Unable to connect to gvmd socket

bruno · September 23, 2022, 3:09pm

Hello,

I have the container services running and I am able to access the dashboard and interact with the application. The next step I wanted to take was to connect to the gvmd via a socket and, to do so, followed the steps provided here.
However, when I execute poetry run gvm-cli socket --socketpath /tmp/gvm/gvmd/gvmd.sock --pretty --xml "<get_version/>", the following error is given: ERROR:gvmtools.cli:Could not connect to socket /tmp/gvm/gvmd/gvmd.sock. I am unsure as to what might be causing this.
Any help is kindly appreciated

Regards,
Bruno

bricks · September 26, 2022, 8:25am

Hi,

you need to check the log output of the containers if there is some error while creating the sockets. Also you should check if the unix socket at /tmp/gvm/gvmd/gvmd.sock exists.

bruno · September 26, 2022, 8:50am

Container logs do not mention anything related to creating the sockets. And the socket at tmp/gvm/gvmd/gvmd.sock exists, as per

on the host and

on the gvmd container.

I saw you mention in this post that the user with the userid 1001 should be able to read and write to the mounted directory, although I suppose that does not concern the host system (not sure on this one). Maybe my inability to access the socket has something to do with permissions not being correctly set?

bricks · September 26, 2022, 9:53am

Looks good to me at first sight. Two thinks to check:

Is the GSA web application working?
Can you access the socket from within the containers (https://greenbone.github.io/docs/latest/22.4/container/workflows.html#using-gvm-tools-for-cli-access)?

bruno · September 26, 2022, 10:30am

Yes, the GSA web application is working and I am able to execute scans.
I can also communicate via socket in the gvm-tools container:

However, executing poetry run gvm-cli --gmp-username admin --gmp-password admin socket --socketpath /tmp/gvm/gvmd/gvmd.sock --pretty --xml "<get_version/>" on the host still yields ERROR:gvmtools.cli:Could not connect to socket /tmp/gvm/gvmd/gvmd.sock.

bricks · September 27, 2022, 7:25am

Strange. Could you update to python-gvm 22.9.1 to get some improved error output here? I’ve done a small code change to try to get the root cause of the connection error.

bruno · September 27, 2022, 11:42am

New error message is:
ERROR:gvmtools.cli:Could not connect to socket /tmp/gvm/gvmd/gvmd.sock. Error was [Errno 61] Connection refused

bricks · September 27, 2022, 1:33pm

Sadly this doesn’t improve the error message

I suspect it is some permission error. Maybe sudo chmod o+rw /tmp/gvm/gvmd/gvmd.sock may help (which should be done just for testing purposes and is dangerous on real production systems!).

bruno · September 27, 2022, 1:59pm

It did not help

immauss · September 28, 2022, 7:05am

Is it an SELinux or AppArmor issue on the host ?

bruno · September 28, 2022, 8:05am

Host is running MacOS 12.6, so I don’t believe that would be causing the issue.

immauss · September 28, 2022, 8:46am

Hmmm …
I could be wrong … but I suspect that is part of the issue. Your containers are running in a VM on your MBP, so the MBP is not really the same host as the containers, so the same for the socket. If you tried this same method while running the containers on a Linux Host, it might work. Easy work around might be to add another container with the shared filesystem containing the socket and run your scripts from there.

bruno · September 28, 2022, 9:22am

You are probably right. Meanwhile I have been doing what you suggest (running the scripts on a container) and I have encountered no issues.
Thank you for your support