Ospd_openvas fails to start

Hi all,

I have built GVM 22.4 with all components and synched all feeds successfully… (including notus)
Yet, when the ospd-openvas prcoess is spawned, I get this error:

  • exec /usr/local/bin/ospd-openvas -f --unix-socket /run/ospd/ospd-openvas.sock --pid-file /run/ospd/ospd-openvas.pid --log-file /var/log/gvm/ospd-openvas.log --lock-file-dir /var/lib/openvas --socket-mode 0o777 --log-level INFO
    Traceback (most recent call last):
    File “/usr/local/bin/ospd-openvas”, line 8, in
    File “/usr/local/lib/python3.9/dist-packages/ospd_openvas/daemon.py”, line 1249, in main
    daemon_main(‘OSPD - openvas’, OSPDopenvas, NotusParser())
    File “/usr/local/lib/python3.9/dist-packages/ospd/main.py”, line 164, in main
    File “/usr/local/lib/python3.9/dist-packages/ospd_openvas/daemon.py”, line 552, in init
    File “/usr/local/lib/python3.9/dist-packages/ospd_openvas/daemon.py”, line 677, in update_vts
    File “/usr/local/lib/python3.9/dist-packages/ospd_openvas/notus.py”, line 84, in reload_cache
    if self._verifier(f):
    File “/usr/local/lib/python3.9/dist-packages/ospd_openvas/gpg_sha_verifier.py”, line 121, in verify
    assumed_name = sha256sums().get(hash_sum)
    File “/usr/local/lib/python3.9/dist-packages/ospd_openvas/gpg_sha_verifier.py”, line 63, in internal_reload
    return config.on_verification_failure(None)
    File “/usr/local/lib/python3.9/dist-packages/ospd_openvas/daemon.py”, line 452, in on_hash_sum_verification_failure
    raise Exception(“GPG verification of notus sha256sums failed”)
    Exception: GPG verification of notus sha256sums failed

Is anyone else facing this issue?

Thank you

The fog keychain is not set up correctly. Please take a look at Building 22.4 from Source - Greenbone Community Documentation

1 Like

Related GitHub issue and PR to throw a better warning / not crash ospd-openvas:

I had this problem on a new install a month ago. OSPD would constantly fail due to: “WARNING: (gnupg) gpg returned a non-zero error code: 2”

I found a hacky way to disable hash vertification in ospd. Everything got working.

Started a new install yesterday and came to the same problem. Except this time I picked up the changes by ospd linked above. Effectively more broken this time, and my hack change was applicable anymore.

My fix was to roll back ospd version to before this change and then do the hacky change.


Nano daemon.py

def hashsum_verificator(
    sums = reload_sha256sums(sha_sum_reload_config)
    return lambda _: True
    # return create_verify(sums)

It’s bad, but it works!

You are aware that there is a runtime argument to disable the hashsum verification?

I am, there is in fact a hard coded option in ospd as well. Neither work.