I have a docker container that runs once every few days and it’s been running perfectly fine for several weeks up until a few days ago.
One of the last lines I run in my dockerfile is the gvm-check-setup from /. However, I noticed that my docker container build failed here:
Step 7: Checking if GVM services are up and running ...
Starting ospd-openvas service
Waiting for ospd-openvas service
ERROR: ospd-openvas service did not start.
Please check journalctl -xe
ERROR: Your GVM-22.4.0 installation is not yet complete!
Please follow the instructions marked with FIX above and run this
script again.
When trying to start the service manually, I’ve been unable to do so successfully. The /var/log/gvm/ospd-openvas.log file just simply shows:
OSPD[1530] 2022-11-17 18:21:57,309: INFO: (ospd.main) Starting OSPd OpenVAS version 22.4.0.
OSPD[1530] 2022-11-17 18:21:57,314: INFO: (ospd.main) Shutting-down server ...
I tried to run /usr/bin/ospd-openvas from the command line itself (not even sure if I’m supposed to be able to do this) and got the following:
┌──(root㉿6f8a23a923f9)-[/]
└─# /usr/bin/ospd-openvas
--- Logging error ---
Traceback (most recent call last):
File "/usr/lib/python3.10/logging/handlers.py", line 987, in emit
self.socket.send(msg)
OSError: [Errno 9] Bad file descriptor
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/lib/python3.10/logging/handlers.py", line 908, in _connect_unixsocket
self.socket.connect(address)
FileNotFoundError: [Errno 2] No such file or directory
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/lib/python3.10/logging/handlers.py", line 990, in emit
self._connect_unixsocket(self.address)
File "/usr/lib/python3.10/logging/handlers.py", line 919, in _connect_unixsocket
self.socket.connect(address)
FileNotFoundError: [Errno 2] No such file or directory
Call stack:
File "/usr/bin/ospd-openvas", line 8, in <module>
sys.exit(main())
File "/usr/lib/python3/dist-packages/ospd_openvas/daemon.py", line 1255, in main
daemon_main('OSPD - openvas', OSPDopenvas, NotusParser())
File "/usr/lib/python3/dist-packages/ospd/main.py", line 155, in main
logger.info(
... error continues below ...
I’m pretty tempted to just move over completely to the openvas docker containers, but I was hoping to tackle this project next month instead of now.
Any thoughts on other ways I can troubleshoot what may be going on? I’m sure a lot of what I’m doing here is unnecessary, but this has been my process for installing/configuring openvas in my docker container:
apt install openvas &&
service postgresql start &&
gvm-setup | tee ~/.openvas_install_logs.txt &&
sed -i"" 's/--port 9392/--port 9392 --no-redirect/g' /lib/systemd/system/gsad.service &&
runuser -u _gvm -- gvm-manage-certs -a -f &&
runuser -u _gvm -- greenbone-nvt-sync &&
runuser -u _gvm -- greenbone-feed-sync --type CERT &&
runuser -u _gvm -- greenbone-feed-sync --type SCAP &&
runuser -u postgres -- /usr/share/gvm/create-postgresql-database &&
gvm-check-setup &&
while ! grep daba56c8-73ec-11df-a475-002264764cea /var/log/gvm/gvmd.log; do
tail -n 20 /var/log/gvm/gvmd.log
sleep 10
done &&
while ! grep "Updating DFN-CERT CVSS max succeeded." /var/log/gvm/gvmd.log; do
echo "Waiting on DFN-CERT updates"
sleep 10
done &&
while ! grep "Updating CERT-Bund CVSS max succeeded" /var/log/gvm/gvmd.log; do
echo "Waiting on CERT-Bund update"
sleep 10
done &&
while ! grep "Updating SCAP info succeeded" /var/log/gvm/gvmd.log; do
echo "Waiting on SCAP updates"
sleep 10
done &&
openvas -u
Most of the waiting in the above statements are to try to get the container as “up-to-date” as possible before pushing it.
Again, pretty inefficient I’d assume but it’s always worked and got the job done. Planning to move to the containers soon, but was hoping for some help with the ospd-openvas service that I can’t seem to get running anymore.
Using the latest kali 2202.4 container to do this on.