icepaule
commented
6 months ago Can confirm that this bug also effects new installation on 22.04.3 as well. Fortunatly I can also confirm that calling "pip install yara-python==4.2.0" prior the ./install.sh fixes the issue.
Thx @geeksailor for the hint.
Issue description I have been trying to install Cuckoo3 following the instructions on this site since last week but keep hitting a wall with an error output having to do with the processing abstract importing Yara having an issue with yara.cpython-38-x86_64-linux-gnu.so. I have attached my log file with specific error outputs related to this issue. yara-python_bug.txt
Troubleshooting methods Tried various forms of troubleshooting by Googling for answers (and found nothing related to this issue). Went through the code of various packages and scripts related to Cuckoo3 and its dependencies to see how they operate, how it installs, and the files it drops. Tried uninstalling and reinstalling of various packages (mostly having to do with Yara).
Solution On a whim, I decided to try a downgrade reinstall of yara-python in pip. After the downgrade I ran
cuckoo -dvagain to see if it would error out again but did not run into the error. Temporary Solution: For those using Yara with Cuckoo3, runpip install yara-python==4.2.0. This should allow you to be able to start up Cuckoo3 with it. Permanent Solution: An upgrade to Cuckoo3 will eventually need to be made to allow Cuckoo3 to read and use Yara and the .so it depends on.Expected behavior See log fill attached for expected behavior
My System Specs Ubuntu 20.04 (VM on VMWare Workstation 17), 60GB HDD, 4GB Memory, 2 cores Cuckoo 3.0.1 Python 3.8.10 Yara-Python 4.2.0 (downgraded from most current version 4.3.1 for issue)