zoukankan      html  css  js  c++  java
  • 【Kali】Kali linux 2020.3版本openvas升级gvmd&gvmd无法启动解决方法

    Kali linux 2020.3 GVM使用

    安装GVM

      老版本的openvas只需要我们执行apt-get install openvas即可完成自动化的安装,新版本中需要我们手动安装GVM以及它的其他组件。

    查看Kali版本

    在安装前先看一下Kali的版本:

    # uname -a                                                                                                                                127 ↵
    Linux F0rGeEk 5.10.0-kali7-amd64 #1 SMP Debian 5.10.28-1kali1 (2021-04-12) x86_64 GNU/Linux
    

    安装组件

    需要安装的组件有:

    apt-get install gvmd gvmd-common gvmd-dbgsym
    

    初始化

    安装完成之后可以通过gvm-setup进行初始化:

    # gvm-setup
    ERROR: The default postgresql version is not 13 required by libgvmd
    Error: Use pg_upgradecluster to update your postgres cluster
    

    分析报错信息

      通过执行初始化命令后,发现有报错信息无法进行初始化配置。分析报错信息可知,主要原因是postgresql版本的问题导致无法进行初始化。

    查看postgresql版本

    通过dpkg -l | grep postgresql 可以查看当前系统中安装的postgresql是什么版本:

    # dpkg -l | grep postgresql                                                                                                                 1 ↵
    ii  postgresql                               13+225                              all          object-relational SQL database (supported version)
    ii  postgresql-11                            11.6-2~sid1                         amd64        object-relational SQL database, version 11 server
    ii  postgresql-12                            12.4-3                              amd64        object-relational SQL database, version 12 server
    ii  postgresql-13                            13.2-1                              amd64        The World's Most Advanced Open Source Relational Database
    ii  postgresql-client-11                     11.6-2~sid1                         amd64        front-end programs for PostgreSQL 11
    ii  postgresql-client-12                     12.4-3                              amd64        front-end programs for PostgreSQL 12
    ii  postgresql-client-13                     13.2-1                              amd64        front-end programs for PostgreSQL 13
    ii  postgresql-client-common                 225                                 all          manager for multiple PostgreSQL client versions
    ii  postgresql-common                        225                                 all          PostgreSQL database-cluster manager
    

      通过查看可知,kali默认是在原有postgresql基础上进行更新,并且保留了历史版本。我这里有三个版本11、12、13,通过执行pg_lsclusters可以得知这三个版本的postgresql都在运行。新版本postgresql通过在默认5432这个端口的基础上进行累加从而避免端口占用。

    查看postgresql监听端口

    # pg_lsclusters
    Ver Cluster Port Status Owner    Data directory              Log file
    11  main    5432 online postgres /var/lib/postgresql/11/main /var/log/postgresql/postgresql-11-main.log
    12  main    5433 online postgres /var/lib/postgresql/12/main /var/log/postgresql/postgresql-12-main.log
    13  main    5434 online postgres /var/lib/postgresql/13/main /var/log/postgresql/postgresql-13-main.log
    

      通过上述情况来看可以分析,GVM在启动的时候会去使用postgresql的默认端口5432去连接它,并且通过这个连接来判断当前postgresql版本。如果版本低于13则无法正常启动,因为GVM是基于postgresql 13 这个版本的。
      经过一番查找发现,这是Kali2020.3这个版本的一个bug。官方也有人提过这个bug,当然也给出了解决方案。感兴趣的朋友可以根据bug编号去查看处理过程。

    报错解决过程

    过程综述

      整个解决过程分为以下6步,每个步骤执行的详细过程下文会单独贴出来。

    1. 停止pg_clusters
    sudo pg_dropcluster 12 main --stop
    sudo pg_dropcluster 13 main --stop
    
    2. 确定所有clusters已停止
    sudo pg_lsclusters
    
    3. 重新执行gvm setup
    sudo gvm-check-setup
    
    4. 创建V13版本的pgsql并启动
    sudo pg_createcluster 13 main
    sudo pg_ctlcluster 13 main start
    
    5. 操作pqsql数据库并创建用户
    sudo runuser -u postgres -- /usr/share/gvm/create-postgresql-database
    sudo runuser -u _gvm -- gvmd --create-user=admin --password=<your_password_not_mine_obviously>
    
    6. 最后检查状态
    sudo gvm-check-setup
    sudo gvm-start
    

    执行gvm-check-setup

      首先执行gvm-check-setup,看看具体报错信息

    gvm-check-setup
    gvm-check-setup 20.8.0
      Test completeness and readiness of GVM-20.8.0
    Step 1: Checking OpenVAS (Scanner)...
            OK: OpenVAS Scanner is present in version 20.8.1.
            OK: Server CA Certificate is present as /var/lib/gvm/CA/servercert.pem.
    Checking permissions of /var/lib/openvas/gnupg/*
            OK: _gvm owns all files in /var/lib/openvas/gnupg
            OK: redis-server is present.
            OK: scanner (db_address setting) is configured properly using the redis-server socket: /var/run/redis-openvas/redis-server.sock
            OK: redis-server is running and listening on socket: /var/run/redis-openvas/redis-server.sock.
            OK: redis-server configuration is OK and redis-server is running.
            ERROR: _gvm group or _gvm user does not own all the files in /var/lib/openvas/plugins
            FIX: Run 'chown -R _gvm:_gvm /var/lib/openvas/plugins'
    
     ERROR: Your GVM-20.8.0 installation is not yet complete!
    
    Please follow the instructions marked with FIX above and run this
    script again.
    

      通过上面输出内容,我们发现gvm组和用户有问题,并提示执行"chown -R _gvm:_gvm /var/lib/openvas/plugins"进行修复。

    修复并再次检查

    # chown -R _gvm:_gvm /var/lib/openvas/plugins
    # gvm-check-setup
    gvm-check-setup 20.8.0
      Test completeness and readiness of GVM-20.8.0
    Step 1: Checking OpenVAS (Scanner)...
            OK: OpenVAS Scanner is present in version 20.8.1.
            OK: Server CA Certificate is present as /var/lib/gvm/CA/servercert.pem.
    Checking permissions of /var/lib/openvas/gnupg/*
            OK: _gvm owns all files in /var/lib/openvas/gnupg
            OK: redis-server is present.
            OK: scanner (db_address setting) is configured properly using the redis-server socket: /var/run/redis-openvas/redis-server.sock
            OK: redis-server is running and listening on socket: /var/run/redis-openvas/redis-server.sock.
            OK: redis-server configuration is OK and redis-server is running.
            OK: _gvm owns all files in /var/lib/openvas/plugins
            OK: NVT collection in /var/lib/openvas/plugins contains 61068 NVTs.
    Checking that the obsolete redis database has been removed
            OK: No old Redis DB
            OK: ospd-OpenVAS is present in version 20.8.1.
    Step 2: Checking GVMD Manager ...
            OK: GVM Manager (gvmd) is present in version 20.08.1.
    Step 3: Checking Certificates ...
            OK: GVM client certificate is valid and present as /var/lib/gvm/CA/clientcert.pem.
            OK: Your GVM certificate infrastructure passed validation.
    Step 4: Checking data ...
            OK: SCAP data found in /var/lib/gvm/scap-data.
            OK: CERT data found in /var/lib/gvm/cert-data.
    Step 5: Checking Postgresql DB and user ...
            ERROR: The default postgresql version is not the one used for gvmd compilation: (11, need 13).
            FIX: Please use pg_upgradecluster to upgrade your postgresql installation
    
     ERROR: Your GVM-20.8.0 installation is not yet complete!
    
    Please follow the instructions marked with FIX above and run this
    script again.
    

      这次报错主要是postgresql版本的问题,下面我们按照综述中的步骤依次解决:

    停止pg_clusters

    #  pg_lsclusters                                                                                                                            
    Ver Cluster Port Status Owner    Data directory              Log file
    11  main    5432 online postgres /var/lib/postgresql/11/main /var/log/postgresql/postgresql-11-main.log
    12  main    5433 online postgres /var/lib/postgresql/12/main /var/log/postgresql/postgresql-12-main.log
    13  main    5434 online postgres /var/lib/postgresql/13/main /var/log/postgresql/postgresql-13-main.log
    
    # pg_dropcluster 11 main --stop
    ╭─root@F0rGeEk ~
    ╰─# pg_dropcluster 12 main --stop
    ╭─root@F0rGeEk ~
    ╰─# pg_dropcluster 13 main --stop
     #### 再次检查
    # pg_lsclusters
    Ver Cluster Port Status Owner Data directory Log file
    
    ╭─root@F0rGeEk ~ 
    ╰─# gvm-check-setup 
    gvm-check-setup 20.8.0
      Test completeness and readiness of GVM-20.8.0
    Step 1: Checking OpenVAS (Scanner)... 
            OK: OpenVAS Scanner is present in version 20.8.1.
            OK: Server CA Certificate is present as /var/lib/gvm/CA/servercert.pem.
    Checking permissions of /var/lib/openvas/gnupg/*
            OK: _gvm owns all files in /var/lib/openvas/gnupg
            OK: redis-server is present.
            OK: scanner (db_address setting) is configured properly using the redis-server socket: /var/run/redis-openvas/redis-server.sock
            OK: redis-server is running and listening on socket: /var/run/redis-openvas/redis-server.sock.
            OK: redis-server configuration is OK and redis-server is running.
            OK: _gvm owns all files in /var/lib/openvas/plugins
            OK: NVT collection in /var/lib/openvas/plugins contains 61068 NVTs.
    Checking that the obsolete redis database has been removed
            OK: No old Redis DB
            OK: ospd-OpenVAS is present in version 20.8.1.
    Step 2: Checking GVMD Manager ... 
            OK: GVM Manager (gvmd) is present in version 20.08.1.
    Step 3: Checking Certificates ... 
            OK: GVM client certificate is valid and present as /var/lib/gvm/CA/clientcert.pem.
            OK: Your GVM certificate infrastructure passed validation.
    Step 4: Checking data ... 
            OK: SCAP data found in /var/lib/gvm/scap-data.
            OK: CERT data found in /var/lib/gvm/cert-data.
    Step 5: Checking Postgresql DB and user ... 
    /usr/bin/gvm-check-setup: line 353: [: =: unary operator expected
    /usr/bin/gvm-check-setup: line 359: [: -ne: unary operator expected
            OK: Postgresql version and default port are OK.
    psql: error: could not connect to server: No such file or directory
    	Is the server running locally and accepting
    	connections on Unix domain socket "/var/run/postgresql/.s.PGSQL.5432"?
            ERROR: The Postgresql DB does not exist.
            FIX: Run 'sudo runuser -u postgres -- /usr/share/gvm/create-postgresql-database'
    
     ERROR: Your GVM-20.8.0 installation is not yet complete!
    
    Please follow the instructions marked with FIX above and run this
    script again.
    

      通过上面检查结果可以看出,版本问题已解决,不再提示版本错误信息。这里的错误信息是说The Postgresql DB不存在,同时也给出了解决方法:“sudo runuser -u postgres -- /usr/share/gvm/create-postgresql-database”

    启用V13版本postgresql并创建用户

    # pg_createcluster 13 main                                                                                                                 
    Creating new PostgreSQL cluster 13/main ...
    /usr/lib/postgresql/13/bin/initdb -D /var/lib/postgresql/13/main --auth-local peer --auth-host md5
    The files belonging to this database system will be owned by user "postgres".
    This user must also own the server process.
    
    The database cluster will be initialized with locale "en_US.UTF-8".
    The default database encoding has accordingly been set to "UTF8".
    The default text search configuration will be set to "english".
    
    Data page checksums are disabled.
    
    fixing permissions on existing directory /var/lib/postgresql/13/main ... ok
    creating subdirectories ... ok
    selecting dynamic shared memory implementation ... posix
    selecting default max_connections ... 100
    selecting default shared_buffers ... 128MB
    selecting default time zone ... Asia/Ulaanbaatar
    creating configuration files ... ok
    running bootstrap script ... ok
    performing post-bootstrap initialization ... ok
    syncing data to disk ... ok
    
    Success. You can now start the database server using:
    
        pg_ctlcluster 13 main start
    
    Ver Cluster Port Status Owner    Data directory              Log file
    13  main    5432 down   postgres /var/lib/postgresql/13/main /var/log/postgresql/postgresql-13-main.log
     ### 启动V13版本
    ╭─root@F0rGeEk ~ 
    ╰─# pg_ctlcluster 13 main start
     ### 创建数据库
    ╭─root@F0rGeEk ~ 
    ╰─# runuser -u postgres -- /usr/share/gvm/create-postgresql-database
    CREATE ROLE
    GRANT ROLE
    CREATE EXTENSION
    CREATE EXTENSION
     ### 创建用户
    ╭─root@F0rGeEk ~ 
    ╰─# runuser -u _gvm -- gvmd --create-user=admin --password=admin                                                                              1 ↵
    User created.
    

      再次检查

    #  gvm-check-setup
    gvm-check-setup 20.8.0
      Test completeness and readiness of GVM-20.8.0
    Step 1: Checking OpenVAS (Scanner)... 
            OK: OpenVAS Scanner is present in version 20.8.1.
            OK: Server CA Certificate is present as /var/lib/gvm/CA/servercert.pem.
    Checking permissions of /var/lib/openvas/gnupg/*
            OK: _gvm owns all files in /var/lib/openvas/gnupg
            OK: redis-server is present.
            OK: scanner (db_address setting) is configured properly using the redis-server socket: /var/run/redis-openvas/redis-server.sock
            OK: redis-server is running and listening on socket: /var/run/redis-openvas/redis-server.sock.
            OK: redis-server configuration is OK and redis-server is running.
            OK: _gvm owns all files in /var/lib/openvas/plugins
            OK: NVT collection in /var/lib/openvas/plugins contains 61068 NVTs.
    Checking that the obsolete redis database has been removed
            OK: No old Redis DB
            OK: ospd-OpenVAS is present in version 20.8.1.
    Step 2: Checking GVMD Manager ... 
            OK: GVM Manager (gvmd) is present in version 20.08.1.
    Step 3: Checking Certificates ... 
            OK: GVM client certificate is valid and present as /var/lib/gvm/CA/clientcert.pem.
            OK: Your GVM certificate infrastructure passed validation.
    Step 4: Checking data ... 
            OK: SCAP data found in /var/lib/gvm/scap-data.
            OK: CERT data found in /var/lib/gvm/cert-data.
    Step 5: Checking Postgresql DB and user ... 
            OK: Postgresql version and default port are OK.
     gvmd      | _gvm     | UTF8     | en_US.UTF-8 | en_US.UTF-8 | 
            OK: At least one user exists.
    Step 6: Checking Greenbone Security Assistant (GSA) ... 
    Oops, secure memory pool already initialized
            OK: Greenbone Security Assistant is present in version 20.08.1~git.
    Step 7: Checking if GVM services are up and running ... 
            OK: ospd-openvas service is active.
            OK: gvmd service is active.
            Starting greenbone-security-assistant service
            Waiting for greenbone-security-assistant service
            OK: greenbone-security-assistant service is active.
    Step 8: Checking few other requirements...
            OK: nmap is present in version 20.08.1~git.
            OK: ssh-keygen found, LSC credential generation for GNU/Linux targets is likely to work.
            WARNING: Could not find makensis binary, LSC credential package generation for Microsoft Windows targets will not work.
            SUGGEST: Install nsis.
            OK: xsltproc found.
            WARNING: Your password policy is empty.
            SUGGEST: Edit the /etc/gvm/pwpolicy.conf file to set a password policy.
    
    It seems like your GVM-20.8.0 installation is OK.
    

    启动GVM

    # gvm-start
    [-] Something is already using port: 9392/tcp
    COMMAND    PID USER   FD   TYPE  DEVICE SIZE/OFF NODE NAME
    gsad    445980 _gvm    5u  IPv4 9849865      0t0  TCP localhost:9392 (LISTEN)
    
    UID          PID    PPID  C STIME TTY      STAT   TIME CMD
    _gvm      445980       1  0 11:16 ?        Sl     0:00 /usr/sbin/gsad --listen=127.0.0.1 --port=9392
    
    ### 查看gvmd服务状态
    
    ╭─root@F0rGeEk ~
    ╰─# service gvmd status                                                                                                                       
    ● gvmd.service - Greenbone Vulnerability Manager daemon (gvmd)
         Loaded: loaded (/lib/systemd/system/gvmd.service; disabled; vendor preset: disabled)
         Active: active (running) since Fri 2021-05-21 11:15:47 +08; 49s ago
           Docs: man:gvmd(8)
        Process: 445783 ExecStart=/usr/sbin/gvmd --osp-vt-update=/run/ospd/ospd.sock (code=exited, status=0/SUCCESS)
       Main PID: 445785 (gvmd)
          Tasks: 5 (limit: 18697)
         Memory: 1.1G
            CPU: 1min 29.686s
         CGroup: /system.slice/gvmd.service
                 ├─445785 gvmd: Waiting for incoming connections
                 ├─445812 gpg-agent --homedir /var/lib/gvm/gvmd/gnupg --use-standard-socket --daemon
                 ├─445822 gvmd: Reloading NVTs
                 ├─445823 gvmd: Syncing SCAP: Updating CPEs
                 └─445824 gvmd: OSP: Updating NVT cache
    
    May 21 11:15:45 F0rGeEk systemd[1]: Starting Greenbone Vulnerability Manager daemon (gvmd)...
    May 21 11:15:45 F0rGeEk systemd[1]: gvmd.service: Can't open PID file /run/gvm/gvmd.pid (yet?) after start: Operation not permitted
    May 21 11:15:47 F0rGeEk systemd[1]: Started Greenbone Vulnerability Manager daemon (gvmd).
    

    大工告成

    本文为原创,遵循BY-NC-ND版权协议,转载请附上原文出处链接和本声明。By:【F0rGeEk】
  • 相关阅读:
    关于Jupyter Notebook默认起始目录设置无效的解决方法
    关于二叉树中度为0与度为2节点数关系证明
    LeetCode第[3]题(Java):Longest Substring Without Repeating Characters 标签:Linked List
    数据结构,物理结构,存储结构,逻辑结构的区分
    条件变量 sync.Cond
    defer 的常用场景
    switch...case... 语句中的类型转换
    golang 切片和数组在for...range中的区别
    golang 并发顺序输出数字
    Golang 中哪些值是不可以寻址的
  • 原文地址:https://www.cnblogs.com/4geek/p/14794607.html
Copyright © 2011-2022 走看看