Comments (4)
It looks like the database is running out of file descriptors. Try to increase the limit on max file descriptors on your host system.
For the results not showing, click the black X to the right of the filter text box.
from gvm-docker.
Hi,
I have downloaded the latest commit and perform another round of scan with it. I noticed I got some warning regarding DB once the GSA is ready for use:
++++++++++++++++++++++++++++++++++++++++++++++
+Your GVM 11 container is now ready to use! +
++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++
+Tailing logs +
++++++++++++++++
==> /usr/local/var/log/gvm/gsad.log <==
gsad main:MESSAGE:2020-06-03 06h02.13 utc:421: Starting GSAD version 9.0.1
==> /usr/local/var/log/gvm/gvmd.log <==
md manage: INFO:2020-06-03 06h02.03 utc:400: update_scap: Initializing SCAP database
md manage: INFO:2020-06-03 06h02.03 utc:402: sync_cert: Updating data from feed
md manage: INFO:2020-06-03 06h02.03 utc:402: update_dfn_xml: dfn-cert-2019.xml
md manage: INFO:2020-06-03 06h02.03 utc:402: Updating /usr/local/var/lib/gvm/cert-data/dfn-cert-2019.xml
md manage: INFO:2020-06-03 06h02.03 utc:400: update_scap: Updating data from feed
md manage: INFO:2020-06-03 06h02.03 utc:400: Updating CPEs
md main:MESSAGE:2020-06-03 06h02.08 utc:412: Greenbone Vulnerability Manager version 9.0.1 (DB revision 221)
md manage: INFO:2020-06-03 06h02.08 utc:412: Creating user.
md manage:WARNING:2020-06-03 06h02.08 utc:412: database must be initialised from scanner
md manage: INFO:2020-06-03 06h02.13 utc:401: OSP service has newer VT status (version 202006020940) than in database (version (null), 0 VTs). Starting update ...
Then I proceed to wait for all SecInfo data to finish loading, but there is error related to CERT-Bund (no target, scan config or scan task created yet at this point):
md manage: INFO:2020-06-03 07h01.40 utc:400: Updating user OVAL definitions.
md manage: INFO:2020-06-03 07h01.40 utc:400: Updating CVSS scores and CVE counts for CPEs
md manage: INFO:2020-06-03 07h11.08 utc:400: Updating CVSS scores for OVAL definitions
md manage: INFO:2020-06-03 07h11.22 utc:400: Updating placeholder CPEs
md manage: INFO:2020-06-03 07h15.19 utc:400: update_scap: Updating SCAP info succeeded
md manage:WARNING:2020-06-03 07h15.28 utc:400: sql_exec_internal: PQexec failed: ERROR: relation "cert_bund_advs" does not exist
LINE 1: SELECT EXISTS (SELECT * FROM cert_bund_advs WHERE creation_...
^
(7)
md manage:WARNING:2020-06-03 07h15.28 utc:400: sql_exec_internal: SQL: SELECT EXISTS (SELECT * FROM cert_bund_advs WHERE creation_time > coalesce (CAST ((SELECT value FROM meta WHERE name = 'cert_check_time') AS INTEGER), 0));
md manage:WARNING:2020-06-03 07h15.28 utc:400: sql_x_internal: sql_exec_internal failed
==> /usr/local/var/log/gvm/gsad.log <==
Then when I finally run a scan, I still got the same error (as the first post above). My Docker also subsequently froze, so I have to restart it. Im not sure if this error is related to the DB warnings mentioned above or my Docker version (The same target successfully scanned using MacOS High Sierra v10.13.6 and Docker Desktop v2.3.0.2 (45183) without below error displayed):
==> /usr/local/var/log/gvm/openvas.log <==
sd main:MESSAGE:2020-06-03 04h16.45 utc:3365: openvas 7.0.1 started
sd main:MESSAGE:2020-06-03 04h16.57 utc:3365: Starts a new scan. Target(s) : XX.XX.XX.XXX, XX.XX.XXX.XXX, XX.XXX.X.XX, with max_hosts = 20 and max_checks = 4
sd main:MESSAGE:2020-06-03 04h16.57 utc:3429: Testing XX.XX.XXX.XXX (Vhosts: ec2-XX.XX.XX.XXX-amazonaws.com) [3429]
sd main:MESSAGE:2020-06-03 04h16.57 utc:3427: Testing XX.XX.XXX.XXX (Vhosts: ec2-XX.XX.XX.XXX-amazonaws.com) [3427]
sd main:MESSAGE:2020-06-03 04h16.57 utc:3428: Testing XX.XX.XXX.XXX (Vhosts: ec2-XX.XX.XX.XXX-amazonaws.com) [3428]
==> /usr/local/var/log/gvm/gvmd.log <==
md manage:WARNING:2020-06-03 04h17.06 utc:3494: sql_open: PQconnectPoll failed
md manage:WARNING:2020-06-03 04h17.06 utc:3494: sql_open: PQerrorMessage (conn): FATAL: could not open relation mapping file "global/pg_filenode.map": Too many open files in system
md manage:WARNING:2020-06-03 04h17.49 utc:3567: init_manage_process: sql_open failed
md manage: INFO:2020-06-03 04h17.50 utc:386: Updating /usr/local/var/lib/gvm/scap-data/nvdcve-2.0-2008.xml
md manage:WARNING:2020-06-03 04h17.52 utc:3571: sql_open: PQconnectPoll failed
For additional information, I am using:
- OS: macOS Catalina v10.15.5
- Docker:
-- Docker Desktop v2.3.0.3 (45519) Stable
-- Docker Engine v19.03.8
-- Compose v1.25.5
-- Notary v0.6.1
Another additional info:
- The RSYNC service
feed.openvas.org
will be shut down September 30th 2020. Ref here based on this post. - Python gvm v1.5.0 is now available. Ref here.
from gvm-docker.
Thanks for the heads up about the feed being shut down. I have opened a new issue for that: #32
For the database error it looks like you need to increase the max open file limit. You may need to disable system integrity protection (SIP) for the steps below but remember to reactivate SIP after you have completed the steps below.
To disable SIP:
You need to restart your Mac, and hold Command-R until the Apple logo appears. When Recovery Mode has loaded, open Terminal and run this command:
csrutil disable
- In /Library/LaunchDaemons create a file named limit.maxfiles.plist and paste the following in:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN"
"http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Label</key>
<string>limit.maxfiles</string>
<key>ProgramArguments</key>
<array>
<string>launchctl</string>
<string>limit</string>
<string>maxfiles</string>
<string>65536</string>
<string>524288</string>
</array>
<key>RunAtLoad</key>
<true/>
<key>ServiceIPC</key>
<false/>
</dict>
</plist>
- Change the owner of your new file:
sudo chown root:wheel /Library/LaunchDaemons/limit.maxfiles.plist
- Load these new settings:
sudo launchctl load -w /Library/LaunchDaemons/limit.maxfiles.plist
- Finally, check that the limits are correct:
launchctl limit maxfiles
To enable SIP:
You need to restart your Mac, and hold Command-R until the Apple logo appears. When Recovery Mode has loaded, open Terminal and run this command:
csrutil enable
from gvm-docker.
Hi Joshua, thank you for your detailed suggestion. When I tried to perform scan using the docker image with latest commit, the database error is no longer reproducible. I did not do any changes in my machine yet, it might have something to do with the updated NVT url.
The md manage:WARNING:2020-06-03 06h02.08 utc:412: database must be initialised from scanner
warning and cert_bund_advs
error however is still reproducible.
Not sure if this is an existing issue from Greenbone, and since it didnt affect my scanning I will close this thread.
Thanks so much for your help.
from gvm-docker.
Related Issues (20)
- Report outdated / end-of-life Scan Engine / Environment (local) HOT 5
- [Bug] Postfix not working with debian-master HOT 3
- Rsync failing behind proxies HOT 3
- [Enhancement] Log4Shell Scan HOT 3
- About update Feeds HOT 4
- [Bug] PDF reports are corrupt HOT 2
- [Bug] Cannot create container image for i386 HOT 3
- docker install HOT 5
- [Bug] GVMD_DATA "..more than x days old." HOT 3
- Upgrade Greenbone to debian-master (Report outdated / end-of-life Scan Engine) HOT 42
- [Enhancement]where is password for page HOT 2
- [Enhancement] Modifying PDF report template HOT 1
- docker build problem HOT 1
- [Bug]Failed to find config 'daba56c8-73ec-11df-a475-002264764cea' HOT 4
- [Enhancement] Squid proxy for restricted environments HOT 1
- ssl.SSLZeroReturnError: TLS/SSL connection has been closed (EOF) (_ssl.c:997)
- [Enhancement] Upgrade to 22.4
- ssl.SSLZeroReturnError: TLS/SSL connection has been closed (EOF) (_ssl.c:997) HOT 1
- Is this repo still being maintained?[Enhancement] HOT 2
- [Bug]
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from gvm-docker.