dgiorgio / gvm-docker Goto Github PK

After updating the SCAP feed
the indicated process goes into a loop

and the web gui login return this error

Could you give us a solution ?thanks

I have deployed the gvm-docker, but it has show 'No SCAP database found'. And I look at the logs, it show there have some errors there when connect to feed.community.greenbone.net.

Update GVMD_DATA
rsync: failed to connect to feed.community.greenbone.net (45.135.106.142): Connection refused (111)
rsync: failed to connect to feed.community.greenbone.net (2a0e:6b40:20:106:20c:29ff:fe67:cbb5): Cannot assign requested address (99)
rsync error: error in socket IO (code 10) at clientserver.c(127) [Receiver=3.1.3]
Update SCAP
rsync: failed to connect to feed.community.greenbone.net (45.135.106.142): Connection refused (111)
rsync: failed to connect to feed.community.greenbone.net (2a0e:6b40:20:106:20c:29ff:fe67:cbb5): Cannot assign requested address (99)
rsync error: error in socket IO (code 10) at clientserver.c(127) [Receiver=3.1.3]
Update CERT
rsync: failed to connect to feed.community.greenbone.net (45.135.106.142): Connection refused (111)
rsync: failed to connect to feed.community.greenbone.net (2a0e:6b40:20:106:20c:29ff:fe67:cbb5): Cannot assign requested address (99)
rsync error: error in socket IO (code 10) at clientserver.c(127) [Receiver=3.1.3]
gvmd - starting...
md manage:MESSAGE:2021-02-24 06h40.27 utc:81: No SCAP database found
md manage:MESSAGE:2021-02-24 06h40.27 utc:81: No CERT database found
md   main:MESSAGE:2021-02-24 06h40.28 utc:83:    Greenbone Vulnerability Manager version 20.08.1 (DB revision 233)
md manage:   INFO:2021-02-24 06h40.28 utc:83:    Getting users.

Anyone have this issue to solve it? Thanks

Hi,

I have some issue on generating PDF report. Each pdf reports generated are of size of 0 bytes. Latex seems to be installed on gvm_gvm-gsa_1, gvm_gvm-gvmd_1 and gvm_gvm-postgres_1.

A quick check on the logs of gvm_gvm-gvmd_1 show me this error:

==> /usr/local/var/log/gvm/gvmd.log <==
event alert:MESSAGE:2021-09-15 11h22.05 CEST:32503: The alert Scan Terminé was triggered (Event: Task status changed to 'Done', Condition: Always)
md manage:WARNING:2021-09-15 11h22.05 CEST:32503: run_report_format_script: system failed with ret 256, 1, /usr/local/var/lib/gvm/gvmd/report_formats/7020b5a7-1ba2-4efe-983a-08dd63b63f23/c402cc3e-b531-11e1-9163-406186ea4fc5/generate /tmp/gvmd_XwoXuy/report.xml '<files><basedir>/tmp/gvmd_XwoXuy</basedir></files>' > /tmp/gvmd_XwoXuy/c402cc3e-b531-11e1-9163-406186ea4fc5-ToVUU9.pdf 2> /dev/null

Greenbone community is saying that this is caused by latex being not installed on the system, but latex seems to be present.
Have you faced the same issue and maybe have a workaround ?

Thanks !

ERROR: Service 'gvm-master-stable-postgres' failed to build: The command '/bin/sh -c chmod +x ./build.sh && ./build.sh ${STAGE} ${DATABASE}' returned a non-zero code: 1

Containers can't be built
能看下你写的有问题吗

Hello,

I have another problem regarding the connection to GSA. We want to run Greenbone behind a reverse proxy. This works quite well with a few adjustments. But after three hours at the latest, a connection to the web interface is no longer possible.

The following appears in the log:
gsad main:WARNING:2021-04-14 07h59.17 utc:11: MHD: Server reached connection limit. Closing inbound connection. gsad main:WARNING:2021-04-14 07h59.23 utc:11: MHD: Server reached connection limit. Closing inbound connection. gsad main:WARNING:2021-04-14 07h59.23 utc:11: MHD: Server reached connection limit. Closing inbound connection. gsad main:WARNING:2021-04-14 08h03.06 utc:11: MHD: Server reached connection limit. Closing inbound connection. gsad main:WARNING:2021-04-14 08h03.55 utc:11: MHD: Server reached connection limit. Closing inbound connection.

According to forums, the reason for the problem is the "MHD_OPTION_CONNECTION_LIMIT" option of microhttpd. (https://serverfault.com/questions/900578/openvas-9-continual-logouts-due-to-server-reached-connection-limit-closing-i)
The developers of Greenbone themselves say that they have built in an option to adjust the value. (https://community.greenbone.net/t/connections-to-web-interface-timeout-a-lot/1793)

I have tried different ways to adjust the value... but it doesn't matter if I adjust the startup command or the file of microhttpd, the error appears after three hours at the latest.

Do you have an idea how to fix the problem or could you include a function to adjust the value?

Many greetings
Eric

GVM versions
postgres-gvm: 11
gvmd: 20.8.0-1
openvas: 20.8.0-1
gsa: 20.8.0

Hi,
i guess you've already noticed, but I wanted to make sure. The Greenbone community feed is missing a VT, yet it is referenced.
This creates an error when creating the configuration and causes a high load on the server. The error in the log looks like this:
md manage:WARNING:2021-02-23 15h53.39 utc:1: insert_nvt_selectors: skipping NVT '1.3.6.1.4.1.25623.1.0.150081' from
import of config 'a1f217f4-22ae-4823-ac39-5f20127000b0' because the NVT does not have a family
md manage:WARNING:2021-02-23 15h53.39 utc:1: create_config_from_file: Internal error
event config:MESSAGE:2021-02-23 15h53.39 utc:1: Scan config could not be created by admin
Post in the community: https://community.greenbone.net/t/skipping-nvt-1-3-6-1-4-1-25623-1-0-150081/8280

The developers have implemented a mechanism to work around this problem. More about it here: greenbone/gvmd#1366

I haven't found a way to stop config creation yet. Could you give me some feedback if you are already working on the problem and when the next version will be released?

I launched the GVM with this command, but the CVE is not reflected in the dashboard.

docker run -p 80:80 -p 443:443 -p 9390-9393:9390-9393 dgiorgio/gvm-docker

Do you know what that is?

What is the use case for this setup?

After a new install using the latest version and running:
docker-compose -p gvm -f docker-compose.yml up -d

Docker shows redis is continually restarting. The error in the docker logs gives:

*** FATAL CONFIG FILE ERROR (Redis 6.2.5) ***

Reading the configuration file, at line 1

>>> 'unixsocket /run/redis/redis.sock nunixsocketperm 755 ntimeout 0 ndatabases 1025 nmaxclients 512'

wrong number of arguments

over and over and over.

When using docker-compose, I get this error in the gsa container which keeps on rebooting:

gsad - starting...
gsad main:CRITICAL:2022-08-26 13h04.03 utc:39: main: Could not write PID file.
gsad main:MESSAGE:2022-08-26 13h04.04 utc:37: Starting GSAD version 22.04.0~git
gsad main:CRITICAL:2022-08-26 13h04.04 utc:37: main: Could not write PID file.
gsad main:CRITICAL:2022-08-26 13h04.04 utc:40: main: Could not write PID file.
gsad main:MESSAGE:2022-08-26 13h04.05 utc:39: Starting GSAD version 22.04.0~git
gsad main:CRITICAL:2022-08-26 13h04.05 utc:39: main: Could not write PID file.
gsad main:CRITICAL:2022-08-26 13h04.05 utc:42: main: Could not write PID file.
gsad main:MESSAGE:2022-08-26 13h04.07 utc:39: Starting GSAD version 22.04.0~git
gsad main:CRITICAL:2022-08-26 13h04.07 utc:39: main: Could not write PID file.
gsad main:CRITICAL:2022-08-26 13h04.07 utc:42: main: Could not write PID file.
Oops, secure memory pool already initialized

Note I had to remove :rw,rshared from the volumes as I was unable to boot the containers otherwise.

With those in place, I get these errors:

ERROR: for gvm_gvm-redis_1  Cannot start service gvm-redis: path /run/gvm-docker/redis-socket is mounted on / but it is not a shared mount

ERROR: for gvm_gvm-postgres_1  Cannot start service gvm-postgres: path /run/gvm-docker/postgres-socket is mounted on / but it is not a shared mount

ERROR: for gvm-redis  Cannot start service gvm-redis: path /run/gvm-docker/redis-socket is mounted on / but it is not a shared mount

ERROR: for gvm-postgres  Cannot start service gvm-postgres: path /run/gvm-docker/postgres-socket is mounted on / but it is not a shared mount

Any input would be greatly appreciated.

OS: MacOS, Monterey

Thank you
Thomas

What is the password of the gvm container-user?

When running run_compose.sh, I am getting the following error after fetching the images:

ERROR: for gvm_gvm-redis_1  Cannot start service gvm-redis: path /run/gvm-docker/redis-socket is mounted on / but it is not a shared mount

ERROR: for gvm_gvm-postgres_1  Cannot start service gvm-postgres: path /run/gvm-docker/postgres-socket is mounted on / but it is not a shared mount

ERROR: for gvm-redis  Cannot start service gvm-redis: path /run/gvm-docker/redis-socket is mounted on / but it is not a shared mount

ERROR: for gvm-postgres  Cannot start service gvm-postgres: path /run/gvm-docker/postgres-socket is mounted on / but it is not a shared mount
ERROR: Encountered errors while bringing up the project.

Do you know why that would happen?

Thanks
Thomas

Hello world!

After updating the NVT db the database is not recognised.

Attached are the logs for reference.

I'm using Docker Desktop (WSL2) on Win10.
openvas-gvmd.txt
openvas-scanner.txt

The tail lines are constantly repeated

I know is a generic question but how can I set the ospd module in the rigth way using your docker environment ? The wiki was not helpful at all . Thanks

centos virtual machine

[root@localhost stable]# pwd
/opt/gvm-docker/docker-compose/stable
[root@localhost stable]# /opt/docker-compose-Linux-x86_64 -p gvm -f docker-compose.yml up -d
Traceback (most recent call last):
  File "urllib3/connectionpool.py", line 677, in urlopen
  File "urllib3/connectionpool.py", line 392, in _make_request
  File "http/client.py", line 1252, in request
  File "http/client.py", line 1298, in _send_request
  File "http/client.py", line 1247, in endheaders
  File "http/client.py", line 1026, in _send_output
  File "http/client.py", line 966, in send
  File "docker/transport/unixconn.py", line 43, in connect
FileNotFoundError: [Errno 2] No such file or directory

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "requests/adapters.py", line 449, in send
  File "urllib3/connectionpool.py", line 727, in urlopen
  File "urllib3/util/retry.py", line 403, in increment
  File "urllib3/packages/six.py", line 734, in reraise
  File "urllib3/connectionpool.py", line 677, in urlopen
  File "urllib3/connectionpool.py", line 392, in _make_request
  File "http/client.py", line 1252, in request
  File "http/client.py", line 1298, in _send_request
  File "http/client.py", line 1247, in endheaders
  File "http/client.py", line 1026, in _send_output
  File "http/client.py", line 966, in send
  File "docker/transport/unixconn.py", line 43, in connect
urllib3.exceptions.ProtocolError: ('Connection aborted.', FileNotFoundError(2, 'No such file or directory'))

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "docker/api/client.py", line 205, in _retrieve_server_version
  File "docker/api/daemon.py", line 181, in version
  File "docker/utils/decorators.py", line 46, in inner
  File "docker/api/client.py", line 228, in _get
  File "requests/sessions.py", line 543, in get
  File "requests/sessions.py", line 530, in request
  File "requests/sessions.py", line 643, in send
  File "requests/adapters.py", line 498, in send
requests.exceptions.ConnectionError: ('Connection aborted.', FileNotFoundError(2, 'No such file or directory'))

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "bin/docker-compose", line 3, in <module>
  File "compose/cli/main.py", line 67, in main
  File "compose/cli/main.py", line 123, in perform_command
  File "compose/cli/command.py", line 69, in project_from_options
  File "compose/cli/command.py", line 132, in get_project
  File "compose/cli/docker_client.py", line 43, in get_client
  File "compose/cli/docker_client.py", line 170, in docker_client
  File "docker/api/client.py", line 188, in __init__
  File "docker/api/client.py", line 213, in _retrieve_server_version
docker.errors.DockerException: Error while fetching server API version: ('Connection aborted.', FileNotFoundError(2, 'No such file or directory'))
[7093] Failed to execute script docker-compose

Hi dgiorgio, first of all I would like to thank you for doing this!
I'm trying to modify the setup to run our certificates and I'm rebuilding everything from scratch.

I'm having issues with postgresql (exec error in gosu)

Are you able to build all images without any issues?

Thanks!