search

aker-gateway / Aker

SSH bastion/jump host/jumpserver
Other
567 stars 81 forks source link

AttributeError: 'NoneType' object has no attribute 'write' #34

Closed Ramshield closed 7 years ago

Ramshield commented 7 years ago 
# su test
WARNING:root:There was an error loading ipalib, falling back to JSON

Traceback (most recent call last):
  File "/bin/aker/aker.py", line 149, in <module>
    Aker().build_tui()
  File "/bin/aker/aker.py", line 121, in build_tui
    self.tui.start()
  File "/usr/bin/aker/tui.py", line 144, in start
    self.loop.run()
  File "/usr/lib64/python2.7/site-packages/urwid/main_loop.py", line 271, in run
    self.screen.run_wrapper(self._run)
  File "/usr/lib64/python2.7/site-packages/urwid/raw_display.py", line 241, in run_wrapper
    return fn()
  File "/usr/lib64/python2.7/site-packages/urwid/main_loop.py", line 336, in _run
    self.event_loop.run()
  File "/usr/lib64/python2.7/site-packages/urwid/main_loop.py", line 707, in run
    self._loop()
  File "/usr/lib64/python2.7/site-packages/urwid/main_loop.py", line 786, in _loop
    self._watch_files[fd]()
  File "/usr/lib64/python2.7/site-packages/urwid/main_loop.py", line 387, in _update
    self.process_input(keys)
  File "/usr/lib64/python2.7/site-packages/urwid/main_loop.py", line 487, in process_input
    k = self._topmost_widget.keypress(self.screen_size, k)
  File "/usr/lib64/python2.7/site-packages/urwid/container.py", line 1102, in keypress
    return self.body.keypress( (maxcol, remaining), key )
  File "/usr/lib64/python2.7/site-packages/urwid/container.py", line 1102, in keypress
    return self.body.keypress( (maxcol, remaining), key )
  File "/usr/lib64/python2.7/site-packages/urwid/listbox.py", line 986, in keypress
    key = focus_widget.keypress((maxcol,),key)
  File "/usr/bin/aker/tui.py", line 27, in keypress
    urwid.emit_signal(self, 'connect')
  File "/usr/lib64/python2.7/site-packages/urwid/signals.py", line 120, in emit
    result |= bool(callback(*args_copy))
  File "/usr/bin/aker/tui.py", line 59, in host_chosen
    self.aker.init_connection(choice)
  File "/bin/aker/aker.py", line 139, in init_connection
    session.stop_sniffer()
  File "/usr/bin/aker/session.py", line 36, in stop_sniffer
    self._client.stop_sniffer()
  File "/usr/bin/aker/SSHClient.py", line 36, in stop_sniffer
    sniffer.stop()
  File "/usr/bin/aker/snoop.py", line 159, in stop
    self.log_file.write('Session End %s' % session_end)
AttributeError: 'NoneType' object has no attribute 'write'

This happens when selecting a host and press enter. Same issue occurs when I login as the user. Any idea?

uname -r 3.10.0-327.4.4.el7.centos.plus.x86_64 python -V Python 2.7.5

Ramshield commented 7 years ago

Well, found what caused it:

2017-04-21 14:45:50,165 - INFO - Core: Finished session UUID e5674e70-b9c1-4b9c-9b1d-e1c80888a93c for user jim to host 94.228.216.5

Any idea on how to fix this?

anazmy commented 7 years ago

looks like setting session logs had a problem , can you setup debug logging in /etc/aker.ini and retry .

also , whats output of ls -al /var/log/aker/ ?

Ramshield commented 7 years ago

As stated in aker.py, I set it to chmod 777:

ls -al /var/log/aker/ total 32 drwxr-xr-x 2 root root 4096 Apr 21 12:37 . drwxr-xr-x 8 root root 4096 Apr 21 12:37 .. -rwxrwxrwx 1 root root 17083 Apr 21 15:43 aker.log

How do I enable debug mode?

anazmy commented 7 years ago

If I read this correctly : drwxr-xr-x 2 root root 4096 Apr 21 12:37 . It looks the standard 755

try again after chmod 777 /var/log/aker

as for debug mode , just edit /etc/aker.ini and set : log_level = DEBUG

Ramshield commented 7 years ago

Yep, that was the issue, the /var/log/aker permission.

Would be nice if you could report a bit more detail in the log, to find the exact cause a bit quicker. But thanks for the help, works pretty sweet so far!

EDIT: And add it to the manual. Found quite a few things that weren't as your tutorial, which took quite a bit more work. Like where to place the json file for example.

anazmy commented 7 years ago

Glad its working now . You're totally right , I need to update the docs and add more error handling/reporting .

I will do that soon .

anazmy commented 7 years ago

Can you please point to all steps that wasn't clear for you so I get them covered ?

Ramshield commented 7 years ago

Well first of all, it isn't documented at all that you should chmod 777 the /var/log/aker file. Second, the hosts.json file needs to be placed in /etc/ as well if you don't use FreeAPI.

Perhaps you can add some documentation on how to properly add hosts, and add extra user groups. I'm personally struggling with the last. I want 2 different groups in the hosts.json file but not sure on how to do that.

Third, specify the OS versions you tested, and for CentOS recommend CentOS 7 due to Python 2.7. CentOS 6 supports Python 2.7 but is a lot harder to setup, and I personally haven't even been able to.

Fourth, as a tip, to only enable users to use the aker.py script, you can add the following:

Add /bin/aker/aker.py to /etc/shells
echo "/bin/aker/aker.py" >> /etc/shells 
Change user shell to aker
chsh -s /bin/aker/aker.py username

Taken from: https://n0where.net/aker-ssh-gateway/

Last, I wasn't able to install the modules on CentOS 7.3.1611 with YUM at all. I used pip:

pip install configparser
pip install urwid
pip install paramiko
pip install wcwidth
pip install pyte

Tried this on 2 different CentOS installs (both clean installs, minimal) but didn't work. If you'd like, I'd be happy to help you rewrite the README file, to make it more user-friendly based on my personal experiences.

anazmy commented 7 years ago

Just redone the README file with the latest release , please take a look and let me know how it goes

Ramshield commented 7 years ago

Seems pretty good. Are you able to make a small how-to on how to enable reading of log files in Kibana? I've been able to setup Kibana, but for some reason having some trouble reading your logs, adding the Index pattern and such...: https://puu.sh/vKyFO/0097ac2c0f.png (I left out username and IP for safety reasons).

anazmy commented 7 years ago

judging by the screenshot I think you didn't use provided filebeat/logstash setup.

Can you please use this playbook : https://github.com/aker-gateway/aker-elk-playbook

It sets up kibana dashboards which should be fairly usable IMHO, it also sets theconnection from client (aker) to elasticsearch.

Please give it a try and open a new issue in case you got a problem .

Ramshield commented 7 years ago

Fixed it by using filebeat. Took my quite a bit to figure out. Thanks, closed.