diff options
Diffstat (limited to 'net-analyzer/openvas-scanner/files/first-start')
-rwxr-xr-x | net-analyzer/openvas-scanner/files/first-start | 634 |
1 files changed, 634 insertions, 0 deletions
diff --git a/net-analyzer/openvas-scanner/files/first-start b/net-analyzer/openvas-scanner/files/first-start new file mode 100755 index 000000000000..95811a56b19d --- /dev/null +++ b/net-analyzer/openvas-scanner/files/first-start @@ -0,0 +1,634 @@ +#!/bin/bash +# Copyright 1999-2019 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 +# This is OpenVAS first-start/check-setup script which make things automatically for first time use. + + +################################################################################################## +# If you use systemd or init.d(open-rc) for OpenVAS daemons you don't need to set below settings.# +# If you don't use any of them you can set the below command args to start daemons manually. # +################################################################################################## + +# OpenVAS Manager command args +OPENVAS_MANAGER_OPTIONS="" # e.g --foreground +OPENVAS_MANAGER_PORT="--port=9390" # Manager listen port +OPENVAS_MANAGER_LISTEN_ADDRESS="--listen=127.0.0.1" # Manager listen address +OPENVAS_MANAGER_SCANNER_HOST="--scanner-host=/var/run/openvassd.sock" # Scanner unix socket +OPENVAS_MANAGER_GNUTLS_PRIORITIES="--gnutls-priorities=SECURE256:+SUITEB192:+SECURE192:+SECURE128:+SUITEB128:-MD5:-SHA1:-VERS-TLS1.0:-VERS-TLS1.1:-VERS-SSL3.0" + +# OpenVAS Scanner command args +OPENVAS_SCANNER_OPTIONS="" # e.g --foreground +OPENVAS_SCANNER_LISTEN_SOCKET="--unix-socket=/var/run/openvassd.sock" # Scanner listen socket + +# OpenVAS Security Assistant command args for reverse proxying | SSL PassThrough +OPENVAS_SECURITY_ASSISTANT_OPTIONS="--no-redirect" # Don't listen port 80 anymore for reverse proxy +OPENVAS_SECURITY_ASSISTANT_LISTEN_ADDRESS="--listen=127.0.0.1" # WebUI adress +OPENVAS_SECURITY_ASSISTANT_LISTEN_PORT="--port=9392" # WebUI Port +OPENVAS_SECURITY_ASSISTANT_MANAGER_LISTEN_ADDRESS="--mlisten=127.0.0.1" # WebUI Manager Address +OPENVAS_SECURITY_ASSISTANT_MANAGER_PORT="--mport=9390" # WebUI Manager Port +OPENVAS_SECURITY_ASSISTANT_GNUTLS_PRIORITIES="--gnutls-priorities=NORMAL" # TLS Settings + +##################################################################################################### + +# Update Environment +source /etc/profile &>/dev/null +source /etc/environment &>/dev/null +source ~/.bash_profile &>/dev/null + +# Check the needed executables.They are in our environment and have +x? +if ! [ -x "$(command -v openvasmd)" ] || + ! [ -x "$(command -v openvassd)" ] || + ! [ -x "$(command -v redis-server)" ] || + ! [ -x "$(command -v openvas-manage-certs)" ] || + ! [ -x "$(command -v greenbone-nvt-sync)" ] || + ! [ -x "$(command -v greenbone-scapdata-sync)" ] || + ! [ -x "$(command -v greenbone-certdata-sync)" ]; then + path="1" + else + path="0" +fi + +# Check Security-Assistant is exist +if ! [ -x "$(command -v gsad)" ]; then + gsad="1" + else + gsad="0" +fi +# Executables are not in our environment +if [ $path -eq 1 ]; then + echo "Can't find executables! If you installed OpenVAS to specific location e.g. /opt" + echo "please add these PATHS to /etc/profile,also sure that they are executable" + exit 1 +fi + +# Check systemd and enable services for Gentoo/Linux +if command -v systemctl &>/dev/null; then + systemctl="0" + echo "systemd found." + systemctl enable openvas-scanner.service &>/dev/null + if [ $? -eq 0 ]; then + echo "systemd.Gentoo --> openvas-scanner.service enabled." + fi + systemctl enable gvmd.service &>/dev/null + if [ $? -eq 0 ]; then + echo "systemd.Gentoo --> gvmd.service enabled." + fi + systemctl enable gsa.service &>/dev/null + if [ $? -eq 0 ]; then + echo "systemd.Gentoo --> gsa.service enabled." + fi + else + systemctl="1" +fi + +# Check open-rc if exist +if command -v rc-service &>/dev/null; then + open_rc="0" + else + open_rc="1" +fi + +# open-rc variables +if [ $systemctl -eq 1 ] && [ $open_rc -eq 0 ]; then + echo "open-rc found." + scanner_init="0" + manager_init="0" + assistant_init="0" + redis_init="0" +fi + +# Check status of OpenVAS-Scanner systemd unit +if [ $systemctl -eq 0 ] && + ([ "$(systemctl is-active openvas-scanner.service)" = "active" ] || + [ "$(systemctl list-unit-files | grep 'enabled' | grep 'openvas-scanner.service' | awk '{print $1}')" = "openvas-scanner.service" ]); then + scanner="0" + else + scanner="1" +fi + +# Check status of OpenVAS-Manager systemd unit +if [ $systemctl -eq 0 ] && + ([ "$(systemctl is-active gvmd.service)" = "active" ] || + [ "$(systemctl list-unit-files | grep 'enabled' | grep 'gvmd.service' | awk '{print $1}')" = "gvmd.service" ]); then + manager="0" + else + manager="1" +fi + +# Check status of OpenVAS-Assistant systemd unit +if [ $systemctl -eq 0 ] && + ([ "$(systemctl is-active gsa.service)" = "active" ] || + [ "$(systemctl list-unit-files | grep 'enabled' | grep 'gsa.service' | awk '{print $1}')" = "gsa.service" ]); then + assistant="0" + else + assistant="1" +fi + +# Check status of Redis systemd unit +if [ $systemctl -eq 0 ] && + ([ "$(systemctl is-active redis.service)" = "active" ] || + [ "$(systemctl list-unit-files | grep 'enabled' | grep 'redis.service' | awk '{print $1}')" = "redis.service" ]); then + redis="0" + else + redis="1" +fi + +# We need to find correct service name for restarting. +if [ $scanner -eq 1 ] || [ $manager -eq 1 ] || [ $assistant -eq 1 ] || [ $redis -eq 1 ]; then + WHICHM="ExecStart=$(type openvasmd | awk '{print $3}')" + WHICHS="ExecStart=$(type openvassd | awk '{print $3}')" + WHICHA="ExecStart=$(type gsad | awk '{print $3}')" + WHICHR="ExecStart=$(type redis-server | awk '{print $3}')" + + # If you have unordinary systemd path you can add here + DIR="/lib/systemd/system/ + /etc/systemd/system/ + /usr/lib/systemd/system/ + /usr/local/lib/systemd/system/" + + # Find OpenVAS daemons systemd files if exist + for i in $DIR; do + if [ -d "$i" ]; then + grep -rilnw "$i" -e "$WHICHM" | cut -d: -f1 | grep -oP "$i\K.*" &>>/tmp/openvas_GVM_manager_service.out + grep -rilnw "$i" -e "$WHICHS" | cut -d: -f1 | grep -oP "$i\K.*" &>>/tmp/openvas_GVM_scanner_service.out + grep -rilnw "$i" -e "$WHICHA" | cut -d: -f1 | grep -oP "$i\K.*" &>>/tmp/openvas_GVM_assistant_service.out + grep -rilnw "$i" -e "$WHICHR" | cut -d: -f1 | grep -oP "$i\K.*" &>>/tmp/openvas_GVM_redis_service.out + fi + done + + manager_service="$(while IFS= read -r service; do + systemctl list-unit-files | grep -P "(^|\s)\K$service(?=\s|$)" | awk '{print $1}' + done < /tmp/openvas_GVM_manager_service.out)" + scanner_service="$(while IFS= read -r service; do + systemctl list-unit-files | grep -P "(^|\s)\K$service(?=\s|$)" | awk '{print $1}' + done < /tmp/openvas_GVM_scanner_service.out)" + assistant_service="$(while IFS= read -r service; do + systemctl list-unit-files | grep -P "(^|\s)\K$service(?=\s|$)" | awk '{print $1}' + done < /tmp/openvas_GVM_assistant_service.out)" + redis_service="$(while IFS= read -r service; do + systemctl list-unit-files | grep -P "(^|\s)\K$service(?=\s|$)" | awk '{print $1}' + done < /tmp/openvas_GVM_redis_service.out)" + + rm -rf /tmp/openvas_GVM* + COUNTM=$(wc -w <<< "${manager_service}") + COUNTS=$(wc -w <<< "${scanner_service}") + COUNTA=$(wc -w <<< "${assistant_service}") + COUNTR=$(wc -w <<< "${redis_service}") + + if [ -n "$manager_service" ] && [ $manager -eq 1 ]; then + if [ "$(systemctl list-unit-files | grep 'enabled' | grep $manager_service | awk '{print $1}')" = "$manager_service" ]; then + echo "systemd --> OpenVAS Manager '$manager_service' found." + else + echo "systemd --> '$manager_service' found but not enabled." + echo "are you sure this is the correct systemd service for Openvas Manager" + while true; do + read -n 1 -p "do you want to enable '$manager_service'? --> (Y)es | (N)o | (Q)uit" answer + echo + case $answer in + [Yy]* ) systemctl enable "$manager_service" &>/dev/null; echo "systemd --> '$manager_service' enabled"; break;; + [Nn]* ) manager_service=""; echo "it seems you are not sure.ok i don't use $manager_service"; break;; + [Qq]* ) exit;; + * ) echo "Please answer yes,no or quit.";; + esac + done + fi + fi + + if [ -n "$scanner_service" ] && [ $scanner -eq 1 ]; then + if [ "$(systemctl list-unit-files | grep 'enabled' | grep $scanner_service | awk '{print $1}')" = "$scanner_service" ]; then + echo "systemd --> OpenVAS Scanner '$scanner_service' found." + else + echo "systemd --> '$scanner_service' found but not enabled." + echo "are you sure this is the correct systemd service for Openvas Scanner" + while true; do + read -n 1 -p "do you want to enable '$scanner_service'? --> (Y)es | (N)o | (Q)uit" answer + echo + case $answer in + [Yy]* ) systemctl enable "$scanner_service" &>/dev/null; echo "systemd --> '$scanner_service' enabled"; break;; + [Nn]* ) scanner_service=""; echo "it seems you are not sure.ok i don't use $scanner_service"; break;; + [Qq]* ) exit;; + * ) echo "Please answer yes,no or quit.";; + esac + done + fi + fi + + if [ -n "$assistant_service" ] && [ $scanner -eq 1 ]; then + if [ "$(systemctl list-unit-files | grep 'enabled' | grep $assistant_service | awk '{print $1}')" = "$assistant_service" ]; then + echo "systemd --> GSA '$assistant_service' found." + else + echo "systemd --> '$assistant_service' found but not enabled." + echo "are you sure this is the correct systemd service for Greenbone Security Assistant" + while true; do + read -n 1 -p "do you want to enable '$assistant_service'? --> (Y)es | (N)o | (Q)uit" answer + echo + case $answer in + [Yy]* ) systemctl enable "$assistant_service" &>/dev/null; echo "systemd --> '$assistant_service' enabled"; break;; + [Nn]* ) assistant_service=""; echo "it seems you are not sure.ok i don't use $assistant_service"; break;; + [Qq]* ) exit;; + * ) echo "please answer yes,no or quit.";; + esac + done + fi + fi + + if [ -n "$redis_service" ] && [ $scanner -eq 1 ]; then + if [ "$(systemctl list-unit-files | grep 'enabled' | grep $redis_service | awk '{print $1}')" = "$redis_service" ]; then + echo "systemd --> redis '$redis_service' found." + else + echo "systemd --> '$redis_service' found but not enabled." + echo "are you sure this is the correct systemd service for redis-server" + while true; do + read -n 1 -p "do you want to enable '$redis_service'? --> (Y)es | (N)o | (Q)uit" answer + echo + case $answer in + [Yy]* ) systemctl enable "$redis_service" &>/dev/null; echo "systemd --> '$redis_service' enabled"; break;; + [Nn]* ) redis_service=""; echo "it seems you are not sure.ok i don't use $redis_service"; break;; + [Qq]* ) exit;; + * ) echo "please answer yes,no or quit.";; + esac + done + fi + fi + + if [ $COUNTM -gt 1 ] || [ $COUNTS -gt 1 ] || [ $COUNTR -gt 1 ]; then + echo "you have more than one enabled systemd service for single daemon" + echo " check OpenVAS and Redis systemd unit files to fix it" + exit 1 + fi +fi + +restart_redis () { +if [ $redis -eq 0 ]; then + systemctl restart redis.service &>/dev/null + if [ $? -eq 0 ]; then + echo "systemd --> redis.service is restarted." + else + echo "systemd --> redis.service cannot restarted." + exit 1 + fi +elif [[ -n "$redis_service" ]]; then + systemctl restart "$redis_service" &>/dev/null + if [ $? -eq 0 ]; then + echo "systemd --> $redis_service is restarted." + else + echo "systemd --> $redis_service cannot restarted." + exit 1 + fi +elif [[ -n "$redis_init" ]]; then + rc-service redis stop + sleep 5 + rc-service redis start + if [ $? -eq 0 ]; then + echo "open-rc --> redis is restarted." + else + echo "open-rc --> redis cannot restarted." + exit 1 + fi +fi +} + +build_nvt () { +if ps aux | grep -v "grep" | grep -P "(^|\s)\Kopenvassd:(?=\s|$)" &>/dev/null; then + ps aux | grep -v "grep" | grep -P "(^|\s)\Kopenvassd:(?=\s|$)" | awk '{print $2}' | xargs kill -9 &>/dev/null + openvassd --foreground --only-cache &>/dev/null + if [ $? -eq 0 ]; then + echo "building NVT cache is done." + else + echo "building NVT cache is failed.." + exit 1 + fi + else + openvassd --foreground --only-cache &>/dev/null + if [ $? -eq 0 ]; then + echo "building NVT cache is done." + else + echo "building NVT cache is failed.." + exit 1 + fi +fi +} + +create_user () { +GREEN="`tput setaf 2`" +RED="`tput setaf 1`" +norm="`tput sgr0`" +echo "creating WebUI User.." +openvasmd --create-user=admin --role=Admin &>/tmp/openvas_user.out +if [ $? -eq 0 ]; then + username="admin" + password="$(cat /tmp/openvas_user.out | awk '{print $5}' | cut -c2-)" + echo "${RED}!WebUI Address : ${GREEN}127.0.0.1:9392" + echo "${RED}!WebUI Username: ${GREEN}$username" + echo "${RED}!WebUI Password: ${GREEN}${password%??}${norm}" + else + echo "$(cat /tmp/openvas_user.out)" + echo "these are active users for WebUI" + openvasmd --get-users +fi +rm -rf /tmp/openvas_user.out +} + +# Redis & OpenVAS Scanner socket connection check for Gentoo/Linux +if [[ -e /etc/redis.conf ]]; then + if [ "$(openvassd -s | grep 'kb_location' | awk '{print $3}')" = "$(cat /etc/redis.conf | grep -P '(^|\s)\Kunixsocket(?=\s|$)' | awk '{print $2}')" ]; then + echo "redis server properly configured." + else + redis_sock="$(openvassd -s | grep 'kb_location' | awk '{print $3}')" + echo "redis server is not properly configured." + echo "be sure redis server listening unix socket at $redis_sock" + echo "you can find example redis.conf file in /etc/openvas/redis.conf.example" + exit 1 + fi +fi + +# Redis & OpenVAS Scanner socket connection check for other linux distros +if [[ -e /etc/redis/redis.conf ]]; then + if [ "$(openvassd -s | grep 'kb_location' | awk '{print $3}')" = "$(cat /etc/redis/redis.conf | grep -P '(^|\s)\Kunixsocket(?=\s|$)' | awk '{print $2}')" ]; then + echo "redis server properly configured." + else + redis_sock="$(openvassd -s | grep 'kb_location' | awk '{print $3}')" + echo "redis server is not properly configured." + echo "be sure redis server listening unix socket at $redis_sock" + exit 1 + fi +fi + +# Create certificates for fresh install +openvas-manage-certs -a &>/dev/null +if [ $? -eq 0 ]; then + echo "certificates created." + +elif [ "$(openvas-manage-certs -a | grep -ow 'Existing')" = "Existing" ]; then + echo "certificates already created." + +else + echo "certificates cannot created." + exit 1 +fi + +# Start to update FEED & First NVT. +try=0 +until [ $try -ge 5 ]; do + greenbone-nvt-sync &>/dev/null && break + echo "can't connected! trying to update greenbone-nvt again.." + try=$[$try+1] + sleep 30 +done + +# Check status +if [ $? -eq 0 ]; then + echo "greenbone-nvt-sync is done." + # Avoid your IP temporary banned because of multiple connection + sleep 5 + # Try to update scapdata. + try=0 + until [ $try -ge 5 ]; do + greenbone-scapdata-sync &>/dev/null && break + echo "can't connected! trying to update greenbone-scapdata again.." + try=$[$try+1] + sleep 30 + done + # Check status + if [ $? -eq 0 ]; then + echo "greenbone-scapdata-sync is done." + # Avoid your IP temporary banned because of multiple connection + sleep 5 + # Try to update certdata + try=0 + until [ $try -ge 5 ]; do + greenbone-certdata-sync &>/dev/null && break + echo "can't connected! Trying to update greenbone-certdata again.." + try=$[$try+1] + sleep 30 + done + # Check status + if [ $? -eq 0 ]; then + echo "greenbone-certdata-sync is done." + echo "building NVT cache this will take some time.." + build_nvt + # Check OpenVAS-Scanner is running + if ps aux | grep -v "grep" | grep -P "(^|\s)\Kopenvassd:(?=\s|$)" &>/dev/null; then + echo "OpenVAS-Scanner is running." + echo "building Database this will take some time.." + openvasmd --rebuild --progress &>/dev/null + elif [ $scanner -eq 0 ]; then + # Start OpenVAS-Scanner systemd unit & Rebuild Cache + echo "systemd --> OpenVAS-Scanner is not running! trying to up.." + systemctl start openvas-scanner.service &>/dev/null + if [ $? -eq 0 ]; then + # Wait for initialize + until [ "$(ps aux | grep -v 'grep' | grep -ow 'openvassd: Waiting')" = "openvassd: Waiting" ]; do + sleep 15 + echo "waiting for OpenVAS-Scanner to become ready.." + done + echo "systemd --> openvas-scanner.service started and waiting for connection." + echo "building database this will take some time.." + # Rebuild Cache + openvasmd --rebuild --progress &>/dev/null + else + echo "systemd --> openvas-scanner.service cannot started.." + exit 1 + fi + elif [[ -n "$scanner_service" ]]; then + echo "systemd --> OpenVAS-Scanner is down! trying to up.." + systemctl start "$scanner_service" &>/dev/null + if [ $? -eq 0 ]; then + # Wait for initialize + until [ "$(ps aux | grep -v 'grep' | grep -ow 'openvassd: Waiting')" = "openvassd: Waiting" ]; do + sleep 15 + echo "waiting for OpenVAS-Scanner to become ready.." + done + echo "systemd --> $scanner_service is started and waiting for connection." + echo "building database this will take some time.." + # Rebuild Cache + openvasmd --rebuild --progress &>/dev/null + else + echo "systemd --> $scanner_service cannot started.." + exit 1 + fi + elif [[ -n "$scanner_init" ]]; then + # Start OpenVAS-Scanner with init.d (open-rc) & Rebuild Cache + echo "open-rc --> OpenVAS-Scanner is down! trying to up.." + rc-service openvas-scanner start &>/dev/null + if [ $? -eq 0 ]; then + # Wait for initialize + until [ "$(ps aux | grep -v 'grep' | grep -ow 'openvassd: Waiting')" = "openvassd: Waiting" ]; do + sleep 15 + echo "waiting for OpenVAS-Scanner to become ready.." + done + echo "rc-service --> openvas-scanner started and waiting for connection." + echo "building database this will take some time.." + # Rebuild Cache + openvasmd --rebuild --progress &>/dev/null + else + echo "rc-service --> openvas-scanner cannot started.." + exit 1 + fi + else + echo "OpenVAS-Scanner is not running! Trying to up.." + openvassd "$OPENVAS_SCANNER_OPTIONS" "$OPENVAS_SCANNER_LISTEN_SOCKET" &>/dev/null + # Wait for initialize + if [ $? -eq 0 ]; then + until [ "$(ps aux | grep -v 'grep' | grep -ow 'openvassd: Waiting')" = "openvassd: Waiting" ]; do + sleep 15 + echo "waiting for OpenVAS-Scanner to become ready.." + done + else + echo "OpenVAS Scanner cannot started manually.." + exit 1 + fi + echo "OpenVAS-Scanner started manually and waiting for connection." + echo "building database this will take some time.." + # Rebuild Cache + openvasmd --rebuild --progress &>/dev/null + fi + # Check status + if [ $? -eq 0 ]; then + echo "building database is done" + create_user + # Restart OpenVAS-Scanner + if [ $scanner -eq 0 ]; then + ps aux | grep -v "grep" | grep -P "(^|\s)\Kopenvassd:(?=\s|$)" | awk '{print $2}' | xargs kill -9 &>/dev/null + restart_redis + sleep 3 + systemctl restart openvas-scanner.service &>/dev/null + elif [[ -n "$scanner_service" ]]; then + ps aux | grep -v "grep" | grep -P "(^|\s)\Kopenvassd:(?=\s|$)" | awk '{print $2}' | xargs kill -9 &>/dev/null + restart_redis + sleep 3 + systemctl restart "$scanner_service" &>/dev/null + elif [[ -n "$scanner_init" ]]; then + ps aux | grep -v "grep" | grep -P "(^|\s)\Kopenvassd:(?=\s|$)" | awk '{print $2}' | xargs kill -9 &>/dev/null + restart_redis + sleep 3 + rc-service openvas-scanner start &>/dev/null + else + ps aux | grep -v "grep" | grep -P "(^|\s)\Kopenvassd:(?=\s|$)" | awk '{print $2}' | xargs kill -9 &>/dev/null + restart_redis + sleep 3 + openvassd "$OPENVAS_SCANNER_OPTIONS" "$OPENVAS_SCANNER_LISTEN_SOCKET" &>/dev/null + fi + if [ $? -eq 0 ]; then + until [ "$(ps aux | grep -v 'grep' | grep -ow 'openvassd: Waiting')" = "openvassd: Waiting" ]; do + sleep 10 + echo "waiting for OpenVAS-Scanner to become ready.." + done + echo "OpenVAS-Scanner is restarted." + # Restart OpenVAS-Manager + if [ $manager -eq 0 ]; then + ps aux | grep -v "grep" | grep -P "(^|\s)\Kopenvasmd(?=\s|$)" | awk '{print $2}' | xargs kill -9 &>/dev/null + sleep 5 + systemctl restart gvmd.service &>/dev/null + if [ $? -eq 0 ]; then + success="0" + echo "systemd --> gvmd.service is restarted." + echo "OpenVAS setup is ok." + else + echo "systemd --> gvmd.service cannot restarted." + echo "OpenVAS setup is not ok!" + exit 1 + fi + elif [[ -n "$manager_service" ]]; then + ps aux | grep -v "grep" | grep -P "(^|\s)\Kopenvasmd(?=\s|$)" | awk '{print $2}' | xargs kill -9 &>/dev/null + sleep 5 + systemctl restart "$manager_service" &>/dev/null + if [ $? -eq 0 ]; then + success="0" + echo "systemd --> $manager_service is restarted" + echo "OpenVAS setup is ok." + else + echo "systemd --> $manager_service cannot restarted" + echo "OpenVAS setup is not ok!" + exit 1 + fi + elif [[ -n "$manager_init" ]]; then + ps aux | grep -v "grep" | grep -P "(^|\s)\Kopenvasmd(?=\s|$)" | awk '{print $2}' | xargs kill -9 &>/dev/null + sleep 5 + rc-service gvmd start &>/dev/null + if [ $? -eq 0 ]; then + success="0" + echo "open-rc --> gvmd is restarted" + echo "OpenVAS setup is ok." + else + echo "open-rc --> gvmd cannot restarted" + echo "OpenVAS setup is not ok!" + exit 1 + fi + else + ps aux | grep -v "grep" | grep -P "(^|\s)\Kopenvasmd(?=\s|$)" | awk '{print $2}' | xargs kill -9 &>/dev/null + sleep 5 + openvasmd "$OPENVAS_MANAGER_OPTIONS" "$OPENVAS_MANAGER_PORT" "$OPENVAS_MANAGER_LISTEN_ADDRESS" "$OPENVAS_MANAGER_SCANNER_HOST" "$OPENVAS_MANAGER_GNUTLS_PRIORITIES" &>/dev/null + if [ $? -eq 0 ]; then + success="0" + echo "OpenVAS-Manager is restarted manually" + echo "OpenVAS setup is ok." + else + echo "OpenVAS-Manager cannot restarted" + echo "OpenVAS setup is not ok!" + exit 1 + fi + fi + else + echo "OpenVAS setup is not ok! OpenVAS-scanner cannot restarted." + fi + else + echo "OpenVAS setup is not ok! OpenVAS database build failed." + fi + else + echo "OpenVAS setup is not ok! OpenVAS Certdata sync failed." + fi + else + echo "OpenVAS setup is not ok! OpenVAS Scapdata sync failed." + fi + else + echo "OpenVAS setup is not ok! OpenVAS NVT sync update failed." +fi + +# Restart WebUI +if [[ -n "$success" ]] && [ $gsad -eq 0 ]; then + WHICHA="$(type gsad | awk '{print $3}')" + if [ $assistant -eq 0 ]; then + # Time to restart OpenVAS-Security Assistant + ps aux | grep -v "grep" | grep -P "(^|\s)\K$WHICHA(?=\s|$)" | awk '{print $2}' | xargs kill -9 &>/dev/null + sleep 5 + systemctl restart gsa.service &>/dev/null + if [ $? -eq 0 ]; then + echo "systemd --> gsa.service (OpenVAS WebUI) is restarted and ready for connection" + else + echo "systemd --> gsa.service (OpenVAS-WebUI) cannot restarted" + fi + elif [[ -n "$assistant_service" ]]; then + if [ $COUNTA -eq 1 ]; then + ps aux | grep -v "grep" | grep -P "(^|\s)\K$WHICHA(?=\s|$)" | awk '{print $2}' | xargs kill -9 &>/dev/null + sleep 5 + systemctl restart "$assistant_service" &>/dev/null + if [ $? -eq 0 ]; then + echo "systemd --> $assistant_service (OpenVAS WebUI) is restarted and ready for connection" + else + echo "systemd --> $assistan_service (OpenVAS WebUI) cannot restarted." + fi + else + echo "systemd --> OpenVAS WebUI cannot restarted! you have multiple enabled systemd services ($assistant_service)" + exit 1 + fi + elif [[ -n "$assistant_init" ]]; then + ps aux | grep -v "grep" | grep -P "(^|\s)\K$WHICHA(?=\s|$)" | awk '{print $2}' | xargs kill -9 &>/dev/null + sleep 5 + rc-service gsa start &>/dev/null + if [ $? -eq 0 ]; then + echo "open-rc --> gsa (OpenVAS WebUI) is restarted" + else + echo "open-rc --> gsa (OpenVAS WebUI) cannot restarted." + fi + else + ps aux | grep -v "grep" | grep -P "(^|\s)\K$WHICHA(?=\s|$)" | awk '{print $2}' | xargs kill -9 &>/dev/null + sleep 5 + gsad "$OPENVAS_SECURITY_ASSISTANT_OPTIONS" "$OPENVAS_SECURITY_ASSISTANT_LISTEN_ADDRESS" "$OPENVAS_SECURITY_ASSISTANT_LISTEN_PORT" "$OPENVAS_SECURITY_ASSISTANT_MANAGER_LISTEN_ADDRESS" "$OPENVAS_SECURITY_ASSISTANT_MANAGER_LISTEN_PORT" "$OPENVAS_SECURITY_ASSISTANT_GNUTLS_PRIORITIES" &>/dev/null + if [ $? -eq 0 ]; then + echo "OpenVAS WebUI is restarted" + else + echo "OpenVAS WebUI cannot restarted" + fi + fi +fi |