Closed t3chn0m4g3 closed 8 years ago
Looks like some file permissions are wrong. Can you please increase the logging level and provide additional information.
/opt/dionaea/bin/dionaea -u tpot -g tpot -c /opt/dionaea/etc/dionaea/dionaea.cfg -p /data/dionaea/dionaea.pid -l all,-debug -L '*'
Thanks did not know about the debug switch and you were right, file permission issue:
[01062016 19:50:48] store dionaea/store.py:60: Not allowed to create files in the '/opt/dionaea/var/dionaea/binaries/' directory
root@ee8fd386c85f:/opt/dionaea/var/dionaea# ls -al
total 188
drwxr-xr-x 5 dionaea dionaea 4096 Jun 1 19:50 .
drwxr-xr-x 3 root root 4096 Jun 1 19:49 ..
drwxr-xr-x 2 dionaea dionaea 4096 Jun 1 05:01 binaries
drwxr-xr-x 2 dionaea dionaea 4096 Jun 1 05:01 bistreams
-rw-r--r-- 1 root root 0 Jun 1 19:50 dionaea-errors.log
-rw-r--r-- 1 root root 172032 Jun 1 19:50 dionaea.log
drwxr-xr-x 6 dionaea dionaea 4096 Jun 1 19:49 roots
Changing the ownership solved it for me. Thanks!
You are welcome. I have closed the issue.
Something still throws me off. Although dionaea is started with -u tpot / -g tpot some files are still created with root ownership:
-rw-r--r-- 1 root root 0 Jun 1 22:10 dionaea-errors.log
-rw-r--r-- 1 root root 0 Jun 1 22:10 dionaea.json
-rw-r--r-- 1 root root 0 Jun 1 22:10 dionaea.log
-rw-r--r-- 1 root root 117760 Jun 1 22:10 dionaea.sqlite
Resulting in some strange behavior (logging not working 100%) and the following error message upon start:
01062016 22:12:43] python module.c:320: start dionaea.ihandlers 0xaeda20 0x7f04eebcce08
[01062016 22:12:43] ihandlers dionaea/ihandlers.py:57: START THE IHANDLERS
[01062016 22:12:43] python module.c:1036: PermissionError at PermissionError(13, 'Permission denied')
[01062016 22:12:43] python module.c:1061: /opt/dionaea/lib/dionaea/python/dionaea/log_json.py:41 in __init__
[01062016 22:12:43] python module.c:1062: self.fp = open(url.path, "a")
[01062016 22:12:43] python module.c:1061: /opt/dionaea/lib/dionaea/python/dionaea/log_json.py:103 in __init__
[01062016 22:12:43] python module.c:1062: self.handlers.append(h(url=handler))
[01062016 22:12:43] python module.c:1061: /opt/dionaea/lib/dionaea/python/dionaea/log_json.py:79 in start
[01062016 22:12:43] python module.c:1062: handler = LogJsonHandler("*", config=config)
[01062016 22:12:43] python module.c:1061: /opt/dionaea/lib/dionaea/python/dionaea/ihandlers.py:66 in start
[01062016 22:12:43] python module.c:1062: handlers = h.start(config=ihandler_config.get("config", {}))
[01062016 22:12:43] modules modules.c:203: start module 0x6b63f0
[01062016 22:12:43] modules modules.c:203: start module 0x6b2d60
[01062016 22:12:43] modules modules.c:203: start module 0x6b7f90
[01062016 22:12:43] dionaea dionaea.c:773: Installing signal handlers
[01062016 22:12:43] dionaea dionaea.c:810: Creating 4 threads in pool
[01062016 22:13:53] log signals.c:49: sigint_cb loop 0x7f04f87ae900 w 0xc81d20 revents 1024
[01062016 22:13:53] modules modules.c:229: free module /opt/dionaea/lib/dionaea/curl.so 0x6b2fb0 fn 0x7f04f60e5ad1
[01062016 22:13:53] modules modules.c:229: free module /opt/dionaea/lib/dionaea/python.so 0x6b49b0 fn 0x7f04f194ba80
[01062016 22:13:53] python module.c:289: stop dionaea.log 0x8376f0 0x7f04efbac278
[01062016 22:13:53] python module.c:289: stop dionaea.services 0x7e55b0 0x7f04efbac3b8
@phibos Any idea?
The log files(dionaea.log and dionaea-errors.log) are created before dionaea drops privileges. But the log_json ihandler tries to access the dionaea.json file after the privileges have been dropped.
If dionaea.json
is still empty, you can delete the file and restart dionaea. The file should be recreated during the restart.
For more information have a look at #39 and #40
When trying to start dionaea 0.4.0 with
/opt/dionaea/bin/dionaea -u tpot -g tpot -c /opt/dionaea/etc/dionaea/dionaea.cfg -p /data/dionaea/dionaea.pid
results in the following error (previous version worked flawlessly, also running 0.4.0 without -u / -g switches works fine):