I did a scan of our DMZ and received a lenghty report (I think). Problem: I cannot display it, since the operation times out.
Is that normal? 27.000 results too much? Are there timeouts I could raise?
I did a scan of our DMZ and received a lenghty report (I think). Problem: I cannot display it, since the operation times out.
Is that normal? 27.000 results too much? Are there timeouts I could raise?
Trying the cli now:
sudo gvm-cli socket --timeout -1 --gmp-username admin --gmp-password secret --socketpath /var/run/gvmd.sock --xml '<get_reports report_id="a0dc2400-7b36-4253-9a4a-d76c8233b1de">'
The web gui has a 15 minutes timeout. It can be changed at
GOS Admin Menu > Setup > Services > HTTPS > Timeout.
I hope this helps, 15 min is still pretty long though…
Please never ever run tools as sudo. It will be even forbidden in the gvm-tools release! Instead adjust the socket permissions of gvmd via the --listen-owner
, --listen-group
or --listen-mode
arguments.
If the timeout happens in gsa you can adjust the timeout by adding a config.js file to $PREFIX/share/gvm/gsad/web/
with the following content:
config = {
timeout: <timeout in seconds>,
}
So it very much looks like gvm-cli is sending the authentification (successful) and the command to gvmd via the socket, and then nothing much happens.
I straced gvmd and found:
[pid 9122] openat(AT_FDCWD, "/var/lib/gvm/gvmd/gvmd.db", O_RDWR|O_CREAT|O_CLOEXEC, 0644) = 18
...
[pid 9122] select(18, [17], [], NULL, {tv_sec=1, tv_usec=0} <unfinished ...>
[pid 9123] <... nanosleep resumed> 0x7f7af31f2d00) = 0
[pid 9123] recvfrom(17, 0x7f7af31f2d47, 1, MSG_PEEK, NULL, NULL) = -1 EAGAIN (Resource temporarily unavailable)
[pid 9123] nanosleep({tv_sec=1, tv_nsec=0}, <unfinished ...>
[pid 9122] <... select resumed> ) = 0 (Timeout)
[pid 9122] select(18, [17], [], NULL, {tv_sec=1, tv_usec=0} <unfinished ...>
[pid 9123] <... nanosleep resumed> 0x7f7af31f2d00) = 0
[pid 9123] recvfrom(17, 0x7f7af31f2d47, 1, MSG_PEEK, NULL, NULL) = -1 EAGAIN (Resource temporarily unavailable)
[pid 9123] nanosleep({tv_sec=1, tv_nsec=0}, <unfinished ...>
[pid 9122] <... select resumed> ) = 0 (Timeout)
This repeats over and over again.
I then tried vacuuming the gvmd.db, but to no avail.
Yes, found out that’s it’s not even needed.
Your are missing the closing slash /
'<get_reports report_id="a0dc2400-7b36-4253-9a4a-d76c8233b1de"/>'
If the slash is missing gvmd still waits for input.
Alas, adding the missing backslash makes it work. The cli command then returns after 1m48s.
All I need to find out is why the GUI via gsa won’t do the same.
In GSA all results are requested by using:
'<get_reports report_id="a0dc2400-7b36-4253-9a4a-d76c8233b1de" ignore_pagination="1"/>'
The default timeout for http requests in GSA is 5 minutes.
That’s really strange; I executed the request via cli with ignore_pagination enabled and it finished with 2m32s
I found two log entries about 2m:30s apart:
md main:WARNING:2019-05-17 15h38.50 CEST:22830: write_to_client_unix: failed to write to client: Broken pipe
md manage:WARNING:2019-05-17 15h38.50 CEST:22830: manage_send_report: send error
md gmp: INFO:2019-05-17 15h38.50 CEST:22830: Failed to parse client XML: Internal Error.
md main:WARNING:2019-05-17 15h38.50 CEST:22830: write_to_client_unix: failed to write to client: Broken pipe
I will check the cli output to see if it’s syntactically correct.
What is GOS Admin Menu?
The GOS Admin Menu is a green CLI based menu that can be accessed via ssh or console. It looks like this
Is this something available on Greenbone Source Edition? I’ve never seen this and I’ve never seen it mentioned in the GSE documentation.