Openvas Error

Lupus · April 7, 2025, 10:15am

I am trying to install openvas on Kali. However, when I try to run gvm-check-setup, I get the error scap data missing. I also got the message that in order to fix the problem I should run sudo greenbone-feed-sync –type scap. I ran the script, but the problem still persists. Can anyone help me?**

denartha · April 7, 2025, 12:52pm

A long time ago I did some QA for OpenVAS.

Can you post up the exact error messages you are getting?

denartha · April 7, 2025, 12:55pm

OpenVAS is included in Kali already. Did you check if it’s already installed?

Lupus · April 7, 2025, 2:43pm

Hello denartha. I couldn’t find openvas on Kali. The exact error I get is SCAP DATA missing.

denartha · April 7, 2025, 2:52pm

What happens if you run:

sudo greenbone-scapdata-sync

Lupus · April 7, 2025, 3:01pm

I still get the same error.

denartha · April 7, 2025, 3:30pm

Can you post the exact error messages you are getting?

If OpenVAS/Greenbone was not installed then you would be getting command not found, so clearly it is installed.

Can you post the output of:

systemctl status gvmd

Can you also post the output of /var/lib/gvm/gvmd.log

Lupus · April 7, 2025, 3:52pm

Her’s what I get when I run gvm-check-setup
zsh: corrupt history file /home/kali/.zsh_history
┌──(kali㉿kali)-[~]
└─$ sudo gvm-check-setup
[sudo] password for kali:
gvm-check-setup 23.11.0
Test completeness and readiness of GVM-23.11.0
Step 1: Checking OpenVAS (Scanner)…
OK: OpenVAS Scanner is present in version 23.16.1.
OK: Notus Scanner is present in version 22.6.5.
OK: Server CA Certificate is present as /var/lib/gvm/CA/servercert.pem.
Checking permissions of /var/lib/openvas/gnupg/*
OK: _gvm owns all files in /var/lib/openvas/gnupg
OK: redis-server is present.
OK: scanner (db_address setting) is configured properly using the redis-server socket: /var/run/redis-openvas/redis-server.sock
OK: the mqtt_server_uri is defined in /etc/openvas/openvas.conf
OK: _gvm owns all files in /var/lib/openvas/plugins
OK: NVT collection in /var/lib/openvas/plugins contains 93631 NVTs.
OK: The notus directory /var/lib/notus/products contains 496 NVTs.
Checking that the obsolete redis database has been removed
Could not connect to Redis at /var/run/redis-openvas/redis-server.sock: No such file or directory
OK: No old Redis DB
Starting ospd-openvas service
Waiting for ospd-openvas service
OK: ospd-openvas service is active.
OK: ospd-OpenVAS is present in version 22.8.1.
Step 2: Checking GVMD Manager …
OK: GVM Manager (gvmd) is present in version 25.1.3.
Step 3: Checking Certificates …
OK: GVM client certificate is valid and present as /var/lib/gvm/CA/clientcert.pem.
OK: Your GVM certificate infrastructure passed validation.
Step 4: Checking data …
ERROR: SCAP DATA are missing.
FIX: Run the SCAP synchronization script greenbone-feed-sync.
sudo greenbone-feed-sync --type scap.

ERROR: Your GVM-23.11.0 installation is not yet complete!

Please follow the instructions marked with FIX above and run this
script again.

And here is what I get when I run systemctl status gvmd
○ gvmd.service - Greenbone Vulnerability Manager daemon (gvmd)
Loaded: loaded (/usr/lib/systemd/system/gvmd.service; disabled; preset: disabled)
Active: inactive (dead)
Docs: man:gvmd(8)

I don’t know how to rum /var/lib/gvm/gvmd.log

denartha · April 7, 2025, 4:17pm

OK, so run:

And paste the output here, please.

Lupus · April 7, 2025, 4:32pm

Running as root. Switching to user ‘_gvm’ and group ‘_gvm’.
Trying to acquire lock on /var/lib/gvm/feed-update.lock
Acquired lock on /var/lib/gvm/feed-update.lock
⠏ Downloading SCAP data from rsync://feed.community.greenbone.net/community/vulnerability-feed/24.10/scap-data/ to /var/lib/gvm/scap-data
Releasing lock on /var/lib/gvm/feed-update.lock

denartha · April 7, 2025, 4:46pm

OK, now run this:

And post the output.

Lupus · April 7, 2025, 4:55pm

gvm-check-setup 23.11.0
Test completeness and readiness of GVM-23.11.0
Step 1: Checking OpenVAS (Scanner)…
OK: OpenVAS Scanner is present in version 23.16.1.
OK: Notus Scanner is present in version 22.6.5.
OK: Server CA Certificate is present as /var/lib/gvm/CA/servercert.pem.
Checking permissions of /var/lib/openvas/gnupg/*
OK: _gvm owns all files in /var/lib/openvas/gnupg
OK: redis-server is present.
OK: scanner (db_address setting) is configured properly using the redis-server socket: /var/run/redis-openvas/redis-server.sock
OK: the mqtt_server_uri is defined in /etc/openvas/openvas.conf
OK: _gvm owns all files in /var/lib/openvas/plugins
OK: NVT collection in /var/lib/openvas/plugins contains 93631 NVTs.
OK: The notus directory /var/lib/notus/products contains 496 NVTs.
Checking that the obsolete redis database has been removed
Could not connect to Redis at /var/run/redis-openvas/redis-server.sock: No such file or directory
OK: No old Redis DB
Starting ospd-openvas service
Waiting for ospd-openvas service
OK: ospd-openvas service is active.
OK: ospd-OpenVAS is present in version 22.8.1.
Step 2: Checking GVMD Manager …
OK: GVM Manager (gvmd) is present in version 25.1.3.
Step 3: Checking Certificates …
OK: GVM client certificate is valid and present as /var/lib/gvm/CA/clientcert.pem.
OK: Your GVM certificate infrastructure passed validation.
Step 4: Checking data …
ERROR: SCAP DATA are missing.
FIX: Run the SCAP synchronization script greenbone-feed-sync.
sudo greenbone-feed-sync --type scap.

ERROR: Your GVM-23.11.0 installation is not yet complete!

Please follow the instructions marked with FIX above and run this
script again.

Lupus · April 7, 2025, 6:59pm

I really wanted to take the time to thank you denartha for all your help.

Lupus · April 8, 2025, 9:18am

Just to let anyone viewing this post, I found the solution to this problem.

Anyx · April 8, 2025, 12:46pm

I have the same problem. What is the solution?

denartha · April 8, 2025, 3:25pm

Can you share how you fixed it here?

Lupus · April 8, 2025, 4:22pm

The problem was with gvm-check-setup. I fixed it by running

sed -i ‘s/if [ $SCAPCOUNT -lt 10 ]/if [ $SCAPCOUNT -lt 1 ]/’ which gvm-check-setup

Anyx · April 8, 2025, 4:34pm

What does that do. Also where did you find the solution?

Lupus · April 8, 2025, 4:47pm

Truth be told, I have no idea what it does. I found the solution on Openvas’ forum.

denartha · April 8, 2025, 5:58pm

SCAP stands for Security Content Automation Protocol. It’s a set of open standards used for automating vulnerability management, measurement, and policy compliance evaluation of systems.

is a value in the script. The script checks for Scap files downloaded and throws an error if there are less than 10.
The sed command does a search and replace, and changes the 10 to a 1 so the script doesn’t exit on the check any more.

I’m glad it fixed your problem, but it’s generally not good practice to run commands you got off the internet when you don’t know what they do.