search

CoffeeITWorks / ansible_burp2_server

Ansible role to deploy burp2 server
MIT License
10 stars 9 forks source link

burp_server - configuring burp_sv_server_user leads to not working service #61

Closed marcin-github closed 4 years ago

marcin-github commented 4 years ago

If I set variable burp_sv_server_user: to value other than root the service burp-server doesn't start:

-- The job identifier is 695240.
May 28 16:57:55 xxx burp[28259]: 2020-05-28 16:57:55 +0200: burp[28259] Could not open lock file /var/run/burp.server.pid: Permission denied
May 28 16:57:55 xxx burp[28259]: 2020-05-28 16:57:55 +0200: burp[28259] Could not get lockfile.
May 28 16:57:55 xxx burp[28259]: 2020-05-28 16:57:55 +0200: burp[28259] Maybe you do not have permissions to write to /var/run/burp.server.pid.
May 28 16:57:55 xxx systemd[1]: burp-server.service: Main process exited, code=exited, status=1/FAILURE
-- Subject: Unit process exited
pablodav commented 4 years ago

Thanks, I'll need to review the role to resolve it, as didn't test before.

El jue., 28 de mayo de 2020 12:15 p. m., Marcin notifications@github.com escribió:

If I set variable burp_sv_server_user: to value other than root the service burp-server doesn't start:

-- The job identifier is 695240. May 28 16:57:55 xxx burp[28259]: 2020-05-28 16:57:55 +0200: burp[28259] Could not open lock file /var/run/burp.server.pid: Permission denied May 28 16:57:55 xxx burp[28259]: 2020-05-28 16:57:55 +0200: burp[28259] Could not get lockfile. May 28 16:57:55 xxx burp[28259]: 2020-05-28 16:57:55 +0200: burp[28259] Maybe you do not have permissions to write to /var/run/burp.server.pid. May 28 16:57:55 xxx systemd[1]: burp-server.service: Main process exited, code=exited, status=1/FAILURE -- Subject: Unit process exited

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/CoffeeITWorks/ansible_burp2_server/issues/61, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABCA7H7WITT4POF2JZML4ULRTZ5XZANCNFSM4NNFW4MQ .

pablodav commented 4 years ago

could you test this fix in branch feature/61_support-different-user-than-root ?

You will have to git clone this repoin your roles dir and then change to branch to this one.

I didn't check if tests passed yet, it's just first try. https://travis-ci.org/github/CoffeeITWorks/ansible_burp2_server/branches

pablodav commented 4 years ago

Tested on container, also added automatic test on ansible_burp2_server-02 test molecule dock.

root@ansibleburp2server-02:/# ps -aux | grep burp
burp       14012  0.0  0.0  13520  6440 ?        Ss   14:53   0:00 /usr/local/sbin/burp -c /etc/burp/burp-server.conf -F

molecule login --host ansible_burp2_server-02
root@ansibleburp2server-02:/# ls /etc/burp/ -l
total 36
drwxr-xr-x 4 burp burp 4096 May 31 14:53 CA
drwxr-xr-x 2 burp burp 4096 May 31 14:49 CA-client
-rwxr-xr-x 1 burp burp  781 May 31 14:50 CA.cnf
drwxr-xr-x 3 burp burp 4096 May 31 14:52 autoupgrade
-rwxr-xr-x 1 burp burp 7118 May 31 14:50 burp-server.conf
-rwxr-xr-x 1 burp burp  833 May 31 14:53 burp.conf
drwxr-xr-x 4 burp burp 4096 May 31 14:53 clientconfdir
-rwxr-xr-x 1 burp burp  830 May 31 14:53 dhfile.pem
lrwxrwxrwx 1 burp burp   38 May 31 14:53 ssl_cert-server.key -> /etc/burp/CA/ansibleburp2server-02.key
lrwxrwxrwx 1 burp burp   38 May 31 14:53 ssl_cert-server.pem -> /etc/burp/CA/ansibleburp2server-02.crt
lrwxrwxrwx 1 burp burp   26 May 31 14:53 ssl_cert_ca-server.pem -> /etc/burp/CA/CA_burpCA.crt

Not tested restore, etc. but it's good start.

marcin-github commented 4 years ago

Works for me:) Gracias!