search

cossacklabs / acra

Database security suite. Database proxy with field-level encryption, search through encrypted data, SQL injections prevention, intrusion detection, honeypots. Supports client-side and proxy-side ("transparent") encryption. SQL, NoSQL.
https://www.cossacklabs.com/acra/
Apache License 2.0
1.34k stars 128 forks source link

Question about Searchable Encryption #538

Closed soluzioninformatiche closed 2 years ago

soluzioninformatiche commented 2 years ago

Hi,

I am looking for a tutorial that's gonna make me test your searchable encryption part of software but the one in the examples is empty and "coming soon".

I have read the provided guide anyway and I cannot find the "encryptor_config_file" in the acra engineering demo. How I do?

Cheers.

vixentael commented 2 years ago

Hi @soluzioninformatiche

searchable encryption only recently became publicly available in Acra CE.

There is no ready-to-use one line example yet. Right now we are working on 0.93 release with type awareness. Open source example with searchable encryption will be added eventually.

Searchable encryption works with examples that transparent encryption – when encryption and decryption happens on AcraServer side.

Here are the docs that explain how searchable encryption works: https://docs.cossacklabs.com/acra/security-controls/searchable-encryption/

Here is a flag in encryption config that enables searchable encryption for a column: https://docs.cossacklabs.com/acra/configuring-maintaining/general-configuration/acra-server/encryptor-config/#searchable

I suggest you taking one of the transparent encryption examples, like this one with Django and PostgreSQL https://github.com/cossacklabs/acra-engineering-demo/#example-1-transparent-encryption-django-postgresql

And edit its encryptor_config file to make "author" field searchable: https://github.com/cossacklabs/acra-engineering-demo/blob/master/django-transparent/acra-server-configs/encryptor_config.yaml#L19

...
  encrypted:
  - column: "author"
    searchable: true
...

and then run SELECT queries for author.

soluzioninformatiche commented 2 years ago

Hi @vixentael,

Thanks for the reply,

I have set up the environment with the example 1 but it does not work and spams in the console this:

django-transparent-acra-server-1 exited with code 0 django-transparent-acra-server-1 exited with code 0 django-transparent-acra-server-1 exited with code 1 django-transparent-acra-server-1 exited with code 1 django-transparent-acra-server-1 exited with code 1 django-transparent-acra-server-1 exited with code 1 django-transparent-acra-server-1 exited with code 1 django-transparent-acra-server-1 exited with code 1 django-transparent-acra-server-1 exited with code 1 django-transparent-acra-server-1 exited with code 1 django-transparent-acra-server-1 exited with code 1 django-transparent-acra-server-1 exited with code 1 django-transparent-acra-server-1 exited with code 1 django-transparent-acra-server-1 exited with code 1 django-transparent-acra-server-1 exited with code 1

How I do fix that?

Thanks, Cheers.

soluzioninformatiche commented 2 years ago

Here I post the docker's log console file:

time="2022-05-16T16:16:58Z" level=info msg="Starting service acra-server [pid=1]" version=0.92.0

time="2022-05-16T16:16:58Z" level=info msg="Validating service configuration..."

time="2022-05-16T16:16:58Z" level=info msg="Load encryptor configuration from /configs/encryptor_config.yaml ..."

time="2022-05-16T16:16:58Z" level=info msg="Encryptor configuration loaded"

time="2022-05-16T16:16:58Z" level=info msg="Initializing ACRA_MASTER_KEY loader..."

time="2022-05-16T16:16:58Z" level=info msg="Initialized default env ACRA_MASTER_KEY loader"

time="2022-05-16T16:16:58Z" level=info msg="Initialising keystore..."

time="2022-05-16T16:16:58Z" level=error msg="Keystore folder has an incorrect permissions -rwxr-xr-x, expected: -rwx------"

time="2022-05-16T16:16:58Z" level=error msg="Can't init keystore" error="keystore folder has an incorrect permissions"

time="2022-05-16T16:16:58Z" level=error msg="Can't open keyStore" error="keystore folder has an incorrect permissions"

time="2022-05-16T16:17:01Z" level=info msg="Starting service acra-server [pid=1]" version=0.92.0

time="2022-05-16T16:17:01Z" level=info msg="Validating service configuration..."

time="2022-05-16T16:17:01Z" level=info msg="Load encryptor configuration from /configs/encryptor_config.yaml ..."

time="2022-05-16T16:17:01Z" level=info msg="Encryptor configuration loaded"

time="2022-05-16T16:17:01Z" level=info msg="Initializing ACRA_MASTER_KEY loader..."

time="2022-05-16T16:17:01Z" level=info msg="Initialized default env ACRA_MASTER_KEY loader"

time="2022-05-16T16:17:01Z" level=info msg="Initialising keystore..."

time="2022-05-16T16:17:01Z" level=error msg="Keystore folder has an incorrect permissions -rwxr-xr-x, expected: -rwx------"

time="2022-05-16T16:17:01Z" level=error msg="Can't init keystore" error="keystore folder has an incorrect permissions"

time="2022-05-16T16:17:01Z" level=error msg="Can't open keyStore" error="keystore folder has an incorrect permissions"

time="2022-05-16T16:17:03Z" level=info msg="Starting service acra-server [pid=1]" version=0.92.0

time="2022-05-16T16:17:03Z" level=info msg="Validating service configuration..."

time="2022-05-16T16:17:03Z" level=info msg="Load encryptor configuration from /configs/encryptor_config.yaml ..."

time="2022-05-16T16:17:03Z" level=info msg="Encryptor configuration loaded"

time="2022-05-16T16:17:03Z" level=info msg="Initializing ACRA_MASTER_KEY loader..."

time="2022-05-16T16:17:03Z" level=info msg="Initialized default env ACRA_MASTER_KEY loader"

time="2022-05-16T16:17:03Z" level=info msg="Initialising keystore..."

time="2022-05-16T16:17:03Z" level=error msg="Keystore folder has an incorrect permissions -rwxr-xr-x, expected: -rwx------"

time="2022-05-16T16:17:03Z" level=error msg="Can't init keystore" error="keystore folder has an incorrect permissions"

time="2022-05-16T16:17:03Z" level=error msg="Can't open keyStore" error="keystore folder has an incorrect permissions"

time="2022-05-16T16:17:05Z" level=info msg="Starting service acra-server [pid=1]" version=0.92.0

time="2022-05-16T16:17:05Z" level=info msg="Validating service configuration..."

time="2022-05-16T16:17:05Z" level=info msg="Load encryptor configuration from /configs/encryptor_config.yaml ..."

time="2022-05-16T16:17:05Z" level=info msg="Encryptor configuration loaded"

time="2022-05-16T16:17:05Z" level=info msg="Initializing ACRA_MASTER_KEY loader..."

time="2022-05-16T16:17:05Z" level=info msg="Initialized default env ACRA_MASTER_KEY loader"

time="2022-05-16T16:17:05Z" level=info msg="Initialising keystore..."

time="2022-05-16T16:17:05Z" level=error msg="Keystore folder has an incorrect permissions -rwxr-xr-x, expected: -rwx------"

time="2022-05-16T16:17:05Z" level=error msg="Can't init keystore" error="keystore folder has an incorrect permissions"

time="2022-05-16T16:17:05Z" level=error msg="Can't open keyStore" error="keystore folder has an incorrect permissions"

time="2022-05-16T16:17:07Z" level=info msg="Starting service acra-server [pid=1]" version=0.92.0

time="2022-05-16T16:17:07Z" level=info msg="Validating service configuration..."

time="2022-05-16T16:17:07Z" level=info msg="Load encryptor configuration from /configs/encryptor_config.yaml ..."

time="2022-05-16T16:17:07Z" level=info msg="Encryptor configuration loaded"

time="2022-05-16T16:17:07Z" level=info msg="Initializing ACRA_MASTER_KEY loader..."

time="2022-05-16T16:17:07Z" level=info msg="Initialized default env ACRA_MASTER_KEY loader"

time="2022-05-16T16:17:07Z" level=info msg="Initialising keystore..."

time="2022-05-16T16:17:07Z" level=error msg="Keystore folder has an incorrect permissions -rwxr-xr-x, expected: -rwx------"

time="2022-05-16T16:17:07Z" level=error msg="Can't init keystore" error="keystore folder has an incorrect permissions"

time="2022-05-16T16:17:07Z" level=error msg="Can't open keyStore" error="keystore folder has an incorrect permissions"

time="2022-05-16T16:17:10Z" level=info msg="Starting service acra-server [pid=1]" version=0.92.0

time="2022-05-16T16:17:10Z" level=info msg="Validating service configuration..."

time="2022-05-16T16:17:10Z" level=info msg="Load encryptor configuration from /configs/encryptor_config.yaml ..."

time="2022-05-16T16:17:10Z" level=info msg="Encryptor configuration loaded"

time="2022-05-16T16:17:10Z" level=info msg="Initializing ACRA_MASTER_KEY loader..."

time="2022-05-16T16:17:10Z" level=info msg="Initialized default env ACRA_MASTER_KEY loader"

time="2022-05-16T16:17:10Z" level=info msg="Initialising keystore..."

time="2022-05-16T16:17:10Z" level=error msg="Keystore folder has an incorrect permissions -rwxr-xr-x, expected: -rwx------"

time="2022-05-16T16:17:10Z" level=error msg="Can't init keystore" error="keystore folder has an incorrect permissions"

time="2022-05-16T16:17:10Z" level=error msg="Can't open keyStore" error="keystore folder has an incorrect permissions"

time="2022-05-16T16:17:13Z" level=info msg="Starting service acra-server [pid=1]" version=0.92.0

time="2022-05-16T16:17:13Z" level=info msg="Validating service configuration..."

time="2022-05-16T16:17:13Z" level=info msg="Load encryptor configuration from /configs/encryptor_config.yaml ..."

time="2022-05-16T16:17:13Z" level=info msg="Encryptor configuration loaded"

time="2022-05-16T16:17:13Z" level=info msg="Initializing ACRA_MASTER_KEY loader..."

time="2022-05-16T16:17:13Z" level=info msg="Initialized default env ACRA_MASTER_KEY loader"

time="2022-05-16T16:17:13Z" level=info msg="Initialising keystore..."

time="2022-05-16T16:17:13Z" level=error msg="Keystore folder has an incorrect permissions -rwxr-xr-x, expected: -rwx------"

time="2022-05-16T16:17:13Z" level=error msg="Can't init keystore" error="keystore folder has an incorrect permissions"

time="2022-05-16T16:17:13Z" level=error msg="Can't open keyStore" error="keystore folder has an incorrect permissions"

time="2022-05-16T16:17:21Z" level=info msg="Starting service acra-server [pid=1]" version=0.92.0

time="2022-05-16T16:17:21Z" level=info msg="Validating service configuration..."

time="2022-05-16T16:17:21Z" level=info msg="Load encryptor configuration from /configs/encryptor_config.yaml ..."

time="2022-05-16T16:17:21Z" level=info msg="Encryptor configuration loaded"

time="2022-05-16T16:17:21Z" level=info msg="Initializing ACRA_MASTER_KEY loader..."

time="2022-05-16T16:17:21Z" level=info msg="Initialized default env ACRA_MASTER_KEY loader"

time="2022-05-16T16:17:21Z" level=info msg="Initialising keystore..."

time="2022-05-16T16:17:21Z" level=error msg="Keystore folder has an incorrect permissions -rwxr-xr-x, expected: -rwx------"

time="2022-05-16T16:17:21Z" level=error msg="Can't init keystore" error="keystore folder has an incorrect permissions"

time="2022-05-16T16:17:21Z" level=error msg="Can't open keyStore" error="keystore folder has an incorrect permissions"

time="2022-05-16T16:17:34Z" level=info msg="Starting service acra-server [pid=1]" version=0.92.0

time="2022-05-16T16:17:34Z" level=info msg="Validating service configuration..."

time="2022-05-16T16:17:34Z" level=info msg="Load encryptor configuration from /configs/encryptor_config.yaml ..."

time="2022-05-16T16:17:34Z" level=info msg="Encryptor configuration loaded"

time="2022-05-16T16:17:34Z" level=info msg="Initializing ACRA_MASTER_KEY loader..."

time="2022-05-16T16:17:34Z" level=info msg="Initialized default env ACRA_MASTER_KEY loader"

time="2022-05-16T16:17:34Z" level=info msg="Initialising keystore..."

time="2022-05-16T16:17:34Z" level=error msg="Keystore folder has an incorrect permissions -rwxr-xr-x, expected: -rwx------"

time="2022-05-16T16:17:34Z" level=error msg="Can't init keystore" error="keystore folder has an incorrect permissions"

time="2022-05-16T16:17:34Z" level=error msg="Can't open keyStore" error="keystore folder has an incorrect permissions"

time="2022-05-16T16:18:01Z" level=info msg="Starting service acra-server [pid=1]" version=0.92.0

time="2022-05-16T16:18:01Z" level=info msg="Validating service configuration..."

time="2022-05-16T16:18:01Z" level=info msg="Load encryptor configuration from /configs/encryptor_config.yaml ..."

time="2022-05-16T16:18:01Z" level=info msg="Encryptor configuration loaded"

time="2022-05-16T16:18:01Z" level=info msg="Initializing ACRA_MASTER_KEY loader..."

time="2022-05-16T16:18:01Z" level=info msg="Initialized default env ACRA_MASTER_KEY loader"

time="2022-05-16T16:18:01Z" level=info msg="Initialising keystore..."

time="2022-05-16T16:18:01Z" level=error msg="Keystore folder has an incorrect permissions -rwxr-xr-x, expected: -rwx------"

time="2022-05-16T16:18:01Z" level=error msg="Can't init keystore" error="keystore folder has an incorrect permissions"

time="2022-05-16T16:18:01Z" level=error msg="Can't open keyStore" error="keystore folder has an incorrect permissions"

time="2022-05-16T16:18:53Z" level=info msg="Starting service acra-server [pid=1]" version=0.92.0

time="2022-05-16T16:18:53Z" level=info msg="Validating service configuration..."

time="2022-05-16T16:18:53Z" level=info msg="Load encryptor configuration from /configs/encryptor_config.yaml ..."

time="2022-05-16T16:18:53Z" level=info msg="Encryptor configuration loaded"

time="2022-05-16T16:18:53Z" level=info msg="Initializing ACRA_MASTER_KEY loader..."

time="2022-05-16T16:18:53Z" level=info msg="Initialized default env ACRA_MASTER_KEY loader"

time="2022-05-16T16:18:53Z" level=info msg="Initialising keystore..."

time="2022-05-16T16:18:53Z" level=error msg="Keystore folder has an incorrect permissions -rwxr-xr-x, expected: -rwx------"

time="2022-05-16T16:18:53Z" level=error msg="Can't init keystore" error="keystore folder has an incorrect permissions"

time="2022-05-16T16:18:53Z" level=error msg="Can't open keyStore" error="keystore folder has an incorrect permissions"

time="2022-05-16T16:19:53Z" level=info msg="Starting service acra-server [pid=1]" version=0.92.0

time="2022-05-16T16:19:53Z" level=info msg="Validating service configuration..."

time="2022-05-16T16:19:53Z" level=info msg="Load encryptor configuration from /configs/encryptor_config.yaml ..."

time="2022-05-16T16:19:53Z" level=info msg="Encryptor configuration loaded"

time="2022-05-16T16:19:53Z" level=info msg="Initializing ACRA_MASTER_KEY loader..."

time="2022-05-16T16:19:53Z" level=info msg="Initialized default env ACRA_MASTER_KEY loader"

time="2022-05-16T16:19:53Z" level=info msg="Initialising keystore..."

time="2022-05-16T16:19:53Z" level=error msg="Keystore folder has an incorrect permissions -rwxr-xr-x, expected: -rwx------"

time="2022-05-16T16:19:53Z" level=error msg="Can't init keystore" error="keystore folder has an incorrect permissions"

time="2022-05-16T16:19:53Z" level=error msg="Can't open keyStore" error="keystore folder has an incorrect permissions"

time="2022-05-16T16:20:54Z" level=info msg="Starting service acra-server [pid=1]" version=0.92.0

time="2022-05-16T16:20:54Z" level=info msg="Validating service configuration..."

time="2022-05-16T16:20:54Z" level=info msg="Load encryptor configuration from /configs/encryptor_config.yaml ..."

time="2022-05-16T16:20:54Z" level=info msg="Encryptor configuration loaded"

time="2022-05-16T16:20:54Z" level=info msg="Initializing ACRA_MASTER_KEY loader..."

time="2022-05-16T16:20:54Z" level=info msg="Initialized default env ACRA_MASTER_KEY loader"

time="2022-05-16T16:20:54Z" level=info msg="Initialising keystore..."

time="2022-05-16T16:20:54Z" level=error msg="Keystore folder has an incorrect permissions -rwxr-xr-x, expected: -rwx------"

time="2022-05-16T16:20:54Z" level=error msg="Can't init keystore" error="keystore folder has an incorrect permissions"

time="2022-05-16T16:20:54Z" level=error msg="Can't open keyStore" error="keystore folder has an incorrect permissions"

time="2022-05-16T16:21:55Z" level=info msg="Starting service acra-server [pid=1]" version=0.92.0

time="2022-05-16T16:21:55Z" level=info msg="Validating service configuration..."

time="2022-05-16T16:21:55Z" level=info msg="Load encryptor configuration from /configs/encryptor_config.yaml ..."

time="2022-05-16T16:21:55Z" level=info msg="Encryptor configuration loaded"

time="2022-05-16T16:21:55Z" level=info msg="Initializing ACRA_MASTER_KEY loader..."

time="2022-05-16T16:21:55Z" level=info msg="Initialized default env ACRA_MASTER_KEY loader"

time="2022-05-16T16:21:55Z" level=info msg="Initialising keystore..."

time="2022-05-16T16:21:55Z" level=error msg="Keystore folder has an incorrect permissions -rwxr-xr-x, expected: -rwx------"

time="2022-05-16T16:21:55Z" level=error msg="Can't init keystore" error="keystore folder has an incorrect permissions"

time="2022-05-16T16:21:55Z" level=error msg="Can't open keyStore" error="keystore folder has an incorrect permissions"

time="2022-05-16T16:22:55Z" level=info msg="Starting service acra-server [pid=1]" version=0.92.0

time="2022-05-16T16:22:55Z" level=info msg="Validating service configuration..."

time="2022-05-16T16:22:55Z" level=info msg="Load encryptor configuration from /configs/encryptor_config.yaml ..."

time="2022-05-16T16:22:55Z" level=info msg="Encryptor configuration loaded"

time="2022-05-16T16:22:55Z" level=info msg="Initializing ACRA_MASTER_KEY loader..."

time="2022-05-16T16:22:55Z" level=info msg="Initialized default env ACRA_MASTER_KEY loader"

time="2022-05-16T16:22:55Z" level=info msg="Initialising keystore..."

time="2022-05-16T16:22:55Z" level=error msg="Keystore folder has an incorrect permissions -rwxr-xr-x, expected: -rwx------"

time="2022-05-16T16:22:55Z" level=error msg="Can't init keystore" error="keystore folder has an incorrect permissions"

time="2022-05-16T16:22:55Z" level=error msg="Can't open keyStore" error="keystore folder has an incorrect permissions"

time="2022-05-16T16:23:56Z" level=info msg="Starting service acra-server [pid=1]" version=0.92.0

time="2022-05-16T16:23:56Z" level=info msg="Validating service configuration..."

time="2022-05-16T16:23:56Z" level=info msg="Load encryptor configuration from /configs/encryptor_config.yaml ..."

time="2022-05-16T16:23:56Z" level=info msg="Encryptor configuration loaded"

time="2022-05-16T16:23:56Z" level=info msg="Initializing ACRA_MASTER_KEY loader..."

time="2022-05-16T16:23:56Z" level=info msg="Initialized default env ACRA_MASTER_KEY loader"

time="2022-05-16T16:23:56Z" level=info msg="Initialising keystore..."

time="2022-05-16T16:23:56Z" level=error msg="Keystore folder has an incorrect permissions -rwxr-xr-x, expected: -rwx------"

time="2022-05-16T16:23:56Z" level=error msg="Can't init keystore" error="keystore folder has an incorrect permissions"

time="2022-05-16T16:23:56Z" level=error msg="Can't open keyStore" error="keystore folder has an incorrect permissions"

time="2022-05-16T16:24:57Z" level=info msg="Starting service acra-server [pid=1]" version=0.92.0

time="2022-05-16T16:24:57Z" level=info msg="Validating service configuration..."

time="2022-05-16T16:24:57Z" level=info msg="Load encryptor configuration from /configs/encryptor_config.yaml ..."

time="2022-05-16T16:24:57Z" level=info msg="Encryptor configuration loaded"

time="2022-05-16T16:24:57Z" level=info msg="Initializing ACRA_MASTER_KEY loader..."

time="2022-05-16T16:24:57Z" level=info msg="Initialized default env ACRA_MASTER_KEY loader"

time="2022-05-16T16:24:57Z" level=info msg="Initialising keystore..."

time="2022-05-16T16:24:57Z" level=error msg="Keystore folder has an incorrect permissions -rwxr-xr-x, expected: -rwx------"

time="2022-05-16T16:24:57Z" level=error msg="Can't init keystore" error="keystore folder has an incorrect permissions"

time="2022-05-16T16:24:57Z" level=error msg="Can't open keyStore" error="keystore folder has an incorrect permissions"

time="2022-05-16T16:25:58Z" level=info msg="Starting service acra-server [pid=1]" version=0.92.0

time="2022-05-16T16:25:58Z" level=info msg="Validating service configuration..."

time="2022-05-16T16:25:58Z" level=info msg="Load encryptor configuration from /configs/encryptor_config.yaml ..."

time="2022-05-16T16:25:58Z" level=info msg="Encryptor configuration loaded"

time="2022-05-16T16:25:58Z" level=info msg="Initializing ACRA_MASTER_KEY loader..."

time="2022-05-16T16:25:58Z" level=info msg="Initialized default env ACRA_MASTER_KEY loader"

time="2022-05-16T16:25:58Z" level=info msg="Initialising keystore..."

time="2022-05-16T16:25:58Z" level=error msg="Keystore folder has an incorrect permissions -rwxr-xr-x, expected: -rwx------"

time="2022-05-16T16:25:58Z" level=error msg="Can't init keystore" error="keystore folder has an incorrect permissions"

time="2022-05-16T16:25:58Z" level=error msg="Can't open keyStore" error="keystore folder has an incorrect permissions"

time="2022-05-16T16:26:59Z" level=info msg="Starting service acra-server [pid=1]" version=0.92.0

time="2022-05-16T16:26:59Z" level=info msg="Validating service configuration..."

time="2022-05-16T16:26:59Z" level=info msg="Load encryptor configuration from /configs/encryptor_config.yaml ..."

time="2022-05-16T16:26:59Z" level=info msg="Encryptor configuration loaded"

time="2022-05-16T16:26:59Z" level=info msg="Initializing ACRA_MASTER_KEY loader..."

time="2022-05-16T16:26:59Z" level=info msg="Initialized default env ACRA_MASTER_KEY loader"

time="2022-05-16T16:26:59Z" level=info msg="Initialising keystore..."

time="2022-05-16T16:26:59Z" level=error msg="Keystore folder has an incorrect permissions -rwxr-xr-x, expected: -rwx------"

time="2022-05-16T16:26:59Z" level=error msg="Can't init keystore" error="keystore folder has an incorrect permissions"

time="2022-05-16T16:26:59Z" level=error msg="Can't open keyStore" error="keystore folder has an incorrect permissions"

time="2022-05-16T16:27:59Z" level=info msg="Starting service acra-server [pid=1]" version=0.92.0

time="2022-05-16T16:27:59Z" level=info msg="Validating service configuration..."

time="2022-05-16T16:27:59Z" level=info msg="Load encryptor configuration from /configs/encryptor_config.yaml ..."

time="2022-05-16T16:27:59Z" level=info msg="Encryptor configuration loaded"

time="2022-05-16T16:27:59Z" level=info msg="Initializing ACRA_MASTER_KEY loader..."

time="2022-05-16T16:27:59Z" level=info msg="Initialized default env ACRA_MASTER_KEY loader"

time="2022-05-16T16:27:59Z" level=info msg="Initialising keystore..."

time="2022-05-16T16:27:59Z" level=error msg="Keystore folder has an incorrect permissions -rwxr-xr-x, expected: -rwx------"

time="2022-05-16T16:27:59Z" level=error msg="Can't init keystore" error="keystore folder has an incorrect permissions"

time="2022-05-16T16:27:59Z" level=error msg="Can't open keyStore" error="keystore folder has an incorrect permissions"

Lagovas commented 2 years ago 
time="2022-05-16T16:27:59Z" level=error msg="Keystore folder has an incorrect permissions -rwxr-xr-x, expected: -rwx------"

time="2022-05-16T16:27:59Z" level=error msg="Can't init keystore" error="keystore folder has an incorrect permissions"

imho, it is good enough explanation what went wrong ) run chmod -R 0600 <keystore folder> where <keystore folder> is path to folder specified in config file or via CLI as --keys_dir

soluzioninformatiche commented 2 years ago

Since it's all in a docker container how I do have access to that folder?

Lagovas commented 2 years ago

It's in local .acrakeys folder. This is docker-compose file that you trying. And there is local .acrakeys folder mounts to docker container. So if you run with run.sh django-transparent then probably after that script changed you current directory to new temporary folder in /tmp and there is should exists .acrakeys. Try ls -a to find hidden folder. And change permissions: chmod -R 0600 .acrakeys/. Probably you will need sudo: sudo chmod -R 0600 .acrakeys/ because in the container all commands running as sudo and owner of that folder will be root.

soluzioninformatiche commented 2 years ago

Neither now it's working :c

django-transparent-postgresql-1 | django-transparent-postgresql-1 | 2022-05-24 11:14:37.786 UTC [1] LOG: starting PostgreSQL 13.7 (Debian 13.7-1.pgdg110+1) on x86_64-pc-linux-gnu, compiled by gcc (Debian 10.2.1-6) 10.2.1 20210110, 64-bit django-transparent-postgresql-1 | 2022-05-24 11:14:37.825 UTC [1] LOG: listening on IPv4 address "0.0.0.0", port 5432 django-transparent-postgresql-1 | 2022-05-24 11:14:37.825 UTC [1] LOG: listening on IPv6 address "::", port 5432 django-transparent-postgresql-1 | 2022-05-24 11:14:37.832 UTC [1] LOG: listening on Unix socket "/var/run/postgresql/.s.PGSQL.5432" django-transparent-postgresql-1 | 2022-05-24 11:14:37.841 UTC [86] LOG: database system was shut down at 2022-05-24 11:14:37 UTC django-transparent-postgresql-1 | 2022-05-24 11:14:37.847 UTC [1] LOG: database system is ready to accept connections django-transparent-acra-server-1 | time="2022-05-24T11:14:37Z" level=info msg="Starting service acra-server [pid=1]" version=0.92.0 django-transparent-acra-server-1 | time="2022-05-24T11:14:37Z" level=info msg="Validating service configuration..." django-transparent-acra-server-1 | time="2022-05-24T11:14:37Z" level=info msg="Load encryptor configuration from /configs/encryptor_config.yaml ..." django-transparent-acra-server-1 | time="2022-05-24T11:14:37Z" level=info msg="Encryptor configuration loaded" django-transparent-acra-server-1 | time="2022-05-24T11:14:37Z" level=info msg="Initializing ACRA_MASTER_KEY loader..." django-transparent-acra-server-1 | time="2022-05-24T11:14:37Z" level=info msg="Initialized default env ACRA_MASTER_KEY loader" django-transparent-acra-server-1 | time="2022-05-24T11:14:37Z" level=info msg="Initialising keystore..." django-transparent-acra-server-1 | time="2022-05-24T11:14:37Z" level=error msg="Keystore folder has an incorrect permissions -rw-------, expected: -rwx------" django-transparent-acra-server-1 | time="2022-05-24T11:14:37Z" level=error msg="Can't init keystore" error="keystore folder has an incorrect permissions" django-transparent-acra-server-1 | time="2022-05-24T11:14:37Z" level=error msg="Can't open keyStore" error="keystore folder has an incorrect permissions" django-transparent-postgresql-1 | 2022-05-24 11:14:38.459 UTC [93] FATAL: password authentication failed for user "root" django-transparent-postgresql-1 | 2022-05-24 11:14:38.459 UTC [93] DETAIL: Role "root" does not exist. django-transparent-postgresql-1 | Connection matched pg_hba.conf line 99: "host all all all md5"

vixentael commented 2 years ago

@soluzioninformatiche we are adding one liner searchable encryption example, please follow #548 and https://github.com/cossacklabs/acra-engineering-demo/pull/53

Lagovas commented 2 years ago

Neither now it's working :c

Sorry, I missed that it requires 0700 instead of 0600: Keystore folder has an incorrect permissions -rw-------, expected: -rwx------" It means that you should execute chmod -R u+rwx .acrakeys/.

Plus, I see the error FATAL: password authentication failed for user "root". I can guess that you tried to connect to the database directly. You can find credentials to the database in the same docker-compose file: https://github.com/cossacklabs/acra-engineering-demo/blob/master/django-transparent/docker-compose.django-transparent.yml#L40

There is a username postgres and password test.