Openvas cache rebuild doesn't seem to be working

Archive Greenbone Community Edition
1

I have installed the source version of OpenVas 9 on Ubuntu 16.04 LTS but I am having problems:

  1. Running ‘openvasmd --rebuild’ doesn’t seem to work, no matter how many times I run it. How long does a rebuild take for first run - minutes? Hours? Days?

  2. Running openvas-check-setup --v9 gives this error:
    ERROR: The number of NVTs in the OpenVAS Manager database is too low.
    FIX: Make sure OpenVAS Scanner is running with an up-to-date NVT collection

  3. Running a sqlite query on tasks.db gives 0 records for nvts table.

  4. I cannot login to the openvas web page. I get this erro when I try to login:
    Login failed. Waiting for OMP service to become available.

2

Some steps you can do:

  1. Verify your redis setup against Hint: Redis setup / configuration for GSE/GVM/OpenVAS

  2. Start the openvassd daemon like pointed out in the received openvas-check-setup FIX message

  3. Run the openvasmd --rebuild command afterwards

1 Like
3

Thanks for the tip. I have reconfigured redis-server according to this article at https://wiki.archlinux.org/index.php/OpenVAS
and restarted services. I have then tried the rebuild but it still fails to build and just sits there…

Any other tips?

5

Could it be a permission problem ?

root@openvas-ubuntu-16-04-lts:~# ls -la /var/run/openvasmd.sock 
srw-rw---- 1 root root 0 Mar 12 16:26 /var/run/openvasmd.sock
root@openvas-ubuntu-16-04-lts:~# ls -la /var/run/redis/redis.sock 
srwxr-xr-x 1 redis redis 0 Mar 12 16:12 /var/run/redis/redis.sock

I have the feeling it is OK but for that …
Update keep on failing stubornly :

root@openvas-ubuntu-16-04-lts:~# openvasmd --update --progress
Updating NVT cache… failed.
root@openvas-ubuntu-16-04-lts:~# echo $?
1

Any idea ?

\T,

6

It depends on your permission settings, we strongly disadvise to run GVMd as root.

I would put GVMd and redis in a shared group and set both members to RW- execute is not needed so your permissions are not correct here.

You need to think about your permission system like any other enterprise Linux application. Please check your settings, group-configurations. If you are unsure how to model the permission system right you can always use the GCE. On the GCE is the permission system configured correctly and it´s a ready to run virtual appliance.

Many 3rd party packages run everything as root (very unsafe) or have broken permissions. So if this is a permission system please get back to your package maintainer.

1 Like