greenbone / ospd Goto Github PK

By default the socket will created as user:group of the calling process.
But ospd-openvas must run as root to let run openvas with root rights.
So far so nice, but gvmd does not need to run with root rights. But now gvmd can't access the socket of ospd-openvas. And change the mode to 666 is not an good idea.
Better will be, to change group of the socket to one group in which gvmd will be an member of.
But for this an option is needed, to set the group of the socket.

On macos 10.15, ospd 21.4.3, python 3.8, psutil 5.8.0:

______________ GetMemoryUsageTestCase.test_with_main_process_only ______________

self = <tests.command.test_commands.GetMemoryUsageTestCase testMethod=test_with_main_process_only>

    def test_with_main_process_only(self):
        cmd = GetMemoryUsage(None)
    
        request = et.fromstring('<get_memory_usage />')
    
>       response = et.fromstring(cmd.handle_xml(request))

tests/command/test_commands.py:458: 
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 
ospd/command/command.py:672: in handle_xml
    self._add_memory_info(process_element, current_process.pid, unit)
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ 

cls = <class 'ospd.command.command.GetMemoryUsage'>
process_element = <Element 'process' at 0x1098dab80>, pid = 49273, unit = None

    @classmethod
    def _add_memory_info(
        cls, process_element: Element, pid: int, unit: str = None
    ):
        try:
            ps_process = psutil.Process(pid)
        except psutil.NoSuchProcess:
            return
    
        memory = ps_process.memory_info()
    
        rss_element = Element('rss')
        rss_element.text = cls._get_memory(memory.rss, unit)
    
        process_element.append(rss_element)
    
        vms_element = Element('vms')
        vms_element.text = cls._get_memory(memory.vms, unit)
    
        process_element.append(vms_element)
    
        shared_element = Element('shared')
>       shared_element.text = cls._get_memory(memory.shared, unit)
E       AttributeError: 'pmem' object has no attribute 'shared'

ospd/command/command.py:659: AttributeError

The other GetMemoryUsageTestCase tests fail similarly. The psutil docs suggest that shared is only available on linux.

Please when you say you build will work on buster then I expect your setup works without running own PIP installs.

https://greenbone.github.io/docs/gvm-21.04/index.html is outdated then and on some points wrong.

To fix this:

echo 'deb http://deb.debian.org/debian buster-backports main' >/etc/apt/sources.list.d/backports.list
apt-get update
apt-get install python3-psutil/buster-backports

The file is missing for the released files.

For PR#19 I discovered that the type patterns in OSP.xml are not visible
in the generated html file. The problem likely is in doc/HTMl.xsl.

If I use older version ospd like v1.0.0, does python3 environment is also required? (‘coz our team may use openvas 8, Thanks)

The signature of the source tar ball is missing.

This would improve the documentation of elements and it would be possible
to drop the (sometimes long) example elements in the command documentation examples.
It would mean to extend HTML.xsl. Note: This could benefit the documentation of GMP as
well where a similar HTML.xsl is used.

I often see this error message in the log:

journal: OSPD - openvas: ERROR: (ospd.ospd) While handling client command:#012Traceback (most recent call last):#12 File "/usr/lib/python3.6/site-packages/ospd/ospd.py", line 762, in handle_client_stream#012 response = self.handle_command(data)#12 File "/usr/lib/python3.6/site-packages/ospd/ospd.py", line 1624, in handle_command#012 return self.handle_get_vts_command(tree)#12 File "/usr/lib/python3.6/site-packages/ospd/ospd.py", line 1011, in handle_get_vts_command#012 vts_xml = self.get_vts_xml(vt_id, filtered_vts)#12 File "/usr/lib/python3.6/site-packages/ospd/ospd.py", line 1545, in get_vts_xml#012 vts_xml.append(self.get_vt_xml(vt_id))#12 File "/usr/lib/python3.6/site-packages/ospd/ospd.py", line 1487, in get_vt_xml#012 vt_id, vt.get('affected')#12 File "/usr/lib/python3.6/site-packages/ospd_openvas/daemon.py", line 684, in get_affected_vt_as_xml_str#012 _affected.text = affected#012 File "src/lxml/etree.pyx", line 1018, in lxml.etree._Element.text.set#12 File "src/lxml/apihelpers.pxi", line 710, in lxml.etree._setNodeText#012 File "src/lxml/apihelpers.pxi", line 698, in lxml.etree._createTextNode#012 File "src/lxml/apihelpers.pxi", line 1493, in lxml.etree._utf8#012ValueError: All strings must be XML compatible: Unicode or ASCII, no NULL bytes or control characters

After call setup.py install, the following files will installed:
/usr/lib/python3.6/site-packages/tests/command/init.py
/usr/lib/python3.6/site-packages/tests/command/pycache/init.cpython-36.opt-1.pyc
/usr/lib/python3.6/site-packages/tests/command/pycache/init.cpython-36.pyc
/usr/lib/python3.6/site-packages/tests/command/pycache/test_command.cpython-36.opt-1.pyc
/usr/lib/python3.6/site-packages/tests/command/pycache/test_command.cpython-36.pyc
/usr/lib/python3.6/site-packages/tests/command/pycache/test_commands.cpython-36.opt-1.pyc
/usr/lib/python3.6/site-packages/tests/command/pycache/test_commands.cpython-36.pyc
/usr/lib/python3.6/site-packages/tests/command/pycache/test_registry.cpython-36.opt-1.pyc
/usr/lib/python3.6/site-packages/tests/command/pycache/test_registry.cpython-36.pyc
/usr/lib/python3.6/site-packages/tests/command/test_command.py
/usr/lib/python3.6/site-packages/tests/command/test_commands.py
/usr/lib/python3.6/site-packages/tests/command/test_registry.py

I think, the test files should not be installed on the target.

this para in the main readme: There are some online resources about this topic: https://docs.greenbone.net/GSM-Manual/gos-3.1/en/osp.html#how-to-write-your-own-osp-wrapper

returns a 404

I wanted to learn how to create an OSPD wrapper myself, but the link on how to create one in the README is broken. Can you please fix the link? Thanks!

I have this error when I run
python3 setup.py install --prefix=/usr/local/

running install
running bdist_egg
running egg_info
writing ospd_openvas.egg-info/PKG-INFO
writing dependency_links to ospd_openvas.egg-info/dependency_links.txt
writing entry points to ospd_openvas.egg-info/entry_points.txt
writing requirements to ospd_openvas.egg-info/requires.txt
writing top-level names to ospd_openvas.egg-info/top_level.txt
reading manifest file 'ospd_openvas.egg-info/SOURCES.txt'
reading manifest template 'MANIFEST.in'
warning: no files found matching '*.csv' under directory 'tests'
writing manifest file 'ospd_openvas.egg-info/SOURCES.txt'
installing library code to build/bdist.linux-x86_64/egg
running install_lib
running build_py
creating build/bdist.linux-x86_64/egg
creating build/bdist.linux-x86_64/egg/ospd_openvas
copying build/lib/ospd_openvas/init.py -> build/bdist.linux-x86_64/egg/ospd_openvas
copying build/lib/ospd_openvas/version.py -> build/bdist.linux-x86_64/egg/ospd_openvas
copying build/lib/ospd_openvas/daemon.py -> build/bdist.linux-x86_64/egg/ospd_openvas
copying build/lib/ospd_openvas/db.py -> build/bdist.linux-x86_64/egg/ospd_openvas
copying build/lib/ospd_openvas/dryrun.py -> build/bdist.linux-x86_64/egg/ospd_openvas
copying build/lib/ospd_openvas/errors.py -> build/bdist.linux-x86_64/egg/ospd_openvas
copying build/lib/ospd_openvas/lock.py -> build/bdist.linux-x86_64/egg/ospd_openvas
copying build/lib/ospd_openvas/nvticache.py -> build/bdist.linux-x86_64/egg/ospd_openvas
copying build/lib/ospd_openvas/openvas.py -> build/bdist.linux-x86_64/egg/ospd_openvas
copying build/lib/ospd_openvas/preferencehandler.py -> build/bdist.linux-x86_64/egg/ospd_openvas
copying build/lib/ospd_openvas/vthelper.py -> build/bdist.linux-x86_64/egg/ospd_openvas
byte-compiling build/bdist.linux-x86_64/egg/ospd_openvas/init.py to init.cpython-39.pyc
byte-compiling build/bdist.linux-x86_64/egg/ospd_openvas/version.py to version.cpython-39.pyc
byte-compiling build/bdist.linux-x86_64/egg/ospd_openvas/daemon.py to daemon.cpython-39.pyc
byte-compiling build/bdist.linux-x86_64/egg/ospd_openvas/db.py to db.cpython-39.pyc
byte-compiling build/bdist.linux-x86_64/egg/ospd_openvas/dryrun.py to dryrun.cpython-39.pyc
byte-compiling build/bdist.linux-x86_64/egg/ospd_openvas/errors.py to errors.cpython-39.pyc
byte-compiling build/bdist.linux-x86_64/egg/ospd_openvas/lock.py to lock.cpython-39.pyc
byte-compiling build/bdist.linux-x86_64/egg/ospd_openvas/nvticache.py to nvticache.cpython-39.pyc
byte-compiling build/bdist.linux-x86_64/egg/ospd_openvas/openvas.py to openvas.cpython-39.pyc
byte-compiling build/bdist.linux-x86_64/egg/ospd_openvas/preferencehandler.py to preferencehandler.cpython-39.pyc
byte-compiling build/bdist.linux-x86_64/egg/ospd_openvas/vthelper.py to vthelper.cpython-39.pyc
creating build/bdist.linux-x86_64/egg/EGG-INFO
copying ospd_openvas.egg-info/PKG-INFO -> build/bdist.linux-x86_64/egg/EGG-INFO
copying ospd_openvas.egg-info/SOURCES.txt -> build/bdist.linux-x86_64/egg/EGG-INFO
copying ospd_openvas.egg-info/dependency_links.txt -> build/bdist.linux-x86_64/egg/EGG-INFO
copying ospd_openvas.egg-info/entry_points.txt -> build/bdist.linux-x86_64/egg/EGG-INFO
copying ospd_openvas.egg-info/requires.txt -> build/bdist.linux-x86_64/egg/EGG-INFO
copying ospd_openvas.egg-info/top_level.txt -> build/bdist.linux-x86_64/egg/EGG-INFO
zip_safe flag not set; analyzing archive contents...
creating 'dist/ospd_openvas-21.10.0.dev1-py3.9.egg' and adding 'build/bdist.linux-x86_64/egg' to it
removing 'build/bdist.linux-x86_64/egg' (and everything under it)
Processing ospd_openvas-21.10.0.dev1-py3.9.egg
Removing /usr/local/lib/python3.9/dist-packages/ospd_openvas-21.10.0.dev1-py3.9.egg
Copying ospd_openvas-21.10.0.dev1-py3.9.egg to /usr/local/lib/python3.9/dist-packages
ospd-openvas 21.10.0.dev1 is already the active version in easy-install.pth
Installing ospd-openvas script to /usr/local/bin

Installed /usr/local/lib/python3.9/dist-packages/ospd_openvas-21.10.0.dev1-py3.9.egg
Processing dependencies for ospd-openvas==21.10.0.dev1
Searching for ospd>=21.10.0.dev1
Reading https://pypi.org/simple/ospd/
No local packages or working download links found for ospd>=21.10.0.dev1
error: Could not find suitable distribution for Requirement.parse('ospd>=21.10.0.dev1')

Hey OSPD team,

some time ago, i openend a ticket on ospd-openvas to track a connection error between GVMD and the remote listening (IP) ospd-openvas instance.

I think the root cause is within OSPD.
When connecting from GVMD I am getting the following error:

Exception happened during processing of request from ('xxx.xxx.xxx.xx', 55500)
Traceback (most recent call last):
  File "/usr/lib/python3.7/socketserver.py", line 650, in process_request_thread
    self.finish_request(request, client_address)
  File "/usr/lib/python3.7/socketserver.py", line 360, in finish_request
    self.RequestHandlerClass(request, client_address, self)
  File "/usr/lib/python3.7/socketserver.py", line 720, in __init__
    self.handle()
  File "/opt/openvas/lib/python3.7/site-packages/ospd-2.0.0-py3.7.egg/ospd/server.py", line 127, in handle
    self.server.handle_request(self.request, self.client_address)
  File "/opt/openvas/lib/python3.7/site-packages/ospd-2.0.0-py3.7.egg/ospd/server.py", line 167, in handle_request
    self.server.handle_request(request, client_address)
  File "/opt/openvas/lib/python3.7/site-packages/ospd-2.0.0-py3.7.egg/ospd/server.py", line 297, in handle_request
    req_socket = self.tls_context.wrap_socket(request, server_side=True)
  File "/usr/lib/python3.7/ssl.py", line 423, in wrap_socket
    session=session
  File "/usr/lib/python3.7/ssl.py", line 870, in _create
    self.do_handshake()
  File "/usr/lib/python3.7/ssl.py", line 1139, in do_handshake
    self._sslobj.do_handshake()
OSError: [Errno 0] Error

Fore a detailed analysis of the issue, please read the issue within ospd-openvas

All details and versions can be found in the above ticket