I installed GVM 11 from the source … I wrote an ansible playbook. If anybody are interested, I will share it at github
hui
link?
For which OS did you make it?
I would definitely be interested in this
Sounds interesting!
Do you mind to share the link?
Would be nice to see how others did this. I tried to do it with some bash script to have it compile from source automated by jenkins. Might be fine to have an idea what I could do better …!
Yes I’m interested on it. Please could you send the link? Thank you
yes, please do. I’m interested to see it.
Also I’m very interested… Please, post it on github!!
Here is the playbook. It works for me but i can’t guarantee for everyone. It based on the howto
https://sadsloth.net/post/install-gvm11-src-on-debian/
feedbacks are welcome
I’ll be taking a look at that. Thanks for your contribution!
Just started looking at this, and it’s really gonna be a time saver for me, so thank you very much.
I do have one question. In tasks/main.yml, you have a couple of spots where you are checking if a file exists, and only running a task if it doesn’t. Was there a reason you chose to do it that way, instead of achieving idempotency using the “creates” keyword? Was this a style choice? My bias is usually to make playbooks as short and sweet as possible, which is the only reason I ask.
For example, instead of doing this:
- name: check if /opt/gvm/lib/libgvm_base.so exist
stat:
path: /opt/gvm/lib/libgvm_base.so
register: libgvm
- name: make gvm-libs
command: /opt/gvm/install-stuff/build.sh
become: yes
become_user: gvm
args:
chdir: /opt/gvm/src/gvm-libs
when: libgvm.stat.exists == False
Do this:
- name: make gvm-libs
command: /opt/gvm/install-stuff/build.sh
become: yes
become_user: gvm
args:
chdir: /opt/gvm/src/gvm-libs
creates: /opt/gvm/lib/libgvm_base.so
Thanks for the hint. I am working with ansible only a couple of days … so there is a lot of room to make it better … I will change this
I borrowed your playbook and I’m adapting it to Centos 8.1. I’ll share it when I’ve got it working, and perhaps someone can make it ansible_os_family aware.
For some reasons I cannot get it work… Service gvmd.service doesn’t start…
(I’m on Centos 8.2.2004)
Job for gvmd.service failed because a timeout was exceeded.
See “systemctl status gvmd.service” and “journalctl -xe” for details.
(no details useful in journalctl…)
What do you see in the gvmd log? (/opt/gvm/var/log/gvm/gvmd.log)
md main:MESSAGE:2020-06-26 14h23.31 utc:178301: Greenbone Vulnerability Manager version 9.0.1~git-f17f9a71-gvmd-9.0 (GIT revision f17f9a71-gvmd-9.0) (DB revision 221)
md manage:WARNING:2020-06-26 14h23.31 utc:178302: sql_exec_internal: PQexec failed: ERROR: permission denied to set role “dba”
(7)
md manage:WARNING:2020-06-26 14h23.31 utc:178302: sql_exec_internal: SQL: SET role dba;
md manage:WARNING:2020-06-26 14h23.31 utc:178302: sqlv: sql_exec_internal failed
Assuming you are doing this on a test system, do you have /etc/ld.so.conf.d/gvm.conf configured? It should have /opt/gvm/lib in it, and you should run ldconfig to make the system aware of it.
Also, you might check that the database is configured correctly for the gvm user.
how can I check the database?
ld.so.conf is as you say: /opt/gvm/lib is in gvm.conf
You might check this post.
Install postgres database server
AS ROOT:
yum install -y postgresql-server postgresql-contrib postgresql-server-devel
/usr/bin/postgresql-setup --initdb
systemctl enable postgresql
systemctl start postgresqlConfigure postgres database
(not secure, on to-do list is to configure this with a password…)
AS ROOT:
sudo -Hiu postgres
createuser gvm
createdb -O gvm gvmd
psql gvmd
create role dba with superuser noinherit;
grant dba to gvm;
create extension “uuid-ossp”;
create extension “pgcrypto”;
\q
exitsystemctl restart postgresql
I think for some reason was missing “grant dba to gvm”…
I will investigate it, for now thank you for your help!