No scan list, no port lists after build of 20.08?

Hi all,

I installed OpenVAS 20.8 from source on Debian Buster.

It starts but it seems that parts of the configuration are missing.

  • There are no port lists preconfigured
  • no scan lists

When I try to add a task, I get the message:
»Failed to find config ‘daba56c8-73ec-11df-a475-002264764cea’«

What have I done wrong? Is this normal?

Best regards!

GVM versions

gsad: 20.08.0~git
gvmd: 20.08.0
openvas-scanner: 20.8.0
gvm-libs: 20.8.0

Environment

Operating system: Debian Buster
Kernel: Linux … 4.19.0-10-amd64 #1 SMP Debian 4.19.132-1 (2020-07-24) x86_64 GNU/Linux
Installation method / source: source

First of all it is NOT OpenVAS anymore. See Frequently Asked Questions (FAQ)

You need to sync the nvts (call greenbone-nvt-sync and connect gvmd with a ospd-openvas scanner) before the scan configs will be available. I think I should update the release notes to make that more obvious.

1 Like

In addition the “Feed Import Owner” needs to be configured / set, see:

https://github.com/greenbone/gvmd/blob/gvmd-20.08/INSTALL.md#set-the-feed-import-owner

Without such an owner and without a previous greenbone-feed-sync --type GVM_DATA sync no scan configs, port lists and report formats will show up.

1 Like

Thank you very much for your fast replies!
I now updated the Feed Import Owner

su -c “gvmd --modify-setting 78eceaec-3385-11ea-b237-28d24461215b --value a761c12e-9297-4383-904e-4984e009483b” gvm

rerun feed sync

su -c “greenbone-nvt-sync” openvas-sync
modified scanner

su -c “gvmd --modify-scanner=08b69003-5fc2-4037-a479-93b440211c73 --scanner-host=/tmp/ospd.sock” gvm

restarted.

su -c “gvmd --osp-vt-update=/tmp/ospd.sock” gvm

But I found error messages in the log:

md manage:WARNING:2020-08-17 08h39.08 utc:8741: check_db_configs: Failed to sync configs with feed
md manage:WARNING:2020-08-17 08h39.08 utc:8741: sync_configs_with_feed: Failed to open directory ‘/usr/local/var/lib/gvm/data-objects/gvmd/20.08/configs’: Error opening directory “/usr/local/var/lib/gvm/data-obj
ects/gvmd/20.08/configs”: No such file or directory
md manage:WARNING:2020-08-17 08h39.08 utc:8741: sync_port_lists_with_feed: Failed to open directory ‘/usr/local/var/lib/gvm/data-objects/gvmd/20.08/port_lists’: Error opening directory “/usr/local/var/lib/gvm/da
ta-objects/gvmd/20.08/port_lists”: No such file or directory
md manage:WARNING:2020-08-17 08h39.08 utc:8741: sync_report_formats_with_feed: Failed to open directory ‘/usr/local/var/lib/gvm/data-objects/gvmd/20.08/report_formats’: Error opening directory “/usr/local/var/li
b/gvm/data-objects/gvmd/20.08/report_formats”: No such file or directory

running

su -c “greenbone-feed-sync --type GVMD_DATA” openvas-sync

ends with:

@ERROR: Unknown module ‘data-objects’
rsync error: error starting client-server protocol (code 5) at main.c(1675) [Receiver=3.1.3]

Because the missing files are all located in data-objects I hope to very close :slight_smile:

Does this directories exists ? Are the permissions right for your GVM user ?
Simple OS skills are needed here :wink:

Most errors can be solved by reading and understanding the error message :wink:

Hi Lukas,

I absolutely agree :wink:
I missed to mention that in my last post. The files do not exist and I thought they should be synced by

greenbone-feed-sync --type GVMD_DATA

but I get the error message

@ERROR: Unknown module ‘data-objects’

Do you have an idea what could be wrong here?

If I understand that statement correctly it is running as an openvas-sync user. In that case I guess greenbone-feed-sync can create the /usr/local/var/lib/gvm/data-objects/gvmd/20.08/port_lists directory due to missing write permissions for /usr/local.

When I started the script for the first time it created the file /usr/local/var/lib/gvm/data-objects/gvmd/feed.xml. I hope the file permissions are set correctly.

When I run

rsync rsync://feed.community.greenbone.net:/data-objects/gvmd/ test/

as root, I get the same error message.

Hmm from my side it seems to work, so it might be a network issue …

rsync -avrP rsync://feed.community.greenbone.net:/data-objects/gvmd/ .

Greenbone community feed server - http://feed.community.greenbone.net/
This service is hosted by Greenbone Networks - http://www.greenbone.net/

All transactions are logged.

If you have any questions, please use the Greenbone community portal.
See https://community.greenbone.net for details.

By using this service you agree to our terms and conditions.

Only one sync per time, otherwise the source ip will be temporarily blocked.

receiving incremental file list
./
sha256sums
4,474 100% 4.27MB/s 0:00:00 (xfr#1, to-chk=42/44)
sha256sums.asc
833 100% 813.48kB/s 0:00:00 (xfr#2, to-chk=41/44)
timestamp
13 100% 12.70kB/s 0:00:00 (xfr#3, to-chk=40/44)
20.08/
20.08/configs/
20.08/configs/base-d21f6c81-2b88-4ac1-b7b4-a2a9f2ad4663.xml
808 100% 789.06kB/s 0:00:00 (xfr#4, to-chk=34/44)
20.08/configs/discovery-8715c877-47a0-438d-98a3-27c7a6ab2196.xml
47,855 100% 206.78kB/s 0:00:00 (xfr#5, to-chk=33/44)
20.08/configs/empty-085569ce-73ed-11df-83c3-002264764cea.xml
866 100% 3.74kB/s 0:00:00 (xfr#6, to-chk=32/44)
20.08/configs/full-and-fast-daba56c8-73ec-11df-a475-002264764cea.xml
1,772 100% 7.66kB/s 0:00:00 (xfr#7, to-chk=31/44)
20.08/configs/host-discovery-2d3f051c-55ba-11e3-bf43-406186ea4fc5.xml
1,746 100% 7.54kB/s 0:00:00 (xfr#8, to-chk=30/44)
20.08/configs/policy-it-grundschutz-c4b7c0cb-6502-4809-b034-8e635311b3e6.xml
14,947 100% 64.02kB/s 0:00:00 (xfr#9, to-chk=29/44)
20.08/configs/system-discovery-bbca7412-a950-11e3-9109-406186ea4fc5.xml
5,202 100% 22.28kB/s 0:00:00 (xfr#10, to-chk=28/44)
20.08/port_lists/
20.08/port_lists/all-iana-assigned-tcp-33d0cd82-57c6-11e1-8ed1-406186ea4fc5.xml
125,125 100% 131.11kB/s 0:00:00 (xfr#11, to-chk=27/44)
20.08/port_lists/all-iana-assigned-tcp-and-udp-4a4717fe-57d2-11e1-9a26-406186ea4fc5.xml
32,768 13% 25.48kB/s 0:00:08 ^C

2 Likes

Yes, the final step was a network issue. After the sync was successful OpenVAS worked!
Thank you very much! :slight_smile:

1 Like

I have to quote my self again.

1 Like

The majority of people will call it OpenVAS probably for a long time, because people don’t usually do well with name changes.