I’ve installed greenbone-vulnerability-manager ( gvm-20.8.0-14795 ) on Centos 8.2 from atomic repo.
After installation was done I end up without any scan config.
“/usr/sbin/greenbone-feed-sync --type GVMD_DATA” doesn’t fetch anything except timestamp.
But in /var/lib/gvm/data-objects/gvmd/20.08/configs I have followinf xml’s:
base-d21f6c81-2b88-4ac1-b7b4-a2a9f2ad4663.xml
discovery-8715c877-47a0-438d-98a3-27c7a6ab2196.xml
empty-085569ce-73ed-11df-83c3-002264764cea.xml
full-and-fast-daba56c8-73ec-11df-a475-002264764cea.xml
host-discovery-2d3f051c-55ba-11e3-bf43-406186ea4fc5.xml
system-discovery-bbca7412-a950-11e3-9109-406186ea4fc5.xml
policy_euleros_20200909_9f822ad3-9208-4e02-ac03-78dce3ca9a23.xml
policy_gaussdb_20200909_61327f09-8a54-4854-9e1c-16798285fb28.xml
policy-huawei-datacom-aab5c4a1-eab1-4f4e-acac-8c36d08de6bc.xml
policy-it-grundschutz-c4b7c0cb-6502-4809-b034-8e635311b3e6.xml
And when I try to import them via Greenbone Security Assistant I get same error for all:
"Name and base config to copy must be at least one character long.
How can I see if those files are wrong ( thay are here from installation ) or is there any way to import them from cli maybe?
Thanks
and when I try create new scan config, and choose for Base “Base with a minimum set of NVT’s” I get error “Failed to find config d21f6c81-2b88-4ac1-b7b4-a2a9f2ad4663” what is a text from base file name.
Hi, with the 20.08 release these scan configs are provided with the feed and are loaded automatically if gvmd is set up correctly. Please read the release announcement for some more details
Hi, as I wrote in original post, when I start sync for that feed I don’t get anything, just timestamp with original date ( 16. 10. 2020. ) when I installed OpenVas…
You did write the files are available at /var/lib/gvm/data-objects/gvmd/20.08/configs already. Therefore the sync has been successful. Most likely your didn’t set the feed import owner.
and I need to set like this:
[gvm@hrygiuapp00005 gvmd]$ gvmd --get-users --verbose
admin 60b48b68-e0af-4fff-9225-221f074d059b
[gvm@hrygiuapp00005 gvmd]$ gvmd --modify-settings d21f6c81-2b88-4ac1-b7b4-a2a9f2ad4663 --value 60b48b68-e0af-4fff-9225-221f074d059b
where d21f6c81-2b88-4ac1-b7b4-a2a9f2ad4663 is number from file base-d21f6c81-2b88-4ac1-b7b4-a2a9f2ad4663.xml ?
but in Configuration -> Scan Configs there isn’t any scan config. By default there is a filter applied with uuids from before mentioned files but no configs available:
Never have seen this on a GSE setup if the feed import owner was correctly set. It might be related to the packages / the following issue reported to the maintainer of the atomic packages:
Note that AFAIK gvmd is only able to successfully import the scan configs if it is able to connect to ospd-openvas and if ospd-openvas has a fully build NVT cache.
Also make sure that you’re running the feed sync scripts as the correct user which is running the GVM services so that no issues are originating from wrong permissions on the file system.
in my case there isnt anything in this first folder:
[gvm@hrygiuapp00005 gvmd]$ cd /var/run/ospd/
[gvm@hrygiuapp00005 ospd]$ ls -la
total 0
drwxr-xr-x 2 gvm gvm 40 Oct 19 13:39 .
drwxr-xr-x 29 root root 820 Oct 19 18:01 …
My scanner config is as follows:
[gvm@hrygiuapp00005 ospd]$ gvmd --get-scanners
08b69003-5fc2-4037-a479-93b440211c73 OpenVAS /var/run/ospd/ospd.sock 0 OpenVAS Default
6acd0832-df90-11e4-b9d5-28d24461215b CVE 0 CVE
So I need to run this ( is it mandatory to put install_prefix if it is nothing?):
gvmd --modify-scanner=08b69003-5fc2-4037-a479-93b440211c73 --scanner-host=/var/run/ospd/ospd-openvas.sock
This really depends on how the Atomic packages are setting up the location of the socket. Unfortunately i can’t tell you more as i don’t have any knowledge about the packages besides:
ospd-openvas needs to be running for the socket to be created
the path of the ospd-openvas socket depends on how the Atomic packages are configuring it
gvmd needs to be pointing at the correct socket path depending on the configuration of the Atomic packages
If unsure please contact the Atomic package maintainer how the packages have configured this and report any issues related to the setup to https://github.com/Atomicorp/gvm/issues
I found some more errors in logs, it seems that something is wrong with redis ( which is started ):
[root@hrygiuapp00005 gvm]# tail -1 ospd-scanner.log
OSPD[603448] 2020-10-28 09:07:20,844: ERROR: (ospd_openvas.db) Redis Error: Not possible to connect to the kb.
[root@hrygiuapp00005 gvm]# tail -3 openvas.log
lib kb:CRITICAL:2020-10-27 02h24.43 utc:509678: get_redis_ctx: redis connection error to /var/run/redis/redis.sock: No such file or directory
lib kb:CRITICAL:2020-10-28 02h09.19 utc:583746: redis_find: redis connection error to /var/run/redis/redis.sock: No such file or directory
lib kb:CRITICAL:2020-10-28 02h09.19 utc:583746: get_redis_ctx: redis connection error to /var/run/redis/redis.sock: No such file or directory
[root@hrygiuapp00005 gvm]# grep “redis.sock” /etc/redis.conf
unixsocket /var/run/redis/redis.sock
[root@hrygiuapp00005 gvm]# ls -la /var/run/redis/redis.sock
ls: cannot access ‘/var/run/redis/redis.sock’: No such file or directory
Redis isn’t bringing up a socket file.
So what would be the path to resolution?
force redis to bring up socket?
Then change ospd socket?
Bringing up redis and making it accessible at the socket path where openvas / ospd-openvas is expecting it would be the first step. Afterwards check where the Atomic packages are setting up the ospd-openvas socket, might be possible that no ospd socket change is required if they are using the default path.
Hello my guys.
I dont want you to suffer.
Please use this guide
cd /var/lib/gvm/data-objects/gvmd/
ls
(Now see your 21.* or 20.* configs)
cd to EACH (3 or maybe 4)
and do sudo chmod 777 config ( for each folder in this 3 folders) to make greenbone ACCESS it’s feed
this happends n Parrot Sec os where you install from root.
Cheers
