Unable to create scanner configs, and no default configs are provided

I’ve finally gotten my feed issue solved, but I notice that, related to the GVMD_DATA feed, there are no:

  • Scanner configs
  • Compliance Policies

Is that to be expected for the community feed?

Are scanner configs required in order to use things like the task wizard? I attempt to use the task wizard to add an IP and scan, and it fails with:

Failed to find config 'daba56c8-73ec-11df-a475-002264764cea'

Anyway, just trying to determine if this is something that needs fixed, or if I just need to set up my own default scan config.

Actually, I can’t even create my own configs. When I try, I’m required to select a “base”, but get the error:

× Failed to find config 'd21f6c81-2b88-4ac1-b7b4-a2a9f2ad4663'

This fails (with different IDs) for any of the selectable bases.

1 Like

You probably have either missed to sync the new GVMD_DATA or have missed to set a feed import owner afterwards. The “Details” section of the following announcements have a few additional links / info around both topics:

2 Likes

I’ve synced GVMD_DATA. The default port lists and report formats are present, and they come from that feed. Additionally, gvmd indicates that the feed is up to date.

The feed owner is also set. At this point, the only things that seems to be missing are the scanner configs specifically.

root@openvas:~# sudo -u gvm gvmd --get-users --verbose
admin bab59909-a9b4-4c1b-98e6-7cbf6ddad44a
root@openvas:~# sudo -u gvm psql -d gvmd -c "SELECT * FROM settings WHERE uuid = '78eceaec-3385-11ea-b237-28d24461215b'";
could not change directory to "/root": Permission denied
 id |                 uuid                 | owner |       name        |                         comment                         |                value                 
----+--------------------------------------+-------+-------------------+---------------------------------------------------------+--------------------------------------
 15 | 78eceaec-3385-11ea-b237-28d24461215b |       | Feed Import Owner | User who is given ownership of new resources from feed. | bab59909-a9b4-4c1b-98e6-7cbf6ddad44a
(1 row)

I have cron jobs set up to ensure feeds are fetched once per day:

root@openvas:~# cat /etc/cron.d/openvas 
#Ansible: OpenVAS NVT feed sync
43 0 * * * gvm /usr/bin/greenbone-nvt-sync
#Ansible: OpenVAS SCAP feed sync
27 2 * * * gvm /usr/sbin/greenbone-feed-sync --type SCAP
#Ansible: OpenVAS CERT feed sync
13 3 * * * gvm /usr/sbin/greenbone-feed-sync --type CERT
#Ansible: OpenVAS GVMD_DATA feed sync
2 4 * * * gvm /usr/sbin/greenbone-feed-sync --type GVMD_DATA

It appears to me that the data is actually fetched…

root@openvas:~# ls -la /var/lib/gvm/data-objects/gvmd/*/configs
/var/lib/gvm/data-objects/gvmd/20.08/configs:
total 1292
drwxr-xr-x 2 gvm gvm   4096 Oct 16 04:55 .
drwxr-xr-x 5 gvm gvm   4096 Jun 17  2020 ..
-rw-r--r-- 1 gvm gvm    826 Aug 31 03:29 base-d21f6c81-2b88-4ac1-b7b4-a2a9f2ad4663.xml
-rw-r--r-- 1 gvm gvm  47873 Aug 31 03:29 discovery-8715c877-47a0-438d-98a3-27c7a6ab2196.xml
-rw-r--r-- 1 gvm gvm    884 Aug 31 03:29 empty-085569ce-73ed-11df-83c3-002264764cea.xml
-rw-r--r-- 1 gvm gvm   1790 Aug 31 03:29 full-and-fast-daba56c8-73ec-11df-a475-002264764cea.xml
-rw-r--r-- 1 gvm gvm   1764 Aug 31 03:29 host-discovery-2d3f051c-55ba-11e3-bf43-406186ea4fc5.xml
-rw-r--r-- 1 gvm gvm 612735 Sep 28 05:19 policy_euleros_20200909_9f822ad3-9208-4e02-ac03-78dce3ca9a23.xml
-rw-r--r-- 1 gvm gvm 597265 Sep 28 05:19 policy_gaussdb_20200909_61327f09-8a54-4854-9e1c-16798285fb28.xml
-rw-r--r-- 1 gvm gvm  10630 Oct 15 07:31 policy-huawei-datacom-aab5c4a1-eab1-4f4e-acac-8c36d08de6bc.xml
-rw-r--r-- 1 gvm gvm  14966 Aug 31 03:29 policy-it-grundschutz-c4b7c0cb-6502-4809-b034-8e635311b3e6.xml
-rw-r--r-- 1 gvm gvm   5220 Aug 31 03:29 system-discovery-bbca7412-a950-11e3-9109-406186ea4fc5.xml

/var/lib/gvm/data-objects/gvmd/21.04/configs:
total 1292
drwxr-xr-x 2 gvm gvm   4096 Oct 16 04:55 .
drwxr-xr-x 5 gvm gvm   4096 Jul 22 06:11 ..
-rw-r--r-- 1 gvm gvm    826 Aug 31 03:29 base-d21f6c81-2b88-4ac1-b7b4-a2a9f2ad4663.xml
-rw-r--r-- 1 gvm gvm  47873 Aug 31 03:29 discovery-8715c877-47a0-438d-98a3-27c7a6ab2196.xml
-rw-r--r-- 1 gvm gvm    884 Aug 31 03:29 empty-085569ce-73ed-11df-83c3-002264764cea.xml
-rw-r--r-- 1 gvm gvm   1790 Aug 31 03:29 full-and-fast-daba56c8-73ec-11df-a475-002264764cea.xml
-rw-r--r-- 1 gvm gvm   1764 Aug 31 03:29 host-discovery-2d3f051c-55ba-11e3-bf43-406186ea4fc5.xml
-rw-r--r-- 1 gvm gvm 612735 Sep 28 05:19 policy_euleros_20200909_9f822ad3-9208-4e02-ac03-78dce3ca9a23.xml
-rw-r--r-- 1 gvm gvm 597265 Sep 28 05:19 policy_gaussdb_20200909_61327f09-8a54-4854-9e1c-16798285fb28.xml
-rw-r--r-- 1 gvm gvm  10630 Oct 15 07:31 policy-huawei-datacom-aab5c4a1-eab1-4f4e-acac-8c36d08de6bc.xml
-rw-r--r-- 1 gvm gvm  14966 Aug 31 03:29 policy-it-grundschutz-c4b7c0cb-6502-4809-b034-8e635311b3e6.xml
-rw-r--r-- 1 gvm gvm   5220 Aug 31 03:29 system-discovery-bbca7412-a950-11e3-9109-406186ea4fc5.xml

Is it significant that version 21.04 is also fetched? I am running version 20.08.

Some further reading below.

TLDR: Either a wrongly configured redis-server or a gvmd not configured to access the correct ospd-openvas / ospd socket could be additional reasons for this problem.

1 Like

Thanks. Will check those out.

Update:

SOLVED.

w00t.

So, the issue seemed to be primarily related to redis. ospd-openvas seemed to be looking for the socket at /var/run/redis/redis.sock, while the default path (in debian) is /var/run/redis/redis-server.sock.

Changing the socket path allowed the scanner service to find the redis socket, and changing the socket permissions to 770 allowed the gvm user (a member of the redis group) to access the socket.

It took some time for the scanner configs to actually update, but they appear to be present now. Thanks again, for pointing me in the right direction!

1 Like

I have same problem but in a fresh install of 21.4.3. on Kali 5.14. I’ve run thru the scripts from above. My feeds seem to download but do not update the folders. I do not have a gym user and instead have a _gvm user which is normal update process.
pg_lsclusters show version 14 db. When I do the select against gym, I do not have a feed import owner.

Not sure what to try next

Well, solved my missing configus by dropping kali and openvas. Reinstalled kali from iso, then purged postgresql (

  1. sudo apt-get --purge remove postgresql.
  2. sudo apt-get purge postgresql*
  3. sudo apt-get --purge remove postgresql postgresql-doc postgresql-common.
    Then reinstalled gvm from scratch
    The Absolute Best Way To Install OpenVAS On Kali Linux. or
    1.sudo apt-get update
    2.sudo apt install gvm
    3.sudo gvm-setup
    4.sudo gvm-start (It really was already started by step3)

Wait 30 minutes for all the feed updates to appear and it works!

Suspect that the main issue revolves around Postgres 13 to 14 conversion.

1 Like