View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
0002340Kali LinuxKali Package Improvementpublic2015-06-18 13:512015-07-28 15:49
Reporterg0tmi1k Assigned Torhertzog  
PrioritynormalSeverityminorReproducibilityhave not tried
Status resolvedResolutionfixed 
Product Version2.0 
Fixed in Version2.0 
Summary0002340: OpenVAS 8 - openvas-start
Description

File: /etc/init.d/openvas-scanner

Line 27: DODTIME=5

Using the default value of '5' the service doesn't always start up for me. Increasing it to '10' works every time for me.

Line: 158: echo " not running."

There is a typo, a leading space.
Currently: echo " not running."
FIx: echo "not running."

File: /usr/bin/openvas-start

Line 2: echo "Starting OpenVas Services"

I suggest that it has a new line at the end:
Currently: echo "Starting OpenVas Services"
Fix: echo -e "[i] Starting OpenVAS Services\n"

File: /usr/bin/openvas-stop

Line 2: echo "Stopping OpenVas Services"

I suggest that it has a new line at the end:
Currently: echo "Stopping OpenVas Services"
Fix: echo -e "[i] Stopping OpenVAS Services\n"

I think there should also be a check to see if the process 'OpenVAS Scanner (openvassd)' has really been stopped correctly (- possibly the other two services also).
I've had times where the service reported it was stopped without any errors, but netstat/ps show the service still running (- thus when you re-run start in this state, it will fail to start up).
Happens also if OpenVAS crashes...

Attached Files
openvas-start (158 bytes)    
#!/bin/bash
echo -e "[i] Starting OpenVAS Services\n"
service greenbone-security-assistant start
service openvas-scanner start
service openvas-manager start
openvas-start (158 bytes)   
openvas-stop (155 bytes)    
#!/bin/bash
echo -e "[i] Stopping OpenVAS Services\n"
service greenbone-security-assistant stop
service openvas-scanner stop
service openvas-manager stop
openvas-stop (155 bytes)   

Activities

g0tmi1k

g0tmi1k

2015-07-27 09:27

administrator   ~0003595

Also:
curl --progress -k -L -f "http://www.openvas.org/OpenVAS_TI.asc" | gpg --import -

More information: http://www.openvas.org/trusted-nvts.html
rhertzog

rhertzog

2015-07-28 11:51

administrator   ~0003605

For the various problems with the init script I think that I'll provide a systemd service file that will likely work better... I will still increase DODTIME to 25 for the users that might run the script manually.

For the suggestion to use "echo -e ...\n" I don't really understand it. echo "..." outputs a newline by default. I don't see why you would want a supplementary newline character.

For the last suggestion about http://www.openvas.org/trusted-nvts.html I'm not sure what you want... none of the *-sync scripts seem to make use of any PGP signature so I don't really understand what setup you want to achieve. It's possibly best left to the user ?
rhertzog

rhertzog

2015-07-28 15:49

administrator   ~0003614

I pushed openvas-scanner 5.0.1-0kali3, openvas-manager 6.0.1-0kali2 and greenbone-security-assistant 6.0.1-0kali2 with systemd service units. This should make the service handling more resilient.

Please test and report back any problem.

The only problem that I noticed is that "openvassd" (scanner) kills itself with SIGKILL during shutdown. But this is not a new problem... it's just more visible as it appears in systemctl status openvas-scanner:

systemctl status openvas-scanner.service

● openvas-scanner.service - Open Vulnerability Assessment System Scanner Daemon
Loaded: loaded (/lib/systemd/system/openvas-scanner.service; disabled)
Active: failed (Result: signal) since mar. 2015-07-28 11:47:33 EDT; 56s ago
Docs: man:openvassd(8)
http://www.openvas.org/
Process: 5345 ExecStart=/usr/sbin/openvassd --listen=127.0.0.1 --port=9391 (code=exited, status=0/SUCCESS)
Main PID: 5356 (code=killed, signal=KILL)

juil. 28 11:47:33 kali-sana systemd[1]: openvas-scanner.service: main process exited, code=killed...KILL
juil. 28 11:47:33 kali-sana systemd[1]: Unit openvas-scanner.service entered failed state.
Hint: Some lines were ellipsized, use -l to show in full.

Issue History

Date Modified Username Field Change
2015-06-18 13:51 g0tmi1k New Issue
2015-07-27 09:27 g0tmi1k Note Added: 0003595
2015-07-27 09:30 g0tmi1k Product Version => 2.0
2015-07-27 09:30 g0tmi1k Description Updated
2015-07-27 09:31 g0tmi1k File Added: openvas-start
2015-07-27 09:31 g0tmi1k File Added: openvas-stop
2015-07-27 14:43 rhertzog Assigned To => rhertzog
2015-07-27 14:43 rhertzog Status new => assigned
2015-07-28 11:51 rhertzog Note Added: 0003605
2015-07-28 15:49 rhertzog Note Added: 0003614
2015-07-28 15:49 rhertzog Status assigned => resolved
2015-07-28 15:49 rhertzog Fixed in Version => 2.0
2015-07-28 15:49 rhertzog Resolution open => fixed