Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Openvas blow redis connection and databases #845

Open
tenaz3 opened this issue Oct 22, 2024 · 0 comments
Open

Openvas blow redis connection and databases #845

tenaz3 opened this issue Oct 22, 2024 · 0 comments
Labels

Comments

@tenaz3
Copy link

tenaz3 commented Oct 22, 2024

Expected behavior

I expect a task does not get interrupted every time even if I resume it and get it completed.

Actual behavior

The task does not get completed, and the openvas makes redis fail til restarts regarding databases. I post the issue here as well

Steps to reproduce

  1. Using docker compose of: https://greenbone.github.io/docs/latest/22.4/container/index.html#
  2. Start a task of a specific target (can not expose the target since it's customer)
  3. Task gets interrupted as 99%

GVM versions

gsa: (gsad --version)
Greenbone Security Assistant 22.12.0
gvm: (gvmd --version)
Greenbone Vulnerability Manager 24.0.0
Manager DB revision 256
Compliance reports enabled
Copyright (C) 2009-2021 Greenbone AG
License: AGPL-3.0-or-later
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
openvas: (openvas --version)
OpenVAS 23.8.5
gvm-libs 22.11.0
Most new code since 2005: (C) 2024 Greenbone AG
Nessus origin: (C) 2004 Renaud Deraison [email protected]
License GPLv2: GNU GPL version 2
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
gvm-libs:
gvm-libs 22.11.0

Environment

Operating system:
CentOS 9 / MacOS 15.0.1

Installation method / source: (packages, source installation)
docker-compose and podman-compose

Logfiles

I also increased the redis.conf databases 50500 and redis-server container to 12 cores. Before redis stop to work and restart the CPU usage get’s high(100%).

redis.log

# oO0OoO0OoO0Oo Redis is starting oO0OoO0OoO0Oo
 # Redis version=7.0.15, bits=64, commit=00000000, modified=0, pid=7, just started
 # Configuration loaded
 * monotonic clock: POSIX clock_gettime
 * Running mode=standalone, port=0.
 # Server initialized
 # WARNING Memory overcommit must be enabled! Without it, a background save or replication may fail under low memory condition. Being disabled, it can can also cause failures without low memory condition, see https://github.com/jemalloc/jemalloc/issues/1328. To fix this issue add 'vm.overcommit_memory = 1' to /etc/sysctl.conf and then reboot or run the command 'sysctl vm.overcommit_memory=1' for this to take effect.
 * The server is now ready to accept connections at /run/redis/redis.sock
Killed
 # oO0OoO0OoO0Oo Redis is starting oO0OoO0OoO0Oo
 # Redis version=7.0.15, bits=64, commit=00000000, modified=0, pid=8, just started
 # Configuration loaded
 * monotonic clock: POSIX clock_gettime
 * Running mode=standalone, port=0.
 # Server initialized
 # WARNING Memory overcommit must be enabled! Without it, a background save or replication may fail under low memory condition. Being disabled, it can can also cause failures without low memory condition, see https://github.com/jemalloc/jemalloc/issues/1328. To fix this issue add 'vm.overcommit_memory = 1' to /etc/sysctl.conf and then reboot or run the command 'sysctl vm.overcommit_memory=1' for this to take effect.
 * The server is now ready to accept connections at /run/redis/redis.sock

ospd-openvas.log

lib  misc:   [3650] gnutls_handshake: A TLS fatal alert has been received.
lib  misc:   [3650] release_connection_fd: fd > 0 fd=19
....

 libgvm util: Key 'HostDetails' already contained value 'EXIT_CODE'
 main:  pre_fn_call: called
libgvm util:   Key 'HostDetails/NVT' already contained value '1.3.6.1.4.1.25623.1.0.801957'
libgvm util:  Key 'HostDetails/NVT/1.3.6.1.4.1.25623.1.0.801957/EXIT_CODE' already contained value 'EXIT_NOTVULN'
....
post_fn_call: called
libgvm util:   get_redis_ctx: connected to redis:///run/redis/redis.sock/3
sd   main:  procs_cleanup_children: checking 5 ipc.
sd   main:  create_ipc_process: closed 0 fd.
sd   main:  pluginlaunch_wait_for_free_process. Number of running processes >= maximum running processes (4 >= 4). Waiting for free slot for processes.
....
libgvm util:CRITICAL: No redis DB available

openvas.log:

libgvm util: fetch_max_db_index: maximum DB number: 1025

gvmd.log:

Status of task Customer scan (2eb3ee34-26ee-4b0e-be91-f560ebc7ce17) has changed to Running
 BACKTRACE: gvmd(+0x6e574) [0xaaaad667e574]
 BACKTRACE: linux-vdso.so.1(__kernel_rt_sigreturn+0) [0xffff953ad7a0]
 BACKTRACE: /lib/aarch64-linux-gnu/libc.so.6(gsignal+0xdc) [0xffff94c88e6c]
 BACKTRACE: /lib/aarch64-linux-gnu/libc.so.6(abort+0x108) [0xffff94c75a60]
 BACKTRACE: gvmd(sql_string+0) [0xaaaad6690b80]
 BACKTRACE: gvmd(manage_db_empty+0x1c) [0xaaaad670b7bc]
 BACKTRACE: gvmd(manage_db_version+0x10) [0xaaaad66a7950]
 BACKTRACE: gvmd(manage_create_sql_functions+0x18) [0xaaaad670bdfc]
 BACKTRACE: gvmd(init_manage_process+0x68) [0xaaaad66a9cfc]
 BACKTRACE: gvmd(init_gmp_process+0x4c) [0xaaaad6743afc]
 BACKTRACE: gvmd(serve_gmp+0x6c) [0xaaaad66821f0]
 BACKTRACE: gvmd(+0x6e294) [0xaaaad667e294]
 BACKTRACE: gvmd(+0x6e850) [0xaaaad667e850]
 BACKTRACE: gvmd(gvmd+0x1ae4) [0xaaaad6681874]
 BACKTRACE: /lib/aarch64-linux-gnu/libc.so.6(__libc_start_main+0xe8) [0xffff94c75dd8]
 BACKTRACE: gvmd(+0x6deb8) [0xaaaad667deb8]
 Received Aborted signal
 Status of task Customer scan (2eb3ee34-26ee-4b0e-be91-f560ebc7ce17) has changed to Interrupted
@tenaz3 tenaz3 added the bug label Oct 22, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

1 participant