Re: [Openvas-discuss] openvasad fails to start
*wow* you are right can we call this a bug? :-) [root@openvas:~]$ ls /var/lib/openvas/mgr/tasks.db ls: Zugriff auf /var/lib/openvas/mgr/tasks.db nicht möglich: Datei oder Verzeichnis nicht gefunden [root@openvas:~]$ touch /var/lib/openvas/mgr/tasks.db [root@openvas:~]$ openvasmd -vv --rebuild [root@openvas:~]$ openvas-check-setup --server openvas-check-setup 2.1.3 Test completeness and readiness of OpenVAS-4 Please report us any non-detected problems and help us to improve this check routine: http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss Send us the log-file (/tmp/openvas-check-setup.log) to help analyze the problem. Step 1: Checking OpenVAS Scanner ... OK: OpenVAS Scanner is present in version 3.2.3. OK: OpenVAS Scanner CA Certificate is present as /etc/pki/openvas/CA/cacert.pem. OK: NVT collection in /var/lib/openvas/plugins contains 23988 NVTs. WARNING: Signature checking of NVTs is not enabled in OpenVAS Scanner. SUGGEST: Enable signature checking (see http://www.openvas.org/trusted-nvts.html). Step 2: Checking OpenVAS Manager ... OK: OpenVAS Manager is present in version 2.0.3. OK: OpenVAS Manager client certificate is present as /etc/pki/openvas/CA/clientcert.pem. OK: OpenVAS Manager database found in /var/lib/openvas/mgr/tasks.db. OK: Access rights for the OpenVAS Manager database are correct. OK: sqlite3 found, extended checks of the OpenVAS Manager installation enabled. OK: OpenVAS Manager database is at revision 41. OK: OpenVAS Manager expects database at revision 41. OK: Database schema is up to date. OK: OpenVAS Manager database contains information about 23988 NVTs. OK: xsltproc found. Am 19.12.2011 07:05, schrieb Felix Wolfsteller: Is it possible that the db file (of which permissions are to be changed) does not exist? Try a `ls /var/lib/openvas/mgr/tasks.db` to find out. `touch /var/lib/openvas/mgr/tasks.db` to create it (do not care about permissions, as openvasmd will attempt to fix them anyway). Hth, felix On Sunday 18 December 2011 20:25:00 Reindl Harald wrote: not really, it throws also SIGABRT below full strace output --- {si_signo=SIGABRT, si_code=SI_TKILL, si_pid=16607, si_uid=0, si_value={int=256720728, ptr=0x88000f4d3f58}} (Aborted) --- +++ killed by SIGABRT +++ Abgebrochen [root@openvas:/var/log/openvas]$ openvasmd -vv --rebuild Abgebrochen __ [root@openvas:/var/log/openvas]$ strace openvasmd -vv --rebuild execve(/usr/sbin/openvasmd, [openvasmd, -vv, --rebuild], [/* 23 vars */]) = 0 brk(0) = 0x591b000 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7dfc769000 access(/etc/ld.so.preload, R_OK) = -1 ENOENT (No such file or directory) open(/etc/ld.so.cache, O_RDONLY) = 3 fstat(3, {st_mode=S_IFREG|0644, st_size=17728, ...}) = 0 mmap(NULL, 17728, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f7dfc764000 close(3)= 0 open(/usr/lib64/libsqlite3.so.0, O_RDONLY) = 3 read(3, \177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0\0\1\0\0\0\260\225\0\0\0\0\0\0..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=629264, ...}) = 0 mmap(NULL, 2725864, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f7dfc2b2000 mprotect(0x7f7dfc348000, 2097152, PROT_NONE) = 0 mmap(0x7f7dfc548000, 16384, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x96000) = 0x7f7dfc548000 close(3) = 0 open(/usr/lib64/libgnutls.so.26, O_RDONLY) = 3 read(3, \177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0\0\1\0\0\0\20h\1\0\0\0\0\0..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=673520, ...}) = 0 mmap(NULL, 2768744, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f7dfc00e000 mprotect(0x7f7dfc0ac000, 2093056, PROT_NONE) = 0 mmap(0x7f7dfc2ab000, 28672, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x9d000) = 0x7f7dfc2ab000 close(3) = 0 open(/lib64/libuuid.so.1, O_RDONLY) = 3 read(3, \177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0\0\1\0\0\0\360\24\0\0\0\0\0\0..., 832) = 832 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7dfc763000 fstat(3, {st_mode=S_IFREG|0755, st_size=15744, ...}) = 0 mmap(NULL, 2110712, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f7dfbe0a000 mprotect(0x7f7dfbe0e000, 2093056, PROT_NONE) = 0 mmap(0x7f7dfc00d000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x3000) = 0x7f7dfc00d000 close(3) = 0 open(/lib64/libglib-2.0.so.0, O_RDONLY) = 3 read(3, \177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0\0\1\0\0\0\320l\1\0\0\0\0\0..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=1141936, ...}) = 0 mmap(NULL, 3237848, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) =
Re: [Openvas-discuss] openvasad fails to start
Do you have your certs generated? Do servercert.pem and serverkey.pem exist? On Sun, Dec 18, 2011 at 12:27 PM, Reindl Harald h.rei...@thelounge.net wrote: is this because openvasmd --rebuild +++ killed by SIGABRT +++ or why does openvasad refuse to start? i had to build the rpm by myself because Fedora is missing openvas-administrator as also greenbone-security-assistant which i built the same way as rpm and created a systemd-unit without configuration-files slowly i become a little bit frustrated about get openVAS running with a working webinterface :-( [root@openvas:/var/log/openvas]$ cat /etc/systemd/system/openvas-administrator.service [Unit] Description=OpenVAS Administrator After=network.target openvas-manager.service openvas-scanner.service Before=greenbone-security-assistant.service [Service] Type=forking ExecStart=/usr/sbin/openvasad --listen=127.0.0.1 --port=9393 --users-dir=/var/lib/openvas/users --scanner-config-file=/etc/openvas/openvassd.conf --sync-script=/usr/sbin/openvas-nvt-sync Restart=always RestartSec=1 [Install] WantedBy=multi-user.target [root@openvas:/var/log/openvas]$ cat openvasad.log lib auth:WARNING:2011-12-18 18h56.45 CET:28694: Authentication configuration could not be loaded. lib serv:WARNING:2011-12-18 18h56.45 CET:28696: openvas_server_new: failed to set credentials key file lib serv:WARNING:2011-12-18 18h56.45 CET:28696: openvas_server_new: cert file: /var/lib/openvas/CA/servercert.pem lib serv:WARNING:2011-12-18 18h56.45 CET:28696: openvas_server_new: key file : /var/lib/openvas/private/CA/serverkey.pem ad main:CRITICAL:2011-12-18 18h56.45 CET:28696: main: client server initialisation failed ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss -- http://volatile-minds.blogspot.com -- blog http://www.volatileminds.net -- website ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] openvasad fails to start
thank you, after symlink my pem-file for greenbone-security-assistant.service three times it starts: * /var/lib/openvas/CA/servercert.pem * /var/lib/openvas/private/CA/serverkey.pem * /var/lib/openvas/CA/cacert.pem now are running greenbone-security-assistant.service and openvas-administrator.service but login is not possible because i get this **ed openvasmd not finished and the gsad references to it :-( ___ Step 2: Checking OpenVAS Manager ... OK: OpenVAS Manager is present in version 2.0.3. OK: OpenVAS Manager client certificate is present as /etc/pki/openvas/CA/clientcert.pem. ERROR: No OpenVAS Manager database found. (Tried: /var/lib/openvas/mgr/tasks.db) FIX: Run 'openvasmd --rebuild' while OpenVAS Scanner is running. openvasmd --rebuild +++ killed by SIGABRT +++ [root@openvas:/var/log/openvas]$ cat openvasmd.log md main:WARNING:2011-12-18 14h21.48 utc:2825: init_manage_process: database permissions are too loose, repairing md main:WARNING:2011-12-18 14h21.48 utc:2825: init_manage_process: chmod failed: No such file or directory [root@openvas:~]$ systemctl status openvas-manager.service openvas-manager.service - LSB: start|stop|status|restart|condrestart OpenVAS Manager Loaded: loaded (/etc/rc.d/init.d/openvas-manager) Active: active (exited) since Sun, 18 Dec 2011 14:26:39 +0100; 59min ago Process: 3012 ExecStart=/etc/rc.d/init.d/openvas-manager start (code=exited, status=6/NOTCONFIGURED) CGroup: name=systemd:/system/openvas-manager.service ___ [root@openvas:/var/log/openvas]$ cat /etc/systemd/system/greenbone-security-assistant.service [Unit] Description=Greenbone Security Assistant After=network.target openvas-manager.service openvas-scanner.service [Service] Type=forking ExecStart=/usr/sbin/gsad --listen=10.0.0.107 --port=443 --ssl-private-key=/etc/openvas/openvas.thelounge.net.pem --ssl-certificate=/etc/openvas/openvas.thelounge.net.pem --alisten=127.0.0.1 --aport=9393 --mlisten=127.0.0.1 --mport=9390 Restart=always RestartSec=1 [Install] WantedBy=multi-user.target Am 18.12.2011 19:30, schrieb Brandon Perry: Do you have your certs generated? Do servercert.pem and serverkey.pem exist? On Sun, Dec 18, 2011 at 12:27 PM, Reindl Harald h.rei...@thelounge.net wrote: is this because openvasmd --rebuild +++ killed by SIGABRT +++ or why does openvasad refuse to start? i had to build the rpm by myself because Fedora is missing openvas-administrator as also greenbone-security-assistant which i built the same way as rpm and created a systemd-unit without configuration-files slowly i become a little bit frustrated about get openVAS running with a working webinterface :-( [root@openvas:/var/log/openvas]$ cat /etc/systemd/system/openvas-administrator.service [Unit] Description=OpenVAS Administrator After=network.target openvas-manager.service openvas-scanner.service Before=greenbone-security-assistant.service [Service] Type=forking ExecStart=/usr/sbin/openvasad --listen=127.0.0.1 --port=9393 --users-dir=/var/lib/openvas/users --scanner-config-file=/etc/openvas/openvassd.conf --sync-script=/usr/sbin/openvas-nvt-sync Restart=always RestartSec=1 [Install] WantedBy=multi-user.target [root@openvas:/var/log/openvas]$ cat openvasad.log lib auth:WARNING:2011-12-18 18h56.45 CET:28694: Authentication configuration could not be loaded. lib serv:WARNING:2011-12-18 18h56.45 CET:28696: openvas_server_new: failed to set credentials key file lib serv:WARNING:2011-12-18 18h56.45 CET:28696: openvas_server_new: cert file: /var/lib/openvas/CA/servercert.pem lib serv:WARNING:2011-12-18 18h56.45 CET:28696: openvas_server_new: key file : /var/lib/openvas/private/CA/serverkey.pem ad main:CRITICAL:2011-12-18 18h56.45 CET:28696: main: client server initialisation failed ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss -- Mit besten Grüßen, Reindl Harald the lounge interactive design GmbH A-1060 Vienna, Hofmühlgasse 17 CTO / software-development / cms-solutions p: +43 (1) 595 3999 33, m: +43 (676) 40 221 40 icq: 154546673, http://www.thelounge.net/ http://www.thelounge.net/signature.asc.what.htm signature.asc Description: OpenPGP digital signature ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
Re: [Openvas-discuss] openvasad fails to start
Everything your error messages are saying leads to not being fully configured. Make sure you have created the necessary users and certs. http://www.openvas.org/install-packages.html#openvas4_ubuntu_obs These instructions are for ubuntu, but go through the whole setup process. Use the equivalent commands for your RHEL setup. On Sun, Dec 18, 2011 at 12:53 PM, Reindl Harald h.rei...@thelounge.net wrote: thank you, after symlink my pem-file for greenbone-security-assistant.service three times it starts: * /var/lib/openvas/CA/servercert.pem * /var/lib/openvas/private/CA/serverkey.pem * /var/lib/openvas/CA/cacert.pem now are running greenbone-security-assistant.service and openvas-administrator.service but login is not possible because i get this **ed openvasmd not finished and the gsad references to it :-( ___ Step 2: Checking OpenVAS Manager ... OK: OpenVAS Manager is present in version 2.0.3. OK: OpenVAS Manager client certificate is present as /etc/pki/openvas/CA/clientcert.pem. ERROR: No OpenVAS Manager database found. (Tried: /var/lib/openvas/mgr/tasks.db) FIX: Run 'openvasmd --rebuild' while OpenVAS Scanner is running. openvasmd --rebuild +++ killed by SIGABRT +++ [root@openvas:/var/log/openvas]$ cat openvasmd.log md main:WARNING:2011-12-18 14h21.48 utc:2825: init_manage_process: database permissions are too loose, repairing md main:WARNING:2011-12-18 14h21.48 utc:2825: init_manage_process: chmod failed: No such file or directory [root@openvas:~]$ systemctl status openvas-manager.service openvas-manager.service - LSB: start|stop|status|restart|condrestart OpenVAS Manager Loaded: loaded (/etc/rc.d/init.d/openvas-manager) Active: active (exited) since Sun, 18 Dec 2011 14:26:39 +0100; 59min ago Process: 3012 ExecStart=/etc/rc.d/init.d/openvas-manager start (code=exited, status=6/NOTCONFIGURED) CGroup: name=systemd:/system/openvas-manager.service ___ [root@openvas:/var/log/openvas]$ cat /etc/systemd/system/greenbone-security-assistant.service [Unit] Description=Greenbone Security Assistant After=network.target openvas-manager.service openvas-scanner.service [Service] Type=forking ExecStart=/usr/sbin/gsad --listen=10.0.0.107 --port=443 --ssl-private-key=/etc/openvas/openvas.thelounge.net.pem --ssl-certificate=/etc/openvas/openvas.thelounge.net.pem --alisten=127.0.0.1 --aport=9393 --mlisten=127.0.0.1 --mport=9390 Restart=always RestartSec=1 [Install] WantedBy=multi-user.target Am 18.12.2011 19:30, schrieb Brandon Perry: Do you have your certs generated? Do servercert.pem and serverkey.pem exist? On Sun, Dec 18, 2011 at 12:27 PM, Reindl Harald h.rei...@thelounge.net wrote: is this because openvasmd --rebuild +++ killed by SIGABRT +++ or why does openvasad refuse to start? i had to build the rpm by myself because Fedora is missing openvas-administrator as also greenbone-security-assistant which i built the same way as rpm and created a systemd-unit without configuration-files slowly i become a little bit frustrated about get openVAS running with a working webinterface :-( [root@openvas:/var/log/openvas]$ cat /etc/systemd/system/openvas-administrator.service [Unit] Description=OpenVAS Administrator After=network.target openvas-manager.service openvas-scanner.service Before=greenbone-security-assistant.service [Service] Type=forking ExecStart=/usr/sbin/openvasad --listen=127.0.0.1 --port=9393 --users-dir=/var/lib/openvas/users --scanner-config-file=/etc/openvas/openvassd.conf --sync-script=/usr/sbin/openvas-nvt-sync Restart=always RestartSec=1 [Install] WantedBy=multi-user.target [root@openvas:/var/log/openvas]$ cat openvasad.log lib auth:WARNING:2011-12-18 18h56.45 CET:28694: Authentication configuration could not be loaded. lib serv:WARNING:2011-12-18 18h56.45 CET:28696: openvas_server_new: failed to set credentials key file lib serv:WARNING:2011-12-18 18h56.45 CET:28696: openvas_server_new: cert file: /var/lib/openvas/CA/servercert.pem lib serv:WARNING:2011-12-18 18h56.45 CET:28696: openvas_server_new: key file : /var/lib/openvas/private/CA/serverkey.pem ad main:CRITICAL:2011-12-18 18h56.45 CET:28696: main: client server initialisation failed ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss -- Mit besten Grüßen, Reindl Harald the lounge interactive design GmbH A-1060 Vienna, Hofmühlgasse 17 CTO / software-development / cms-solutions p: +43 (1) 595 3999 33, m: +43 (676) 40 221 40 icq: 154546673, http://www.thelounge.net/ http://www.thelounge.net/signature.asc.what.htm ___ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org
Re: [Openvas-discuss] openvasad fails to start
i have called openvas-mkcert and openvas-mkcert-client and can even login with openvas-client and key authentication followed this (incomplete) instructions: http://kernelreloaded.blog385.com/index.php/archives/volunerability-scanning-with-fedora-openvas/ downloaded openvas-check-setup which was not contained in the packages and i get FIX: Run 'openvasmd --rebuild' while OpenVAS Scanner is running. well, it is running, see below BUT: [root@openvas:/var/log/openvas]$ openvasmd --rebuild Abgebrochen root 2532 0.0 9.6 115536 61496 ?Ss 15:06 0:00 openvassd: waiting for incoming connections root 3052 0.1 10.6 121080 67276 ?Ss 15:36 0:21 openvassd: serving 10.0.0.241 root 3107 0.5 14.9 152512 94976 ?Ss 15:40 1:26 openvassd: serving 10.0.0.241 root 16476 0.0 0.5 83128 3660 ?S19:45 0:00 /usr/sbin/openvasad --listen=127.0.0.1 --port=9393 --users-dir=/var/lib/openvas/users --scanner-config-file=/etc/openvas/openvassd.conf --sync-script=/usr/sbin/openvas-nvt-sync root 16520 0.0 0.3 434248 2408 ?Sl 19:46 0:00 /usr/sbin/gsad --listen=10.0.0.107 --port=443 --ssl-private-key=/etc/openvas/openvas.thelounge.net.pem --ssl-certificate=/etc/openvas/openvas.thelounge.net.pem --alisten=127.0.0.1 --aport=9393 --mlisten=127.0.0.1 --mport=9390 root 16595 0.0 0.1 60 892 pts/0S+ 20:16 0:00 grep --color vas Am 18.12.2011 20:09, schrieb Brandon Perry: Everything your error messages are saying leads to not being fully configured. Make sure you have created the necessary users and certs. http://www.openvas.org/install-packages.html#openvas4_ubuntu_obs These instructions are for ubuntu, but go through the whole setup process. Use the equivalent commands for your RHEL setup. On Sun, Dec 18, 2011 at 12:53 PM, Reindl Harald h.rei...@thelounge.net wrote: thank you, after symlink my pem-file for greenbone-security-assistant.service three times it starts: * /var/lib/openvas/CA/servercert.pem * /var/lib/openvas/private/CA/serverkey.pem * /var/lib/openvas/CA/cacert.pem now are running greenbone-security-assistant.service and openvas-administrator.service but login is not possible because i get this **ed openvasmd not finished and the gsad references to it :-( ___ Step 2: Checking OpenVAS Manager ... OK: OpenVAS Manager is present in version 2.0.3. OK: OpenVAS Manager client certificate is present as /etc/pki/openvas/CA/clientcert.pem. ERROR: No OpenVAS Manager database found. (Tried: /var/lib/openvas/mgr/tasks.db) FIX: Run 'openvasmd --rebuild' while OpenVAS Scanner is running. openvasmd --rebuild +++ killed by SIGABRT +++ [root@openvas:/var/log/openvas]$ cat openvasmd.log md main:WARNING:2011-12-18 14h21.48 utc:2825: init_manage_process: database permissions are too loose, repairing md main:WARNING:2011-12-18 14h21.48 utc:2825: init_manage_process: chmod failed: No such file or directory [root@openvas:~]$ systemctl status openvas-manager.service openvas-manager.service - LSB: start|stop|status|restart|condrestart OpenVAS Manager Loaded: loaded (/etc/rc.d/init.d/openvas-manager) Active: active (exited) since Sun, 18 Dec 2011 14:26:39 +0100; 59min ago Process: 3012 ExecStart=/etc/rc.d/init.d/openvas-manager start (code=exited, status=6/NOTCONFIGURED) CGroup: name=systemd:/system/openvas-manager.service ___ [root@openvas:/var/log/openvas]$ cat /etc/systemd/system/greenbone-security-assistant.service [Unit] Description=Greenbone Security Assistant After=network.target openvas-manager.service openvas-scanner.service [Service] Type=forking ExecStart=/usr/sbin/gsad --listen=10.0.0.107 --port=443 --ssl-private-key=/etc/openvas/openvas.thelounge.net.pem --ssl-certificate=/etc/openvas/openvas.thelounge.net.pem --alisten=127.0.0.1 --aport=9393 --mlisten=127.0.0.1 --mport=9390 Restart=always RestartSec=1 [Install] WantedBy=multi-user.target Am 18.12.2011 19:30, schrieb Brandon Perry: Do you have your certs generated? Do servercert.pem and serverkey.pem exist? On Sun, Dec 18, 2011 at 12:27 PM, Reindl Harald h.rei...@thelounge.net wrote: is this because openvasmd --rebuild +++ killed by SIGABRT +++ or why does openvasad refuse to start? i had to build the rpm by myself because Fedora is missing openvas-administrator as also greenbone-security-assistant which i built the same way as rpm and created a systemd-unit without configuration-files slowly i become a little bit frustrated about get openVAS running with a working webinterface :-( [root@openvas:/var/log/openvas]$ cat /etc/systemd/system/openvas-administrator.service [Unit] Description=OpenVAS Administrator After=network.target openvas-manager.service openvas-scanner.service Before=greenbone-security-assistant.service [Service] Type=forking
Re: [Openvas-discuss] openvasad fails to start
run openvasmd -vv --rebuild. This will spit out more info in openvasmd.log. On Sun, Dec 18, 2011 at 1:16 PM, Reindl Harald h.rei...@thelounge.net wrote: i have called openvas-mkcert and openvas-mkcert-client and can even login with openvas-client and key authentication followed this (incomplete) instructions: http://kernelreloaded.blog385.com/index.php/archives/volunerability-scanning-with-fedora-openvas/ downloaded openvas-check-setup which was not contained in the packages and i get FIX: Run 'openvasmd --rebuild' while OpenVAS Scanner is running. well, it is running, see below BUT: [root@openvas:/var/log/openvas]$ openvasmd --rebuild Abgebrochen root 2532 0.0 9.6 115536 61496 ? Ss 15:06 0:00 openvassd: waiting for incoming connections root 3052 0.1 10.6 121080 67276 ? Ss 15:36 0:21 openvassd: serving 10.0.0.241 root 3107 0.5 14.9 152512 94976 ? Ss 15:40 1:26 openvassd: serving 10.0.0.241 root 16476 0.0 0.5 83128 3660 ? S 19:45 0:00 /usr/sbin/openvasad --listen=127.0.0.1 --port=9393 --users-dir=/var/lib/openvas/users --scanner-config-file=/etc/openvas/openvassd.conf --sync-script=/usr/sbin/openvas-nvt-sync root 16520 0.0 0.3 434248 2408 ? Sl 19:46 0:00 /usr/sbin/gsad --listen=10.0.0.107 --port=443 --ssl-private-key=/etc/openvas/openvas.thelounge.net.pem --ssl-certificate=/etc/openvas/openvas.thelounge.net.pem --alisten=127.0.0.1 --aport=9393 --mlisten=127.0.0.1 --mport=9390 root 16595 0.0 0.1 60 892 pts/0 S+ 20:16 0:00 grep --color vas Am 18.12.2011 20:09, schrieb Brandon Perry: Everything your error messages are saying leads to not being fully configured. Make sure you have created the necessary users and certs. http://www.openvas.org/install-packages.html#openvas4_ubuntu_obs These instructions are for ubuntu, but go through the whole setup process. Use the equivalent commands for your RHEL setup. On Sun, Dec 18, 2011 at 12:53 PM, Reindl Harald h.rei...@thelounge.net wrote: thank you, after symlink my pem-file for greenbone-security-assistant.service three times it starts: * /var/lib/openvas/CA/servercert.pem * /var/lib/openvas/private/CA/serverkey.pem * /var/lib/openvas/CA/cacert.pem now are running greenbone-security-assistant.service and openvas-administrator.service but login is not possible because i get this **ed openvasmd not finished and the gsad references to it :-( ___ Step 2: Checking OpenVAS Manager ... OK: OpenVAS Manager is present in version 2.0.3. OK: OpenVAS Manager client certificate is present as /etc/pki/openvas/CA/clientcert.pem. ERROR: No OpenVAS Manager database found. (Tried: /var/lib/openvas/mgr/tasks.db) FIX: Run 'openvasmd --rebuild' while OpenVAS Scanner is running. openvasmd --rebuild +++ killed by SIGABRT +++ [root@openvas:/var/log/openvas]$ cat openvasmd.log md main:WARNING:2011-12-18 14h21.48 utc:2825: init_manage_process: database permissions are too loose, repairing md main:WARNING:2011-12-18 14h21.48 utc:2825: init_manage_process: chmod failed: No such file or directory [root@openvas:~]$ systemctl status openvas-manager.service openvas-manager.service - LSB: start|stop|status|restart|condrestart OpenVAS Manager Loaded: loaded (/etc/rc.d/init.d/openvas-manager) Active: active (exited) since Sun, 18 Dec 2011 14:26:39 +0100; 59min ago Process: 3012 ExecStart=/etc/rc.d/init.d/openvas-manager start (code=exited, status=6/NOTCONFIGURED) CGroup: name=systemd:/system/openvas-manager.service ___ [root@openvas:/var/log/openvas]$ cat /etc/systemd/system/greenbone-security-assistant.service [Unit] Description=Greenbone Security Assistant After=network.target openvas-manager.service openvas-scanner.service [Service] Type=forking ExecStart=/usr/sbin/gsad --listen=10.0.0.107 --port=443 --ssl-private-key=/etc/openvas/openvas.thelounge.net.pem --ssl-certificate=/etc/openvas/openvas.thelounge.net.pem --alisten=127.0.0.1 --aport=9393 --mlisten=127.0.0.1 --mport=9390 Restart=always RestartSec=1 [Install] WantedBy=multi-user.target Am 18.12.2011 19:30, schrieb Brandon Perry: Do you have your certs generated? Do servercert.pem and serverkey.pem exist? On Sun, Dec 18, 2011 at 12:27 PM, Reindl Harald h.rei...@thelounge.net wrote: is this because openvasmd --rebuild +++ killed by SIGABRT +++ or why does openvasad refuse to start? i had to build the rpm by myself because Fedora is missing openvas-administrator as also greenbone-security-assistant which i built the same way as rpm and created a systemd-unit without configuration-files slowly i become a little bit frustrated about get openVAS running with a working webinterface :-( [root@openvas:/var/log/openvas]$ cat /etc/systemd/system/openvas-administrator.service [Unit]
Re: [Openvas-discuss] openvasad fails to start
not really, it throws also SIGABRT below full strace output --- {si_signo=SIGABRT, si_code=SI_TKILL, si_pid=16607, si_uid=0, si_value={int=256720728, ptr=0x88000f4d3f58}} (Aborted) --- +++ killed by SIGABRT +++ Abgebrochen [root@openvas:/var/log/openvas]$ openvasmd -vv --rebuild Abgebrochen __ [root@openvas:/var/log/openvas]$ strace openvasmd -vv --rebuild execve(/usr/sbin/openvasmd, [openvasmd, -vv, --rebuild], [/* 23 vars */]) = 0 brk(0) = 0x591b000 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7dfc769000 access(/etc/ld.so.preload, R_OK) = -1 ENOENT (No such file or directory) open(/etc/ld.so.cache, O_RDONLY) = 3 fstat(3, {st_mode=S_IFREG|0644, st_size=17728, ...}) = 0 mmap(NULL, 17728, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f7dfc764000 close(3)= 0 open(/usr/lib64/libsqlite3.so.0, O_RDONLY) = 3 read(3, \177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0\0\1\0\0\0\260\225\0\0\0\0\0\0..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=629264, ...}) = 0 mmap(NULL, 2725864, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f7dfc2b2000 mprotect(0x7f7dfc348000, 2097152, PROT_NONE) = 0 mmap(0x7f7dfc548000, 16384, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x96000) = 0x7f7dfc548000 close(3)= 0 open(/usr/lib64/libgnutls.so.26, O_RDONLY) = 3 read(3, \177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0\0\1\0\0\0\20h\1\0\0\0\0\0..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=673520, ...}) = 0 mmap(NULL, 2768744, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f7dfc00e000 mprotect(0x7f7dfc0ac000, 2093056, PROT_NONE) = 0 mmap(0x7f7dfc2ab000, 28672, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x9d000) = 0x7f7dfc2ab000 close(3)= 0 open(/lib64/libuuid.so.1, O_RDONLY) = 3 read(3, \177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0\0\1\0\0\0\360\24\0\0\0\0\0\0..., 832) = 832 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7dfc763000 fstat(3, {st_mode=S_IFREG|0755, st_size=15744, ...}) = 0 mmap(NULL, 2110712, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f7dfbe0a000 mprotect(0x7f7dfbe0e000, 2093056, PROT_NONE) = 0 mmap(0x7f7dfc00d000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x3000) = 0x7f7dfc00d000 close(3)= 0 open(/lib64/libglib-2.0.so.0, O_RDONLY) = 3 read(3, \177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0\0\1\0\0\0\320l\1\0\0\0\0\0..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=1141936, ...}) = 0 mmap(NULL, 3237848, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f7dfbaf3000 mprotect(0x7f7dfbc08000, 2097152, PROT_NONE) = 0 mmap(0x7f7dfbe08000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x115000) = 0x7f7dfbe08000 mmap(0x7f7dfbe09000, 2008, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f7dfbe09000 close(3)= 0 open(/usr/lib64/libopenvas_misc.so.4, O_RDONLY) = 3 read(3, \177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0\0\1\0\0\0\200\261\0\0\0\0\0\0..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=162496, ...}) = 0 mmap(NULL, 2739808, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f7dfb856000 mprotect(0x7f7dfb87c000, 2093056, PROT_NONE) = 0 mmap(0x7f7dfba7b000, 12288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x25000) = 0x7f7dfba7b000 mmap(0x7f7dfba7e000, 478816, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f7dfba7e000 close(3)= 0 open(/usr/lib64/libopenvas_hg.so.4, O_RDONLY) = 3 read(3, \177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0\0\1\0\0\0\200\31\0\0\0\0\0\0..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=22336, ...}) = 0 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7dfc762000 mmap(NULL, 2117648, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f7dfb65 mprotect(0x7f7dfb655000, 2093056, PROT_NONE) = 0 mmap(0x7f7dfb854000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x4000) = 0x7f7dfb854000 mmap(0x7f7dfb855000, 16, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f7dfb855000 close(3)= 0 open(/usr/lib64/libopenvas_base.so.4, O_RDONLY) = 3 read(3, \177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0\0\1\0\0\0\320H\0\0\0\0\0\0..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=51008, ...}) = 0 mmap(NULL, 2146352, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f7dfb443000 mprotect(0x7f7dfb44e000, 2097152, PROT_NONE) = 0 mmap(0x7f7dfb64e000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xb000) = 0x7f7dfb64e000 mmap(0x7f7dfb64f000, 48, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f7dfb64f000 close(3)
Re: [Openvas-discuss] openvasad fails to start
Is it possible that the db file (of which permissions are to be changed) does not exist? Try a `ls /var/lib/openvas/mgr/tasks.db` to find out. `touch /var/lib/openvas/mgr/tasks.db` to create it (do not care about permissions, as openvasmd will attempt to fix them anyway). Hth, felix On Sunday 18 December 2011 20:25:00 Reindl Harald wrote: not really, it throws also SIGABRT below full strace output --- {si_signo=SIGABRT, si_code=SI_TKILL, si_pid=16607, si_uid=0, si_value={int=256720728, ptr=0x88000f4d3f58}} (Aborted) --- +++ killed by SIGABRT +++ Abgebrochen [root@openvas:/var/log/openvas]$ openvasmd -vv --rebuild Abgebrochen __ [root@openvas:/var/log/openvas]$ strace openvasmd -vv --rebuild execve(/usr/sbin/openvasmd, [openvasmd, -vv, --rebuild], [/* 23 vars */]) = 0 brk(0) = 0x591b000 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7dfc769000 access(/etc/ld.so.preload, R_OK) = -1 ENOENT (No such file or directory) open(/etc/ld.so.cache, O_RDONLY) = 3 fstat(3, {st_mode=S_IFREG|0644, st_size=17728, ...}) = 0 mmap(NULL, 17728, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f7dfc764000 close(3)= 0 open(/usr/lib64/libsqlite3.so.0, O_RDONLY) = 3 read(3, \177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0\0\1\0\0\0\260\225\0\0\0\0\0\0..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=629264, ...}) = 0 mmap(NULL, 2725864, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f7dfc2b2000 mprotect(0x7f7dfc348000, 2097152, PROT_NONE) = 0 mmap(0x7f7dfc548000, 16384, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x96000) = 0x7f7dfc548000 close(3) = 0 open(/usr/lib64/libgnutls.so.26, O_RDONLY) = 3 read(3, \177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0\0\1\0\0\0\20h\1\0\0\0\0\0..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=673520, ...}) = 0 mmap(NULL, 2768744, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f7dfc00e000 mprotect(0x7f7dfc0ac000, 2093056, PROT_NONE) = 0 mmap(0x7f7dfc2ab000, 28672, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x9d000) = 0x7f7dfc2ab000 close(3) = 0 open(/lib64/libuuid.so.1, O_RDONLY) = 3 read(3, \177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0\0\1\0\0\0\360\24\0\0\0\0\0\0..., 832) = 832 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7dfc763000 fstat(3, {st_mode=S_IFREG|0755, st_size=15744, ...}) = 0 mmap(NULL, 2110712, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f7dfbe0a000 mprotect(0x7f7dfbe0e000, 2093056, PROT_NONE) = 0 mmap(0x7f7dfc00d000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x3000) = 0x7f7dfc00d000 close(3) = 0 open(/lib64/libglib-2.0.so.0, O_RDONLY) = 3 read(3, \177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0\0\1\0\0\0\320l\1\0\0\0\0\0..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=1141936, ...}) = 0 mmap(NULL, 3237848, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f7dfbaf3000 mprotect(0x7f7dfbc08000, 2097152, PROT_NONE) = 0 mmap(0x7f7dfbe08000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x115000) = 0x7f7dfbe08000 mmap(0x7f7dfbe09000, 2008, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f7dfbe09000 close(3) = 0 open(/usr/lib64/libopenvas_misc.so.4, O_RDONLY) = 3 read(3, \177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0\0\1\0\0\0\200\261\0\0\0\0\0\0..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=162496, ...}) = 0 mmap(NULL, 2739808, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f7dfb856000 mprotect(0x7f7dfb87c000, 2093056, PROT_NONE) = 0 mmap(0x7f7dfba7b000, 12288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x25000) = 0x7f7dfba7b000 mmap(0x7f7dfba7e000, 478816, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f7dfba7e000 close(3) = 0 open(/usr/lib64/libopenvas_hg.so.4, O_RDONLY) = 3 read(3, \177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0\0\1\0\0\0\200\31\0\0\0\0\0\0..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=22336, ...}) = 0 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f7dfc762000 mmap(NULL, 2117648, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f7dfb65 mprotect(0x7f7dfb655000, 2093056, PROT_NONE) = 0 mmap(0x7f7dfb854000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x4000) = 0x7f7dfb854000 mmap(0x7f7dfb855000, 16, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f7dfb855000 close(3) = 0 open(/usr/lib64/libopenvas_base.so.4, O_RDONLY) = 3 read(3, \177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0\0\1\0\0\0\320H\0\0\0\0\0\0..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=51008,