[Openvas-discuss] openvas hangs in 1%

Eero Volotinen eero.volotinen at iki.fi
Fri Jan 20 11:46:35 CET 2017


Well, think again.


1、Updating CPEs fail:
sent 92 bytes  received 1407 bytes  999.33 bytes/sec
total size is 744084026  speedup is 496386.94
[i] Updating CPEs
/usr/sbin/openvas-scapdata-sync: line 1063: 15932 Killed
 xsltproc --stringparam refdate $CVE_REFDATE $SCAP_RES_DIR/cpe_youngerthan.xsl
-
-:1: parser error : Document is empty
unable to parse -
[e] Update of CPEs failed: xsltproc exited with code 137


this means that your machine runs out of memory duting scapdata-sync. So
you must be running something like 1G memory?



--
Eero

2017-01-19 16:41 GMT+02:00 googu hr <hgoogur at gmail.com>:

> I am sure machine RAM is enough  ,
>
>
>
>
> Now, I in addition install openvas-8 from source packages , CentOS Linux
> release 7.3.1611
>
> haved other issue:
> # openvasmd --rebuild --progress
>         Rebuilding NVT cache... failed.
> ------
>  openvasmd.log:
>      md   main:WARNING:2017-01-19 14h21.13 utc:8083: sql_prepare_internal:
> sqlite3_prepare failed: no such table: main.meta
>      md   main:WARNING:2017-01-19 14h21.13 utc:8083: sql_x_internal:
> sql_prepare failed
> ------
> but, I examine the tasks.db ,
> # sqlite3 /usr/local/var/lib/openvas/mgr/tasks.db ".tables"
> agents                             port_ranges
> agents_trash                       port_ranges_trash
> alert_condition_data               report_counts
> alert_condition_data_trash         report_format_param_options
> alert_event_data                   report_format_param_options_trash
> alert_event_data_trash             report_format_params
> alert_method_data                  report_format_params_trash
> alert_method_data_trash            report_formats
> alerts                             report_formats_trash
> alerts_trash                       report_host_details
> config_preferences                 report_hosts
> config_preferences_trash           reports
> configs                            result_new_severities
> configs_trash                      result_overrides
> filters                            results
> filters_trash                      results_autofp
> group_users                        role_users
> group_users_trash                  role_users_trash
> groups                             roles
> groups_trash                       roles_trash
> lsc_credentials                    scanners
> lsc_credentials_trash              scanners_trash
> *meta*                               schedules
> notes                              schedules_trash
> notes_trash                        settings
> nvt_cves                           slaves
> nvt_preferences                    slaves_trash
> nvt_selectors                      tags
> nvts                               tags_trash
> overrides                          targets
> overrides_trash                    targets_trash
> permissions                        task_alerts
> permissions_trash                  task_files
> port_lists                         task_preferences
> port_lists_trash                   tasks
> port_names                         users
>
>
>
> why ,point : no such table: main.meta ?
>
>
>
> 2017-01-02 16:47 GMT+08:00 Eero Volotinen <eero.volotinen at iki.fi>:
>
>> Hi,
>>
>> This "usr/sbin/openvas-scapdata-sync: line 1063: 15932 Killed
>>        xsltproc --stringparam refdate $CVE_REFDATE
>> $SCAP_RES_DIR/cpe_youngerthan.xsl -
>> -:1: parser error : Document is empty"
>>
>> sounds like you need to add more ram to machine.
>>
>> Please also install supported version v8, not 7
>>
>> Eero
>>
>> --
>> Eero
>>
>> 2016-12-30 11:32 GMT+02:00 googu hr <hgoogur at gmail.com>:
>>
>>> hello
>>>   last day , i try setup openvas on the basis of
>>> http://www.openvas.org/install-packages-v7.html>>>
>>> ------------------------------------------------------------
>>> 1、Updating CPEs fail:
>>> sent 92 bytes  received 1407 bytes  999.33 bytes/sec
>>> total size is 744084026  speedup is 496386.94
>>> [i] Updating CPEs
>>> /usr/sbin/openvas-scapdata-sync: line 1063: 15932 Killed
>>>    xsltproc --stringparam refdate $CVE_REFDATE
>>> $SCAP_RES_DIR/cpe_youngerthan.xsl -
>>> -:1: parser error : Document is empty
>>> unable to parse -
>>> [e] Update of CPEs failed: xsltproc exited with code 137
>>>
>>> -----------------------------------------------------------------
>>> 2、openvas-check-setup:
>>> Step 1: Checking OpenVAS Scanner ...
>>>         OK: OpenVAS Scanner is present in version 5.0.7.
>>>         OK: OpenVAS Scanner CA Certificate is present as
>>> /var/lib/openvas/CA/cacert.pem.
>>>         OK: redis-server is present in version v=3.0.7.
>>>         OK: scanner (kb_location setting) is configured properly using
>>> the redis-server socket: /tmp/redis.sock
>>>         OK: redis-server is running and listening on socket:
>>> /tmp/redis.sock.
>>>         OK: redis-server configuration is OK and redis-server is running.
>>>         OK: NVT collection in /var/lib/openvas/plugins contains 51201
>>> NVTs.
>>>         WARNING: Signature checking of NVTs is not enabled in OpenVAS
>>> Scanner.
>>>         SUGGEST: Enable signature checking (see
>>> http://www.openvas.org/trusted-nvts.html).
>>>         OK: The NVT cache in /var/cache/openvas contains 51201 files for
>>> 51201 NVTs.
>>> Step 2: Checking OpenVAS Manager ...
>>>         OK: OpenVAS Manager is present in version 6.0.9.
>>>         OK: OpenVAS Manager client certificate is present as
>>> /var/lib/openvas/CA/clientcert.pem.
>>>         OK: OpenVAS Manager database found in
>>> /var/lib/openvas/mgr/tasks.db.
>>>         OK: Access rights for the OpenVAS Manager database are correct.
>>>         OK: sqlite3 found, extended checks of the OpenVAS Manager
>>> installation enabled.
>>>         OK: OpenVAS Manager database is at revision 146.
>>>         OK: OpenVAS Manager expects database at revision 146.
>>>         OK: Database schema is up to date.
>>>         OK: OpenVAS Manager database contains information about 51201
>>> NVTs.
>>>         OK: At least one user exists.
>>>         OK: OpenVAS SCAP database found in /var/lib/openvas/scap-data/sca
>>> p.db.
>>>         OK: OpenVAS CERT database found in /var/lib/openvas/cert-data/cer
>>> t.db.
>>>         OK: xsltproc found.
>>> Step 3: Checking user configuration ...
>>>         WARNING: Your password policy is empty.
>>>         SUGGEST: Edit the /etc/openvas/pwpolicy.conf file to set a
>>> password policy.
>>> Step 4: Checking Greenbone Security Assistant (GSA) ...
>>>         OK: Greenbone Security Assistant is present in version 6.0.11.
>>> Step 5: Checking OpenVAS CLI ...
>>>         OK: OpenVAS CLI version 1.4.5.
>>> Step 6: Checking Greenbone Security Desktop (GSD) ...
>>>         SKIP: Skipping check for Greenbone Security Desktop.
>>> Step 7: Checking if OpenVAS services are up and running ...
>>>         OK: netstat found, extended checks of the OpenVAS services
>>> enabled.
>>>         OK: OpenVAS Scanner is running and listening on all interfaces.
>>>         OK: OpenVAS Scanner is listening on port 9391, which is the
>>> default port.
>>>         OK: OpenVAS Manager is running and listening on all interfaces.
>>>         OK: OpenVAS Manager is listening on port 9390, which is the
>>> default port.
>>>         OK: Greenbone Security Assistant is listening on port 9392,
>>> which is the default port.
>>> Step 8: Checking nmap installation ...
>>>         WARNING: Your version of nmap is not fully supported: 6.47
>>>         SUGGEST: You should install nmap 5.51 if you plan to use the
>>> nmap NSE NVTs.
>>> Step 10: Checking presence of optional tools ...
>>>         OK: pdflatex found.
>>>         WARNING: PDF generation failed, most likely due to missing LaTeX
>>> packages. The PDF report format will not work.
>>>         SUGGEST: Install required LaTeX packages.
>>>         OK: ssh-keygen found, LSC credential generation for GNU/Linux
>>> targets is likely to work.
>>>         OK: rpm found, LSC credential package generation for RPM based
>>> targets is likely to work.
>>>         WARNING: Could not find alien binary, LSC credential package
>>> generation for DEB based targets will not work.
>>>         SUGGEST: Install alien.
>>>         OK: nsis found, LSC credential package generation for Microsoft
>>> Windows targets is likely to work.
>>>         OK: SELinux is disabled.
>>>
>>> It seems like your OpenVAS-8 installation is OK.
>>>
>>> --------------------------------------------
>>> first time , i can start the scan  and done it;but ,later then all is
>>>  hangs at 1%。
>>>
>>> later,i try openvas-setup and openvas-check-setup agian, and same for on
>>> stop 1 and  2。
>>> and i check the log of openvasmd.log ,like this:
>>> event task:MESSAGE:2016-12-29 17h29.07 UTC:2316: Task Immediate scan of
>>> IP 202.x.x.x (3ba19160-8097-49fa-9de7-46a22f7dbbe9) could not be
>>> started by admin
>>> lib auth:   INFO:2016-12-29 17h39.05 utc:2963: Authentication
>>> configuration not found.
>>> lib auth:   INFO:2016-12-29 17h39.33 utc:2998: Authentication
>>> configuration not found.
>>> lib auth:   INFO:2016-12-30 06h40.41 utc:15387: Authentication
>>> configuration not found.
>>> lib auth:   INFO:2016-12-30 06h40.57 utc:15405: Authentication
>>> configuration not found.
>>>
>>> i also try :# openvas-mkcert -f  and # openvas-mkcert-client -n om -i
>>>  and  reboot server。
>>> but  still is  hangs at 1%。
>>>
>>>
>>> now, how can i do ,thanks
>>>
>>>
>>>
>>> _______________________________________________
>>> Openvas-discuss mailing list
>>> Openvas-discuss at wald.intevation.org
>>> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/o
>>> penvas-discuss
>>>
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20170120/ff613e10/attachment.html>


More information about the Openvas-discuss mailing list