1gvmd(8) System Manager's Manual gvmd(8)
2
6 gvmd - Greenbone Vulnerability Manager daemon
7
9 gvmd OPTIONS
10
12 The Greenbone Vulnerability Manager is the central management service
13 between security scanners and the user clients.
14 It manages the storage of any vulnerability management configurations
16 and of the scan results. Access to data, control commands and workflows
17 is offered via the XML-based Greenbone Management Protocol (GMP). The
18 primary scanner 'OpenVAS Scanner' is controlled directly via protocol
19 OTP while any other remote scanner is coupled with the Open Scanner
20 Protocol (OSP).
21
23 -h, --help
24 Show help options.
25 --check-alerts
27 Check SecInfo alerts.
28 --client-watch-interval=NUMBER
30 Check if client connection was closed every NUMBER seconds. 0 to
31 disable. Defaults to 1 second.
32 --create-scanner=SCANNER
34 Create global scanner SCANNER and exit.
35 --create-user=USERNAME
37 Create admin user USERNAME and exit.
38 -d, --database=NAME
40 Use NAME as database for PostgreSQL.
41 --delete-scanner=SCANNER-UUID
43 Delete scanner SCANNER-UUID and exit.
44 --delete-user=USERNAME
46 Delete user USERNAME and exit.
47 --dh-params=FILE
49 Diffie-Hellman parameters file
50 --disable-cmds=COMMANDS
52 Disable comma-separated COMMANDS.
53 --disable-encrypted-credentials
55 Do not encrypt or decrypt credentials.
56 --disable-password-policy
58 Do not restrict passwords to the policy.
59 --disable-scheduling
61 Disable task scheduling.
62 --encrypt-all-credentials
64 (Re-)Encrypt all credentials.
65 -f, --foreground
67 Run in foreground.
68 --get-scanners
70 List scanners and exit.
71 --get-users
73 List users and exit.
74 --gnutls-priorities=PRIORITIES-STRING
76 Sets the GnuTLS priorities for the Manager socket.
77 --inheritor=USERNAME
79 Have USERNAME inherit from deleted user.
80 -a, --listen=ADDRESS
82 Listen on ADDRESS.
83 --listen2=ADDRESS
85 Listen also on ADDRESS.
86 --listen-group=STRING
88 Group of the unix socket
89 --listen-mode=STRING
91 File mode of the unix socket
92 --listen-owner=STRING
94 Owner of the unix socket
95 --max-email-attachment-size=NUMBER
97 Maximum size of alert email attachments, in bytes.
98 --max-email-include-size=NUMBER
100 Maximum size of inlined content in alert emails, in bytes.
101 --max-email-message-size=NUMBER
103 Maximum size of user-defined message text in alert emails, in
104 bytes.
105 --max-ips-per-target=NUMBER
107 Maximum number of IPs per target.
108 -m, --migrate
110 Migrate the database and exit.
111 --modify-scanner=SCANNER-UUID
113 Modify scanner SCANNER-UUID and exit.
114 --modify-setting=UUID
116 Modify setting UUID and exit.
117 --new-password=PASSWORD
119 Modify user's password and exit.
120 --new-password=PASSWORD
122 Modify user's password and exit.
123 --optimize=NAME
125 Run an optimization: vacuum, analyze, cleanup-config-prefs,
126 cleanup-port-names, cleanup-report-formats, cleanup-result-
127 severities, cleanup-schedule-times, rebuild-report-cache or
128 update-report-cache.
129 --osp-vt-update=SCANNER-SOCKET
131 Unix socket for OSP NVT update. Defaults to the path of the
132 'OpenVAS Default' scanner if it is an absolute path.
133 --password=PASSWORD
135 Password, for --create-user.
136 -p, --port=NUMBER
138 Use port number NUMBER.
139 --port2=NUMBER
141 Use port number NUMBER for address 2.
142 --relay-mapper=FILE
144 Executable for mapping scanner hosts to relays. Use an empty
145 string to explicitly disable. If the option is not given, $PATH
146 is checked for gvm-relay-mapper.
147 --role=ROLE
149 Role for --create-user and --get-users.
150 --scanner-ca-pub=SCANNER-CA-PUB
152 Scanner CA Certificate path for --[create|modify]-scanner.
153 --scanner-host=SCANNER-HOST
155 Scanner host for --create-scanner and --modify-scanner.
156 --scanner-key-priv=SCANNER-KEY-PRIVATE
158 Scanner private key path for --[create|modify]-scanner.
159 --scanner-key-pub=SCANNER-KEY-PUBLIC
161 Scanner Certificate path for --[create|modify]-scanner.
162 --scanner-name=NAME
164 Name for --modify-scanner.
165 --scanner-port=SCANNER-PORT
167 Scanner port for --create-scanner and --modify-scanner.
168 --scanner-type=SCANNER-TYPE
170 Scanner type for --create-scanner and --modify-scanner.
171 --schedule-timeout=TIME
173 Time out tasks that are more than TIME minutes overdue. -1 to
174 disable, 0 for minimum time.
175 --secinfo-commit-size=NUMBER
177 During CERT and SCAP sync, commit updates to the database every
178 NUMBER items, 0 for unlimited.
179 --slave-commit-size=NUMBER
181 During slave updates, commit after every NUMBER updated results
182 and hosts, 0 for unlimited.
183 -c, --unix-socket=FILENAME
185 Listen on UNIX socket at FILENAME.
186 --user=USERNAME
188 User for --new-password.
189 --value=VALUE
191 User for --new-password.
192 --verbose
194 Has no effect. See INSTALL.md for logging config.
195 --verify-scanner=SCANNER-UUID
197 Verify scanner SCANNER-UUID and exit.
198 --version
200 Print version and exit.
201
203 SIGHUP causes gvmd to rebuild the database with information from the
204 Scanner (openvassd).
205
207 gvmd --port 1241
208 Serve GMP clients on port 1241 and connect to an OpenVAS scanner via
210 the default OTP file socket.
211
213 openvassd(8), gsad(8), gvm-cli(8),
214
216 The canonical places where you will find more information about the
217 Greenbone Vulnerability Manager are:
218 https://community.greenbone.net (Community portal)
220 https://github.com/greenbone (Development Platform)
222 https://greenbone.net (Greenbone website)
224
226 The Greenbone Vulnerability Manager is released under the GNU GPL, ver‐
227 sion 2, or, at your option, any later version.
228Manuals User gvmd(8)