store | blogs | forums | twitter | facebook | wiki | downloads | support portal
Atomic Secure Linux
It is currently Thu Jul 18, 2019 1:38 am

» Feed - Atomicorp

All times are UTC - 5 hours [ DST ]




Post new topic Reply to topic  [ 8 posts ] 
Author Message
 Post subject: OpenVAS 9.0.3 on CentOS 7 fails
Unread postPosted: Thu Apr 11, 2019 11:00 pm 
Offline
New Forum User
New Forum User

Joined: Thu Apr 11, 2019 10:40 pm
Posts: 3
Location: TX
Hello Friends,
I am running into multiple issues installing and running latest OpenVas RPM builds on CentOS 7

Used the instructions below to add the atomicorp yum repository

Code:
wget -q -O - https://updates.atomicorp.com/installers/atomic


Followed by
Code:
yum install openvas


This lists a bunch of packages to be installed. Though I noticed this message at the very beginning (haven't noticed it before, maybe it is pre-existing one).

Code:
Package openvas is obsoleted by greenbone-vulnerability-manager, trying to install greenbone-vulnerability-manager-10.0.0-6871.el7.art.noarch instead


In any case, upon confirming to download and install 238 packages, it fails right away with this error:

Code:
Transaction check error:
  file /usr/bin/openvas-nasl conflicts between attempted installs of openvas-scanner-6.0.0-6872.el7.art.x86_64 and openvas-libraries-9.0.3-6672.el7.art.x86_64
  file /usr/bin/openvas-nasl-lint conflicts between attempted installs of openvas-scanner-6.0.0-6872.el7.art.x86_64 and openvas-libraries-9.0.3-6672.el7.art.x86_64
  file /usr/lib64/libopenvas_misc.so conflicts between attempted installs of openvas-scanner-6.0.0-6872.el7.art.x86_64 and openvas-libraries-9.0.3-6672.el7.art.x86_64
  file /usr/lib64/libopenvas_nasl.so conflicts between attempted installs of openvas-scanner-6.0.0-6872.el7.art.x86_64 and openvas-libraries-9.0.3-6672.el7.art.x86_64
  file /usr/share/man/man1/openvas-nasl.1.gz conflicts between attempted installs of openvas-scanner-6.0.0-6872.el7.art.x86_64 and openvas-libraries-9.0.3-6672.el7.art.x86_64



Top
 Profile  
Reply with quote  
 Post subject: Re: OpenVAS 9.0.3 on CentOS 7 fails
Unread postPosted: Mon Apr 15, 2019 10:15 am 
Offline
New Forum User
New Forum User

Joined: Mon Apr 15, 2019 10:02 am
Posts: 1
Location: Michigan, USA
Just to piggyback on this, I was getting the same error on Friday when attempting to update my existing installation. I'm not getting transaction errors anymore, but after the update completes, the web interface no longer loads. Checking "/var/logs", I see a whole new directory called "gvm", which apparently replaces the openvas logs. Tailing the "gsad.log" file shows the following:

Code:
gsad main:MESSAGE:2019-04-15 13h48.31 utc:7638: Starting GSAD version 8.0.0
gsad main:CRITICAL:2019-04-15 13h48.31 utc:7821: main: Could not load private SSL key from /var/lib/gvm/private/CA/serverkey.pem: Failed to open file “/var/lib/gvm/private/CA/serverkey.pem”: No such file or directory


If I check the "/var/lib/gvm" directory, the only subdirectory that exists is "mgr". It looks to me like the transition from the "openvas" naming scheme to "gvm" naming scheme isn't complete, causing an orphaned directory structure and who knows what else.


Top
 Profile  
Reply with quote  
 Post subject: Re: OpenVAS 9.0.3 on CentOS 7 fails
Unread postPosted: Mon Apr 15, 2019 12:23 pm 
Offline
New Forum User
New Forum User

Joined: Thu Apr 11, 2019 10:40 pm
Posts: 3
Location: TX
I was able to work around this, by asking yum to ONLY download the packages and then used rpm to force install them.

Definitely, not what I want to do long term, hence any guidance would be helpful.


Top
 Profile  
Reply with quote  
 Post subject: Re: OpenVAS 9.0.3 on CentOS 7 fails
Unread postPosted: Mon Apr 15, 2019 2:16 pm 
Offline
Forum User
Forum User

Joined: Thu Apr 11, 2019 2:42 pm
Posts: 5
Location: US
I had the exact same problem last Thursday, at which time I posted the issue to this forum. Given it was probably my first time to post, it took the administrators until today to actually permit my post to show up. You might retry this today, as I'm not having this problem any more, although I am having some other issues with services not starting and an issue with symbolic links.


Top
 Profile  
Reply with quote  
 Post subject: Re: OpenVAS 9.0.3 on CentOS 7 fails
Unread postPosted: Mon Apr 15, 2019 2:19 pm 
Offline
Forum User
Forum User

Joined: Thu Apr 11, 2019 2:42 pm
Posts: 5
Location: US
I forgot to mention this, but I ended up having to do the following before I could get everything upgraded. You may or may not have to do this:

rpm -qa|grep atomic
rpm -qa|grep openvas
and maybe rpm -qa|grep openvas gsm

I removed the various packages that were installed. I also made a backup and copied it to another folder to make sure I'd still have the configuration.


Top
 Profile  
Reply with quote  
 Post subject: Re: OpenVAS 9.0.3 on CentOS 7 fails
Unread postPosted: Mon Apr 15, 2019 10:34 pm 
Offline
New Forum User
New Forum User

Joined: Thu Apr 11, 2019 10:40 pm
Posts: 3
Location: TX
Thanks for the responses, I will try to install again and update the thread.


Top
 Profile  
Reply with quote  
 Post subject: Re: OpenVAS 9.0.3 on CentOS 7 fails
Unread postPosted: Wed Apr 17, 2019 9:05 am 
Offline
New Forum User
New Forum User

Joined: Wed Apr 17, 2019 8:51 am
Posts: 1
Location: Tampa, FL USA
I am trying to apply yum updates to a running version of OpenVAS on CentOS 7. After I run updates for all packages, the GSA GUI starts, but cannot login, the error message is the gvmd is not running. This is a list of what I am running now with no issues:

Quote:
[root@www robert]# yum list installed|egrep "(vas|greenbone)"
greenbone-security-assistant.x86_64 7.0.2-2738.el7.art @atomic
openvas.noarch 9.0.3-6767.el7.art @atomic
openvas-cli.x86_64 1.4.5-2739.el7.art @atomic
openvas-libraries.x86_64 9.0.1-2735.el7.art @atomic
openvas-manager.x86_64 7.0.2-2737.el7.art @atomic
openvas-scanner.x86_64 5.1.1-2736.el7.art @atomic
openvas-smb.x86_64 1.0.2-1980.el7.art @atomic


When I do the upgrade, it upgrades GSA to 8.0.0-6932.el7.art and I can no longer login with error above. It appears things change from openvas-manager to gvmd, not sure how to handle that and get things running with my existing database. Does someone know what needs to be done to complete the upgrade or handle differently? When I run scans now, I get the critical vulnerability of 'Report outdated Scan Engine / Environment (local)'.

--UPATE--
In the end, the gvmd service was not set to start on boot. I started and set, now all good with the new gvmd as it replaces openvas-manager. However, I have a clean slate. Any way to import from the old version?


Top
 Profile  
Reply with quote  
 Post subject: Re: OpenVAS 9.0.3 on CentOS 7 fails
Unread postPosted: Wed Apr 24, 2019 3:27 pm 
Offline
New Forum User
New Forum User

Joined: Wed Apr 24, 2019 3:20 pm
Posts: 1
Location: USA
webtent wrote:
I am trying to apply yum updates to a running version of OpenVAS on CentOS 7. After I run updates for all packages, the GSA GUI starts, but cannot login, the error message is the gvmd is not running. This is a list of what I am running now with no issues:

Quote:
[root@www robert]# yum list installed|egrep "(vas|greenbone)"
greenbone-security-assistant.x86_64 7.0.2-2738.el7.art @atomic
openvas.noarch 9.0.3-6767.el7.art @atomic
openvas-cli.x86_64 1.4.5-2739.el7.art @atomic
openvas-libraries.x86_64 9.0.1-2735.el7.art @atomic
openvas-manager.x86_64 7.0.2-2737.el7.art @atomic
openvas-scanner.x86_64 5.1.1-2736.el7.art @atomic
openvas-smb.x86_64 1.0.2-1980.el7.art @atomic


When I do the upgrade, it upgrades GSA to 8.0.0-6932.el7.art and I can no longer login with error above. It appears things change from openvas-manager to gvmd, not sure how to handle that and get things running with my existing database. Does someone know what needs to be done to complete the upgrade or handle differently? When I run scans now, I get the critical vulnerability of 'Report outdated Scan Engine / Environment (local)'.

--UPATE--
In the end, the gvmd service was not set to start on boot. I started and set, now all good with the new gvmd as it replaces openvas-manager. However, I have a clean slate. Any way to import from the old version?


We encountered all these problems too. Had to move the task.db file from /var/lib/openvas/mgr/tasks.db to /var/lib/gvm/gvmd/gvmd.db

More details can be found on Greenbone's github in the Migrating to Version 8.0 section.
https://github.com/greenbone/gvmd/blob/ ... INSTALL.md

Code:
Migrating to Version 8.0
Before starting gvmd 8.0 for the first time you need to move some files to the new locations where they are expected now. If you do not do this, the files are freshly initialized and it gets more complicated to transfer the old data properly.

move $prefix/etc/openvas/pwpolicy.conf to $prefix/etc/gvm/

move $prefix/etc/openvas/openvasmd_log.conf to $prefix/etc/gvm/gvmd_log.conf

copy $prefix/etc/openvas/gsf-access-key to $prefix/etc/gvm/ If the gsf-access-key file was already migrated for the openvas-scanner module it can be removed from the $prefix/etc/openvas/ directory.

move $prefix/var/lib/openvas/scap-data to $prefix/var/lib/gvm/scap-data

move $prefix/var/lib/openvas/cert-data to $prefix/var/lib/gvm/cert-data

move $prefix/var/lib/openvas/openvasmd to $prefix/var/lib/gvm/gvmd

move $prefix/var/lib/openvas/CA to $prefix/var/lib/gvm/CA

move $prefix/var/lib/openvas/private to $prefix/var/lib/gvm/private

(SQLite backend only) move $prefix/var/lib/openvas/mgr/tasks.db to $prefix/var/lib/gvm/gvmd/gvmd.db

(Postgres backend only) rename database to gvmd:

sudo -u postgres sh
psql --command='ALTER DATABASE tasks RENAME TO gvmd;'


Some steps didn't match. But I'd imagine as long as you put the database file into the new correct place and run gvmd --migrate you should be good.


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 8 posts ] 

» Feed - Atomicorp

All times are UTC - 5 hours [ DST ]


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group