anithegregorian · September 5, 2020 08:16
diff --git a/install_gvm_only.sh b/install_gvm_only.sh
 #!/bin/bash
 ######################################################################
 # Script to install Greenbone/OpenVAS on Ubuntu 20.04
 #
 # Note: run as root
 #
 # Usage: sudo ./install_gvm.sh 
 #
 # Based on:
 # https://kifarunix.com/install-and-setup-gvm-11-on-ubuntu-20-04/?amp
 #
 # Works-for-me as of 2020-05-12. Your experience may be different.
 # Use at your own risk.
 #
 # Licensed under GPLv3 or later
 ######################################################################

 useradd -r -d /opt/gvm -c "GVM (OpenVAS) User" -s /bin/bash gvm
 mkdir /opt/gvm
 chown gvm:gvm /opt/gvm

 sudo -Hiu postgres createuser gvm
 sudo -Hiu postgres createdb -O gvm gvmd
 sudo -Hiu postgres psql -c 'create role dba with superuser noinherit;' gvmd
 sudo -Hiu postgres psql -c 'grant dba to gvm;' gvmd
 sudo -Hiu postgres psql -c 'create extension "uuid-ossp";' gvmd
 systemctl restart postgresql
 systemctl enable postgresql
 sed -i 's/\"$/\:\/opt\/gvm\/bin\:\/opt\/gvm\/sbin\:\/opt\/gvm\/\.local\/bin\"/g' /etc/environment
 echo "/opt/gvm/lib" > /etc/ld.so.conf.d/gvm.conf
 sudo -Hiu gvm mkdir /tmp/gvm-source
 cd /tmp/gvm-source

 sudo -Hiu gvm cp --recursive /opt/gvm/* /tmp/gvm-source/
 sudo -Hiu gvm touch /opt/gvm/.bashrc
 sudo -Hiu gvm mv /opt/gvm/.bashrc /opt/gvm/.bashrc.bak # save original bashrc file 
 sudo -Hiu gvm touch /opt/gvm/.bashrc
 sudo -Hiu gvm echo "export PKG_CONFIG_PATH=/opt/gvm/lib/pkgconfig:$PKG_CONFIG_PATH" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc

 # Build and Install GVM 11 Libraries
 sudo -Hiu gvm echo "cd gvm-libs" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc
 sudo -Hiu gvm echo "mkdir build" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc
 sudo -Hiu gvm echo "cd build" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc
 sudo -Hiu gvm echo "cmake .. -DCMAKE_INSTALL_PREFIX=/opt/gvm" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc
 sudo -Hiu gvm echo "make" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc
 sudo -Hiu gvm echo "make install" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc

 # Build and Install OpenVAS and OpenVAS SMB
 sudo -Hiu gvm echo "cd ../../openvas-smb/" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc
 sudo -Hiu gvm echo "mkdir build" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc
 sudo -Hiu gvm echo "cd build" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc
 sudo -Hiu gvm echo "cmake .. -DCMAKE_INSTALL_PREFIX=/opt/gvm" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc
 sudo -Hiu gvm echo "make" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc
 sudo -Hiu gvm echo "make install" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc
 sudo -Hiu gvm echo "cd ../../openvas" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc
 sudo -Hiu gvm echo "mkdir build" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc
 sudo -Hiu gvm echo "cd build" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc
 sudo -Hiu gvm echo "cmake .. -DCMAKE_INSTALL_PREFIX=/opt/gvm" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc
 sudo -Hiu gvm echo "make" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc
 sudo -Hiu gvm echo "make install" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc
 sudo -Hiu gvm echo "sed -i 's/set (CMAKE_C_FLAGS_DEBUG\s.*\"\${CMAKE_C_FLAGS_DEBUG} \${COVERAGE_FLAGS}\")/set (CMAKE_C_FLAGS_DEBUG \"\${CMAKE_C_FLAGS_DEBUG} -Werror -Wno-error=deprecated-declarations\")/g' ../../openvas/CMakeLists.txt" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc
 sudo -Hiu gvm echo "make" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc
 sudo -Hiu gvm echo "make install" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc
 # Leave gvm environment and clean up
 sudo -Hiu gvm echo "exit" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc
 su gvm
 sudo -Hiu gvm rm /opt/gvm/.bashrc
 sudo -Hiu gvm mv /opt/gvm/.bashrc.bak /opt/gvm/.bashrc

 # Configuring OpenVAS
 ldconfig
 cp /tmp/gvm-source/openvas/config/redis-openvas.conf /etc/redis/
 chown redis:redis /etc/redis/redis-openvas.conf
 echo "db_address = /run/redis-openvas/redis.sock" > /opt/gvm/etc/openvas/openvas.conf
 chown gvm:gvm /opt/gvm/etc/openvas/openvas.conf
 usermod -aG redis gvm
 echo "net.core.somaxconn = 1024" >> /etc/sysctl.conf
 echo 'vm.overcommit_memory = 1' >> /etc/sysctl.conf
 sysctl -p
 touch /etc/systemd/system/disable_thp.service
 echo "[Unit]" > /etc/systemd/system/disable_thp.service
 echo "Description=Disable Kernel Support for Transparent Huge Pages (THP)" >> /etc/systemd/system/disable_thp.service
 echo -e "\n" >> /etc/systemd/system/disable_thp.service
 echo "[Service]" >> /etc/systemd/system/disable_thp.service
 echo "Type=simple" >> /etc/systemd/system/disable_thp.service
 echo -e "ExecStart=/bin/sh -c \"echo 'never' > /sys/kernel/mm/transparent_hugepage/enabled && echo 'never' > /sys/kernel/mm/transparent_hugepage/defrag\"" >> /etc/systemd/system/disable_thp.service
 echo -e "\n" >> /etc/systemd/system/disable_thp.service
 echo "[Install]" >> /etc/systemd/system/disable_thp.service
 echo "WantedBy=multi-user.target" >> /etc/systemd/system/disable_thp.service
 systemctl daemon-reload
 systemctl enable --now disable_thp
 systemctl start redis-server@openvas
 systemctl enable redis-server@openvas
 echo "gvm ALL = NOPASSWD: /opt/gvm/sbin/openvas" > /etc/sudoers.d/gvm
 sed 's/Defaults\s.*secure_path=\"\/usr\/local\/sbin:\/usr\/local\/bin:\/usr\/sbin:\/usr\/bin:\/sbin:\/bin:\/snap\/bin\"/Defaults secure_path=\"\/usr\/local\/sbin:\/usr\/local\/bin:\/usr\/sbin:\/usr\/bin:\/sbin:\/bin:\/snap\/bin:\/opt\/gvm\/sbin\"/g' /etc/sudoers | EDITOR='tee' visudo
 echo "gvm ALL = NOPASSWD: /opt/gvm/sbin/gsad" >> /etc/sudoers.d/gvm

 #Update OpenVAS NVTs
 sudo -Hiu gvm touch /opt/gvm/.bashrc
 sudo -Hiu gvm mv /opt/gvm/.bashrc /opt/gvm/.bashrc.bak # save original bashrc file 
 sudo -Hiu gvm touch /opt/gvm/.bashrc

 # This next command fails in get_community_feed function in greenbone-nvt-sync if the
 # rsync calls are too close together as only one connection is allowed at a time. So we
 # need to add a sleep command in that file to pause the sync so that the NAT connection can close
 # file is in /opt/gvm/bin and the line to edit is 364. More info can be found by searching
 # greenbone-nvt-sync rsync connection refused
 #
 # add in the following
 #  # sleep to allow NAT connection to close                                                                                                                                                   
 #  sleep 300
 sudo -Hiu gvm echo "sed -i '364isleep 300' /opt/gvm/bin/greenbone-nvt-sync" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc
 sudo -Hiu gvm echo "Sleeping for 5 minutes" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc
 sudo -Hiu gvm echo "More info can be found by searching greenbone-nvt-sync rsync connection refused on Google" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc
 sudo -Hiu gvm echo "greenbone-nvt-sync" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc


 sudo -Hiu gvm echo "sudo openvas --update-vt-info" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc

 # Build and Install Greenbone Vulnerability Manager
 sudo -Hiu gvm echo "export PKG_CONFIG_PATH=/opt/gvm/lib/pkgconfig:$PKG_CONFIG_PATH" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc
 sudo -Hiu gvm echo "cd /tmp/gvm-source/gvmd" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc
 sudo -Hiu gvm echo "mkdir build" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc
 sudo -Hiu gvm echo "cd build" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc
 sudo -Hiu gvm echo "cmake .. -DCMAKE_INSTALL_PREFIX=/opt/gvm" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc
 sudo -Hiu gvm echo "make" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc
 sudo -Hiu gvm echo "make install" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc

 # Build and Install Greenbone Secuirty Assistant
 sudo -Hiu gvm echo "cd ../../gsa" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc
 sudo -Hiu gvm echo "mkdir build" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc
 sudo -Hiu gvm echo "cd build" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc
 sudo -Hiu gvm echo "cmake .. -DCMAKE_INSTALL_PREFIX=/opt/gvm" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc
 sudo -Hiu gvm echo "make" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc
 sudo -Hiu gvm echo "make install" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc

 # Update GVM CERT and SCAP data from the feed servers
 sudo -Hiu gvm echo "echo Sleeping 5 minutes" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc
 sudo -Hiu gvm echo "echo More info can be found by searching greenbone-nvt-sync rsync connection refused on Google" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc
 sudo -Hiu gvm echo "sleep 300" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc # allow a NAT connection to close
 sudo -Hiu gvm echo "sed -i '368isleep 120' /opt/gvm/sbin/greenbone-scapdata-sync" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc
 sudo -Hiu gvm echo "echo Sleeping 2 minutes" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc
 sudo -Hiu gvm echo "echo More info can be found by searching greenbone-nvt-sync rsync connection refused on Google" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc
 sudo -Hiu gvm echo "greenbone-scapdata-sync" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc
 sudo -Hiu gvm echo "echo Sleeping 5 minutes" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc
 sudo -Hiu gvm echo "echo More info can be found by searching greenbone-nvt-sync rsync connection refused on Google" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc
 sudo -Hiu gvm echo "sleep 300" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc # allow a NAT connection to close
 sudo -Hiu gvm echo "greenbone-certdata-sync" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc
 # Add sleep to future greenbone-certdata-sync calls (https://github.com/yu210148/gvm_install/issues/2 --Thanks kirk56k)
 sudo -Hiu gvm echo "sed -i '349isleep 300' /opt/gvm/sbin/greenbone-certdata-sync" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc

 # Set cron jobs to run once daily at random times
 HOUR=$(shuf -i 0-23 -n 1)
 MINUTE=$(shuf -i 0-59 -n 1)
 sudo -Hiu gvm echo "(crontab -l 2>/dev/null; echo \"${MINUTE} ${HOUR} * * * /opt/gvm/sbin/greenbone-scapdata-sync\") | crontab -" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc

 HOUR=$(shuf -i 0-23 -n 1)
 MINUTE=$(shuf -i 0-59 -n 1)
 sudo -Hiu gvm echo "(crontab -l 2>/dev/null; echo \"${MINUTE} ${HOUR} * * * /opt/gvm/bin/greenbone-nvt-sync\") | crontab -" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc

 HOUR=$(shuf -i 0-23 -n 1)
 MINUTE=$(shuf -i 0-59 -n 1)
 sudo -Hiu gvm echo "(crontab -l 2>/dev/null; echo \"${MINUTE} ${HOUR} * * * /opt/gvm/sbin/greenbone-certdata-sync\") | crontab -" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc

 # I know this is kludgy as this should be run after the nvt sync but if it gets 
 # run once a day that should do
 HOUR=$(shuf -i 0-23 -n 1)
 MINUTE=$(shuf -i 0-59 -n 1)
 sudo -Hiu gvm echo "(crontab -l 2>/dev/null; echo \"${MINUTE} ${HOUR} * * * /usr/bin/sudo /opt/gvm/sbin/openvas --update-vt-info\") | crontab -" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc

 # Configure certs
 sudo -Hiu gvm echo "gvm-manage-certs -a" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc

 # Build and Install OSPd and OSPd-OpenVAS

 sudo -Hiu gvm echo "export PKG_CONFIG_PATH=/opt/gvm/lib/pkgconfig:$PKG_CONFIG_PATH" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc

 sudo -Hiu gvm echo "mkdir -p /opt/gvm/lib/python3.8/site-packages/" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc
 sudo -Hiu gvm echo "export PYTHONPATH=/opt/gvm/lib/python3.8/site-packages" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc
 sudo -Hiu gvm echo "cd /tmp/gvm-source/ospd" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc 
 sudo -Hiu gvm echo "python3 setup.py install --prefix=/opt/gvm" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc

 sudo -Hiu gvm echo "cd ../ospd-openvas" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc
 sudo -Hiu gvm echo "python3 setup.py install --prefix=/opt/gvm" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc

 # Start OpenVAS Scanner, GSA and GVM services
 # Start OpenVAS
 sudo -Hiu gvm echo "/usr/bin/python3 /opt/gvm/bin/ospd-openvas --pid-file /opt/gvm/var/run/ospd-openvas.pid --log-file /opt/gvm/var/log/gvm/ospd-openvas.log --lock-file-dir /opt/gvm/var/run -u /opt/gvm/var/run/ospd.sock" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc
 # Start GVM
 sudo -Hiu gvm echo "gvmd --osp-vt-update=/opt/gvm/var/run/ospd.sock" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc
 # Start GSA
 sudo -Hiu gvm echo "sudo gsad" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc

 # Check the status
 sudo -Hiu gvm echo "ps aux | grep -E \"ospd-openvas|gsad|gvmd\" | grep -v grep" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc

 # Wait a moment for the above to start up
 sudo -Hiu gvm echo "sleep 10" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc

 # Create GVM Scanner
 sudo -Hiu gvm echo -e "gvmd --create-scanner=\"Created OpenVAS Scanner\" --scanner-type=\"OpenVAS\" --scanner-host=/opt/gvm/var/run/ospd.sock" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc

 sudo -Hiu gvm echo "gvmd --get-scanners" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc

 # Verify newly created scanner
 sudo -Hiu gvm echo -e "UUID=\$(gvmd --get-scanners | grep Created | awk '{print \$\1}')" | sed 's/\\//g' | sudo -Hiu gvm tee -a /opt/gvm/.bashrc

 # Wait a moment then verify the scanner
 sudo -Hiu gvm echo "sleep 10" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc
 sudo -Hiu gvm echo -e "gvmd --verify-scanner=UUID" | sed 's/UUID/\$UUID/g' | sudo -Hiu gvm tee -a /opt/gvm/.bashrc

 # Create OpenVAS (GVM 11) Admin
 sudo -Hiu gvm echo -e "gvmd --create-user gvmadmin --password=StrongPass" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc

 # Leave gvm environment and clean up
 sudo -Hiu gvm echo "exit" | sudo -Hiu gvm tee -a /opt/gvm/.bashrc
 su gvm
 # Debugging
 #sudo -Hiu gvm mv /opt/gvm/.bashrc /opt/gvm/just-ran-bashrc.txt
 sudo -Hiu gvm rm /opt/gvm/.bashrc
 sudo -Hiu gvm mv /opt/gvm/.bashrc.bak /opt/gvm/.bashrc

 # Set firewall to allow access on port 443 and 22
 ufw allow 443
 ufw allow 22
 ufw --force enable

 # Create systemd services for OpenVAS Scanner, GSA, and GVM services
 echo "[Unit]" > /etc/systemd/system/openvas.service
 echo "Description=Control the OpenVAS service" >> /etc/systemd/system/openvas.service
 echo "After=redis.service" >> /etc/systemd/system/openvas.service
 echo "After=postgresql.service" >> /etc/systemd/system/openvas.service
 echo -e "\n" >> /etc/systemd/system/openvas.service
 echo "[Service]" >> /etc/systemd/system/openvas.service
 echo "ExecStartPre=-rm /opt/gvm/var/run/ospd-openvas.pid /opt/gvm/var/run/ospd.sock /opt/gvm/var/run/gvmd.sock" >> /etc/systemd/system/openvas.service
 echo "Type=simple" >> /etc/systemd/system/openvas.service
 echo "User=gvm" >> /etc/systemd/system/openvas.service
 echo "Group=gvm" >> /etc/systemd/system/openvas.service
 echo "Environment=PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/opt/gvm/bin:/opt/gvm/sbin:/opt/gvm/.local/bin" >> /etc/systemd/system/openvas.service
 echo "Environment=PYTHONPATH=/opt/gvm/lib/python3.8/site-packages" >> /etc/systemd/system/openvas.service
 echo -e "ExecStart=/usr/bin/python3 /opt/gvm/bin/ospd-openvas --pid-file /opt/gvm/var/run/ospd-openvas.pid --log-file /opt/gvm/var/log/gvm/ospd-openvas.log --lock-file-dir /opt/gvm/var/run -u /opt/gvm/var/run/ospd.sock" >> /etc/systemd/system/openvas.service
 echo "RemainAfterExit=yes" >> /etc/systemd/system/openvas.service
 echo -e "\n" >> /etc/systemd/system/openvas.service
 echo "[Install]" >> /etc/systemd/system/openvas.service
 echo "WantedBy=multi-user.target" >> /etc/systemd/system/openvas.service

 echo "[Unit]" > /etc/systemd/system/gvm.service
 echo "Description=Control the OpenVAS GVM service" >> /etc/systemd/system/gvm.service
 echo "After=openvas.service" >> /etc/systemd/system/gvm.service
 echo -e "\n" >> /etc/systemd/system/gvm.service
 echo "[Service]" >> /etc/systemd/system/gvm.service
 echo "Type=simple" >> /etc/systemd/system/gvm.service
 echo "User=gvm" >> /etc/systemd/system/gvm.service
 echo "Group=gvm" >> /etc/systemd/system/gvm.service
 echo "Environment=PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/opt/gvm/bin:/opt/gvm/sbin:/opt/gvm/.local/bin" >> /etc/systemd/system/gvm.service
 echo "Environment=PYTHONPATH=/opt/gvm/lib/python3.8/site-packages" >> /etc/systemd/system/gvm.service
 echo -e "ExecStart=/opt/gvm/sbin/gvmd --osp-vt-update=/opt/gvm/var/run/ospd.sock" >> /etc/systemd/system/gvm.service
 echo "RemainAfterExit=yes" >> /etc/systemd/system/gvm.service
 echo -e "\n" >> /etc/systemd/system/gvm.service
 echo "[Install]" >> /etc/systemd/system/gvm.service
 echo "WantedBy=multi-user.target" >> /etc/systemd/system/gvm.service

 echo "[Unit]" > /etc/systemd/system/gvm.path
 echo "Description=Start the OpenVAS GVM service when opsd.sock is available" >> /etc/systemd/system/gvm.path
 echo -e "\n" >> /etc/systemd/system/gvm.path
 echo "[Path]" >> /etc/systemd/system/gvm.path
 echo "PathChanged=/opt/gvm/var/run/ospd.sock" >> /etc/systemd/system/gvm.path
 echo "Unit=gvm.service" >> /etc/systemd/system/gvm.path
 echo -e "\n" >> /etc/systemd/system/gvm.path
 echo "[Install]" >> /etc/systemd/system/gvm.path
 echo "WantedBy=multi-user.target" >> /etc/systemd/system/gvm.path

 echo "[Unit]" > /etc/systemd/system/gsa.service
 echo "Description=Control the OpenVAS GSA service" >> /etc/systemd/system/gsa.service
 echo "After=openvas.service" >> /etc/systemd/system/gsa.service
 echo -e "\n" >> /etc/systemd/system/gsa.service
 echo "[Service]" >> /etc/systemd/system/gsa.service
 echo "Type=simple" >> /etc/systemd/system/gsa.service
 echo "User=gvm" >> /etc/systemd/system/gsa.service
 echo "Group=gvm" >> /etc/systemd/system/gsa.service
 echo "Environment=PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/opt/gvm/bin:/opt/gvm/sbin:/opt/gvm/.local/bin" >> /etc/systemd/system/gsa.service
 echo "Environment=PYTHONPATH=/opt/gvm/lib/python3.8/site-packages" >> /etc/systemd/system/gsa.service
 echo -e "ExecStart=/usr/bin/sudo /opt/gvm/sbin/gsad" >> /etc/systemd/system/gsa.service
 echo "RemainAfterExit=yes" >> /etc/systemd/system/gsa.service
 echo -e "\n" >> /etc/systemd/system/gsa.service
 echo "[Install]" >> /etc/systemd/system/gsa.service
 echo "WantedBy=multi-user.target" >> /etc/systemd/system/gsa.service

 echo "[Unit]" > /etc/systemd/system/gsa.path
 echo "Description=Start the OpenVAS GSA service when gvmd.sock is available" >> /etc/systemd/system/gsa.path
 echo -e "\n" >> /etc/systemd/system/gsa.path
 echo "[Path]" >> /etc/systemd/system/gsa.path
 echo "PathChanged=/opt/gvm/var/run/gvmd.sock" >> /etc/systemd/system/gsa.path
 echo "Unit=gsa.service" >> /etc/systemd/system/gsa.path
 echo -e "\n" >> /etc/systemd/system/gsa.path
 echo "[Install]" >> /etc/systemd/system/gsa.path
 echo "WantedBy=multi-user.target" >> /etc/systemd/system/gsa.path


 systemctl daemon-reload
 systemctl enable --now openvas
 systemctl enable --now gvm.{path,service}
 systemctl enable --now gsa.{path,service}


 # REMIND USER TO CHANGE DEFAULT PASSWORD
 echo "Username is gvmadmin and pasword is StrongPass"
 echo "Remember to change this default password"
 echo "sudo -Hiu gvm gvmd --user=gvmadmin --new-password=<PASSWORD>"
	#!/bin/bash
	######################################################################
	# Script to install Greenbone/OpenVAS on Ubuntu 20.04
	#
	# Note: run as root
	#
	# Usage: sudo ./install_gvm.sh
	#
	# Based on:
	# https://kifarunix.com/install-and-setup-gvm-11-on-ubuntu-20-04/?amp
	#
	# Works-for-me as of 2020-05-12. Your experience may be different.
	# Use at your own risk.
	#
	# Licensed under GPLv3 or later
	######################################################################

	useradd -r -d /opt/gvm -c "GVM (OpenVAS) User" -s /bin/bash gvm
	mkdir /opt/gvm
	chown gvm:gvm /opt/gvm

	sudo -Hiu postgres createuser gvm
	sudo -Hiu postgres createdb -O gvm gvmd
	sudo -Hiu postgres psql -c 'create role dba with superuser noinherit;' gvmd
	sudo -Hiu postgres psql -c 'grant dba to gvm;' gvmd
	sudo -Hiu postgres psql -c 'create extension "uuid-ossp";' gvmd
	systemctl restart postgresql
	systemctl enable postgresql
	sed -i 's/\"$/\:\/opt\/gvm\/bin\:\/opt\/gvm\/sbin\:\/opt\/gvm\/\.local\/bin\"/g' /etc/environment
	echo "/opt/gvm/lib" > /etc/ld.so.conf.d/gvm.conf
	sudo -Hiu gvm mkdir /tmp/gvm-source
	cd /tmp/gvm-source

	sudo -Hiu gvm cp --recursive /opt/gvm/* /tmp/gvm-source/
	sudo -Hiu gvm touch /opt/gvm/.bashrc
	sudo -Hiu gvm mv /opt/gvm/.bashrc /opt/gvm/.bashrc.bak # save original bashrc file
	sudo -Hiu gvm touch /opt/gvm/.bashrc
	sudo -Hiu gvm echo "export PKG_CONFIG_PATH=/opt/gvm/lib/pkgconfig:$PKG_CONFIG_PATH" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc

	# Build and Install GVM 11 Libraries
	sudo -Hiu gvm echo "cd gvm-libs" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc
	sudo -Hiu gvm echo "mkdir build" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc
	sudo -Hiu gvm echo "cd build" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc
	sudo -Hiu gvm echo "cmake .. -DCMAKE_INSTALL_PREFIX=/opt/gvm" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc
	sudo -Hiu gvm echo "make" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc
	sudo -Hiu gvm echo "make install" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc

	# Build and Install OpenVAS and OpenVAS SMB
	sudo -Hiu gvm echo "cd ../../openvas-smb/" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc
	sudo -Hiu gvm echo "mkdir build" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc
	sudo -Hiu gvm echo "cd build" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc
	sudo -Hiu gvm echo "cmake .. -DCMAKE_INSTALL_PREFIX=/opt/gvm" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc
	sudo -Hiu gvm echo "make" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc
	sudo -Hiu gvm echo "make install" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc
	sudo -Hiu gvm echo "cd ../../openvas" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc
	sudo -Hiu gvm echo "mkdir build" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc
	sudo -Hiu gvm echo "cd build" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc
	sudo -Hiu gvm echo "cmake .. -DCMAKE_INSTALL_PREFIX=/opt/gvm" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc
	sudo -Hiu gvm echo "make" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc
	sudo -Hiu gvm echo "make install" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc
	sudo -Hiu gvm echo "sed -i 's/set (CMAKE_C_FLAGS_DEBUG\s.*\"\${CMAKE_C_FLAGS_DEBUG} \${COVERAGE_FLAGS}\")/set (CMAKE_C_FLAGS_DEBUG \"\${CMAKE_C_FLAGS_DEBUG} -Werror -Wno-error=deprecated-declarations\")/g' ../../openvas/CMakeLists.txt" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc
	sudo -Hiu gvm echo "make" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc
	sudo -Hiu gvm echo "make install" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc
	# Leave gvm environment and clean up
	sudo -Hiu gvm echo "exit" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc
	su gvm
	sudo -Hiu gvm rm /opt/gvm/.bashrc
	sudo -Hiu gvm mv /opt/gvm/.bashrc.bak /opt/gvm/.bashrc

	# Configuring OpenVAS
	ldconfig
	cp /tmp/gvm-source/openvas/config/redis-openvas.conf /etc/redis/
	chown redis:redis /etc/redis/redis-openvas.conf
	echo "db_address = /run/redis-openvas/redis.sock" > /opt/gvm/etc/openvas/openvas.conf
	chown gvm:gvm /opt/gvm/etc/openvas/openvas.conf
	usermod -aG redis gvm
	echo "net.core.somaxconn = 1024" >> /etc/sysctl.conf
	echo 'vm.overcommit_memory = 1' >> /etc/sysctl.conf
	sysctl -p
	touch /etc/systemd/system/disable_thp.service
	echo "[Unit]" > /etc/systemd/system/disable_thp.service
	echo "Description=Disable Kernel Support for Transparent Huge Pages (THP)" >> /etc/systemd/system/disable_thp.service
	echo -e "\n" >> /etc/systemd/system/disable_thp.service
	echo "[Service]" >> /etc/systemd/system/disable_thp.service
	echo "Type=simple" >> /etc/systemd/system/disable_thp.service
	echo -e "ExecStart=/bin/sh -c \"echo 'never' > /sys/kernel/mm/transparent_hugepage/enabled && echo 'never' > /sys/kernel/mm/transparent_hugepage/defrag\"" >> /etc/systemd/system/disable_thp.service
	echo -e "\n" >> /etc/systemd/system/disable_thp.service
	echo "[Install]" >> /etc/systemd/system/disable_thp.service
	echo "WantedBy=multi-user.target" >> /etc/systemd/system/disable_thp.service
	systemctl daemon-reload
	systemctl enable --now disable_thp
	systemctl start redis-server@openvas
	systemctl enable redis-server@openvas
	echo "gvm ALL = NOPASSWD: /opt/gvm/sbin/openvas" > /etc/sudoers.d/gvm
	sed 's/Defaults\s.*secure_path=\"\/usr\/local\/sbin:\/usr\/local\/bin:\/usr\/sbin:\/usr\/bin:\/sbin:\/bin:\/snap\/bin\"/Defaults secure_path=\"\/usr\/local\/sbin:\/usr\/local\/bin:\/usr\/sbin:\/usr\/bin:\/sbin:\/bin:\/snap\/bin:\/opt\/gvm\/sbin\"/g' /etc/sudoers \| EDITOR='tee' visudo
	echo "gvm ALL = NOPASSWD: /opt/gvm/sbin/gsad" >> /etc/sudoers.d/gvm

	#Update OpenVAS NVTs
	sudo -Hiu gvm touch /opt/gvm/.bashrc
	sudo -Hiu gvm mv /opt/gvm/.bashrc /opt/gvm/.bashrc.bak # save original bashrc file
	sudo -Hiu gvm touch /opt/gvm/.bashrc

	# This next command fails in get_community_feed function in greenbone-nvt-sync if the
	# rsync calls are too close together as only one connection is allowed at a time. So we
	# need to add a sleep command in that file to pause the sync so that the NAT connection can close
	# file is in /opt/gvm/bin and the line to edit is 364. More info can be found by searching
	# greenbone-nvt-sync rsync connection refused
	#
	# add in the following
	# # sleep to allow NAT connection to close
	# sleep 300
	sudo -Hiu gvm echo "sed -i '364isleep 300' /opt/gvm/bin/greenbone-nvt-sync" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc
	sudo -Hiu gvm echo "Sleeping for 5 minutes" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc
	sudo -Hiu gvm echo "More info can be found by searching greenbone-nvt-sync rsync connection refused on Google" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc
	sudo -Hiu gvm echo "greenbone-nvt-sync" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc


	sudo -Hiu gvm echo "sudo openvas --update-vt-info" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc

	# Build and Install Greenbone Vulnerability Manager
	sudo -Hiu gvm echo "export PKG_CONFIG_PATH=/opt/gvm/lib/pkgconfig:$PKG_CONFIG_PATH" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc
	sudo -Hiu gvm echo "cd /tmp/gvm-source/gvmd" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc
	sudo -Hiu gvm echo "mkdir build" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc
	sudo -Hiu gvm echo "cd build" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc
	sudo -Hiu gvm echo "cmake .. -DCMAKE_INSTALL_PREFIX=/opt/gvm" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc
	sudo -Hiu gvm echo "make" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc
	sudo -Hiu gvm echo "make install" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc

	# Build and Install Greenbone Secuirty Assistant
	sudo -Hiu gvm echo "cd ../../gsa" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc
	sudo -Hiu gvm echo "mkdir build" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc
	sudo -Hiu gvm echo "cd build" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc
	sudo -Hiu gvm echo "cmake .. -DCMAKE_INSTALL_PREFIX=/opt/gvm" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc
	sudo -Hiu gvm echo "make" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc
	sudo -Hiu gvm echo "make install" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc

	# Update GVM CERT and SCAP data from the feed servers
	sudo -Hiu gvm echo "echo Sleeping 5 minutes" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc
	sudo -Hiu gvm echo "echo More info can be found by searching greenbone-nvt-sync rsync connection refused on Google" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc
	sudo -Hiu gvm echo "sleep 300" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc # allow a NAT connection to close
	sudo -Hiu gvm echo "sed -i '368isleep 120' /opt/gvm/sbin/greenbone-scapdata-sync" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc
	sudo -Hiu gvm echo "echo Sleeping 2 minutes" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc
	sudo -Hiu gvm echo "echo More info can be found by searching greenbone-nvt-sync rsync connection refused on Google" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc
	sudo -Hiu gvm echo "greenbone-scapdata-sync" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc
	sudo -Hiu gvm echo "echo Sleeping 5 minutes" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc
	sudo -Hiu gvm echo "echo More info can be found by searching greenbone-nvt-sync rsync connection refused on Google" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc
	sudo -Hiu gvm echo "sleep 300" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc # allow a NAT connection to close
	sudo -Hiu gvm echo "greenbone-certdata-sync" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc
	# Add sleep to future greenbone-certdata-sync calls (https://github.com/yu210148/gvm_install/issues/2 --Thanks kirk56k)
	sudo -Hiu gvm echo "sed -i '349isleep 300' /opt/gvm/sbin/greenbone-certdata-sync" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc

	# Set cron jobs to run once daily at random times
	HOUR=$(shuf -i 0-23 -n 1)
	MINUTE=$(shuf -i 0-59 -n 1)
	sudo -Hiu gvm echo "(crontab -l 2>/dev/null; echo \"${MINUTE} ${HOUR} * * * /opt/gvm/sbin/greenbone-scapdata-sync\") \| crontab -" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc

	HOUR=$(shuf -i 0-23 -n 1)
	MINUTE=$(shuf -i 0-59 -n 1)
	sudo -Hiu gvm echo "(crontab -l 2>/dev/null; echo \"${MINUTE} ${HOUR} * * * /opt/gvm/bin/greenbone-nvt-sync\") \| crontab -" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc

	HOUR=$(shuf -i 0-23 -n 1)
	MINUTE=$(shuf -i 0-59 -n 1)
	sudo -Hiu gvm echo "(crontab -l 2>/dev/null; echo \"${MINUTE} ${HOUR} * * * /opt/gvm/sbin/greenbone-certdata-sync\") \| crontab -" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc

	# I know this is kludgy as this should be run after the nvt sync but if it gets
	# run once a day that should do
	HOUR=$(shuf -i 0-23 -n 1)
	MINUTE=$(shuf -i 0-59 -n 1)
	sudo -Hiu gvm echo "(crontab -l 2>/dev/null; echo \"${MINUTE} ${HOUR} * * * /usr/bin/sudo /opt/gvm/sbin/openvas --update-vt-info\") \| crontab -" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc

	# Configure certs
	sudo -Hiu gvm echo "gvm-manage-certs -a" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc

	# Build and Install OSPd and OSPd-OpenVAS

	sudo -Hiu gvm echo "export PKG_CONFIG_PATH=/opt/gvm/lib/pkgconfig:$PKG_CONFIG_PATH" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc

	sudo -Hiu gvm echo "mkdir -p /opt/gvm/lib/python3.8/site-packages/" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc
	sudo -Hiu gvm echo "export PYTHONPATH=/opt/gvm/lib/python3.8/site-packages" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc
	sudo -Hiu gvm echo "cd /tmp/gvm-source/ospd" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc
	sudo -Hiu gvm echo "python3 setup.py install --prefix=/opt/gvm" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc

	sudo -Hiu gvm echo "cd ../ospd-openvas" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc
	sudo -Hiu gvm echo "python3 setup.py install --prefix=/opt/gvm" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc

	# Start OpenVAS Scanner, GSA and GVM services
	# Start OpenVAS
	sudo -Hiu gvm echo "/usr/bin/python3 /opt/gvm/bin/ospd-openvas --pid-file /opt/gvm/var/run/ospd-openvas.pid --log-file /opt/gvm/var/log/gvm/ospd-openvas.log --lock-file-dir /opt/gvm/var/run -u /opt/gvm/var/run/ospd.sock" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc
	# Start GVM
	sudo -Hiu gvm echo "gvmd --osp-vt-update=/opt/gvm/var/run/ospd.sock" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc
	# Start GSA
	sudo -Hiu gvm echo "sudo gsad" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc

	# Check the status
	sudo -Hiu gvm echo "ps aux \| grep -E \"ospd-openvas\|gsad\|gvmd\" \| grep -v grep" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc

	# Wait a moment for the above to start up
	sudo -Hiu gvm echo "sleep 10" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc

	# Create GVM Scanner
	sudo -Hiu gvm echo -e "gvmd --create-scanner=\"Created OpenVAS Scanner\" --scanner-type=\"OpenVAS\" --scanner-host=/opt/gvm/var/run/ospd.sock" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc

	sudo -Hiu gvm echo "gvmd --get-scanners" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc

	# Verify newly created scanner
	sudo -Hiu gvm echo -e "UUID=\$(gvmd --get-scanners \| grep Created \| awk '{print \$\1}')" \| sed 's/\\//g' \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc

	# Wait a moment then verify the scanner
	sudo -Hiu gvm echo "sleep 10" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc
	sudo -Hiu gvm echo -e "gvmd --verify-scanner=UUID" \| sed 's/UUID/\$UUID/g' \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc

	# Create OpenVAS (GVM 11) Admin
	sudo -Hiu gvm echo -e "gvmd --create-user gvmadmin --password=StrongPass" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc

	# Leave gvm environment and clean up
	sudo -Hiu gvm echo "exit" \| sudo -Hiu gvm tee -a /opt/gvm/.bashrc
	su gvm
	# Debugging
	#sudo -Hiu gvm mv /opt/gvm/.bashrc /opt/gvm/just-ran-bashrc.txt
	sudo -Hiu gvm rm /opt/gvm/.bashrc
	sudo -Hiu gvm mv /opt/gvm/.bashrc.bak /opt/gvm/.bashrc

	# Set firewall to allow access on port 443 and 22
	ufw allow 443
	ufw allow 22
	ufw --force enable

	# Create systemd services for OpenVAS Scanner, GSA, and GVM services
	echo "[Unit]" > /etc/systemd/system/openvas.service
	echo "Description=Control the OpenVAS service" >> /etc/systemd/system/openvas.service
	echo "After=redis.service" >> /etc/systemd/system/openvas.service
	echo "After=postgresql.service" >> /etc/systemd/system/openvas.service
	echo -e "\n" >> /etc/systemd/system/openvas.service
	echo "[Service]" >> /etc/systemd/system/openvas.service
	echo "ExecStartPre=-rm /opt/gvm/var/run/ospd-openvas.pid /opt/gvm/var/run/ospd.sock /opt/gvm/var/run/gvmd.sock" >> /etc/systemd/system/openvas.service
	echo "Type=simple" >> /etc/systemd/system/openvas.service
	echo "User=gvm" >> /etc/systemd/system/openvas.service
	echo "Group=gvm" >> /etc/systemd/system/openvas.service
	echo "Environment=PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/opt/gvm/bin:/opt/gvm/sbin:/opt/gvm/.local/bin" >> /etc/systemd/system/openvas.service
	echo "Environment=PYTHONPATH=/opt/gvm/lib/python3.8/site-packages" >> /etc/systemd/system/openvas.service
	echo -e "ExecStart=/usr/bin/python3 /opt/gvm/bin/ospd-openvas --pid-file /opt/gvm/var/run/ospd-openvas.pid --log-file /opt/gvm/var/log/gvm/ospd-openvas.log --lock-file-dir /opt/gvm/var/run -u /opt/gvm/var/run/ospd.sock" >> /etc/systemd/system/openvas.service
	echo "RemainAfterExit=yes" >> /etc/systemd/system/openvas.service
	echo -e "\n" >> /etc/systemd/system/openvas.service
	echo "[Install]" >> /etc/systemd/system/openvas.service
	echo "WantedBy=multi-user.target" >> /etc/systemd/system/openvas.service

	echo "[Unit]" > /etc/systemd/system/gvm.service
	echo "Description=Control the OpenVAS GVM service" >> /etc/systemd/system/gvm.service
	echo "After=openvas.service" >> /etc/systemd/system/gvm.service
	echo -e "\n" >> /etc/systemd/system/gvm.service
	echo "[Service]" >> /etc/systemd/system/gvm.service
	echo "Type=simple" >> /etc/systemd/system/gvm.service
	echo "User=gvm" >> /etc/systemd/system/gvm.service
	echo "Group=gvm" >> /etc/systemd/system/gvm.service
	echo "Environment=PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/opt/gvm/bin:/opt/gvm/sbin:/opt/gvm/.local/bin" >> /etc/systemd/system/gvm.service
	echo "Environment=PYTHONPATH=/opt/gvm/lib/python3.8/site-packages" >> /etc/systemd/system/gvm.service
	echo -e "ExecStart=/opt/gvm/sbin/gvmd --osp-vt-update=/opt/gvm/var/run/ospd.sock" >> /etc/systemd/system/gvm.service
	echo "RemainAfterExit=yes" >> /etc/systemd/system/gvm.service
	echo -e "\n" >> /etc/systemd/system/gvm.service
	echo "[Install]" >> /etc/systemd/system/gvm.service
	echo "WantedBy=multi-user.target" >> /etc/systemd/system/gvm.service

	echo "[Unit]" > /etc/systemd/system/gvm.path
	echo "Description=Start the OpenVAS GVM service when opsd.sock is available" >> /etc/systemd/system/gvm.path
	echo -e "\n" >> /etc/systemd/system/gvm.path
	echo "[Path]" >> /etc/systemd/system/gvm.path
	echo "PathChanged=/opt/gvm/var/run/ospd.sock" >> /etc/systemd/system/gvm.path
	echo "Unit=gvm.service" >> /etc/systemd/system/gvm.path
	echo -e "\n" >> /etc/systemd/system/gvm.path
	echo "[Install]" >> /etc/systemd/system/gvm.path
	echo "WantedBy=multi-user.target" >> /etc/systemd/system/gvm.path

	echo "[Unit]" > /etc/systemd/system/gsa.service
	echo "Description=Control the OpenVAS GSA service" >> /etc/systemd/system/gsa.service
	echo "After=openvas.service" >> /etc/systemd/system/gsa.service
	echo -e "\n" >> /etc/systemd/system/gsa.service
	echo "[Service]" >> /etc/systemd/system/gsa.service
	echo "Type=simple" >> /etc/systemd/system/gsa.service
	echo "User=gvm" >> /etc/systemd/system/gsa.service
	echo "Group=gvm" >> /etc/systemd/system/gsa.service
	echo "Environment=PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/opt/gvm/bin:/opt/gvm/sbin:/opt/gvm/.local/bin" >> /etc/systemd/system/gsa.service
	echo "Environment=PYTHONPATH=/opt/gvm/lib/python3.8/site-packages" >> /etc/systemd/system/gsa.service
	echo -e "ExecStart=/usr/bin/sudo /opt/gvm/sbin/gsad" >> /etc/systemd/system/gsa.service
	echo "RemainAfterExit=yes" >> /etc/systemd/system/gsa.service
	echo -e "\n" >> /etc/systemd/system/gsa.service
	echo "[Install]" >> /etc/systemd/system/gsa.service
	echo "WantedBy=multi-user.target" >> /etc/systemd/system/gsa.service

	echo "[Unit]" > /etc/systemd/system/gsa.path
	echo "Description=Start the OpenVAS GSA service when gvmd.sock is available" >> /etc/systemd/system/gsa.path
	echo -e "\n" >> /etc/systemd/system/gsa.path
	echo "[Path]" >> /etc/systemd/system/gsa.path
	echo "PathChanged=/opt/gvm/var/run/gvmd.sock" >> /etc/systemd/system/gsa.path
	echo "Unit=gsa.service" >> /etc/systemd/system/gsa.path
	echo -e "\n" >> /etc/systemd/system/gsa.path
	echo "[Install]" >> /etc/systemd/system/gsa.path
	echo "WantedBy=multi-user.target" >> /etc/systemd/system/gsa.path


	systemctl daemon-reload
	systemctl enable --now openvas
	systemctl enable --now gvm.{path,service}
	systemctl enable --now gsa.{path,service}


	# REMIND USER TO CHANGE DEFAULT PASSWORD
	echo "Username is gvmadmin and pasword is StrongPass"
	echo "Remember to change this default password"
	echo "sudo -Hiu gvm gvmd --user=gvmadmin --new-password=<PASSWORD>"