Greetings Greenbone Community,
I’m an OpenVAS User. I’m trying to use GVM_CLI to create tasks following the gvm-tools documentation.
Sidenote::Installation Challenges
GVM_TOOLS
As GVM_CLI needs to run as non-root user in Linux, I’ve installed it in the nonroot user account i’ve made. But while launching, it gives “bash:gvm-cli command not found”. I fixed it by installing the GVM_TOOLS in root account and then accessing it in the non-root account.
OpenVAS
OpenVAS on the other hand was unable to be launched as a non-root user with sudo, it throws error ( E: Could not get lock /var/lib/dpkg/lock), because it was installed in the root account. So I removed it in the root account and installed in the nonroot account, then i could launch OpenVAS with sudo.
Now in the Non-root Account, instances of GVMCLI and OpenVAS are running, but GVM_CLI is unable to acquire Socket Permission for Openvassd.sock [ERROR13]
for
[unixsocket]
socketpath=run/openvasmd.sock
nonroot@kali:~$ gvm-cli socket --xml “<get_version/>”
Traceback (most recent call last):
File “/usr/local/bin/gvm-cli”, line 10, in
sys.exit(main())
File “/home/nonroot/.local/lib/python3.7/site-packages/gvmtools/cli.py”, line 127, in main
with protocol_class(connection, transform=transform) as protocol:
File “/home/nonroot/.local/lib/python3.7/site-packages/gvm/protocols/gmp.py”, line 117, in enter
gmp = self.determine_supported_gmp()
File “/home/nonroot/.local/lib/python3.7/site-packages/gvm/protocols/gmp.py”, line 100, in determine_supported_gmp
version = self.determine_remote_gmp_version()
File “/home/nonroot/.local/lib/python3.7/site-packages/gvm/protocols/gmp.py”, line 83, in determine_remote_gmp_version
self.connect()
File “/home/nonroot/.local/lib/python3.7/site-packages/gvm/protocols/base.py”, line 107, in connect
self._connection.connect()
File “/home/nonroot/.local/lib/python3.7/site-packages/gvm/connections.py”, line 355, in connect
) from None
gvm.errors.GvmError: Socket /var/run/openvasmd.sock does not exist
for
[unixsocket]
socketpath=run/openvassd.sock
nonroot@kali:~$ gvm-cli socket --xml “<get_version/>”
Traceback (most recent call last):
File “/usr/local/bin/gvm-cli”, line 10, in
sys.exit(main())
File “/home/nonroot/.local/lib/python3.7/site-packages/gvmtools/cli.py”, line 127, in main
with protocol_class(connection, transform=transform) as protocol:
File “/home/nonroot/.local/lib/python3.7/site-packages/gvm/protocols/gmp.py”, line 117, in enter
gmp = self.determine_supported_gmp()
File “/home/nonroot/.local/lib/python3.7/site-packages/gvm/protocols/gmp.py”, line 100, in determine_supported_gmp
version = self.determine_remote_gmp_version()
File “/home/nonroot/.local/lib/python3.7/site-packages/gvm/protocols/gmp.py”, line 83, in determine_remote_gmp_version
self.connect()
File “/home/nonroot/.local/lib/python3.7/site-packages/gvm/protocols/base.py”, line 107, in connect
self._connection.connect()
File “/home/nonroot/.local/lib/python3.7/site-packages/gvm/connections.py”, line 351, in connect
self._socket.connect(self.path)
PermissionError: [Errno 13] Permission denied
First, you try to run openvas as non-root in folders owned by root ! (openvas.pid cannot be created)
Second you don’t specify where gvm-cli can find your openvasmd.sock file while it’s not installed in the default location ( gvm.errors.GvmError: Socket /var/run/openvasmd.sock does not exist)
Use --socketpath with gvm-cli to specify where your openvasmd socket is.
I would suggest to redo your whole openvas installation using the guide below:
https://sadsloth.net/post/install-gvm11-src_part1/
1 Like
Hey @tatooin,
Thanks for the Reply.
I will now follow the guide suggested by you in a fresh os installation and get back with the results. Forgot to mention in the Original Post, I’m trying to get this working Kali-Linux-2020.1-ARM-Raspberry Pi 4 (64-bit), that’s where the above logs are from.
If you’re not familiar with OpenVAS; I would suggest to start installing it on debian/ubuntu first, on which this guide is written. OpenVAS is not very easy and the documentation is sometime incomplete / missing. So I would suggest make your arms on Ubuntu first, have it up & running, and once you’re familiar enough you can move on with Kali.
Also always use the official sources from Greenbone. Do NOT use other PPPas, they are often out of date and broken.
3 Likes
