Is sudo required for the account? My personal account has the ability to do sudo commands but the account I created does not.
> On July 1, 2015 at 10:23 AM Brandon Perry <[email protected]> wrote: > > They are just regular local users added with useradd, no special groups at > all. > > On Wed, Jul 1, 2015 at 9:22 AM, Brian Thompson <[email protected] > <mailto:[email protected]> > wrote: > > > > > > No problem. Hopefully someone else will have other ideas. For your > > local accounts, are they members of any special groups (wheel, root, adm, > > sys, etc)? > > > > > > > > > On July 1, 2015 at 10:17 AM Brandon Perry > > > > > <[email protected] > > > > > <mailto:[email protected]> > wrote: > > > > > > Ah, I misread your original post. Not sure then. :/ > > > > > > On Wed, Jul 1, 2015 at 9:15 AM, Brian Thompson > > > <[email protected] <mailto:[email protected]> > wrote: > > > > > > > > > > > > > > I'm not running the scans as root, I created a user > > > > (openvas) that is a member of root's group. > > > > > > > > > > > > ssh openvas @ localhost > > > > > > > > <banner.......> > > > > > > > > openvas @ localhost's password: <password entered> > > > > > > > > [openvas @ localhost ~]$ rpm -qa > > > > > > > > yum-utils-1.1.30-14.el6.noarch > > > > > > > > <100's more rpm's reported> > > > > > > > > [openvas @ localhost ~]$ > > > > > > > > > > > > > > > > > > > > > On July 1, 2015 at 10:05 AM Brandon Perry > > > > > > > > > <[email protected] > > > > > > > > > <mailto:[email protected]> > > > > > > > > > > wrote: > > > > > > > > > > I actually don't recommend running scans as root > > > > > if you can get away with it. I use local accounts, can you SSH into > > > > > the machine yourself? What happens when you run rpm -qa/dpkg -l if you > > > > > can SSH into the box? > > > > > > > > > > On Wed, Jul 1, 2015 at 9:02 AM, Brian Thompson > > > > > <[email protected] <mailto:[email protected]> > wrote: > > > > > > > > > > > > > > > > > > > > > > Question about account permissions.... > > > > > > > > > > > > > > > > > > I'd like to use a local account for my scans > > > > > > instead of my personal LDAP entry but I can't seem to get the scans > > > > > > to work when I do. If I use my personal credentials (in LDAP with > > > > > > Public/Private key authentication) a scan results in about 200 > > > > > > detections. If I do the same scan but use a local account (useradd > > > > > > --create-home --uid=432 --gid=432 --groups=root openvas) I get only > > > > > > 50 detections. I've confirmed the user/pass I provided for the > > > > > > credential is correct (I was able to ssh to localhost and log in as > > > > > > openvas). So I'm thinking something else is missing? As you can > > > > > > see, I've created the account as a member of root's group. > > > > > > > > > > > > > > > > > > Are there other groups it needs? > > > > > > > > > > > > > > > > > > Is it not "seeing" the user because it's not > > > > > > in LDAP? I'd rather not put the account in LDAP, is there a way to > > > > > > get OpenVAS to recognize a local account? > > > > > > > > > > > > > > > > > > Brian > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > _______________________________________________ > > > > > > Openvas-discuss mailing list > > > > > > [email protected] > > > > > > <mailto:[email protected]> > > > > > > > > > > > > > > > > > > https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > -- > > > > > http://volatile-minds.blogspot.com -- blog > > > > > http://www.volatileminds.net -- website > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > -- > > > http://volatile-minds.blogspot.com -- blog > > > http://www.volatileminds.net -- website > > > > > > > > > > > > > > > > > > > > -- > http://volatile-minds.blogspot.com -- blog > http://www.volatileminds.net -- website >
_______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
