Open utterances-bot opened 4 years ago
cache-memory
commented
4 years ago Hi,
to get the "OpenVAS Default" Scanner working, you have to change the location/path of "ospd.sock" from /tmp/ospd.sock to /opt/gvm/var/run/ospd.sock in the scanner config with
"gvmd --modify-scanner=UUID of OpenVAS Default --scanner-host=/opt/gvm/var/run/ospd.sock"
which worked for me, so that I could skip the "register your new scanner" section.
BR, cache
falkowich
commented
4 years ago Hi,
to get the "OpenVAS Default" Scanner working, you have to change the location/path of "ospd.sock" from /tmp/ospd.sock to /opt/gvm/var/run/ospd.sock in the scanner config with
"gvmd --modify-scanner=UUID of OpenVAS Default --scanner-host=/opt/gvm/var/run/ospd.sock"
which worked for me, so that I could skip the "register your new scanner" section.
BR, cache
Hi,
That's great. I'm going to test that out "asap" :tm: and change the text in the writeup. thnx!
-- Falk
drmendes
commented
4 years ago @falkowich I think a path is missing in
Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin:/opt/gvm/sbin"it should be
Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin:/opt/gvm/sbin:/opt/gvm/bin"or else you cant run
greenbone-nvt-syncTake into account that I am a newbie :D
drmendes
commented
4 years ago *I might be saying wrong jibber-jabber
jamesber50
commented
4 years ago Hopefully not a stupid question, does this include accepted commits since the 11 initial release?
karkaaa
commented
4 years ago Hello,
I have this errors in log:
gvm@gvm:/opt/gvm/var/log/gvm$ tail ospd-scanner.log 2020-03-19 13:04:44,624 OSPD - openvas: ERROR: (ospd_openvas.daemon) Failed to create feed lock file /var/run/ospd/feed-update.lock. [Errno 2] No such file or directory: '/var/run/ospd/feed-update.lock' 2020-03-19 13:04:54,635 OSPD - openvas: ERROR: (ospd_openvas.daemon) Failed to create feed lock file /var/run/ospd/feed-update.lock. [Errno 2] No such file or directory: '/var/run/ospd/feed-update.lock'
gvm@gvm:/opt/gvm/var/log/gvm$ tail gvmd.log md manage:WARNING:2020-03-19 11h04.24 utc:1925: manage_update_nvt_cache_osp: failed to connect to /opt/gvm/var/run/ospd.sock md manage:WARNING:2020-03-19 11h04.34 utc:1933: manage_update_nvt_cache_osp: failed to connect to /opt/gvm/var/run/ospd.sock
gvm@gvm:/opt/gvm/var/log/gvm$ tail gsad.log gsad main:MESSAGE:2020-03-19 10h51.44 utc:555: Starting GSAD version 9.0.0~git-c6b0b9ed3-gsa-9.0 gsad main:WARNING:2020-03-19 10h53.46 utc:556: MHD: Error: received handshake message out of context gsad main:WARNING:2020-03-19 10h53.46 utc:556: MHD: Error: received handshake message out of context
please help :)
Thank you
falkowich
commented
4 years ago Guide is updated to 11 standards. And it should now work again..
BIG thanks to all of you !
-- Regards Falk
karkaaa
commented
4 years ago Hello,
I found this warning in gvmd.log:
md manage: INFO:2020-04-06 07h29.16 utc:6281: Updating placeholder CPEs md manage: INFO:2020-04-06 07h29.43 utc:6281: sync_scap: Updating SCAP info succeeded md manage:WARNING:2020-04-06 07h29.43 utc:6281: sql_exec_internal: PQexec failed: ERROR: relation "cert_bund_advs" does not exist LINE 1: SELECT EXISTS (SELECT * FROM cert_bund_advs WHERE creation_... ^ (7) md manage:WARNING:2020-04-06 07h29.43 utc:6281: sql_exec_internal: SQL: SELECT EXISTS (SELECT * FROM cert_bund_advs WHERE creation_time > coalesce (CAST ((SELECT value FROM meta WHERE name = 'cert_check_time') AS INTEGER), 0)); md manage:WARNING:2020-04-06 07h29.43 utc:6281: sql_x_internal: sql_exec_internal failed
it is bad?
arjenlentz
commented
4 years ago Well done, your approach even works for Ubuntu 18.04.4 LTS Couple of comments:
Ubuntu has Python 3.6, so that needs adjusting somewhere along the way (Python 3.7 referenced).
#
#
#
#
It is as the file from an existing setup, but with the set zero'd out so it's clear it's not up-to-date.
The /etc/systemd/system/gvmd.service needs a longer timeout to start, particularly because on its first run it will do the NVT update and that will take a while. Consequentially systemd reports a failure in starting the daemon even though it's running. It's "ok" but it looks messy. Adding 'TimeoutStartSec=300s' does the job. It usually takes much less time, but just to be sure.
You'll also want to add a cron job to keep the feeds up-to-date. Add an /etc/cron.d/gvm with: 10 1 * gvm /opt/gvm/bin/greenbone-nvt-sync && /opt/gvm/sbin/greenbone-certdata-sync && /opt/gvm/sbin/greenbone-scapdata-sync && /opt/gvm/sbin/openvas --update-vt-info
ghost
commented
4 years ago Anyone can help me? i've tried to start gvmd service but don't run, the error is:
May 07 12:22:29 00-settete systemd[1]: gvmd.service: Can't open PID file /opt/gvm/var/run/gvmd.pid (yet?) after start: Operation not permitted May 07 12:24:00 00-settete systemd[1]: gvmd.service: start operation timed out. Terminating. May 07 12:24:00 00-settete systemd[1]: gvmd.service: Failed with result 'timeout'. The unit gvmd.service has entered the 'failed' state with result 'timeout'. May 07 12:24:00 00-settete systemd[1]: Failed to start Job that runs the gvm daemon. -- Subject: A start job for unit gvmd.service has failed -- Defined-By: systemd -- Support: https://www.debian.org/support
The permission in the directory /opt/gvm/var/run/ are gvm:gvm The others services run correctly
anubisthejackle
commented
4 years ago If you're trying to install this on Kali 2020.1, I used this blog post as the basis for putting together an automation script: https://github.com/anubisthejackle/kali-openvas-install
ghost
commented
4 years ago If you're trying to install this on Kali 2020.1, I used this blog post as the basis for putting together an automation script: https://github.com/anubisthejackle/kali-openvas-install
nice script mate, i've only a error at the end, "ERROR: get_db_connection: Not possibile to run openvas. [Errno 2] No such file or directory: 'openvas' I'm trying to find the problem can't find /opt/gvm/bin/ospd-scanner/bin/ospd-openvas, he don't create the directory /opt/gvm/bin/ospd-scanner/bin/python and /opt/gvm/bin/ospd-scanner/bin/ospd-openvas
If i try to modify the service with what it created i see:
root@kali:/opt/gvm# python3 /opt/gvm/bin/ospd-openvas --pid-file /opt/gvm/var/run/ospd-openvas.pid --unix-socket=/opt/gvm/var/run/ospd.sock --log-file /opt/gvm/var/log/gvm/ospd-scanner.log --lock-file-dir /opt/gvm/var/run/ospd/
Traceback (most recent call last):
File "/opt/gvm/bin/ospd-openvas", line 6, in <module>
from pkg_resources import load_entry_point
File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 3259, in <module>
def _initialize_master_working_set():
File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 3242, in _call_aside
f(*args, **kwargs)
File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 3271, in _initialize_master_working_set
working_set = WorkingSet._build_master()
File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 584, in _build_master
ws.require(__requires__)
File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 901, in require
needed = self.resolve(parse_requirements(requirements))
File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 787, in resolve
raise DistributionNotFound(req, requirers)
pkg_resources.DistributionNotFound: The 'ospd-openvas==1.0.1' distribution was not found and is required by the application/opt/gvm/bin/ospd-scanner/bin/python /opt/gvm/bin/ospd-scanner/bin/ospd-openvas --pid-file /opt/gvm/var/run/ospd-openvas.pid --unix-socket=/opt/gvm/var/run/ospd.sock --log-file /opt/gvm/var/log/gvm/ospd-scanner.log --lock-file-dir /opt/gvm/var/run/ospd/
/opt/gvm/bin/ospd-scanner/bin/python: can't open file '/opt/gvm/bin/ospd-scanner/bin/ospd-openvas': [Errno 2] No such file or directoryIf you're trying to install this on Kali 2020.1, I used this blog post as the basis for putting together an automation script: https://github.com/anubisthejackle/kali-openvas-install
nice script mate, i've only a error at the end, "ERROR: get_db_connection: Not possibile to run openvas. [Errno 2] No such file or directory: 'openvas' I'm trying to find the problem can't find /opt/gvm/bin/ospd-scanner/bin/ospd-openvas, he don't create the directory /opt/gvm/bin/ospd-scanner/bin/python and /opt/gvm/bin/ospd-scanner/bin/ospd-openvas
If i try to modify the service with what it created i see:
root@kali:/opt/gvm# python3 /opt/gvm/bin/ospd-openvas --pid-file /opt/gvm/var/run/ospd-openvas.pid --unix-socket=/opt/gvm/var/run/ospd.sock --log-file /opt/gvm/var/log/gvm/ospd-scanner.log --lock-file-dir /opt/gvm/var/run/ospd/ Traceback (most recent call last): File "/opt/gvm/bin/ospd-openvas", line 6, in <module> from pkg_resources import load_entry_point File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 3259, in <module> def _initialize_master_working_set(): File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 3242, in _call_aside f(*args, **kwargs) File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 3271, in _initialize_master_working_set working_set = WorkingSet._build_master() File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 584, in _build_master ws.require(__requires__) File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 901, in require needed = self.resolve(parse_requirements(requirements)) File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 787, in resolve raise DistributionNotFound(req, requirers) pkg_resources.DistributionNotFound: The 'ospd-openvas==1.0.1' distribution was not found and is required by the application/opt/gvm/bin/ospd-scanner/bin/python /opt/gvm/bin/ospd-scanner/bin/ospd-openvas --pid-file /opt/gvm/var/run/ospd-openvas.pid --unix-socket=/opt/gvm/var/run/ospd.sock --log-file /opt/gvm/var/log/gvm/ospd-scanner.log --lock-file-dir /opt/gvm/var/run/ospd/ /opt/gvm/bin/ospd-scanner/bin/python: can't open file '/opt/gvm/bin/ospd-scanner/bin/ospd-openvas': [Errno 2] No such file or directory
I think I've narrowed this down to needing to make sure we have the python 3.7 header files.
Please run apt install python3.7-dev and then re-run [repo directory]/gvm/19-install-ospd.sh
I'm not 100% sure, but you may need to run 18 prior to this, to make sure that you're inside the virtualenv.
anubisthejackle
commented
4 years ago If you're trying to install this on Kali 2020.1, I used this blog post as the basis for putting together an automation script: https://github.com/anubisthejackle/kali-openvas-install
nice script mate, i've only a error at the end, "ERROR: get_db_connection: Not possibile to run openvas. [Errno 2] No such file or directory: 'openvas' I'm trying to find the problem can't find /opt/gvm/bin/ospd-scanner/bin/ospd-openvas, he don't create the directory /opt/gvm/bin/ospd-scanner/bin/python and /opt/gvm/bin/ospd-scanner/bin/ospd-openvas
If i try to modify the service with what it created i see:
root@kali:/opt/gvm# python3 /opt/gvm/bin/ospd-openvas --pid-file /opt/gvm/var/run/ospd-openvas.pid --unix-socket=/opt/gvm/var/run/ospd.sock --log-file /opt/gvm/var/log/gvm/ospd-scanner.log --lock-file-dir /opt/gvm/var/run/ospd/ Traceback (most recent call last): File "/opt/gvm/bin/ospd-openvas", line 6, in <module> from pkg_resources import load_entry_point File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 3259, in <module> def _initialize_master_working_set(): File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 3242, in _call_aside f(*args, **kwargs) File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 3271, in _initialize_master_working_set working_set = WorkingSet._build_master() File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 584, in _build_master ws.require(__requires__) File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 901, in require needed = self.resolve(parse_requirements(requirements)) File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 787, in resolve raise DistributionNotFound(req, requirers) pkg_resources.DistributionNotFound: The 'ospd-openvas==1.0.1' distribution was not found and is required by the application/opt/gvm/bin/ospd-scanner/bin/python /opt/gvm/bin/ospd-scanner/bin/ospd-openvas --pid-file /opt/gvm/var/run/ospd-openvas.pid --unix-socket=/opt/gvm/var/run/ospd.sock --log-file /opt/gvm/var/log/gvm/ospd-scanner.log --lock-file-dir /opt/gvm/var/run/ospd/ /opt/gvm/bin/ospd-scanner/bin/python: can't open file '/opt/gvm/bin/ospd-scanner/bin/ospd-openvas': [Errno 2] No such file or directory
Also: There seems to be a problem with the redis server. Redis on Kali is not using a socket by default, and doesn't seem to pick up the ospd-openvas config. I made this work by changing the db socket location, activating the socket in redis's default config, and telling ospd to use that default socket location.
There was also a permissions issue related to the default socket (by default it is owned by redis:redis and set to 700) because I'm okay with the security implications, I opened that socket to 777 and got it working.
I will be adding all of these changes to the script in the near future.
ghost
commented
4 years ago Thanks for all the answer mate, after this changes (python 3.7 -> python 3.8), restart of NVt database and a check of all permission, now gvm11 is running :) i've try this on a normal kali 2020.1 and on a kali 2020.1 for arm (PI 4). The problem is when i reboot, now the scans go in errorr (gsad log say "error: received handshake message out of context).
initially the scan goes wrong, but after some time and after a restart of the greenbone-scapdata-sync services and after I open the "secinfo-nvt, secinfo-cve, secinfo-cpe" tabs it is as if he updates the databases and after these operations all works fine, I'm trying to find the real problem. Thanks for the support, i write here when I know something more.
jamesber50
commented
4 years ago Feel like a jerk for asking, but any chance you'd consider creating an update step document for going from 11.0 -> 11.0.1?
(I managed to get 95% there but was getting ospd.sock and feed_update.lock errors - everything worked but scanning)
meetgyn
commented
4 years ago gvm @ lab1: / opt / gvm / src $ sudo -u postgres bash [sudo] password for gvm: I'm sorry, try again. [sudo] password for gvm: I'm sorry, gvm user is not allowed to run "/ usr / bin / bash" as postgres in xxxxxxxx gvm @ lab1: / opt / gvm / src $
cache-memory
commented
4 years ago gvm @ lab1: / opt / gvm / src $ sudo -u postgres bash [sudo] password for gvm: I'm sorry, try again. [sudo] password for gvm: I'm sorry, gvm user is not allowed to run "/ usr / bin / bash" as postgres in xxxxxxxx gvm @ lab1: / opt / gvm / src $
Maybe it's not so clear in the description:
Configure PostgreSQL
For this we will use the sudo enabled user. (not root)
the "sudo enabled user" is your debian system user, which you used for the apt install stuff (not root and not gvm). The gvm user is used for the all the greenbone related stuff. I did that step in a seperate terminal window.
BR, Cache
meetgyn
commented
4 years ago gvm @ lab1: / opt / gvm / src $ sudo -u postgres bash [sudo] password for gvm: I'm sorry, try again. [sudo] password for gvm: I'm sorry, gvm user is not allowed to run "/ usr / bin / bash" as postgres in xxxxxxxx gvm @ lab1: / opt / gvm / src $
Maybe it's not so clear in the description:
Configure PostgreSQL For this we will use the sudo enabled user. (not root)
the "sudo enabled user" is your debian system user, which you used for the apt install stuff (not root and not gvm). The gvm user is used for the all the greenbone related stuff. I did that step in a seperate terminal window.
BR, Cache
Thank you, it helped me a lot.
dimante
commented
4 years ago Hello! I have to tell you firstly, thank you for the most concise installation for this platform that I have seen yet. I tried Ubuntu, no good, centos, no good. But I have followed your instructions to the letter. I have no greenbone-nvt-sync everything else seems to function, why is this not working? I even tried the path adjustment that was mentioned earlier in the threads here. I currently have no nvt feed so I know thats broken. Thanks for the most complete script I have run into to date!!
dimante
commented
4 years ago Here is what I have found as far as updates and the NVT feed disappearing:
If this seems to be looping and the NVT feed is not showing up in the gui the following files will need to be removed. The gvmd will recreate them and the process then seems to complete:
ch /opt/gvm/var/run rm gvm-*
The gvm- files get recreated and the NVT feed re-appears EVERY time. Now I just have to figure out for the upgrade script do I add the removal of the files first or on restart do I schedule a removal of the gvm- files... once this is done the feeds update... Not sure why the manual removal has to happen to get the feeds to load right at reboot... It's a mystery for sure.
karkaaa
commented
4 years ago Hi,
How can upgrade?
High (CVSS: 10.0) NVT: Report outdated / end-of-life Scan Engine / Environment (local) Vulnerability Detection Result Installed GVM Libraries (gvm-libs) version: 11.0.0 Latest available GVM Libraries (gvm-libs) version: 11.0.1
jamesber50
commented
4 years ago @Karkaaa I'm not even sure if the new release is stable to be honest. I've tried and failed on it twice.
SEE POST BELOW. AM TOLD THIS IS INEFFICIENT, The usual process though, in my very limited experience, is that you follow the document largely in reverse, removing the components you installed and then reinstalling them back once the modules are all removed.
ri-pa
commented
4 years ago @jamesber50 the update runs without any problem. I was able to do to update. The steps you described are NOT correct. Do not remove anything. Just compile the new sources and run "make install" It will replace the files that were updated. After that I also migrated the database using the appropriate command provided by GVM. Works like a charm.
jamesber50
commented
4 years ago @jamesber50 the update runs without any problem. I was able to do to update. The steps you described are NOT correct. Do not remove anything. Just compile the new sources and run "make install" It will replace the files that were updated. After that I also migrated the database using the appropriate command provided by GVM. Works like a charm.
Glad that worked for you! I'll try that again the next go around. That failed for me previously. Prevailing logic said to rip and replace, To further update my statement above, I can confirm I was able to get on the latest version last Friday and it seems to be running fine.
nigamelastic
commented
4 years ago I followed everything through but I cant get the PID or socks, great work @anubisthejackle , however I cant for the life of me install python3.7 dev on kali linux, despite adding the ppa repo.
cbst881
commented
4 years ago Hi, I got folowing problems during the execution of make for GSA. Can anyone help me? Scanning dependencies of target gsad [ 16%] Building C object gsad/src/CMakeFiles/gsad.dir/gsad.c.o /opt/gvm/src/gsa/gsad/src/gsad.c: In function ‘start_unix_http_daemon’: /opt/gvm/src/gsa/gsad/src/gsad.c:2602:20: error: passing argument 5 of ‘MHD_start_daemon’ from incompatible pointer type [-Werror=incompatible-pointer-types] and so on.... the same for start_htp_daemon and start_Https_daemon
Thanks chris
cfi-gb
commented
4 years ago @falkowich Few suggestion for the systemd files and the "After" statements used in these. To have a sane dependency chain i would suggest the following:
gvmd.service:
After=postgresql.service ospd-openvas.service-> Because of the ExecStart=/opt/gvm/sbin/gvmd --osp-vt-update=/opt/gvm/var/run/ospd.sock used in that unit file so that the socket is there once gvmd.service is starting
gsad.service:
After=gvmd.service-> A successful login in the GSA needs the GVMd to be started / running. In addition GSA doesn't have any dependency to PostgreSQL.
ospd-openvas.service:
-> Drop the After=postgresql.service completely because this service doesn't have any dependency to PostgreSQL.
For all current After i'm not sure if something like Wants or Requires should be used instead but i'm not familiar with systemd on this.
At least in Debian the "Wants" to redis-server is used:
ManuelFFF
commented
4 years ago Hi,
I was able to follow the steps till end and got GVM 11 running, but if I restart the server, then gvmd process won't work.
Is anybody else experiencing the same issue and know how I could fix it?
Thank you
cfi-gb
commented
4 years ago The "config and build manager" part to cherry-pick the specific commit shouldn't be required anymore as this change should be now also included in the gvmd-9.0 release branch since https://github.com/greenbone/gvmd/pull/1166
falkowich
commented
4 years ago For the moment I am recharging myself by the coast here in Sweden. But after this I hopefully have some good time to update the guide with all the help I got here in the comments.
-- Regards Falk
svg64
commented
4 years ago I have a problem with the configuration and installation of gsa When executing command "cmake -DCMAKE_INSTALL_PREFIX=/opt/gvm .." there is a message in the result: ... Could NOT find polib (missing: POLIB_LOCATION _POLIB_VERSION_MATCH) CMake Warning at gsa/po/CMakeLists.txt:111 (message): Could not build translation files: Python interpreter or polib Python module not found. ... and so I can't go on
Please help
falkowich
commented
4 years ago @svg64, did you get it working?
falkowich
commented
4 years ago Thanks to all comments here, the writeup is updated to latest (as of 20200805) GVM11 with fixes from comments above..
-- Regards Falk
falkowich
commented
4 years ago @ManuelFFF With the help of @cfi-gb I'll updated the service startup scripts. So this should work better now.. :tm: :)
ghost
commented
4 years ago Guys, we can install the gvm-tools on this release? thanks
ManuelFFF
commented
4 years ago Hi @falkowich,
Thank you for updating this wonderful tutorial. It works fine! Just a brief feedback:
Thank you
ManuelFFF
commented
4 years ago @othin87,
After completed the GVM installation, run the following commands:
$ sudo su - gvm $ pip3 install --user gvm-tools
Cheers!
ghost
commented
4 years ago @falkowich I followed your script, so good and concise, it's great writing and worked OOB. I do have one question though; where can I modify the gsad script to be able to use a custom SSL cert and key?
eqppwqqep
commented
4 years ago I have fought with this now on both the Kali Pi4 build and the RaspiOS debian buster build. The scripts works exactly as you would expect but when you start gvmd.service, it timesout. Something to do with no "meta" table in the db. It has happened to me whether build from source or from a package (which Kali apparently has available). Any ideas?
bellsanx62
commented
4 years ago I followed your instructions and everything worked perfectly. After I restarted my computer, all scans now shows Error under the Severity Level and the scans ends in less than a minute. What is going on?
eqppwqqep
commented
4 years ago Could be the feed isn’t done updating. Open the report and look under errors.
On Tue, Aug 18, 2020 at 4:59 PM bellsanx62 notifications@github.com wrote:
I followed your instructions and everything worked perfectly. After I restarted my computer, all scans now shows Error under the Severity Level and the scans ends in less than a minute. What is going on?
— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/falkowich/comments-sadsloth/issues/8#issuecomment-675741238, or unsubscribe https://github.com/notifications/unsubscribe-auth/AQR72GNWNGZYH5TEZGUAOELSBL2U7ANCNFSM4KKXCNUA .
dimante
commented
4 years ago I followed your instructions and everything worked perfectly. After I restarted my computer, all scans now shows Error under the Severity Level and the scans ends in less than a minute. What is going on?
How does your "Administration > Feed Status" look?
Most problems especially on restart seem to revolve around broken feeds / updates. A lot of times the NVT feed will not even show up after restart. I have found the following helpful in regard to rebooting the system:
If the NVT feed is not showing up in the gui the following files will need to be removed. The gvmd will recreate them and the process then seems to complete:
I have not been able to pin down why clearing the files works, the NVT feed shows up again and the feeds can be updated:
greenbone-nvt-sync
ghost
commented
4 years ago @ManuelFFF thank for your reply, You've been very kind I've another question linked to the previous one:
If i want enable GMP ( first needs to be activated on the GSM appliance i think) for get report (or do commands) from outside of the server to a specific port, how can i do this? Thanks
ghost
commented
4 years ago @ManuelFFF thank for your reply, You've been very kind I've another question linked to the previous one:
If i want enable GMP ( first needs to be activated on the GSM appliance i think) for get report (or do commands) from outside of the server to a specific port, how can i do this? Thanks
Hi i've find a solution for this, including a line in the service of gsad and gvmd gsad.service --> ExecStart=/opt/gvm/sbin/gsad --drop-privileges=gvm --mlisten=0.0.0.0 gvmd.service ---> ExecStart=/opt/gvm/sbin/gvmd --osp-vt-update=/opt/gvm/var/run/ospd.sock --listen=0.0.0.0
So now, out of this vm, i can take the reports with the gvm-cli :) with a simple script Now i'm trying to resolve the problem on the debian 10 (or kali) for the reports in .csv...there is a bug on ony the debians 10 :(
andreaawd
commented
4 years ago "create admin user
gvmd --create-user=admin --password=admin
update feeds
greenbone-certdata-sync"
maybe I'm wrong, but it seems that the line greenbone-scapdata-sync is missing...
mrcnpp
commented
4 years ago Hi i followed the guide . When i try to start the daemons i get this error :
failed to open lock file '/opt/gvm/var/run/feed-update.lock' :Permission Denied
someone has a solution ? Thanks
drmendes
commented
4 years ago I recommend you follow this instead. Mainly due to the new update structure. Does the file /opt/gvm/var/run/feed-update.lock exist? Your problem is not related to it most likely though. Just a permissions problem. Make sure you use all proper chmods, chowns, set up the user properly, switch rightfully on each step between root, sudo user, and gvm and run the apps with the correct users.
mrcnpp
commented
4 years ago hi the file /opt/gvm/var/run/feed-update.lock exist but his size is 0 and is owned by root , is that correct ?Thanks
drmendes
commented
4 years ago Ah that is the catch, should be owned by gvm itself. You did something wrong on the steps. chown gvm:gvm /opt/gvm/var/run/feed-update.lock is the hammer solution but you'll probably have more problems related
Install Greenbone Vulnerability Manager 11 on Debian 10.2 from source... · sadsloth.net
https://sadsloth.net/post/install-gvm11-src-on-debian/