1

Im configuring openvas and the scanner looks for the redis.sock by default in /tmp/redis.sock.

I have edited to the redis.conf config file to show

unixsocket /tmp/redis.sock

unixsocketperm 777

Upon restarting the service, it instead places the redis.sock in /tmp/systemd-private34823472372937527347-redis-server/tmp/redis.sock

Any help? Debian stretch 9.1 redis-server : 3.2.6

After every restart of the redis-server (sudo service redis-server restart), If I manually move the redis.sock back to /tmp then it fixes the issues. But, not great having to manually move it with every restart of redis-server.

Community
  • 1
  • 1
pm1391
  • 275
  • 2
  • 14

3 Answers3

2

Instead of turning off the privatetmp security feature of systemd configure redis (redis.conf) to use /var/run/redis/redis.sock and add the following to your $prefix/etc/openvas/openvassd.conf:

kb_location = /var/run/redis/redis.sock
tmp
  • 36
  • 2
0

If your Privatetemp is set to enabled in your systemd file then it will create it in this private directory. Simply turning that off worked great

pm1391
  • 275
  • 2
  • 14
0

I had similar issue where openvas-check-status resulted in:" 

FIX: You should start the redis-server or configure it to listen on socket: /var/run/redis-openvas/redis-server.sock

Reviewing the loading process I found these error in the log files: 

redis-server.service: Can't open PID file /var/run/redis/redis-server.pid(yet?) after start: No such file or directory

I know its bad practice but it solved the issue for me, I run:

 chmod 777 redis-server-openvas.log

**also - it should be noted that I also attempted a whole lot of other fixes before doing that , so maybe it was a combination of some of them, and this one just help finishing it off.

NetRunner
  • 1