Hello, I'm attempting to install OpenVAS and Greenbone Security
Assistant on Ubuntu 12.04 VM. I got everything to compile, install,
and start, the openvas-check-setup says everything is ok (except the
parts like pdfdeflate that are optional), and I can visit the GSA log
in page. However when I hit log in, the server never responds with
anything, yet keeps the TCP connection open. The rest of this e-mail
outlines how I compiled and installed and start things, and has some
logs. I'd appreciate any advice on the next steps to troubleshoot.
Thanks.
Alan
1. Installation
Update apt packages list (apt-get update)
install dependencies (excluding documentation and some extras):
apt-get -y install cmake make pkg-config libglib2.0-dev libgnutls-dev
libssh-dev libpcap0.8-dev libgpgme11-dev libldap2-dev uuid-dev bison
sqlite3 libsqlite3-dev xsltproc libxslt1-dev
download tarballs for libraries, scanner, manager, administrator, gsa
download source tarball for libmicrohttpd, as the one available in my
repository is 0.4.6 from 2010, and some people have said certain
versions is buggy
untar everything
libmicrohttpd-0.9.21:
./configure; make; make install
openvas-libraries-5.0.1:
I had to modify nasl/CMakeLists.txt to link against libssh.
cmake CMakeLists.txt; make; make install
openvas-scanner-3.3.1:
I had to modify src/CMakeLists.txt to link against libssh.
cmake CMakeLists.txt; make; make install
openvas-manager-3.0.1
I had to modify CMakeLists.txt to remove the -Werror compiler flag so
that sourcecode warnings wouldn't be fatal.
cmake CMakeLists.txt; make; make install
openvas-administrator-1.2.0:
I had to modify CMakeLists.txt to remove the -Werror compiler flag so
that sourcecode warnings wouldn't be fatal.
cmake CMakeLists.txt; make; make install
greenbone-security-assistant-3.0.1:
cmake CMakeLists.txt; make; make install
2. Post-install
openvas-mkcert # make the cert for the scanner, server-side
openvas-mkcert-client -n om -i # make the cert for the manager, client-side
openvasad -c "add_user" -n name -r Admin # add an admin user
openvas-nvt-sync # download the free NVT feed
2a. Get ready to debug
Under /usr/local/etc/openvas/, in gsa_log.conf, openvasad_log.conf,
and openvasmd_log.conf, change all the level= statements to 255.
3. Start-up
openvassd # start the scanner and load all the plug-ins
openvasmd --rebuild # rebuild the manager database
openvasmd # start the manager
openvasad # start the administrator
gsad --http-only --mlisten=127.0.0.1 -m 9390 --alisten=127.0.0.1 -a
9393 -v # start in HTTP mode (port 80, for testing), specify all the
ports explicitly
I can visit the login page on port 80, however when I press log in,
the server gives no response while holding the connection open.
Here is the gsad.log when I log in:
gsad vali: DEBUG:2012-07-28 20h03.39 utc:23525: openvas_validate:
name token value (null)
gsad vali: DEBUG:2012-07-28 20h03.39 utc:23525: openvas_validate:
failed to match, value NULL
gsad vali: DEBUG:2012-07-28 20h03.39 utc:23525: openvas_validate:
name cmd value login
gsad vali: DEBUG:2012-07-28 20h03.39 utc:23525: matching
<^(create_agent)|(create_config)|(create_escalator)|(create_lsc_credential)|(create_note)|(create_override)|(create_port_list)|(create_port_range)|(create_report)|(create_schedule)|(create_slave)|(create_target)|(create_task)|(create_user)|(delete_agent)|(delete_config)|(delete_escalator)|(delete_lsc_credential)|(delete_note)|(delete_override)|(delete_port_list)|(delete_port_range)|(delete_report)|(delete_report_format)|(delete_schedule)|(delete_slave)|(delete_target)|(delete_task)|(delete_trash_agent)|(delete_trash_config)|(delete_trash_escalator)|(delete_trash_lsc_credential)|(delete_trash_port_list)|(delete_trash_report_format)|(delete_trash_schedule)|(delete_trash_slave)|(delete_trash_target)|(delete_trash_task)|(delete_user)|(edit_config)|(edit_config_family)|(edit_config_nvt)|(edit_lsc_credential)|(edit_my_settings)|(edit_note)|(edit_override)|(edit_report_format)|(edit_settings)|(edit_task)|(edit_user)|(empty_trashcan)|(escalate_report)|(export_config)|(export_lsc_credential)|
(export_note)|(export_override)|(export_port_list)|(export_preference_file)|(export_report_format)|(get_agent)|(get_agents)|(get_config)|(get_config_family)|(get_config_nvt)|(get_configs)|(get_feed)|(get_escalator)|(get_escalators)|(get_info)|(get_lsc_credential)|(get_lsc_credentials)|(get_my_settings)|(get_note)|(get_notes)|(get_nvts)|(get_override)|(get_overrides)|(get_port_list)|(get_port_lists)|(get_report)|(get_report_format)|(get_report_formats)|(get_result)|(get_settings)|(get_schedule)|(get_schedules)|(get_slave)|(get_slaves)|(get_system_reports)|(get_target)|(get_targets)|(get_tasks)|(get_trash)|(get_user)|(get_users)|(import_config)|(import_port_list)|(import_report_format)|(login)|(modify_auth)|(new_note)|(new_override)|(new_task)|(pause_task)|(restore)|(resume_paused_task)|(resume_stopped_task)|(test_escalator)|(save_config)|(save_config_family)|(save_config_nvt)|(save_container_task)|(save_lsc_credential)|(save_my_settings)|(save_note)|(save_override)|(save_report_forma
t)|(save_settings)|(save_task)|(save_user)|(start_task)|(stop_task)|(sync_feed)|(verify_agent)|(verify_report_format)$>
against <login>:
gsad vali: DEBUG:2012-07-28 20h03.39 utc:23525: openvas_validate: matched
gsad vali: DEBUG:2012-07-28 20h03.39 utc:23525: openvas_validate:
name text value /omp?cmd=get_tasks&overrides=1
gsad vali: DEBUG:2012-07-28 20h03.39 utc:23525: matching <^.{0,1000}>
against </omp?cmd=get_tasks&overrides=1>:
gsad vali: DEBUG:2012-07-28 20h03.39 utc:23525: openvas_validate: matched
gsad vali: DEBUG:2012-07-28 20h03.39 utc:23525: openvas_validate:
name password value password
gsad vali: DEBUG:2012-07-28 20h03.39 utc:23525: matching <^.{0,40}$>
against <password>:
gsad vali: DEBUG:2012-07-28 20h03.39 utc:23525: openvas_validate: matched
gsad vali: DEBUG:2012-07-28 20h03.39 utc:23525: openvas_validate:
name login value username
gsad vali: DEBUG:2012-07-28 20h03.39 utc:23525: matching
<^[[:alnum:]-_@.]+$> against <username>:
gsad vali: DEBUG:2012-07-28 20h03.39 utc:23525: openvas_validate: matched
lib serv: DEBUG:2012-07-28 20h03.39 utc:23525: Connected to server.
lib serv: DEBUG:2012-07-28 20h03.39 utc:23525: Shook hands with server.
lib serv: DEBUG:2012-07-28 20h03.39 utc:23525: send 114 from
<authenticate><credentials><us[...]
lib serv: DEBUG:2012-07-28 20h03.39 utc:23525: =>
<authenticate><credentials><username>username</username><password>password</password></credentials></authenticate>
lib serv: DEBUG:2012-07-28 20h03.39 utc:23525: => done
lib xml:MESSAGE:2012-07-28 20h03.39 utc:23525: asking for 1048576
And this is what happened 15 minutes later when I closed the browser.
lib xml:MESSAGE:2012-07-28 20h18.39 utc:23525: Error: Error on
line 1 char 1: Document was empty or contained only whitespace
lib xml:MESSAGE:2012-07-28 20h18.39 utc:23525: End error: Error
on line 1 char 1: Document was empty or contained only whitespace
gsad base: DEBUG:2012-07-28 20h18.39 utc:23525: text to transform:
[<login_page><message>Login failed.</message><token></token><time>Sat
Jul 28 20:18:39 2012 utc</time></login_page>]
gsad base: DEBUG:2012-07-28 20h18.39 utc:23525: xsl_transform:
Spawning in parent dir: xsltproc gsad.xsl
/tmp/gsa_xsl_transform_VGvT8t
And here is the openvasmd.log:
[before the connection, at start-up]
lib auth:WARNING:2012-07-28 19h57.49 utc:23716: Authentication
configuration could not be loaded.
[during the connection attempt]
lib serv: DEBUG:2012-07-28 20h03.39 utc:23862: Shook hands with peer.
lib serv: DEBUG:2012-07-28 20h03.39 utc:23862: Connected to
server on socket 6.
And finally, openvasad.log:
lib auth:WARNING:2012-07-28 19h53.47 UTC:23520: Authentication
configuration could not be loaded.
_______________________________________________
Openvas-discuss mailing list
[email protected]
http://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
