#!/bin/bash # Copyright 1999-2019 Gentoo Authors # Distributed under the terms of the GNU General Public License v2 # This is OpenVAS cron script that updates feed and reload daemons. # Hasan ÇALIŞIR hsntgm@gmail.com | proxy maintainer # Mail settings MAIL_TO="root" MAIL_SUBJECT="CronJob-OpenVAS" # If you don't use systemd or open-rc for OpenVAS daemons you can set start command args here # while we manually start/restart them. #################################################################################################### # OpenVAS Manager command args OPENVAS_MANAGER_OPTIONS="" # e.g --foreground OPENVAS_MANAGER_PORT="--port=9390" # Manager listen port OPENVAS_MANAGER_LISTEN_ADDRESS="--listen=127.0.0.1" # Manager listen address OPENVAS_MANAGER_SCANNER_HOST="--scanner-host=/var/run/openvassd.sock" # Scanner unix socket OPENVAS_MANAGER_GNUTLS_PRIORITIES="--gnutls-priorities=SECURE256:+SUITEB192:+SECURE192:+SECURE128:+SUITEB128:-MD5:-SHA1:-VERS-TLS1.0:-VERS-TLS1.1:-VERS-SSL3.0" # OpenVAS Scanner command args OPENVAS_SCANNER_OPTIONS="" # e.g --foreground OPENVAS_SCANNER_LISTEN_SOCKET="--unix-socket=/var/run/openvassd.sock" # Scanner listen socket # OpenVAS Security Assistant command args for reverse proxying | SSL PassThrough OPENVAS_SECURITY_ASSISTANT_OPTIONS="--no-redirect" # Don't listen port 80 anymore OPENVAS_SECURITY_ASSISTANT_LISTEN_ADDRESS="--listen=127.0.0.1" # WebUI adress OPENVAS_SECURITY_ASSISTANT_LISTEN_PORT="--port=9392" # WebUI Port OPENVAS_SECURITY_ASSISTANT_MANAGER_LISTEN_ADDRESS="--mlisten=127.0.0.1" # WebUI Manager Address OPENVAS_SECURITY_ASSISTANT_MANAGER_PORT="--mport=9390" # WebUI Manager Port OPENVAS_SECURITY_ASSISTANT_GNUTLS_PRIORITIES="--gnutls-priorities=NORMAL" # TLS Settings ##################################################################################################### # Update Environment source /etc/profile &>/dev/null source /etc/environment &>/dev/null source ~/.bash_profile &>/dev/null # Check the needed executables if they are in our environment and have +x if ! [ -x "$(command -v openvasmd)" ] || ! [ -x "$(command -v openvassd)" ] || ! [ -x "$(command -v redis-server)" ]; then path="1" else path="0" fi # Check Security-Assistant is exist if ! [ -x "$(command -v gsad)" ]; then gsad="1" else gsad="0" fi # Executables are not in our environment if [ $path -eq 1 ]; then echo "OpenVAS CronJob Failed! If you installed OpenVAS to specific location e.g. /opt" | tee -a /tmp/openvas_mail.out echo "please add these PATHS to /etc/profile e.g. 'PATH=$PATH:/opt/openvas/bin:/opt/openvas/sbin'" | tee -a /tmp/openvas_mail.out echo "also sure that they are executable e.g. 'chmod +x /opt/openvas/sbin/openvassd'" | tee -a /tmp/openvas_mail.out echo -e "Subject:$MAIL_SUBJECT\n$(cat /tmp/openvas_mail.out)" | sendmail -t "$MAIL_TO" &>/dev/null exit 1 fi # Check systemd if exist if command -v systemctl &>/dev/null; then systemctl="0" else systemctl="1" fi # Check open-rc if exist if command -v rc-service &>/dev/null; then open_rc="0" else open_rc="1" fi # open-rc variables if [ $systemctl -eq 1 ] && [ $open_rc -eq 0 ]; then scanner_init="0" manager_init="0" assistant_init="0" redis_init="0" fi # Check OpenVAS-Scanner systemd unit(common name) is active or enabled if [ $systemctl -eq 0 ] && ([ "$(systemctl is-active openvassd.service)" = "active" ] || [ "$(systemctl list-unit-files | grep 'enabled' | grep 'openvassd.service' | awk '{print $1}')" = "openvassd.service" ]); then scanner="0" else scanner="1" fi # Check OpenVAS-Manager systemd unit(common name) is active or enabled if [ $systemctl -eq 0 ] && ([ "$(systemctl is-active openvasmd.service)" = "active" ] || [ "$(systemctl list-unit-files | grep 'enabled' | grep 'openvasmd.service' | awk '{print $1}')" = "openvasmd.service" ]); then manager="0" else manager="1" fi # Check OpenVAS-Assistant systemd unit(common name) is active or not if [ $systemctl -eq 0 ] && ([ "$(systemctl is-active gsad.service)" = "active" ] || [ "$(systemctl list-unit-files | grep 'enabled' | grep 'gsad.service' | awk '{print $1}')" = "gsad.service" ]); then assistant="0" else assistant="1" fi # Check Redis systemd unit(common name) is active or not if [ $systemctl -eq 0 ] && ([ "$(systemctl is-active redis.service)" = "active" ] || [ "$(systemctl list-unit-files | grep 'enabled' | grep 'redis.service' | awk '{print $1}')" = "redis.service" ]); then redis="0" else redis="1" fi # If you don't use common systemd service names for OpenVAS # We need to find correct service name for restarting. if [ $scanner -eq 1 ] || [ $manager -eq 1 ]; then WHICHM="ExecStart=$(type openvasmd | awk '{print $3}')" WHICHS="ExecStart=$(type openvassd | awk '{print $3}')" WHICHA="ExecStart=$(type gsad | awk '{print $3}')" WHICHR="ExecStart=$(type redis-server | awk '{print $3}')" # If you have unordinary systemd services PATH you can add here DIR="/lib/systemd/system/ /etc/systemd/system/ /usr/lib/systemd/system/ /usr/local/lib/systemd/system/" # Find OpenVAS daemons systemd files for i in $DIR; do if [ -d "$i" ]; then grep -rilnw "$i" -e "$WHICHM" | cut -d: -f1 | grep -oP "$i\K.*" &>>/tmp/openvas_GVM_manager_service.out grep -rilnw "$i" -e "$WHICHS" | cut -d: -f1 | grep -oP "$i\K.*" &>>/tmp/openvas_GVM_scanner_service.out grep -rilnw "$i" -e "$WHICHA" | cut -d: -f1 | grep -oP "$i\K.*" &>>/tmp/openvas_GVM_assistant_service.out grep -rilnw "$i" -e "$WHICHR" | cut -d: -f1 | grep -oP "$i\K.*" &>>/tmp/openvas_GVM_redis_service.out fi done # Time to get our exact systemd service searching in enabled services manager_service="$(while IFS= read -r service; do systemctl list-unit-files | grep "enabled" | grep -P "(^|\s)\K$service(?=\s|$)" | awk '{print $1}' done < /tmp/openvas_GVM_manager_service.out)" scanner_service="$(while IFS= read -r service; do systemctl list-unit-files | grep "enabled" | grep -P "(^|\s)\K$service(?=\s|$)" | awk '{print $1}' done < /tmp/openvas_GVM_scanner_service.out)" assistant_service="$(while IFS= read -r service; do systemctl list-unit-files | grep "enabled" | grep -P "(^|\s)\K$service(?=\s|$)" | awk '{print $1}' done < /tmp/openvas_GVM_assistant_service.out)" redis_service="$(while IFS= read -r service; do systemctl list-unit-files | grep "enabled" | grep -P "(^|\s)\K$service(?=\s|$)" | awk '{print $1}' done < /tmp/openvas_GVM_redis_service.out)" rm -rf /tmp/openvas_GVM* COUNTM=$(wc -w <<< "${manager_service}") COUNTS=$(wc -w <<< "${scanner_service}") COUNTA=$(wc -w <<< "${assistant_service}") COUNTR=$(wc -w <<< "${redis_service}") if [ $COUNTM -gt 1 ] || [ $COUNTS -gt 1 ] || [ $COUNTR -gt 1 ]; then echo "OpenVAS CronJob Failed! You have multiple enabled systemd service for single OpenVAS daemon or redis" | tee -a /tmp/openvas_mail.out echo -e "Subject:$MAIL_SUBJECT\n$(cat /tmp/openvas_mail.out)" | sendmail -t "$MAIL_TO" &>/dev/null exit 1 fi fi # Start to update FEED & First NVT. try=0 until [ $try -ge 5 ]; do greenbone-nvt-sync &>/dev/null && break echo "Can't connected! Trying to update greenbone-nvt again.." &>>/tmp/openvas_mail.out try=$[$try+1] sleep 30 done # Check status if [ $? -eq 0 ]; then echo "greenbone-nvt-sync is done" &>>/tmp/openvas_mail.out # Avoid your IP temporary banned because of multiple connection sleep 5 # Try to update scapdata. try=0 until [ $try -ge 5 ]; do greenbone-scapdata-sync &>/dev/null && break echo "Can't connected! Trying to update greenbone-scapdata again.." &>>/tmp/openvas_mail.out try=$[$try+1] sleep 30 done # Check status if [ $? -eq 0 ]; then echo "greenbone-scapdata-sync is done" &>>/tmp/openvas_mail.out # Avoid your IP temporary banned because of multiple connection sleep 5 # Try to update certdata try=0 until [ $try -ge 5 ]; do greenbone-certdata-sync &>/dev/null && break echo "Can't connected! Trying to update greenbone-certdata again.." &>>/tmp/openvas_mail.out try=$[$try+1] sleep 30 done # Check status if [ $? -eq 0 ]; then echo "greenbone-certdata-sync is done" &>>/tmp/openvas_mail.out # Check OpenVAS-Scanner is running if ps aux | grep -v "grep" | grep -P "(^|\s)\Kopenvassd:(?=\s|$)" &>/dev/null; then echo "OpenVAS-Scanner is running." &>>/tmp/openvas_mail.out openvasmd --update --progress &>/dev/null elif [ $scanner -eq 0 ]; then # Start OpenVAS-Scanner systemd unit & Rebuild Cache echo "OpenVAS-Scanner is down! Trying to up.." &>>/tmp/openvas_mail.out systemctl start openvassd.service &>/dev/null if [ $? -eq 0 ]; then # Wait for initialize until [ "$(ps aux | grep -v 'grep' | grep -ow 'openvassd: Waiting')" = "openvassd: Waiting" ]; do sleep 15 echo "Waiting for OpenVAS-Scanner to become ready.." &>>/tmp/openvas_mail.out done echo "openvassd.service started and waiting for connection." &>>/tmp/openvas_mail.out # Rebuild Cache openvasmd --update --progress &>/dev/null else echo "openvassd.service cannot started.." | tee -a /tmp/openvas_mail.out echo -e "Subject:$MAIL_SUBJECT\n$(cat /tmp/openvas_mail.out)" | sendmail -t "$MAIL_TO" &>/dev/null exit 1 fi elif [[ -n "$scanner_service" ]]; then echo "OpenVAS-Scanner is down! Trying to up.." &>>/tmp/openvas_mail.out systemctl start "$scanner_service" &>/dev/null if [ $? -eq 0 ]; then # Wait for initialize until [ "$(ps aux | grep -v 'grep' | grep -ow 'openvassd: Waiting')" = "openvassd: Waiting" ]; do sleep 15 echo "Waiting for OpenVAS-Scanner to become ready.." &>>/tmp/openvas_mail.out done echo "$scanner_service is started and waiting for connection." &>>/tmp/openvas_mail.out # Rebuild Cache openvasmd --update --progress &>/dev/null else echo "$scanner_service cannot started.." | tee -a /tmp/openvas_mail.out echo -e "Subject:$MAIL_SUBJECT\n$(cat /tmp/openvas_mail.out)" | sendmail -t "$MAIL_TO" &>/dev/null exit 1 fi elif [[ -n "$scanner_init" ]]; then # Start OpenVAS-Scanner with init.d (open-rc) & Rebuild Cache echo "OpenVAS-Scanner is down! Trying to up.." &>>/tmp/openvas_mail.out rc-service openvassd start &>/dev/null if [ $? -eq 0 ]; then # Wait for initialize until [ "$(ps aux | grep -v 'grep' | grep -ow 'openvassd: Waiting')" = "openvassd: Waiting" ]; do sleep 15 echo "Waiting for OpenVAS-Scanner to become ready.." &>>/tmp/openvas_mail.out done echo "rc-service --> openvassd started and waiting for connection." &>>/tmp/openvas_mail.out # Rebuild Cache openvasmd --update --progress &>/dev/null else echo "rc-service --> openvassd cannot started.." | tee -a /tmp/openvas_mail.out echo -e "Subject:$MAIL_SUBJECT\n$(cat /tmp/openvas_mail.out)" | sendmail -t "$MAIL_TO" &>/dev/null exit 1 fi else echo "OpenVAS-Scanner is down! Trying to up.." &>>/tmp/openvas_mail.out openvassd "$OPENVAS_SCANNER_OPTIONS" "$OPENVAS_SCANNER_LISTEN_SOCKET" &>/dev/null # Wait for initialize if [ $? -eq 0 ]; then until [ "$(ps aux | grep -v 'grep' | grep -ow 'openvassd: Waiting')" = "openvassd: Waiting" ]; do sleep 15 echo "Waiting for OpenVAS-Scanner to become ready.." &>>/tmp/openvas_mail.out done else echo "OpenVAS Scanner cannot started manually.." | tee -a /tmp/openvas_mail.out echo -e "Subject:$MAIL_SUBJECT\n$(cat /tmp/openvas_mail.out)" | sendmail -t "$MAIL_TO" &>/dev/null exit 1 fi echo "OpenVAS-Scanner started manually and waiting for connection." &>>/tmp/openvas_mail.out # Rebuild Cache openvasmd --update --progress &>/dev/null fi # Check status if [ $? -eq 0 ]; then echo "Updating NVT cache is done" &>>/tmp/openvas_mail.out # Restart OpenVAS-Scanner if [ $scanner -eq 0 ]; then ps aux | grep -v "grep" | grep -P "(^|\s)\Kopenvassd:(?=\s|$)" | awk '{print $2}' | xargs kill -9 &>/dev/null sleep 3 # Try to restart redis service before OpenVAS-Scanner if [ $redis -eq 0 ]; then systemctl restart redis.service &>/dev/null if [ $? -eq 0 ]; then echo "systemd --> redis.service is restarted." &>>/tmp/openvas_mail.out else echo "systemd --> redis.service cannot restarted." | tee -a /tmp/openvas_mail.out echo -e "Subject:$MAIL_SUBJECT\n$(cat /tmp/openvas_mail.out)" | sendmail -t "$MAIL_TO" &>/dev/null exit 1 fi elif [[ -n "$redis_service" ]]; then systemctl restart "$redis_service" &>/dev/null if [ $? -eq 0 ]; then echo "systemd --> $redis_service is restarted." &>>/tmp/openvas_mail.out else echo "systemd --> $redis_service cannot restarted." | tee -a /tmp/openvas_mail.out echo -e "Subject:$MAIL_SUBJECT\n$(cat /tmp/openvas_mail.out)" | sendmail -t "$MAIL_TO" &>/dev/null exit 1 fi elif [[ -n "$redis_init" ]]; then rc-service redis stop sleep 5 rc-service redis start if [ $? -eq 0 ]; then echo "open-rc --> redis is restarted." &>>/tmp/openvas_mail.out else echo "open-rc --> redis cannot restarted." | tee -a /tmp/openvas_mail.out echo -e "Subject:$MAIL_SUBJECT\n$(cat /tmp/openvas_mail.out)" | sendmail -t "$MAIL_TO" &>/dev/null exit 1 fi fi systemctl restart openvassd.service &>/dev/null elif [[ -n "$scanner_service" ]]; then ps aux | grep -v "grep" | grep -P "(^|\s)\Kopenvassd:(?=\s|$)" | awk '{print $2}' | xargs kill -9 &>/dev/null sleep 3 # Try to restart redis service before OpenVAS-Scanner if [ $redis -eq 0 ]; then systemctl restart redis.service &>/dev/null if [ $? -eq 0 ]; then echo "systemd --> redis.service is restarted." &>>/tmp/openvas_mail.out else echo "systemd --> redis.service cannot restarted." | tee -a /tmp/openvas_mail.out echo -e "Subject:$MAIL_SUBJECT\n$(cat /tmp/openvas_mail.out)" | sendmail -t "$MAIL_TO" &>/dev/null exit 1 fi elif [[ -n "$redis_service" ]]; then systemctl restart "$redis_service" &>/dev/null if [ $? -eq 0 ]; then echo "systemd --> $redis_service is restarted." &>>/tmp/openvas_mail.out else echo "systemd --> $redis_service cannot restarted." | tee -a /tmp/openvas_mail.out echo -e "Subject:$MAIL_SUBJECT\n$(cat /tmp/openvas_mail.out)" | sendmail -t "$MAIL_TO" &>/dev/null exit 1 fi elif [[ -n "$redis_init" ]]; then rc-service redis stop sleep 5 rc-service redis start if [ $? -eq 0 ]; then echo "open-rc --> redis is restarted." &>>/tmp/openvas_mail.out else echo "open-rc --> redis cannot restarted." | tee -a /tmp/openvas_mail.out echo -e "Subject:$MAIL_SUBJECT\n$(cat /tmp/openvas_mail.out)" | sendmail -t "$MAIL_TO" &>/dev/null exit 1 fi fi systemctl restart "$scanner_service" &>/dev/null elif [[ -n "$scanner_init" ]]; then ps aux | grep -v "grep" | grep -P "(^|\s)\Kopenvassd:(?=\s|$)" | awk '{print $2}' | xargs kill -9 &>/dev/null sleep 3 # Try to restart redis service before OpenVAS-Scanner if [ $redis -eq 0 ]; then systemctl restart redis.service &>/dev/null if [ $? -eq 0 ]; then echo "systemd --> redis.service is restarted." &>>/tmp/openvas_mail.out else echo "systemd --> redis.service cannot restarted." | tee -a /tmp/openvas_mail.out echo -e "Subject:$MAIL_SUBJECT\n$(cat /tmp/openvas_mail.out)" | sendmail -t "$MAIL_TO" &>/dev/null exit 1 fi elif [[ -n "$redis_service" ]]; then systemctl restart "$redis_service" &>/dev/null if [ $? -eq 0 ]; then echo "systemd --> $redis_service is restarted." &>>/tmp/openvas_mail.out else echo "systemd --> $redis_service cannot restarted." | tee -a /tmp/openvas_mail.out echo -e "Subject:$MAIL_SUBJECT\n$(cat /tmp/openvas_mail.out)" | sendmail -t "$MAIL_TO" &>/dev/null exit 1 fi elif [[ -n "$redis_init" ]]; then rc-service redis stop sleep 5 rc-service redis start if [ $? -eq 0 ]; then echo "open-rc --> redis is restarted." &>>/tmp/openvas_mail.out else echo "open-rc --> redis cannot restarted." | tee -a /tmp/openvas_mail.out echo -e "Subject:$MAIL_SUBJECT\n$(cat /tmp/openvas_mail.out)" | sendmail -t "$MAIL_TO" &>/dev/null exit 1 fi fi rc-service openvassd start &>/dev/null else ps aux | grep -v "grep" | grep -P "(^|\s)\Kopenvassd:(?=\s|$)" | awk '{print $2}' | xargs kill -9 &>/dev/null sleep 3 # Try to restart redis service before OpenVAS-Scanner if [ $redis -eq 0 ]; then systemctl restart redis.service &>/dev/null if [ $? -eq 0 ]; then echo "systemd --> redis.service is restarted." &>>/tmp/openvas_mail.out else echo "systemd --> redis.service cannot restarted." | tee -a /tmp/openvas_mail.out echo -e "Subject:$MAIL_SUBJECT\n$(cat /tmp/openvas_mail.out)" | sendmail -t "$MAIL_TO" &>/dev/null exit 1 fi elif [[ -n "$redis_service" ]]; then systemctl restart "$redis_service" &>/dev/null if [ $? -eq 0 ]; then echo "systemd --> $redis_service is restarted." &>>/tmp/openvas_mail.out else echo "systemd --> $redis_service cannot restarted." | tee -a /tmp/openvas_mail.out echo -e "Subject:$MAIL_SUBJECT\n$(cat /tmp/openvas_mail.out)" | sendmail -t "$MAIL_TO" &>/dev/null exit 1 fi elif [[ -n "$redis_init" ]]; then rc-service redis stop sleep 5 rc-service redis start if [ $? -eq 0 ]; then echo "open-rc --> redis is restarted." &>>/tmp/openvas_mail.out else echo "open-rc --> redis cannot restarted." | tee -a /tmp/openvas_mail.out echo -e "Subject:$MAIL_SUBJECT\n$(cat /tmp/openvas_mail.out)" | sendmail -t "$MAIL_TO" &>/dev/null exit 1 fi fi openvassd "$OPENVAS_SCANNER_OPTIONS" "$OPENVAS_SCANNER_LISTEN_SOCKET" &>/dev/null fi if [ $? -eq 0 ]; then until [ "$(ps aux | grep -v 'grep' | grep -ow 'openvassd: Waiting')" = "openvassd: Waiting" ]; do sleep 10 echo "Waiting for OpenVAS-Scanner to become ready.." &>>/tmp/openvas_mail.out done echo "OpenVAS-Scanner is restarted." &>>/tmp/openvas_mail.out # Restart OpenVAS-Manager if [ $manager -eq 0 ]; then ps aux | grep -v "grep" | grep -P "(^|\s)\Kopenvasmd(?=\s|$)" | awk '{print $2}' | xargs kill -9 &>/dev/null sleep 5 systemctl restart openvasmd.service &>/dev/null if [ $? -eq 0 ]; then success="0" echo "systemd --> openvasmd.service is restarted" &>>/tmp/openvas_mail.out echo "OpenVAS CronJob Success!" | tee -a /tmp/openvas_mail.out echo -e "Subject:$MAIL_SUBJECT\n$(cat /tmp/openvas_mail.out)" | sendmail -t "$MAIL_TO" &>/dev/null else echo "systemd --> openvasmd.service cannot restarted" &>>/tmp/openvas_mail.out echo "OpenVAS CronJob Failed!" | tee -a /tmp/openvas_mail.out echo -e "Subject:$MAIL_SUBJECT\n$(cat /tmp/openvas_mail.out)" | sendmail -t "$MAIL_TO" &>/dev/null exit 1 fi elif [[ -n "$manager_service" ]]; then ps aux | grep -v "grep" | grep -P "(^|\s)\Kopenvasmd(?=\s|$)" | awk '{print $2}' | xargs kill -9 &>/dev/null sleep 5 systemctl restart "$manager_service" &>/dev/null if [ $? -eq 0 ]; then success="0" echo "systemd --> $manager_service is restarted" &>>/tmp/openvas_mail.out echo "OpenVAS CronJob Success!" | tee -a /tmp/openvas_mail.out echo -e "Subject:$MAIL_SUBJECT\n$(cat /tmp/openvas_mail.out)" | sendmail -t "$MAIL_TO" &>/dev/null else echo "systemd --> $manager_service cannot restarted" &>>/tmp/openvas_mail.out echo "OpenVAS CronJob Failed!" | tee -a /tmp/openvas_mail.out echo -e "Subject:$MAIL_SUBJECT\n$(cat /tmp/openvas_mail.out)" | sendmail -t "$MAIL_TO" &>/dev/null exit 1 fi elif [[ -n "$manager_init" ]]; then ps aux | grep -v "grep" | grep -P "(^|\s)\Kopenvasmd(?=\s|$)" | awk '{print $2}' | xargs kill -9 &>/dev/null sleep 5 rc-service openvasmd start &>/dev/null if [ $? -eq 0 ]; then success="0" echo "open-rc --> openvasmd is restarted" &>>/tmp/openvas_mail.out echo "OpenVAS CronJob Success!" | tee -a /tmp/openvas_mail.out echo -e "Subject:$MAIL_SUBJECT\n$(cat /tmp/openvas_mail.out)" | sendmail -t "$MAIL_TO" &>/dev/null else echo "open-rc --> openvasmd cannot restarted" &>>/tmp/openvas_mail.out echo "OpenVAS CronJob Failed!" | tee -a /tmp/openvas_mail.out echo -e "Subject:$MAIL_SUBJECT\n$(cat /tmp/openvas_mail.out)" | sendmail -t "$MAIL_TO" &>/dev/null exit 1 fi else ps aux | grep -v "grep" | grep -P "(^|\s)\Kopenvasmd(?=\s|$)" | awk '{print $2}' | xargs kill -9 &>/dev/null sleep 5 openvasmd "$OPENVAS_MANAGER_OPTIONS" "$OPENVAS_MANAGER_PORT" "$OPENVAS_MANAGER_LISTEN_ADDRESS" "$OPENVAS_MANAGER_SCANNER_HOST" "$OPENVAS_MANAGER_GNUTLS_PRIORITIES" &>/dev/null if [ $? -eq 0 ]; then success="0" echo "OpenVAS-Manager is restarted manually" &>>/tmp/openvas_mail.out echo "OpenVAS CronJob Success!" | tee -a /tmp/openvas_mail.out echo -e "Subject:$MAIL_SUBJECT\n$(cat /tmp/openvas_mail.out)" | sendmail -t "$MAIL_TO" &>/dev/null else echo "OpenVAS-Manager cannot restarted" &>>/tmp/openvas_mail.out echo "OpenVAS CronJob Failed!" | tee -a /tmp/openvas_mail.out echo -e "Subject:$MAIL_SUBJECT\n$(cat /tmp/openvas_mail.out)" | sendmail -t "$MAIL_TO" &>/dev/null exit 1 fi fi else echo "OpenVAS CronJob Failed! openvas-scanner cannot restarted" | tee -a /tmp/openvas_mail.out echo -e "Subject:$MAIL_SUBJECT\n$(cat /tmp/openvas_mail.out)" | sendmail -t "$MAIL_TO" &>/dev/null fi else echo "OpenVAS CronJob Failed! OpenVAS NVT cache build failed" | tee -a /tmp/openvas_mail.out echo -e "Subject:$MAIL_SUBJECT\n$(cat /tmp/openvas_mail.out)" | sendmail -t "$MAIL_TO" &>/dev/null fi else echo "OpenVAS CronJob Failed! OpenVAS Certdata sync failed!" | tee -a /tmp/openvas_mail.out echo -e "Subject:$MAIL_SUBJECT\n$(cat /tmp/openvas_mail.out)" | sendmail -t "$MAIL_TO" &>/dev/null fi else echo "OpenVAS CronJob Failed! OpenVAS Scapdata sync failed!" | tee -a /tmp/openvas_mail.out echo -e "Subject:$MAIL_SUBJECT\n$(cat /tmp/openvas_mail.out)" | sendmail -t "$MAIL_TO" &>/dev/null fi else echo "OpenVAS CronJob Failed! OpenVAS NVT sync update failed!" | tee -a /tmp/openvas_mail.out echo -e "Subject:$MAIL_SUBJECT\n$(cat /tmp/openvas_mail.out)" | sendmail -t "$MAIL_TO" &>/dev/null fi rm -rf /tmp/openvas_mail.out # Restart WebUI if [[ -n "$success" ]] && [ $gsad -eq 0 ]; then WHICHA="$(type gsad | awk '{print $3}')" if [ $assistant -eq 0 ]; then # Time to restart OpenVAS-Security Assistant ps aux | grep -v "grep" | grep -P "(^|\s)\K$WHICHA(?=\s|$)" | awk '{print $2}' | xargs kill -9 &>/dev/null sleep 5 systemctl restart gsad.service &>/dev/null if [ $? -eq 0 ]; then echo "systemd --> gsad.service (OpenVAS WebUI) is restarted" | tee -a /tmp/openvas_mail.out echo -e "Subject:$MAIL_SUBJECT\n$(cat /tmp/openvas_mail.out)" | sendmail -t "$MAIL_TO" &>/dev/null else echo "systemd --> gsad.service (OpenVAS-WebUI) cannot restarted" | tee -a /tmp/openvas_mail.out echo -e "Subject:$MAIL_SUBJECT\n$(cat /tmp/openvas_mail.out)" | sendmail -t "$MAIL_TO" &>/dev/null fi elif [[ -n "$assistant_service" ]]; then if [ $COUNTA -eq 1 ]; then ps aux | grep -v "grep" | grep -P "(^|\s)\K$WHICHA(?=\s|$)" | awk '{print $2}' | xargs kill -9 &>/dev/null sleep 5 systemctl restart "$assistant_service" &>/dev/null if [ $? -eq 0 ]; then echo "systemd --> $assistant_service (OpenVAS WebUI) is restarted" | tee -a /tmp/openvas_mail.out echo -e "Subject:$MAIL_SUBJECT\n$(cat /tmp/openvas_mail.out)" | sendmail -t "$MAIL_TO" &>/dev/null else echo "systemd --> $assistan_service (OpenVAS WebUI) cannot restarted." | tee -a /tmp/openvas_mail.out echo -e "Subject:$MAIL_SUBJECT\n$(cat /tmp/openvas_mail.out)" | sendmail -t "$MAIL_TO" &>/dev/null fi else echo "systemd --> OpenVAS WebUI cannot restarted! You have multiple enabled systemd services ($assistant_service)" | tee -a /tmp/openvas_mail.out echo -e "Subject:$MAIL_SUBJECT\n$(cat /tmp/openvas_mail.out)" | sendmail -t "$MAIL_TO" &>/dev/null exit 1 fi elif [[ -n "$assistant_init" ]]; then ps aux | grep -v "grep" | grep -P "(^|\s)\K$WHICHA(?=\s|$)" | awk '{print $2}' | xargs kill -9 &>/dev/null sleep 5 rc-service gsad start &>/dev/null if [ $? -eq 0 ]; then echo "open-rc --> gsad (OpenVAS WebUI) is restarted" | tee -a /tmp/openvas_mail.out echo -e "Subject:$MAIL_SUBJECT\n$(cat /tmp/openvas_mail.out)" | sendmail -t "$MAIL_TO" &>/dev/null else echo "open-rc --> gsad (OpenVAS WebUI) cannot restarted." | tee -a /tmp/openvas_mail.out echo -e "Subject:$MAIL_SUBJECT\n$(cat /tmp/openvas_mail.out)" | sendmail -t "$MAIL_TO" &>/dev/null fi else ps aux | grep -v "grep" | grep -P "(^|\s)\K$WHICHA(?=\s|$)" | awk '{print $2}' | xargs kill -9 &>/dev/null sleep 5 gsad "$OPENVAS_SECURITY_ASSISTANT_OPTIONS" "$OPENVAS_SECURITY_ASSISTANT_LISTEN_ADDRESS" "$OPENVAS_SECURITY_ASSISTANT_LISTEN_PORT" "$OPENVAS_SECURITY_ASSISTANT_MANAGER_LISTEN_ADDRESS" "$OPENVAS_SECURITY_ASSISTANT_MANAGER_LISTEN_PORT" "$OPENVAS_SECURITY_ASSISTANT_GNUTLS_PRIORITIES" &>/dev/null if [ $? -eq 0 ]; then echo "OpenVAS WebUI is restarted" | tee -a /tmp/openvas_mail.out echo -e "Subject:$MAIL_SUBJECT\n$(cat /tmp/openvas_mail.out)" | sendmail -t "$MAIL_TO" &>/dev/null else echo "OpenVAS WebUI cannot restarted" | tee -a /tmp/openvas_mail.out echo -e "Subject:$MAIL_SUBJECT\n$(cat /tmp/openvas_mail.out)" | sendmail -t "$MAIL_TO" &>/dev/null fi fi rm -rf /tmp/openvas_mail.out fi