Closed mgmacias95 closed 5 years ago
Hello @sonofagl1tch,
After updating AMIs used in the CF template in https://github.com/sonofagl1tch/AWSDetonationLab/commit/3f4cbfd148e6e454ac072962f6e1a7ef66c78454, the template was still failing:
I disabled rolling back when the template failed so I was able to do some checks in the environment and get further information about the error. I accessed bastion machine and found out the bastion_bootstrap.sh
script is failing:
# /tmp/bastion_bootstrap.sh --banner https://raw.githubusercontent.com/sonofagl1tch/AWSDetonationLab/master/artifacts/banner_message.txt --enable true --tcp-forwarding true --x11-forwarding false
checkos Ended
BANNER_PATH = https://raw.githubusercontent.com/sonofagl1tch/AWSDetonationLab/master/artifacts/banner_message.txt
Creating Banner in /etc/ssh_banner
curl -s https://raw.githubusercontent.com/sonofagl1tch/AWSDetonationLab/master/artifacts/banner_message.txt > /etc/ssh_banner
[INFO] Installing banner ...
Setting up bastion session log in /var/log/bastion/bastion.log
ln: failed to create hard link ‘/var/log/bastion/.bastion.log’: File exists
Value of TCP_FORWARDING - true
Value of X11_FORWARDING - false
[ERROR] Unsupported Linux Bastion OS
Searching in the script's code, I found out where the error was being raised:
https://github.com/sonofagl1tch/AWSDetonationLab/blob/e3a7078e93a6409ea66625a0c813d4770eeb8cbe/additionalInstallationScripts/bastion_bootstrap.sh#L582-L598
It seems the result from osrelease
function isn't correct. Reviewing that function:
https://github.com/sonofagl1tch/AWSDetonationLab/blob/e3a7078e93a6409ea66625a0c813d4770eeb8cbe/additionalInstallationScripts/bastion_bootstrap.sh#L57-L69
It seems the following command is returning a wrong value:
# cat /etc/os-release | grep '^NAME=' | tr -d \" | sed 's/\n//g' | sed 's/NAME=//g'
Amazon Linux AMI
But I don't know if replacing content in line 61 would be a good fix, since it was changed here: https://github.com/awslabs/amazon-guardduty-tester/commit/9fb76df51b797c163d570e5eed087f87d7983170#diff-18583a0977c9ce589518e28d2ef9a78c Am I using an old instance by error when I changed AMIs?
Best regards, Marta
looking at this bash i was using a full string match as my conditional which worked before the aws template updates. looks like now we need more of an "if a string contains substring" type of conditional. similar to the code snippet below.
string='My long string'
if [[ $string == *"My long"* ]]; then
echo "It's there!"
fi
https://stackoverflow.com/questions/229551/how-to-check-if-a-string-contains-a-substring-in-bash
Describe the bug When I try to deploy the template it fails in the middle of the deployment process and rolls back all the deployed resources.
To Reproduce Steps to reproduce the behavior:
Expected behavior I expect the stack deployment to get
CREATE_COMPLETE
status instead ofROLLBACK_IN_PROGRESS
.Screenshots
Additional context It seems Amazon Marketplace has updated their images so the ID is no longer the one specified in the template.