On 12.08.2015, at 11:31, Arthur <agdebussch...@payplug.com> wrote: > I tried to run openvasmd with strace : > > $ sudo strace openvasmd --progress --verbose —update
openvasmd creates child processes, try running strace like this: strace -f -s 255 -o /tmp/openvasmd.trace openvasmd … Regards, Ferdinand > [truncated ; full trace at > https://zerobin.net/?0d4427b3a875038a#6YMcaDXY+ACD6973QGG3aUMbRiXNMb38t+3GLqnO1Rc=] > > fstat(3, {st_mode=S_IFREG|0444, st_size=0, ...}) = 0 > mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = > 0x7f72c27d8000 > read(3, "nodev\tsysfs\nnodev\trootfs\nnodev\tr"..., 1024) = 325 > read(3, "", 1024) = 0 > close(3) = 0 > munmap(0x7f72c27d8000, 4096) = 0 > gettimeofday({1438351393, 525853}, NULL) = 0 > futex(0x7f72c02b4400, FUTEX_WAKE_PRIVATE, 2147483647) = 0 > rt_sigaction(SIGABRT, {0x423900, ~[RTMIN RT_1], SA_RESTORER, 0x7f72c1cb3340}, > NULL, 8) = 0 > open("/usr/share/zoneinfo/utc 0", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such > file or directory) > umask(077) = 022 > access("/etc/openvas/openvasmd_log.conf", F_OK) = 0 > open("/usr/share/locale/locale.alias", O_RDONLY) = 3 > fstat(3, {st_mode=S_IFREG|0644, st_size=2570, ...}) = 0 > mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = > 0x7f72c27d8000 > read(3, "# Locale name alias data base.\n#"..., 4096) = 2570 > read(3, "", 4096) = 0 > close(3) = 0 > munmap(0x7f72c27d8000, 4096) = 0 > open("/etc/openvas/openvasmd_log.conf", O_RDONLY) = 3 > fstat(3, {st_mode=S_IFREG|0644, st_size=1183, ...}) = 0 > read(3, "# OpenVAS Manager logging config"..., 4096) = 1183 > read(3, "", 4096) = 0 > close(3) = 0 > open("/var/log/openvas/openvasmd.log", O_WRONLY|O_CREAT|O_APPEND, 0666) = 3 > fstat(3, {st_mode=S_IFREG|0600, st_size=36806, ...}) = 0 > write(3, "md main: INFO:2015-07-31 14h"..., 99) = 99 > access("/etc/openvas/pwpolicy.conf", F_OK) = 0 > fstat(1, {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 1), ...}) = 0 > mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = > 0x7f72c27d8000 > write(1, "Updating NVT cache... \\", 23Updating NVT cache... \) = 23 > write(3, "md main: INFO:2015-07-31 14h"..., 93) = 93 > rt_sigaction(SIGCHLD, {SIG_DFL, [], SA_RESTORER, 0x7f72c1cb3340}, NULL, 8) = 0 > clone(child_stack=0, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, > child_tidptr=0x7f72c27bcb90) = 2586 > wait4(2586,\ > > [hang forever] > > 2586 is openvasmd > > $ ps aux | grep 2586 > root 2586 0.0 0.2 164268 8364 pts/1 S+ 14:03 0:00 openvasmd: > Updating > > $ ps aux | grep openvas > root 2492 2.5 0.5 143812 21848 ? Ss 14:02 0:27 openvassd: > Reloaded all the NVTs. > root 2581 0.0 0.0 67896 2192 pts/1 S+ 14:03 0:00 sudo strace > openvasmd --progress --verbose --update > root 2582 0.0 0.0 4740 756 pts/1 S+ 14:03 0:00 strace > openvasmd --progress --verbose --update > root 2585 0.0 0.0 161368 3708 pts/1 S+ 14:03 0:00 openvasmd: > Reloading > root 2586 0.0 0.2 164268 8364 pts/1 S+ 14:03 0:00 openvasmd: > Updating > > > Also, I tried a port scan to ensure there is no firewall issue. All my > openvas stack is on the same host: > > $ sudo nmap -Pn -sS -p 443,9000-9400 127.0.0.1 > > Starting Nmap 6.40 ( http://nmap.org ) at 2015-07-31 14:21 UTC > Nmap scan report for localhost (127.0.0.1) > Host is up (0.0000040s latency). > Not shown: 400 closed ports > PORT STATE SERVICE > 443/tcp open https > 9391/tcp open unknown > > Nmap done: 1 IP address (1 host up) scanned in 2.36 seconds > > > > Thanks for your time. On I side note, I have been able to successfully update > the database and run a scan in the past (a few day before this issue). > Again, any suggestions appreciated > > Arthur > > Le vendredi 31 juillet 2015, 08:18:09 Ferdinand Goldmann a écrit : >> This might be a shot in the blue, but check your firewall settings. I came >> across an OpenVAS installation recently where openvasmd just hung forever. >> strace indicated some TLS bug, but in the end it was just a firewall >> setting blocking access on the loopback interface. >> >> Cheers, >> Ferdinand >> >> On 30.07.2015, at 17:34, Arthur <calvin...@gmail.com> wrote: >>> The box is an ec2 t2.medium instance on ec2, which have 4gb of ram and >>> some proc. >>> >>> I wiped the current install (apt-get purge openvas && rm -Rvf >>> /var/lib/openvas) then reinstalled it and reconfigured it with the help >>> of openvas-check-set (client certificate generation, user creation) >>> >>> When it comes to running `openvasmd --rebuild --progress`, I observe the >>> exact same behaviour : progress bar stop to move, and last line of log >>> are : >>> >>> $ sudo openvasmd --rebuild --progress --verbose >>> Rebuilding NVT cache... \ >>> >>> >>> $ sudo tail /var/log/openvas/openvasmd.log >>> md main: INFO:2015-07-30 15h01.44 utc:7057: OpenVAS Manager version >>> 6.0.1 (DB revision 146) md main: INFO:2015-07-30 15h01.44 utc:7057: >>> rebuild_nvt_cache_retry: Reloading NVT cache md main: INFO:2015-07-30 >>> 15h01.44 utc:7058: update_or_rebuild_nvt_cache: Rebuilding NVT cache md >>> main: INFO:2015-07-30 15h01.44 utc:7058: Updating NVT cache. md >>> otp:MESSAGE:2015-07-30 15h01.44 utc:7058: Scanner loading: 3700 / 40087 >>> nvts. md main: INFO:2015-07-30 15h01.54 utc:7059: >>> update_or_rebuild_nvt_cache: Rebuilding NVT cache md main: >>> INFO:2015-07-30 15h01.54 utc:7059: Updating NVT cache. md >>> otp:MESSAGE:2015-07-30 15h01.54 utc:7059: Scanner loading: 14550 / 40087 >>> nvts. md main: INFO:2015-07-30 15h02.04 utc:7060: >>> update_or_rebuild_nvt_cache: Rebuilding NVT cache md main: >>> INFO:2015-07-30 15h02.04 utc:7060: Updating NVT cache. md >>> otp:MESSAGE:2015-07-30 15h02.04 utc:7060: Scanner loading: 22750 / 40087 >>> nvts. md main: INFO:2015-07-30 15h02.14 utc:7061: >>> update_or_rebuild_nvt_cache: Rebuilding NVT cache md main: >>> INFO:2015-07-30 15h02.14 utc:7061: Updating NVT cache. md >>> otp:MESSAGE:2015-07-30 15h02.14 utc:7061: Scanner loading: 29700 / 40087 >>> nvts. md main: INFO:2015-07-30 15h02.24 utc:7062: >>> update_or_rebuild_nvt_cache: Rebuilding NVT cache md main: >>> INFO:2015-07-30 15h02.24 utc:7062: Updating NVT cache. md >>> otp:MESSAGE:2015-07-30 15h02.24 utc:7062: Scanner loading: 35800 / 40087 >>> nvts. md main: INFO:2015-07-30 15h02.34 utc:7063: >>> update_or_rebuild_nvt_cache: Rebuilding NVT cache md main: >>> INFO:2015-07-30 15h02.35 utc:7063: Updating NVT cache. >>> >>> Half an hour later, the process is still alive and the database is still >>> locked ; >>> >>> $ ps aux | grep openvas >>> root 7054 1.9 0.5 145848 21864 ? Ss 15:01 0:28 >>> openvassd: Reloaded all the NVTs. root 7056 0.0 0.0 69960 2204 >>> pts/1 S+ 15:01 0:00 sudo openvasmd --rebuild --progress --verbose >>> root 7057 0.0 0.0 163432 3912 pts/1 S+ 15:01 0:00 >>> openvasmd: Reloading root 7063 0.0 0.2 166344 8456 pts/1 S+ >>> 15:02 0:00 openvasmd: Rebuilding >>> >>> >>> $ echo ".schema" | sudo sqlite3 /var/lib/openvas/mgr/tasks.db >>> Error: database is locked >>> >>> On that host, load is far below 1, and there is more than 1.5gb of free >>> ram, so I doubt it is a hardware issue. >>> >>> I will let the process run and see where it goes. >>> Meanwhile, I appreciate any suggestions. >>> >>> Thanks for your time. >>> Arthur >>> >>> Le jeudi 30 juillet 2015, 09:46:04 Brandon Perry a écrit : >>>> Also, not sure what the specs on your box is. You should have at least >>>> 4gb >>>> RAM and a nice proc to nicely run OpenVAS. >>>> >>>> On Thu, Jul 30, 2015 at 9:16 AM, Brandon Perry >>>> <bperry.volat...@gmail.com> >>>> >>>> wrote: >>>>> Yes, while 30 mins is a bit long, let it sit a bit longer. I don't have >>>>> much experience with the Ubuntu packages however. >>>>> >>>>> Also, don't stop them halfway through with Ctrl+c, I am not sure what >>>>> kind >>>>> of state that leaves openvasmd in. If you have done that, probably >>>>> should >>>>> reinstall and try again. >>>>> >>>>> --rebuild will completely rebuild the openvasmd database. --update >>>>> simply >>>>> takes the difference between what openvas-nvt-sync et al have added and >>>>> updates the sqlite DB to include the new data. You probably do not need >>>>> to >>>>> run --rebuild. >>>>> >>>>> On Thu, Jul 30, 2015 at 9:11 AM, Arthur <calvin...@gmail.com> wrote: >>>>>> Haha good question ; around 30 minutes ? The first time I ran that >>>>>> command, it >>>>>> took at most 5 minutes. Should I wait more ? >>>>>> >>>>>> Also, the animated progress bar (the slashes `/|\-`) do not move >>>>>> anymore >>>>>> when >>>>>> it hangs ; I assume a call is blocking somewhere. >>>>>> >>>>>> >>>>>> On a side note, I am using mrazavi packages for Ubuntu 14.04 >>>>>> (https://launchpad.net/~mrazavi/+archive/ubuntu/openvas) >>>>>> >>>>>> Le jeudi 30 juillet 2015 09:05:15, vous avez écrit : >>>>>>> How long is forever? >>>>>>> >>>>>>> On Thu, Jul 30, 2015 at 9:04 AM, Arthur <calvin...@gmail.com> wrote: >>>>>>>> Hello, >>>>>>>> >>>>>>>> As my title say, my problem today is that the command >>>>>>>> `openvasmd --progress --verbose --rebuild` never returns and hangs >>>>>>>> forever, >>>>>>>> locking the sqlite database and preventing any other action >>>>>>>> (including >>>>>>>> `openvas-check-setup` which is locked when trying to find users) >>>>>>>> >>>>>>>> $ sudo openvasmd --progress --verbose --rebuild >>>>>>>> Rebuilding NVT cache... / >>>>>>>> [hangs forever] >>>>>>>> >>>>>>>> >>>>>>>> $ sudo tail -f /var/log/openvas/openvasmd.log >>>>>>>> md main:WARNING:2015-07-30 13h35.46 utc:4045: database must be >>>>>>>> initialised >>>>>>>> from scanner (with --update or --rebuild) >>>>>>>> lib auth: INFO:2015-07-30 13h35.47 utc:4045: Authentication >>>>>>>> configuration >>>>>>>> not found. >>>>>>>> md main: INFO:2015-07-30 13h35.52 utc:4049: OpenVAS Manager >>>>>> >>>>>> version >>>>>> >>>>>>>> 6.0.1 (DB revision 146) >>>>>> >>>>>>>> md main: INFO:2015-07-30 13h35.52 utc:4049: >>>>>> rebuild_nvt_cache_retry: >>>>>>>> Reloading NVT cache >>>>>>>> md main: INFO:2015-07-30 13h35.52 utc:4050: >>>>>>>> update_or_rebuild_nvt_cache: >>>>>>>> Rebuilding NVT cache >>>>>>>> md main: INFO:2015-07-30 13h35.52 utc:4050: Updating NVT >>>>>>>> cache. >>>>>> >>>>>>>> md otp:MESSAGE:2015-07-30 13h35.52 utc:4050: Scanner loading: >>>>>> 16550 / >>>>>> >>>>>>>> 40087 >>>>>>>> nvts. >>>>>>>> md main: INFO:2015-07-30 13h36.02 utc:4060: >>>>>>>> update_or_rebuild_nvt_cache: >>>>>>>> Rebuilding NVT cache >>>>>>>> md main: INFO:2015-07-30 13h36.02 utc:4060: Updating NVT >>>>>>>> cache. >>>>>> >>>>>>>> md otp:MESSAGE:2015-07-30 13h36.02 utc:4060: Scanner loading: >>>>>> 25400 / >>>>>> >>>>>>>> 40087 >>>>>>>> nvts. >>>>>>>> md main: INFO:2015-07-30 13h36.12 utc:4061: >>>>>>>> update_or_rebuild_nvt_cache: >>>>>>>> Rebuilding NVT cache >>>>>>>> md main: INFO:2015-07-30 13h36.12 utc:4061: Updating NVT >>>>>>>> cache. >>>>>> >>>>>>>> md otp:MESSAGE:2015-07-30 13h36.12 utc:4061: Scanner loading: >>>>>> 32650 / >>>>>> >>>>>>>> 40087 >>>>>>>> nvts. >>>>>>>> md main: INFO:2015-07-30 13h36.22 utc:4062: >>>>>>>> update_or_rebuild_nvt_cache: >>>>>>>> Rebuilding NVT cache >>>>>>>> md main: INFO:2015-07-30 13h36.22 utc:4062: Updating NVT >>>>>>>> cache. >>>>>> >>>>>>>> md otp:MESSAGE:2015-07-30 13h36.23 utc:4062: Scanner loading: >>>>>> 38800 / >>>>>> >>>>>>>> 40087 >>>>>>>> nvts. >>>>>>>> md main: INFO:2015-07-30 13h36.33 utc:4063: >>>>>>>> update_or_rebuild_nvt_cache: >>>>>>>> Rebuilding NVT cache >>>>>>>> md main: INFO:2015-07-30 13h36.33 utc:4063: Updating NVT >>>>>>>> cache. >>>>>>>> lib auth: INFO:2015-07-30 13h44.38 utc:4225: Authentication >>>>>>>> configuration >>>>>>>> not found. >>>>>>>> [hang forever] >>>>>>>> >>>>>>>> >>>>>>>> I have the exact same problem when update >>>>>>>> >>>>>>>> $ sudo openvasmd --progress --verbose --update >>>>>>>> Updating NVT cache... \ >>>>>>>> [hang forever] >>>>>>>> >>>>>>>> $ sudo tail -f /var/log/openvas/openvasmd.log >>>>>>>> md main: INFO:2015-07-30 13h56.11 utc:4298: OpenVAS Manager >>>>>> >>>>>> version >>>>>> >>>>>>>> 6.0.1 (DB revision 146) >>>>>> >>>>>>>> md main: INFO:2015-07-30 13h56.11 utc:4298: >>>>>> rebuild_nvt_cache_retry: >>>>>>>> Reloading NVT cache >>>>>>>> md main: INFO:2015-07-30 13h56.11 utc:4299: >>>>>>>> update_or_rebuild_nvt_cache: >>>>>>>> Updating NVT cache >>>>>>>> >>>>>>>> I tried to move the database (/var/lib/openvas/mgr/tasks.db) and >>>>>> >>>>>> recreate >>>>>> >>>>>>>> it, >>>>>>>> with the same results. >>>>>>>> >>>>>>>> >>>>>>>> Any suggestions ? Is it some server-side issue (maybe an unreachable >>>>>> >>>>>> host >>>>>> >>>>>>>> ?) >>>>>>>> _______________________________________________ >>>>>>>> Openvas-discuss mailing list >>>>>>>> Openvas-discuss@wald.intevation.org >>>>>> >>>>>> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-disc >>>>>> us >>>>>> s >>>>> >>>>> -- >>>>> http://volatile-minds.blogspot.com -- blog >>>>> http://www.volatileminds.net -- website >>> >>> _______________________________________________ >>> Openvas-discuss mailing list >>> Openvas-discuss@wald.intevation.org >>> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss >>> >>>> Ferdinand Goldmann >>>> Johannes Kepler University Linz - Information Management >>>> Mail: ferdinand.goldm...@jku.at Phone: +4373224683925 PGP: 0x13EAB993 >>>> A lack of planning on your part doesn't constitute an emergency on my >>>> part. -- >> Ferdinand Goldmann >> Johannes Kepler University Linz - Information Management >> Mail: ferdinand.goldm...@jku.at Phone: +4373224683925 PGP: 0x13EAB993 >> A lack of planning on your part doesn't constitute an emergency on my part.
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
