kali2(2021-12-22) install gvm(openvas)

admin管理员组

文章数量:1558102

The installation of gvm(old name:openvas) in kali and the solutions to the error about permission

Note: In this article,I will talk about the process of installation the latest version of openvas, which is named gvm now(2022.1.6). I will also state that i have to use English rather than Chinese due to the reason that i write this article in kaliVM and i don’t install the chinese input method. I’m not good at English, so some mistakes can not be avoided.
Let us start:

Step 1

The first step we need to do is preparing the installation environment. The command is listed in the following. (root user)

mousepad /etc/apt/sources.list

then copy and paste the url of software sources in the following:

# See https://www.kali/docs/general-use/kali-linux-sources-list-repositories/
deb http://http.kali/kali kali-rolling main contrib non-free

# Additional line for source packages
deb-src http://http.kali/kali kali-rolling main contrib non-free
 
#清华大学
deb http://mirrors.tuna.tsinghua.edu/kali kali-rolling main contrib non-free
deb-src https://mirrors.tuna.tsinghua.edu/kali kali-rolling main contrib non-free
 
#浙大
deb http://mirrors.zju.edu/kali kali-rolling main contrib non-free
deb-src http://mirrors.zju.edu/kali kali-rolling main contrib non-free

deb http:old.kali/kali sana main non-free contrib

deb http://http.kali/ moto main non-free contrib
deb-src http://http.kali/ moto main non-free contrib

deb http://security.kali/ moto/updates main contrib non-free
deb-src http://security.kali/ moto/updates main contrib non-free

#中科大kali源
deb http://mirrors.ustc.edu/kali kali main non-free contrib
deb-src http://mirrors.ustc.edu/kali kali main non-free contrib
deb http://mirrors.ustc.edu/kali-security kali/updates main contrib non-free

#新加坡kali源
deb http://mirror.nus.edu.sg/kali/kali/ kali main non-free contrib
deb-src http://mirror.nus.edu.sg/kali/kali/ kali main non-free contrib
deb http://security.kali/kali-security kali/updates main contrib non-free
deb http://mirror.nus.edu.sg/kali/kali-security kali/updates main contrib non-free
deb-src http://mirror.nus.edu.sg/kali/kali-security kali/updates main contrib non-free

#阿里云kali源
deb http://mirrors.aliyun/kali kali-rolling main non-free contrib
deb-src http://mirrors.aliyun/kali kali-rolling main non-free contrib

#163 Kali源
deb http://mirrors.163/debian wheezy main non-free contrib
deb-src http://mirrors.163/debian wheezy main non-free contrib
deb http://mirrors.163/debian wheezy-proposed-updates main non-free contrib
deb-src http://mirrors.163/debian wheezy-proposed-updates main non-free contrib
deb-src http://mirrors.163/debian-security wheezy/updates main non-free contrib
deb http://mirrors.163/debian-security wheezy/updates main non-free contrib
#auto
deb http://http.kali/kali kali-rolling main non-free contrib

#中科大
deb http://mirrors.ustc.edu/kali kali-rolling main non-free contrib
deb-src http://mirrors.ustc.edu/kali kali-rolling main non-free contrib

#浙大
deb http://mirrors.zju.edu/kali kali-rolling main contrib non-free
deb-src http://mirrors.zju.edu/kali kali-rolling main contrib non-free

#东软大学
deb http://mirrors.neusoft.edu/kali kali-rolling/main non-free contrib
deb-src http://mirrors.neusoft.edu/kali kali-rolling/main non-free contrib

#重庆大学
deb http://http.kali/kali kali-rolling main non-free contrib
deb-src http://http.kali/kali kali-rolling main non-free contrib

#官方源
#deb http://http.kali/kali kali-rolling main non-free contrib
#deb-src http://http.kali/kali kali-rolling main non-free contrib

then you should execute the following commands:

apt-get update
apt-get upgrade
apt-get dist-upgrade
reboot

Step 2

You need to take a while when execute the above commands, once finished, you can focus on this step.
PS: the username and password will be generated in a certain step and you’d better to write it down.

apt-get install gvm

gvm-setup

when executing this command, some errors were reported:

[>] Creating PostgreSQL database
could not change directory to "/root": Permission denied
[i] User _gvm already exists in PostgreSQL
could not change directory to "/root": Permission denied
[i] Database gvmd already exists in PostgreSQL
could not change directory to "/root": Permission denied
[i] Role DBA already exists in PostgreSQL

[*] Applying permissions
could not change directory to "/root": Permission denied
NOTICE:  role "_gvm" is already a member of role "dba"
GRANT ROLE
could not change directory to "/root": Permission denied
[i] Extension uuid-ossp already exists for gvmd database
could not change directory to "/root": Permission denied
[i] Extension pgcrypto already exists for gvmd database
[>] Migrating database
[>] Checking for GVM admin user
could not change directory to "/root": Permission denied
[>] Updating GVM feeds
[*] Updating NVT (Network Vulnerability Tests feed from Greenbone Security Feed/Community

In the beginning, i choose to ignore these warnings, but at later, you will find that you have to solve the problem. I will solve this problem in the next step but not here. What you should pay attention to is the “Permission denied”.
In the end of the output, you will see “You can now run gvm-check-setup to make sure everything is correctly configured”, and just do it!

gvm-check-setup

You will see the abnormal result:

Step 7: Checking if GVM services are up and running ... 
        Starting ospd-openvas service
Job for ospd-openvas.service failed because the control process exited with error code.
See "systemctl status ospd-openvas.service" and "journalctl -xeu ospd-openvas.service" for details.
        Waiting for ospd-openvas service
        ERROR: ospd-openvas service did not start.
        Please check journalctl -xe

 ERROR: Your GVM-21.4.3 installation is not yet complete!

Please follow the instructions marked with FIX above and run this
script again.

It seems to be a joke because the “FIX” is nowhere to be found!!!
There is no way but to execute the two tips shown in the output.

systemctl status ospd-openvas.service
journalctl -xeu ospd-openvas.service

Actually, the first command will not help us. But when you execute the second one, something will be different:

an 05 22:24:22 kali openvas[11368]: init_openvas: Can not open or create log file or directory. Please check permissions of log files listed in /etc/openvas/openvas_log.conf.
Jan 05 22:24:27 kali openvas[11392]: init_openvas: Can not open or create log file or directory. Please check permissions of log files listed in /etc/openvas/openvas_log.conf.
Jan 05 22:24:33 kali openvas[11415]: init_openvas: Can not open or create log file or directory. Please check permissions of log files listed in /etc/openvas/openvas_log.conf.
Jan 05 22:24:38 kali openvas[11439]: init_openvas: Can not open or create log file or directory. Please check permissions of log files listed in /etc/openvas/openvas_log.conf.

Now, we find the root of the problem: we don’t give some permissions to a certain user. Combined with the output of “gvm-setup”, the problem is located in the database. Then, we should give permission to the user in database(maybe what i say is not true, but the method is true.)

su - postgres

Then let us open another terminal and execute:

gvm-check-setup

you will find we succeeded!
You can execute “gvm-start” and “gvm-stop” to start and stop gvm.

gvm-start
gvm-stop

Using browser to login in.

https://127.0.0.1:9392

ps: the username and password will be generated in a certain step.
Then you could have a good journey!

本文标签： openvasgvminstall