vsdc
December 22, 2020, 5:48pm
1
I’ve finally gotten my feed issue solved, but I notice that, related to the GVMD_DATA feed, there are no:
Scanner configs
Compliance Policies
Is that to be expected for the community feed?
Are scanner configs required in order to use things like the task wizard? I attempt to use the task wizard to add an IP and scan, and it fails with:
Failed to find config 'daba56c8-73ec-11df-a475-002264764cea'
Anyway, just trying to determine if this is something that needs fixed, or if I just need to set up my own default scan config.
Actually, I can’t even create my own configs. When I try, I’m required to select a “base”, but get the error:
× Failed to find config 'd21f6c81-2b88-4ac1-b7b4-a2a9f2ad4663'
This fails (with different IDs) for any of the selectable bases.
1 Like
cfi
December 26, 2020, 7:02pm
2
You probably have either missed to sync the new GVMD_DATA or have missed to set a feed import owner afterwards. The “Details” section of the following announcements have a few additional links / info around both topics:
Archive
Greenbone Community Edition
Greenbone Vulnerability Management version 20.08 (GVM-20.08) is end-of-life and will not get any further releases. You should update to a newer release. This is the first release that uses a calendar based versioning (August of 2020) and uses the...
Reading time: 2 mins 🕑
Likes: 14 ❤
2 Likes
vsdc
December 28, 2020, 3:28pm
3
I’ve synced GVMD_DATA. The default port lists and report formats are present, and they come from that feed. Additionally, gvmd indicates that the feed is up to date.
The feed owner is also set. At this point, the only things that seems to be missing are the scanner configs specifically.
root@openvas:~# sudo -u gvm gvmd --get-users --verbose
admin bab59909-a9b4-4c1b-98e6-7cbf6ddad44a
root@openvas:~# sudo -u gvm psql -d gvmd -c "SELECT * FROM settings WHERE uuid = '78eceaec-3385-11ea-b237-28d24461215b'";
could not change directory to "/root": Permission denied
id | uuid | owner | name | comment | value
----+--------------------------------------+-------+-------------------+---------------------------------------------------------+--------------------------------------
15 | 78eceaec-3385-11ea-b237-28d24461215b | | Feed Import Owner | User who is given ownership of new resources from feed. | bab59909-a9b4-4c1b-98e6-7cbf6ddad44a
(1 row)
vsdc
December 28, 2020, 9:22pm
4
I have cron jobs set up to ensure feeds are fetched once per day:
root@openvas:~# cat /etc/cron.d/openvas
#Ansible: OpenVAS NVT feed sync
43 0 * * * gvm /usr/bin/greenbone-nvt-sync
#Ansible: OpenVAS SCAP feed sync
27 2 * * * gvm /usr/sbin/greenbone-feed-sync --type SCAP
#Ansible: OpenVAS CERT feed sync
13 3 * * * gvm /usr/sbin/greenbone-feed-sync --type CERT
#Ansible: OpenVAS GVMD_DATA feed sync
2 4 * * * gvm /usr/sbin/greenbone-feed-sync --type GVMD_DATA
It appears to me that the data is actually fetched…
root@openvas:~# ls -la /var/lib/gvm/data-objects/gvmd/*/configs
/var/lib/gvm/data-objects/gvmd/20.08/configs:
total 1292
drwxr-xr-x 2 gvm gvm 4096 Oct 16 04:55 .
drwxr-xr-x 5 gvm gvm 4096 Jun 17 2020 ..
-rw-r--r-- 1 gvm gvm 826 Aug 31 03:29 base-d21f6c81-2b88-4ac1-b7b4-a2a9f2ad4663.xml
-rw-r--r-- 1 gvm gvm 47873 Aug 31 03:29 discovery-8715c877-47a0-438d-98a3-27c7a6ab2196.xml
-rw-r--r-- 1 gvm gvm 884 Aug 31 03:29 empty-085569ce-73ed-11df-83c3-002264764cea.xml
-rw-r--r-- 1 gvm gvm 1790 Aug 31 03:29 full-and-fast-daba56c8-73ec-11df-a475-002264764cea.xml
-rw-r--r-- 1 gvm gvm 1764 Aug 31 03:29 host-discovery-2d3f051c-55ba-11e3-bf43-406186ea4fc5.xml
-rw-r--r-- 1 gvm gvm 612735 Sep 28 05:19 policy_euleros_20200909_9f822ad3-9208-4e02-ac03-78dce3ca9a23.xml
-rw-r--r-- 1 gvm gvm 597265 Sep 28 05:19 policy_gaussdb_20200909_61327f09-8a54-4854-9e1c-16798285fb28.xml
-rw-r--r-- 1 gvm gvm 10630 Oct 15 07:31 policy-huawei-datacom-aab5c4a1-eab1-4f4e-acac-8c36d08de6bc.xml
-rw-r--r-- 1 gvm gvm 14966 Aug 31 03:29 policy-it-grundschutz-c4b7c0cb-6502-4809-b034-8e635311b3e6.xml
-rw-r--r-- 1 gvm gvm 5220 Aug 31 03:29 system-discovery-bbca7412-a950-11e3-9109-406186ea4fc5.xml
/var/lib/gvm/data-objects/gvmd/21.04/configs:
total 1292
drwxr-xr-x 2 gvm gvm 4096 Oct 16 04:55 .
drwxr-xr-x 5 gvm gvm 4096 Jul 22 06:11 ..
-rw-r--r-- 1 gvm gvm 826 Aug 31 03:29 base-d21f6c81-2b88-4ac1-b7b4-a2a9f2ad4663.xml
-rw-r--r-- 1 gvm gvm 47873 Aug 31 03:29 discovery-8715c877-47a0-438d-98a3-27c7a6ab2196.xml
-rw-r--r-- 1 gvm gvm 884 Aug 31 03:29 empty-085569ce-73ed-11df-83c3-002264764cea.xml
-rw-r--r-- 1 gvm gvm 1790 Aug 31 03:29 full-and-fast-daba56c8-73ec-11df-a475-002264764cea.xml
-rw-r--r-- 1 gvm gvm 1764 Aug 31 03:29 host-discovery-2d3f051c-55ba-11e3-bf43-406186ea4fc5.xml
-rw-r--r-- 1 gvm gvm 612735 Sep 28 05:19 policy_euleros_20200909_9f822ad3-9208-4e02-ac03-78dce3ca9a23.xml
-rw-r--r-- 1 gvm gvm 597265 Sep 28 05:19 policy_gaussdb_20200909_61327f09-8a54-4854-9e1c-16798285fb28.xml
-rw-r--r-- 1 gvm gvm 10630 Oct 15 07:31 policy-huawei-datacom-aab5c4a1-eab1-4f4e-acac-8c36d08de6bc.xml
-rw-r--r-- 1 gvm gvm 14966 Aug 31 03:29 policy-it-grundschutz-c4b7c0cb-6502-4809-b034-8e635311b3e6.xml
-rw-r--r-- 1 gvm gvm 5220 Aug 31 03:29 system-discovery-bbca7412-a950-11e3-9109-406186ea4fc5.xml
Is it significant that version 21.04 is also fetched? I am running version 20.08.
cfi
December 30, 2020, 8:12pm
5
Some further reading below.
TLDR: Either a wrongly configured redis-server or a gvmd not configured to access the correct ospd-openvas / ospd socket could be additional reasons for this problem.
opened 04:25PM - 14 Aug 20 UTC
closed 02:49PM - 17 Aug 20 UTC
bug
### Expected behavior
Upon launching a clean instance with no previous databa… se, GVMD should populate port lists, report formats, and scan configs from the data feed sync.
### Actual behavior
All feeds are properly synced prior to launching GVMD. Events in the log show report formats and port lists are created, however there are no log entries (success or failure) relating to scan configs. Have verified that the scan config files are synced and stored in /usr/local/var/lib/gvm/data-objects/gvmd/20.08/configs. Also have verified that permissions are correct and the same as the permissions for port lists and report formats.
### Steps to reproduce
1. Clean installation of all 20.8 components from source on Ubuntu 18.4
2. Run feed syncs for GVMD_DATA, SCAP, and CERT
3. Create admin user and grant feed import rights
4. Launch GVMD
### GVM versions
**gsa:** 20.08.0
**gvm:** 20.08.0
**openvas-scanner:** 20.08.0
**gvm-libs:** 20.08.0
### Environment
**Operating system:**
Linux gvm 4.19.76-linuxkit #1 SMP Tue May 26 11:42:35 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=18.04
DISTRIB_CODENAME=bionic
DISTRIB_DESCRIPTION="Ubuntu 18.04.5 LTS"
**Installation method / source:** source installation
### Logfiles
```
md main:MESSAGE:2020-08-14 16h08.53 utc:590: Greenbone Vulnerability Manager version 20.08.0 (DB revision 233)
md main: INFO:2020-08-14 16h08.53 utc:590: Migrating database.
md main:WARNING:2020-08-14 16h08.53 utc:590: manage_migrate: no task tables yet, so no need to migrate them
md main:MESSAGE:2020-08-14 16h08.53 utc:590: No SCAP database found for migration
md main:MESSAGE:2020-08-14 16h08.53 utc:590: No CERT database found for migration
md main:WARNING:2020-08-14 16h08.53 utc:590: gvmd: databases are already at the supported version
md main:MESSAGE:2020-08-14 16h08.53 utc:593: Greenbone Vulnerability Manager version 20.08.0 (DB revision 233)
md manage: INFO:2020-08-14 16h08.53 utc:593: Creating user.
md manage:WARNING:2020-08-14 16h08.53 utc:593: sql_exec_internal: PQexec failed: ERROR: relation "public.meta" does not exist
LINE 1: SELECT value FROM public.meta WHERE name = 'database_version...
^
(7)
md manage:WARNING:2020-08-14 16h08.53 utc:593: sql_exec_internal: SQL: SELECT value FROM public.meta WHERE name = 'database_version';
md manage:WARNING:2020-08-14 16h08.53 utc:593: sql_x: sql_exec_internal failed
md manage:MESSAGE:2020-08-14 16h08.53 utc:593: No SCAP database found
md manage:MESSAGE:2020-08-14 16h08.53 utc:593: No CERT database found
md main:MESSAGE:2020-08-14 16h08.54 utc:596: Greenbone Vulnerability Manager version 20.08.0 (DB revision 233)
md manage: INFO:2020-08-14 16h08.54 utc:596: Modifying setting.
md manage:MESSAGE:2020-08-14 16h08.54 utc:596: No SCAP database found
md manage:MESSAGE:2020-08-14 16h08.54 utc:596: No CERT database found
md main:MESSAGE:2020-08-14 16h08.54 utc:600: Greenbone Vulnerability Manager version 20.08.0 (DB revision 233)
md manage: INFO:2020-08-14 16h08.54 utc:600: Getting users.
md manage:MESSAGE:2020-08-14 16h08.54 utc:600: No SCAP database found
md manage:MESSAGE:2020-08-14 16h08.54 utc:600: No CERT database found
md main:MESSAGE:2020-08-14 16h08.54 utc:605: Greenbone Vulnerability Manager version 20.08.0 (DB revision 233)
md manage: INFO:2020-08-14 16h08.54 utc:605: Modifying setting.
md manage:MESSAGE:2020-08-14 16h08.54 utc:605: No SCAP database found
md manage:MESSAGE:2020-08-14 16h08.54 utc:605: No CERT database found
md main:MESSAGE:2020-08-14 16h08.54 utc:540: Greenbone Vulnerability Manager version 20.08.0 (DB revision 233)
md manage:MESSAGE:2020-08-14 16h08.54 utc:540: No SCAP database found
md manage:MESSAGE:2020-08-14 16h08.54 utc:540: No CERT database found
event port_list:MESSAGE:2020-08-14 16h08.55 utc:540: Port list All IANA assigned TCP (33d0cd82-57c6-11e1-8ed1-406186ea4fc5) has been created by admin
event port_list:MESSAGE:2020-08-14 16h08.55 utc:540: Port list All TCP and Nmap top 100 UDP (730ef368-57e2-11e1-a90f-406186ea4fc5) has been created by admin
event port_list:MESSAGE:2020-08-14 16h08.55 utc:540: Port list All IANA assigned TCP and UDP (4a4717fe-57d2-11e1-9a26-406186ea4fc5) has been created by admin
event report_format:MESSAGE:2020-08-14 16h08.55 utc:540: Report format ITG (77bd6c4a-1f62-11e1-abf0-406186ea4fc5) has been created by admin
event report_format:MESSAGE:2020-08-14 16h08.55 utc:540: Report format TXT (a3810a62-1f62-11e1-9219-406186ea4fc5) has been created by admin
event report_format:MESSAGE:2020-08-14 16h08.55 utc:540: Report format CSV Results (c1645568-627a-11e3-a660-406186ea4fc5) has been created by admin
event report_format:MESSAGE:2020-08-14 16h08.55 utc:540: Report format PDF (c402cc3e-b531-11e1-9163-406186ea4fc5) has been created by admin
event report_format:MESSAGE:2020-08-14 16h08.55 utc:540: Report format XML (a994b278-1f62-11e1-96ac-406186ea4fc5) has been created by admin
event report_format:MESSAGE:2020-08-14 16h08.55 utc:540: Report format Anonymous XML (5057e5cc-b825-11e4-9d0e-28d24461215b) has been created by admin
md manage: INFO:2020-08-14 16h10.25 utc:637: Initializing CERT database
md manage:WARNING:2020-08-14 16h10.25 utc:635: update_scap: No SCAP db present, rebuilding SCAP db from scratch
md manage: INFO:2020-08-14 16h10.25 utc:637: sync_cert: Updating data from feed
```
opened 08:23PM - 21 Oct 20 UTC
closed 11:28AM - 06 Jul 21 UTC
bug
In the web UI when I go to configure a scan the box labeled "scan config" is not… populated. I ran into this once before on another install and the issue was with my feed.lock file not having read/write privs under the gvm user, fixing that and doing an nvt-sync fixed it. That is not the case this time. I can't figure it out. I've gone through logs, followed the troubleshooting steps outlined here (https://sadsloth.net/post/install-gvm-20_08-src-on-debian/). I've confirmed my feed user has the UUID associated properly, I've been messing with it for days now. I'm running ubuntu 20.04, my NVTs are up to date, yet I do not have any options in the drop down box for feed config and I cannot start a scan because of it.
Archive
Greenbone Community Edition
Hi, I’ve installed greenbone-vulnerability-manager ( gvm-20.8.0-14795 ) on Centos 8.2 from atomic repo. After installation was done I end up without any scan config. “/usr/sbin/greenbone-feed-sync --type GVMD_DATA” doesn’t fetch anything except...
Reading time: 3 mins 🕑
Likes: 4 ❤
1 Like
vsdc
December 31, 2020, 4:06pm
6
Thanks. Will check those out.
Update :
SOLVED .
w00t.
So, the issue seemed to be primarily related to redis. ospd-openvas seemed to be looking for the socket at /var/run/redis/redis.sock, while the default path (in debian) is /var/run/redis/redis-server.sock.
Changing the socket path allowed the scanner service to find the redis socket, and changing the socket permissions to 770 allowed the gvm user (a member of the redis group) to access the socket.
It took some time for the scanner configs to actually update, but they appear to be present now. Thanks again, for pointing me in the right direction!
1 Like
JoeBob
November 15, 2021, 2:55am
7
I have same problem but in a fresh install of 21.4.3. on Kali 5.14. I’ve run thru the scripts from above. My feeds seem to download but do not update the folders. I do not have a gym user and instead have a _gvm user which is normal update process.
Not sure what to try next
JoeBob
November 15, 2021, 8:16pm
8
Well, solved my missing configus by dropping kali and openvas. Reinstalled kali from iso, then purged postgresql (
sudo apt-get --purge remove postgresql.
sudo apt-get purge postgresql*
sudo apt-get --purge remove postgresql postgresql-doc postgresql-common.The Absolute Best Way To Install OpenVAS On Kali Linux . or
Wait 30 minutes for all the feed updates to appear and it works!
Suspect that the main issue revolves around Postgres 13 to 14 conversion.
1 Like