Error Reading Information on Service Pbs_mom: No Such File or Directory
How to install Greenbone Vulnerability Management (GVM) (formerly OpenVAS) on Kali Linux
OpenVAS is now renamed Greenbone Vulnerability Management (GVM)
When the OpenVAS project was created, it only consisted of a vulnerability scanning engine. Greenbone Networks received funding presently thereafter to provide professional vulnerability scanning support. Greenbone took over development leadership, added a few software components, and turned OpenVAS into a multi-pronged vulnerability management solution that nonetheless retains the value of open and complimentary software.
Over the years, it became apparent that the use of OpenVAS as a trademark for an open source projection and funding for near all of the project's development had not been appreciated from outside. Therefore, later on the release of the OpenVAS ix platform, information technology was renamed Greenbone Vulnerability Management (GVM) and released as Greenbone Source Edition (GSE). Since GVM 10, the term OpenVAS is used simply for the scanner component, as it was at the starting time of the project.
Greenbone Vulnerability Management (GVM) packages: https://github.com/greenbone
Errors when installing and starting GVM, OpenVAS
During the installation and launch process, I encountered quite a few errors, which, however, were resolved. Under the supposition that these errors are common to anybody (non simply my particular installation), I described these errors correct during the installation process, as a result of which the instructions became chaotic.
If during the installation procedure you practice not encounter the described errors, please write about information technology in the comments – if the errors do not appear for anybody, then I will put them at the very end of the article, due to which, in full general, the teaching will become clearer.
How to install OpenVAS (GVM)
Since the authors renamed openvas to gvm (more precisely, divided it into unlike packages), at present the principal package is gvm, when information technology is installed, all other necessary packages volition also be obtained as dependencies.
Installation is done like this:
sudo apt update sudo apt install gvm
Setting upward OpenVAS
Allow's offset by setting up the Open Vulnerability Cess Scanner (OpenVAS) for Greenbone Vulnerability Management (GVM) solution.
Information technology is used in Greenbone Security Managing director and is a full-fledged scan engine that performs constantly updated and expanded submissions of Network Vulnerability Tests (NVTs).
The scanner needs a running Redis server to temporarily store the collected information on the scanned hosts. Configuring the Redis server is done like this (these commands demand to exist executed one time):
wget https://raw.githubusercontent.com/greenbone/openvas-scanner/master/config/redis-openvas.conf sudo cp redis-openvas.conf /etc/redis/ sudo chown redis:redis /etc/redis/redis-openvas.conf repeat 'db_address = /run/redis-openvas/redis.sock' | sudo tee /etc/openvas/openvas.conf
Starting the Redis server (must be done after every computer restart):
sudo systemctl start redis-server@openvas.service
Or, if y'all like, add it to startup:
sudo systemctl enable redis-server@openvas.service
The Greenbone Vulnerability Management (gvmd) service acts equally an OSP client to connect to and manage scanners. openvas does not act as an OSP service – you need the OSPD-OpenVAS module for that. Actual user interfaces (like GSA or GVM-Tools) volition simply interact with gvmd and/or ospd-openvas, not the scanner. Yous tin can run openvas to load plugins in Redis using the following control:
sudo openvas -u
merely ospd-openvas will update automatically.
Please note that although you lot can run openvas as a non-elevated user, it is recommended that you run openvas every bit root because some network vulnerability tests (NVTs) crave root privileges to perform certain operations, such as package spoofing. If you run openvas as a user without permission to perform these operations, the scan results are likely to exist incomplete.
Since openvas volition exist launched from the ospd-openvas process using sudo, the following configuration is required in the sudoers file:
sudo visudo
add this line to let the user running ospd-openvas to run openvas as root
USERNAME ALL = NOPASSWD: /usr/sbin/openvas
Supercede USERNAME with your Linux username.
You can observe out the username with the command:
echo $USER
If something does non work, and then you lot can view the log with the command:
true cat /var/log/gvm/openvas.log
Configuring Greenbone Vulnerability Direction (GVM)
Greenbone Vulnerability Manager is the central management service betwixt security scanners and user clients.
It manages the storage of any vulnerability management configuration and scan results. Data, command commands, and workflows are accessed through the XML-based Greenbone Management Protocol (GMP). Scanners such as OpenVAS are controlled through the Open Scanner Protocol (OSP).
Deployment script (instead of openvas-setup):
sudo gvm-setup
This script needs to exist run only in one case.
The script ended with an error:
sent 2,908 bytes received i,097,808,438 bytes 405,171.xix bytes/sec total size is 1,097,537,923 speedup is 1.00 [*] Updating: Cert Data rsync: [Receiver] failed to connect to feed.community.greenbone.cyberspace (45.135.106.142): Connection refused (111) rsync: [Receiver] failed to connect to feed.community.greenbone.net (2a0e:6b40:20:106:20c:29ff:fe67:cbb5): Network is unreachable (101) rsync error: error in socket IO (code 10) at clientserver.c(137) [Receiver=three.2.3] [*] Checking Default scanner Can non open up '/var/log/gvm/gvmd.log' logfile: Permission denied ** (process:2450): ERROR (recursed) **: Can not open '/var/log/gvm/gvmd.log' logfile: Permission denied[*] Modifying Default Scanner Can not open '/var/log/gvm/gvmd.log' logfile: Permission denied ** (process:2452): Error (recursed) **: Can non open '/var/log/gvm/gvmd.log' logfile: Permission denied [+] Washed
Running check:
sudo gvm-check-setup
also showed an error in the fourth step:
gvm-check-setup 20.8.0 Test abyss and readiness of GVM-twenty.8.0 Step 1: Checking OpenVAS (Scanner)... OK: OpenVAS Scanner is present in version 20.viii.one. OK: Server CA Document is present equally /var/lib/gvm/CA/servercert.pem. Checking permissions of /var/lib/openvas/gnupg/* OK: _gvm owns all files in /var/lib/openvas/gnupg OK: redis-server is present. OK: scanner (db_address setting) is configured properly using the redis-server socket: /run/redis-openvas/redis.sock OK: redis-server is running and listening on socket: /run/redis-openvas/redis.sock. OK: redis-server configuration is OK and redis-server is running. OK: _gvm owns all files in /var/lib/openvas/plugins OK: NVT collection in /var/lib/openvas/plugins contains 66548 NVTs. Checking that the obsolete redis database has been removed Could not connect to Redis at /var/run/redis-openvas/redis-server.sock: No such file or directory OK: No quondam Redis DB OK: ospd-OpenVAS is present in version 20.8.1. Step 2: Checking GVMD Manager ... OK: GVM Manager (gvmd) is present in version twenty.08.i. Step 3: Checking Certificates ... OK: GVM client certificate is valid and nowadays as /var/lib/gvm/CA/clientcert.pem. OK: Your GVM certificate infrastructure passed validation. Step 4: Checking data ... OK: SCAP data found in /var/lib/gvm/scap-information. Error: CERT information are missing. FIX: Run the CERT synchronization script greenbone-feed-sync. sudo runuser -u _gvm -- greenbone-feed-sync --type CERT. Fault: Your GVM-20.8.0 installation is not yet consummate! Please follow the instructions marked with FIX above and run this script again.
To fix the fault "Fault: CERT data are missing. Gear up: Run the CERT synchronization script greenbone-feed-sync" run the following command:
sudo runuser -u _gvm -- greenbone-feed-sync --type CERT
Re-running the bank check showed an error at the fifth pace:
Stride five: Checking Postgresql DB and user ... OK: Postgresql version and default port are OK. gvmd | _gvm | UTF8 | ru_RU.UTF-8 | ru_RU.UTF-eight | Can not open '/var/log/gvm/gvmd.log' logfile: Permission denied ** (process:2699): Error (recursed) **: Can not open '/var/log/gvm/gvmd.log' logfile: Permission denied ERROR: No users plant. You need to create at least one user to log in. FIX: create a user by running 'sudo runuser -u _gvm -- gvmd --create-user=<name> --password=<password>' Mistake: Your GVM-20.8.0 installation is not yet consummate! Please follow the instructions marked with Set above and run this script again.
At that place are several errors at one time, but the key ane is "Mistake: No users establish. You need to create at least one user to log in.", To fix it, run a command similar this:
sudo runuser -u _gvm -- gvmd --create-user=<USERNAME> --password=<Password>
For example, to create a user named mial and password 2:
sudo runuser -u _gvm -- gvmd --create-user=mial --password=two
The previous command failed:
Tin not open '/var/log/gvm/gvmd.log' logfile: Permission denied ** (process:2807): Error (recursed) **: Can not open up '/var/log/gvm/gvmd.log' logfile: Permission denied
The essence of the error is that the command does not have enough permissions to write to the /var/log/gvm/gvmd.log file, fifty-fifty though the previous command was run with sudo. To fix the error, run the following command:
sudo chmod 666 /var/log/gvm/gvmd.log
Then run the new user creation once more.
And ane more mistake at the seventh step:
Step 7: Checking if GVM services are up and running ... OK: ospd-openvas service is agile. Starting gvmd service Waiting for gvmd service OK: gvmd service is active. Starting greenbone-security-assistant service Task for greenbone-security-assistant.service failed because a fatal point was delivered to the control process. Come across "systemctl status greenbone-security-assistant.service" and "journalctl -xe" for details. Waiting for greenbone-security-banana service Error: greenbone-security-assistant service did non kickoff. Delight check journalctl -xe and /var/log/gvm/gsad.log ERROR: Your GVM-20.8.0 installation is not yet complete! Please follow the instructions marked with FIX higher up and run this script over again.
I don't know how to solve it completely, simply I know how to become effectually it.
Let's move on to starting the necessary services.
Do not forget that before starting the service you demand to start the Redis server, that is, type following earlier executing the primary control:
sudo systemctl start redis-server@openvas.service
Master service kickoff:
sudo gvm-start
And nosotros get the following:
[*] Delight wait for the GVM / OpenVAS services to get-go. [*] [*] Yous might need to refresh your browser in one case it opens. [*] [*] Spider web UI (Greenbone Security Assistant): https://127.0.0.1:9392 Job for greenbone-security-assistant.service failed because a fatal signal was delivered to the command process. Meet "systemctl status greenbone-security-banana.service" and "journalctl -xe" for details.
The essence of the messages is that everything started fine, except for the greenbone-security-assistant, that is, gsa, that is, Spider web UI (Greenbone Security Assistant), that is, the web interface.
You can see the contents of the log file:
true cat /var/log/gvm/gsad.log
Output:
gsad primary:Message:2021-04-15 09h07.55 utc:1650: Starting GSAD version 20.08.ane~git gsad main:CRITICAL:2021-04-15 09h07.55 utc:1651: main: start_https_daemon failed!
https daemon failed to outset .
gsad has a --http-only option which only runs HTTP without HTTPS. Let's utilise information technology:
sudo gsad --http-only
Again, the next message will exist displayed that something is wrong:
Oops, secure retentiveness pool already initialized
Still, the web interface is at present available at http://127.0.0.1:9392 (but not available at https://127.0.0.i:9392!).
Log in using the credentials that you came upwardly with when creating a new user.
To end the service:
sudo gvm-stop
Other:
sudo gvm-cli sudo gvm-feed-update sudo gvm-manage-certs sudo gvm-pyshell gvm-script
In the hereafter, sometimes run the command to update signatures:
sudo runuser -u _gvm -- greenbone-nvt-sync
If something does non work, then you can view the log with the command:
sudo cat /var/log/gvm/gvmd.log
Conclusion
One of the post-obit instructions will be devoted to how to work in Greenbone Vulnerability Direction (GVM) (formerly OpenVAS).
And practise non forget to write – have you encountered the described errors during installation?
Source: https://miloserdov.org/?p=6060
0 Response to "Error Reading Information on Service Pbs_mom: No Such File or Directory"
ارسال یک نظر