Operating system: Arch Linux
Installation method / source: pacman
I was intalling Openvas on a Archlinux instalation and I’m getting a critical crash after some minutes of scan.
I start redis, openvassd, gvmd & gsad without problems and able to interact with the gsad web interface in order to configure my scan. The problem is that once it starts it’s never ending to finish the scan.
On different target IPs the % of execution of the scan is different being between a min. of 12% and a max. 80% from the ones I tried.
Checking the logs I saw that the problem is that redis-server is down and this makes openvassd & gmvd to stop it’s execution.
From the redis logs I can see the following messages:
1083:signal-handler (1509377375) Received SIGTERM scheduling shutdown…
1083:M 30 Oct 11:29:35.732 # User requested shutdown…
1083:M 30 Oct 11:29:35.732 * Saving the final RDB snapshot before exiting.
1083:M 30 Oct 11:29:36.645 * DB saved on disk
I have tried more than 30 scans getting always the same error.
After that I tried to make a FLUSHALL of the redis database, but I get the same errors.
Does anyone had experienced the same problem? Any idea about what could be happening?
First of all it’s not a crash something is sending Redis a SigTerm and Redis shuts down. You need to strace who is sending Redis this Signal and why.
This is more a Linux debugging issue then a GVM.
I said that was a crash since it was an error produced unexpectedly that makes impossible to perform the normal operations and kills all the processes (redis, openvassd & gvmd). Probably not the best word.
As far as I had been able to see, the SIGTERM apreas after a few minutes of executing the scan with openvassd. For that reason and the fact that’s a new, fresh installed virtual machine with no other software aside from redis and gvm, I undestand that who is sending the SIGTERM would be or openvassd. But I don’t undestand why.
At the same time, I do not undestand why the openvassd and gvmd stops it’s execution if redis-server gets the SIGTERM. If they would be tring to reconnect, I could be able to install supvisord to restart redis if it fails and the scan could be able to finish. But it doesn’t seams to beahave that way. Should it be?
If do you think that’s something else, do you have any idea about what could be or how to debug it?
First Redis is needed for the temporary storage of results from the scanner and this results getting fetched by gvmd, if redis stopped working by whatever send´s him a SIGTERM, your scan is aborted as well all non fetched results are lost as well.
Did you found out, WHO is sending Redis this signal ? Did you straced the situation ? If not please stop discussing and start debugging A shutdown from a SIGTERM is normal behavior and NOT a crash! You need to find out who and why the process get the SIGTERM.