Проблема Openvas SCAP and/or CERT database missing on OMP server.

[robdollard]

Установил Openvas при заходе в админку вылезает такое предупреждение, как я понял не может обновить базу, но решения не нашел.

Warning: SecInfo Database Missing

Выполнил check-setup лог ниже

openvas-check-setup 2.3.7
  Mode:  desktop
  Date:  Wed, 30 May 2018 08:32:02 +0300

Checking for old OpenVAS Scanner <= 2.0 ...
/usr/bin/openvas-check-setup: 184: /usr/bin/openvas-check-setup: openvasd: not found

Checking presence of OpenVAS Scanner ...
OpenVAS Scanner 5.1.1
Most new code since 2005: (C) 2016 Greenbone Networks GmbH
Nessus origin: (C) 2004 Renaud Deraison <deraison@nessus.org>
License GPLv2: GNU GPL version 2
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.


Checking OpenVAS Scanner version ...

        OK: OpenVAS Scanner is present in version 5.1.1.
plugins_folder = /var/lib/openvas/plugins
cache_folder = /var/cache/openvas
include_folders = /var/lib/openvas/plugins
max_hosts = 30
max_checks = 10
be_nice = no
logfile = /var/log/openvas/openvassd.messages
log_whole_attack = no
log_plugins_name_at_load = no
dumpfile = /var/log/openvas/openvassd.dump
cgi_path = /cgi-bin:/scripts
optimize_test = yes
checks_read_timeout = 5
network_scan = no
non_simult_ports = 139, 445
plugins_timeout = 320
scanner_plugins_timeout = 36000
safe_checks = yes
auto_enable_dependencies = yes
use_mac_addr = no
nasl_no_signature_check = yes
drop_privileges = no
unscanned_closed = yes
unscanned_closed_udp = yes
vhosts =
vhosts_ip =
report_host_details = yes
kb_location = /var/run/redis-openvas/redis-server.sock
timeout_retry = 3
config_file = /etc/openvas/openvassd.conf
Checking presence of redis ...
        OK: redis-server is present in version v=4.0.9.

Checking if redis-server is configured properly to run with openVAS ...
        OK: scanner (kb_location setting) is configured properly using the redis-server socket: /var/run/redis-openvas/redis-server.sock
Checking if redis-server is running ...
        OK: redis-server is running and listening on socket: /var/run/redis-openvas/redis-server.sock.
        OK: redis-server configuration is OK and redis-server is running.

Checking NVT collection ...

        OK: NVT collection in /var/lib/openvas/plugins contains 45187 NVTs.
Checking status of signature checking in OpenVAS Scanner ...
        WARNING: Signature checking of NVTs is not enabled in OpenVAS Scanner.
        SUGGEST: Enable signature checking (see http://www.openvas.org/trusted-nvts.html).

        OK: The NVT cache in /var/cache/openvas contains 45187 files for 45187 NVTs.

Checking presence of OpenVAS Manager ...
OpenVAS Manager 7.0.2
Manager DB revision 184
Copyright (C) 2010-2016 Greenbone Networks GmbH
License GPLv2+: GNU GPL version 2 or later
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.



        OK: OpenVAS Manager is present in version 7.0.2.
Checking OpenVAS Manager database ...

        OK: OpenVAS Manager database found in /var/lib/openvas/mgr/tasks.db.
Checking access rights of OpenVAS Manager database ...

        OK: Access rights for the OpenVAS Manager database are correct.
Checking sqlite3 presence ...
        OK: sqlite3 found, extended checks of the OpenVAS Manager installation enabled.

Checking OpenVAS Manager database revision ...
        OK: OpenVAS Manager database is at revision 184.
Checking database revision expected by OpenVAS Manager ...
        OK: OpenVAS Manager expects database at revision 184.
        OK: Database schema is up to date.
Checking OpenVAS Manager database (NVT data) ...
        OK: OpenVAS Manager database contains information about 45183 NVTs.
Checking if users exist ...
        OK: At least one user exists.

Checking OpenVAS SCAP database ...
        ERROR: No OpenVAS SCAP database found. (Tried: /var/lib/openvas/scap-data/scap.db)
        FIX: Run a SCAP synchronization script like greenbone-scapdata-sync.

хотелось бы найти решение без переустановки Openvas, есть ли решение?

 

[pr0phet]

Установил Openvas при заходе в админку вылезает такое предупреждение, как я понял не может обновить базу, но решения не нашел.

Warning: SecInfo Database Missing

Выполнил check-setup лог ниже

openvas-check-setup 2.3.7
  Mode:  desktop
  Date:  Wed, 30 May 2018 08:32:02 +0300

Checking for old OpenVAS Scanner <= 2.0 ...
/usr/bin/openvas-check-setup: 184: /usr/bin/openvas-check-setup: openvasd: not found

Checking presence of OpenVAS Scanner ...
OpenVAS Scanner 5.1.1
Most new code since 2005: (C) 2016 Greenbone Networks GmbH
Nessus origin: (C) 2004 Renaud Deraison <deraison@nessus.org>
License GPLv2: GNU GPL version 2
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.


Checking OpenVAS Scanner version ...

        OK: OpenVAS Scanner is present in version 5.1.1.
plugins_folder = /var/lib/openvas/plugins
cache_folder = /var/cache/openvas
include_folders = /var/lib/openvas/plugins
max_hosts = 30
max_checks = 10
be_nice = no
logfile = /var/log/openvas/openvassd.messages
log_whole_attack = no
log_plugins_name_at_load = no
dumpfile = /var/log/openvas/openvassd.dump
cgi_path = /cgi-bin:/scripts
optimize_test = yes
checks_read_timeout = 5
network_scan = no
non_simult_ports = 139, 445
plugins_timeout = 320
scanner_plugins_timeout = 36000
safe_checks = yes
auto_enable_dependencies = yes
use_mac_addr = no
nasl_no_signature_check = yes
drop_privileges = no
unscanned_closed = yes
unscanned_closed_udp = yes
vhosts =
vhosts_ip =
report_host_details = yes
kb_location = /var/run/redis-openvas/redis-server.sock
timeout_retry = 3
config_file = /etc/openvas/openvassd.conf
Checking presence of redis ...
        OK: redis-server is present in version v=4.0.9.

Checking if redis-server is configured properly to run with openVAS ...
        OK: scanner (kb_location setting) is configured properly using the redis-server socket: /var/run/redis-openvas/redis-server.sock
Checking if redis-server is running ...
        OK: redis-server is running and listening on socket: /var/run/redis-openvas/redis-server.sock.
        OK: redis-server configuration is OK and redis-server is running.

Checking NVT collection ...

        OK: NVT collection in /var/lib/openvas/plugins contains 45187 NVTs.
Checking status of signature checking in OpenVAS Scanner ...
        WARNING: Signature checking of NVTs is not enabled in OpenVAS Scanner.
        SUGGEST: Enable signature checking (see http://www.openvas.org/trusted-nvts.html).

        OK: The NVT cache in /var/cache/openvas contains 45187 files for 45187 NVTs.

Checking presence of OpenVAS Manager ...
OpenVAS Manager 7.0.2
Manager DB revision 184
Copyright (C) 2010-2016 Greenbone Networks GmbH
License GPLv2+: GNU GPL version 2 or later
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.



        OK: OpenVAS Manager is present in version 7.0.2.
Checking OpenVAS Manager database ...

        OK: OpenVAS Manager database found in /var/lib/openvas/mgr/tasks.db.
Checking access rights of OpenVAS Manager database ...

        OK: Access rights for the OpenVAS Manager database are correct.
Checking sqlite3 presence ...
        OK: sqlite3 found, extended checks of the OpenVAS Manager installation enabled.

Checking OpenVAS Manager database revision ...
        OK: OpenVAS Manager database is at revision 184.
Checking database revision expected by OpenVAS Manager ...
        OK: OpenVAS Manager expects database at revision 184.
        OK: Database schema is up to date.
Checking OpenVAS Manager database (NVT data) ...
        OK: OpenVAS Manager database contains information about 45183 NVTs.
Checking if users exist ...
        OK: At least one user exists.

Checking OpenVAS SCAP database ...
        ERROR: No OpenVAS SCAP database found. (Tried: /var/lib/openvas/scap-data/scap.db)
        FIX: Run a SCAP synchronization script like greenbone-scapdata-sync.

хотелось бы найти решение без переустановки Openvas, есть ли решение?

Вы пробовали делать то,что советует сделать сканер?
greenbone-scapdata-sync

 

[robdollard]

Да я выполнил рекомендации, но ошибка остается

 

[pr0phet]

Да я выполнил рекомендации, но ошибка остается
Посмотреть вложение 18834

Так же можно попробовать:
greenbone-certdata-sync
greenbone-scapdata-syn
Если не поможет проще переустановить:
apt-get purge openvas
apt-get install openvas
openvas-setup
Вы ничего не потеряете. Все настройки и сканы сохранятся.

 

[robdollard]

Вы пробовали делать то,что советует сделать сканер?
greenbone-scapdata-sync

Так же можно попробовать:
greenbone-certdata-sync
greenbone-scapdata-syn
Если не поможет проще переустановить:
apt-get purge openvas
apt-get install openvas
openvas-setup
Вы ничего не потеряете. Все настройки и сканы сохранятся.

Благодарю, как я понял после выполнения команд которые вы написали база создалась, просто уведомление не исчезает, а так все работает коректно. Спасибо за помощь.

 

[1984]

При запуске Openvas на Kali Linux получаю ошибку:

greenbone-security-assistant.service: Failed with result 'exit-code'.

При этом не удается залогиниться, получаю ошибку: Unknown Error

Лог при запуске команды gvm-check-setup чистый

gvm-check-setup 1.0.0
  Test completeness and readiness of GVM-11
Step 1: Checking OpenVAS (Scanner)...
        OK: OpenVAS Scanner is present in version 7.0.1.
        OK: Server CA Certificate is present as /var/lib/gvm/CA/servercert.pem.
Checking permissions of /var/lib/openvas/gnupg/*
        OK: _gvm owns all files in /var/lib/openvas/gnupg
        OK: redis-server is present.
        OK: scanner (db_address setting) is configured properly using the redis-server socket: /var/run/redis-openvas/redis-server.sock
        OK: redis-server is running and listening on socket: /var/run/redis-openvas/redis-server.sock.
        OK: redis-server configuration is OK and redis-server is running.
        OK: _gvm owns all files in /var/lib/openvas/plugins
        OK: NVT collection in /var/lib/openvas/plugins contains 61819 NVTs.
Checking that the obsolete redis database has been removed
        OK: No old Redis DB
        OK: OpenVAS Scanner is present in version 1.0.1.
Step 2: Checking GVMD Manager ...
        OK: GVM Manager (gvmd) is present in version 9.0.1.
Step 3: Checking Certificates ...
        OK: GVM client certificate is valid and present as /var/lib/gvm/CA/clientcert.pem.
        OK: Your GVM certificate infrastructure passed validation.
Step 4: Checking data ...
        OK: SCAP data found in /var/lib/gvm/scap-data.
        OK: CERT data found in /var/lib/gvm/cert-data.
Step 5: Checking Postgresql DB and user ...
        OK: Postgresql version and default port are OK.
could not change directory to "/root": Permission denied
 gvmd      | _gvm     | UTF8     | en_US.UTF-8 | en_US.UTF-8 |
        OK: At least one user exists.
Step 6: Checking Greenbone Security Assistant (GSA) ...
Oops, secure memory pool already initialized
        OK: Greenbone Security Assistant is present in version 9.0.1.
Step 7: Checking if GVM services are up and running ...
        Starting ospd-openvas service
        Waiting for ospd-openvas service
        OK: ospd-openvas service is active.
        Starting gvmd service
        Waiting for gvmd service
        OK: gvmd service is active.
        Starting greenbone-security-assistant service
        Waiting for greenbone-security-assistant service
        OK: greenbone-security-assistant service is active.
Step 8: Checking GVM database ...
could not change directory to "/root": Permission denied
        OK: portnames are in database.
Step 9: Checking few other requirements...
        OK: nmap is present in version 9.0.1.
        OK: ssh-keygen found, LSC credential generation for GNU/Linux targets is likely to work.
        OK: nsis found, LSC credential package generation for Microsoft Windows targets is likely to work.
        OK: xsltproc found.
        OK: The password policy file at /etc/gvm/pwpolicy.conf contains entries.

It seems like your GVM-11 installation is OK.

Может кто сталкивался?

Переустановка не помогла.