Error 503 on GCE


#1

I’ve got a GCE virtual appliance set up, followed the instructions and have a good feed, but I’m getting Error 503 every time I try to do any sort of scan. Looking at the log on the virtual appliance whenever a scan is kicked off it says: openvas_scanner_connect_unix: Failed to connect to scanner (/run/openvas/openvassd.sock): Connection refused.

In the web interface when I go to Configuration>Scanners the CVE Scanner will verify but testing the OpenVAS Scanner gives the 503 error and the same message in the logs. Any suggestions?


#2

How mutch ram did you assigned to the virtual machine ?


#3

I gave it 4 cores, 4 GB RAM, 12 GB storage.


#4

Should I just scrap the VM and try again? I’m not sure what could be wrong at this point.


#5

i have the same issue and i installed a new vm without success. i tried hardware settings suggested here: https://www.greenbone.net/en/install_use_gce/
and i set it up to 8 cpus and 32 g ram but still not working.
feeds are up to date.
every time i reboot the vm it comes with the setup wizard after login. i click yes and then skip the subscription key section. i have configured ip, dns,gateway,time.
any ideas?


#6

i am experiencing the same issue with a GCE VM installed within virtual box. Whenever i try to start any sort of job i receive this error message on the UI:

Results of last operation

Operation: Start Task
Status code: 503
Status message: Service temporarily down

Feeds are up to date. On the shell i can see that the Scanner Service has not started correctly.
Strange thing is, i had an old machine (Nov’ 18) that was working just fine, but after i updated to the latest feeds i am experiencing the exact same issue.

Any help in this regard is highly appreciated.


#7

If you work with the GCE as root, it might be very likely to ruin the permission model.
I would suggest to start over, delete the VM and install a new one. Try to run a community feed sync and after the sync is finished (over night) next day try to login.


#8

I’ve just deleted the VM and set it up again, will check tomorrow and see if it’s working. I personally never went into root though, I just used the shell to view the logs. We’ll see what happens this time around I guess.


#9

I’m actually having the exact same issue. Ran a scan last week, all was fine. Feeds updated today/yesterday and then I started getting the 503 error. Checked the openvas-scanner.service, and I had the exact same error message in your screenshot. Rebuilt the VM, ran a feed update, same issue on new VM. Upon reviewing the log files, all plugins are failing to load and then the service gives up and exits. Not really sure how to fix this one as it seems it is the feed that is breaking GCE.


#10

Just re-installed GSM CE, as I was seeing the same errors in my 4-days old GSM. Did not help much, still the same error.
Maybe something is wrong with the feed?

My VMware VM has 2GB memory and 2 cores, as described in the installation manual.
Feed status:
NVT: 201905071007
SCAP: 201905062300
CERT: 201905070000

tail openvassd.messages
[Tue May  7 22:42:39 2019][3258] /opt/greenbone/feed/plugins/gb_microsoft_office_detect_macosx.nasl: Could not be loaded
[Tue May  7 22:42:39 2019][3258] /opt/greenbone/feed/plugins/gb_gitea_detect.nasl: Could not be loaded
[Tue May  7 22:42:39 2019][3258] /opt/greenbone/feed/plugins/gb_tor_browser_detect_lin.nasl: Could not be loaded
[Tue May  7 22:42:39 2019][3258] /opt/greenbone/feed/plugins/gb_clamav_remote_detect.nasl: Could not be loaded
[Tue May  7 22:42:39 2019][3258] /opt/greenbone/feed/plugins/secpod_formmax_detect.nasl: Could not be loaded
[Tue May  7 22:42:39 2019][3258] /opt/greenbone/feed/plugins/gb_oraclebi_discoverer_detect.nasl: Could not be loaded
[Tue May  7 22:42:39 2019][3258] /opt/greenbone/feed/plugins/gb_efi_fiery_webtools_detect.nasl: Could not be loaded
[Tue May  7 22:42:39 2019][3258] /opt/greenbone/feed/plugins/gb_ox_app_suite_detect.nasl: Could not be loaded
[Tue May  7 22:42:39 2019][3258] /opt/greenbone/feed/plugins/gb_ms_office_click2run_detect_win.nasl: Could not be loaded
[Tue May  7 22:42:39 2019][3258] Stopped loading plugins: High number of errors.
Operation: Start Task
Status code: 503
Status message: Service temporarily down

#11

@Lukas Thank you for you response. i set up a new machine and let it sync over night, but am unfortunately experiencing the same issue again. i have the same feed version as marcela.


#12

I have the same issues after doing a feed update on my GSM CE. Looks indeed like something’s wrong with the feed. I’ll post here as soon as I got more.


#13

We might have found the problem and will work to adapt the feed accordingly.


#14

Some background: we inadvertently changed an identifier in the Community Feed, that made your GCE believe it’s syncing against the commercial gsf-feed. When the GCE was trying to check the signature of the feed it tried using the gsf-key and failed.
The identifier is back to the old state in the feed since 09:40 UTC. A second update will fix your GCE.

We’re sorry for the trouble, please let us know if you have further problems with this.


#15

Thank you @Tino. Another feed update did indeed fix the GCE.


#16

Feed update worked for me too. Thanks!


#17

I’m still having issues, I redeployed the VM yesterday and when I saw the replies this morning I initiated a manual feed update. I was still unable to scan. I tried a few more times after adjusting some network setting and couldn’t get it working. My feed said it was Wed May 8 09:11 and Tino’s reply indicates the feed was updated at 9:40 so I thought I was having trouble updating.

I decided to just try again and once more redeployed the VM and let the feed update. The feed still shows the same time as noted above and I’m still getting the 503 error when trying to start a task.


#18

i solved the problem. when installing on vmware do not use Other Linux (64bit) as suggested in the greenbone documentation. Use Debian 8 64 Bit and it will work fine.


#19

I’m using VMWare also but when I try to install with Debian 8 64 bit I immediately get an error when it starts to try to format the disk. What version are you on? I’ve got 6.5.


#20

Me too. I didn’t format the disk manually. I created a new vm and new disk -> start from iso and clicked setup. Nothing else.
There ist one point more i forgot in my previous post. After the NVT Update the Default Scanner was running and NVT where shown as up to date but there was a problem when i started a scan. After a few seconds the scan was done and in the report i got the Info that the targets cannot bei accessed.
To solve this i enabled the root user switched to shell and su for root account.
Enter: openvasmd --rebuild --progress
After that all works fine.
Sorry for typos i wrote this on my handy.