Permission Denied error - IOError: [Errn 13] Permission denied

[michaelkasede]

When I run cuckoo, I get the following error. I have checked all my configs and everything is alright. Please help with this issue. (Sorry this issue was reported but the solution is not working for me) OS: Ubuntu 16.04 Vbox: 5.2 Pip: version 9.0.3 Cuckoo: 2.0.6

eeee e e eeee e e eeeee eeeee 8 8 8 8 8 8 8 8 8 88 8 88 8e 8e 8 8e 8eee8e 8 8 8 8 88 88 8 88 88 8 8 8 8 8 88e8 88ee8 88e8 88 8 8eee8 8eee8

Cuckoo Sandbox 2.0.6 www.cuckoosandbox.org Copyright (c) 2010-2018

2018-11-26 14:39:47,016 [pip.utils] DEBUG: lzma module is not available 2018-11-26 14:39:47,017 [pip.vcs] DEBUG: Registered VCS backend: git 2018-11-26 14:39:47,039 [pip.vcs] DEBUG: Registered VCS backend: hg 2018-11-26 14:39:47,063 [pip.vcs] DEBUG: Registered VCS backend: svn 2018-11-26 14:39:47,063 [pip.vcs] DEBUG: Registered VCS backend: bzr Oops! Cuckoo failed in an unhandled exception! Sometimes bugs are already fixed in the development release, it is therefore recommended to retry with the latest development release available https://github.com/cuckoosandbox/cuckoo If the error persists please open a new issue at https://github.com/cuckoosandbox/cuckoo/issues

=== Exception details === Cuckoo version: 2.0.6 OS version: posix OS release: Ubuntu 16.04 xenial Python version: 2.7.12 Python implementation: CPython Machine arch: x86_64 Modules: adium-theme-ubuntu:0.3.4 alembic:0.8.8 androguard:3.0.1 asn1crypto:0.24.0 beautifulsoup4:4.5.3 capstone:3.0.5rc2 cffi:1.11.5 chardet:2.3.0 click:6.6 colorama:0.3.7 cryptography:2.4.2 cuckoo:2.0.6.2 distorm3:3.3.8 django-extensions:1.6.7 django:1.8.4 dpkt:1.8.7 ecdsa:0.13 egghatch:0.2.3 elasticsearch:5.3.0 enum34:1.1.6 flask-sqlalchemy:2.1 flask:0.12.2 functools32:3.2.3.post2 future:0.17.1 httpreplay:0.2.4 idna:2.7 ipaddress:1.0.22 itsdangerous:1.1.0 jinja2:2.9.6 jsbeautifier:1.6.2 jsonschema:2.6.0 m2crypto:0.24.0 mako:1.0.7 markupsafe:1.1.0 olefile:0.43 oletools:0.51 peepdf:0.4.2 pefile2:1.2.11 pillow:3.2.0 pip:9.0.3 pycparser:2.19 pycrypto:2.6.1 pydeep:0.4 pyelftools:0.24 pyguacamole:0.6 pymisp:2.4.54 pymongo:3.0.3 pyopenssl:18.0.0 python-dateutil:2.4.2 python-editor:1.0.3 python-magic:0.4.12 pythonaes:1.0 requests:2.13.0 roach:0.1.2 scapy:2.3.2 setuptools:40.6.2 sflock:0.3.8 six:1.11.0 sqlalchemy:1.0.8 tlslite-ng:0.6.0 unicorn:1.0.1 unity-lens-photos:1.0 urllib3:1.24.1 vboxapi:1.0 virtualenv:15.0.1 volatility:2.6 wakeonlan:0.2.2 werkzeug:0.14.1 wheel:0.29.0 yara-python:3.6.3

2018-11-26 14:39:47,069 [cuckoo] ERROR: IOError: [Errno 13] Permission denied: '/opt/cuckoo/pidfiles/cuckoo.pid' Traceback (most recent call last): File "/usr/local/lib/python2.7/dist-packages/cuckoo/main.py", line 233, in main cuckoo_init(level, ctx) File "/usr/local/lib/python2.7/dist-packages/cuckoo/main.py", line 125, in cuckoo_init pidfile.create() File "/usr/local/lib/python2.7/dist-packages/cuckoo/misc.py", line 229, in create with open(self.filepath, "wb") as f: IOError: [Errno 13] Permission denied: '/opt/cuckoo/pidfiles/cuckoo.pid'

[doomedraven]

just pip upgrade cuckoo -U and don't use it with root, so sudo chown cuckoo:cukoo /opt/cuckoo/pidfiles/cuckoo.pid

[icedxu]

I do that with pip install cuckoo -U --upgrade; but it stall show that Oops! Cuckoo failed in an unhandled exception! Sometimes bugs are already fixed in the development release, it is therefore recommended to retry with the latest development release available https://github.com/cuckoosandbox/cuckoo If the error persists please open a new issue at https://github.com/cuckoosandbox/cuckoo/issues

=== Exception details === Cuckoo version: 2.0.6 OS version: posix OS release: Ubuntu 16.04 xenial Python version: 2.7.12 Python implementation: CPython Machine arch: x86_64 Modules: adium-theme-ubuntu:0.3.4 alembic:0.8.8 androguard:3.0.1 asn1crypto:0.24.0 beautifulsoup4:4.5.3 bottle:0.12.7 capstone:3.0.5rc2 cffi:1.11.5 chardet:2.3.0 click:6.6 colorama:0.3.7 cryptography:2.4.2 cuckoo:2.0.6.2 distorm3:3.3.8 django-extensions:1.6.7 django:1.8.4 dpkt:1.8.7 dumbnet:1.12 ecdsa:0.13 egghatch:0.2.3 elasticsearch:5.3.0 enum34:1.1.6 et-xmlfile:1.0.1 flask-sqlalchemy:2.1 flask:0.12.2 functools32:3.2.3.post2 future:0.17.1 httpreplay:0.2.4 idna:2.7 ipaddress:1.0.22 itsdangerous:1.1.0 jdcal:1.4 jinja2:2.9.6 jsbeautifier:1.6.2 jsonschema:2.6.0 libvirt-python:1.3.1 magic-file-extensions:0.2 mako:1.0.7 markupsafe:1.1.0 olefile:0.43 oletools:0.51 openpyxl:2.5.11 peepdf:0.4.2 pefile2:1.2.11 pefile:1.2.10.post139 pillow:3.2.0 pip:8.1.1 pycparser:2.19 pycrypto:2.6.1 pydeep:0.2 pyelftools:0.24 pyguacamole:0.6 pymisp:2.4.54 pymongo:3.0.3 pyopenssl:18.0.0 python-dateutil:2.4.2 python-editor:1.0.3 python-magic:0.4.12 pythonaes:1.0 pytz:2014.10 requests:2.13.0 roach:0.1.2 scapy:2.3.2 setuptools:40.6.2 sflock:0.3.8 six:1.11.0 sqlalchemy:1.0.8 sqlparse:0.1.18 tlslite-ng:0.6.0 ujson:1.35 unicorn:1.0.1 unity-lens-photos:1.0 urllib3:1.24.1 vboxapi:1.0 virtualenv:16.1.0 volatility:2.6 wakeonlan:0.2.2 werkzeug:0.14.1 yara-python:3.6.3

2018-11-28 16:42:47,421 [cuckoo] ERROR: IOError: [Errno 13] Permission denied: '/home/icedxu/.cuckoo/pidfiles/cuckoo.pid' Traceback (most recent call last): File "/usr/local/lib/python2.7/dist-packages/cuckoo/main.py", line 233, in main cuckoo_init(level, ctx) File "/usr/local/lib/python2.7/dist-packages/cuckoo/main.py", line 125, in cuckoo_init pidfile.create() File "/usr/local/lib/python2.7/dist-packages/cuckoo/misc.py", line 229, in create with open(self.filepath, "wb") as f: IOError: [Errno 13] Permission denied: '/home/icedxu/.cuckoo/pidfiles/cuckoo.pid'

how can I solve the error? thanks

[doomedraven]

do chown lol not only upgrade

[michaelkasede]

just pip upgrade cuckoo -U and don't use it with root, so sudo chown cuckoo:cukoo /opt/cuckoo/pidfiles/cuckoo.pid

Hi @doomedraven , I tried this method but upgrade is not a pip command so I did - pip install -U cuckoo then - sudo chown cuckoo:cukoo /opt/cuckoo/pidfiles/cuckoo.pid

Nothing works. I still get the same error: IOError: [Errno 13] Permission denied: '/home/icedxu/.cuckoo/pidfiles/cuckoo.pid'

Any other thoughts please.

[doomedraven]

what about ls -lah /home/icedxu/.cuckoo/pidfiles/cuckoo.pid? the problem here is what you run everything as icedxu and not cuckoo so READ THE --help! you should specify -g icedxu to everything

[michaelkasede]

@doomedraven here is my output for the ls -la command: $ ls -la total 100 drwxr-sr-x 17 cuckoo cuckoo 4096 Nov 26 13:15 . drwxr-xr-x 3 root root 4096 Nov 24 14:11 .. drwxr-sr-x 3 cuckoo cuckoo 4096 Nov 24 18:12 agent drwxr-sr-x 6 cuckoo cuckoo 4096 Nov 24 14:10 analyzer drwxr-sr-x 2 cuckoo cuckoo 4096 Nov 26 13:14 conf -rw-r--r-- 1 cuckoo cuckoo 20480 Nov 26 13:15 cuckoo.db -rw-r--r-- 1 cuckoo cuckoo 40 Nov 24 14:13 .cwd drwxr-sr-x 2 cuckoo cuckoo 4096 Nov 24 14:10 distributed drwxr-sr-x 2 cuckoo cuckoo 4096 Nov 24 14:10 elasticsearch -rw-r--r-- 1 cuckoo cuckoo 163 Nov 24 14:10 init.py drwxr-sr-x 2 cuckoo cuckoo 4096 Nov 24 18:41 log drwxr-sr-x 23 cuckoo cuckoo 4096 Nov 24 18:12 monitor drwxr-sr-x 2 cuckoo cuckoo 4096 Nov 24 18:41 pidfiles drwxr-sr-x 9 cuckoo cuckoo 4096 Nov 24 18:12 signatures drwxr-sr-x 5 cuckoo cuckoo 4096 Nov 24 14:10 storage drwxr-sr-x 2 cuckoo cuckoo 4096 Nov 24 18:41 stuff drwxr-sr-x 2 cuckoo cuckoo 4096 Nov 24 14:10 supervisord -rw-r--r-- 1 cuckoo cuckoo 841 Nov 24 14:13 supervisord.conf drwxr-sr-x 2 cuckoo cuckoo 4096 Nov 26 13:08 web drwxr-sr-x 2 cuckoo cuckoo 4096 Nov 24 14:10 whitelist drwxr-sr-x 9 cuckoo cuckoo 4096 Nov 24 14:10 yara

I don't understand how to use this command -g icedux. Any thoughts please.

[icedxu]

I solve this problem,but I get a new error, I set the timeout and run cuckoo submit --enforce-timeout 480 /home/icedxu/ransomware/ cuckoo ,but I get a error， cuckoo sandbox run less for a minute and it's over. and I can not get any information; what should I do? thanks

[doomedraven]

@icedxu stop spaming all issues!

[doomedraven]

@michaelkasede execute cuckoo --help and that will explain you, become familiar whit tool help a lot

[doomedraven]

like cuckoo -d -g icedux etc

[michaelkasede]

@doomedraven Thanks mate. Will try to do that. Appreciate it.

[michaelkasede]

I used this command to fix the problem [Errno 13] Permission denied: '/opt/cuckoo/pidfiles/cuckoo.pid'

Instead of running cuckoo with cuckoo -d I used:

sudo cuckoo -d --user cuckoo

And it worked. However, I don't know why I was having the problem in the 1st place.

[doomedraven]

btw you run from session of another user?

[michaelkasede]

I am logged in as michael and I am running cuckoo like this: michael@sandbox:/opt/cuckoo$ cuckoo

Is this wrong? I am still getting the permission denied error.

[doomedraven]

yes that is incorrect use as i told you to use

[RicoVZ]

I am logged in as michael and I am running cuckoo like this: michael@sandbox:/opt/cuckoo$ cuckoo

Is this wrong? I am still getting the permission denied error.

Hi michaelkasede,

It depends on where your Cuckoo CWD is. This is the directory where all results, configuraton files, pid files etc are located. The user running Cuckoo must be able to read, edit and create files/dirs in that directory.

By default, Cuckoo will run on the user running it and use the user home /home/<user>/.cuckoo folder as its CWD.

I recommend users to start Cuckoo using the --cwd flag, to force it to use a specific CWD on which you can be sure your user has permissions to read and write.

From what I have seen, I am assuming you want Cuckoo to use /opt/cuckoo as its CWD and run Cuckoo on the cuckoo user?

Try these steps:

1. Verify if /opt/cuckoo exists.
2. It does? Ok, use sudo chown -R cuckoo:cuckoo /opt/cuckoo
3. It does not? Ok, use: sudo cuckoo --cwd /opt/cuckoo --debug init. Now perform step 2 <- 3a. Perform any configuration settings if required
4. Start Cuckoo by executing: cuckoo --cwd /opt/cuckoo --debug --user cuckoo

[1thz]

Faced the same error because for some reason, .cuckoo folder was owned by root user instead of logged in user - probably due to my inexperience with this tool.

Fixed the problem by changing ownership of folder with sudo chown -R <username>:<group/username> ~/.cuckoo.

Old issue but since this is the only issue mentioning this error code, I will just leave this here in case someone else face this error too 😸