Closed Evan-Sa closed 7 years ago
keram79
commented
8 years ago Same for me. I tried re-running the bootstrap script, which resulted in Error 100 messsages for ALL packages installed via APT, thus I guess it says the package is already installed and doesn't need to be installed or updated. The python packages, however, could be reinstalled over and over again without error message.
ekristen
commented
8 years ago I am unable to reproduce but I will look into it further today
Sent from my iPhone
On Mar 30, 2016, at 13:57, Evan-Sa notifications@github.com wrote:
Usedd the bootstrap script on to install SIFT on a REMnux VM (imported from the OVA) and got quite a few error code 100 on several packages.
ERROR: Install Failure: gthumb (Error Code: 100) ERROR: Install Failure: kdiff3 (Error Code: 100) ERROR: Install Failure: libewf-python (Error Code: 100) ERROR: Install Failure: libewf-tools (Error Code: 100) ERROR: Install Failure: mantaray (Error Code: 100) ERROR: Install Failure: okular (Error Code: 100) ERROR: Install Failure: python-dfvfs (Error Code: 100) ERROR: Install Failure: python-plaso (Error Code: 100)
I tried the fix mentioned in issue 80 but it is not exactly the same scenario. I attached the text from the update sift results and my sift-install log sift-install.txt
update-sift.txt
— You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub
Evan-Sa
commented
8 years ago @ekristen What set up were you using that you did not encounter any Error 100 messages.
ekristen
commented
8 years ago @Evan-Sa I did find one issue and resolved it. May or may not fix this problem, if you are continuing to have issues please let me know and feel free to re-open the issue.
Evan-Sa
commented
8 years ago Hello I did not find any problems installing sift and remnux together using the boot strap scritps on a vanilla Ubuntu 14.04 workstation but when I imported the REMnux ova and tried to install sift I ran into the same error codes.
ekristen
commented
8 years ago @Evan-Sa I need the sift-install.log from your home directory, it has the real errors
z4t888
commented
8 years ago I too am having the same problem installing SIFT on top of the Remnux OVM. I've tried the various fixes I've seen listed here to no avail.
ekristen
commented
8 years ago Unfortunately it's a dependency conflict. Something relies on an older or newer version.
Sent from my iPhone
On Jun 25, 2016, at 14:20, z4t888 notifications@github.com wrote:
I too am having the same problem installing SIFT on top of the Remnux OVM. I've tried the various fixes I've seen listed here to no avail.
update-sift.txt
— You are receiving this because you modified the open/close state. Reply to this email directly, view it on GitHub, or mute the thread.
ekristen
commented
8 years ago https://github.com/sans-dfir/sift/issues/112 this issue for the remux, in general error code 100 means there is a package conflict. I'm going to close this issue unless @Evan-Sa wants to re-open for the original reasons.
Fetchered
commented
7 years ago This issue seems to still exist. Lost use of log2timeline, same errors as above:
ERROR: Install Failure: libewf-python (Error Code: 100) ERROR: Install Failure: libewf-tools (Error Code: 100) ERROR: Install Failure: mantaray (Error Code: 100) ERROR: Install Failure: python-dfvfs (Error Code: 100) ERROR: Install Failure: python-plaso (Error Code: 100)
The following packages have unmet dependencies: libewf-python : Depends: libewf (= 20140608-1ppa1~trusty) but 20150126-1 is to be installed E: Unable to correct problems, you have held broken packages.
WARNING: The following packages cannot be authenticated! libbfio libewf Install these packages without verification? [y/N] y Get:1 http://repo.digital-forensic.org/ubuntu/ trusty/main libbfio amd64 20150104-1 [293 kB] Get:2 http://repo.digital-forensic.org/ubuntu/ trusty/main libewf amd64 20150126-1 [459 kB]
Tried the steps in #80 a few times with no go. Can we re-open this, or should I raise a new issue?
ekristen
commented
7 years ago We can re-open, but already in your logs I see a non-standard repo being used which is going to most likely cause conflicts and be the reason it is not working http://repo.digital-forensic.org/ubuntu/
If any of the tools from https://github.com/libyal are being installed from anywhere but https://launchpad.net/~gift/+archive/ubuntu/stable repo (which repo.digital-forensics.org) then things will most likely start to break as there is a tight relationship between those tools.
I need more information about your setup.
Fetchered
commented
7 years ago Agreed WRT the repo, but it's showing up when I do my update-sift. I believe it's coming from dff. I'll comment it out and try again.
Fetchered
commented
7 years ago Commented out the repo in my sources.list, removed dff (installed from repo), apt-get remove sleuthkit, apt-get remove libewf, apt-get autoremove, apt-get clean, and apt-get purge.
Fetched new bootstrap: wget --quiet -O - https://raw.github.com/sans-dfir/sift-bootstrap/master/bootstrap.sh | sudo bash -s -- -i -s -y and now getting the following '100's:
ERROR: Install Failure: libpff-dev (Error Code: 100) ERROR: Install Failure: libpff-python (Error Code: 100) ERROR: Install Failure: libpff-tools (Error Code: 100) ERROR: Install Failure: mantaray (Error Code: 100) ERROR: Install Failure: pytsk3 (Error Code: 100)
Going to remove libpff (suspect probably came from other repo) and the other tools, then will try again.
Fetchered
commented
7 years ago Okay, so removed libpff, libpff-python (said it wasn't installed), libpff-tools (also wasn't installed), mantaray (wasn't installed), and pytsk3 (wasn't installed). Installed them all separately, except pytsk3 wouldn't install, giving the error:
Package pytsk3 is not available, but is referred to by another package. This may mean that the package is missing, has been obsoleted, or is only available from another source
E: Package 'pytsk3' has no installation candidate
And now log2timeline doesn't work, the only log2timeline that comes up in autocomplete is log2timeline.py (used to be just a 'log2timeline' program?) and that now gives me the problem:
root@siftworkstation:/home/sansforensics# log2timeline.py
Traceback (most recent call last):
File "/usr/bin/log2timeline.py", line 21, in
Fetchered
commented
7 years ago log2timeline (aka log2timeline_legacy) is not actually installing anymore. The binary isn't in /usr/bin/ as the 'links' in the bootstrap indicates it should be. pytsk3 seems like it has to be installed via pip, and it is installed already according to 'pip install pytsk3'. I'm stuck now, any thoughts?
Fetchered
commented
7 years ago I decided to revert my VM back to a snapshot I took in February so I could start again. Everything was working fine before I did any updates/changes/anything. I ran sudo apt-get update && sudo apt-get upgrade. Everything started to upgrade, and then I got an error saying missing dependency (pytsk3). I ran apt-get install -f, selected Y to install and was presented with this:
The following NEW packages will be installed: python-pytsk3 0 upgraded, 1 newly installed, 0 to remove and 3 not upgraded. 2 not fully installed or removed. Need to get 0 B/607 kB of archives. After this operation, 1,675 kB of additional disk space will be used. Do you want to continue? [Y/n] y (Reading database ... 330879 files and directories currently installed.) Preparing to unpack .../python-pytsk3_20160721-1ppa1~trusty_amd64.deb ... Unpacking python-pytsk3 (20160721-1ppa1~trusty) ... dpkg: error processing archive /var/cache/apt/archives/python-pytsk3_20160721-1ppa1~trusty_amd64.deb (--unpack): trying to overwrite '/usr/lib/python2.7/dist-packages/pytsk3.so', which is also in package pytsk3 4.2.0-20150406-1ppa1~trusty dpkg-deb: error: subprocess paste was killed by signal (Broken pipe) Errors were encountered while processing: /var/cache/apt/archives/python-pytsk3_20160721-1ppa1~trusty_amd64.deb E: Sub-process /usr/bin/dpkg returned an error code (1)
Seems like every error in this whole Error 100 issue is stemming from pytsk3.
Anyone have any thoughts?
ekristen
commented
7 years ago I will download the SIFT VM from the SANS website today and do another fresh upgrade to see if I can reproduce. I've been unable to, but obviously you and others are having issues.
ekristen
commented
7 years ago Does /etc/apt/sources.list.d/google-chrome.list exist on your VM?
ekristen
commented
7 years ago I've been able to reproduce this now, working on figuring out how to solve it.
Fetchered
commented
7 years ago @ekristen I do have /etc/apt/sources.list.d/google-chrome.list in my VM, and when I first built the VM it had an error. I've figured out how to fix that, by putting [arch=amd64] in between the deb and the URL: deb [arch=amd64] http://dl.google.com/linux/chrome/deb/ stable main
Thank you for all your help on this. If you need a guinea pig, let me know.
ekristen
commented
7 years ago I've got the solution.
rm /etc/apt/sources.list.d/google-chrome.listsudo apt-get remove python-plaso python-pytsk3 mantaray python-dfvfssudo apt-get remove pytsk3sudo update-siftSit back, relax, and enjoy.
There are a few other minor issues I'm working on resolving around some of the python packages but this should fix the error 100 around mantaray and pytsk3
Fetchered
commented
7 years ago I'll give it a shot with my two VM's. I have one brand-new and one 'gently used'. I'll give you more details once I try it out.
Fetchered
commented
7 years ago So far, tried on one. One of the VM's didn't have google-chrome.list, only google-chrome.list.save, so I removed that anyways. Ran the commands you recommended, and yes it did fix the Error 100, but now log2timeline is broken. The only log2timeline available is the python script and I'm getting errors up the wazoo from that now.
I'm going to try the new VM tomorrow and I'll get back to you.
Fetchered
commented
7 years ago Finished the new VM tonight, here are the steps I took:
Once VM was created, I removed the google-chrome.list file;
tested log2timeline, works fine;
sudo apt-get update;
update-sift;
No Error 100;
log2timeline broken.
Also noticed that mantaray didn't install in either instance today. So, question is, what's in the google-chrome repo that's causing a problem with the other installs?
ekristen
commented
7 years ago The google chrome repo doesn't exist anymore.
Mantaray package is broken so it was removed tonight.
Log2timeline shouldn't be broken, plaso should be installed.
Sent from my iPhone
On Oct 4, 2016, at 21:43, Fetchered notifications@github.com wrote:
Finished the new VM tonight, here are the steps I took: Once VM was created, I removed the google-chrome.list file; tested log2timeline, works fine; sudo apt-get update; update-sift; No Error 100; log2timeline broken.
Also noticed that mantaray didn't install in either instance today. So, question is, what's in the google-chrome repo that's causing a problem with the other installs?
— You are receiving this because you were assigned. Reply to this email directly, view it on GitHub, or mute the thread.
Fetchered
commented
7 years ago Agreed that log2timeline shouldn't be broken, and plaso should be installed, but log2timeline is gone, and the log2timeline.py (plaso) that is there now, doesn't work. I get a lot of UBInt16 and cpio related error messages
ekristen
commented
7 years ago I'm going to consider this issue resolved and opened a new one for log2timline https://github.com/sans-dfir/sift/issues/128
Usedd the bootstrap script on to install SIFT on a REMnux VM (imported from the OVA) and got quite a few error code 100 on several packages.
ERROR: Install Failure: gthumb (Error Code: 100) ERROR: Install Failure: kdiff3 (Error Code: 100) ERROR: Install Failure: libewf-python (Error Code: 100) ERROR: Install Failure: libewf-tools (Error Code: 100) ERROR: Install Failure: mantaray (Error Code: 100) ERROR: Install Failure: okular (Error Code: 100) ERROR: Install Failure: python-dfvfs (Error Code: 100) ERROR: Install Failure: python-plaso (Error Code: 100)
I tried the fix mentioned in issue 80 but it is not exactly the same scenario. I attached the text from the update sift results and my sift-install log sift-install.txt
update-sift.txt