search

greenbone / gvmd

Greenbone Vulnerability Manager - The database backend for the Greenbone Community Edition
GNU Affero General Public License v3.0
286 stars 154 forks source link

not completing installation, creating admin user fails #1866

Closed barakat-abweh closed 2 years ago

barakat-abweh commented 2 years ago

[>] Checking for GVM admin user [] Creating user admin for gvm Failed to create user: Invalid characters in user name [] Please note the generated admin password

y0urself commented 2 years ago

Hi Barakan, thank you for reporting an issue.

There is an Issue template: https://github.com/greenbone/gvmd/blob/main/.github/ISSUE_TEMPLATE/bug-report.md

Please fill out all fields, if you want help.

What version are you running? Way to reproduce, etc.

barakat-abweh commented 2 years ago

@y0urself

name: Bug Report about: Report an issue with gvmd title: '' labels: bug assignees: ''

Expected behavior

Actual behavior

Steps to reproduce

1.sudo gvm-check-setup
gvm-check-setup 21.4.3
  Test completeness and readiness of GVM-21.4.3
Step 1: Checking OpenVAS (Scanner)... 
        OK: OpenVAS Scanner is present in version 21.4.4.
        OK: Server CA Certificate is present as /var/lib/gvm/CA/servercert.pem.
Checking permissions of /var/lib/openvas/gnupg/*
        OK: _gvm owns all files in /var/lib/openvas/gnupg
        OK: redis-server is present.
        OK: scanner (db_address setting) is configured properly using the redis-server socket: /var/run/redis-openvas/redis-server.sock
        OK: redis-server is running and listening on socket: /var/run/redis-openvas/redis-server.sock.
        OK: redis-server configuration is OK and redis-server is running.
        OK: _gvm owns all files in /var/lib/openvas/plugins
        OK: NVT collection in /var/lib/openvas/plugins contains 11672 NVTs.
Checking that the obsolete redis database has been removed
        OK: No old Redis DB
        OK: ospd-OpenVAS is present in version 21.4.4.
Step 2: Checking GVMD Manager ... 
        OK: GVM Manager (gvmd) is present in version 21.4.5.
Step 3: Checking Certificates ... 
        OK: GVM client certificate is valid and present as /var/lib/gvm/CA/clientcert.pem.
        OK: Your GVM certificate infrastructure passed validation.
Step 4: Checking data ... 
        OK: SCAP data found in /var/lib/gvm/scap-data.
        OK: CERT data found in /var/lib/gvm/cert-data.
Step 5: Checking Postgresql DB and user ... 
        OK: Postgresql version and default port are OK.
 gvmd      | _gvm     | UTF8     | en_US.UTF-8 | en_US.UTF-8 | 
        ERROR: No users found. You need to create at least one user to log in.
        FIX: create a user by running 'sudo runuser -u _gvm -- gvmd --create-user=<name> --password=<password>'
2.sudo runuser -u _gvm -- gvmd --create-user=admin --password=password1234
Failed to create user: Invalid characters in user name

GVM versions

Greenbone Security Assistant 21.4.4

Greenbone Vulnerability Manager 21.4.5

OpenVAS 21.4.4

gvm-libs 21.4.4

Environment

Operating System: Debian 11

Installation method / source: apt install (debian packages)

Logfiles

...
md manage:   INFO:2022-09-04 07h47.20 UTC:12566: Updating /var/lib/gvm/scap-data/nvdcve-2.0-2014.xml
md manage:   INFO:2022-09-04 07h47.25 UTC:12566: Updating /var/lib/gvm/scap-data/nvdcve-2.0-2004.xml
md manage:   INFO:2022-09-04 07h47.28 UTC:12566: Updating /var/lib/gvm/scap-data/nvdcve-2.0-2022.xml
md manage:   INFO:2022-09-04 07h47.40 UTC:12566: Updating /var/lib/gvm/scap-data/nvdcve-2.0-2019.xml
md manage:   INFO:2022-09-04 07h48.03 UTC:12566: Updating /var/lib/gvm/scap-data/nvdcve-2.0-2007.xml
md manage:   INFO:2022-09-04 07h48.08 UTC:12566: Updating /var/lib/gvm/scap-data/nvdcve-2.0-2002.xml
md manage:   INFO:2022-09-04 07h48.11 UTC:12566: Updating OVAL data
md manage:   INFO:2022-09-04 07h48.13 UTC:12566: Updating /var/lib/gvm/scap-data/oval/5.10/org.mitre.oval/c/oval.xml
md manage:   INFO:2022-09-04 07h48.13 UTC:12566: Updating /var/lib/gvm/scap-data/oval/5.10/org.mitre.oval/i/oval.xml
md manage:   INFO:2022-09-04 07h48.14 UTC:12566: Updating /var/lib/gvm/scap-data/oval/5.10/org.mitre.oval/m/oval.xml
md manage:   INFO:2022-09-04 07h48.14 UTC:12566: Updating /var/lib/gvm/scap-data/oval/5.10/org.mitre.oval/p/oval.xml
md manage:   INFO:2022-09-04 07h48.33 UTC:12566: Updating /var/lib/gvm/scap-data/oval/5.10/org.mitre.oval/v/family/ios.xml
md manage:   INFO:2022-09-04 07h48.33 UTC:12566: Updating /var/lib/gvm/scap-data/oval/5.10/org.mitre.oval/v/family/macos.xml
md manage:   INFO:2022-09-04 07h48.33 UTC:12566: Updating /var/lib/gvm/scap-data/oval/5.10/org.mitre.oval/v/family/pixos.xml
md manage:   INFO:2022-09-04 07h48.33 UTC:12566: Updating /var/lib/gvm/scap-data/oval/5.10/org.mitre.oval/v/family/unix.xml
md manage:   INFO:2022-09-04 07h48.35 UTC:12566: Updating /var/lib/gvm/scap-data/oval/5.10/org.mitre.oval/v/family/windows.xml
md manage:   INFO:2022-09-04 07h48.39 UTC:12566: Updating user OVAL definitions.
md manage:   INFO:2022-09-04 07h48.39 UTC:12566: Updating CVSS scores and CVE counts for CPEs
md manage:   INFO:2022-09-04 07h49.44 UTC:12566: Updating CVSS scores for OVAL definitions
md manage:   INFO:2022-09-04 07h49.45 UTC:12566: Updating placeholder CPEs
md manage:   INFO:2022-09-04 07h49.54 UTC:12566: Updating Max CVSS for DFN-CERT
md manage:   INFO:2022-09-04 07h49.54 UTC:12566: Updating DFN-CERT CVSS max succeeded.
md manage:   INFO:2022-09-04 07h49.54 UTC:12566: Updating Max CVSS for CERT-Bund
md manage:   INFO:2022-09-04 07h49.54 UTC:12566: Updating CERT-Bund CVSS max succeeded.
md manage:   INFO:2022-09-04 07h49.56 UTC:12566: update_scap_end: Updating SCAP info succeeded
md manage:   INFO:2022-09-04 07h58.48 UTC:13416: sync_cert: Updating data from feed
md manage:   INFO:2022-09-04 07h58.48 UTC:13416: update_dfn_xml: dfn-cert-2009.xml
md manage:   INFO:2022-09-04 07h58.48 UTC:13416: Updating /var/lib/gvm/cert-data/dfn-cert-2009.xml
md manage:   INFO:2022-09-04 07h58.48 UTC:13416: update_dfn_xml: dfn-cert-2018.xml
md manage:   INFO:2022-09-04 07h58.48 UTC:13416: Updating /var/lib/gvm/cert-data/dfn-cert-2018.xml
md manage:   INFO:2022-09-04 07h58.49 UTC:13416: update_dfn_xml: dfn-cert-2022.xml
md manage:   INFO:2022-09-04 07h58.49 UTC:13416: Updating /var/lib/gvm/cert-data/dfn-cert-2022.xml
md manage:   INFO:2022-09-04 07h58.51 UTC:13416: update_dfn_xml: dfn-cert-2012.xml
md manage:   INFO:2022-09-04 07h58.51 UTC:13416: Updating /var/lib/gvm/cert-data/dfn-cert-2012.xml
md manage:   INFO:2022-09-04 07h58.52 UTC:13416: update_dfn_xml: dfn-cert-2016.xml
md manage:   INFO:2022-09-04 07h58.52 UTC:13416: Updating /var/lib/gvm/cert-data/dfn-cert-2016.xml
md manage:   INFO:2022-09-04 07h58.53 UTC:13416: update_dfn_xml: dfn-cert-2019.xml
md manage:   INFO:2022-09-04 07h58.53 UTC:13416: Updating /var/lib/gvm/cert-data/dfn-cert-2019.xml
md manage:   INFO:2022-09-04 07h58.55 UTC:13416: update_dfn_xml: dfn-cert-2020.xml
md manage:   INFO:2022-09-04 07h58.55 UTC:13416: Updating /var/lib/gvm/cert-data/dfn-cert-2020.xml
md manage:   INFO:2022-09-04 07h58.56 UTC:13416: update_dfn_xml: dfn-cert-2017.xml
md manage:   INFO:2022-09-04 07h58.56 UTC:13416: Updating /var/lib/gvm/cert-data/dfn-cert-2017.xml
md manage:   INFO:2022-09-04 07h58.58 UTC:13416: update_dfn_xml: dfn-cert-2021.xml
md manage:   INFO:2022-09-04 07h58.58 UTC:13416: Updating /var/lib/gvm/cert-data/dfn-cert-2021.xml
md manage:   INFO:2022-09-04 07h58.59 UTC:13416: update_dfn_xml: dfn-cert-2008.xml
md manage:   INFO:2022-09-04 07h58.59 UTC:13416: Updating /var/lib/gvm/cert-data/dfn-cert-2008.xml
md manage:   INFO:2022-09-04 07h58.59 UTC:13416: update_dfn_xml: dfn-cert-2014.xml
md manage:   INFO:2022-09-04 07h58.59 UTC:13416: Updating /var/lib/gvm/cert-data/dfn-cert-2014.xml
md manage:   INFO:2022-09-04 07h59.00 UTC:13416: update_dfn_xml: dfn-cert-2013.xml
md manage:   INFO:2022-09-04 07h59.00 UTC:13416: Updating /var/lib/gvm/cert-data/dfn-cert-2013.xml
md manage:   INFO:2022-09-04 07h59.01 UTC:13416: update_dfn_xml: dfn-cert-2010.xml
md manage:   INFO:2022-09-04 07h59.01 UTC:13416: Updating /var/lib/gvm/cert-data/dfn-cert-2010.xml
md manage:   INFO:2022-09-04 07h59.02 UTC:13416: update_dfn_xml: dfn-cert-2015.xml
md manage:   INFO:2022-09-04 07h59.02 UTC:13416: Updating /var/lib/gvm/cert-data/dfn-cert-2015.xml
md manage:   INFO:2022-09-04 07h59.03 UTC:13416: update_dfn_xml: dfn-cert-2011.xml
md manage:   INFO:2022-09-04 07h59.03 UTC:13416: Updating /var/lib/gvm/cert-data/dfn-cert-2011.xml
md manage:   INFO:2022-09-04 07h59.04 UTC:13416: Updating /var/lib/gvm/cert-data/CB-K22.xml
md manage:   INFO:2022-09-04 07h59.04 UTC:13416: Updating /var/lib/gvm/cert-data/CB-K21.xml
md manage:   INFO:2022-09-04 07h59.05 UTC:13416: Updating /var/lib/gvm/cert-data/CB-K20.xml
md manage:   INFO:2022-09-04 07h59.06 UTC:13416: Updating /var/lib/gvm/cert-data/CB-K14.xml
md manage:   INFO:2022-09-04 07h59.07 UTC:13416: Updating /var/lib/gvm/cert-data/CB-K18.xml
md manage:   INFO:2022-09-04 07h59.08 UTC:13416: Updating /var/lib/gvm/cert-data/CB-K13.xml
md manage:   INFO:2022-09-04 07h59.08 UTC:13416: Updating /var/lib/gvm/cert-data/CB-K16.xml
md manage:   INFO:2022-09-04 07h59.09 UTC:13416: Updating /var/lib/gvm/cert-data/CB-K19.xml
md manage:   INFO:2022-09-04 07h59.10 UTC:13416: Updating /var/lib/gvm/cert-data/CB-K15.xml
md manage:   INFO:2022-09-04 07h59.11 UTC:13416: Updating /var/lib/gvm/cert-data/CB-K17.xml
md manage:   INFO:2022-09-04 07h59.12 UTC:13416: Updating Max CVSS for DFN-CERT
md manage:   INFO:2022-09-04 07h59.14 UTC:13416: Updating DFN-CERT CVSS max succeeded.
md manage:   INFO:2022-09-04 07h59.14 UTC:13416: Updating Max CVSS for CERT-Bund
md manage:   INFO:2022-09-04 07h59.15 UTC:13416: Updating CERT-Bund CVSS max succeeded.
md manage:   INFO:2022-09-04 07h59.15 UTC:13416: sync_cert: Updating CERT info succeeded.
md   main:MESSAGE:2022-09-04 08h01.33 utc:14187:    Greenbone Vulnerability Manager version 21.4.5 (DB revision 242)
md manage:   INFO:2022-09-04 08h01.33 utc:14187:    Getting users.
md   main:MESSAGE:2022-09-04 08h01.34 utc:14194:    Greenbone Vulnerability Manager version 21.4.5 (DB revision 242)
md manage:   INFO:2022-09-04 08h01.34 utc:14194:    Getting users.
md   main:MESSAGE:2022-09-04 08h02.08 utc:14219:    Greenbone Vulnerability Manager version 21.4.5 (DB revision 242)
md manage:   INFO:2022-09-04 08h02.08 utc:14219:    Creating user.
md manage:WARNING:2022-09-04 08h02.08 utc:14219: Invalid characters in user name!
md   main:MESSAGE:2022-09-04 14h09.26 utc:16603:    Greenbone Vulnerability Manager version 21.4.5 (DB revision 242)
md manage:   INFO:2022-09-04 14h09.26 utc:16603:    Getting users.
md   main:MESSAGE:2022-09-04 14h09.27 utc:16607:    Greenbone Vulnerability Manager version 21.4.5 (DB revision 242)
md manage:   INFO:2022-09-04 14h09.27 utc:16607:    Getting users.
md   main:MESSAGE:2022-09-04 14h10.21 utc:16735:    Greenbone Vulnerability Manager version 21.4.5 (DB revision 242)
md manage:   INFO:2022-09-04 14h10.21 utc:16735:    Getting users.
md   main:MESSAGE:2022-09-04 14h10.21 utc:16739:    Greenbone Vulnerability Manager version 21.4.5 (DB revision 242)
md manage:   INFO:2022-09-04 14h10.21 utc:16739:    Getting users.
md   main:MESSAGE:2022-09-04 14h10.29 utc:16745:    Greenbone Vulnerability Manager version 21.4.5 (DB revision 242)
md manage:   INFO:2022-09-04 14h10.29 utc:16745:    Creating user.
md manage:WARNING:2022-09-04 14h10.29 utc:16745: Invalid characters in user name!
y0urself commented 2 years ago

There is no source-installation (apt-package) that is officially provided by us.

You should follow our source build installation guide or try out our docker containers.

What it looks like, you are running GVM-Docker by Secure Compliance Solution LLC - we do not support and can not help you with their/third-party scripts. Nevertheless this should have been fixed by them 2 years ago: https://github.com/Secure-Compliance-Solutions-LLC/GVM-Docker/commit/bd77805c71652a8eae1a969323a9a32a862e0312?ref=https://githubhelp.com

barakat-abweh commented 2 years ago

Im not using any dockers I'm using the packages from debian which is provided by debian team and based on your source code as far as I know The solution was running abd working till the last update

bjoernricks commented 2 years ago

Seems to be the same as https://forum.greenbone.net/t/cant-create-gvm-user-throws-an-error-failed-to-create-user-invalid-characters-in-user-name/13062

bjoernricks commented 2 years ago

This is a bug in Kali reported at https://bugs.kali.org/view.php?id=7926

androidfromcyberlife commented 2 years ago

@y0urself @bjoernricks

Apparently glib switched to pcre2 recently (https://gitlab.gnome.org/GNOME/glib/-/merge_requests/2529)

According to https://gitlab.gnome.org/GNOME/glib/-/issues/2760#note_1555737

Sadly this is not supported anymore by PCRE2, as per You cannot create a range with shorthand escape sequences. I think you should just fix the regex so that it will be "^[[:alnum:]\-_.]+$" that will work with both PCRE1 and PCRE2. It's likely we could try fix these cases, but it's probably too much effort compared to fixing not-fully-compliant regexes

See, for example, https://regex101.com/r/OS2NkM/1

Offending code: https://github.com/greenbone/gvmd/blob/067e1214a31dc469cc061836f91ffec1c8604bfb/src/manage.c#L5955

sbrun commented 2 years ago

Hi, With PCRE2 the hyphen must be escaped or appear in another position (like the first position or last position): http://www.pcre.org/current/doc/html/pcre2pattern.html#SEC9

In Kali I just change the position of the hyphen. Fixed regex can be: "^[[:alnum:]_.-]+$"