search

quarkslab / irma

IRMA is an asynchronous & customizable analysis system for suspicious files.
https://irma.quarkslab.com
Apache License 2.0
269 stars 55 forks source link

Unable to install: deb-src pubkey failed #77

Open devop123456 opened 3 years ago

devop123456 commented 3 years ago

Hi, I'm running into this issue when installing IRMA using default settings and the command: python irma-ansible.py environments/allinone_prod.yml playbooks/provisioning.yml

Output:

(...)
[+] launching ansible-playbook

PLAY [all] ****************************************************************************************************************
2021-02-18T11:04:20.898772 (delta: 0.005543)         elapsed: 0.005543 ******** 
=============================================================================== 

TASK [Check ansible version] **********************************************************************************************
2021-02-18T11:04:20.922660 (delta: 0.023862)         elapsed: 0.029431 ******** 
ok: [brain.irma -> localhost] => {
    "changed": false,
    "msg": "All assertions passed"
}

PLAY [Common tasks to execute on all Linux servers] ***********************************************************************
2021-02-18T11:04:20.959915 (delta: 0.037161)         elapsed: 0.066686 ******** 
=============================================================================== 

TASK [quarkslab.apt : Check Apt last update] ******************************************************************************
2021-02-18T11:04:20.973442 (delta: 0.013467)         elapsed: 0.080213 ******** 
The authenticity of host '172.16.1.30 (172.16.1.30)' can't be established.
ECDSA key fingerprint is SHA256:0LPq1Ft47huodOEkDDZ0u/ddoq7fJNPVg27NEreV95Y.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
ok: [brain.irma]

TASK [quarkslab.apt : Update Apt if needed] *******************************************************************************
2021-02-18T11:04:30.736515 (delta: 9.763047)         elapsed: 9.843286 ******** 
skipping: [brain.irma]

TASK [quarkslab.apt : Debian Security] ************************************************************************************
2021-02-18T11:04:30.767799 (delta: 0.031224)         elapsed: 9.87457 ********* 
changed: [brain.irma] => (item=['deb', 'http://security.debian.org/', 'stretch/updates', "['main']"])
failed: [brain.irma] (item=['deb-src', 'http://security.debian.org/', 'stretch/updates', "['main']"]) => {"changed": false, "item": ["deb-src", "http://security.debian.org/", "stretch/updates", "['main']"], "module_stderr": "load pubkey \"/home/fc/.vagrant.d/insecure_private_key\": invalid format\r\nConnection to 172.16.1.30 closed.\r\n", "module_stdout": "Traceback (most recent call last):\r\n  File \"/home/vagrant/.ansible/tmp/ansible-tmp-1613646281.874775-155547501374282/AnsiballZ_apt_repository.py\", line 113, in <module>\r\n    _ansiballz_main()\r\n  File \"/home/vagrant/.ansible/tmp/ansible-tmp-1613646281.874775-155547501374282/AnsiballZ_apt_repository.py\", line 105, in _ansiballz_main\r\n    invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\r\n  File \"/home/vagrant/.ansible/tmp/ansible-tmp-1613646281.874775-155547501374282/AnsiballZ_apt_repository.py\", line 48, in invoke_module\r\n    imp.load_module('__main__', mod, module, MOD_DESC)\r\n  File \"/tmp/ansible_apt_repository_payload_BjFBs8/__main__.py\", line 549, in <module>\r\n  File \"/tmp/ansible_apt_repository_payload_BjFBs8/__main__.py\", line 541, in main\r\n  File \"/usr/lib/python2.7/dist-packages/apt/cache.py\", line 483, in update\r\n    raise FetchFailedException(e)\r\napt.cache.FetchFailedException: E:Failed to fetch http://security.debian.org/dists/stretch/updates/InRelease  Unable to find expected entry '['main']/source/Sources' in Release file (Wrong sources.list entry or malformed file), E:Some index files failed to download. They have been ignored, or old ones used instead.\r\n", "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error", "rc": 1}

PLAY RECAP ****************************************************************************************************************
brain.irma                 : ok=2    changed=0    unreachable=0    failed=1   

2021-02-18T11:04:44.739383 (delta: 13.971556)         elapsed: 23.846154 ****** 
===============================================================================

Any ideas?

Thanks.

devop123456 commented 3 years ago

Okay, I think I've got it. This is what is inserted in /etc/apt/sources.list.d/security_debian_org.list:

deb http://security.debian.org/ stretch/updates ['main'] 
deb-src http://security.debian.org/ stretch/updates ['main']

Please note the brackets around main. This is actually not an issue for the deb, but it is for deb-src, apparently. When removed, apt update works correctly. This has to be addressed in the relative ansible playbook, as this file is generated.

eshanaka commented 3 years ago

Hi There, Did you do any modifications to environments/allinone_prod.yml? Are you running the ansible scripts from the same machine where you're installing IRMA?

ch0k0bn commented 3 years ago

Not fixed yet but seems to be an issue with python3/python2 (cf. https://github.com/quarkslab/irma/issues/74#issuecomment-778017254)