gvm icon indicating copy to clipboard operation
gvm copied to clipboard
verified publisher icon Atomicorp

gvmd on CentOS7 won't start after updates

Open WMNF-web opened this issue 5 years ago • 2 comments

After applying updates yesterday to our CentOS7 servers, the gvmd service is failing to start. I am the second to report this issue in the Greenbone community and referred here. I did not examine all closed issues, but did search and look at a couple that appeared related and didn't see the solution.

Here is the error I am seeing in the /var/log/gvm/gvmd.log:

md main:MESSAGE:2020-11-07 15h48.32 utc:23975: Greenbone Vulnerability Manager version 9.0.0 (DB revision 221) md manage:WARNING:2020-11-07 15h48.32 utc:23975: sql_exec_internal: PQexec failed: ERROR: could not load library "/usr/lib64/libgvm-pg-server.so": /lib64/libgvm_util.so.11: undefined symbol: gnutls_x509_privkey_import (7) md manage:WARNING:2020-11-07 15h48.32 utc:23975: sql_exec_internal: SQL: CREATE OR REPLACE FUNCTION hosts_contains (text, text) RETURNS boolean AS '/usr/lib64/libgvm-pg-server', 'sql_hosts_contains' LANGUAGE C IMMUTABLE; md manage:WARNING:2020-11-07 15h48.32 utc:23975: sqlv: sql_exec_internal failed

I ran openvas-setup without an issue and website comes up with "GMP Service is down" error when trying to login. I ran yum update again and received the following:

[root@www gvm]# yum update Loaded plugins: fastestmirror, langpacks, product-id, search-disabled-repos, subscription-manager

This system is not registered with an entitlement server. You can use subscription-manager to register.

Loading mirror speeds from cached hostfile

  • atomic: www7.atomicorp.com
  • base: mirror.atlanticmetro.net
  • centos-sclo-rh: mirror.centos.iad1.serverforge.org
  • elrepo: elrepo.0m3n.net
  • epel: mirror.siena.edu
  • extras: centos.mirrors.tds.net
  • remi-php72: mirror.pit.teraswitch.com
  • remi-php73: mirror.pit.teraswitch.com
  • remi-php74: mirror.pit.teraswitch.com
  • remi-safe: mirror.pit.teraswitch.com
  • updates: mirror.centos.iad1.serverforge.org Resolving Dependencies --> Running transaction check ---> Package openvas-scanner.x86_64 0:6.0.0-6930.el7.art will be updated ---> Package openvas-scanner.x86_64 0:7.0.0-9465.el7.art will be an update --> Finished Dependency Resolution

Dependencies Resolved

================================================================================================================================================================ Package Arch Version Repository Size

Updating: openvas-scanner x86_64 7.0.0-9465.el7.art atomic 247 k

Transaction Summary

Upgrade 1 Package

Total download size: 247 k Is this ok [y/d/N]: y Downloading packages: No Presto metadata available for atomic openvas-scanner-7.0.0-9465.el7.art.x86_64.rpm | 247 kB 00:00:00 Running transaction check Running transaction test Transaction test succeeded Running transaction Updating : openvas-scanner-7.0.0-9465.el7.art.x86_64 1/2 Cleanup : openvas-scanner-6.0.0-6930.el7.art.x86_64 2/2 warning: file /var/lib/openvas/plugins/nvt: remove failed: No such file or directory warning: file /var/lib/openvas/plugins/gsf: remove failed: No such file or directory Verifying : openvas-scanner-7.0.0-9465.el7.art.x86_64 1/2 Verifying : openvas-scanner-6.0.0-6930.el7.art.x86_64 2/2

Updated: openvas-scanner.x86_64 0:7.0.0-9465.el7.art

Complete!

If I try to run openvas-setup again, I get the following:

[root@www gvm]# openvas-setup

Openvas Setup, Version: 4.0.1

Redirecting to /bin/systemctl restart redis.service db_address=/var/run/redis/redis.sock

Step 1: Update NVT, CERT, and SCAP data Please note this step could take some time. Once completed, this will be updated automatically every 24 hours

Select download method

  • wget (NVT download only)
  • curl (NVT download only)
  • rsync

Note: If rsync requires a proxy, you should define that before this step.

Downloader [Default: rsync]

Updating NVTs.... -bash: /usr/sbin/greenbone-nvt-sync: No such file or directory Retrying in 3 seconds... -bash: /usr/sbin/greenbone-nvt-sync: No such file or directory Retrying in 3 seconds...

Thanks for any help and this great project!

WMNF-web avatar Nov 07 '20 16:11 WMNF-web

The plan here is to get the 20.08 packages on Centos 7 starting with the gvm-libs project here:

https://github.com/Atomicorp/gvm-libs/issues/1

As you can see from that project (the first dependency!) there is still a lot left to do. As a workaround, 20.08 is available on centos 8 now

atomicturtle avatar Nov 13 '20 14:11 atomicturtle

I would like to avoid losing my data from previous scans. Can someone give pointers on how I could migrate to a CentOS8 new install?

WMNF-web avatar Nov 23 '20 22:11 WMNF-web

I am also facing similar issue while installing openvas-scanner on Oracle linux 7.9 Could you please suggest the solution for it ?

NAME="Oracle Linux Server" VERSION="7.9" ID="ol" ID_LIKE="fedora" VARIANT="Server" VARIANT_ID="server" VERSION_ID="7.9" PRETTY_NAME="Oracle Linux Server 7.9" ANSI_COLOR="0;31" CPE_NAME="cpe:/o:oracle:linux:7:9:server" HOME_URL="https://linux.oracle.com/" BUG_REPORT_URL="https://bugzilla.oracle.com/"

ORACLE_BUGZILLA_PRODUCT="Oracle Linux 7" ORACLE_BUGZILLA_PRODUCT_VERSION=7.9 ORACLE_SUPPORT_PRODUCT="Oracle Linux" ORACLE_SUPPORT_PRODUCT_VERSION=7.9

error: %pre(openvas-scanner-7.0.0-9465.el7.art.x86_64) scriptlet failed, exit status 2 Error in PREIN scriptlet in rpm package openvas-scanner-7.0.0-9465.el7.art.x86_64 Installing : greenbone-vulnerability-manager-11.0.0-9461.el7.art.noarch 2/2 error: openvas-scanner-7.0.0-9465.el7.art.x86_64: install failed Verifying : greenbone-vulnerability-manager-11.0.0-9461.el7.art.noarch 1/2 Verifying : openvas-scanner-7.0.0-9465.el7.art.x86_64 2/2

Installed: greenbone-vulnerability-manager.noarch 0:11.0.0-9461.el7.art

Failed: openvas-scanner.x86_64 0:7.0.0-9465.el7.art

Complete!

dekumar4 avatar Feb 02 '23 08:02 dekumar4