search

MISP / x_old_misp_docker

MISP Docker (XME edition)
283 stars 166 forks source link

Does the random device need to be mapped? #12

Open alper opened 5 years ago

alper commented 5 years ago

I was trying to run this docker-compose on my Mac and everything worked fine except for one minor hiccup.

I had to comment out this line: - /dev/urandom:/dev/random

This makes gpg throw an error and everything seems to work fine without it. I'm very much a docker beginner so I could be mistaken but wouldn't it make sense for docker to provide a random device without having to explicitly map one from the host platform?

mavam commented 5 years ago

I'm encountering the same issue during docker-compose up:

misp_web | Creating admin GnuPG key
misp_web | Generating admin PGP key ... (please be patient, we need some entropy)
misp_web | gpg: Generating a basic OpenPGP key
misp_web | gpg: fatal: can't open /dev/random: Permission denied

Your fix did the trick for me, but I'm still getting an erroneous site:

Screen Shot 2019-03-17 at 14 23 43

Here's my log file:

Attaching to misp_db, misp_web
misp_web | Container started for the fist time. Setup might time a few minutes. Please wait...
misp_web | (Details are logged in /tmp/install.log)
misp_db | [Entrypoint] MySQL Docker Image 5.7.25-1.1.10
misp_web | Restoring MISP files...
misp_db | [Entrypoint] Initializing database
misp_db | [Entrypoint] Database initialized
misp_db | Warning: Unable to load '/usr/share/zoneinfo/iso3166.tab' as time zone. Skipping it.
misp_db | Warning: Unable to load '/usr/share/zoneinfo/leapseconds' as time zone. Skipping it.
misp_db | Warning: Unable to load '/usr/share/zoneinfo/tzdata.zi' as time zone. Skipping it.
misp_db | Warning: Unable to load '/usr/share/zoneinfo/zone.tab' as time zone. Skipping it.
misp_db | Warning: Unable to load '/usr/share/zoneinfo/zone1970.tab' as time zone. Skipping it.
misp_db |
misp_db | [Entrypoint] ignoring /docker-entrypoint-initdb.d/*
misp_db |
misp_db | [Entrypoint] Server shut down
misp_db |
misp_db | [Entrypoint] MySQL init process done. Ready for start up.
misp_db |
misp_db | [Entrypoint] Starting MySQL 5.7.25-1.1.10
misp_web | Configuring postfix
misp_web |
misp_web | Current default time zone: 'Etc/UTC'
misp_web | Local time is now:      Sun Mar 17 13:22:19 UTC 2019.
misp_web | Universal Time is now:  Sun Mar 17 13:22:19 UTC 2019.
misp_web |
misp_web | Creating MySQL database
misp_web | MYSQL_PASSWORD is set to 'misp'
misp_web | mysql: [Warning] Using a password on the command line interface can be insecure.
misp_web | Connected to database successfully!
misp_web | Database misp empty, creating tables ...
misp_web | Imported /var/www/MISP/INSTALL/MYSQL.sql successfully
misp_web | Creating MISP configuration files
misp_web | Fixing the MISP base URL (http:\/\/misp\.tenzir.com) ...
misp_web | Creating admin GnuPG key
misp_web | Generating admin PGP key ... (please be patient, we need some entropy)
misp_web | gpg: directory `/var/www/MISP/.gnupg' created
misp_web | gpg: new configuration file `/var/www/MISP/.gnupg/gpg.conf' created
misp_web | gpg: WARNING: options in `/var/www/MISP/.gnupg/gpg.conf' are not yet active during this run
misp_web | gpg: keyring `/var/www/MISP/.gnupg/secring.gpg' created
misp_web | gpg: keyring `/var/www/MISP/.gnupg/pubring.gpg' created
misp_web | gpg: Generating a basic OpenPGP key
misp_web | +++++
misp_web | .................+++++
misp_web | gpg: /var/www/MISP/.gnupg/trustdb.gpg: trustdb created
misp_web | gpg: key 1661E5F1 marked as ultimately trusted
misp_web | gpg: Done
misp_web | Congratulations!
misp_web | Your MISP docker has been successfully booted for the first time.
misp_web | Don't forget:
misp_web | - Reconfigure postfix to match your environment
misp_web | - Change the MISP admin email address to misp@tenzir.com
misp_web |
misp_web | Starting supervisord
misp_web | 2019-03-17 13:22:23,404 CRIT Supervisor running as root (no user in config file)
misp_web | 2019-03-17 13:22:23,410 INFO supervisord started with pid 1
misp_web | 2019-03-17 13:22:24,413 INFO spawned: 'master' with pid 46
misp_web | 2019-03-17 13:22:24,416 INFO spawned: 'redis-server' with pid 47
misp_web | 2019-03-17 13:22:24,417 INFO spawned: 'misp-modules' with pid 48
misp_web | 2019-03-17 13:22:24,419 INFO spawned: 'resque' with pid 49
misp_web | 2019-03-17 13:22:24,421 INFO spawned: 'apache2' with pid 50
misp_web | 2019-03-17 13:22:24,586 INFO success: master entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
misp_web | 2019-03-17 13:22:24,586 INFO success: misp-modules entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
misp_web | 2019-03-17 13:22:24,587 INFO success: resque entered RUNNING state, process has stayed up for > than 0 seconds (startsecs)
misp_web | 2019-03-17 13:22:24,766 INFO exited: master (exit status 0; expected)
misp_web | 2019-03-17 13:22:25,498 INFO success: redis-server entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp_web | 2019-03-17 13:22:25,498 INFO success: apache2 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp_web | 2019-03-17 13:22:25,586 INFO exited: misp-modules (exit status 0; expected)
misp_web | 2019-03-17 13:22:30,538 INFO exited: resque (exit status 0; expected)
alper commented 5 years ago

I would throw away the images and rebuild it with the other config, that's for one.

But getting this to work has been hugely unpredictable. I'm not sure whether the dependencies are pinned, but it seems that some weeks it doesn't work and then trying again the following week it works.