Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/net-analyzer/openvas-scanner/files/first-start
diff options
context:
space:
mode:
Diffstat (limited to 'net-analyzer/openvas-scanner/files/first-start')
-rwxr-xr-xnet-analyzer/openvas-scanner/files/first-start634
1 files changed, 634 insertions, 0 deletions
diff --git a/net-analyzer/openvas-scanner/files/first-start b/net-analyzer/openvas-scanner/files/first-start
new file mode 100755
index 000000000000..95811a56b19d
--- /dev/null
+++ b/net-analyzer/openvas-scanner/files/first-start
@@ -0,0 +1,634 @@
+#!/bin/bash
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+# This is OpenVAS first-start/check-setup script which make things automatically for first time use.
+
+
+##################################################################################################
+# If you use systemd or init.d(open-rc) for OpenVAS daemons you don't need to set below settings.#
+# If you don't use any of them you can set the below command args to start daemons manually. #
+##################################################################################################
+
+# OpenVAS Manager command args
+OPENVAS_MANAGER_OPTIONS="" # e.g --foreground
+OPENVAS_MANAGER_PORT="--port=9390" # Manager listen port
+OPENVAS_MANAGER_LISTEN_ADDRESS="--listen=127.0.0.1" # Manager listen address
+OPENVAS_MANAGER_SCANNER_HOST="--scanner-host=/var/run/openvassd.sock" # Scanner unix socket
+OPENVAS_MANAGER_GNUTLS_PRIORITIES="--gnutls-priorities=SECURE256:+SUITEB192:+SECURE192:+SECURE128:+SUITEB128:-MD5:-SHA1:-VERS-TLS1.0:-VERS-TLS1.1:-VERS-SSL3.0"
+
+# OpenVAS Scanner command args
+OPENVAS_SCANNER_OPTIONS="" # e.g --foreground
+OPENVAS_SCANNER_LISTEN_SOCKET="--unix-socket=/var/run/openvassd.sock" # Scanner listen socket
+
+# OpenVAS Security Assistant command args for reverse proxying | SSL PassThrough
+OPENVAS_SECURITY_ASSISTANT_OPTIONS="--no-redirect" # Don't listen port 80 anymore for reverse proxy
+OPENVAS_SECURITY_ASSISTANT_LISTEN_ADDRESS="--listen=127.0.0.1" # WebUI adress
+OPENVAS_SECURITY_ASSISTANT_LISTEN_PORT="--port=9392" # WebUI Port
+OPENVAS_SECURITY_ASSISTANT_MANAGER_LISTEN_ADDRESS="--mlisten=127.0.0.1" # WebUI Manager Address
+OPENVAS_SECURITY_ASSISTANT_MANAGER_PORT="--mport=9390" # WebUI Manager Port
+OPENVAS_SECURITY_ASSISTANT_GNUTLS_PRIORITIES="--gnutls-priorities=NORMAL" # TLS Settings
+
+#####################################################################################################
+
+# Update Environment
+source /etc/profile &>/dev/null
+source /etc/environment &>/dev/null
+source ~/.bash_profile &>/dev/null
+
+# Check the needed executables.They are in our environment and have +x?
+if ! [ -x "$(command -v openvasmd)" ] ||
+ ! [ -x "$(command -v openvassd)" ] ||
+ ! [ -x "$(command -v redis-server)" ] ||
+ ! [ -x "$(command -v openvas-manage-certs)" ] ||
+ ! [ -x "$(command -v greenbone-nvt-sync)" ] ||
+ ! [ -x "$(command -v greenbone-scapdata-sync)" ] ||
+ ! [ -x "$(command -v greenbone-certdata-sync)" ]; then
+ path="1"
+ else
+ path="0"
+fi
+
+# Check Security-Assistant is exist
+if ! [ -x "$(command -v gsad)" ]; then
+ gsad="1"
+ else
+ gsad="0"
+fi
+# Executables are not in our environment
+if [ $path -eq 1 ]; then
+ echo "Can't find executables! If you installed OpenVAS to specific location e.g. /opt"
+ echo "please add these PATHS to /etc/profile,also sure that they are executable"
+ exit 1
+fi
+
+# Check systemd and enable services for Gentoo/Linux
+if command -v systemctl &>/dev/null; then
+ systemctl="0"
+ echo "systemd found."
+ systemctl enable openvas-scanner.service &>/dev/null
+ if [ $? -eq 0 ]; then
+ echo "systemd.Gentoo --> openvas-scanner.service enabled."
+ fi
+ systemctl enable gvmd.service &>/dev/null
+ if [ $? -eq 0 ]; then
+ echo "systemd.Gentoo --> gvmd.service enabled."
+ fi
+ systemctl enable gsa.service &>/dev/null
+ if [ $? -eq 0 ]; then
+ echo "systemd.Gentoo --> gsa.service enabled."
+ fi
+ else
+ systemctl="1"
+fi
+
+# Check open-rc if exist
+if command -v rc-service &>/dev/null; then
+ open_rc="0"
+ else
+ open_rc="1"
+fi
+
+# open-rc variables
+if [ $systemctl -eq 1 ] && [ $open_rc -eq 0 ]; then
+ echo "open-rc found."
+ scanner_init="0"
+ manager_init="0"
+ assistant_init="0"
+ redis_init="0"
+fi
+
+# Check status of OpenVAS-Scanner systemd unit
+if [ $systemctl -eq 0 ] &&
+ ([ "$(systemctl is-active openvas-scanner.service)" = "active" ] ||
+ [ "$(systemctl list-unit-files | grep 'enabled' | grep 'openvas-scanner.service' | awk '{print $1}')" = "openvas-scanner.service" ]); then
+ scanner="0"
+ else
+ scanner="1"
+fi
+
+# Check status of OpenVAS-Manager systemd unit
+if [ $systemctl -eq 0 ] &&
+ ([ "$(systemctl is-active gvmd.service)" = "active" ] ||
+ [ "$(systemctl list-unit-files | grep 'enabled' | grep 'gvmd.service' | awk '{print $1}')" = "gvmd.service" ]); then
+ manager="0"
+ else
+ manager="1"
+fi
+
+# Check status of OpenVAS-Assistant systemd unit
+if [ $systemctl -eq 0 ] &&
+ ([ "$(systemctl is-active gsa.service)" = "active" ] ||
+ [ "$(systemctl list-unit-files | grep 'enabled' | grep 'gsa.service' | awk '{print $1}')" = "gsa.service" ]); then
+ assistant="0"
+ else
+ assistant="1"
+fi
+
+# Check status of Redis systemd unit
+if [ $systemctl -eq 0 ] &&
+ ([ "$(systemctl is-active redis.service)" = "active" ] ||
+ [ "$(systemctl list-unit-files | grep 'enabled' | grep 'redis.service' | awk '{print $1}')" = "redis.service" ]); then
+ redis="0"
+ else
+ redis="1"
+fi
+
+# We need to find correct service name for restarting.
+if [ $scanner -eq 1 ] || [ $manager -eq 1 ] || [ $assistant -eq 1 ] || [ $redis -eq 1 ]; then
+ WHICHM="ExecStart=$(type openvasmd | awk '{print $3}')"
+ WHICHS="ExecStart=$(type openvassd | awk '{print $3}')"
+ WHICHA="ExecStart=$(type gsad | awk '{print $3}')"
+ WHICHR="ExecStart=$(type redis-server | awk '{print $3}')"
+
+ # If you have unordinary systemd path you can add here
+ DIR="/lib/systemd/system/
+ /etc/systemd/system/
+ /usr/lib/systemd/system/
+ /usr/local/lib/systemd/system/"
+
+ # Find OpenVAS daemons systemd files if exist
+ for i in $DIR; do
+ if [ -d "$i" ]; then
+ grep -rilnw "$i" -e "$WHICHM" | cut -d: -f1 | grep -oP "$i\K.*" &>>/tmp/openvas_GVM_manager_service.out
+ grep -rilnw "$i" -e "$WHICHS" | cut -d: -f1 | grep -oP "$i\K.*" &>>/tmp/openvas_GVM_scanner_service.out
+ grep -rilnw "$i" -e "$WHICHA" | cut -d: -f1 | grep -oP "$i\K.*" &>>/tmp/openvas_GVM_assistant_service.out
+ grep -rilnw "$i" -e "$WHICHR" | cut -d: -f1 | grep -oP "$i\K.*" &>>/tmp/openvas_GVM_redis_service.out
+ fi
+ done
+
+ manager_service="$(while IFS= read -r service; do
+ systemctl list-unit-files | grep -P "(^|\s)\K$service(?=\s|$)" | awk '{print $1}'
+ done < /tmp/openvas_GVM_manager_service.out)"
+ scanner_service="$(while IFS= read -r service; do
+ systemctl list-unit-files | grep -P "(^|\s)\K$service(?=\s|$)" | awk '{print $1}'
+ done < /tmp/openvas_GVM_scanner_service.out)"
+ assistant_service="$(while IFS= read -r service; do
+ systemctl list-unit-files | grep -P "(^|\s)\K$service(?=\s|$)" | awk '{print $1}'
+ done < /tmp/openvas_GVM_assistant_service.out)"
+ redis_service="$(while IFS= read -r service; do
+ systemctl list-unit-files | grep -P "(^|\s)\K$service(?=\s|$)" | awk '{print $1}'
+ done < /tmp/openvas_GVM_redis_service.out)"
+
+ rm -rf /tmp/openvas_GVM*
+ COUNTM=$(wc -w <<< "${manager_service}")
+ COUNTS=$(wc -w <<< "${scanner_service}")
+ COUNTA=$(wc -w <<< "${assistant_service}")
+ COUNTR=$(wc -w <<< "${redis_service}")
+
+ if [ -n "$manager_service" ] && [ $manager -eq 1 ]; then
+ if [ "$(systemctl list-unit-files | grep 'enabled' | grep $manager_service | awk '{print $1}')" = "$manager_service" ]; then
+ echo "systemd --> OpenVAS Manager '$manager_service' found."
+ else
+ echo "systemd --> '$manager_service' found but not enabled."
+ echo "are you sure this is the correct systemd service for Openvas Manager"
+ while true; do
+ read -n 1 -p "do you want to enable '$manager_service'? --> (Y)es | (N)o | (Q)uit" answer
+ echo
+ case $answer in
+ [Yy]* ) systemctl enable "$manager_service" &>/dev/null; echo "systemd --> '$manager_service' enabled"; break;;
+ [Nn]* ) manager_service=""; echo "it seems you are not sure.ok i don't use $manager_service"; break;;
+ [Qq]* ) exit;;
+ * ) echo "Please answer yes,no or quit.";;
+ esac
+ done
+ fi
+ fi
+
+ if [ -n "$scanner_service" ] && [ $scanner -eq 1 ]; then
+ if [ "$(systemctl list-unit-files | grep 'enabled' | grep $scanner_service | awk '{print $1}')" = "$scanner_service" ]; then
+ echo "systemd --> OpenVAS Scanner '$scanner_service' found."
+ else
+ echo "systemd --> '$scanner_service' found but not enabled."
+ echo "are you sure this is the correct systemd service for Openvas Scanner"
+ while true; do
+ read -n 1 -p "do you want to enable '$scanner_service'? --> (Y)es | (N)o | (Q)uit" answer
+ echo
+ case $answer in
+ [Yy]* ) systemctl enable "$scanner_service" &>/dev/null; echo "systemd --> '$scanner_service' enabled"; break;;
+ [Nn]* ) scanner_service=""; echo "it seems you are not sure.ok i don't use $scanner_service"; break;;
+ [Qq]* ) exit;;
+ * ) echo "Please answer yes,no or quit.";;
+ esac
+ done
+ fi
+ fi
+
+ if [ -n "$assistant_service" ] && [ $scanner -eq 1 ]; then
+ if [ "$(systemctl list-unit-files | grep 'enabled' | grep $assistant_service | awk '{print $1}')" = "$assistant_service" ]; then
+ echo "systemd --> GSA '$assistant_service' found."
+ else
+ echo "systemd --> '$assistant_service' found but not enabled."
+ echo "are you sure this is the correct systemd service for Greenbone Security Assistant"
+ while true; do
+ read -n 1 -p "do you want to enable '$assistant_service'? --> (Y)es | (N)o | (Q)uit" answer
+ echo
+ case $answer in
+ [Yy]* ) systemctl enable "$assistant_service" &>/dev/null; echo "systemd --> '$assistant_service' enabled"; break;;
+ [Nn]* ) assistant_service=""; echo "it seems you are not sure.ok i don't use $assistant_service"; break;;
+ [Qq]* ) exit;;
+ * ) echo "please answer yes,no or quit.";;
+ esac
+ done
+ fi
+ fi
+
+ if [ -n "$redis_service" ] && [ $scanner -eq 1 ]; then
+ if [ "$(systemctl list-unit-files | grep 'enabled' | grep $redis_service | awk '{print $1}')" = "$redis_service" ]; then
+ echo "systemd --> redis '$redis_service' found."
+ else
+ echo "systemd --> '$redis_service' found but not enabled."
+ echo "are you sure this is the correct systemd service for redis-server"
+ while true; do
+ read -n 1 -p "do you want to enable '$redis_service'? --> (Y)es | (N)o | (Q)uit" answer
+ echo
+ case $answer in
+ [Yy]* ) systemctl enable "$redis_service" &>/dev/null; echo "systemd --> '$redis_service' enabled"; break;;
+ [Nn]* ) redis_service=""; echo "it seems you are not sure.ok i don't use $redis_service"; break;;
+ [Qq]* ) exit;;
+ * ) echo "please answer yes,no or quit.";;
+ esac
+ done
+ fi
+ fi
+
+ if [ $COUNTM -gt 1 ] || [ $COUNTS -gt 1 ] || [ $COUNTR -gt 1 ]; then
+ echo "you have more than one enabled systemd service for single daemon"
+ echo " check OpenVAS and Redis systemd unit files to fix it"
+ exit 1
+ fi
+fi
+
+restart_redis () {
+if [ $redis -eq 0 ]; then
+ systemctl restart redis.service &>/dev/null
+ if [ $? -eq 0 ]; then
+ echo "systemd --> redis.service is restarted."
+ else
+ echo "systemd --> redis.service cannot restarted."
+ exit 1
+ fi
+elif [[ -n "$redis_service" ]]; then
+ systemctl restart "$redis_service" &>/dev/null
+ if [ $? -eq 0 ]; then
+ echo "systemd --> $redis_service is restarted."
+ else
+ echo "systemd --> $redis_service cannot restarted."
+ exit 1
+ fi
+elif [[ -n "$redis_init" ]]; then
+ rc-service redis stop
+ sleep 5
+ rc-service redis start
+ if [ $? -eq 0 ]; then
+ echo "open-rc --> redis is restarted."
+ else
+ echo "open-rc --> redis cannot restarted."
+ exit 1
+ fi
+fi
+}
+
+build_nvt () {
+if ps aux | grep -v "grep" | grep -P "(^|\s)\Kopenvassd:(?=\s|$)" &>/dev/null; then
+ ps aux | grep -v "grep" | grep -P "(^|\s)\Kopenvassd:(?=\s|$)" | awk '{print $2}' | xargs kill -9 &>/dev/null
+ openvassd --foreground --only-cache &>/dev/null
+ if [ $? -eq 0 ]; then
+ echo "building NVT cache is done."
+ else
+ echo "building NVT cache is failed.."
+ exit 1
+ fi
+ else
+ openvassd --foreground --only-cache &>/dev/null
+ if [ $? -eq 0 ]; then
+ echo "building NVT cache is done."
+ else
+ echo "building NVT cache is failed.."
+ exit 1
+ fi
+fi
+}
+
+create_user () {
+GREEN="`tput setaf 2`"
+RED="`tput setaf 1`"
+norm="`tput sgr0`"
+echo "creating WebUI User.."
+openvasmd --create-user=admin --role=Admin &>/tmp/openvas_user.out
+if [ $? -eq 0 ]; then
+ username="admin"
+ password="$(cat /tmp/openvas_user.out | awk '{print $5}' | cut -c2-)"
+ echo "${RED}!WebUI Address : ${GREEN}127.0.0.1:9392"
+ echo "${RED}!WebUI Username: ${GREEN}$username"
+ echo "${RED}!WebUI Password: ${GREEN}${password%??}${norm}"
+ else
+ echo "$(cat /tmp/openvas_user.out)"
+ echo "these are active users for WebUI"
+ openvasmd --get-users
+fi
+rm -rf /tmp/openvas_user.out
+}
+
+# Redis & OpenVAS Scanner socket connection check for Gentoo/Linux
+if [[ -e /etc/redis.conf ]]; then
+ if [ "$(openvassd -s | grep 'kb_location' | awk '{print $3}')" = "$(cat /etc/redis.conf | grep -P '(^|\s)\Kunixsocket(?=\s|$)' | awk '{print $2}')" ]; then
+ echo "redis server properly configured."
+ else
+ redis_sock="$(openvassd -s | grep 'kb_location' | awk '{print $3}')"
+ echo "redis server is not properly configured."
+ echo "be sure redis server listening unix socket at $redis_sock"
+ echo "you can find example redis.conf file in /etc/openvas/redis.conf.example"
+ exit 1
+ fi
+fi
+
+# Redis & OpenVAS Scanner socket connection check for other linux distros
+if [[ -e /etc/redis/redis.conf ]]; then
+ if [ "$(openvassd -s | grep 'kb_location' | awk '{print $3}')" = "$(cat /etc/redis/redis.conf | grep -P '(^|\s)\Kunixsocket(?=\s|$)' | awk '{print $2}')" ]; then
+ echo "redis server properly configured."
+ else
+ redis_sock="$(openvassd -s | grep 'kb_location' | awk '{print $3}')"
+ echo "redis server is not properly configured."
+ echo "be sure redis server listening unix socket at $redis_sock"
+ exit 1
+ fi
+fi
+
+# Create certificates for fresh install
+openvas-manage-certs -a &>/dev/null
+if [ $? -eq 0 ]; then
+ echo "certificates created."
+
+elif [ "$(openvas-manage-certs -a | grep -ow 'Existing')" = "Existing" ]; then
+ echo "certificates already created."
+
+else
+ echo "certificates cannot created."
+ exit 1
+fi
+
+# Start to update FEED & First NVT.
+try=0
+until [ $try -ge 5 ]; do
+ greenbone-nvt-sync &>/dev/null && break
+ echo "can't connected! trying to update greenbone-nvt again.."
+ try=$[$try+1]
+ sleep 30
+done
+
+# Check status
+if [ $? -eq 0 ]; then
+ echo "greenbone-nvt-sync is done."
+ # Avoid your IP temporary banned because of multiple connection
+ sleep 5
+ # Try to update scapdata.
+ try=0
+ until [ $try -ge 5 ]; do
+ greenbone-scapdata-sync &>/dev/null && break
+ echo "can't connected! trying to update greenbone-scapdata again.."
+ try=$[$try+1]
+ sleep 30
+ done
+ # Check status
+ if [ $? -eq 0 ]; then
+ echo "greenbone-scapdata-sync is done."
+ # Avoid your IP temporary banned because of multiple connection
+ sleep 5
+ # Try to update certdata
+ try=0
+ until [ $try -ge 5 ]; do
+ greenbone-certdata-sync &>/dev/null && break
+ echo "can't connected! Trying to update greenbone-certdata again.."
+ try=$[$try+1]
+ sleep 30
+ done
+ # Check status
+ if [ $? -eq 0 ]; then
+ echo "greenbone-certdata-sync is done."
+ echo "building NVT cache this will take some time.."
+ build_nvt
+ # Check OpenVAS-Scanner is running
+ if ps aux | grep -v "grep" | grep -P "(^|\s)\Kopenvassd:(?=\s|$)" &>/dev/null; then
+ echo "OpenVAS-Scanner is running."
+ echo "building Database this will take some time.."
+ openvasmd --rebuild --progress &>/dev/null
+ elif [ $scanner -eq 0 ]; then
+ # Start OpenVAS-Scanner systemd unit & Rebuild Cache
+ echo "systemd --> OpenVAS-Scanner is not running! trying to up.."
+ systemctl start openvas-scanner.service &>/dev/null
+ if [ $? -eq 0 ]; then
+ # Wait for initialize
+ until [ "$(ps aux | grep -v 'grep' | grep -ow 'openvassd: Waiting')" = "openvassd: Waiting" ]; do
+ sleep 15
+ echo "waiting for OpenVAS-Scanner to become ready.."
+ done
+ echo "systemd --> openvas-scanner.service started and waiting for connection."
+ echo "building database this will take some time.."
+ # Rebuild Cache
+ openvasmd --rebuild --progress &>/dev/null
+ else
+ echo "systemd --> openvas-scanner.service cannot started.."
+ exit 1
+ fi
+ elif [[ -n "$scanner_service" ]]; then
+ echo "systemd --> OpenVAS-Scanner is down! trying to up.."
+ systemctl start "$scanner_service" &>/dev/null
+ if [ $? -eq 0 ]; then
+ # Wait for initialize
+ until [ "$(ps aux | grep -v 'grep' | grep -ow 'openvassd: Waiting')" = "openvassd: Waiting" ]; do
+ sleep 15
+ echo "waiting for OpenVAS-Scanner to become ready.."
+ done
+ echo "systemd --> $scanner_service is started and waiting for connection."
+ echo "building database this will take some time.."
+ # Rebuild Cache
+ openvasmd --rebuild --progress &>/dev/null
+ else
+ echo "systemd --> $scanner_service cannot started.."
+ exit 1
+ fi
+ elif [[ -n "$scanner_init" ]]; then
+ # Start OpenVAS-Scanner with init.d (open-rc) & Rebuild Cache
+ echo "open-rc --> OpenVAS-Scanner is down! trying to up.."
+ rc-service openvas-scanner start &>/dev/null
+ if [ $? -eq 0 ]; then
+ # Wait for initialize
+ until [ "$(ps aux | grep -v 'grep' | grep -ow 'openvassd: Waiting')" = "openvassd: Waiting" ]; do
+ sleep 15
+ echo "waiting for OpenVAS-Scanner to become ready.."
+ done
+ echo "rc-service --> openvas-scanner started and waiting for connection."
+ echo "building database this will take some time.."
+ # Rebuild Cache
+ openvasmd --rebuild --progress &>/dev/null
+ else
+ echo "rc-service --> openvas-scanner cannot started.."
+ exit 1
+ fi
+ else
+ echo "OpenVAS-Scanner is not running! Trying to up.."
+ openvassd "$OPENVAS_SCANNER_OPTIONS" "$OPENVAS_SCANNER_LISTEN_SOCKET" &>/dev/null
+ # Wait for initialize
+ if [ $? -eq 0 ]; then
+ until [ "$(ps aux | grep -v 'grep' | grep -ow 'openvassd: Waiting')" = "openvassd: Waiting" ]; do
+ sleep 15
+ echo "waiting for OpenVAS-Scanner to become ready.."
+ done
+ else
+ echo "OpenVAS Scanner cannot started manually.."
+ exit 1
+ fi
+ echo "OpenVAS-Scanner started manually and waiting for connection."
+ echo "building database this will take some time.."
+ # Rebuild Cache
+ openvasmd --rebuild --progress &>/dev/null
+ fi
+ # Check status
+ if [ $? -eq 0 ]; then
+ echo "building database is done"
+ create_user
+ # Restart OpenVAS-Scanner
+ if [ $scanner -eq 0 ]; then
+ ps aux | grep -v "grep" | grep -P "(^|\s)\Kopenvassd:(?=\s|$)" | awk '{print $2}' | xargs kill -9 &>/dev/null
+ restart_redis
+ sleep 3
+ systemctl restart openvas-scanner.service &>/dev/null
+ elif [[ -n "$scanner_service" ]]; then
+ ps aux | grep -v "grep" | grep -P "(^|\s)\Kopenvassd:(?=\s|$)" | awk '{print $2}' | xargs kill -9 &>/dev/null
+ restart_redis
+ sleep 3
+ systemctl restart "$scanner_service" &>/dev/null
+ elif [[ -n "$scanner_init" ]]; then
+ ps aux | grep -v "grep" | grep -P "(^|\s)\Kopenvassd:(?=\s|$)" | awk '{print $2}' | xargs kill -9 &>/dev/null
+ restart_redis
+ sleep 3
+ rc-service openvas-scanner start &>/dev/null
+ else
+ ps aux | grep -v "grep" | grep -P "(^|\s)\Kopenvassd:(?=\s|$)" | awk '{print $2}' | xargs kill -9 &>/dev/null
+ restart_redis
+ sleep 3
+ openvassd "$OPENVAS_SCANNER_OPTIONS" "$OPENVAS_SCANNER_LISTEN_SOCKET" &>/dev/null
+ fi
+ if [ $? -eq 0 ]; then
+ until [ "$(ps aux | grep -v 'grep' | grep -ow 'openvassd: Waiting')" = "openvassd: Waiting" ]; do
+ sleep 10
+ echo "waiting for OpenVAS-Scanner to become ready.."
+ done
+ echo "OpenVAS-Scanner is restarted."
+ # Restart OpenVAS-Manager
+ if [ $manager -eq 0 ]; then
+ ps aux | grep -v "grep" | grep -P "(^|\s)\Kopenvasmd(?=\s|$)" | awk '{print $2}' | xargs kill -9 &>/dev/null
+ sleep 5
+ systemctl restart gvmd.service &>/dev/null
+ if [ $? -eq 0 ]; then
+ success="0"
+ echo "systemd --> gvmd.service is restarted."
+ echo "OpenVAS setup is ok."
+ else
+ echo "systemd --> gvmd.service cannot restarted."
+ echo "OpenVAS setup is not ok!"
+ exit 1
+ fi
+ elif [[ -n "$manager_service" ]]; then
+ ps aux | grep -v "grep" | grep -P "(^|\s)\Kopenvasmd(?=\s|$)" | awk '{print $2}' | xargs kill -9 &>/dev/null
+ sleep 5
+ systemctl restart "$manager_service" &>/dev/null
+ if [ $? -eq 0 ]; then
+ success="0"
+ echo "systemd --> $manager_service is restarted"
+ echo "OpenVAS setup is ok."
+ else
+ echo "systemd --> $manager_service cannot restarted"
+ echo "OpenVAS setup is not ok!"
+ exit 1
+ fi
+ elif [[ -n "$manager_init" ]]; then
+ ps aux | grep -v "grep" | grep -P "(^|\s)\Kopenvasmd(?=\s|$)" | awk '{print $2}' | xargs kill -9 &>/dev/null
+ sleep 5
+ rc-service gvmd start &>/dev/null
+ if [ $? -eq 0 ]; then
+ success="0"
+ echo "open-rc --> gvmd is restarted"
+ echo "OpenVAS setup is ok."
+ else
+ echo "open-rc --> gvmd cannot restarted"
+ echo "OpenVAS setup is not ok!"
+ exit 1
+ fi
+ else
+ ps aux | grep -v "grep" | grep -P "(^|\s)\Kopenvasmd(?=\s|$)" | awk '{print $2}' | xargs kill -9 &>/dev/null
+ sleep 5
+ openvasmd "$OPENVAS_MANAGER_OPTIONS" "$OPENVAS_MANAGER_PORT" "$OPENVAS_MANAGER_LISTEN_ADDRESS" "$OPENVAS_MANAGER_SCANNER_HOST" "$OPENVAS_MANAGER_GNUTLS_PRIORITIES" &>/dev/null
+ if [ $? -eq 0 ]; then
+ success="0"
+ echo "OpenVAS-Manager is restarted manually"
+ echo "OpenVAS setup is ok."
+ else
+ echo "OpenVAS-Manager cannot restarted"
+ echo "OpenVAS setup is not ok!"
+ exit 1
+ fi
+ fi
+ else
+ echo "OpenVAS setup is not ok! OpenVAS-scanner cannot restarted."
+ fi
+ else
+ echo "OpenVAS setup is not ok! OpenVAS database build failed."
+ fi
+ else
+ echo "OpenVAS setup is not ok! OpenVAS Certdata sync failed."
+ fi
+ else
+ echo "OpenVAS setup is not ok! OpenVAS Scapdata sync failed."
+ fi
+ else
+ echo "OpenVAS setup is not ok! OpenVAS NVT sync update failed."
+fi
+
+# Restart WebUI
+if [[ -n "$success" ]] && [ $gsad -eq 0 ]; then
+ WHICHA="$(type gsad | awk '{print $3}')"
+ if [ $assistant -eq 0 ]; then
+ # Time to restart OpenVAS-Security Assistant
+ ps aux | grep -v "grep" | grep -P "(^|\s)\K$WHICHA(?=\s|$)" | awk '{print $2}' | xargs kill -9 &>/dev/null
+ sleep 5
+ systemctl restart gsa.service &>/dev/null
+ if [ $? -eq 0 ]; then
+ echo "systemd --> gsa.service (OpenVAS WebUI) is restarted and ready for connection"
+ else
+ echo "systemd --> gsa.service (OpenVAS-WebUI) cannot restarted"
+ fi
+ elif [[ -n "$assistant_service" ]]; then
+ if [ $COUNTA -eq 1 ]; then
+ ps aux | grep -v "grep" | grep -P "(^|\s)\K$WHICHA(?=\s|$)" | awk '{print $2}' | xargs kill -9 &>/dev/null
+ sleep 5
+ systemctl restart "$assistant_service" &>/dev/null
+ if [ $? -eq 0 ]; then
+ echo "systemd --> $assistant_service (OpenVAS WebUI) is restarted and ready for connection"
+ else
+ echo "systemd --> $assistan_service (OpenVAS WebUI) cannot restarted."
+ fi
+ else
+ echo "systemd --> OpenVAS WebUI cannot restarted! you have multiple enabled systemd services ($assistant_service)"
+ exit 1
+ fi
+ elif [[ -n "$assistant_init" ]]; then
+ ps aux | grep -v "grep" | grep -P "(^|\s)\K$WHICHA(?=\s|$)" | awk '{print $2}' | xargs kill -9 &>/dev/null
+ sleep 5
+ rc-service gsa start &>/dev/null
+ if [ $? -eq 0 ]; then
+ echo "open-rc --> gsa (OpenVAS WebUI) is restarted"
+ else
+ echo "open-rc --> gsa (OpenVAS WebUI) cannot restarted."
+ fi
+ else
+ ps aux | grep -v "grep" | grep -P "(^|\s)\K$WHICHA(?=\s|$)" | awk '{print $2}' | xargs kill -9 &>/dev/null
+ sleep 5
+ gsad "$OPENVAS_SECURITY_ASSISTANT_OPTIONS" "$OPENVAS_SECURITY_ASSISTANT_LISTEN_ADDRESS" "$OPENVAS_SECURITY_ASSISTANT_LISTEN_PORT" "$OPENVAS_SECURITY_ASSISTANT_MANAGER_LISTEN_ADDRESS" "$OPENVAS_SECURITY_ASSISTANT_MANAGER_LISTEN_PORT" "$OPENVAS_SECURITY_ASSISTANT_GNUTLS_PRIORITIES" &>/dev/null
+ if [ $? -eq 0 ]; then
+ echo "OpenVAS WebUI is restarted"
+ else
+ echo "OpenVAS WebUI cannot restarted"
+ fi
+ fi
+fi