Closed Evan-Sa closed 7 years ago
Same for me. I tried re-running the bootstrap script, which resulted in Error 100 messsages for ALL packages installed via APT, thus I guess it says the package is already installed and doesn't need to be installed or updated. The python packages, however, could be reinstalled over and over again without error message.
I am unable to reproduce but I will look into it further today
Sent from my iPhone
On Mar 30, 2016, at 13:57, Evan-Sa notifications@github.com wrote:
Usedd the bootstrap script on to install SIFT on a REMnux VM (imported from the OVA) and got quite a few error code 100 on several packages.
ERROR: Install Failure: gthumb (Error Code: 100) ERROR: Install Failure: kdiff3 (Error Code: 100) ERROR: Install Failure: libewf-python (Error Code: 100) ERROR: Install Failure: libewf-tools (Error Code: 100) ERROR: Install Failure: mantaray (Error Code: 100) ERROR: Install Failure: okular (Error Code: 100) ERROR: Install Failure: python-dfvfs (Error Code: 100) ERROR: Install Failure: python-plaso (Error Code: 100)
I tried the fix mentioned in issue 80 but it is not exactly the same scenario. I attached the text from the update sift results and my sift-install log sift-install.txt
update-sift.txt
— You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub
@ekristen What set up were you using that you did not encounter any Error 100 messages.
@Evan-Sa I did find one issue and resolved it. May or may not fix this problem, if you are continuing to have issues please let me know and feel free to re-open the issue.
Hello I did not find any problems installing sift and remnux together using the boot strap scritps on a vanilla Ubuntu 14.04 workstation but when I imported the REMnux ova and tried to install sift I ran into the same error codes.
@Evan-Sa I need the sift-install.log from your home directory, it has the real errors
I too am having the same problem installing SIFT on top of the Remnux OVM. I've tried the various fixes I've seen listed here to no avail.
Unfortunately it's a dependency conflict. Something relies on an older or newer version.
Sent from my iPhone
On Jun 25, 2016, at 14:20, z4t888 notifications@github.com wrote:
I too am having the same problem installing SIFT on top of the Remnux OVM. I've tried the various fixes I've seen listed here to no avail.
update-sift.txt
— You are receiving this because you modified the open/close state. Reply to this email directly, view it on GitHub, or mute the thread.
https://github.com/sans-dfir/sift/issues/112 this issue for the remux, in general error code 100 means there is a package conflict. I'm going to close this issue unless @Evan-Sa wants to re-open for the original reasons.
This issue seems to still exist. Lost use of log2timeline, same errors as above:
ERROR: Install Failure: libewf-python (Error Code: 100) ERROR: Install Failure: libewf-tools (Error Code: 100) ERROR: Install Failure: mantaray (Error Code: 100) ERROR: Install Failure: python-dfvfs (Error Code: 100) ERROR: Install Failure: python-plaso (Error Code: 100)
The following packages have unmet dependencies: libewf-python : Depends: libewf (= 20140608-1ppa1~trusty) but 20150126-1 is to be installed E: Unable to correct problems, you have held broken packages.
WARNING: The following packages cannot be authenticated! libbfio libewf Install these packages without verification? [y/N] y Get:1 http://repo.digital-forensic.org/ubuntu/ trusty/main libbfio amd64 20150104-1 [293 kB] Get:2 http://repo.digital-forensic.org/ubuntu/ trusty/main libewf amd64 20150126-1 [459 kB]
Tried the steps in #80 a few times with no go. Can we re-open this, or should I raise a new issue?
We can re-open, but already in your logs I see a non-standard repo being used which is going to most likely cause conflicts and be the reason it is not working http://repo.digital-forensic.org/ubuntu/
If any of the tools from https://github.com/libyal are being installed from anywhere but https://launchpad.net/~gift/+archive/ubuntu/stable repo (which repo.digital-forensics.org) then things will most likely start to break as there is a tight relationship between those tools.
I need more information about your setup.
Agreed WRT the repo, but it's showing up when I do my update-sift. I believe it's coming from dff. I'll comment it out and try again.
Commented out the repo in my sources.list, removed dff (installed from repo), apt-get remove sleuthkit, apt-get remove libewf, apt-get autoremove, apt-get clean, and apt-get purge.
Fetched new bootstrap: wget --quiet -O - https://raw.github.com/sans-dfir/sift-bootstrap/master/bootstrap.sh | sudo bash -s -- -i -s -y
and now getting the following '100's:
ERROR: Install Failure: libpff-dev (Error Code: 100) ERROR: Install Failure: libpff-python (Error Code: 100) ERROR: Install Failure: libpff-tools (Error Code: 100) ERROR: Install Failure: mantaray (Error Code: 100) ERROR: Install Failure: pytsk3 (Error Code: 100)
Going to remove libpff (suspect probably came from other repo) and the other tools, then will try again.
Okay, so removed libpff, libpff-python (said it wasn't installed), libpff-tools (also wasn't installed), mantaray (wasn't installed), and pytsk3 (wasn't installed). Installed them all separately, except pytsk3 wouldn't install, giving the error:
Package pytsk3 is not available, but is referred to by another package. This may mean that the package is missing, has been obsoleted, or is only available from another source
E: Package 'pytsk3' has no installation candidate
And now log2timeline doesn't work, the only log2timeline that comes up in autocomplete is log2timeline.py (used to be just a 'log2timeline' program?) and that now gives me the problem:
root@siftworkstation:/home/sansforensics# log2timeline.py
Traceback (most recent call last):
File "/usr/bin/log2timeline.py", line 21, in
log2timeline (aka log2timeline_legacy) is not actually installing anymore. The binary isn't in /usr/bin/ as the 'links' in the bootstrap indicates it should be. pytsk3 seems like it has to be installed via pip, and it is installed already according to 'pip install pytsk3'. I'm stuck now, any thoughts?
I decided to revert my VM back to a snapshot I took in February so I could start again. Everything was working fine before I did any updates/changes/anything. I ran sudo apt-get update && sudo apt-get upgrade. Everything started to upgrade, and then I got an error saying missing dependency (pytsk3). I ran apt-get install -f, selected Y to install and was presented with this:
The following NEW packages will be installed: python-pytsk3 0 upgraded, 1 newly installed, 0 to remove and 3 not upgraded. 2 not fully installed or removed. Need to get 0 B/607 kB of archives. After this operation, 1,675 kB of additional disk space will be used. Do you want to continue? [Y/n] y (Reading database ... 330879 files and directories currently installed.) Preparing to unpack .../python-pytsk3_20160721-1ppa1~trusty_amd64.deb ... Unpacking python-pytsk3 (20160721-1ppa1~trusty) ... dpkg: error processing archive /var/cache/apt/archives/python-pytsk3_20160721-1ppa1~trusty_amd64.deb (--unpack): trying to overwrite '/usr/lib/python2.7/dist-packages/pytsk3.so', which is also in package pytsk3 4.2.0-20150406-1ppa1~trusty dpkg-deb: error: subprocess paste was killed by signal (Broken pipe) Errors were encountered while processing: /var/cache/apt/archives/python-pytsk3_20160721-1ppa1~trusty_amd64.deb E: Sub-process /usr/bin/dpkg returned an error code (1)
Seems like every error in this whole Error 100 issue is stemming from pytsk3.
Anyone have any thoughts?
I will download the SIFT VM from the SANS website today and do another fresh upgrade to see if I can reproduce. I've been unable to, but obviously you and others are having issues.
Does /etc/apt/sources.list.d/google-chrome.list
exist on your VM?
I've been able to reproduce this now, working on figuring out how to solve it.
@ekristen I do have /etc/apt/sources.list.d/google-chrome.list
in my VM, and when I first built the VM it had an error. I've figured out how to fix that, by putting [arch=amd64] in between the deb and the URL: deb [arch=amd64] http://dl.google.com/linux/chrome/deb/ stable main
Thank you for all your help on this. If you need a guinea pig, let me know.
I've got the solution.
rm /etc/apt/sources.list.d/google-chrome.list
sudo apt-get remove python-plaso python-pytsk3 mantaray python-dfvfs
sudo apt-get remove pytsk3
sudo update-sift
Sit back, relax, and enjoy.
There are a few other minor issues I'm working on resolving around some of the python packages but this should fix the error 100 around mantaray and pytsk3
I'll give it a shot with my two VM's. I have one brand-new and one 'gently used'. I'll give you more details once I try it out.
So far, tried on one. One of the VM's didn't have google-chrome.list, only google-chrome.list.save, so I removed that anyways. Ran the commands you recommended, and yes it did fix the Error 100, but now log2timeline is broken. The only log2timeline available is the python script and I'm getting errors up the wazoo from that now.
I'm going to try the new VM tomorrow and I'll get back to you.
Finished the new VM tonight, here are the steps I took:
Once VM was created, I removed the google-chrome.list file;
tested log2timeline, works fine;
sudo apt-get update
;
update-sift
;
No Error 100;
log2timeline broken.
Also noticed that mantaray didn't install in either instance today. So, question is, what's in the google-chrome repo that's causing a problem with the other installs?
The google chrome repo doesn't exist anymore.
Mantaray package is broken so it was removed tonight.
Log2timeline shouldn't be broken, plaso should be installed.
Sent from my iPhone
On Oct 4, 2016, at 21:43, Fetchered notifications@github.com wrote:
Finished the new VM tonight, here are the steps I took: Once VM was created, I removed the google-chrome.list file; tested log2timeline, works fine; sudo apt-get update; update-sift; No Error 100; log2timeline broken.
Also noticed that mantaray didn't install in either instance today. So, question is, what's in the google-chrome repo that's causing a problem with the other installs?
— You are receiving this because you were assigned. Reply to this email directly, view it on GitHub, or mute the thread.
Agreed that log2timeline shouldn't be broken, and plaso should be installed, but log2timeline is gone, and the log2timeline.py (plaso) that is there now, doesn't work. I get a lot of UBInt16 and cpio related error messages
I'm going to consider this issue resolved and opened a new one for log2timline https://github.com/sans-dfir/sift/issues/128
Usedd the bootstrap script on to install SIFT on a REMnux VM (imported from the OVA) and got quite a few error code 100 on several packages.
ERROR: Install Failure: gthumb (Error Code: 100) ERROR: Install Failure: kdiff3 (Error Code: 100) ERROR: Install Failure: libewf-python (Error Code: 100) ERROR: Install Failure: libewf-tools (Error Code: 100) ERROR: Install Failure: mantaray (Error Code: 100) ERROR: Install Failure: okular (Error Code: 100) ERROR: Install Failure: python-dfvfs (Error Code: 100) ERROR: Install Failure: python-plaso (Error Code: 100)
I tried the fix mentioned in issue 80 but it is not exactly the same scenario. I attached the text from the update sift results and my sift-install log sift-install.txt
update-sift.txt