From Kali Linux Virtual box machine, “sudo apt install openvas.”
Install looks fine, except:
Do I need to know how to script to get the feed status to update from “update in progress” or “2 days old?” It’s read “update in progress” since install. Also “Scan Configs” has been “0” ever since install.
Hi,
could you take a look at /var/log/gvm/gvmd.log for possible errors? I suppose gvmd is in an update loop because of an error.
Some things to keep in mind is that:
(1) The feeds can take a long time to sync on systems with low resources, make sure you allocate lots of RAM and CPU to the VM.(2) The VM needs to be up and running to parse the errors, shutting it down will halt the process.I’m having a similar issue. I was able to install but unable to update/sync feeds. I have included the error in the images. I notice this command being thrown around greenbone-nvt-sync --rsync but it’s incomplete. The command in full is greenbone-nvt-sync --rsync-timeout where timeout is an integer.
greenbone-nvt-sync --rsync 100
-----Error log below----
└─# cat gvmd.log
md main:MESSAGE:2024-03-15 14h49.23 utc:702516: Greenbone Vulnerability Manager version 23.3.0 (DB revision 255)
md main: INFO:2024-03-15 14h49.23 utc:702516: Migrating database.
md main:WARNING:2024-03-15 14h49.23 utc:702516: manage_migrate: no task tables yet, so no need to migrate them
md main:MESSAGE:2024-03-15 14h49.23 utc:702516: No SCAP database found for migration
md main:MESSAGE:2024-03-15 14h49.23 utc:702516: No CERT database found for migration
md main: INFO:2024-03-15 14h49.23 utc:702516: gvmd: databases are already at the supported version
md main:MESSAGE:2024-03-15 14h49.23 utc:702522: Greenbone Vulnerability Manager version 23.3.0 (DB revision 255)
md manage: INFO:2024-03-15 14h49.23 utc:702522: Getting users.
md manage:WARNING:2024-03-15 14h49.23 utc:702522: sql_exec_internal: PQexec failed: ERROR: relation “public.meta” does not exist
LINE 1: SELECT value FROM public.meta WHERE name = 'database_version…
^
(7)
md manage:WARNING:2024-03-15 14h49.23 utc:702522: sql_exec_internal: SQL: SELECT value FROM public.meta WHERE name = ‘database_version’;
md manage:WARNING:2024-03-15 14h49.23 utc:702522: sql_x: sql_exec_internal failed
md manage:MESSAGE:2024-03-15 14h49.23 utc:702522: No SCAP database found
md manage:MESSAGE:2024-03-15 14h49.23 utc:702522: No CERT database found
md main:MESSAGE:2024-03-15 14h49.25 utc:702542: Greenbone Vulnerability Manager version 23.3.0 (DB revision 255)
md manage: INFO:2024-03-15 14h49.25 utc:702542: Creating user.
md manage:MESSAGE:2024-03-15 14h49.25 utc:702542: No SCAP database found
md manage:MESSAGE:2024-03-15 14h49.25 utc:702542: No CERT database found
md main:MESSAGE:2024-03-15 14h49.25 utc:702551: Greenbone Vulnerability Manager version 23.3.0 (DB revision 255)
md manage: INFO:2024-03-15 14h49.25 utc:702551: Getting users.
md manage:MESSAGE:2024-03-15 14h49.25 utc:702551: No SCAP database found
md manage:MESSAGE:2024-03-15 14h49.25 utc:702551: No CERT database found
md main:MESSAGE:2024-03-15 14h49.25 utc:702555: Greenbone Vulnerability Manager version 23.3.0 (DB revision 255)
md manage: INFO:2024-03-15 14h49.25 utc:702555: Modifying setting.
md manage:MESSAGE:2024-03-15 14h49.25 utc:702555: No SCAP database found
md manage:MESSAGE:2024-03-15 14h49.25 utc:702555: No CERT database found
md main:MESSAGE:2024-03-15 15h06.25 utc:710975: Greenbone Vulnerability Manager version 23.3.0 (DB revision 255)
md manage: INFO:2024-03-15 15h06.25 utc:710975: Getting scanners.
md manage:MESSAGE:2024-03-15 15h06.25 utc:710975: No SCAP database found
md manage:MESSAGE:2024-03-15 15h06.25 utc:710975: No CERT database found
md main:MESSAGE:2024-03-15 15h06.26 utc:710980: Greenbone Vulnerability Manager version 23.3.0 (DB revision 255)
md manage: INFO:2024-03-15 15h06.26 utc:710980: Modifying scanner.
md manage:MESSAGE:2024-03-15 15h06.26 utc:710980: No SCAP database found
md manage:MESSAGE:2024-03-15 15h06.26 utc:710980: No CERT database found
libgvm util:MESSAGE:2024-03-15 15h06.26 utc:710980: error searching for OpenPGP key ‘GVM Credential Encryption’: Not found
I am also unable to sync. I just installed for the first time on Kali from repo. The install went without a hitch, but when attempting to run greenbone-feed-sync --type nvt, absolutely nothing happens.
Checked with the firewall team and it looks like they have rsync blocked. You may need to check the same. Port 873 needs to be open for rsync. Being that firewalls are hit on that port a ton, you may need to open it for what you need then close it otherwise. So, bundle your updates. Service Name and Transport Protocol Port Number Registry
Ingress or egress? We are not blocking anything egress.
└─# sudo greenbone-feed-sync --type nvt --rsync-timeout 10
Running as root. Switching to user '_gvm' and group '_gvm'.
Trying to acquire lock on /var/lib/openvas/feed-update.lock
Acquired lock on /var/lib/openvas/feed-update.lock
⠙ Downloading Notus files from rsync://feed.community.greenbone.net/community/vulnerability-feed/22.04/vt-data/notus/ to
/var/lib/notus
rsync: [Receiver] safe_read failed to read 1 bytes: Connection reset by peer (104)
rsync error: error in rsync protocol data stream (code 12) at io.c(282) [Receiver=3.2.7]
Could be bad rsync… Check version. “rsync --version”
sudo service rsync restart
sudo service rsync status
Try repairing here https://rsync.samba.org/
Try doing sync on local machine between folders.
Seems to work just fine.
└─# rsync --version
rsync version 3.2.7 protocol version 31
Copyright (C) 1996-2022 by Andrew Tridgell, Wayne Davison, and others.
Web site: https://rsync.samba.org/
Capabilities:
64-bit files, 64-bit inums, 64-bit timestamps, 64-bit long ints,
socketpairs, symlinks, symtimes, hardlinks, hardlink-specials,
hardlink-symlinks, IPv6, atimes, batchfiles, inplace, append, ACLs,
xattrs, optional secluded-args, iconv, prealloc, stop-at, no crtimes
Optimizations:
SIMD-roll, no asm-roll, openssl-crypto, no asm-MD5
Checksum list:
xxh128 xxh3 xxh64 (xxhash) md5 md4 sha1 none
Compress list:
zstd lz4 zlibx zlib none
Daemon auth list:
sha512 sha256 sha1 md5 md4
rsync comes with ABSOLUTELY NO WARRANTY. This is free software, and you
are welcome to redistribute it under certain conditions. See the GNU
General Public Licence for details.
└─# rsync -rv ~ .
...
...
sent 1,187,566,510 bytes received 397,202 bytes 95,037,096.96 bytes/sec
total size is 1,185,689,980 speedup is 1.00