Permission errors

lgr · January 22, 2025, 3:25pm

Hey there,

We have issue with gvmd container where it keeps on restarting.
Image logs show the below error.


(gvmd:30): libgvm base-CRITICAL **: 15:15:39.712: pidfile_create: failed to open pidfile /run/gvmd/gvmd.pid: Permission denied

Starting gvmd failed
setting up configuration file for mail agent
 connection
------------
 connected
(1 row)

md   main:  DEBUG:2025-01-22 15h15.40 utc:22: Sentry support disabled
md   main:  DEBUG:2025-01-22 15h15.40 utc:22: init_semaphore_set: Semaphore set created for file '/var/lib/gvm/gvmd.sem', key 20355
md   main:  DEBUG:2025-01-22 15h15.40 utc:22: No default relay mapper found.
md   main:MESSAGE:2025-01-22 15h15.40 utc:22:    Greenbone Vulnerability Manager version 24.2.0 (DB revision 256)
md   main:   INFO:2025-01-22 15h15.40 utc:22:    Migrating database.
md   main:MESSAGE:2025-01-22 15h15.40 utc:22: No SCAP database found for migration
md   main:   INFO:2025-01-22 15h15.40 utc:22: gvmd: databases are already at the supported version
md   main-Message: 15:15:40.657:    Greenbone Vulnerability Manager version 24.2.0 (DB revision 256)
md manage:MESSAGE:2025-01-22 15h15.40 utc:23: No SCAP database found
User exists already.
md   main-Message: 15:15:59.161:    Greenbone Vulnerability Manager version 24.2.0 (DB revision 256)
md manage:MESSAGE:2025-01-22 15h15.59 utc:25: No SCAP database found
md   main-Message: 15:16:18.049:    Greenbone Vulnerability Manager version 24.2.0 (DB revision 256)
md manage:MESSAGE:2025-01-22 15h16.18 utc:28: No SCAP database found
starting gvmd
md   main-Message: 15:16:36.820:    Greenbone Vulnerability Manager version 24.2.0 (DB revision 256)

Setup on Ubuntu 22.04, from what i know everything started acting weird after the update from quite a bit older version (using docker compose pull.
I was able to enter the container shell in between restarts and cat the /run/gvmd/gvmd.pid file
All it contains is number 363

Can anyone suggest a way how to recreate SCAP database or just fix the instance in general?

moves · February 20, 2025, 9:46am

Same issue here, happened after “Exposing gvmd Unix socket for GMP Access”

bricks · February 21, 2025, 3:52pm

If you expose the unix socket to your docker host, you need to ensure that the mounted directory exists and that the docker containers are able to write to them. When you use a directory within /tmp you need to check this with every boot.