After upgrading my openvas-9 installation using the mrazavi packages, I was encountering quite a few issues.
I had to use: % openvasmd --migrate Then I updated all the feeds, just to be on the safe side. Then "openvassd" would not start. I traced it down to some issue with the data fetched from the redis server (it would issue a query, get some data, sleep for 60s, and start the whole thing again), so I issued a: % redis-cli flushall after which openvassd would start again. Yay. Currently I have these processes running: root 1673 0.2 0.4 627192 17144 ? Sl 12:52 0:01 /usr/sbin/gsad --do-chroot --ssl-private-key=/var/lib/openvas/private/CA/serverkey.pem.new --ssl-certificate=/var/lib/openvas/CA/servercert.pem.new --no-redirect --port=443 root 1675 0.4 2.0 269340 83836 ? SL 12:52 0:02 openvasmd root 2867 4.8 0.2 141820 11988 ? Ss 12:53 0:21 openvassd: Waiting for incoming connections and % openvas-check-setup --v9 reports: openvas-check-setup 2.3.7 Test completeness and readiness of OpenVAS-9 Please report us any non-detected problems and help us to improve this check routine: http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss Send us the log-file (/tmp/openvas-check-setup.log) to help analyze the problem. Use the parameter --server to skip checks for client tools like GSD and OpenVAS-CLI. Step 1: Checking OpenVAS Scanner ... OK: OpenVAS Scanner is present in version 5.1.0. OK: redis-server is present in version v=3.0.6. OK: scanner (kb_location setting) is configured properly using the redis-server socket: /var/run/redis/redis.sock OK: redis-server is running and listening on socket: /var/run/redis/redis.sock. OK: redis-server configuration is OK and redis-server is running. OK: NVT collection in /var/lib/openvas/plugins contains 51201 NVTs. WARNING: Signature checking of NVTs is not enabled in OpenVAS Scanner. SUGGEST: Enable signature checking (see http://www.openvas.org/trusted-nvts.html). OK: The NVT cache in /var/cache/openvas contains 51216 files for 51201 NVTs. Step 2: Checking OpenVAS Manager ... OK: OpenVAS Manager is present in version 7.0.0. OK: OpenVAS Manager database found in /var/lib/openvas/mgr/tasks.db. OK: Access rights for the OpenVAS Manager database are correct. OK: sqlite3 found, extended checks of the OpenVAS Manager installation enabled. OK: OpenVAS Manager database is at revision 184. OK: OpenVAS Manager expects database at revision 184. OK: Database schema is up to date. OK: OpenVAS Manager database contains information about 51201 NVTs. OK: At least one user exists. OK: OpenVAS SCAP database found in /var/lib/openvas/scap-data/scap.db. OK: OpenVAS CERT database found in /var/lib/openvas/cert-data/cert.db. OK: xsltproc found. Step 3: Checking user configuration ... WARNING: Your password policy is empty. SUGGEST: Edit the /etc/openvas/pwpolicy.conf file to set a password policy. Step 4: Checking Greenbone Security Assistant (GSA) ... OK: Greenbone Security Assistant is present in version 7.0.0. OK: Your OpenVAS certificate infrastructure passed validation. Step 5: Checking OpenVAS CLI ... OK: OpenVAS CLI version 1.4.5. Step 6: Checking Greenbone Security Desktop (GSD) ... SKIP: Skipping check for Greenbone Security Desktop. Step 7: Checking if OpenVAS services are up and running ... OK: netstat found, extended checks of the OpenVAS services enabled. OK: OpenVAS Scanner is running and listening on a Unix domain socket. OK: OpenVAS Manager is running and listening on a Unix domain socket. OK: Greenbone Security Assistant is running and listening on all interfaces. OK: Greenbone Security Assistant is listening on port 443, which is the default port. Step 8: Checking nmap installation ... WARNING: Your version of nmap is not fully supported: 7.01 SUGGEST: You should install nmap 5.51 if you plan to use the nmap NSE NVTs. Step 10: Checking presence of optional tools ... OK: pdflatex found. OK: PDF generation successful. The PDF report format is likely to work. OK: ssh-keygen found, LSC credential generation for GNU/Linux targets is likely to work. OK: rpm found, LSC credential package generation for RPM based targets is likely to work. OK: alien found, LSC credential package generation for DEB based targets is likely to work. OK: nsis found, LSC credential package generation for Microsoft Windows targets is likely to work. It seems like your OpenVAS-9 installation is OK. Yet, I cannot login -- I'm getting the message "Login failed. Waiting for OMP service to become available." gsad is logging: gsad main:MESSAGE:2016-12-28 11h52.44 utc:1380: Starting GSAD version 7.0.0 gsad main:WARNING:2016-12-28 11h52.44 utc:1380: main: Locale defined by environment variables is not an "en_..." one. gsad main:WARNING:2016-12-28 11h55.17 utc:1673: Authentication failure for 'admin' from 141.42.231.251 gsad main:WARNING:2016-12-28 11h55.24 utc:1673: Authentication failure for 'admin' from 141.42.231.251 gsad main:WARNING:2016-12-28 11h55.30 utc:1673: Authentication failure for 'admin' from 141.42.231.251 gsad main:WARNING:2016-12-28 12h03.08 utc:1673: Authentication failure for 'admin' from 141.42.231.251 -- Ralf Hildebrandt Charite Universitätsmedizin Berlin ralf.hildebra...@charite.de Campus Benjamin Franklin http://www.charite.de Hindenburgdamm 30, 12203 Berlin Geschäftsbereich IT, Abt. Netzwerk fon: +49-30-450.570.155 _______________________________________________ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
