Guide to install Openvas-Manager with Postgres

Archive Greenbone Community Edition
1

This a guide I have written during my installation of openvas.
All commands are taken from internet, and maybe something could be useless, but for me it worked :smiley:
Please try it and give me feedback to improve and fix the guide
Hope it helps

sudo apt update; sudo apt -y dist-upgrade; sudo apt -y autoremove
sudo apt install -y postgresql
sudo systemctl status postgresql
sudo -u postgres createuser root
sudo -u postgres createdb -O root tasks
sudo -u postgres psql tasks
create role dba with superuser noinherit;
grant dba to root;
create extension "uuid-ossp";
update pg_database set datallowconn = ‘true’ where datname = ‘tasks’;
\q
sudo apt install -y postgresql-contrib postgresql-server-dev-10
cd /usr/local/src
sudo mkdir -p openvas/debs
cd openvas
sudo add-apt-repository -s ppa:mrazavi/openvas
sudo apt update
sudo apt install -y dpkg-dev debhelper cmake pkg-config libglib2.0-dev libgnutls28-dev libgcrypt11-dev libsqlite3-dev libgpgme11-dev rats libopenvas9-dev smbclient
sudo su -
apt source openvas9-manager
cd openvas9-manager-7.0.3 ← check your version
dpkg-checkbuilddeps

vim debian/rules
override_dh_auto_configure:
dh_auto_configure -- -DLOCALSTATEDIR=/var -DSYSCONFDIR=/etc -DBACKEND=POSTGRESQL

echo "usr/lib/openvasmd/pg" >> debian/openvas-manager.dirs
echo "usr/lib/openvasmd/pg" >> debian/openvas-manager.install

dpkg-buildpackage -uc -us
mv …/*.deb …/debs/
apt-mark hold openvas9-manager
apt install -y openvas9

CHECK that Openvas-scanner is active

dpkg -i …/debs/openvas9-manager*.deb

openvasmd --user=admin --new-password=XXXXXXXX
openvas-manage-certs –a –f
sudo apt-get install texlive-latex-extra

vim /etc/default/openvas-gsa
# To allow <host> as hostname/address part of a Host header:
ALLOW_HEADER_HOST="XX.XX.XX.XX"
# To set listening address:
LISTEN_ADDRESS="XX.XX.XX.XX" <–Openvas IP
PORT = 9390
sudo service openvas-gsa restart

reference: Install OpenVas9 with Postgresql in Ubuntu 16.04LTS · sadsloth.net

2 Likes
2

Now all I need is a guide how to make this monitor other locations with nodes. Im trying to set this up so I can monitor/manage the setup I have at my house, Parents, and workoffice from one location(Work Office).

3

Hi! We have almost the same steps. I also use your reference. I am just lacking with this command.
update pg_database set datallowconn = ‘true’ where datname = ‘tasks’;
what does it do?
Also do you have the cert.db and scap.db files on your /var/lib/openvas/cert-data and /var/lib/openvas/scap-data?

4

Hi brian
I used the:

update pg_database set datallowconn = ‘true’ where datname = ‘tasks’;

to connect externally to DB; I have a php application to query directly the DB and match data with my asset DB.
you can see the command at this link:
PostgreSQL: Documentation: 9.2: pg_database

Also do you have the cert.db and scap.db files on your /var/lib/openvas/cert-data and /var/lib/openvas/scap-data?

no, I have these folders (not files) in /var/lib/openvas

  • CA
  • cert-data
  • gnupg
  • openvasmd
  • plugins
  • private
  • scap-data

I think cert.db and scap.db are files used by SQlite3 and not from Porsgres
Bye
Giovanni