Closed TheZonks closed 6 years ago
ekristen
commented
6 years ago I'd need to see your install log (not just the output from the terminal) to see what has failed.
Unity is the only supported option at this time, but Ubuntu is even moving back to gnome, so that'll most likely become the default.
TheZonks
commented
6 years ago thank your for your quick reply, where is the installation-log located?
ekristen
commented
6 years ago It’s in the terminal output
Log file: /var/cache/sift/cli/v2018.08.0/saltstack.log
TheZonks
commented
6 years ago 
crrfx
commented
6 years ago The Problem seems to be very similar if not identical to my current issue on Ubuntu 16.04.4 LTS.
ekristen
commented
6 years ago @TheZonks it seems you are getting some sort of weird utf8 issue when managing files.
are you behind a proxy?
crrfx
commented
6 years ago Dear Erik,
thank you for our quick reply. I am definitely not behind a proxy.
Best regards
crrfx
From: Erik Kristensen [mailto:notifications@github.com] Sent: Sunday, April 15, 2018 12:03 AM To: sans-dfir/sift Cc: crrfx; Comment Subject: Re: [sans-dfir/sift] [CLI] Installation on Ubuntu desktop fails (#252)
@TheZonks https://github.com/TheZonks it seems you are getting some sort of weird utf8 issue when managing files.
are you behind a proxy?
— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/sans-dfir/sift/issues/252#issuecomment-381363714 , or mute the thread https://github.com/notifications/unsubscribe-auth/AklqEXJt0l5qd4WrRQmhjXe76mfMei6Vks5tonH2gaJpZM4TOTE5 . https://github.com/notifications/beacon/AklqEaFbsGo-ODbMDUEXZWN0NqduNrUiks5tonH2gaJpZM4TOTE5.gif
ekristen
commented
6 years ago @crrfx are you running on a clean ubuntu 16.04 desktop? I'm seeing some weird errors and utf8 encoding errors, I've never seen this before.
crrfx
commented
6 years ago I installed Ubuntu on a USB stick (as HDD). The installation was done by an iso file from https://www.ubuntu.com/download/desktop . Immediately afterwards I tried installing SIFT.
Best regards, crrfx
From: Erik Kristensen [mailto:notifications@github.com] Sent: Sunday, April 15, 2018 12:38 AM To: sans-dfir/sift Cc: crrfx; Mention Subject: Re: [sans-dfir/sift] [CLI] Installation on Ubuntu desktop fails (#252)
@crrfx https://github.com/crrfx are you running on a clean ubuntu 16.04 desktop? I'm seeing some weird errors and utf8 encoding errors, I've never seen this before.
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/sans-dfir/sift/issues/252#issuecomment-381365514 , or mute the thread https://github.com/notifications/unsubscribe-auth/AklqETGOkGBi1KVzxqUQVyKoG_-EOjBYks5tonosgaJpZM4TOTE5 . https://github.com/notifications/beacon/AklqEai_Dcof9fJ81uXayOHNRGayp3vgks5tonosgaJpZM4TOTE5.gif
crrfx
commented
6 years ago I set up ubuntu 16.04 LTS several times anew, tested two networks (at home, office) and used both sift-cli@1.5.1-master and sift-cli@1.5.2-master for installing sift. I was, however, not successful. This is the latest log-file: saltstack.log
ekristen
commented
6 years ago I've installed SIFT about half a dozen times in the last 3 days from scratch without issues.
Are you using any custom language settings, terminal settings, etc?
The more details the better, but at this point, unfortunately since I cannot replicate it, I'm going to have to say it's your environment. I'm happy to continue to help troubleshoot, but super hard when I can't replicate.
crrfx
commented
6 years ago The only thing I change during installing Ubuntu is the language from English to German and the time zone. Could this be an issue? The hardware is an Lenovo T540p.
ekristen
commented
6 years ago The timezone definitely should not be, although we highly recommend leaving the timezone as UTC.
The language could definitely be an issue. We do not unfortunately test against anything other than English. It could be the thing causing the problem with the utf8 encoding.
crrfx
commented
6 years ago I installed SIFT (1.5.2) again from scratch and used only the English variant from Ubuntu 16.04 LTS. Something changed indeed - I have now posters on my desktop. Nevertheless, I had still no success. I tried a second installation, and the result was worse compared with the fist trial. Both log files are attached. Which custom language settings and terminal settings should I check additionally?
ekristen
commented
6 years ago @crrfx please use the pre-release of the sift-cli to try and install.
crrfx
commented
6 years ago Still having problems: using $ sudo curl -o /usr/local/bin/sift https://github.com/sans-dfir/sift-cli/releases/download/v1.6.0/sift-cli-linux I got only a partial download % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 604 0 604 0 0 853 0 --:--:-- --:--:-- --:--:-- 853 with this file sift_curl.txt. And $ sudo chmod +x /usr/local/bin/sift $ sudo sift install led to the message /usr/local/bin/sift: 1: /usr/local/bin/sift: Syntax error: redirection unexpected Downloading alternatively sift-cli-linux directly and using $ sudo mv sift-cli-linux /usr/local/bin/sift $ chmod 755 /usr/local/bin/sift $ sudo sift install led to
sift-cli@1.6.0-master.1e4df5c sift-version: notinstalled
ENOENT: no such file or directory, open '/etc/apt/sources.list.d/saltstack.list' Error: ENOENT: no such file or directory, open '/etc/apt/sources.list.d/saltstack.list'
ekristen
commented
6 years ago Use 1.6.1
curl -Lo /usr/local/bin/sift https://github.com/sans-dfir/sift-cli/releases/download/v1.6.1/sift-cli-linux
chmod +x /usr/local/bin/siftWe definitely had some weird things happen lately. Python PIP is mostly to blame.
Try installing 1.6.1 and then running sudo sift install --pre-release
crrfx
commented
6 years ago That's it. Without "--pre-release" there were still 12 failures, probably Python PIP, with this option v2018.16.0 was installed.
Thank you very much for your help!
ekristen
commented
6 years ago Very good. We did a full release so --pre-release is no longer needed. Cheers.
amcap623
commented
3 years ago I am getting this error trying to install SIFT workstation v2020.7.1 on Ubuntu 16.04. The install does not show me at the end Completed with Errors. It just stops. Below this error is the error from the saltstack.log
Running: sift-config-tools Update returned exit code not zero Error: Update returned exit code not zero at ChildProcess.
(/snapshot/sift-cli/sift-cli.js:529:23) at ChildProcess.emit (events.js:196:13) at maybeClose (internal/child_process.js:1011:16) at Process.ChildProcess._handle.onexit (internal/child_process.js:268:5)
----- PLEASE READ ----------------------
A lot of failures are caused by the apt system being locked or unhealthy.
Before opening an issue in GitHub, please check to see if your apt system is healthy.
Try running 'apt-get update' then remove any packages that aren't used by running 'apt-get autoremove'
sansforensics@siftworkstation: ~/Downloads $ ------------------------SALTSTACK.LOG ERROR-------------------------- Requirement already satisfied: pip in /opt/rekall/lib/python2.7/site-packages (20.2.2)
Requirement already satisfied: setuptools in /opt/rekall/lib/python2.7/site-packages
(45.0.0)
DEPRECATION: Python 2.7 reached the end of its life on January 1st, 2020. Please
upgrade your Python as Python 2.7 is no longer maintained. pip 21.0 will drop
support for Python 2.7 in January 2021. More details about Python 2 support
in pip can be found at https://pip.pypa.io/en/latest/development/release-process/#python-2-support
WARNING: The directory ''/home/sansforensics/.cache/pip'' or its parent directory
is not owned or is not writable by the current user. The cache has been disabled.
Check the permissions and owner of that directory. If executing pip with sudo,
you may want sudo''s -H flag.
ERROR: Package ''setuptools'' requires a different Python: 2.7.12 not in ''>=3.5'''
duration: 3512.975
name: /opt/rekall
result: false
start_time: '03:37:03.278404'
Hello,
i tried to install sift workstation on several ubuntu installations, all with the same result. what i have done is: installing a clean ubuntu vm with virtualbox. created user siftadmin running apt-get update running apt-get upgrade running apt-get dist-upgrade used versions: ubuntu server 16.04.04 LTS minimal (no unity) ubuntu desktop 16.04.04 LTS with unitiy
Environment (from the last test): Distributor ID: Ubuntu Description: Ubuntu 16.04.4 LTS Release: 16.04 Codename: xenial
Linux siftworkstation 4.13.0-38-generic #43~16.04.1-Ubuntu SMP Wed Mar 14 17:48:43 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
Console-Log:
sift version gives me: /usr/local/bin$ sift version
BTW: i would prefer not to use unity or gnome or kde. i would like to use some more lightweight like xfce, lubuntu or similar from a minimal-installation of ubuntu. is there any chance in the future for this?
thank you