search

jasonish / evebox

Web Based Event Viewer (GUI) for Suricata EVE Events in Elastic Search
https://evebox.org/
MIT License
417 stars 67 forks source link

Bad error message on permission error when reading TLS certificates. #216

Closed opoplawski closed 1 year ago

opoplawski commented 1 year ago

I've install evebox 0.15.0 on an AlmaLinux 8 host. Trying to start the systemd service fails with:

Aug 03 13:53:48 osdash-sea01.nwra.com evebox[85733]: 2022-08-03 13:53:48  INFO evebox::server::main: Starting server on 127.0.0.1:5636, tls=true
Aug 03 13:53:48 osdash-sea01.nwra.com evebox[85733]: thread 'main' panicked at 'called `Result::unwrap()` on an `Err` value: Permission denied (os error 13)', /var/lib/docker/overlay2/cd90cf7b01288a184099042a7b7cf84d718e9fe3589d67ea01bab30f1c6c3055/merged/src/src/server/main.rs:240:58
Aug 03 13:53:48 osdash-sea01.nwra.com evebox[85733]: note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace

/var/lib/docker does not exist.

jasonish commented 1 year ago

Did you use the RPM? Curious cause the Docker directory is showing up in the logs.

Sorry. That's probably coming from the build environment. Oops. Will look.

jasonish commented 1 year ago

Actually can you provide more information on how you installed EveBox, or how you have it configured? The error reporting is bad here, but it looks like its failing either trying to read the TSL certificate or key file, or failing to bind to a port. I'll need to cleanup the error messaging here.

opoplawski commented 1 year ago

That was the issue - needed to give permissions to the certificate files. It does seem like the error reporting could be better here. Thanks.