you need to disable selinux anyway, as openvas is not currently supporting openvas (there is no policy for openvas under selinux)
-- Eero 2016-01-19 19:17 GMT+02:00 William Coquelin <[email protected]>: > Eero, that didn't seem to work. > > GREP returned this value: > grep 'unixsock' /etc/redis.conf > unixsocket /tmp/redis.sock > # unixsocketperm 700 > unixsocket /tmp/redis.sock > unixsocketperm 700 > > Nevertheless, I did this command as root: sed -i "s#^\# unixsocket > .*#unixsocket /tmp/redis.sock#g" /etc/redis.conf > > I then restarted the redis service and got a SELinux error. So, I ran > these commands to resolve it(this is from the troubleshooting window): > > "You can generate a local policy module to allow this access. > Allow this access for now by executing: > # grep redis-server /var/log/audit/audit.log | audit2allow -M mypol > # semodule -i mypol.pp" > > I ran those commands, then reran the commands to restart redis - had the > same issues - and "openvas-check-setup" returns the same redis error as > before. > > > > ------------------------------ > *From:* [email protected] [[email protected]] on behalf > of Eero Volotinen [[email protected]] > *Sent:* Monday, January 18, 2016 2:45 AM > *To:* William Coquelin > *Cc:* [email protected] > *Subject:* Re: [Openvas-discuss] CentOS 7 / Openvas / REDIS error > > You need to check that redis-server is listening /tmp/redis.sock > > try following command: > > check redis configuration: > grep 'unixsock' /etc/redis.conf > > if output does now contain unixsock /tmp/redis.sock line, tjen run > following command > > > sed -i "s#^\# unixsocket .*#unixsocket /tmp/redis.sock#g" /etc/redis.conf > > or manually edit unixsocket /tmp/redis.sock into config file. > > then restart redis and enable it > systemctl restart redis.service > systemctl enable redis.service > > and then check status with openvas-check-setup .. > > Eero > > > 2016-01-15 22:06 GMT+02:00 William Coquelin <[email protected]>: > >> >> Hello. I am running CentOS 7, and the current release of Openvas. New >> install of everything, and patched. I ran the install, and everything >> seemed to work fine. The system comes up, but I am unable to scan. This >> is the output from the terminal window when I run the check: >> >> Step 1: Checking OpenVAS Scanner ... >> OK: OpenVAS Scanner is present in version 5.0.5. >> OK: OpenVAS Scanner CA Certificate is present as >> /var/lib/openvas/CA/cacert.pem. >> OK: redis-server is present in version v=2.8.21. >> OK: scanner (kb_location setting) is configured properly using >> the redis-server socket: /tmp/redis.sock >> ERROR: redis-server is not running or not listening on socket: >> /tmp/redis.sock >> FIX: You should start the redis-server or configure it to listen >> on socket: /tmp/redis.sock >> >> ERROR: Your OpenVAS-8 installation is not yet complete! >> >> This is the output from the log file, which is basically the same: >> >> openvas-check-setup 2.3.2 >> Mode: desktop >> Date: Fri, 15 Jan 2016 11:25:22 -0500 >> >> Checking for old OpenVAS Scanner <= 2.0 ... >> /bin/openvas-check-setup: line 163: openvasd: command not found >> >> Checking presence of OpenVAS Scanner ... >> OpenVAS Scanner 5.0.5 >> Most new code since 2005: (C) 2015 Greenbone Networks GmbH >> Nessus origin: (C) 2004 Renaud Deraison <[email protected]> >> License GPLv2: GNU GPL version 2 >> This is free software: you are free to change and redistribute it. >> There is NO WARRANTY, to the extent permitted by law. >> >> >> Checking OpenVAS Scanner version ... >> >> OK: OpenVAS Scanner is present in version 5.0.5. >> plugins_folder = /var/lib/openvas/plugins >> cache_folder = /var/cache/openvas >> include_folders = /var/lib/openvas/plugins >> max_hosts = 30 >> max_checks = 10 >> be_nice = no >> logfile = /var/log/openvas/openvassd.log >> log_whole_attack = no >> log_plugins_name_at_load = no >> dumpfile = /var/log/openvas/openvassd.dump >> cgi_path = /cgi-bin:/scripts >> optimize_test = yes >> checks_read_timeout = 5 >> network_scan = no >> non_simult_ports = 139, 445 >> plugins_timeout = 320 >> safe_checks = yes >> auto_enable_dependencies = yes >> use_mac_addr = no >> nasl_no_signature_check = yes >> drop_privileges = no >> unscanned_closed = yes >> unscanned_closed_udp = yes >> vhosts = >> vhosts_ip = >> report_host_details = yes >> cert_file = /var/lib/openvas/CA/servercert.pem >> key_file = /var/lib/openvas/private/CA/serverkey.pem >> ca_file = /var/lib/openvas/CA/cacert.pem >> kb_location = /tmp/redis.sock >> rules = /etc/openvas/openvassd.rules >> port_range = default >> silent_dependencies = no >> save_knowledge_base = no >> kb_restore = no >> only_test_hosts_whose_kb_we_dont_have = no >> only_test_hosts_whose_kb_we_have = no >> kb_dont_replay_scanners = no >> kb_dont_replay_info_gathering = no >> kb_dont_replay_attacks = no >> kb_dont_replay_denials = no >> kb_max_age = 864000 >> slice_network_addresses = no >> config_file = /etc/openvas/openvassd.conf >> Checking OpenVAS Scanner CA cert ... >> >> OK: OpenVAS Scanner CA Certificate is present as >> /var/lib/openvas/CA/cacert.pem. >> Checking presence of redis ... >> OK: redis-server is present in version v=2.8.21. >> >> Checking if redis-server is configured properly to run with openVAS ... >> OK: scanner (kb_location setting) is configured properly using >> the redis-server socket: /tmp/redis.sock >> Checking if redis-server is running ... >> ERROR: redis-server is not running or not listening on socket: >> /tmp/redis.sock >> FIX: You should start the redis-server or configure it to listen >> on socket: /tmp/redis.sock >> >> I attempted to start redis via a command prompt, but it opens in default >> and doesn't return a prompt when I execute in terminal session. >> >> I am not all that experienced on this OS and need guidance. >> >> Thanks in advance. >> >> >> >> >> ______________________________________________________________ >> >> This email has been scanned for all viruses by McAfee. >> ______________________________________________________________ >> _______________________________________________ >> Openvas-discuss mailing list >> [email protected] >> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss >> <http://cp.mcafee.com/d/FZsS920O76Qm7SkrIEI8CXCNPdQPhOed7b1IsPtcQsCzBZMSepKCqehNEVvdEEEFLKf6zBBUSoJkmrY-k0lWIyctVsTWIyctVsSMCYqer6zBN_HYyCqerEI3CeLsKDuVEVVdZZBN5dXG8FHnjlLt_BgY-F6lK1FJ4SyrLOtXTLuZXTdTdAVPmEBC7OFeD6dfgWk9-pSsGMU03w25O4Eo9GX33VkDa3JsGJY3eQbEiFpKB3v_6LjUPk-IVg-0a8yvbCQm7QjhOr1vF6y0QJxxrU6tEngBiPta6BQQg2nMC61wQg3zh1xEw32TMcXgQgoq80md1Mqc6y3UNH4S-MrvQb9> >> > > > ______________________________________________________________ > > This email has been scanned for all viruses by McAfee. > ______________________________________________________________ > >
_______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
