SOLVED: OpenVAS Web UI on Ubuntu 22/24 — PHP+Docker workaround for broken gsad

Getting Started
1

SOLVED: OpenVAS Web UI on Ubuntu 22/24 — PHP+Docker Workaround

Environment: Ubuntu 24.04 LTS · GVM/gvmd 22.4 (apt) · single server behind NAT

The problem

The gsad React frontend in the Ubuntu apt packages is broken. gvmd runs fine, scan data is intact, but the web UI is unreachable. This is confirmed by Greenbone: “the packets on Ubuntu are still broken.”

The scanner, manager, and PostgreSQL database all work. Only the UI is missing.

The solution

Run a lightweight PHP dashboard in Docker, connected directly to the host gvmd socket via GMP XML protocol. No data migration. No duplicate scanner stack. All existing scan history preserved.

[ Browser ] → [ Docker: PHP+Apache :9393 ] → [ /run/gvmd/gvmd.sock ] → [ gvmd (apt) ]

Step 1 — Fix socket permissions

The gvmd socket is _gvm:_gvm 660. The container needs group access.

Important: Do NOT use chown in a systemd ExecStartPost override — it runs as the _gvm user (not root) and will crash-loop gvmd. Use chmod only, and handle group access via usermod.

# Add _gvm to docker group
sudo usermod -aG docker _gvm

# Install systemd override
sudo mkdir -p /etc/systemd/system/gvmd.service.d/
sudo tee /etc/systemd/system/gvmd.service.d/socket-perms.conf << 'EOF'
[Service]
ExecStartPost=/bin/sleep 2
ExecStartPost=/bin/chmod 660 /run/gvmd/gvmd.sock
EOF

sudo systemctl daemon-reload
sudo systemctl restart gvmd
sleep 5
ls -la /run/gvmd/gvmd.sock
# Expected: srw-rw---- 1 _gvm _gvm

Step 2 — Verify/reset gvmd admin password

# Test
sudo -u _gvm gvm-cli --gmp-username admin --gmp-password YOUR_PASSWORD \
  socket --socketpath /run/gvmd/gvmd.sock -X '<get_version/>'

# Reset if needed
sudo -u _gvm gvmd --user=admin --new-password=YOUR_NEW_PASSWORD

Note: --gmp-username and --gmp-password go before the socket subcommand, not after.

Step 3 — Project files

mkdir -p ~/openvas-ui && cd ~/openvas-ui
echo "GVM_PASS=YOUR_PASSWORD" > .env
chmod 600 .env

Dockerfile:

FROM php:8.2-apache
RUN docker-php-ext-install sockets
RUN a2enmod rewrite headers
COPY index.php /var/www/html/index.php
# Give www-data access to gvmd socket
# Check your _gvm GID: getent group _gvm
RUN groupmod -g 140 www-data && usermod -aG 140 www-data
EXPOSE 80

docker-compose.yml:

services:
  openvas-dashboard:
    build: .
    container_name: openvas-dashboard
    restart: unless-stopped
    ports:
      - "127.0.0.1:9393:80"
    volumes:
      - /run/gvmd/gvmd.sock:/run/gvmd/gvmd.sock
    environment:
      - GVM_USER=admin
      - GVM_PASS=${GVM_PASS}

Step 4 — Build and run

docker compose build
docker compose up -d

Access via SSH tunnel from your workstation:

ssh -L 9393:127.0.0.1:9393 user@your-server -N
# Browser: http://localhost:9393

What you get

  • Severity counts by CVSS range (Critical / High / Medium / Low / Log)
  • Top affected hosts
  • All scan tasks with status badges and last-run timestamps
  • Overall risk level indicator
  • 120-second cache with manual flush (?flush=1)

Full source code and HTML guide

Full index.php, Dockerfile, and docker-compose.yml:
GitHub: GitHub - ObaOzai/openvas-dashboard: OpenVAS / GVM web dashboard for Ubuntu 22/24 — PHP+Docker workaround for broken gsad apt packages. Connects directly to gvmd socket via GMP XML protocol. · GitHub
Guide: OpenVAS Web UI Fix — Ubuntu 22/24 | AstroPema AI LLC

Tested on Ubuntu 24.04 LTS · gvmd 22.4 · Docker 24 · php:8.2-apache

— AstroPema AI LLC · astropema.ai