Openvas docker version not running scans / missing sock service

Hello everyone.

I’m trying to use the 22.4 dockerized version of openvas, but scans when requested after some seconds error state, with status “Interrupted at 0%”.

Checking the logs from the greenbone/gvmd:stable instance I get this error: osp_scanner_feed_version: failed to connect to /run/ospd/ospd-openvas.sock

I see this file on the docker volumes, for exemple:
/data/docker/volumes/greenbone-community-edition_ospd_openvas_socket_vol/_data/ospd-openvas.sock

but it always try to read from this path on /run/ospd that was not created on the deployment of the containers.

I tryed altering manually the gvmd.service files to point it to the docker path, making hard links but yet still no scans run properly, going to 0%
#ExecStart=/usr/local/sbin/gvmd --osp-vt-update=/run/ospd/ospd-openvas.sock --listen-group=gvm
ExecStart=/usr/local/sbin/gvmd --osp-vt-update=/data/docker/volumes/greenbone-community-edition_ospd_openvas_socket_vol/_data/ospd-openvas.sock --listen-group=gvm

Is it possible to use the dockerized version of openvas fully and run scans? or do I need a specific environment to use the community version?

thanks

Hi,

did you follow our docs from (https://greenbone.github.io/docs/latest/22.4/container/index.html) closely?

The error osp_scanner_feed_version: failed to connect to /run/ospd/ospd-openvas.sock could mean two things:

  1. ospd-openvas is not running
  2. the file permissions are not correct thus gvmd has no permissions to read or write to the socket

First you should check if the corresponding container is running. For example the output of docker container ls should list the container name greenbone-community-edition_ospd-openvas_1.
If it is not running try to start it again with docker-compose -f $DOWNLOAD_DIR/docker-compose.yml -p greenbone-community-edition up -d and check the ospd-openvas log output with docker-compose -f $DOWNLOAD_DIR/docker-compose.yml -p greenbone-community-edition logs -f ospd-openvas.

I suppose ospd-openvas is shutting down due to not being able to validate the feed content immediately.

Please come back here afterwards with the log output and we’ll address the issue or check the second item.

And btw. this is completely useless. That’s the location of the used docker volume to store the socket. It’s docker internal and you shouldn’t do that. The daemons of the containers in our compose file are configured to not being available from the host. If you want to access the ospd-openvas socket from the host you need to use a bind mount for the container.

Every Linux and even Mac should work as operating system for the host. I can’t say anything about Windows. We support Debian Bullseye and the stable Fedora versions at the moment. That’s also mentioned in the docs. Personally I am running scans via the containers on Ubuntu.

I installed a fresh system with more space on /var and gave up changing the default path from docker to my /data partition, I was losing much time to change the default docker envs

With more time I’ll try again with different aproaches on the composer file and docker configs, thanks anyway