kalilinux 2024.01 安装openvas（gvm）发现ospd-openvas服务启动问题解决记录

kalilinux 2024.01 安装openvas（gvm）发现ospd-openvas服务启动问题解决记录

环境：

系统：kalilinux-2024.01

操作平台：vmware-workstation 17pro

软件：gvm 23.11.0

引用问题解决出处链接：

https://forum.greenbone.net/t/latest-version-on-kali-fails-to-start/17504/15

https://blog.csdn.net/lyace2010/article/details/131887536

安装简易过程：

1,更新kali:
	sudo apt update && sudo apt upgrade -y

2,安装openvas:
	sudo apt install gvm -y

3,初始化配置：
	sudo gvm-setup #初始化过程会比较漫长

4,检查gvm安装检查：
	sudo gvm-check-setup

问题：

└─$ journalctl -xeu ospd-openvas.service
Apr 26 10:00:11 serve-the-people ospd-openvas[526906]:   File "/usr/bin/ospd-openvas", line 8, in <module>
Apr 26 10:00:11 serve-the-people ospd-openvas[526906]:     sys.exit(main())
Apr 26 10:00:11 serve-the-people ospd-openvas[526906]:              ^^^^^^
Apr 26 10:00:11 serve-the-people ospd-openvas[526906]:   File "/usr/lib/python3/dist-packages/ospd_openvas/daemon.py", line 1245, in main
Apr 26 10:00:11 serve-the-people ospd-openvas[526906]:     daemon_main('OSPD - openvas', OSPDopenvas, NotusParser())
Apr 26 10:00:11 serve-the-people ospd-openvas[526906]:   File "/usr/lib/python3/dist-packages/ospd/main.py", line 152, in main
Apr 26 10:00:11 serve-the-people ospd-openvas[526906]:     daemon.init(server)
Apr 26 10:00:11 serve-the-people ospd-openvas[526906]:   File "/usr/lib/python3/dist-packages/ospd_openvas/daemon.py", line 501, in init
Apr 26 10:00:11 serve-the-people ospd-openvas[526906]:     client = MQTTClient(
Apr 26 10:00:11 serve-the-people ospd-openvas[526906]:              ^^^^^^^^^^^
Apr 26 10:00:11 serve-the-people ospd-openvas[526906]:   File "/usr/lib/python3/dist-packages/ospd_openvas/messaging/mqtt.py", line 39, in __init__
Apr 26 10:00:11 serve-the-people ospd-openvas[526906]:     super().__init__(client_id=client_id, protocol=mqtt.MQTTv5)
Apr 26 10:00:11 serve-the-people ospd-openvas[526906]: TypeError: Client.__init__() missing 1 required positional argument: 'callback_api_version'
Apr 26 10:00:11 serve-the-people ospd-openvas[526906]: Exception ignored in atexit callback: <function exit_cleanup at 0x7fd2cf330f40>
Apr 26 10:00:11 serve-the-people ospd-openvas[526906]: Traceback (most recent call last):
Apr 26 10:00:11 serve-the-people ospd-openvas[526906]:   File "/usr/lib/python3/dist-packages/ospd/main.py", line 74, in exit_cleanup
Apr 26 10:00:11 serve-the-people ospd-openvas[526906]:     sys.exit()
Apr 26 10:00:11 serve-the-people ospd-openvas[526906]: SystemExit:
Apr 26 10:00:11 serve-the-people ospd-openvas[526906]: Exception ignored in: <function Client.__del__ at 0x7fd2cd8ac5e0>
Apr 26 10:00:11 serve-the-people ospd-openvas[526906]: Traceback (most recent call last):
Apr 26 10:00:11 serve-the-people ospd-openvas[526906]:   File "/usr/lib/python3/dist-packages/paho/mqtt/client.py", line 874, in __del__
Apr 26 10:00:11 serve-the-people ospd-openvas[526906]:     self._reset_sockets()
Apr 26 10:00:11 serve-the-people ospd-openvas[526906]:   File "/usr/lib/python3/dist-packages/paho/mqtt/client.py", line 1133, in _reset_sockets
Apr 26 10:00:11 serve-the-people ospd-openvas[526906]:     self._sock_close()
Apr 26 10:00:11 serve-the-people ospd-openvas[526906]:   File "/usr/lib/python3/dist-packages/paho/mqtt/client.py", line 1119, in _sock_close
Apr 26 10:00:11 serve-the-people ospd-openvas[526906]:     if not self._sock:
Apr 26 10:00:11 serve-the-people ospd-openvas[526906]:            ^^^^^^^^^^
Apr 26 10:00:11 serve-the-people ospd-openvas[526906]: AttributeError: 'MQTTClient' object has no attribute '_sock'
Apr 26 10:00:11 serve-the-people systemd[1]: ospd-openvas.service: Can't open PID file /run/ospd/ospd-openvas.pid (yet?) after start: No such file or directory
Apr 26 10:00:11 serve-the-people systemd[1]: ospd-openvas.service: Failed with result 'protocol'.
░░ Subject: Unit failed
░░ Defined-By: systemd
░░ Support: https://www.debian.org/support
░░ 
░░ The unit ospd-openvas.service has entered the 'failed' state with result 'protocol'.
Apr 26 10:00:11 serve-the-people systemd[1]: Failed to start ospd-openvas.service - OSPd Wrapper for the OpenVAS Scanner (ospd-openvas).
░░ Subject: A start job for unit ospd-openvas.service has failed
░░ Defined-By: systemd
░░ Support: https://www.debian.org/support
░░ 
░░ A start job for unit ospd-openvas.service has finished with a failure.
░░ 
░░ The job identifier is 7625 and the job result is failed.
Apr 26 10:00:11 serve-the-people systemd[1]: ospd-openvas.service: Consumed 1.122s CPU time.
░░ Subject: Resources consumed by unit runtime
░░ Defined-By: systemd
░░ Support: https://www.debian.org/support
░░ 
░░ The unit ospd-openvas.service completed and consumed the indicated resources.
lines 141-189/189 (END)

解决：

方法：在greenbone的GitHub下载mqtt.py覆盖kali /usr/lib/python3/dist-packages/库名/messaging 的两处，库分别是notus和ospd-openvas
链接：1，https://github.com/greenbone/notus-scanner/blob/main/notus/scanner/messaging/mqtt.py
	 2，https://github.com/greenbone/ospd-openvas/blob/main/ospd_openvas/messaging/mqtt.py
修改kalilinux路径：
	1，/usr/lib/python3/dist-packages/notus/scanner/messaging 
	2，/usr/lib/python3/dist-packages/ospd_openvas/messaging
根据链接下载对应的mqtt.py对要修改路径进行覆盖即可；
然后再次允许 sudo gvm-check-setup
sudo greenbone-feed-sync --type all

修改openvas初始密码及允许从其他设备访问：

sudo runuser -u _gvm -- gvmd --user=admin --new-password=password #admin填入你想要更改的用户名，最后的password填你要设置的密码

sudo sed -i 's/127.0.0.1/0.0.0.0/g' /lib/systemd/system/gsad.service
sudo gvm-stop
sudo systemctl daemon-reload
sudo gvm-start
更新升级漏洞库
sudo gvm-feed-update

扫描出现问题：

解决：

获取扫描仪id：
sudo runuser -u _gvm -- gvmd --get-scanners #会出现两id, 只复制OpenVAS id即可
获取用户id：
sudo runuser -u _gvm -- gvmd --get-users --verbose
修改扫描仪：
sudo runuser -u _gvm -- gvmd --modify-scanner [scanner id] --value [user id]

出现Scanner modified 即修改成功

md --get-users --verbose
修改扫描仪：
sudo runuser -u _gvm – gvmd --modify-scanner [scanner id] --value [user id]

出现Scanner modified 即修改成功
``