Back in February 2019, there was a page on the openvas.org web site that discussed installing OpenVAS from packages.
The URL was http://www.openvas.org/install-packages
But the page is no longer present. From reading this page, I discovered that there was a version of openvas in the EPEL repository.
Around the same time, I read a blog posting that the version distributed in EPEL was going to go EOL in the summer of 2019, which would be unfortunate.
The installation instructions were a bit sparce, but the /usr/bin/openvas-check-setup was immensely useful.
To make a long story short, I wrote a simple Ansible script that would fully install the EPEL version of OpenVAS, as a proof-of-concept, and it worked very well.
I just translated the instructions from the installation document into Ansible commands, and used /usr/bin/openvas-check-setup to verify the steps. You could read the openvas-check-setup script and see exactly what commands were being used to verify the various stages of the install … and implement them in Ansible.
Since this was my first time working with OpenVAS, I wrote the Ansible script to detect if the major databases were not yet created, and then exited the Ansible script with a prompt of what command was needed to create the database (such as openvas-scapdata-sync). This allowed you to watch the multi-minute process and see its progress.
When the database was initialized, you just re-ran the Ansible script. It would skip all the work it had already done, and then pick up where the database was initialized. This would continue until the next database … and the script would exit again with the prompt on how to create the next database. This continued until OpenVas was fully installed.
I am a bit dismayed that there is no longer any information about installing OpenVAS from packages, and/or the OpenVAS packages on EPEL.
I was hoping to ask if there was any interest in the Ansible script for the semi-automatic install, and also ask if there was any information on when or if the EPEL version of Openvas would be updated.
I am willing to share the Ansible script for EPEL Openvas installation. It makes it very easy, and takes about 2 hours in total. It has been tested under CentOS 7.5.
The versions of OpenVAS that are distributed in EPEL 7.x are:
Installed Packages
openvas-cli.x86_64 1.4.4-1.el7 @epel
openvas-gsa.x86_64 6.0.11-3.el7 @epel
openvas-libraries.x86_64 8.0.8-2.el7 @epel
openvas-manager.x86_64 6.0.9-1.el7 @epel
openvas-scanner.x86_64 5.0.6-1.el7 @epel
Does anyone else have interest in the EPEL version of OpenVAS?
From what I understand, the OpenVAS versions listed above are a bit stale, but the intstalled product does work and provide useful services. It would be “nice” if it could be updated. Installing from a yum package, especially with an Ansible script (which I am willing to share), is much easier and less error-prone than installing from source.
Thoughts?