional configuration as described in https://github.com/greenbone/gvmd/blob/v20.8.0/INSTALL.md

Now, if gvmd process is getting started I face the following strange issue: ... event port_list:MESSAGE:2020-10-20 04h06.37 utc:406: Port list All IANA assigned TCP and UDP (4a4717fe-57d2-11e1-9a26-406186ea4fc5) has been created by admin event port_list:MESSAGE:2020-10-20 04h06.37 utc:406: Port list All TCP and Nmap top 100 UDP (730ef368-57e2-11e1-a90f-406186ea4fc5) has been created by admin event port_list:MESSAGE:2020-10-20 04h06.37 utc:406: Port list All IANA assigned TCP (33d0cd82-57c6-11e1-8ed1-406186ea4fc5) has been created by admin event report_format:MESSAGE:2020-10-20 04h06.37 utc:406: Report format PDF (c402cc3e-b531-11e1-9163-406186ea4fc5) has been created by admin event report_format:MESSAGE:2020-10-20 04h06.37 utc:406: Report format CSV Results (c1645568-627a-11e3-a660-406186ea4fc5) has been created by admin event report_format:MESSAGE:2020-10-20 04h06.37 utc:406: Report format ITG (77bd6c4a-1f62-11e1-abf0-406186ea4fc5) has been created by admin event report_format:MESSAGE:2020-10-20 04h06.37 utc:406: Report format Anonymous XML (5057e5cc-b825-11e4-9d0e-28d24461215b) has been created by admin event report_format:MESSAGE:2020-10-20 04h06.37 utc:406: Report format XML (a994b278-1f62-11e1-96ac-406186ea4fc5) has been created by admin event report_format:MESSAGE:2020-10-20 04h06.37 utc:406: Report format TXT (a3810a62-1f62-11e1-9219-406186ea4fc5) has been created by admin util gpgme:MESSAGE:2020-10-20 04h06.38 utc:406: Setting GnuPG dir to '/var/lib/gvm/gvmd/gnupg' util gpgme:MESSAGE:2020-10-20 04h06.38 utc:406: Created GnuPG dir '/var/lib/gvm/gvmd/gnupg' util gpgme:MESSAGE:2020-10-20 04h06.38 utc:406: Using OpenPGP engine version '2.2.9' util gpgme: INFO:2020-10-20 04h06.38 utc:406: starting key generation ... util gpgme: INFO:2020-10-20 04h06.38 utc:406: OpenPGP key 'GVM Credential Encryption' has been generated ...

Some configuration sections seem to get imported from: /var/lib/gvm/data-objects/gvmd/20.08/ but not all If I later navigate throug configuration web menu I can not configure new scan configurations:

Looking in the filesystem: ls -la /var/lib/gvm/data-objects/gvmd/20.08/configs/ total 1292 drwxr-xr-x 2 gvm gvm 4096 Oct 16 08:55 . drwxr-xr-x 5 gvm gvm 4096 Jun 17 13:41 .. -rw-r--r-- 1 gvm gvm 826 Aug 31 07:29 base-d21f6c81-2b88-4ac1-b7b4-a2a9f2ad4663.xml -rw-r--r-- 1 gvm gvm 47873 Aug 31 07:29 discovery-8715c877-47a0-438d-98a3-27c7a6ab2196.xml -rw-r--r-- 1 gvm gvm 884 Aug 31 07:29 empty-085569ce-73ed-11df-83c3-002264764cea.xml -rw-r--r-- 1 gvm gvm 1790 Aug 31 07:29 full-and-fast-daba56c8-73ec-11df-a475-002264764cea.xml -rw-r--r-- 1 gvm gvm 1764 Aug 31 07:29 host-discovery-2d3f051c-55ba-11e3-bf43-406186ea4fc5.xml -rw-r--r-- 1 gvm gvm 10630 Oct 15 11:31 policy-huawei-datacom-aab5c4a1-eab1-4f4e-acac-8c36d08de6bc.xml -rw-r--r-- 1 gvm gvm 14966 Aug 31 07:29 policy-it-grundschutz-c4b7c0cb-6502-4809-b034-8e635311b3e6.xml -rw-r--r-- 1 gvm gvm 612735 Sep 28 09:19 policy_euleros_20200909_9f822ad3-9208-4e02-ac03-78dce3ca9a23.xml -rw-r--r-- 1 gvm gvm 597265 Sep 28 09:19 policy_gaussdb_20200909_61327f09-8a54-4854-9e1c-16798285fb28.xml -rw-r--r-- 1 gvm gvm 5220 Aug 31 07:29 system-discovery-bbca7412-a950-11e3-9109-406186ea4fc5.xml

Do you have any ideas how to solve this issue?

atomicturtle commented 4 years ago

My guess here is that its the data setup phase, youve got to download all that data and get it into postgres and redis before you get to this step

cfi-gb commented 4 years ago

Might be related: https://github.com/greenbone/gvmd/issues/1332

cfi-gb commented 4 years ago

Note that AFAIK gvmd is only able to successfully import the scan configs if it is able to connect to ospd-openvas and if ospd-openvas has a fully build NVT cache.

SecInfo -> NVTs in GSA needs to be filled and up to date, if not check things like https://github.com/greenbone/gvmd/blob/v20.8.0/INSTALL.md#configure-the-default-ospd-scanner-socket-path or the logfiles of gvmd, ospd-openvas and openvas.

Also make sure that you're running the feed sync scripts as the correct user which is running the GVM services so that no issues are originating from wrong permissions on the file system.

cfi-gb commented 4 years ago

At least for https://community.greenbone.net/t/how-to-manually-import-scan-config-from-cli/7239/18 the user running the Atomic packages of GVM 20.08 fixed that issue by correctly configuring redis which makes ospd-openvas to start up again correctly.

atomicturtle commented 3 years ago

Im going to close this one out as more of an implementation issue with docker. We should move anything related to that over to:https://github.com/Atomicorp/openvas-docker/