easybutton misses a few dependencies
Closed this issue · 7 comments
Expected behavior and actual behavior.
expected: easybutton.sh installs all dependencies and cif works like magic!
Actual: task [ufw] fails because ufw was not installed
cif fails after installation due to the following python modules missing:
urllib3
requests
prettytable
pytricia
arrow
Steps to reporduce the problem
fresh ubuntu 16.4 server install with minimal packages (i.e. deselect "standard system utilities")
wget https://github.com/csirtgadgets/bearded-avenger-deploymentkit/archive/3.0.0b4.tar.gz
tar -zxvf 3.0.0b4.tar.gz
cd bearded-avenger-deploymentkit-3.0.0b4/
sudo bash easybutton.sh
Specifications like the version of the project, operating system, or hardware.
cif version:3.0.0b4
os:Ubuntu 16.4 Server (fresh install with minimal packages)
hardware: virtualbox one core, 2GB ram
#other
after installing ufw the easybutton completed with no errors but cif did not work
running test.sh showed me the stack traces with missing package names. These I installed with pip and had to run the easybutton one more time before cif started working.
This project is one of the most valuable to the infosec community. keep up the good work!
hiya,
thanks for the kind words- you don't happen to have a log of the output do you? (both the first run of the easybutton, the second run and the test?)
also- do you know which minor of ubuntu you were testing with (16.04.1|2|3?)
once in a while the odd minors give us problems- shouldn't be the case but never know..
also- i just checked this with a bare bones install from the latest vagrant / ubuntu snapshot- i wonder if the deselecting is removing things the easybutton already assumes are there(?). we do as much testing as we can with bare bones vagrant images (so we can automate more of it), so once in a while- depending how you tick the boxes on a manual install something odd is missed, can you at-least verify that with a default setup it works/doesn't? something we can diff from and see what might be missing when those boxes are unchecked. then we can try accounting for them in the easybutton...
https://github.com/csirtgadgets/cif-ansible-role/blob/master/tasks/ubuntu.yml#L10
https://github.com/csirtgadgets/bearded-avenger-deploymentkit/blob/master/ubuntu16/tasks/deps.yml#L15
(happy to merge PR's if you figure it out)
Using version 16.04.04 of Ubuntu server.
I'll spin up a new vm to regenerate output.
CIF-1st_run.txt
in CIF-1st_run.txt i think only the last few lines are interesting:
TASK [ufw] ***************************************************************************************************************************************************************
task path: /home/reed/bearded-avenger-deploymentkit-3.0.0b4/ubuntu16/tasks/firewall.yml:2
failed: [localhost] (item=22) => {"changed": false, "item": 22, "msg": "Failed to find required executable ufw in paths: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin"}
failed: [localhost] (item=443) => {"changed": false, "item": 443, "msg": "Failed to find required executable ufw in paths: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin"}
CIF-2nd_run.txt
CIF-2nd_run.txt picks up CLI log where CIF-1st_run .txt left off.
This time CIF was running and test.sh passed all the things... not sure what changed.
is the second run by any chance 16.04.3 ?
No, I used the same iso image to install and cut pasted all the commands from the first time I installed CIF. The only thing I can think of to explain the difference is if the apt packages changed.
aye- this happens from time to time (and has for years)- getting around to doing daily / weekly test builds to try and spot it more cleanly so we can catch it before users do (if there's anything we can do about it though- usually its upstream and we wait and it gets resolved quickly).
will keep an eye on- if you spot it again, reopen and we can track.