Home » Learning Center » GSM: Upgrade 

GSM: Upgrade

The subscription for the Greenbone Security Manager includes upgrades for new versions of scan engine, web-interface etc. The upgrades are easy to execute.

Greenbone continuously provides new upgrades. The users can decide on their own whether and when they want to execute the upgrade.

Details on new upgrades are described on this page with guides on how to execute the updates.

Check version of your GSM

top^

The version of your GSM is directly visible on the console prompt without the need to log in: 

Welcome to the Greenbone Security Manager 1.1.0-1greenbone1 2.6.26-2-686 ttyS0


gsm login:

Alternatively the version is displayed via SSH after logging in with the account "admin": 

$ ssh admin@192.168.99.123
admin@192.168.99.123's password:

Welcome to the Greenbone Security Manager 1.1.0-1greenbone1

The version of the web interface GSA (Greenbone Security Assistant) can be checked by any scan-user via the navigation menu item Help->About.

Execute GSM System Upgrade

top^

Review changes first

It is very important that you review all changes between your current version and the newest version. Pay attention to any hints on changes of behaviour, changes of formats, data migrations etc.

Review based on this overview: Greenbone OS: Release History

Backup Management

The GSM has an integrated internal backup management as part of its maintenance operating system.

In case you already have scan data, configurations etc. of relevance on your GSM, it is recommended to create a internal backup before installing the upgrade. Of course it is generally recommended to take care of backups independent from upgrades.

Follow these steps for a backup:

During a reboot running scans would be stopped. Wait for all scan tasks to finish if you do not wish to stop running tasks.

Log into the CLI-Admin interface (see also the manual "GSM Command Line Interface: Administrator Guide") and enter the command "systembackup".

Within the next 2 hours the system will automatically shut down, create a full internal backup of the system and then boot up the system again.

System Upgrade

The upgrade can be executed without shutting down the system. In general it is recommended to choose a time when no scan tasks are running. For a short time (usually a few seconds, one minute in worst case) the web application is blocked and you might need to login anew.

It is recommended to consider creating a local backup of the current status using the built-in method of the GSM. This will take around 2 hours.

Upgrading a GSM 1.2 or newer

The Upgrade procedure was simplified and accelerated since Version 1.2.

Log into the CLI-Admin interface (see also the manual "GSM Command Line Interface: Administrator Guide").

Independent of the automatic update every 24 hours you can download the current software status immediately. The following command is not necessary if the GSM is running since at least 24 hours with network connection. 

gsm> softwarestartsync
Software synchronization scheduled (executed within next 10 minutes)
gsm> softwaresyncstatus
Software synchronization is scheduled.
(... ca. 5-15 minutes ...)
gsm> softwaresyncstatus
Software synchronization neither in progress nor scheduled.

Now the upgrade can be executed. The GSM will not open any Internet connection during the upgrade. All data for this upgrade are now already stored on the GSM. 

gsm> systemupgrade
System upgrade scheduled (executed within next 10 minutes)
gsm> systemupgradestatus
System upgrade is scheduled.
(... ca. 5-15 minutes, except release notes mention longer times ...)
gsm> systemupgradestatus
System upgrade neither in progress nor scheduled.

A successful upgrade can be verified either via the GSM version number which is shown as welcome message after logging into CLI-Admin interface (after a reboot) or via the GSA version number in the "About" dialog of the Greenbone Security Assistant (immediately).

Upgrading a GSM 1.0 or 1.1

Important for GSM 1.0 to 1.1: The upgrade is automatically downloaded in conjunction with the feed. This means, the upgrade is only available if the GSM is at least 24 hours in operation and has internet access. This limitation is dropped from version 1.2 on.

Note: These old version contain a old, invalid Greenbone signing key. Therefore many signature failure messages can appear during the upgrade process and depending on the size of the GSF delay the process for a couple of hours. The messages are printed directly to the console. The upgrade will install a new, valid signing key.

Log into the CLI-Admin interface (see also the manual "GSM Command Line Interface: Administrator Guide") and enter the command "systemupgrade".

Now it takes a maximum of 2 hours until the upgrade is finished. Depending on the extent and daytime the upgrade might finish much faster.

The GSM will not open any Internet connection during the upgrade. All data for this upgrade were already downloaded to the GSM during the last Feed synchronisation.

A successful upgrade can be verified either via the GSM version number which is shown as welcome message after logging into CLI-Admin interface (after a reboot) or via the GSA version number in the "About" dialog of the Greenbone Security Assistant (immediately).


Greenbone Networks GmbH © 2009-2012
All rights reserved.
Contact
FAQ