Greenbone security assistant

Owein · June 8, 2022, 9:48am

clone gsad from github
checkout to the same version as gvm

apt install libudev-dev -t parrot-backports
apt install libmicrohttpd-dev libmicrohttpd12 libglib2.0-0 libglib2.0-dev libxml2-dev libxml2 libgvm21 libgvm-dev
cd gsad
mkdir build
cd build
cmake -DCMAKE_INSTALL_PREFIX=/usr/local ..
make
make install

So now we got gsad, the easiest part…

clone gsa from github
checkout to the same version as gvm
install nodejs 14:

export VERSION=node_14.x
export KEYRING=/usr/share/keyrings/nodesource.gpg
export DISTRIBUTION="$(lsb_release -s -c)"

curl -fsSL https://deb.nodesource.com/gpgkey/nodesource.gpg.key | gpg --dearmor | sudo tee "$KEYRING" >/dev/null
gpg --no-default-keyring --keyring "$KEYRING" --list-keys

echo "deb [signed-by=$KEYRING] https://deb.nodesource.com/$VERSION $DISTRIBUTION main" | sudo tee /etc/apt/sources.list.d/nodesource.list
echo "deb-src [signed-by=$KEYRING] https://deb.nodesource.com/$VERSION $DISTRIBUTION main" | sudo tee -a /etc/apt/sources.list.d/nodesource.list

replace lsb_release with some supported repo (bullseye is OK)

apt update && apt install nodejs -t bullseye
cd gsa
npm install

then yarn will produce an error when using repo’s version. So

curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | sudo apt-key add -
echo "deb https://dl.yarnpkg.com/debian/ stable main" | sudo tee /etc/apt/sources.list.d/yarn.list

sudo apt update && sudo apt install yarn

yarn
yarn build

The rest of the procedure is straighforward, from the README, copy the build files into the proper directory and you’ll get GSA

dmknght · June 8, 2022, 3:14pm

You can see the problem here and the reply of the admin. I thought i am the worst admin in the world

This problem is different from yours, but it’s the new problem that many people is having

In the other topic, the same admin blamed Parrot packaging for the issue.

Owein · June 8, 2022, 4:31pm

Where are the systemd configurations file for gvmd ? I can’t find it in /etc/systemd/system
I wanted to verify the path that the admin told you but for me it’s good all works fine but for greenbone security assistant which has no service. Just need to add one. But I’m unaware of what daemon it should start, now that gvm-check-setup says ''OK: gvmd service is active." and “Failed to start greenbone-security-assistant.service: Unit greenbone-security-assistant.service not found.”.
what do you recking this service is supposed to start ? (I though it’d be gvmd)
I also noticed “gvmd.service: Can’t open PID file /run/gvm/gvmd.pid (yet?) after start: Operation not permitted” when running gvm-stop. Maybe not important.

dmknght · June 8, 2022, 6:58pm

I don’t remember. I did some trouble shooting in other topic and it has some information. Current GVM version is really really bad

Owein · June 9, 2022, 6:08am

Ok I got the answer from this post: Failed to start greenbone-security-assistant.service: Unit greenbone-security-assistant.service not found. · Issue #3368 · greenbone/gsa · GitHub
I recreated the service and added the options PIDFile=/var/run/gsad/gsad.pid since without it it fails to start and says that it cannot write pid file.
But now it is stuck at starting the service, the logs says
greenbone-security-assistant.service: Can't open PID file /run/gsad/gsad.pid (yet?) after start: Operation not permitted
The owner of the directory gsad is _gvm and the service file contains:

User=_gvm
Group=_gvm

dmknght · June 9, 2022, 8:17am

OH well some info was in here Error no openvas scanner found - #18 by Masmer

Not sure if it relates to the lib openvas 21 problem, but i saw that problme on the forum of gvm as well. Just another problem and gvm closed the issue

Owein · June 9, 2022, 11:59am

Yes links are here:

and here:

It didn’t help though, still facing the same issue.

dmknght · June 9, 2022, 5:46pm

I mean if you look at the reply of the admin, who is contributing (or working) for gvm, you can’t see it’s helpful so well… what can you expect from this forum.

But you know what? This is a serious problem and i’ll work on it at least this weekend. I hope I can complete new anonsurf in time.

Owein · June 10, 2022, 4:33pm

you can still get the virtual machine running but it eats up RAM, and can be unstable.
I contacted them once to inform them of their virtualbox disk not working, they did not try to understand it since I was not a paying customer, and got a broken feature for a long time, if not still broken.
Only the vwmare version works.

dmknght · June 10, 2022, 10:35pm

Not surprised. AnonSurf is almost completed. I can give gvm a try after this.

Owein · June 12, 2022, 3:38pm

I am trying to recompile everything, leaving all options at default.
To do so I did remove all present related greenbone package from the system.
I need to test now, so it’ll be good that I find these handy scripts gvm-check-setup / gvm-start.
Could you tell me which package they’r in ?
Also I will have to rewrite all the service files, If you got any link it’ll be helpful.
Thanks.

Owein · June 12, 2022, 4:00pm

I found that it it simply gvm needed, it will reinstall services and scripts.
My issue is with ospd-openvas, it won’t start cause of permissions matters.

dmknght · June 12, 2022, 7:05pm

Hm there are too many gvm packages from debian and i dont’ really know which i should start with.

gvm: a bunch of bash scripts to run setup (skip this)
python-gvm (binding / sdk for python. can skip)
gvmd, gvm-libs, gvm-tools, ospd-openvas

dmknght · June 12, 2022, 7:05pm

It should be in gvm. You can check by apt source gvm

Owein · June 22, 2022, 11:03pm

You need gvm gvmd ospd-openvas and gsa
openvas is the scanner, gvm and gvmd are the manager’s frontend and service, and gsa (if i’m right, is the web frontend)

dmknght · June 23, 2022, 7:07am

Oh thank you. Seems like i have to test gvmd first.

p/s: gvmd is a Cmake project. Debian pkging compiled it with flags -DCMAKE_INSTALL_PREFIX=/usr -DCMAKE_BUILD_TYPE=Release -DPostgreSQL_TYPE_INCLUDE_DIR=/usr/include/postgresql -DDEFAULT_CONFIG_DIR=/etc/default -DLOGROTATE_DIR=/etc/logrotate.d. Now it’s going to be hard to debug because I haven’t worked with this before.

Owein · July 13, 2022, 11:14am

At you done with this ? I can’t help since I moved to Zorin OS (and might even get back to windows).
This stuff is really important GVM is like the warhammer when it comes to security and so you really should fix it before all your users go to kali.

dmknght · July 14, 2022, 1:45am

Well I had to work on AnonSurf and other packaging stuff. Sad. And to be honest i don’t know what to do with this error.I mean even if i try to fix it, it’s better to fix from the original side which… you know…

Yeah i know. I mean the funny point is not only Parrot is having this issue. But we need to complete AnonSurf 4.0 very soon or users will use other distro because of dns problem.

Owein · August 26, 2022, 12:17pm

Hi, is that set now ?
Not only an enquirer but also way to not let the thread close.
Let me know, I might just give it another try if you’r working on something else.

dmknght · August 26, 2022, 3:46pm

Fixed the bug (discussed in other thread). I’m rebuilding package with Palinuro. Long story short: Debian and its based system are using multiarch library structure and GVM is using old structure.