Error redis server is not running or not listening on socket - Исправление ошибок и поиск оптимальных решений проблем

I’ve can’t solve this problem. Trying to install Openvas on Kali. I’m surprised by the amount of problems I’m facing to install a program on this OS.

I’ve used

apt-get install openvas

Done. Then I used

openvas-check-setup

Getting this error:

ERROR: redis-server is not running or not listening on socket: /tmp/redis.sock
FIX: You should start the redis-server or configure it to listen on socket: /tmp/redis.sock

I don’t have a redis.sock on tmp folder. I tried to fix it by everything I found online.

asked Dec 23, 2017 at 4:40

I encountered the same issue. The problem is that OpenVas is looking for Redis Socket in /tmp
We need to change this location in OpenVas by editing the file /etc/openvas/openvassd.conf

The problem that in Kali Linux, OpenVas does not have file: /etc/openvas/openvassd.conf by default.

So I created this file and entered below content to overwrite the default value for Redis Server.
kb_location=/var/run/redis/redis.sock

This fixed my issue.
I have wrote complete tutorial on this site:
https://waqasahmedkhan.com/openvas-bug-in-kali-linux-2017-3-5/

answered Jan 2, 2018 at 5:33

comment out “Type=forking” then reinstall openvas
/usr/lib/systemd/system/redis-server.service
[Service]

Type=forking

it works for me
why comment out
If set to forking, it is expected that the process configured with ExecStart= will call fork() as part of its start-up. The parent process is expected to exit when start-up is complete and all communication channels are set up. The child continues to run as the main daemon process. This is the behavior of traditional UNIX daemons. If this setting is used, it is recommended to also use the PIDFile= option, so that systemd can identify the main process of the daemon. systemd will proceed with starting follow-up units as soon as the parent process exits.

answered Dec 28, 2018 at 8:46

Источник

Congratulations, you’ve found a bad Internet tutorial. It appears that the author of that tutorial never actually tested it himself to see if it works, because it doesn’t work as-is. Worse, it appears that that tutorial is actually linked to from the official OpenVAS web site, which is going to mislead and frustrate a lot of people.

So, the reason redis is failing to start is because SELinux denies redis-server to write to /tmp. You can see this in your audit logs:

type=AVC msg=audit(1482284806.464:112): avc:  denied  { write } for  pid=1275 comm="redis-server" name="tmp" dev="dm-0" ino=33574981 scontext=system_u:system_r:redis_t:s0 tcontext=system_u:object_r:tmp_t:s0 tclass=dir
type=SYSCALL msg=audit(1482284806.464:112): arch=c000003e syscall=49 success=no exit=-13 a0=5 a1=7ffe55938670 a2=6e a3=7ffe55938614 items=0 ppid=1 pid=1275 auid=4294967295 uid=997 gid=995 euid=997 suid=997 fsuid=997 egid=995 sgid=995 fsgid=995 tty=(none) ses=4294967295 comm="redis-server" exe="/usr/bin/redis-server" subj=system_u:system_r:redis_t:s0 key=(null)

Rather than /tmp, the socket file should be located in /run/redis, for instance:

unixsocket /run/redis/redis.sock

This allows it to operate within the constraints SELinux imposes.

While editing /etc/redis.conf, be sure to check the bottom of the file for a second unixsocket directive that got added by openvas-setup and remove it as redundant.

Of course, generally on SELinux enabled systems, redis should be configured to listen to a TCP port on localhost, rather than using a socket, as other daemons might not be allowed to communicate with redis via a socket, but only via TCP. This isn’t really an issue here as OpenVAS isn’t (yet) SELinux-confined, but it also doesn’t support contacting redis via TCP. The result of this is that this redis installation cannot be shared or reused with any other services than the local copy of OpenVAS.

But there’s more than that wrong with this tutorial!

The second thing is that nowhere in it does OpenVAS ever get configured to actually use redis. It relies on the compiled in default, which as we have seen is wrong. To fix this requires setting a configuration directive in /etc/openvas/openvassd.conf, something which the tutorial never mentions:

kb_location = /run/redis/redis.sock

The third thing is that it uses a third party repo called atomic, which provides packages that conflict with packages in normal repos such as EPEL — which already provides redis and OpenVAS! It’s not clear why atomic have done this, nor why this tutorial uses atomic to begin with. Using repositories with conflicting packages is potentially dangerous. If you continue with using atomic packages, you will need to be absolutely certain that this (virtual) machine is never used for anything else for any reason whatsoever.

Finally, once you get it installed, the web interface isn’t actually reachable because the indicated port isn’t open in the firewall. You also have to do this yourself.

firewall-cmd --add-port=9392/tcp    # though this opens it to the world
firewall-cmd --runtime-to-permanent

Once you’re done, openvas-check-setup should say, among other things…

        OK: scanner (kb_location setting) is configured properly using the redis-server socket: /run/redis/redis.sock
        OK: redis-server is running and listening on socket: /run/redis/redis.sock.
        OK: redis-server configuration is OK and redis-server is running.

The irony is that it will then also say:

        ERROR: SELinux is enabled. For a working OpenVAS installation you need to disable it.
        FIX: Please disable SELinux.

Which appears to be completely gratuitous and unnecessary, as OpenVAS doesn’t run confined by SELinux anyway.

Источник

#!/bin/sh ############################################################################### # OpenVAS # $Id$ # # Script for checking completeness and readiness of OpenVAS. # # Authors: # Jan-Oliver Wagner <jan-oliver.wagner@greenbone.net> # Michael Wiegand <michael.wiegand@greenbone.net> # # Copyright: # Copyright (C) 2011-2016 Greenbone Networks GmbH # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License version 2, # or at your option any later version, as published by the # Free Software Foundation # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. ############################################################################### LOG=/tmp/openvas-check-setup.log CHECKVERSION=2.3.7 if [ «$1« = «—server« -o «$2« = «—server« -o «$3« = «—server« ] then MODE=«server« else MODE=«desktop« fi if [ «$1« = «—skip-nmap« -o «$2« = «—skip-nmap« -o «$3« = «—skip-nmap« ] then SKIP_NMAP=«1« else SKIP_NMAP=«0« fi # Current default is OpenVAS-8: VER=«8« SCANNER_MAJOR=«5« SCANNER_MINOR=«0« MANAGER_MAJOR=«6« MANAGER_MINOR=«0« ADMINISTRATOR_MAJOR=«0« ADMINISTRATOR_MINOR=«0« GSA_MAJOR=«6« GSA_MINOR=«0« CLI_MAJOR=«1« CLI_MINOR=«4« if [ «$1« = «—v9« -o «$2« = «—v9« -o «$3« = «—v9« ] then VER=«9« SCANNER_MAJOR=«5« SCANNER_MINOR=«1« MANAGER_MAJOR=«7« MANAGER_MINOR=«0« ADMINISTRATOR_MAJOR=«0« ADMINISTRATOR_MINOR=«0« GSA_MAJOR=«7« GSA_MINOR=«0« CLI_MAJOR=«1« CLI_MINOR=«4« elif [ «$1« = «—v8« -o «$2« = «—v8« -o «$3« = «—v8« ] then VER=«8« SCANNER_MAJOR=«5« SCANNER_MINOR=«0« MANAGER_MAJOR=«6« MANAGER_MINOR=«0« ADMINISTRATOR_MAJOR=«0« ADMINISTRATOR_MINOR=«0« GSA_MAJOR=«6« GSA_MINOR=«0« CLI_MAJOR=«1« CLI_MINOR=«4« elif [ «$1« = «—v7« -o «$2« = «—v7« -o «$3« = «—v7« ] then VER=«7« SCANNER_MAJOR=«4« SCANNER_MINOR=«0« MANAGER_MAJOR=«5« MANAGER_MINOR=«0« ADMINISTRATOR_MAJOR=«0« ADMINISTRATOR_MINOR=«0« GSA_MAJOR=«5« GSA_MINOR=«0« CLI_MAJOR=«1« CLI_MINOR=«3« elif [ «$1« = «—v6« -o «$2« = «—v6« -o «$3« = «—v6« ] then VER=«6« SCANNER_MAJOR=«3« SCANNER_MINOR=«4« MANAGER_MAJOR=«4« MANAGER_MINOR=«0« ADMINISTRATOR_MAJOR=«1« ADMINISTRATOR_MINOR=«3« GSA_MAJOR=«4« GSA_MINOR=«0« CLI_MAJOR=«1« CLI_MINOR=«2« GSD_MAJOR=«1« GSD_MINOR=«2« fi echo «openvas-check-setup $CHECKVERSION« echo « Test completeness and readiness of OpenVAS-$VER« if [ «$VER« = «8« ] then echo « (add ‘—v6’ or ‘—v7’ or ‘—v9’« echo « if you want to check for another OpenVAS version)« fi echo «« echo « Please report us any non-detected problems and« echo « help us to improve this check routine:« echo « http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss« echo «« echo « Send us the log-file ($LOG) to help analyze the problem.« echo «« if [ «$MODE« = «desktop« ] then echo « Use the parameter —server to skip checks for client tools« echo « like GSD and OpenVAS-CLI.« echo «« fi log_and_print () { echo « « $1 echo « « $1 >> $LOG } check_failed () { echo «« echo « ERROR: Your OpenVAS-$VER installation is not yet complete!« echo «« echo «Please follow the instructions marked with FIX above and run this« echo «script again.« echo «« echo «If you think this result is wrong, please report your observation« echo «and help us to improve this check routine:« echo «http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss« echo «Please attach the log-file ($LOG) to help us analyze the problem.« echo «« exit 1 } # LOG start echo «openvas-check-setup $CHECKVERSION« > $LOG echo « Mode: $MODE« >> $LOG echo « Date: « `date -R` >> $LOG echo «« >> $LOG echo «Step 1: Checking OpenVAS Scanner … « echo «Checking for old OpenVAS Scanner <= 2.0 …« >> $LOG openvasd -V >> $LOG 2>&1 if [ $? -eq 0 ] then log_and_print «ERROR: Old version of OpenVAS Scanner detected.« log_and_print «FIX: Please remove the installation of the old OpenVAS Scanner (openvasd).« check_failed fi echo «« >> $LOG echo «Checking presence of OpenVAS Scanner …« >> $LOG openvassd —version >> $LOG 2>&1 if [ $? -ne 0 ] then log_and_print «ERROR: No OpenVAS Scanner (openvassd) found.« log_and_print «FIX: Please install OpenVAS Scanner.« check_failed fi echo «« >> $LOG echo «Checking OpenVAS Scanner version …« >> $LOG VERSION=`openvassd —version 2>>$LOG | head -1 | sed -e «s/OpenVAS Scanner //«` if [ `echo $VERSION | grep «^$SCANNER_MAJOR.$SCANNER_MINOR« | wc -l` -ne «1« ] then log_and_print «ERROR: OpenVAS Scanner too old or too new: $VERSION« log_and_print «FIX: Please install OpenVAS Scanner $SCANNER_MAJOR.$SCANNER_MINOR.« log_and_print «HINT: Please see the —v6/7/8/9 command line options to check other major versions.« check_failed fi echo «« >> $LOG log_and_print «OK: OpenVAS Scanner is present in version $VERSION.« openvassd -s >> $LOG 2>&1 OPENVASSD_CONFIG_FILE=$(openvassd -s | awk ‘/^config_file/ { print $3 }‘) if [ -n «$OPENVASSD_CONFIG_FILE« ] then if [ -e «$OPENVASSD_CONFIG_FILE« ] && [ ! -O «$OPENVASSD_CONFIG_FILE« ] then log_and_print «WARNING: The config file used by OpenVAS Scanner is not owned by the current user.« log_and_print « Some of the following tests may produce incorrect results.« log_and_print «SUGGEST: Run ‘openvas-check-setup’ as the user owning the OpenVAS Scanner installation« log_and_print « to ensure correct results.« fi fi if [ $VER -lt 9 ] then echo «Checking OpenVAS Scanner CA cert …« >> $LOG CAFILE=`openvassd -s 2>>$LOG | grep ca_file | sed -e «s/^ca_file = //«` if [ ! -e $CAFILE ] then log_and_print «ERROR: No CA certificate file of OpenVAS Scanner found.« log_and_print «FIX: Run ‘openvas-mkcert’.« check_failed fi echo «« >> $LOG log_and_print «OK: OpenVAS Scanner CA Certificate is present as $CAFILE.« fi if [ «$VER« -ge 8 ] then echo «Checking presence of redis …« >> $LOG BINARY=`redis-server —version` if [ $? -ne 0 ] then log_and_print «ERROR: No redis-server installation found.« log_and_print «FIX: You should install redis-server for improved scalability and ability to trace/debug the KB« check_failed else VERSION=`redis-server —version | awk ‘{ print $4 }‘` if [ `echo $VERSION | grep sha` ] then VERSION=`redis-server —version | awk ‘{ print $3 }‘` fi log_and_print «OK: redis-server is present in version $VERSION.« HAVE_REDIS=1 fi echo «« >> $LOG if [ $HAVE_REDIS -eq 1 ] then echo «Checking if redis-server is configured properly to run with openVAS …« >> $LOG REDISSOCKET=`openvassd -s 2>>$LOG | grep kb_location | sed -e «s/^kb_location = //«` if [ -z «$REDISSOCKET« ] then log_and_print «ERROR: scanner is not configured to use a redis-server socket.« log_and_print «FIX: Configure the kb_location setting of the scanner to the path of the redis-server socket.« check_failed else log_and_print «OK: scanner (kb_location setting) is configured properly using the redis-server socket: $REDISSOCKET« echo «Checking if redis-server is running …« >> $LOG if [ -e $REDISSOCKET ] then log_and_print «OK: redis-server is running and listening on socket: $REDISSOCKET.« else log_and_print «ERROR: redis-server is not running or not listening on socket: $REDISSOCKET« log_and_print «FIX: You should start the redis-server or configure it to listen on socket: $REDISSOCKET« check_failed fi fi log_and_print «OK: redis-server configuration is OK and redis-server is running.« fi echo «« >> $LOG fi echo «Checking NVT collection …« >> $LOG PLUGINSFOLDER=`openvassd -s 2>>$LOG | grep plugins_folder | sed -e «s/^plugins_folder = //«` if [ ! -d $PLUGINSFOLDER ] then log_and_print «ERROR: Directory containing the NVT collection not found.« log_and_print «FIX: Run a NVT synchronization script like openvas-nvt-sync or greenbone-nvt-sync.« check_failed fi OLDPLUGINSFOLDER=`echo «$PLUGINSFOLDER« | grep -q -v «/var/« 2>&1` if [ $? -eq 0 ] then CONFFILE=`openvassd -s 2>>$LOG | grep config_file | sed -e «s/^config_file = //«` log_and_print «ERROR: Your OpenVAS Scanner configuration seems to be from a pre-OpenVAS-4 installation and contains non-FHS compliant paths.« log_and_print «FIX: Delete your OpenVAS Scanner Configuration file ($CONFFILE).« check_failed fi NVTCOUNT=`find $PLUGINSFOLDER -name «*nasl« | wc -l` if [ $NVTCOUNT -lt 10 ] then log_and_print «ERROR: The NVT collection is very small.« if [ $VER -ge 9 ] then log_and_print «FIX: Run a synchronization script like greenbone-nvt-sync.« else log_and_print «FIX: Run a synchronization script like openvas-nvt-sync or greenbone-nvt-sync.« fi check_failed fi echo «« >> $LOG log_and_print «OK: NVT collection in $PLUGINSFOLDER contains $NVTCOUNT NVTs.« echo «Checking status of signature checking in OpenVAS Scanner …« >> $LOG NOSIGCHECK=`openvassd -s 2>>$LOG | grep nasl_no_signature_check | sed -e «s/^nasl_no_signature_check = //«` if [ $NOSIGCHECK != «no« ] then log_and_print «WARNING: Signature checking of NVTs is not enabled in OpenVAS Scanner.« log_and_print «SUGGEST: Enable signature checking (see http://www.openvas.org/trusted-nvts.html).« else log_and_print «OK: Signature checking of NVTs is enabled in OpenVAS Scanner.« fi echo «« >> $LOG CACHEFOLDER=`openvassd -s 2>>$LOG | grep cache_folder | sed -e «s/^cache_folder = //«` CACHECOUNT=`find $CACHEFOLDER -name «*nvti« | wc -l` if [ $CACHECOUNT -lt $NVTCOUNT ] then log_and_print «WARNING: The initial NVT cache has not yet been generated.« log_and_print «SUGGEST: Start OpenVAS Scanner for the first time to generate the cache.« else log_and_print «OK: The NVT cache in $CACHEFOLDER contains $CACHECOUNT files for $NVTCOUNT NVTs.« fi echo «« >> $LOG echo «Step 2: Checking OpenVAS Manager … « echo «Checking presence of OpenVAS Manager …« >> $LOG openvasmd —version >> $LOG 2>&1 if [ $? -ne 0 ] then log_and_print «ERROR: No OpenVAS Manager (openvasmd) found.« log_and_print «FIX: Please install OpenVAS Manager.« check_failed fi echo «« >> $LOG VERSION=`openvasmd —version | head -1 | sed -e «s/OpenVAS Manager //«` if [ `echo $VERSION | grep «^$MANAGER_MAJOR.$MANAGER_MINOR« | wc -l` -ne «1« ] then log_and_print «ERROR: OpenVAS Manager too old or too new: $VERSION« log_and_print «FIX: Please install OpenVAS Manager $MANAGER_MAJOR.$MANAGER_MINOR.« log_and_print «HINT: Please see the —v6/7/8/9 command line options to check other major versions.« check_failed fi echo «« >> $LOG log_and_print «OK: OpenVAS Manager is present in version $VERSION.« if [ $VER -lt 9 ] then echo «Checking OpenVAS Manager client certificate …« >> $LOG CERTDIR=`dirname $CAFILE` CLIENTCERTFILE=«$CERTDIR/clientcert.pem« if [ ! -e $CLIENTCERTFILE ] then log_and_print «ERROR: No client certificate file of OpenVAS Manager found.« if [ $VER -ge 7 ] then log_and_print «FIX: Run ‘openvas-mkcert-client -n -i’« else log_and_print «FIX: Run ‘openvas-mkcert-client -n om -i’« fi check_failed fi echo «« >> $LOG log_and_print «OK: OpenVAS Manager client certificate is present as $CLIENTCERTFILE.« fi echo «Checking OpenVAS Manager database …« >> $LOG # Guess openvas state dir from $PLUGINSFOLDER STATEDIR=`dirname $PLUGINSFOLDER` TASKSDB=«$STATEDIR/mgr/tasks.db« if [ ! -e $TASKSDB ] then log_and_print «ERROR: No OpenVAS Manager database found. (Tried: $TASKSDB)« log_and_print «FIX: Run ‘openvasmd —rebuild’ while OpenVAS Scanner is running.« OPENVASSD_RUNNING=`ps -Af | grep -ic «[o]penvassd: waiting for incoming connections«` if [ $OPENVASSD_RUNNING -eq 0 ] then log_and_print «WARNING: OpenVAS Scanner is NOT running!« ; log_and_print «SUGGEST: Start OpenVAS Scanner (openvassd).« ; fi check_failed fi echo «« >> $LOG log_and_print «OK: OpenVAS Manager database found in $TASKSDB.« echo «Checking access rights of OpenVAS Manager database …« >> $LOG TASKSDBPERMS=`stat -c «%a« «$TASKSDB«` if [ «$TASKSDBPERMS« != «600« ] then log_and_print «ERROR: The access rights of the OpenVAS Manager database are incorrect.« log_and_print «FIX: Run ‘chmod 600 $TASKSDB‘.« check_failed fi echo «« >> $LOG log_and_print «OK: Access rights for the OpenVAS Manager database are correct.« echo «Checking sqlite3 presence …« >> $LOG SQLITE3=`type sqlite3 2> /dev/null` if [ $? -ne 0 ] then log_and_print «WARNING: Could not find sqlite3 binary, extended manager checks of the OpenVAS Manager installation are disabled.« log_and_print «SUGGEST: Install sqlite3.« HAVE_SQLITE=0 else log_and_print «OK: sqlite3 found, extended checks of the OpenVAS Manager installation enabled.« HAVE_SQLITE=1 fi echo «« >> $LOG if [ $HAVE_SQLITE -eq 1 ] then echo «Checking OpenVAS Manager database revision …« >> $LOG TASKSDBREV=`sqlite3 $TASKSDB «select value from meta where name=’database_version’;«` if [ -z $TASKSDBREV ] then log_and_print «ERROR: Could not determine database revision, database corrupt or in invalid format.« log_and_print «FIX: Delete database at $TASKSDB and rebuild it.« check_failed else log_and_print «OK: OpenVAS Manager database is at revision $TASKSDBREV.« fi echo «Checking database revision expected by OpenVAS Manager …« >> $LOG MANAGERDBREV=`openvasmd —version | grep «Manager DB revision« | sed -e «s/.* //«` if [ -z $MANAGERDBREV ] then log_and_print «ERROR: Could not determine database revision expected by OpenVAS Manager.« log_and_print «FIX: Ensure OpenVAS Manager is installed correctly.« check_failed else log_and_print «OK: OpenVAS Manager expects database at revision $MANAGERDBREV.« fi if [ $TASKSDBREV -lt $MANAGERDBREV ] then log_and_print «ERROR: Database schema is out of date.« log_and_print «FIX: Run ‘openvasmd —migrate’.« check_failed else log_and_print «OK: Database schema is up to date.« fi echo «Checking OpenVAS Manager database (NVT data) …« >> $LOG DBNVTCOUNT=`sqlite3 $TASKSDB «select count(*) from nvts;«` if [ $DBNVTCOUNT -lt 20000 ] then log_and_print «ERROR: The number of NVTs in the OpenVAS Manager database is too low.« log_and_print «FIX: Make sure OpenVAS Scanner is running with an up-to-date NVT collection and run ‘openvasmd —rebuild’.« OPENVASSD_RUNNING=`ps -Af | grep -ic «[o]penvassd: waiting for incoming connections«` if [ $OPENVASSD_RUNNING -eq 0 ] then log_and_print «WARNING: OpenVAS Scanner is NOT running!« ; log_and_print «SUGGEST: Start OpenVAS Scanner (openvassd).« ; fi check_failed else log_and_print «OK: OpenVAS Manager database contains information about $DBNVTCOUNT NVTs.« fi fi if [ $ADMINISTRATOR_MAJOR = «0« ] then echo «Checking if users exist …« >> $LOG if [ $VER != «7« ] then USERCOUNT=`openvasmd —get-users | sed -e «/^$/d« | wc -l` else USERCOUNT=`openvasmd —list-users | sed -e «/^$/d« | wc -l` fi if [ $USERCOUNT -eq 0 ] then log_and_print «ERROR: No users found. You need to create at least one user to log in.« log_and_print « It is recommended to have at least one user with role Admin.« log_and_print «FIX: create a user by running ‘openvasmd —create-user=<name> —role=Admin && openvasmd —user=<name> —new-password=<password>’« check_failed else log_and_print «OK: At least one user exists.« fi echo «« >> $LOG fi # TODO: Do a check for presence of at least one Admin user. echo «Checking OpenVAS SCAP database …« >> $LOG # Guess openvas state dir from $PLUGINSFOLDER STATEDIR=`dirname $PLUGINSFOLDER` SCAPDB=«$STATEDIR/scap-data/scap.db« if [ ! -e $SCAPDB ] then log_and_print «ERROR: No OpenVAS SCAP database found. (Tried: $SCAPDB)« if [ $VER -ge 9 ] then log_and_print «FIX: Run a SCAP synchronization script like greenbone-scapdata-sync.« else log_and_print «FIX: Run a SCAP synchronization script like openvas-scapdata-sync or greenbone-scapdata-sync.« fi check_failed fi echo «« >> $LOG log_and_print «OK: OpenVAS SCAP database found in $SCAPDB.« if [ «$VER« -ge 6 ] then echo «Checking OpenVAS CERT database …« >> $LOG # Guess openvas state dir from $PLUGINSFOLDER STATEDIR=`dirname $PLUGINSFOLDER` CERTDB=«$STATEDIR/cert-data/cert.db« if [ ! -e $CERTDB ] then log_and_print «ERROR: No OpenVAS CERT database found. (Tried: $CERTDB)« if [ $VER -ge 9 ] then log_and_print «FIX: Run a CERT synchronization script like greenbone-certdata-sync.« else log_and_print «FIX: Run a CERT synchronization script like openvas-certdata-sync or greenbone-certdata-sync.« fi check_failed fi echo «« >> $LOG log_and_print «OK: OpenVAS CERT database found in $CERTDB.« fi echo «Checking xsltproc presence …« >> $LOG XSLTPROC=`type xsltproc 2> /dev/null` if [ $? -ne 0 ] then log_and_print «WARNING: Could not find xsltproc binary, most report formats will not work.« log_and_print «SUGGEST: Install xsltproc.« else log_and_print «OK: xsltproc found.« fi echo «« >> $LOG if [ $ADMINISTRATOR_MAJOR != «0« ] then echo «Step 3: Checking OpenVAS Administrator … « echo «Checking presence of OpenVAS Administrator …« >> $LOG openvasad —version >> $LOG 2>&1 if [ $? -ne 0 ] then log_and_print «ERROR: No OpenVAS Administrator (openvasad) found.« log_and_print «FIX: Please install OpenVAS Administrator.« check_failed fi echo «« >> $LOG VERSION=`openvasad —version | head -1 | sed -e «s/OpenVAS Administrator //«` if [ `echo $VERSION | grep «^$ADMINISTRATOR_MAJOR.$ADMINISTRATOR_MINOR« | wc -l` -ne «1« ] then log_and_print «ERROR: OpenVAS Administrator too old or too new: $VERSION« log_and_print «FIX: Please install OpenVAS Administrator $ADMINISTRATOR_MAJOR.$ADMINISTRATOR_MINOR.« log_and_print «HINT: Please see the —v6/7/8/9 command line options to check other major versions.« check_failed fi echo «« >> $LOG log_and_print «OK: OpenVAS Administrator is present in version $VERSION.« echo «Checking if users exist …« >> $LOG USERCOUNT=`openvasad -c «list_users« | sed -e «/^$/d« | wc -l` if [ $USERCOUNT -eq 0 ] then log_and_print «ERROR: No users found. You need to create at least one user to log in.« log_and_print « It is recommended to have at least one user with role Admin.« log_and_print «FIX: Create a user using ‘openvasad -c ‘add_user’ -n <name> —role=Admin’« check_failed else log_and_print «OK: At least one user exists.« fi echo «« >> $LOG echo «Checking if at least one admin user exists …« >> $LOG ADMINEXISTS=`ls $STATEDIR/users/*/isadmin 2> /dev/null` if [ $? -ne 0 ] then log_and_print «ERROR: No admin user found. You need to create at least one admin user to log in.« log_and_print «FIX: Create a user using ‘openvasad -c ‘add_user’ -n <name> -r Admin’« check_failed else log_and_print «OK: At least one admin user exists.« fi echo «« >> $LOG else echo «Step 3: Checking user configuration … « # TODO: Here we need new tests for presense of user and admin. Possibly based # on sqlite3 calls (which in turn means to check for sqlite3 which isn’t a runtime # requirement for OpenVAS). fi if [ $VER -ge 6 ] then echo «Checking status of password policy …« >> $LOG CONFFILE=`openvassd -s 2>>$LOG | grep config_file | sed -e «s/^config_file = //«` CONFDIR=`dirname $CONFFILE` grep -v «^[#]« $CONFDIR/pwpolicy.conf | grep -v «^$« > /dev/null 2>&1 if [ $? -ne 0 ] then log_and_print «WARNING: Your password policy is empty.« log_and_print «SUGGEST: Edit the $CONFDIR/pwpolicy.conf file to set a password policy.« else log_and_print «OK: The password policy file at $CONFDIR/pwpolicy.conf contains entries.« fi echo «« >> $LOG fi echo «Step 4: Checking Greenbone Security Assistant (GSA) … « echo «Checking presence of Greenbone Security Assistant …« >> $LOG gsad —version >> $LOG 2>&1 if [ $? -ne 0 ] then log_and_print «ERROR: No Greenbone Security Assistant (gsad) found.« log_and_print «FIX: Please install Greenbone Security Assistant.« check_failed fi echo «« >> $LOG VERSION=`gsad —version | head -1 | sed -e «s/Greenbone Security Assistant //«` if [ `echo $VERSION | grep «^$GSA_MAJOR.$GSA_MINOR« | wc -l` -ne «1« ] then log_and_print «ERROR: Greenbone Security Assistant too old or too new: $VERSION« log_and_print «FIX: Please install Greenbone Security Assistant $GSA_MAJOR.$GSA_MINOR.« log_and_print «HINT: Please see the —v6/7/8/9 command line options to check other major versions.« check_failed fi echo «« >> $LOG log_and_print «OK: Greenbone Security Assistant is present in version $VERSION.« if [ «$VER« -ge 9 ] then echo «Verifying certificate infrastructure …« >> $LOG openvas-manage-certs -V >> $LOG 2>&1 if [ $? -ne 0 ] then log_and_print «ERROR: Your OpenVAS certificate infrastructure did NOT pass validation.« log_and_print «FIX: Run ‘openvas-manage-certs -a’.« check_failed fi echo «« >> $LOG log_and_print «OK: Your OpenVAS certificate infrastructure passed validation.« fi echo «Step 5: Checking OpenVAS CLI … « if [ «$MODE« != «server« ] then echo «Checking presence of OpenVAS CLI …« >> $LOG omp —version >> $LOG 2>&1 if [ $? -ne 0 ] then log_and_print «ERROR: No OpenVAS CLI (omp) found.« log_and_print «FIX: Please install OpenVAS CLI.« log_and_print «HINT: Please see the —server command line option to skip this check.« check_failed fi echo «« >> $LOG VERSION=`omp —version | head -1 | sed -e «s/OMP Command Line Interface //«` if [ `echo $VERSION | grep «^$CLI_MAJOR.$CLI_MINOR« | wc -l` -ne «1« ] then log_and_print «ERROR: OpenVAS CLI too old or too new: $VERSION« log_and_print «FIX: Please install OpenVAS CLI $CLI_MAJOR.$CLI_MINOR.« log_and_print «HINT: Please see the —v6/7/8/9 command line options to check other major versions.« check_failed fi echo «« >> $LOG log_and_print «OK: OpenVAS CLI version $VERSION.« else log_and_print «SKIP: Skipping check for OpenVAS CLI.« fi echo «Step 6: Checking Greenbone Security Desktop (GSD) … « if [ «$MODE« != «server« -a «$VER« -le 6 ] then echo «Checking presence of Greenbone Security Desktop …« >> $LOG DISPLAY=fake gsd —version >> $LOG 2>&1 if [ $? -ne 0 ] then if [ «$VER« -ge 6 ] then log_and_print «WARNING: No Greenbone Security Desktop (gsd) found or too old.« log_and_print «SUGGEST: Please install Greenbone Security Desktop $GSD_MAJOR.$GSD_MINOR.« else log_and_print «ERROR: No Greenbone Security Desktop (gsd) found or too old.« log_and_print «FIX: Please install Greenbone Security Desktop $GSD_MAJOR.$GSD_MINOR.« check_failed fi log_and_print «SKIP: Skipping further check for Greenbone Security Desktop.« else echo «« >> $LOG VERSION=`gsd —version | head -1 | sed -e «s/Greenbone Security Desktop //«` if [ `echo $VERSION | grep «^$GSD_MAJOR.$GSD_MINOR« | wc -l` -ne «1« ] then if [ $VER -lt «6« ] then log_and_print «ERROR: Greenbone Security Desktop too old or too new: $VERSION« log_and_print «FIX: Please install Greenbone Security Desktop $GSD_MAJOR.$GSD_MINOR.« log_and_print «HINT: Please see the —v6/7/8/9 command line options to check other major versions.« check_failed else log_and_print «WARNING: Greenbone Security Desktop too old or too new: $VERSION« log_and_print «SUGGEST: Please install Greenbone Security Desktop $GSD_MAJOR.$GSD_MINOR.« log_and_print «HINT: Please see the —v6/7/8/9 command line options to check other major versions.« fi fi echo «« >> $LOG log_and_print «OK: Greenbone Security Desktop is present in Version $VERSION.« fi else log_and_print «SKIP: Skipping check for Greenbone Security Desktop.« fi echo «Step 7: Checking if OpenVAS services are up and running … « echo «Checking netstat presence …« >> $LOG NETSTAT=`type netstat 2> /dev/null` if [ $? -ne 0 ] then log_and_print «WARNING: Could not find netstat binary, checks of the OpenVAS services are disabled.« log_and_print «SUGGEST: Install netstat.« HAVE_NETSTAT=0 else log_and_print «OK: netstat found, extended checks of the OpenVAS services enabled.« HAVE_NETSTAT=1 fi echo «« >> $LOG if [ $HAVE_NETSTAT -eq 1 ] then netstat -A inet -A inet6 -ntlp 2> /dev/null >> $LOG OPENVASSD_HOST=`netstat -A inet -A inet6 -ntlp 2> /dev/null | grep openvassd | awk -F ‘{print $4}‘ | awk -F: ‘sub(FS $NF,x)‘` OPENVASSD_PORT=`netstat -A inet -A inet6 -ntlp 2> /dev/null | grep openvassd | awk -F ‘{print $4}‘ | awk -F: ‘{print $NF}‘` OPENVASMD_HOST=`netstat -A inet -A inet6 -ntlp 2> /dev/null | grep openvasmd | awk -F ‘{print $4}‘ | awk -F: ‘sub(FS $NF,x)‘` OPENVASMD_PORT=`netstat -A inet -A inet6 -ntlp 2> /dev/null | grep openvasmd | awk -F ‘{print $4}‘ | awk -F: ‘{print $NF}‘` OPENVASAD_HOST=`netstat -A inet -A inet6 -ntlp 2> /dev/null | grep openvasad | awk -F ‘{print $4}‘ | awk -F: ‘sub(FS $NF,x)‘` OPENVASAD_PORT=`netstat -A inet -A inet6 -ntlp 2> /dev/null | grep openvasad | awk -F ‘{print $4}‘ | awk -F: ‘{print $NF}‘` GSAD_HOST=`netstat -A inet -A inet6 -ntlp 2> /dev/null | grep gsad | awk -F ‘{print $4}‘ | awk -F: ‘sub(FS $NF,x)‘` GSAD_PORT=`netstat -A inet -A inet6 -ntlp 2> /dev/null | grep gsad | awk -F ‘{print $4}‘ | awk -F: ‘{print $NF}‘ | tail -1` if [ $VER -ge 9 ] then OPENVASSD_SOCKET_FOUND=0 if netstat -A unix -nlp 2> /dev/null | grep «openvassd.sock« > /dev/null then OPENVASSD_SOCKET_FOUND=1 fi if [ $OPENVASSD_SOCKET_FOUND -eq 1 ] then log_and_print «OK: OpenVAS Scanner is running and listening on a Unix domain socket.« OPENVASSD_PORT=1 ; else log_and_print «ERROR: OpenVAS Scanner is NOT running!« log_and_print «FIX: Start OpenVAS Scanner (openvassd).« OPENVASSD_PORT=-1 ; fi else case «$OPENVASSD_HOST« in «0.0.0.0«|«::«) log_and_print «OK: OpenVAS Scanner is running and listening on all interfaces.« ;; «127.0.0.1«) log_and_print «OK: OpenVAS Scanner is running and listening only on the local interface.« ;; ««) OPENVASSD_PROC=`ps -Af | grep -ic «[o]penvassd: waiting for incoming connections«` if [ $OPENVASSD_PROC -eq 0 ] then log_and_print «ERROR: OpenVAS Scanner is NOT running!« ; log_and_print «FIX: Start OpenVAS Scanner (openvassd).« ; OPENVASSD_PORT=-1 ; else log_and_print «WARNING: OpenVAS Scanner seems to be run by another user!« ; log_and_print «FIX: If intended this is OK (e.g. as root). But we can not determine the port.« ; log_and_print «FIX: You might face subsequent problems if not intended.« ; OPENVASSD_PORT=1 ; fi ;; esac case $OPENVASSD_PORT in -1) ;; 9391) log_and_print «OK: OpenVAS Scanner is listening on port 9391, which is the default port.« ;; *) log_and_print «WARNING: OpenVAS Scanner is listening on port $OPENVASSD_PORT, which is NOT the default port!« log_and_print «SUGGEST: Ensure OpenVAS Scanner is listening on port 9391.« ;; esac fi if [ $VER -ge 9 ] then OPENVASMD_SOCKET_FOUND=0 if netstat -A unix -nlp 2> /dev/null | grep «openvasmd.sock« > /dev/null then OPENVASMD_SOCKET_FOUND=1 fi if [ $OPENVASMD_SOCKET_FOUND -eq 1 ] then log_and_print «OK: OpenVAS Manager is running and listening on a Unix domain socket.« OPENVASMD_PORT=1 else case «$OPENVASMD_HOST« in «0.0.0.0«|«::«) log_and_print «OK: OpenVAS Manager is running and listening on all interfaces.« ;; «127.0.0.1«) log_and_print «WARNING: OpenVAS Manager is running and listening only on the local interface.« log_and_print «This means that you will not be able to access the OpenVAS Manager from the« log_and_print «outside using GSD or OpenVAS CLI.« log_and_print «SUGGEST: Ensure that OpenVAS Manager listens on all interfaces unless you want« log_and_print «a local service only.« OPENVASMD_PORT=1 ;; ««) log_and_print «ERROR: OpenVAS Manager is NOT running!« log_and_print «FIX: Start OpenVAS Manager (openvasmd).« OPENVASMD_PORT=-1 ;; esac fi else case «$OPENVASMD_HOST« in «0.0.0.0«|«::«) log_and_print «OK: OpenVAS Manager is running and listening on all interfaces.« ;; «127.0.0.1«) log_and_print «WARNING: OpenVAS Manager is running and listening only on the local interface.« log_and_print «This means that you will not be able to access the OpenVAS Manager from the« log_and_print «outside using GSD or OpenVAS CLI.« log_and_print «SUGGEST: Ensure that OpenVAS Manager listens on all interfaces unless you want« log_and_print «a local service only.« ;; ««) log_and_print «ERROR: OpenVAS Manager is NOT running!« log_and_print «FIX: Start OpenVAS Manager (openvasmd).« OPENVASMD_PORT=-1 ;; esac case $OPENVASMD_PORT in -1) ;; 9390) log_and_print «OK: OpenVAS Manager is listening on port 9390, which is the default port.« ;; *) log_and_print «WARNING: OpenVAS Manager is listening on port $OPENVASMD_PORT, which is NOT the default port!« log_and_print «SUGGEST: Ensure OpenVAS Manager is listening on port 9390.« ;; esac fi if [ $ADMINISTRATOR_MAJOR != «0« ] then case «$OPENVASAD_HOST« in «0.0.0.0«) log_and_print «OK: OpenVAS Administrator is running and listening on all interfaces.« ;; «127.0.0.1«) log_and_print «OK: OpenVAS Administrator is running and listening only on the local interface.« ;; ««) log_and_print «ERROR: OpenVAS Administrator is NOT running!« log_and_print «FIX: Start OpenVAS Administrator (openvasad).« OPENVASAD_PORT=-1 ;; esac case $OPENVASAD_PORT in -1) ;; 9393) log_and_print «OK: OpenVAS Administrator is listening on port 9393, which is the default port.« ;; *) log_and_print «WARNING: OpenVAS Administrator is listening on port $OPENVASAD_PORT, which is NOT the default port!« log_and_print «SUGGEST: Ensure OpenVAS Administrator is listening on port 9393.« ;; esac else OPENVASAD_PORT=1; # to make this not a failure because we do not need openvasad at all fi case «$GSAD_HOST« in «0.0.0.0«|«::«) log_and_print «OK: Greenbone Security Assistant is running and listening on all interfaces.« ;; «127.0.0.1«) log_and_print «WARNING: Greenbone Security Assistant is running and listening only on the local interface.« log_and_print «This means that you will not be able to access the Greenbone Security Assistant from the« log_and_print «outside using a web browser.« log_and_print «SUGGEST: Ensure that Greenbone Security Assistant listens on all interfaces.« ;; ««) log_and_print «ERROR: Greenbone Security Assistant is NOT running!« log_and_print «FIX: Start Greenbone Security Assistant (gsad).« GSAD_PORT=-1 ;; esac case $GSAD_PORT in -1) ;; 80|443|9392) log_and_print «OK: Greenbone Security Assistant is listening on port $GSAD_PORT, which is the default port.« ;; *) log_and_print «WARNING: Greenbone Security Assistant is listening on port $GSAD_PORT, which is NOT the default port!« log_and_print «SUGGEST: Ensure Greenbone Security Assistant is listening on one of the following ports: 80, 443, 9392.« ;; esac if [ $OPENVASSD_PORT -eq -1 ] || [ $OPENVASMD_PORT -eq -1 ] || [ $OPENVASAD_PORT -eq -1 ] || [ $GSAD_PORT -eq -1 ] then check_failed fi fi echo «Step 8: Checking nmap installation …« echo «Checking presence of nmap …« >> $LOG NMAP=`type nmap 2> /dev/null` if [ $? -ne 0 ] then if [ $SKIP_NMAP -eq 0 ] then log_and_print «ERROR: No nmap installation found.« log_and_print «FIX: The predefined scan configurations needs nmap as a port scanner. You should install nmap (see http://nmap.org).« log_and_print «HINT: Please see the —skip-nmap command line option to skip this check.« check_failed else log_and_print «WARNING: No nmap installation found.« log_and_print «WARNING: You need to add a port scanner from the ‘Port scanners’ family to your custom scan config and install this port scanner on your system.« fi else VERSION=`nmap —version | awk ‘/Nmap version/ { print $3 }‘` if [ `echo $VERSION | grep «5.51« | wc -l` -ne «1« ] then log_and_print «WARNING: Your version of nmap is not fully supported: $VERSION« log_and_print «SUGGEST: You should install nmap 5.51 if you plan to use the nmap NSE NVTs.« else log_and_print «OK: nmap is present in version $VERSION.« fi fi echo «« >> $LOG echo «Step 10: Checking presence of optional tools …« echo «Checking presence of pdflatex …« >> $LOG PDFLATEX=`type pdflatex 2> /dev/null` if [ $? -ne 0 ] then log_and_print «WARNING: Could not find pdflatex binary, the PDF report format will not work.« log_and_print «SUGGEST: Install pdflatex.« HAVE_PDFLATEX=0 else log_and_print «OK: pdflatex found.« HAVE_PDFLATEX=1 fi echo «« >> $LOG if [ $HAVE_PDFLATEX -eq 1 ] then echo «Checking presence of LaTeX packages required for PDF report generation …« >> $LOG PDFTMPDIR=`mktemp -d -t openvas-check-setup-tmp.XXXXXXXXXX` TEXFILE=«$PDFTMPDIR/test.tex« cat <<EOT > $TEXFILE documentclass{article} pagestyle{empty} %usepackage{color} usepackage{tabularx} usepackage{geometry} usepackage{comment} usepackage{longtable} usepackage{titlesec} usepackage{chngpage} usepackage{calc} usepackage{url} usepackage[utf8x]{inputenc} DeclareUnicodeCharacter {135}{{textascii ?}} DeclareUnicodeCharacter {129}{{textascii ?}} DeclareUnicodeCharacter {128}{{textascii ?}} usepackage{colortbl} % must come last usepackage{hyperref} definecolor{linkblue}{rgb}{0.11,0.56,1} definecolor{inactive}{rgb}{0.56,0.56,0.56} definecolor{openvas_debug}{rgb}{0.78,0.78,0.78} definecolor{openvas_false_positive}{rgb}{0.2275,0.2275,0.2275} definecolor{openvas_log}{rgb}{0.2275,0.2275,0.2275} definecolor{openvas_hole}{rgb}{0.7960,0.1137,0.0902} definecolor{openvas_note}{rgb}{0.3255,0.6157,0.7961} definecolor{openvas_report}{rgb}{0.68,0.74,0.88} definecolor{openvas_user_note}{rgb}{1.0,1.0,0.5625} definecolor{openvas_user_override}{rgb}{1.0,1.0,0.5625} definecolor{openvas_warning}{rgb}{0.9764,0.6235,0.1922} hypersetup{colorlinks=true,linkcolor=linkblue,urlcolor=blue,bookmarks=true,bookmarksopen=true} usepackage[all]{hypcap} %geometry{verbose,a4paper,tmargin=24mm,bottom=24mm} geometry{verbose,a4paper} setlength{parskip}{smallskipamount} setlength{parindent}{0pt} title{PDF Report Test} pagestyle{headings} pagenumbering{arabic} begin{document} This is a test of the PDF generation capabilities of your OpenVAS installation. Please ignore. end{document} EOT pdflatex -interaction batchmode -output-directory $PDFTMPDIR $TEXFILE > /dev/null 2>&1 if [ ! -f «$PDFTMPDIR/test.pdf« ] then log_and_print «WARNING: PDF generation failed, most likely due to missing LaTeX packages. The PDF report format will not work.« log_and_print «SUGGEST: Install required LaTeX packages.« else log_and_print «OK: PDF generation successful. The PDF report format is likely to work.« fi if [ -f «$PDFTMPDIR/test.log« ] then cat $PDFTMPDIR/test.log >> $LOG fi rm -rf $PDFTMPDIR fi echo «Checking presence of ssh-keygen …« >> $LOG SSHKEYGEN=`type ssh-keygen 2> /dev/null` if [ $? -ne 0 ] then log_and_print «WARNING: Could not find ssh-keygen binary, LSC credential generation for GNU/Linux targets will not work.« log_and_print «SUGGEST: Install ssh-keygen.« HAVE_SSHKEYGEN=0 else log_and_print «OK: ssh-keygen found, LSC credential generation for GNU/Linux targets is likely to work.« HAVE_SSHKEYGEN=1 fi echo «« >> $LOG if [ $HAVE_SSHKEYGEN -eq 1 ] then echo «Checking presence of rpm …« >> $LOG RPM=`type rpm 2> /dev/null` if [ $? -ne 0 ] then log_and_print «WARNING: Could not find rpm binary, LSC credential package generation for RPM and DEB based targets will not work.« log_and_print «SUGGEST: Install rpm.« HAVE_RPM=0 else log_and_print «OK: rpm found, LSC credential package generation for RPM based targets is likely to work.« HAVE_RPM=1 fi echo «« >> $LOG if [ $HAVE_RPM -eq 1 ] then echo «Checking presence of alien …« >> $LOG ALIEN=`type alien 2> /dev/null` if [ $? -ne 0 ] then log_and_print «WARNING: Could not find alien binary, LSC credential package generation for DEB based targets will not work.« log_and_print «SUGGEST: Install alien.« HAVE_ALIEN=0 else log_and_print «OK: alien found, LSC credential package generation for DEB based targets is likely to work.« HAVE_ALIEN=1 fi echo «« >> $LOG fi fi echo «Checking presence of nsis …« >> $LOG NSIS=`type makensis 2> /dev/null` if [ $? -ne 0 ] then log_and_print «WARNING: Could not find makensis binary, LSC credential package generation for Microsoft Windows targets will not work.« log_and_print «SUGGEST: Install nsis.« HAVE_NSIS=0 else log_and_print «OK: nsis found, LSC credential package generation for Microsoft Windows targets is likely to work.« HAVE_NSIS=1 fi echo «Checking for SELinux …« >> $LOG selinux=`getenforce 2>/dev/null` if [ $? -eq 0 ] then if [ $selinux != «Disabled« ] then log_and_print «ERROR: SELinux is enabled. For a working OpenVAS installation you need to disable it.« log_and_print «FIX: Please disable SELinux.« check_failed else log_and_print «OK: SELinux is disabled.« fi fi echo «« >> $LOG echo «« echo «It seems like your OpenVAS-$VER installation is OK.« echo «« echo «If you think it is not OK, please report your observation« echo «and help us to improve this check routine:« echo «http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss« echo «Please attach the log-file ($LOG) to help us analyze the problem.« echo ««

Источник

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.

Источник

I’m using Redis 2.8 on Windows which I downloaded from github release. After unzip and I’ve set maxheap in redis.windows.conf file. After running redis-server redis.windows.conf I get # Creating Server TCP listening socket *:6379:No such file or directory, but redis is not running correctly. I don’t know why.

asked Aug 2, 2015 at 6:13

You must’ve used the .msi installer. It automagically registers a windows service which starts instantly after the installation (at least on my win 10 machine).

This service uses the default config and binds to port 6379. When you start redis-server from the command line, if you haven’t specified a different port through a config file, it picks up the default config again and tries to bind to port 6379 which fails.

Your cli works because it connects to the redis service that’s already listening on 6379. Your shutdown command stops the service and from there things work as expected. Mystery solved. Case closed.

answered Dec 9, 2015 at 19:52

FeignManFeignMan

1,1762 gold badges7 silver badges8 bronze badges

cdto the bin directory of Redis, and run

redis-cli.exe
shutdown
exit

open another cmd window, cd to the bin directory of Redis, and run

4.redis-server.exe

answered Aug 1, 2017 at 7:30

liyuhuiliyuhui

1,20011 silver badges17 bronze badges

Now service is normally.I run redis-cli.exe in the same window,and it connect correctly.Then I typed shutdown,the service is over.Reopen a command windows,type redis-server.The service run correctly.But I still did not understand why # Creating Server TCP listening socket *:6379:No such file or directory came out.

answered Aug 19, 2015 at 8:27

inOutinOut

1,1131 gold badge9 silver badges15 bronze badges

We had a similar/related «redis-server.exe» service hosting issue.

After installing the Redis Windows Service, we could access the service on port 6379 locally, but not from a remote client (even though the firewall was configured to allow inbound traffic on the port).

In order to resolve the issue, we had to edit the redis.windows-service.conf configuration file and change the following:

bind 127.0.0.1 needed use the actual IP address
protected-mode yes needed to be set to «no»

After making the above changes, we restarted the Redis service and were able to connect from all clients.

answered Oct 20, 2016 at 21:15

SeymourSeymour

7,03512 gold badges44 silver badges51 bronze badges

Its simple and works for me nice:
-open redis-cli (default in C:Program FilesRedis) and run this command:

shutdown

Finished.

now open cmd and try redis-server again.

I know its a little late for answering but because maybe others faced this problem later I answered it.

answered Jun 22, 2021 at 4:12

akbarakbar

5695 silver badges12 bronze badges

After getting this error,open the cli and press the command ‘shutdown’ and restart redis server. You are good to go. You will get the logo and everything is as expected.

answered Mar 26, 2016 at 21:04

check the port(if something else is using redis port)
use redis-server xxx.conf to run a server with your configuration
try to use redis-cli
check redis issues(https://github.com/ServiceStack/redis-windows/wiki/Issues-might-happen)

C:redis>redis-server.exe —service-install [8124] 03 Feb 23:58:14.573 # HandleServiceCommands: system error caught. error c ode=1073, message = CreateService failed: unknown error

C:redis>redis-server —service-install redis.windows.conf —loglevel verbose [10848] 04 Feb 00:00:40.508 # HandleServiceCommands: system error caught. error code=1073, message = CreateService failed: unknown error

C:redis>redis-server —service-install -–service-name redisService1 –port 100 01 Failed to open the .conf file: 10001 CWD=C:redis

C:redis>redis-server —service-install redis.windows.conf -–service-name redis Service1 –port 10001 Failed to open the .conf file: 10001 CWD=C:redis

C:redis>redis-server —service-install redis.windows.conf -–service-name redis Service1 –port 10001 Failed to open the .conf file: 10001 CWD=C:redis

C:redis>redis-server —service-install C:redisredis.windows.conf -–service-n ame redisService1 –port 10001 Failed to open the .conf file: 10001 CWD=C:redis

C:redis>redis-server —service-install C:redisredis.windows.conf -–service-n ame redisService1 –port 10001 Failed to open the .conf file: 10001 CWD=C:redis

C:redis>redis-server —service-install redis.windows.conf -–service-name redis Service1 –port 10001 Failed to open the .conf file: 10001 CWD=C:redis

C:redis> C:redis>redis-server —service-install redis.windows.conf -–service-name redis Service1 –port 10001 Failed to open the .conf file: 10001 CWD=C:redis

C:redis>redis-server —service-install redis.windows.conf —loglevel verbose [11572] 04 Feb 00:03:34.847 # HandleServiceCommands: system error caught. error code=1073, message = CreateService failed: unknown error

C:redis>redis-server —service-install redis.windows.conf —loglevel verbose — service-name redisService [7484] 04 Feb 00:03:53.610 # Granting read/write access to ‘NT AUTHORITYNetwork Service’ on: «C:redis» «C:redis» [7484] 04 Feb 00:03:53.612 # Redis successfully installed as a service.

answered Oct 19, 2017 at 5:15

Got the same behavior after restart. Initially thought Redis is not running, but your question made me to dig some more. Apparently, there’s Windows service, called «Redis» and it started after computer reboot.

answered Oct 16, 2015 at 7:50

I just got the same error message, but the root cause was different: I copied the config file over from a different machine, but it contained a «bind» entry containing an IP address, which — for sure — was invalid for the new machine,
i.e. bind 234.234.234.234

I changed it to the correct address and it was working as expected.

answered Feb 1, 2016 at 12:34

As @FeigMan said you must’ve used the .msi installer. It automagically registers a windows service which starts instantly after the installation.

I was getting below error:

[15052] 10 Apr 14:40:14.601 # Creating Server TCP listening socket *:6379: listen: Unknown error

If service is already running you will get above error.
As per need you can restart service by below commands:

redis-server —service-stop
redis-server —service-start

answered Apr 10, 2017 at 9:29

For windows after installing using windows installer. So Check if your Redis server is already up and running.
check by going to redis-cli

redis-cli
127.0.0.1:6379>

answered Jun 5, 2021 at 12:53

Источник

Type=forking

Recommend Projects

<img decoding="async" onError="javascript: wp_broken_images = window.wp_broken_images || function(){}; wp_broken_images(this);" loading="lazy" width="24" height="24" src="https://www.typescriptlang.org/favicon-32x32.png" alt="Typescript photo" /> Typescript

<img decoding="async" onError="javascript: wp_broken_images = window.wp_broken_images || function(){}; wp_broken_images(this);" loading="lazy" width="24" height="24" src="https://avatars2.githubusercontent.com/u/27804?s=200&amp;v=4" alt="Django photo" /> Django

<img decoding="async" onError="javascript: wp_broken_images = window.wp_broken_images || function(){}; wp_broken_images(this);" loading="lazy" width="24" height="24" src="https://laravel.com/img/logomark.min.svg" alt="Laravel photo" /> Laravel

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

<img decoding="async" onError="javascript: wp_broken_images = window.wp_broken_images || function(){}; wp_broken_images(this);" loading="lazy" width="24" height="24" src="https://avatars.githubusercontent.com/u/69631?v=4" alt="Facebook photo" /> Facebook

<img decoding="async" onError="javascript: wp_broken_images = window.wp_broken_images || function(){}; wp_broken_images(this);" loading="lazy" width="24" height="24" src="https://avatars.githubusercontent.com/u/6154722?v=4" alt="Microsoft photo" /> Microsoft

<img decoding="async" onError="javascript: wp_broken_images = window.wp_broken_images || function(){}; wp_broken_images(this);" loading="lazy" width="24" height="24" src="https://avatars.githubusercontent.com/u/1961952?v=4" alt="Alibaba photo" /> Alibaba

<img decoding="async" onError="javascript: wp_broken_images = window.wp_broken_images || function(){}; wp_broken_images(this);" loading="lazy" width="24" height="24" src="https://avatars.githubusercontent.com/u/1562726?v=4" alt="D3 photo" /> D3

<img decoding="async" onError="javascript: wp_broken_images = window.wp_broken_images || function(){}; wp_broken_images(this);" loading="lazy" width="24" height="24" src="https://avatars.githubusercontent.com/u/18461506?v=4" alt="Tencent photo" /> Tencent

Typescript

Django

Laravel

Facebook

Microsoft

Alibaba

D3

Tencent