Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
    Anders Einar (Kagee)
    @hildenae:matrix.org
    [m]
    ops, wrong chjannel! (i'm not used to the Matrix gui yet)
    Anders Einar (Kagee)
    @hildenae:matrix.org
    [m]
    Looks like there is a version crash in modules-2.4.144: ERROR: Double requirement given: chardet==4.0.0 from file:///wheel/chardet-4.0.0-py2.py3-none-any.whl (already in chardet==3.0.4 from file:///wheel/chardet-3.0.4-py2.py3-none-any.whl, name='chardet')
    Looks like it migt be faup that wants 4.0.0 and ... something else that wants 3.0.4
    looks like they added chardet w/o a version 8 days ago stricaud/faup@b5c82fb
    Anders Einar (Kagee)
    @hildenae:matrix.org
    [m]
    looks like misp-modules is locked to 3.0.4
    Anders Einar (Kagee)
    @hildenae:matrix.org
    [m]
    based on https://github.com/chardet/chardet/releases/tag/4.0.0 it looks like misp-modules could use 4.0.0? There does not appear to be any API changes. They drop 2.6 and <3.5, but even ubuntu 18.04 has python 3.6, and that is the oldest supported LTS Ubuntu
    Jason Kendall
    @coolacid
    Working on new version bump. Sorry, it's been very busy at $DayJob
    Anders Einar (Kagee)
    @hildenae:matrix.org
    [m]
    Tried myself, see above and issue
    Jason Kendall
    @coolacid
    Yeah, that's partly what triggered the reminder I hadn't bumped yet.
    Just testing a build with the fix. Same dependency hell in the server, so easy to "solve"
    Anders Einar (Kagee)
    @hildenae:matrix.org
    [m]
    :)
    Jason Kendall
    @coolacid
    I hope.
    Anders Einar (Kagee)
    @hildenae:matrix.org
    [m]
    If it is chardet, as I wrote I belive 4.0.0 and 3.0.4 are interchangeable
    Jason Kendall
    @coolacid
    Yeah, forcing 4.0.0, someone should test ;)
    Also, I never get notifications from gitter, no idea why.
    Anders Einar (Kagee)
    @hildenae:matrix.org
    [m]
    @coolacid should you make a issue in misp-modules or should I?
    Jason Kendall
    @coolacid
    You found it, you should get the credit ;)
    2.4.144 tag pushed, take a bit to make its way thru docker builders.
    Anders Einar (Kagee)
    @hildenae:matrix.org
    [m]
    Technically mitfry found it, but he is not in this channel :)
    Jason Kendall
    @coolacid
    Meh, who ever ;)
    Anders Einar (Kagee)
    @hildenae:matrix.org
    [m]
    i made a simple issue MISP/misp-modules#506
    Jason Kendall
    @coolacid
    Images are up it looks like.
    Matthias Vallentin
    @mavam

    Hey Jason, I'm getting an error message during the setup of nginx:

    misp_1          | Configure NGINX | Enabling SSL Cert Authentication
    misp_1          | Configure bootstrap | Enabling Cert Auth Plugin - Don't forget to configure it https://github.com/MISP/MISP/tree/2.4/app/Plugin/CertAuth (Step 2)
    misp_1          | Configure NGINX | Disabling IPv6
    misp_1          | nginx: [emerg] SSL_CTX_load_verify_locations("/etc/nginx/certs/ca.pem") failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/etc/nginx/certs/ca.pem','r') error:2006D080:BIO routines:BIO_new_file:no such file error:0B084002:x509 certificate routines:X509_load_cert_crl_file:system lib)
    misp_1          | 2021-07-27 08:06:55,949 INFO exited: nginx (exit status 1; not expected)

    Here's my misp environment:

        environment:
          - "HOSTNAME=${MISP_FQDN}"
          - "REDIS_FQDN=redis"
          - "INIT=true"
          - "CRON_USER_ID=1"
          - "MYSQL_HOST=db"
          - "MYSQL_USER=${MYSQL_USER}"
          - "MYSQL_PASSWORD=${MYSQL_PASSWORD}"
          - "MYSQL_DATABASE=misp"
          - "NOREDIR=true" # Do not redirect port 80
          - "DISIPV6=true" # Disable IPV6 in nginx
          - "CERTAUTH=optional"
          - "MISP_MODULES_FQDN=${MISP_MODULES_FQDN}"
          - "WORKERS=${MISP_WORKERS}"
    8 replies
    Matthias Vallentin
    @mavam
    Is there a way to set the login creds via an environment variable and avoid requiring a PW reset?
    Matthias Vallentin
    @mavam
    image.png
    When looking at the Diagnostics page, I see a lot of DB schema issues 👆
    Matthias Vallentin
    @mavam
    Sorry for all these questions, but I can't resist: is there a way to provide config options declaratively, ideally in the YAML file? For example, I'd like to specify somewhere things like Plugin.ZeroMQ_port = 42000.
    1 reply
    Matthias Vallentin
    @mavam
    @coolacid I noticed that the user entries in the MySQL DB do not happen on first startup, but only lazily after MISP is accessed the first time via the browser. This is threw my off when I tried to use cake to change the admin password at boot time, when the user didn't exit yet. Is there a switch that triggers the user initialization manually?
    Anders Einar (Kagee)
    @hildenae:matrix.org
    [m]
    Misp creates an admin user if the user table is empty. So in theory you could create all the users before activating misp?
    Matthias Vallentin
    @mavam
    Yeah, I was wondering if I can do something from within the container to "force" essentially a user browsing to the website. Then admin@admin.test gets created automatically. Not earlier.
    If you have an idea on how to create an admin user from the command line (I'm in /custom-entrypoint.sh), I'd love to hear it!
    Anders Einar (Kagee)
    @hildenae:matrix.org
    [m]
    Hmmm
    Most of the user creation I've looked at is via REST API, not cli
    Matthias Vallentin
    @mavam
    If the API key is available at this phase (and not autogenerated at some later point), then a REST API call would also work. In fact, PyMISP is installed, so it'd be trivial.
    Jason Kendall
    @coolacid
    Sorry, Gitter doesn't notify me well, and it logged me out.
    Adding users before first browse is a MISP thing, not a docker thing. You'd have to ask them.
    Matthias Vallentin
    @mavam
    Got it, I'm asking the gang over in the other channel.
    Matthias Vallentin
    @mavam
    @coolacid you're starting supervisor as follows: /usr/bin/supervisord -c /etc/supervisor/conf.d/supervisord.conf. Would you accept a PR that strips the explicit -c cfg part? This way, users can add their own additional configs to /etc/supervisor/conf.d. By ignoring the top-level /etc/supervisor/supervisord.conf through an explicit -c cfg, this option is no longer available. (It's also not the typical to ignore top-level configuration, as it breaks interacting via supervisorctl, but that might be on purpose.)
    Anders Einar (Kagee)
    @hildenae:matrix.org
    [m]
    (imho it would be nice if supervisorctl could work?)
    mammamiiiya
    @mammamiiiya
    hey, I just deployed the MISP XME docker and I'm getting this error in the MySQL db. Error is:
    Version: '5.7.35' socket: '/var/lib/mysql/mysql.sock' port: 3306 MySQL Community Server (GPL) 2021-08-26T02:33:19.323305Z 2 [Note] Access denied for user 'root'@'192.168.16.3' (using password: NO)
    any help? @iglocska
    My docker-compose is default, .env is default
    mammamiiiya
    @mammamiiiya
    image.png
    This is what I get when i try to login Web
    MISP web logs:
    Container started for the fist time. Setup might time a few minutes. Please wait...
    (Details are logged in /tmp/install.log)
    Configuring postfix
    TIMEZONE is not set, please configure the local time zone manually later...
    Creating MySQL database
    MYSQL_PASSWORD is set to 'misp'
    Connected to database successfully!
    Database misp available
    Creating MISP configuration files
    Fixing the MISP base URL (misp.vairav.net) ...
    Congratulations!
    Your MISP docker has been successfully booted for the first time.
    Don't forget:
    - Reconfigure postfix to match your environment
    - Change the MISP admin email address to admin@admin.test
    
     * Starting periodic command scheduler cron
       ...done.
    
    Welcome to CakePHP v2.10.24 Console
    ---------------------------------------------------------------
    App : app
    Path: /var/www/MISP/app/
    ---------------------------------------------------------------
    Setting "MISP.python_bin" changed to /var/www/MISP/venv/bin/python
    
    
    Welcome to CakePHP v2.10.24 Console
    ---------------------------------------------------------------
    App : app
    Path: /var/www/MISP/app/
    ---------------------------------------------------------------
    MISP is now live. Users can now log in.Starting supervisord
    2021-08-26 02:48:24,191 CRIT Supervisor is running as root.  Privileges were not dropped because no user is specified in the config file.  If you intend to run as root, you can set user=root in the config file to avoid this message.
    2021-08-26 02:48:24,193 INFO supervisord started with pid 1
    2021-08-26 02:48:25,197 INFO spawned: 'apache2' with pid 51
    2021-08-26 02:48:25,201 INFO spawned: 'misp-modules' with pid 52
    2021-08-26 02:48:25,203 INFO spawned: 'master' with pid 53
    2021-08-26 02:48:25,206 INFO spawned: 'redis-server' with pid 54
    2021-08-26 02:48:25,207 INFO spawned: 'resque' with pid 55
    2021-08-26 02:48:25,227 INFO success: misp-modules entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
    2021-08-26 02:48:25,227 INFO success: master entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
    2021-08-26 02:48:25,227 INFO success: resque entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
    2021-08-26 02:48:25,398 INFO exited: misp-modules (exit status 0; expected)
    2021-08-26 02:48:25,512 INFO exited: master (exit status 0; expected)
    2021-08-26 02:48:26,253 INFO success: apache2 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
    2021-08-26 02:48:26,253 INFO success: redis-server entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
    2021-08-26 02:48:28,464 INFO exited: resque (exit status 0; expected)
    MISP db full log:
    [Entrypoint] MySQL Docker Image 5.7.35-1.2.4-server
    [Entrypoint] Starting MySQL 5.7.35-1.2.4-server
    2021-08-26T02:48:23.065815Z 0 [Warning] TIMESTAMP with implicit DEFAULT value is deprecated. Please use --explicit_defaults_for_timestamp server option (see documentation for more details).
    2021-08-26T02:48:23.067570Z 0 [Note] mysqld (mysqld 5.7.35) starting as process 1 ...
    2021-08-26T02:48:23.070569Z 0 [Note] InnoDB: PUNCH HOLE support available
    2021-08-26T02:48:23.070600Z 0 [Note] InnoDB: Mutexes and rw_locks use GCC atomic builtins
    2021-08-26T02:48:23.070603Z 0 [Note] InnoDB: Uses event mutexes
    2021-08-26T02:48:23.070605Z 0 [Note] InnoDB: GCC builtin __atomic_thread_fence() is used for memory barrier
    2021-08-26T02:48:23.070608Z 0 [Note] InnoDB: Compressed tables use zlib 1.2.11
    2021-08-26T02:48:23.070611Z 0 [Note] InnoDB: Using Linux native AIO
    2021-08-26T02:48:23.070833Z 0 [Note] InnoDB: Number of pools: 1
    2021-08-26T02:48:23.070938Z 0 [Note] InnoDB: Using CPU crc32 instructions
    2021-08-26T02:48:23.072780Z 0 [Note] InnoDB: Initializing buffer pool, total size = 128M, instances = 1, chunk size = 128M
    2021-08-26T02:48:23.079558Z 0 [Note] InnoDB: Completed initialization of buffer pool
    2021-08-26T02:48:23.081889Z 0 [Note] InnoDB: If the mysqld execution user is authorized, page cleaner thread priority can be changed. See the man page of setpriority().
    2021-08-26T02:48:23.095558Z 0 [Note] InnoDB: Highest supported file format is Barracuda.
    2021-08-26T02:48:23.109061Z 0 [Note] InnoDB: Creating shared tablespace for temporary tables
    2021-08-26T02:48:23.109121Z 0 [Note] InnoDB: Setting file './ibtmp1' size to 12 MB. Physically writing the file full; Please wait ...
    2021-08-26T02:48:23.125144Z 0 [Note] InnoDB: File './ibtmp1' size is now 12 MB.
    2021-08-26T02:48:23.125891Z 0 [Note] InnoDB: 96 redo rollback segment(s) found. 96 redo rollback segment(s) are active.
    2021-08-26T02:48:23.125909Z 0 [Note] InnoDB: 32 non-redo rollback segment(s) are active.
    2021-08-26T02:48:23.126573Z 0 [Note] InnoDB: 5.7.35 started; log sequence number 16305351
    2021-08-26T02:48:23.126734Z 0 [Note] InnoDB: Loading buffer pool(s) from /var/lib/mysql/ib_buffer_pool
    2021-08-26T02:48:23.127218Z 0 [Note] Plugin 'FEDERATED' is disabled.
    2021-08-26T02:48:23.133045Z 0 [Note] InnoDB: Buffer pool(s) load completed at 210826  2:48:23
    2021-08-26T02:48:23.138105Z 0 [Note] Found ca.pem, server-cert.pem and server-key.pem in data directory. Trying to enable SSL support using them.
    2021-08-26T02:48:23.138127Z 0 [Note] Skipping generation of SSL certificates as certificate files are present in data directory.
    2021-08-26T02:48:23.138132Z 0 [Warning] A deprecated TLS version TLSv1 is enabled. Please use TLSv1.2 or higher.
    2021-08-26T02:48:23.138135Z 0 [Warning] A deprecated TLS version TLSv1.1 is enabled. Please use TLSv1.2 or higher.
    2021-08-26T02:48:23.138770Z 0 [Warning] CA certificate ca.pem is self signed.
    2021-08-26T02:48:23.138814Z 0 [Note] Skipping generation of RSA key pair as key files are present in data directory.
    2021-08-26T02:48:23.139109Z 0 [Note] Server hostname (bind-address): '*'; port: 3306
    2021-08-26T02:48:23.139142Z 0 [Note] IPv6 is available.
    2021-08-26T02:48:23.139153Z 0 [Note]   - '::' resolves to '::';
    2021-08-26T02:48:23.139175Z 0 [Note] Server socket created on IP: '::'.
    2021-08-26T02:48:23.156768Z 0 [Note] Event Scheduler: Loaded 0 events
    2021-08-26T02:48:23.157087Z 0 [Note] mysqld: ready for connections.
    Version: '5.7.35'  socket: '/var/lib/mysql/mysql.sock'  port: 3306  MySQL Community Server (GPL)
    2021-08-26T02:48:23.746826Z 2 [Note] Access denied for user 'root'@'192.168.48.3' (using password: NO)
    mammamiiiya
    @mammamiiiya

    image.png

    I solved this error. I manually added the baseurl field in config.php file inside /var/WWW/MISP/app/Config directory

    but the db error still persists
    Jason Kendall
    @coolacid
    Gitter kicks me out, and doesn't actually ping me when someone messages me. Sorry :(
    flufferfish
    @flufferfish:matrix.cloudart.moe
    [m]
    Oh, cool.
    It looks like some people do still work with the docker image version of misp.