and when I try create new scan config, and choose for Base “Base with a minimum set of NVT’s” I get error “Failed to find config d21f6c81-2b88-4ac1-b7b4-a2a9f2ad4663” what is a text from base file name.
Hi, with the 20.08 release these scan configs are provided with the feed and are loaded automatically if gvmd is set up correctly. Please read the release announcement for some more details
Hi, as I wrote in original post, when I start sync for that feed I don’t get anything, just timestamp with original date ( 16. 10. 2020. ) when I installed OpenVas…
/usr/sbin/greenbone-feed-sync --type GVMD_DATA
You did write the files are available at
/var/lib/gvm/data-objects/gvmd/20.08/configs already. Therefore the sync has been successful. Most likely your didn’t set the feed import owner.
and I need to set like this:
[gvm@hrygiuapp00005 gvmd]$ gvmd --get-users --verbose
[gvm@hrygiuapp00005 gvmd]$ gvmd --modify-settings d21f6c81-2b88-4ac1-b7b4-a2a9f2ad4663 --value 60b48b68-e0af-4fff-9225-221f074d059b
where d21f6c81-2b88-4ac1-b7b4-a2a9f2ad4663 is number from file base-d21f6c81-2b88-4ac1-b7b4-a2a9f2ad4663.xml ?
Please see the available documentation on this topic.
78eceaec-3385-11ea-b237-28d24461215b UID needs to be kept (this is the UID of the related setting, not the UID of a specific scan config).
ok, I changed this.
And now I running all syncs. Will wait till tomorrow and see if everything is ok.
Should I restart something?
there is not anything new today. All feeds are up to date except gvmd_data.
I done feed import owner and do the sync of all sync.
This is absolutely fine, see https://community.greenbone.net/t/feeds-are-not-updated-ubuntu20-04-gsa-20-08/7236/2:
In addition the GVM_DATA feed is a special one which gets updates only from time to time if required (could be weeks or even months between updates).
but in Configuration -> Scan Configs there isn’t any scan config. By default there is a filter applied with uuids from before mentioned files but no configs available:
And without filter, no scan configs too!
Never have seen this on a GSE setup if the feed import owner was correctly set. It might be related to the packages / the following issue reported to the maintainer of the atomic packages:
Note that AFAIK gvmd is only able to successfully import the scan configs if it is able to connect to
ospd-openvas and if
ospd-openvas has a fully build NVT cache.
SecInfo -> NVTs in GSA needs to be filled and up to date, if not check things like https://github.com/greenbone/gvmd/blob/v20.8.0/INSTALL.md#configure-the-default-ospd-scanner-socket-path or the logfiles of gvmd and ospd-openvas.
Also make sure that you’re running the feed sync scripts as the correct user which is running the GVM services so that no issues are originating from wrong permissions on the file system.
SecInfo -> NVTs is empty ( No NVTs available )
in my case there isnt anything in this first folder:
[gvm@hrygiuapp00005 gvmd]$ cd /var/run/ospd/
[gvm@hrygiuapp00005 ospd]$ ls -la
drwxr-xr-x 2 gvm gvm 40 Oct 19 13:39 .
drwxr-xr-x 29 root root 820 Oct 19 18:01 …
My scanner config is as follows:
[gvm@hrygiuapp00005 ospd]$ gvmd --get-scanners
08b69003-5fc2-4037-a479-93b440211c73 OpenVAS /var/run/ospd/ospd.sock 0 OpenVAS Default
6acd0832-df90-11e4-b9d5-28d24461215b CVE 0 CVE
So I need to run this ( is it mandatory to put install_prefix if it is nothing?):
gvmd --modify-scanner=08b69003-5fc2-4037-a479-93b440211c73 --scanner-host=/var/run/ospd/ospd-openvas.sock
This really depends on how the Atomic packages are setting up the location of the socket. Unfortunately i can’t tell you more as i don’t have any knowledge about the packages besides:
- ospd-openvas needs to be running for the socket to be created
- the path of the ospd-openvas socket depends on how the Atomic packages are configuring it
- gvmd needs to be pointing at the correct socket path depending on the configuration of the Atomic packages
If unsure please contact the Atomic package maintainer how the packages have configured this and report any issues related to the setup to https://github.com/Atomicorp/gvm/issues
I found some more errors in logs, it seems that something is wrong with redis ( which is started ):
[root@hrygiuapp00005 gvm]# tail -1 ospd-scanner.log
OSPD 2020-10-28 09:07:20,844: ERROR: (ospd_openvas.db) Redis Error: Not possible to connect to the kb.
[root@hrygiuapp00005 gvm]# tail -3 openvas.log
lib kb:CRITICAL:2020-10-27 02h24.43 utc:509678: get_redis_ctx: redis connection error to /var/run/redis/redis.sock: No such file or directory
lib kb:CRITICAL:2020-10-28 02h09.19 utc:583746: redis_find: redis connection error to /var/run/redis/redis.sock: No such file or directory
lib kb:CRITICAL:2020-10-28 02h09.19 utc:583746: get_redis_ctx: redis connection error to /var/run/redis/redis.sock: No such file or directory
[root@hrygiuapp00005 gvm]# grep “redis.sock” /etc/redis.conf
[root@hrygiuapp00005 gvm]# ls -la /var/run/redis/redis.sock
ls: cannot access ‘/var/run/redis/redis.sock’: No such file or directory
Redis isn’t bringing up a socket file.
So what would be the path to resolution?
force redis to bring up socket?
Then change ospd socket?
Bringing up redis and making it accessible at the socket path where openvas / ospd-openvas is expecting it would be the first step. Afterwards check where the Atomic packages are setting up the ospd-openvas socket, might be possible that no ospd socket change is required if they are using the default path.
redis lissened on /tmp/redis.sock. I restarted redis, and it created right sock file.
I rebooted whole machine and now I have scan configs.
I will not change ospd.sock to ospd-openvas.sock for now.
it seems that current ospd settup is ok:
[root@hrygiuapp00005 gvm]# ps -ef| grep ospd
gvm 1322 1 12 10:08 ? 00:03:49 /usr/bin/python3.6 /opt/atomicorp/bin/ospd-openvas --pid-file /var/run/ospd/ospd-openvas.pid --unix-socket=/var/run/ospd/ospd.sock --log-file /var/log/gvm/ospd-scanner.log --lock-file-dir /var/run/gvm/
gvm 1324 1322 0 10:08 ? 00:00:01 /usr/bin/python3.6 /opt/atomicorp/bin/ospd-openvas --pid-file /var/run/ospd/ospd-openvas.pid --unix-socket=/var/run/ospd/ospd.sock --log-file /var/log/gvm/ospd-scanner.log --lock-file-dir /var/run/gvm/
root 7570 1379 0 10:39 pts/0 00:00:00 grep --color=auto ospd
[root@hrygiuapp00005 gvm]# ls -la /var/run/ospd
drwxr-xr-x 2 gvm gvm 80 Oct 28 10:08 .
drwxr-xr-x 29 root root 820 Oct 28 10:08 …
-rw-r–r-- 1 gvm gvm 4 Oct 28 10:08 ospd-openvas.pid
srwx------ 1 gvm gvm 0 Oct 28 10:08 ospd.sock
Thanks for your help.
Hello my guys.
I dont want you to suffer.
Please use this guide
(Now see your 21.* or 20.* configs)
cd to EACH (3 or maybe 4)
and do sudo chmod 777 config ( for each folder in this 3 folders) to make greenbone ACCESS it’s feed
this happends n Parrot Sec os where you install from root.
Please note that setting a folder to
777 (meaning world-writable) is usually a bad idea from security perspective. Please update the owner ship (e.g. the owner
gvm in the example above) instead.