Hello,
I have found a solution, but we may need to implement an external script to check everything is synced (you will understand this at the end)
I want to mention that I’m managing all the docker containers under systemd
, so I’m migrating everything to it. I have tried to stay similar to the docker-compose.yml file, only needed a workaround to get network aliases working.
It all started seeing this message:
OSPD[7] 2024-01-22 10:34:23,995: INFO: (ospd_openvas.daemon) Loading VTs. Scans will be [requested|queued] until VTs are loaded. This may take a few minutes, please wait...
OSPD[7] 2024-01-22 10:34:29,688: ERROR: (ospd_openvas.openvas) OpenVAS Scanner failed to load VTs. Command '['openvas', '--update-vt-info']' returned non-zero exit status 1.
OSPD[7] 2024-01-22 10:34:29,688: ERROR: (ospd_openvas.daemon) Updating VTs failed.
So I went into the ospd
container and checked both logs (/var/log/gvm/openvas.log
and /var/log/gvm/ospd-openvas.log
). In /var/log/gvm/openvas.log
I found:
lib nasl:MESSAGE:2024-01-22 10h36.57 utc:34: /var/lib/openvas/plugins/plugin_feed_info.inc: Not able to open nor to locate it in include paths
lib nasl:MESSAGE:2024-01-22 10h37.19 utc:43: /var/lib/openvas/plugins/plugin_feed_info.inc: Not able to open nor to locate it in include paths
lib nasl:MESSAGE:2024-01-22 10h37.41 utc:48: /var/lib/openvas/plugins/plugin_feed_info.inc: Not able to open nor to locate it in include paths
lib nasl:MESSAGE:2024-01-22 10h38.03 utc:51: /var/lib/openvas/plugins/plugin_feed_info.inc: Not able to open nor to locate it in include paths
lib nasl:MESSAGE:2024-01-22 10h38.25 utc:55: /var/lib/openvas/plugins/plugin_feed_info.inc: Not able to open nor to locate it in include paths
So I checked the path:
root@ospd-openvas:/var/log/gvm# ls /var/lib/openvas/plugins/
21.04
22.04
Right, so I know I’m using 22.04
version and looked for that file:
root@ospd-openvas:/var/log/gvm# find /var/lib/openvas/plugins/22.04/ -type f | grep plugin_feed_info
/var/lib/openvas/plugins/22.04/vt-data/nasl/plugin_feed_info.inc
Used symbolic link:
ln -s /var/lib/openvas/plugins/22.04/vt-data/nasl/plugin_feed_info.inc /var/lib/openvas/plugins/plugin_feed_info.inc
After that the message changed, so I supposed it got solved:
lib nasl:MESSAGE:2024-01-22 10h40.41 utc:82: network_func.inc: Not able to open nor to locate it in include paths
lib nasl:MESSAGE:2024-01-22 10h40.41 utc:82: /var/lib/openvas/plugins/22.04/vt-data/nasl/2023/gb_rpc_portmap_service_wan_access.nasl. There were 0 parse errors.
lib nasl:MESSAGE:2024-01-22 10h40.41 utc:82: secpod_reg.inc: Not able to open nor to locate it in include paths
lib nasl:MESSAGE:2024-01-22 10h40.41 utc:82: /var/lib/openvas/plugins/22.04/vt-data/nasl/2023/apple/gb_apple_itunes_mult_vuln_HT213763.nasl. There were 0 parse errors.
(...)
In the end more .inc
files were missing. So I thought that the content of /var/lib/openvas/plugins/22.04/vt-data/nasl/
should be under /var/lib/openvas/plugins/
, and so then I “symbolic-linked” everything from the mounted volume to make it persistent:
# cd /var/lib/docker/volumes/vt_data_vol/_data
# cp -rs 22.04/vt-data/nasl/* .
-r
: recursive because there are some.inc
files inside folders and we need to keep the structure-s
: symbolic
After that went into the ospd container again and run the command to check it exited 0:
root@ospd-openvas:~# openvas --update-vt-info
root@ospd-openvas:~# echo $?
0
So yes, the issue is solved. I guess now I would need to implement a script to check everything is synced between /var/lib/openvas/plugins/
and /var/lib/openvas/plugins/22.04/vt-data/nasl/
, or maybe I have something working wrong. In that case I would like to know to get this solved by its own!
Thank you in advance and hope this helps someone!