I have the container services running and I am able to access the dashboard and interact with the application. The next step I wanted to take was to connect to the gvmd via a socket and, to do so, followed the steps provided here.
However, when I execute
poetry run gvm-cli socket --socketpath /tmp/gvm/gvmd/gvmd.sock --pretty --xml "<get_version/>", the following error is given:
ERROR:gvmtools.cli:Could not connect to socket /tmp/gvm/gvmd/gvmd.sock. I am unsure as to what might be causing this.
Any help is kindly appreciated
you need to check the log output of the containers if there is some error while creating the sockets. Also you should check if the unix socket at
Container logs do not mention anything related to creating the sockets. And the socket at
tmp/gvm/gvmd/gvmd.sock exists, as per
on the host and
on the gvmd container.
I saw you mention in this post that the user with the userid 1001 should be able to read and write to the mounted directory, although I suppose that does not concern the host system (not sure on this one). Maybe my inability to access the socket has something to do with permissions not being correctly set?
Looks good to me at first sight. Two thinks to check:
- Is the GSA web application working?
- Can you access the socket from within the containers (https://greenbone.github.io/docs/latest/22.4/container/workflows.html#using-gvm-tools-for-cli-access)?
Yes, the GSA web application is working and I am able to execute scans.
I can also communicate via socket in the gvm-tools container:
poetry run gvm-cli --gmp-username admin --gmp-password admin socket --socketpath /tmp/gvm/gvmd/gvmd.sock --pretty --xml "<get_version/>" on the host still yields
ERROR:gvmtools.cli:Could not connect to socket /tmp/gvm/gvmd/gvmd.sock.
Strange. Could you update to python-gvm 22.9.1 to get some improved error output here? I’ve done a small code change to try to get the root cause of the connection error.
New error message is:
ERROR:gvmtools.cli:Could not connect to socket /tmp/gvm/gvmd/gvmd.sock. Error was [Errno 61] Connection refused
Sadly this doesn’t improve the error message
I suspect it is some permission error. Maybe
sudo chmod o+rw /tmp/gvm/gvmd/gvmd.sock may help (which should be done just for testing purposes and is dangerous on real production systems!).
Is it an SELinux or AppArmor issue on the host ?
Host is running MacOS 12.6, so I don’t believe that would be causing the issue.
I could be wrong … but I suspect that is part of the issue. Your containers are running in a VM on your MBP, so the MBP is not really the same host as the containers, so the same for the socket. If you tried this same method while running the containers on a Linux Host, it might work. Easy work around might be to add another container with the shared filesystem containing the socket and run your scripts from there.
You are probably right. Meanwhile I have been doing what you suggest (running the scripts on a container) and I have encountered no issues.
Thank you for your support