Report timing out

gvm-10

#1

I did a scan of our DMZ and received a lenghty report (I think). Problem: I cannot display it, since the operation times out.

Is that normal? 27.000 results too much? Are there timeouts I could raise?


#2

Trying the cli now:
sudo gvm-cli socket --timeout -1 --gmp-username admin --gmp-password secret --socketpath /var/run/gvmd.sock --xml '<get_reports report_id="a0dc2400-7b36-4253-9a4a-d76c8233b1de">'


#4

The web gui has a 15 minutes timeout. It can be changed at
GOS Admin Menu > Setup > Services > HTTPS > Timeout.

I hope this helps, 15 min is still pretty long though…


#5

Please never ever run tools as sudo. It will be even forbidden in the gvm-tools release! Instead adjust the socket permissions of gvmd via the --listen-owner, --listen-group or --listen-mode arguments.

If the timeout happens in gsa you can adjust the timeout by adding a config.js file to $PREFIX/share/gvm/gsad/web/ with the following content:

config = {
  timeout: <timeout in seconds>,
}

#6

So it very much looks like gvm-cli is sending the authentification (successful) and the command to gvmd via the socket, and then nothing much happens.

I straced gvmd and found:

[pid  9122] openat(AT_FDCWD, "/var/lib/gvm/gvmd/gvmd.db", O_RDWR|O_CREAT|O_CLOEXEC, 0644) = 18
...
[pid  9122] select(18, [17], [], NULL, {tv_sec=1, tv_usec=0} <unfinished ...>
[pid  9123] <... nanosleep resumed> 0x7f7af31f2d00) = 0
[pid  9123] recvfrom(17, 0x7f7af31f2d47, 1, MSG_PEEK, NULL, NULL) = -1 EAGAIN (Resource temporarily unavailable)
[pid  9123] nanosleep({tv_sec=1, tv_nsec=0},  <unfinished ...>
[pid  9122] <... select resumed> )      = 0 (Timeout)
[pid  9122] select(18, [17], [], NULL, {tv_sec=1, tv_usec=0} <unfinished ...>
[pid  9123] <... nanosleep resumed> 0x7f7af31f2d00) = 0
[pid  9123] recvfrom(17, 0x7f7af31f2d47, 1, MSG_PEEK, NULL, NULL) = -1 EAGAIN (Resource temporarily unavailable)
[pid  9123] nanosleep({tv_sec=1, tv_nsec=0},  <unfinished ...>
[pid  9122] <... select resumed> )      = 0 (Timeout)

This repeats over and over again.
I then tried vacuuming the gvmd.db, but to no avail.


#7

Yes, found out that’s it’s not even needed.


#8

Your are missing the closing slash /

'<get_reports report_id="a0dc2400-7b36-4253-9a4a-d76c8233b1de"/>'

If the slash is missing gvmd still waits for input.


#9

Alas, adding the missing backslash makes it work. The cli command then returns after 1m48s.
All I need to find out is why the GUI via gsa won’t do the same.


#10

In GSA all results are requested by using:

'<get_reports report_id="a0dc2400-7b36-4253-9a4a-d76c8233b1de" ignore_pagination="1"/>'

The default timeout for http requests in GSA is 5 minutes.


#11

That’s really strange; I executed the request via cli with ignore_pagination enabled and it finished with 2m32s

I found two log entries about 2m:30s apart:

md   main:WARNING:2019-05-17 15h38.50 CEST:22830: write_to_client_unix: failed to write to client: Broken pipe
md manage:WARNING:2019-05-17 15h38.50 CEST:22830: manage_send_report: send error
md    gmp:   INFO:2019-05-17 15h38.50 CEST:22830:    Failed to parse client XML: Internal Error.
md   main:WARNING:2019-05-17 15h38.50 CEST:22830: write_to_client_unix: failed to write to client: Broken pipe

I will check the cli output to see if it’s syntactically correct.