search

filewalkwithme / gvm-openvas-docker

Ready to use Openvas (GVM 11) in a Docker container
MIT License
14 stars 9 forks source link

How to update openvas feeds regularly and missing stored CVE’s under secinfo tab #4

Open ddos16 opened 4 years ago

ddos16 commented 4 years ago

Thanks

MarksenDE commented 4 years ago

Any update about this issue?

tsmets commented 4 years ago

Amof, there is an issue here ... From the Greenbone documentation, we find https://community.greenbone.net/t/how-to-update-keep-the-feed-up-to-date/1431

root@219723dcf62a:/# ls -la   /openvas/build/tools/greenbone-nvt-sync 
-rw-r--r-- 1 root root 16836 Sep  2 09:05 /openvas/build/tools/greenbone-nvt-sync
root@219723dcf62a:/# sh /openvas/build/tools/greenbone-nvt-sync 
<28>Sep  3 12:55:11 greenbone-nvt-sync: The log facility is not working as expected. All messages will be written to the standard error stream.
/openvas/build/tools/greenbone-nvt-sync must not be executed as privileged user root

Unlike the actual scanner the sync routine does not need privileges.
Accidental execution as root would prevent later overwriting of
files with a non-privileged user.
<27>Sep  3 12:55:11 greenbone-nvt-sync: Denied to run as root
root@219723dcf62a:/# su - openvas 
$ sh /openvas/build/tools/greenbone-nvt-sync 
<28>Sep  3 12:55:32 greenbone-nvt-sync: The log facility is not working as expected. All messages will be written to the standard error stream.
touch: cannot touch '/usr/local/var/run/feed-update.lock': Permission denied
<29>Sep  3 12:55:32 greenbone-nvt-sync: No Greenbone Security Feed access key found, falling back to Greenbone Community Feed
<29>Sep  3 12:55:32 greenbone-nvt-sync: Configured NVT rsync feed: rsync://feed.community.greenbone.net:/nvt-feed
Greenbone community feed server - http://feed.community.greenbone.net/
This service is hosted by Greenbone Networks - http://www.greenbone.net/

All transactions are logged.

If you have any questions, please use the Greenbone community portal. 
See https://community.greenbone.net for details.

By using this service you agree to our terms and conditions.

Only one sync per time, otherwise the source ip will be temporarily blocked.

receiving incremental file list
rsync: failed to set times on "/usr/local/var/lib/openvas/plugins/404.inc": Operation not permitted (1)
rsync: failed to set times on "/usr/local/var/lib/openvas/plugins/CAs.inc": Operation not permitted (1)
rsync: failed to set times on "/usr/local/var/lib/openvas/plugins/bad_dsa_ssh_host_keys.txt": Operation not permitted (1)
rsync: failed to set times on "/usr/local/var/lib/openvas/plugins/bad_rsa_ssh_host_keys.txt": Operation not permitted (1)
rsync: failed to set times on "/usr/local/var/lib/openvas/plugins/bad_ssh_host_keys.inc": Operation not permitted (1)
rsync: failed to set times on "/usr/local/var/lib/openvas/plugins/bad_ssh_keys.inc": Operation not permitted (1)

so ... running as root is not accepted running as openvas I received ERRORS

\T,

ema07cqc commented 3 years ago

Any news on this? Thanks.