immauss
commented
3 years ago I think something went wrong with the last rebuild. Marking this as a dupe of #43 for now.
Closed cybermcm closed 3 years ago
immauss
commented
3 years ago I think something went wrong with the last rebuild. Marking this as a dupe of #43 for now.
immauss
commented
3 years ago Well .... as it turns out ... the refresh process needs about 5G of space to pull all the feeds, rebuild the database and then compress the pieces. The machine running that ... did not have 5G of space. So it failed out and made a mess. Please give the "latest" a another shot and let me know if you have any issues.
-Scott
cybermcm
commented
3 years ago fresh latest image, still some points:
run_report_format_script: No generate script found at /usr/local/var/lib/gvm/gvmd/report_formats/8282ba3d-66e8-4971-859b-745b76a3a65e/c402cc3e-b531-11e1-9163-406186ea4fc5/generate
for example, "Default report format" empty, "Default port list" empty, .....
sometimes this works, most of the time not, any idea?immauss
commented
3 years ago Are you coming from an old DB, or starting fresh?
I'm not seeing this on a fresh pull and start of "latest" or in my production which is running the latest as well.
Anything interesting in "docker logs" ?
immauss
commented
3 years ago Hmm ... take a look at Lozio's issue ....
cybermcm
commented
3 years ago started with a "fresh" image, no persistent data on startup issue https://github.com/immauss/openvas/issues/43 also happens for my setup: GVMD_DATA 30 days old (but SKIPSYNC startup in my case) He added that his container is unhealthy, mine is healthy
my log:
openvas | 8:C 02 Jun 2021 18:03:34.534 # oO0OoO0OoO0Oo Redis is starting oO0OoO0OoO0Oo
openvas | 8:C 02 Jun 2021 18:03:34.534 # Redis version=5.0.7, bits=64, commit=00000000, modified=0, pid=8, just started
openvas | 8:C 02 Jun 2021 18:03:34.534 # Configuration loaded
openvas | Wait for redis socket to be created...
openvas | Testing redis status...
openvas | Redis ready.
openvas | Fixing Database folder...
openvas | Fixing local/var/lib ...
openvas | Fixing local/share ...
openvas | Fixing log directory for persistent logs ....
openvas | Creating postgresql.conf and pg_hba.conf
openvas | Starting PostgreSQL...
openvas | waiting for server to start....2021-06-02 16:03:39.015 GMT [30] LOG: starting PostgreSQL 12.7 (Ubuntu 12.7-1.pgdg20.04+1) on x86_64-pc-linux-gnu, compiled by gcc (Ubuntu 9.3.0-17ubuntu1~20.04) 9.3.0, 64-bit
openvas | 2021-06-02 16:03:39.016 GMT [30] LOG: listening on IPv4 address "0.0.0.0", port 5432
openvas | 2021-06-02 16:03:39.016 GMT [30] LOG: listening on IPv6 address "::", port 5432
openvas | 2021-06-02 16:03:39.017 GMT [30] LOG: listening on Unix socket "/var/run/postgresql/.s.PGSQL.5432"
openvas | 2021-06-02 16:03:39.023 GMT [30] LOG: could not open usermap file "/data/database/pg_ident.conf": No such file or directory
openvas | 2021-06-02 16:03:39.025 GMT [31] LOG: database system was shut down at 2021-06-02 16:03:32 GMT
openvas | 2021-06-02 16:03:39.030 GMT [30] LOG: database system is ready to accept connections
openvas | done
openvas | server started
openvas | Running first start configuration...
openvas | Adding gvm user
openvas | Fixing feed rsync options
openvas | NOTICE: relation "vt_severities" already exists, skipping
openvas | NOTICE: relation "vt_severities" already exists, skipping
openvas | NOTICE: relation "vt_severities" already exists, skipping
openvas | Migrating the database to the latest version if needed.
openvas | Starting Greenbone Vulnerability Manager...
openvas | Waiting for gvmd
openvas | Waiting for gvmd
openvas | admin
openvas | Time to fixup the gvm accounts.
openvas | Setting admin password
openvas | reset
openvas | Starting Postfix for report delivery by email
openvas | * Starting Postfix Mail Transport Agent postfix
openvas | ...done.
openvas | Starting Open Scanner Protocol daemon for OpenVAS...
openvas | Fixing the ospd socket ...
openvas | Starting Greenbone Security Assistant...
openvas | Oops, secure memory pool already initialized
openvas | ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
openvas | + Your GVM/openvas/postgresql container is now ready to use! +
openvas | ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
openvas |
openvas | gvmd --version
openvas | Greenbone Vulnerability Manager 21.4.0
openvas | Manager DB revision 242
openvas | Copyright (C) 2009-2021 Greenbone Networks GmbH
openvas | License: AGPL-3.0-or-later
openvas | This is free software: you are free to change and redistribute it.
openvas | There is NO WARRANTY, to the extent permitted by law.
openvas |
openvas | ++++++++++++++++
openvas | + Tailing logs +
openvas | ++++++++++++++++
openvas | ==> /usr/local/var/log/gvm/gsad.log <==
openvas | gsad main:MESSAGE:2021-06-02 05h45.36 utc:923: Starting GSAD version 21.04.0
openvas | gsad gmp:MESSAGE:2021-06-02 06h12.12 utc:925: Authentication success for 'admin' from 11.111.11.11
openvas | gsad main:MESSAGE:2021-06-02 16h03.49 utc:767: Starting GSAD version 21.04.0
openvas |
openvas | ==> /usr/local/var/log/gvm/gvmd.log <==
openvas | md main:WARNING:2021-06-02 16h03.41 utc:63: gvmd: databases are already at the supported version
openvas | md main:MESSAGE:2021-06-02 16h03.41 utc:69: Greenbone Vulnerability Manager version 21.4.0 (DB revision 242)
openvas | md main:MESSAGE:2021-06-02 16h03.41 utc:74: Greenbone Vulnerability Manager version 21.4.0 (DB revision 242)
openvas | md main:WARNING:2021-06-02 16h03.41 utc:74: gvmd: Another process is busy starting up
openvas | md main:MESSAGE:2021-06-02 16h03.42 utc:94: Greenbone Vulnerability Manager version 21.4.0 (DB revision 242)
openvas | md main:WARNING:2021-06-02 16h03.42 utc:94: gvmd: Another process is busy starting up
openvas | md main:MESSAGE:2021-06-02 16h03.43 utc:101: Greenbone Vulnerability Manager version 21.4.0 (DB revision 242)
openvas | md manage: INFO:2021-06-02 16h03.43 utc:101: Getting users.
openvas | md main:MESSAGE:2021-06-02 16h03.43 utc:106: Greenbone Vulnerability Manager version 21.4.0 (DB revision 242)
openvas | md manage: INFO:2021-06-02 16h03.43 utc:106: Modifying user password.
openvas |
openvas | ==> /usr/local/var/log/gvm/openvas.log <==
openvas | lib nvticache:MESSAGE:2021-06-02 05h46.57 utc:933: Updated NVT cache from version 0 to 202106011036
openvas | sd main:MESSAGE:2021-06-02 06h18.14 utc:3093: openvas 21.4.0 started
openvas | sd main:MESSAGE:2021-06-02 06h18.17 utc:3093: Vulnerability scan 8e6d1e69-98e1-488a-bc82-336c150ef182 started: Target has 1 hosts: xxx.xxx.xx, with max_hosts = 20 and max_checks = 4
openvas | sd main:MESSAGE:2021-06-02 06h18.17 utc:3101: Vulnerability scan 8e6d1e69-98e1-488a-bc82-336c150ef182 started for host: 80.110.40.138 (Vhosts: x.xxx.xx)
openvas | sd main:MESSAGE:2021-06-02 07h32.06 utc:3101: Vulnerability scan 8e6d1e69-98e1-488a-bc82-336c150ef182 finished for host 80.110.40.138 in 4428.30 seconds
openvas | sd main:MESSAGE:2021-06-02 07h32.06 utc:3093: Vulnerability scan 8e6d1e69-98e1-488a-bc82-336c150ef182 finished in 4432 seconds: 1 hosts
openvas |
openvas | ==> /usr/local/var/log/gvm/ospd-openvas.log <==
openvas | OSPD[906] 2021-06-02 07:45:36,846: INFO: (ospd.main) Starting OSPd OpenVAS version 21.4.0.
openvas | OSPD[906] 2021-06-02 08:18:02,183: INFO: (ospd.command.command) Scan 8e6d1e69-98e1-488a-bc82-336c150ef182 added to the queue in position 1.
openvas | OSPD[906] 2021-06-02 08:18:03,609: INFO: (ospd.ospd) Currently 1 queued scans.
openvas | OSPD[906] 2021-06-02 08:18:03,629: INFO: (ospd.ospd) Starting scan 8e6d1e69-98e1-488a-bc82-336c150ef182.
openvas | OSPD[906] 2021-06-02 09:32:07,229: INFO: (ospd.ospd) 8e6d1e69-98e1-488a-bc82-336c150ef182: Host scan finished.
openvas | OSPD[906] 2021-06-02 09:32:07,231: INFO: (ospd.ospd) 8e6d1e69-98e1-488a-bc82-336c150ef182: Scan finished.
openvas | OSPD[750] 2021-06-02 18:03:49,106: INFO: (ospd.main) Starting OSPd OpenVAS version 21.4.0.
openvas |
openvas | ==> /usr/local/var/log/gvm/openvas.log <==
openvas | lib nvticache:MESSAGE:2021-06-02 16h04.57 utc:779: Updated NVT cache from version 0 to 202106011036
openvas |
openvas | ==> /usr/local/var/log/gvm/gvmd.log <==
openvas | md manage:WARNING:2021-06-02 18h51.36 CEST:2206: run_report_format_script: No generate script found at /usr/local/var/lib/gvm/gvmd/report_formats/8282ba3d-66e8-4971-859b-745b76a3a65e/c402cc3e-b531-11e1-9163-406186ea4fc5/generate
openvas |
openvas |
openvas | ==> /usr/local/var/log/gvm/gvmd.log <==
openvas | md manage:WARNING:2021-06-02 20h00.43 CEST:3999: run_report_format_script: No generate script found at /usr/local/var/lib/gvm/gvmd/report_formats/8282ba3d-66e8-4971-859b-745b76a3a65e/c402cc3e-b531-11e1-9163-406186ea4fc5/generate
So the GVMD_DATA feed was normal. https://community.greenbone.net/t/gvmd-data-too-old-34-days-please-check-the-automatic-synchronization-of-your-system/7565/10
immauss
commented
3 years ago Are you still seeing issues?
cybermcm
commented
3 years ago using latest image with sha256:6a9a71b3882cb7d4d529e5057b3a8ead2acb3f2d66d02b721a98f0bdde9ffb55
2 things:
1) still no reports (tried pdf and csv), log:
md manage:WARNING:2021-06-03 17h26.43 CEST:32516: run_report_format_script: No generate script found at /usr/local/var/lib/gvm/gvmd/report_formats/8282ba3d-66e8-4971-859b-745b76a3a65e/c1645568-627a-11e3-a660-406186ea4fc5/generate
2) still sometimes settings are empty. Currently working, didn't change a thing since yesterday. Very weird. But this happens for a long time now, I think since switching to the new POSTGRES db version
immauss
commented
3 years ago OK ... I think there is a regression going on here.... I "thought" I fixed this once before .... now I just need to remember how I fixed it ... I think I have a path getting created wrong, or not being created ... But there is definitely something missing for reports.
immauss
commented
3 years ago OK finally remembered what I had to do last time this came up. I rebuilt the DB from scratch.
Can you give the current "latest" image a try and see if it is still giving you problems.
Thanks, Scott
cybermcm
commented
3 years ago you mentioned the database rebuild here last time, https://github.com/immauss/openvas/issues/31#issuecomment-832472381 ;-)
I just tried latest sha256:6a9a71b3882cb7d4d529e5057b3a8ead2acb3f2d66d02b721a98f0bdde9ffb55
clean volumes, from scratch, still no reports:
md manage:WARNING:2021-06-07 08h57.45 CEST:2327: run_report_format_script: No generate script found at /usr/local/var/lib/gvm/gvmd/report_formats/8282ba3d-66e8-4971-859b-745b76a3a65e/c402cc3e-b531-11e1-9163-406186ea4fc5/generate
cybermcm
commented
3 years ago @immauss: Any news on this? Do you need any additional logs? Just drop a note if I can do anything...
immauss
commented
3 years ago Sorry ... I've been swamped the last few weeks.
Let's start at the beginning. I'm still not sure why this isn't working for you. I've spun up a new image on multiple platforms, and the reports seems to work.
Can you send me your compose file or how you are starting?
I know .. that shoulnd't make a difference, but I'm grasping at straws to be honest.
and a 'docker system info' output and the full output of 'docker logs' for the container.
Maybe looking at them will trigger something for me.
Thanks, -Scott
cybermcm
commented
3 years ago Scott, I've to apologize... I started again from scratch, this time reports work fine. I don't know what I've missed last time, probably forgot to delete the old image files and pull new ones.
At least I can contribute to the other error I mentioned here, settings won't show correctly.
This is due to my setup with a Traefik reverse proxy. It seems that this causes 502 HTTP errors. Some sort of timing issue. I didn't find a solution until now, but I'll keep looking for it.
I'm closing this issue since your image is working, thanks again for your patience and your time.
Using latest amd64 tag from docker hub with a clean data path (from scratch)
sha256:34cc22d839eb28798681285a25c2eb0f1b7c955779c8c0154c7fd68a97a524541) seeing a WARNING message every 10 seconds:
md manage:WARNING:2021-05-31 20h21.33 utc:32750: secinfo_feed_version_status: last scap database update later than last feed update2) pdf report not working, download ends with a 0 byte file (correct file name but no content); doesn't work as email report