Опишу порядок действий по обновлению Greenbone Vulnerability Management (GVM) до актуальной версии.
Обновление GVM буду производить с версии 22.4.1 до 22.7.3 (самая актуальная на дату написания статьи). Все действия ниже будут выполняться от root.
Сперва останавливаем службы GVM:
systemctl stop notus-scanner systemctl stop ospd-openvas systemctl stop gvmd systemctl stop gsad
Greenbone Security Assistant (GSA) требуется установленная версия NodeJS >= v18.x. В моем случае NodeJS была установлена версии v14.x., если у вас так же, то выполняем обновление NodeJS до v18.x.:
export NODE_VERSION=node_18.x export KEYRING=/usr/share/keyrings/nodesource.gpg export DISTRIBUTION="$(lsb_release -s -c)" curl -fsSL https://deb.nodesource.com/gpgkey/nodesource.gpg.key | gpg --dearmor | sudo tee "$KEYRING" >/dev/null gpg --no-default-keyring --keyring "$KEYRING" --list-keys echo "deb [signed-by=$KEYRING] https://deb.nodesource.com/$NODE_VERSION $DISTRIBUTION main" | sudo tee /etc/apt/sources.list.d/nodesource.list echo "deb-src [signed-by=$KEYRING] https://deb.nodesource.com/$NODE_VERSION $DISTRIBUTION main" | sudo tee -a /etc/apt/sources.list.d/nodesource.list apt-get update && apt-get upgrade node -v
Для удобства создадим каталог для размещения актуальных версий пакетов входящих в состав GVM и скачиваем исходников пакетов и распаковываем их:
mkdir -p /opt/update cd /opt/update/ export GVM_LIBS_VERSION=$(curl -s https://api.github.com/repos/greenbone/gvm-libs/releases/latest | grep -Po '"tag_name":.*?[^\\]",' | awk '{print $2}' | sed 's/^..\(.*\)..$/\1/') export GVMD_VERSION=$(curl -s https://api.github.com/repos/greenbone/gvmd/releases/latest | grep -Po '"tag_name":.*?[^\\]",' | awk '{print $2}' | sed 's/^..\(.*\)..$/\1/') export PG_GVM_VERSION=$(curl -s https://api.github.com/repos/greenbone/pg-gvm/releases/latest | grep -Po '"tag_name":.*?[^\\]",' | awk '{print $2}' | sed 's/^..\(.*\)..$/\1/') export GSA_VERSION=$(curl -s https://api.github.com/repos/greenbone/gsa/releases/latest | grep -Po '"tag_name":.*?[^\\]",' | awk '{print $2}' | sed 's/^..\(.*\)..$/\1/') export GSAD_VERSION=$(curl -s https://api.github.com/repos/greenbone/gsad/releases/latest | grep -Po '"tag_name":.*?[^\\]",' | awk '{print $2}' | sed 's/^..\(.*\)..$/\1/') export OPENVAS_SMB_VERSION=$(curl -s https://api.github.com/repos/greenbone/openvas-smb/releases/latest | grep -Po '"tag_name":.*?[^\\]",' | awk '{print $2}' | sed 's/^..\(.*\)..$/\1/') export OPENVAS_SCANNER_VERSION=$(curl -s https://api.github.com/repos/greenbone/openvas-scanner/releases/latest | grep -Po '"tag_name":.*?[^\\]",' | awk '{print $2}' | sed 's/^..\(.*\)..$/\1/') export OSPD_OPENVAS_VERSION=$(curl -s https://api.github.com/repos/greenbone/ospd-openvas/releases/latest | grep -Po '"tag_name":.*?[^\\]",' | awk '{print $2}' | sed 's/^..\(.*\)..$/\1/') export NOTUS_VERSION=$(curl -s https://api.github.com/repos/greenbone/notus-scanner/releases/latest | grep -Po '"tag_name":.*?[^\\]",' | awk '{print $2}' | sed 's/^..\(.*\)..$/\1/') echo $GVM_LIBS_VERSION echo $GVMD_VERSION echo $PG_GVM_VERSION echo $GSA_VERSION echo $GSAD_VERSION echo $OPENVAS_SMB_VERSION echo $OPENVAS_SCANNER_VERSION echo $OSPD_OPENVAS_VERSION echo $NOTUS_VERSION curl -f -L https://github.com/greenbone/gvm-libs/archive/refs/tags/v$GVM_LIBS_VERSION.tar.gz -o gvm-libs-$GVM_LIBS_VERSION.tar.gz curl -f -L https://github.com/greenbone/gvmd/archive/refs/tags/v$GVMD_VERSION.tar.gz -o gvmd-$GVMD_VERSION.tar.gz curl -f -L https://github.com/greenbone/pg-gvm/archive/refs/tags/v$PG_GVM_VERSION.tar.gz -o pg-gvm-$PG_GVM_VERSION.tar.gz curl -f -L https://github.com/greenbone/gsa/archive/refs/tags/v$GSA_VERSION.tar.gz -o gsa-$GSA_VERSION.tar.gz curl -f -L https://github.com/greenbone/gsad/archive/refs/tags/v$GSAD_VERSION.tar.gz -o gsad-$GSAD_VERSION.tar.gz curl -f -L https://github.com/greenbone/openvas-smb/archive/refs/tags/v$OPENVAS_SMB_VERSION.tar.gz -o openvas-smb-$OPENVAS_SMB_VERSION.tar.gz curl -f -L https://github.com/greenbone/openvas-scanner/archive/refs/tags/v$OPENVAS_SCANNER_VERSION.tar.gz -o openvas-scanner-$OPENVAS_SCANNER_VERSION.tar.gz curl -f -L https://github.com/greenbone/ospd-openvas/archive/refs/tags/v$OSPD_OPENVAS_VERSION.tar.gz -o ospd-openvas-$OSPD_OPENVAS_VERSION.tar.gz curl -f -L https://github.com/greenbone/notus-scanner/archive/refs/tags/v$NOTUS_VERSION.tar.gz -o notus-scanner-$NOTUS_VERSION.tar.gz tar -xvzf gvm-libs-$GVM_LIBS_VERSION.tar.gz && mv gvm-libs-$GVM_LIBS_VERSION gvm-libs tar -xvzf gvmd-$GVMD_VERSION.tar.gz && mv gvmd-$GVMD_VERSION gvmd tar -xvzf pg-gvm-$PG_GVM_VERSION.tar.gz && mv pg-gvm-$PG_GVM_VERSION pg-gvm tar -xvzf gsa-$GSA_VERSION.tar.gz && mv gsa-$GSA_VERSION gsa tar -xvzf gsad-$GSAD_VERSION.tar.gz && mv gsad-$GSAD_VERSION gsad tar -xvzf openvas-smb-$OPENVAS_SMB_VERSION.tar.gz && mv openvas-smb-$OPENVAS_SMB_VERSION openvas-smb tar -xvzf openvas-scanner-$OPENVAS_SCANNER_VERSION.tar.gz && mv openvas-scanner-$OPENVAS_SCANNER_VERSION openvas-scanner tar -xvzf ospd-openvas-$OSPD_OPENVAS_VERSION.tar.gz && mv ospd-openvas-$OSPD_OPENVAS_VERSION ospd-openvas tar -xvzf notus-scanner-$NOTUS_VERSION.tar.gz && mv notus-scanner-$NOTUS_VERSION notus-scanner