CentOS creates 0-byte PDF report

[syspect-sec]

Expected behavior

Greenbone functions will build PDF report files containing scan report information such as download report from report page, or selecting the alert option attach report with PDF report should deliver a valid PDF file with report via email.

Actual behavior

Greenbone builds 0-byte PDF reports

Steps to reproduce

Use any feature that create a PDF report file such as download PDF report from scan results page or create an alert that delivers a PDF report file. The PDF report created is a 0-byte file.

GVM versions

gsa: most recent

gvm: most recent

openvas-scanner: most recent

gvm-libs: most recent

Environment

Operating system:

source installation on CentOS 9 Stream. Does not affect other Kali Native Install, Ubuntu source code install, or Ubuntu Docker containers.

uname -a
Linux localhost.localdomain 5.14.0-319.el9.x86_64 #1 SMP PREEMPT_DYNAMIC Thu May 25 19:53:58 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux

Logfiles

This log seems to indicate the function causing the error when attaching PDF report to alert email.
Again this only impact CentOS source code install only.

md manage:WARNING:2023-08-29 17h22.13 UTC:159651: run_report_format_script: system failed with ret 256, 1, /var/lib/gvm/gvmd/report_formats/0f10252f-4527-4d7e-8594-2c93f54da4f1/c402cc3e-b531-11e1-9163-406186ea4fc5/generate /tmp/gvmd_Od1vYh/report.xml '<files><basedir>/tmp/gvmd_Od1vYh</basedir></files>' > /tmp/gvmd_Od1vYh/c402cc3e-b531-11e1-9163-406186ea4fc5-KTdM2A.pdf 2> /dev/null

[syspect-sec]

It looks like the error is occurring because the report.pdf file is not generated from the generate script.
The report.pdf file should be generated the first time this command is run:

pdflatex -interaction batchmode -output-directory ${TMP} ${TMP}/report.tex

On CentOS the output from the command is below, but no report.pdf file is created:

This is pdfTeX, Version 3.14159265-2.6-1.40.21 (TeX Live 2020) (preloaded format=pdflatex)
 restricted \write18 enabled.
entering extended mode

However, on a working distribution such as Kali Linux, the command ouput is much more extensive and successfully creates the report.pdf file. Here is just the start of the output from Kali linux:

This is pdfTeX, Version 3.141592653-2.6-1.40.24 (TeX Live 2022/Debian) (preloaded format=pdflatex)
 restricted \write18 enabled.
entering extended mode

kpathsea: Running mktexpk --mfmode / --bdpi 600 --mag 1+0/600 --dpi 600 ecsl1000
mktexpk: Running mf-nowin -progname=mf \mode:=ljfour; mag:=1+0/600; nonstopmode; input ecsl1000
This is METAFONT, Version 2.71828182 (TeX Live 2022/Debian) (preloaded base=mf)

(/usr/share/texlive/texmf-dist/fonts/source/jknappen/ec/ecsl1000.mf
(/usr/share/texlive/texmf-dist/fonts/source/jknappen/ec/exbase.mf)
(/usr/share/texlive/texmf-dist/fonts/source/jknappen/ec/ecsl.mf
(/usr/share/texlive/texmf-dist/fonts/source/jknappen/ec/exroman.mf

[...TRUNCATED...]

Maybe the version on CentOS is too old and causing an issue?

[syspect-sec]

I can confirm that upgrading to texlive 2023 is able to compile PDF files as expected.

Even CentOS 9 only has the TeX Live 2020 version available in the native repositories. The 2020 version's error is reported in the report.log file as:

! LaTeX Error: File `comment.sty' not found.

Type X to quit or <RETURN> to proceed,
or enter new name. (Default extension: sty)

Enter file name: 
! Emergency stop.
<read *> 

I guess the 2020 version could be patched by installing the comments.sty package. It is available from CTAN here: https://www.ctan.org/pkg/comment but not sure whether its easier to do that or to just install the 2023 version and replace the pdflatex binary.

[syspect-sec]

Finally, I have also solved this issue by just installing the Latex comment package into CentOS's default Tex Live package (Tex Live 2020). I think that this is in fact a better solution than installing Tex Live 2023 considering the complexity of installing 2023 over top of 2020. Also, the first part of the upgrade instructions are a bit ominous.

So, after looking at both potential solutions for this issue just adding the Latex comment package to the 2020 version looks like the best solution. The main source of information for creating this process can be found here

Unfortunately, the first suggested solution, to install via the sudo tlmgr -ignore-warning install comment command did not work, for some reason, it reports as already being installed, however, when trying to compile the PDF file it is reported as missing. The second method does not work because no .ins file is provided with the comment package.

$ sudo tlmgr -ignore-warning install comment
TeX Live 2020 is frozen and will no longer
be routinely updated. This happens in preparation for a new release.

If you're willing to help with pretesting the new release, and we hope
you are, (when pretests are available), please read
https://tug.org/texlive/pretest.html.

Otherwise, just wait, and the new release will be ready in due time.
tlmgr: package repository /usr/share/texlive (not verified: unknown)
tlmgr install: package already present: comment

Here are the instructions that can be added to the CentOS source code install documentation to enable the Latex comment.sty package:

Download and unzip the comment .ZIP package from CTAN

curl -f -L https://mirrors.ctan.org/macros/latex/contrib/comment.zip -o /tmp/comment.zip
unzip /tmp/comment.zip

Find the appropriate system-wide install directory for Tex Live

kpsewhich -var-value TEXMFLOCAL

Output: 
/usr/share/texlive/texmf-local//

The path /tex/latex/ should be appended to the TEXMFLOCAL path to follow convention, making the final destination path = /usr/share/texlive/texmf-local/tex/latex/comment.

Make the directory path and copy the comment package to the final destination path:

sudo mkdir -p /usr/share/texlive/texmf-local/tex/latex/
sudo cp -r /tmp/comment /usr/share/texlive/texmf-local/tex/latex/

The texlive package cache must be refreshed

sudo texhash

Greenbone should now be able to compile PDF report files for CentOS source code installations.