FS#57470 - [openvas-manager] OpenVAS fails to rebuild database after a clean install
Attached to Project:
Community Packages
Opened by Martin (greencopper) - Sunday, 11 February 2018, 15:22 GMT
Last edited by Christian Rebischke (Shibumi) - Saturday, 26 May 2018, 14:18 GMT
Opened by Martin (greencopper) - Sunday, 11 February 2018, 15:22 GMT
Last edited by Christian Rebischke (Shibumi) - Saturday, 26 May 2018, 14:18 GMT
|
Details
Following the guide in the Arch wiki:
https://wiki.archlinux.org/index.php/OpenVAS
When you reach the point where you're supposed to rebuild the database it fails: # openvasmd --rebuild --progress Rebuilding NVT cache... failed. This is related to the following packages: community/greenbone-security-assistant 7.0.2-1 (openvas) [installed] community/openvas-cli 1.4.5-2 (openvas) [installed] community/openvas-libraries 9.0.1-1 (openvas) [installed] community/openvas-manager 7.0.2-1 (openvas) [installed] community/openvas-scanner 5.1.1-1 [installed] Steps to reproduce: Follow the Arch Linux wiki on OpenVAS. |
This task depends upon
Closed by Christian Rebischke (Shibumi)
Saturday, 26 May 2018, 14:18 GMT
Reason for closing: Not a bug
Saturday, 26 May 2018, 14:18 GMT
Reason for closing: Not a bug
openvasmd --rebuild --progress
Rebuilding NVT cache... \
<hanging forever>
md main:MESSAGE:2018-03-06 13h00.29 utc:1088: OpenVAS Manager version 7.0.2 (DB revision 184)
md main: INFO:2018-03-06 13h00.29 utc:1088: rebuild_nvt_cache_retry: Reloading NVT cache
md main: INFO:2018-03-06 13h00.29 utc:1089: update_or_rebuild_nvt_cache: Rebuilding NVT cache
md crypt: INFO:2018-03-06 13h00.29 utc:1089: starting key generation ...
md crypt: INFO:2018-03-06 13h00.31 utc:1089: OpenPGP key 'OpenVAS Credential Encryption' has been generated
md main: INFO:2018-03-06 13h00.31 utc:1089: Updating NVT cache.
md main:MESSAGE:2018-03-06 13h03.14 utc:2118: OpenVAS Manager version 7.0.2 (DB revision 184)
# /usr/bin/openvassd -f --unix-socket=/var/run/openvassd.sock
# strace -f openvasmd --rebuild --progress
...
[pid 28708] fcntl(6, F_SETLK, {l_type=F_UNLCK, l_whence=SEEK_SET, l_start=123, l_len=1}) = 0
[pid 28708] close(-1) = -1 EBADF (Bad file descriptor)
[pid 28708] socket(AF_UNIX, SOCK_STREAM, 0) = 14
[pid 28708] connect(14, {sa_family=AF_UNIX, sun_path="/var/run/openvassd.sock"}, 25) = 0
[pid 28708] mmap(NULL, 1052672, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f147a6a1000
[pid 28708] fcntl(14, F_SETFL, O_RDONLY|O_NONBLOCK) = 0
[pid 28708] sendto(14, "< OTP/2.0 >\n", 12, 0, NULL, 0) = 12
[pid 28708] sendto(14, "CLIENT <|> NVT_INFO <|> CLIENT\n", 31, 0, NULL, 0) = 31
[pid 28708] select(15, NULL, [14], NULL, {tv_sec=1, tv_usec=0}) = 1 (out [14], left {tv_sec=0, tv_usec=999998})
[pid 28708] recvfrom(14, 0x7ffc02fb70af, 1, MSG_PEEK, NULL, NULL) = -1 EAGAIN (Resource temporarily unavailable)
[pid 28708] select(15, [14], [], NULL, {tv_sec=1, tv_usec=0}) = 0 (Timeout)
...
[root@openvas ~]# openvasmd --rebuild --progress
Rebuilding NVT cache... failed.
Do you guys have reported this upstream?
Rebuilding NVT cache... failed.
If anyone got any update please let me know.
Thanks in advance.
Today I've take a look at the redis configuration especially the "save" directive mention in upstream, but it was configured correctly and I ensured that the socket was activated. Then I first started redis, sync all nvt, cert and scapdata, started the scanner daemon and rebuild the NVT cache - like thousand times before. But finally it runs without any issue using the same version from above (7.0.3). The only spcial thing I've done this time, was to remove the old 'dump.rdb' from /var/lib/redis before I started the database. Maybe one can check this out.
The Wiki should be updated, to configure/start redis ahead of the scanner.