No feed version available yet. OSPd OpenVAS is still starting

Building from Source and Advanced Topics
1

GVM versions

gsa: v22.4.0
gvmd: v22.4.0
openvas-scanner: v22.4.0
gvm-libs: v22.4.0

Environment

Operating system: Debian Bullseye
Kernel: Linux SLDB-GVM 4.19.0-18-amd64 #1 SMP Debian 4.19.208-1 (2021-09-29) x86_64 GNU/Linux
Installation method / source: from Source, using this guide

Hello,

I am attempting at buildung a docker image with which to instantiate a container that runs OpenVAS 22.4.
The build finishes successfully and I receive said image needed to instantiate the OpenVAS container.
However, my issue is that even after instantiating the container, connecting to it via ssh and scanning with it, starting a scan takes a lot longer than I had expected(having the start time of another similar container running a previous built of OpenVAS 21.4 as reference).

In /usr/local/var/log/gvm/gvmd.log it is shown the message “osp_scanner_feed_version: No feed version available yet. OSPd OpenVAS is still starting” for quite a while (~20 min), in spite of synchronizing NVTs, CERT data and SCAP data with greenbone community feed in the image’s building phase:

/usr/local/bin/greenbone-nvt-sync
/usr/local/sbin/greenbone-feed-sync --type SCAP
/usr/local/sbin/greenbone-feed-sync --type CERT
/usr/local/sbin/greenbone-feed-sync --type GVMD_DATA

Upon investigating the gvmd source code (https://github.com/greenbone/gvmd/blob/main/src/manage_sql_nvts.c) where the error message occurs, if I were to take a guess I would say that the problem should be the socket used for ospd-openvas. Ospd-openvas runs as follows:

ln -sv /var/run/ospd/ospd.sock /var/run/ospd/ospd-openvas.sock

/usr/local/bin/ospd-openvas --unix-socket /var/run/ospd/ospd-openvas.sock \
	--pid-file /run/ospd/ospd-openvas.pid \
	--log-file /usr/local/var/log/gvm/ospd-openvas.log \
	--lock-file-dir /var/lib/openvas \
	--socket-mode 0o770 \
	--mqtt-broker-address localhost \
	--mqtt-broker-port 1883 \
	--notus-feed-dir /var/lib/notus/advisories

chgrp gvm /var/run/ospd/ospd.sock
chgrp gvm /var/run/ospd/ospd-openvas.sock

Be that as it may, I can’t seem to keep the feed persistent so it needs to be updated once every container instantiation. Please help.

2

Hello andrei8080, and welcome to the Greenbone Community Forum.

Especially the first feed sync can take up to some hours, depending on your system.

Both steps may take a while, from several minutes up to hours, especially for the initial synchronization. Only if both steps are finished, the synchronized data is up-to-date and can be used.

Wait some more, and check if the error message still appears.

1 Like
3

Hi TreAtW,
Thank you for the prompt reply!
Indeed, after enough waiting, the error message disappears and the scan starts successfully.
Nevertheless, I would like to ask if there is any way to save(perhaps on the disk) the database along with the NVTs and the rest of the feed’s elements in the image building phase, so that for every instantiation of the OpenVAS container there would be an already present feed version, thus not needing any waiting to synchronize?

4

I would strongly suggest to use our containers instead! https://greenbone.github.io/docs/latest/22.4/container/index.html

You have to reinvent the wheel using your own image(s). The initial sync will always take some time. This can’t really be avoided. If redis is shut down and restarted all VT information is gone. In that case ospd-openvas needs to reload the VT information.

4 Likes