i am dealing with the problem that i cant login into my GSA.
It always gives me the following error: The Greenbone Vulnerability Manager service is not responding. This could be due to system maintenanceIn my gsad.log i found something whoch could be the cuase oif this behaviour
Failed to connect to server at /opt/gvm/var/run/gvmd.sock: Connection refused
all the services are up and running, i dont see any problems with permisson for the gvmd.sock
What can i do?
I use Greenbone Vulneravility Manager 20.08
Hi,
i couldnt determine if gvmd is listening on this socket path. In gvm-tools.conf in section [unixsocket]
my socketpath is /opt/gvm/var/run/gvmd.sock
With ss -tulpn | grep LISTEN i see that gvmd is listening on 9390 tcp LISTEN 0 512 0.0.0.0:9390 0.0.0.0:* users:(("gvmd",pid=137277,fd=4))
The status of my gmvd service says: gvmd.service: Can't open PID file /opt/gvm/var/run/gvmd.pid (yet?) after start: Operation not permitted
The owner in /opt/gvm/var/run is the non privileged user gvm, additionally i set the permissions to 755.
Installing software from the source without setting up a package & repository might be complicated. As well you need to deal with the permissions starting from the “/” fs-root.
Just a small hint from another topic in this forum the gvm user needs read (and execute permissions for directories) for the whole path to /opt/gvm/var/run.
Hi,
thank you for the answers. I checked the paths and set permissions to 755 (whole path starting from root).
Here a screen of the content in /opt/gvm/var/run/
Still, the gsad.log says the gvmd.socket refuses the connection.
What i forgot to mention is, this happens since i needed to reboot the server due to new certificates.
had some time to deal wiht this problem again. I figured out that gvmd refuses any connectuons because of parameter -a in this line of my gvmd service unit: ExecStart=/opt/gvm/sbin/gvmd -a 0.0.0.0--osp-vt-update=/opt/gvm/var/run/ospd.sock
Without this line it works like a charm but my TLS connection does not work anymore, unfortunately i need TLS to use gmp remotely.
AFAIK if you’re changing gvmd to listen on a TCP socket instead of an Unix socket you need to also tell gsad to connect via a TCP socket and not via Unix socket (which is the default). Otherwise the The Greenbone Vulnerability Manager service is not responding. is showing up while logging in.
This could help:
$ gsad --help | egrep "m(listen|port)"
--mlisten=<address> Manager address.
-m, --mport=<number> Use manager port number <number>.
My TLS works but my gvmd is not responding if i try to login. If i remove in my gvmd.service the listen address and the port, my TLS does not work anymore but i am able to login and my gvmd responds.
Did i miss something?
If it helps, heres my netstat of my listening ports