Actually, after doing some testing, I realized that I was looking at the wrong directory (/var/lib/openvas/plugins/plugins), and was able to get the signatures to work by toggling nasl_no_signature_check on and off.
I think the root cause of the issue with openvassd may instead be an issue with LXC container permissions (https://github.com/lxc/lxd/issues/2004 <https://github.com/lxc/lxd/issues/2004>) and redis not running consistently. If this isn't the fix I'll do some more digging. Aug 20, 2018, 11:49 PM by excessamer...@tutanota.com: > I've had issues with the openvas scanner (openvassd) service crashing > frequently, and the cause appears to be that some of the plugins > (/var/lib/openvas/plugins/2013) don't have a valid checksum. OpenVAS was > installed on Ubuntu 16.04 using the PPA. > > # openvassd -f > base gpgme-Message: Setting GnuPG dir to '/etc/openvas/gnupg' > base gpgme-Message: Using OpenPGP engine version '2.1.11' > No checksum for > /var/lib/openvas/plugins/plugins/gb_fedora_2013_2766_mate-settings-daemon_fc17.naslNo > checksum for > /var/lib/openvas/plugins/plugins/gb_mysql_unspecified_vuln02_oct13_win.naslNo > checksum for > /var/lib/openvas/plugins/plugins/gb_fedora_2013_13112_kblackbox_fc18.naslNo > checksum for > /var/lib/openvas/plugins/plugins/gb_fedora_2013_18931_ReviewBoard_fc19.naslNo > checksum for /var/lib/openvas/plugins/plugins/gb_ubuntu_USN_2062_1.naslNo > checksum for /var/lib/openvas/plugins/plugins/gb_suse_2013_0459_1.naslNo > checksum for > /var/lib/openvas/plugins/plugins/gb_ds3_authentication_server_mult_vuln.naslNo > checksum for /var/lib/openvas/plugins/plugins/gb_zeroshell_lfi_08_13.naslNo > checksum for > /var/lib/openvas/plugins/plugins/gb_plesk_multiple_rce_vuln.naslNo checksum > for > /var/lib/openvas/plugins/plugins/gb_mozilla_firefox_esr_mult_vuln01_sep13_win.naslNo > checksum for > /var/lib/openvas/plugins/plugins/gb_fedora_2013_13112_kiten_fc18.naslNo > checksum for /var/lib/openvas/plugins/plugins/gb_ubuntu_USN_1804_2.naslNo > checksum for > /var/lib/openvas/plugins/plugins/gb_fedora_2013_17047_xulrunner_fc18.naslNo > checksum for > /var/lib/openvas/plugins/plugins/gb_mozilla_prdts_mult_vuln05_jan13_win.naslNo > checksum for > /var/lib/openvas/plugins/plugins/gb_fedora_2013_3462_euca2ools_fc18.naslNo > checksum for /var/lib/openvas/plugins/plugins/gb_ubuntu_USN_1780_1.naslNo > checksum for > /var/lib/openvas/plugins/plugins/gb_sharekm_server_dos_vuln.naslNo checksum > for /var/lib/openvas/plugins/plugins/gb_fedora_2013_2984_libtasn1_fc17.naslNo > checksum for /var/lib/openvas/plugins/plugins/gb_ubuntu_USN_2057_1.naslNo > checksum for > /var/lib/openvas/plugins/plugins/gb_fedora_2013_3436_perl_fc18.nasl > > I did just start using the new Greenbone Community Feed integrity gpg key > (fingerprint 0ED1E580), but that didn't seem to help. > > I thought had this working yesterday, but think the issue popped up again > after my daily feed update. > > This is what I've been doing to do a daily update vulnerability > definitions/plugins, is this correct? > > greenbone-nvt-sync > greenbone-scapdata-sync > greenbone-certdata-sync > openvasmd --rebuild --progress > service openvas-scanner restart > > For now, I can work around it by doing either nasl_no_signature_check = no or > removing that /plugins/2013 directory. However, I would rather not have to do > either of those, is there a better solution? >
_______________________________________________ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
