Ok, some idea’s to help further trouble shooting:
· Can you verify that /tmp/redis.sock is actually really there? (ls the /tmp folder). · Try starting a scan after manually starting openvassd with --f (foreground) and see what it does/says · Start openvassd with strace and follow childs (strace –f /usr/sbin/openvassd) to see what happens Thijs Stuurman Security Operations Center | KPN Internedservices [email protected]<mailto:[email protected]> | [email protected]<mailto:[email protected]> T: +31(0)299476185 | M: +31(0)624366778 PGP Key-ID: 0x16ADC048 (https://pgp.surfnet.nl/) Fingerprint: 2EDB 9B42 D6E8 7D4B 6E02 8BE5 6D46 8007 16AD C048 W: https://www.internedservices.nl<https://www.internedservices.nl/> | L: http://nl.linkedin.com/in/thijsstuurman Van: Dan Beal [mailto:[email protected]] Verzonden: maandag 12 juni 2017 16:28 Aan: Thijs Stuurman <[email protected]>; Eero Volotinen <[email protected]> CC: [email protected] Onderwerp: RE: [Openvas-discuss] OpenVAS not scanning when check setup appears to be OK tried remaking of certs – the install is about 3 weeks old, had this issue, we reinstalled because we couldn’t fix it, since we are back at this stage, we need to find the root cause. Restart of the service still fails, scan still fails. Service status – service seems to keep trying to start and failing: [root@openvasva ~]# systemctl status openvas-scanner.service ● openvas-scanner.service - OpenVAS Scanner Loaded: loaded (/usr/lib/systemd/system/openvas-scanner.service; enabled; vendor preset: disabled) Active: activating (start) since Mon 2017-06-12 09:56:41 EDT; 1min 26s ago Control: 11191 (openvassd) CGroup: /system.slice/openvas-scanner.service └─11191 /usr/sbin/openvassd Journalctl content: Jun 12 09:16:38 openvasva.silasg.com systemd[1]: Starting OpenVAS Scanner... Jun 12 09:36:38 openvasva.silasg.com systemd[1]: openvas-scanner.service start operation timed out. Terminating. Jun 12 09:36:38 openvasva.silasg.com systemd[1]: Failed to start OpenVAS Scanner. Jun 12 09:36:38 openvasva.silasg.com systemd[1]: Unit openvas-scanner.service entered failed state. Jun 12 09:36:38 openvasva.silasg.com systemd[1]: openvas-scanner.service failed. Jun 12 09:36:39 openvasva.silasg.com systemd[1]: openvas-scanner.service holdoff time over, scheduling restart. Jun 12 09:36:39 openvasva.silasg.com systemd[1]: Starting OpenVAS Scanner... Jun 12 09:56:40 openvasva.silasg.com systemd[1]: openvas-scanner.service start operation timed out. Terminating. Jun 12 09:56:40 openvasva.silasg.com systemd[1]: Failed to start OpenVAS Scanner. Jun 12 09:56:40 openvasva.silasg.com systemd[1]: Unit openvas-scanner.service entered failed state. Jun 12 09:56:40 openvasva.silasg.com systemd[1]: openvas-scanner.service failed. Jun 12 09:56:41 openvasva.silasg.com systemd[1]: openvas-scanner.service holdoff time over, scheduling restart. Jun 12 09:56:41 openvasva.silasg.com systemd[1]: Starting OpenVAS Scanner... Not sure if Redis log entries mean anything to this, it doesn’t seem so: 1050:M 12 Jun 06:58:45.205 # WARNING: The TCP backlog setting of 511 cannot be enforced because /proc/sys/net/core/somaxconn is set to the lower value of 128. 1050:M 12 Jun 06:58:45.205 # Server started, Redis version 3.0.7 1050:M 12 Jun 06:58:45.205 # WARNING overcommit_memory is set to 0! Background save may fail under low memory condition. To fix this issue add 'vm.overcommit_memory = 1' to /etc/sysctl.conf and then reboot or run the command 'sysctl vm.overcommit_memory=1' for this to take effect. 1050:M 12 Jun 06:58:45.206 # WARNING you have Transparent Huge Pages (THP) support enabled in your kernel. This will create latency and memory usage issues with Redis. To fix this issue run the command 'echo never > /sys/kernel/mm/transparent_hugepage/enabled' as root, and add it to your /etc/rc.local in order to retain the setting after a reboot. Redis must be restarted after THP is disabled. 1050:M 12 Jun 06:58:47.006 * DB loaded from disk: 1.800 seconds 1050:M 12 Jun 06:58:47.006 * The server is now ready to accept connections on port 6379 1050:M 12 Jun 06:58:47.006 * The server is now ready to accept connections at /tmp/redis.sock Further troubleshooting, when restarting the scanner service, I updated and rebuilt the NVT cache again to try to solve the problem, I got the below: [root@openvasva ~]# openvasmd --update [root@openvasva ~]# openvasmd --rebuild [root@openvasva ~]# service openvas-scanner restart Redirecting to /bin/systemctl restart openvas-scanner.service Job for openvas-scanner.service failed because a timeout was exceeded. See "systemctl status openvas-scanner.service" and "journalctl -xe" for details. Openvasmd.log: md main:MESSAGE:2017-06-12 12h21.07 utc:7137: OpenVAS Manager version 7.0.1 (DB revision 184) md main: INFO:2017-06-12 12h21.07 utc:7137: rebuild_nvt_cache_retry: Reloading NVT cache md main: INFO:2017-06-12 12h21.07 utc:7138: update_or_rebuild_nvt_cache: Rebuilding NVT cache base gpgme:MESSAGE:2017-06-12 12h21.07 utc:7138: Setting GnuPG dir to '/var/lib/openvas/openvasmd/gnupg' base gpgme:MESSAGE:2017-06-12 12h21.07 utc:7138: Using OpenPGP engine version '2.0.22' md main: INFO:2017-06-12 12h21.08 utc:7138: Updating NVT cache. md main:WARNING:2017-06-12 12h38.51 utc:7138: openvas_scanner_read: Failed to read from scanner: Connection reset by peer nothing new in other logs. Dan Beal SILA M: 571.439.9230
_______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
