Getting enterprise version working

classic Classic list List threaded Threaded
10 messages Options
Reply | Threaded
Open this post in threaded view
|

Getting enterprise version working

Dylan Saunders
I would like to get the enterprise version of Inquisitor working and would like some advice with the server part. I have no problem building the live and standalone parts to compile however the "build-server" target in the Makefile does not seem to exist. Make rsync does work correctly and I can install the NFS root. I have used ALT Linux p5 i586 and x86_64 as the build environments (too many issues with Debian). I assume that the web server does not really have to be "built" since it is just Ruby scripts and I can start it with server/web/script/server however it needs to connect to a mysql database. Is there a mysql dump file in the sources that can be used to initialize databases and tables for the first time? The db/schema.rb file looks close however I don't know enough about Ruby to get it to work.

thanks,
Dylan Saunders
Reply | Threaded
Open this post in threaded view
|

Re: Getting enterprise version working

Michael Shigorin
On Fri, Jun 15, 2012 at 08:56:26AM -0700, Dylan Saunders wrote:
> I would like to get the enterprise version of Inquisitor
> working and would like some advice with the server part. [...]
> I have used ALT Linux p5 i586 and x86_64 as the build
> environments (too many issues with Debian).

Just in case you tend to make notes along the way, these might
be useful as I'm still interested in remaking ALT Linux based
images, maybe even for some flavour of enterprise Inquisitor
-- that was one of the goals that started the development of
http://www.altlinux.org/Mkimage/Profiles/m-p [ru].

--
 ---- WBR, Michael Shigorin <[hidden email]>
  ------ Linux.Kiev http://www.linux.kiev.ua/

------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
inq-discuss-en mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/inq-discuss-en
Reply | Threaded
Open this post in threaded view
|

Re: Getting enterprise version working

Dylan Saunders
> Just in case you tend to make notes along the way, these might
> be useful as I'm still interested in remaking ALT Linux based
> images...

When I get back to work I will post the steps that I followed. The issues were mostly package dependencies that were identified by error messages from the build process. I assumed that the Inquisitor group probably used ALT Linux p5 x86_64 as their development platform, it has the fewest dependency problems.  I tried ALT Linux p6 however some necessary packages are no longer part of that distribution. I also tried installing p5 packages in p6 which sort of worked, however it messed up the package management system. I did see another post in this forum about using rake to initialize mysql with schema.rb, I will give that a try and see how it goes.
Reply | Threaded
Open this post in threaded view
|

Re: Getting enterprise version working

Michael Shigorin
On Sat, Jun 16, 2012 at 12:49:13PM -0700, Dylan Saunders wrote:
> I tried ALT Linux p6 however some necessary packages are no
> longer part of that distribution.

I can try and assist with those.

--
 ---- WBR, Michael Shigorin <[hidden email]>
  ------ Linux.Kiev http://www.linux.kiev.ua/

------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
inq-discuss-en mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/inq-discuss-en
Reply | Threaded
Open this post in threaded view
|

Re: Getting enterprise version working

Dylan Saunders
Here is a log of my results with ALT Linux P6 x86_64. I think that the build scripts need some work. I have a similar log of Debian 6 i386 if anyone wants to see it. Since this all seems to work on ALT Linux P5 I will probably proceed with that and I have some questions about the web/rsync server that I will post in another message.

ALT Linux P6 X86_64
INQ_VERSION=3.1-alpha2

dylan.saunders@sait.ca
June 20, 2012
Attempt to build Inquisitor live and enterprise on ALT Linux P6.
Make standalone succeeds however make live (and enterprise) fails.

Create user account inquisitor
ln -s 3.0.34-std-def-alt0.M60P.1/ 3.0.24-std-def-alt0.M60P.2
Add initial packages:

 subversion 1.6.17
 dhcp-server
 bind
 nfs-server
 ntp
 syslog-ng

 ruby 1.9 (installed)
 gnuplot

 inquisitor-bnbt
 inquisitor-memtester
 inquisitor-tftpd
 unixbench

 gcc4.5
 gcc4.5-c++

Do full update / upgrade

Check out full inq tree with subversion:

Flavour: standalone Target: x86_64

++ make all

Error: make: rpmbuild: Command not found
	Install rpm-build rpmbuild-helper

Error: failed build dependencies:
	glibc-devel-static is needed by inquisitor-standalone-3.1-alt0.svn1418
	packages-info-i18n-common is needed by inquisitor-standalone-3.1-alt0.svn1418
	rpm-build-ruby is needed by inquisitor-standalone-3.1-alt0.svn1418

Installed: glibc-devel-static rpm-build-ruby

packages-info-i18n-common is no longer part of P6
can be installed from the 5.1 distro
http://ftp.altlinux.org/pub/distributions/ALTLinux/5.1/branch/noarch/RPMS.classic/packages-info-i18n-common-0.2-alt4.noarch.rpm
rpm -i packages-info-i18n-common-0.2-alt4.noarch.rpm

/** Make all for standalone flavour succeeded. **/
-----------------------------------------------------
Flavour live

++ make all

Error:
genbasedir --create --topdir /home/inquisitor/inq/trunk/repo x86_64 hasher
make: genbasedir: Command not found
	
Install: apt-repo-tools

Error:
Length: 326823 (319K) [audio/ogg]
Saving to: “STDOUT”

 0% [  ] 0 --.-K/s   in 0s      

Cannot write to “-” (Broken pipe).
make[1]: *** [out/audiosample.wav] Error 127
make[1]: Leaving directory `/home/inquisitor/inq/trunk/data'
make: *** [data] Error 2

Install: vorbis-tools

Error:
spt-init-chroot -w /home/inquisitor/inq/trunk/work
make: spt-init-chroot: Command not found
make: *** [build-root] Error 127

Install: spt3

Error:
spt-init-chroot -w /home/inquisitor/inq/trunk/work
hsh: /usr/libexec/hasher-priv/getconf.sh: cannot access getconf helper.
spt-init-chroot: Could not init chroot.
make: *** [build-root] Error 1

hasher-useradd inquisitor
Adding user inquisitor to group inquisitor_a
Adding user inquisitor to group inquisitor_b
Adding user inquisitor to group hashman

logout / login

++ make all

Error:
spt-make-chroot -w /home/inquisitor/inq/trunk/work
Reading Package Lists...
Building Dependency Tree...
Selecting kernel-image-std-def#1:3.0.34-alt0.M60P.1 for 'kernel-image-std-def'
filesystem is already the newest version.
Selecting rpcbind for 'portmap'
Selecting kbd for 'console-tools'
E: Couldn't find package bluez-utils
hsh-install: Failed to calculate package file list.
hsh-install: Failed to generate package file list.
make: *** [build-root] Error 1

Edit: trunk/build/altlinux/profile.live/packages
	comment out bluez-utils

++ make all gets a little further:

spt-run-scripts: exec /home/inquisitor/inq/trunk/work/profile/setup.d/00services
error reading information on service ntpd: No such file or directory
error reading information on service hotplug: No such file or directory
spt-run-scripts: exec /home/inquisitor/inq/trunk/work/profile/setup.d/01inquisitor
Setting up /etc/inittab
Setting up command-line login helpers
Setting up rc.local
spt-run-scripts: exec /home/inquisitor/inq/trunk/work/profile/setup.d/01live
Setting up /etc/sysconfig/network
Setting up /etc/HOSTNAME
Setting up /etc/rc.d/rc.remount
Fixing /etc/init.d/functions to support remounttab/overlaytab
Setting up fstab
spt-run-scripts: exec /home/inquisitor/inq/trunk/work/profile/setup.d/02depmod
Generating depmod
FATAL: Could not open '/boot/System.map-2*': No such file or directory
make: *** [build-root] Error 1

Error:

trunk/work/chroot/boot/System.map-3.0.34-std-def-alt0.M60P.1 
  is installed. Script is probably for P5 not P6.

Edit: "trunk/work/profile/setup.d/02depmod" and change System.map- to the actual file name:

!! #!/bin/sh

!! echo 'Generating depmod'
!! if [ -x /sbin/depmod ]; then
!!         for i in /lib/modules/2*; do
!! #               /sbin/depmod -a -F /boot/System.map-$(basename $i) $(basename $i)
!! 		/sbin/depmod -a -F /boot/System.map-3.0.34-std-def-alt0.M60P.1
!!         done
!! fi

++ "make build-root" proceeds a little further:

Error:
spt-run-scripts: exec /home/inquisitor/inq/trunk/work/profile/setup.d/02depmod
Generating depmod
WARNING: Couldn't open directory /lib/modules/3.0.24-std-def-alt0.M60P.2: No such file or directory
FATAL: Could not open /lib/modules/3.0.24-std-def-alt0.M60P.2/modules.dep.temp for writing: No such file or directory
make: *** [build-root] Error 1

    Actual directory:
    trunk/work/chroot/lib/modules/3.0.34-std-def-alt0.M60P.1/

	(files/directories are removed when you run make again)

   The (basename $i) variable seems to get set incorrectly and does not match
  what is downloaded from the ALT Linux p6 repo. Has it been set statically
  somewhere in the build scripts? 
Reply | Threaded
Open this post in threaded view
|

Re: Getting enterprise version working

Michael Shigorin
On Wed, Jun 20, 2012 at 12:56:37PM -0700, Dylan Saunders wrote:
> Here is a log of my results with ALT Linux P6 x86_64.

The attach was stripped or forgotten.

--
 ---- WBR, Michael Shigorin <[hidden email]>
  ------ Linux.Kiev http://www.linux.kiev.ua/

------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
inq-discuss-en mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/inq-discuss-en
Reply | Threaded
Open this post in threaded view
|

RE: Getting enterprise version working

Dylan Saunders

> The attach was stripped or forgotten.
 I will try it again from email rather than the web interface. I was trying to preserve some formatting with the <raw></raw> tags. I will also send it as an attachment:

-----------------------------------------

ALT Linux P6 X86_64

INQ_VERSION=3.1-alpha2

 

[hidden email]

June 20, 2012

Attempt to build Inquisitor live and enterprise on ALT Linux P6.

Make standalone succeeds however make live (and enterprise) fails.

 

Create user account inquisitor

 

Add initial packages:

 

subversion 1.6.17

dhcp-server

bind

nfs-server

ntp

syslog-ng

 

ruby 1.9 (installed)

gnuplot

 

inquisitor-bnbt

inquisitor-memtester

inquisitor-tftpd

unixbench

 

gcc4.5

gcc4.5-c++

 

Do full update / upgrade

 

Check out full inq tree with subversion:

 

Flavour: standalone Target: x86_64

 

++ make all

 

Error: make: rpmbuild: Command not found

 

Install: rpm-build rpmbuild-helper

 

Error: failed build dependencies:

                glibc-devel-static is needed by inquisitor-standalone-3.1-alt0.svn1418

                packages-info-i18n-common is needed by inquisitor-standalone-3.1-alt0.svn1418

                rpm-build-ruby is needed by inquisitor-standalone-3.1-alt0.svn1418

 

Install: glibc-devel-static rpm-build-ruby

 

NOTE:

packages-info-i18n-common is no longer part of P6

can be installed from the 5.1 distro

http://ftp.altlinux.org/pub/distributions/ALTLinux/5.1/branch/noarch/RPMS.classic/packages-info-i18n-common-0.2-alt4.noarch.rpm

rpm -i packages-info-i18n-common-0.2-alt4.noarch.rpm

 

/** Make all for standalone flavour succeeded. **/

-----------------------------------------------------

Flavour live

 

++ make all

 

Error:

genbasedir --create --topdir /home/inquisitor/inq/trunk/repo x86_64 hasher

make: genbasedir: Command not found

               

Install: apt-repo-tools

 

Error:

Length: 326823 (319K) [audio/ogg]

Saving to: “STDOUT”

 

0% [  ] 0 --.-K/s   in 0s     

 

Cannot write to “-” (Broken pipe).

make[1]: *** [out/audiosample.wav] Error 127

make[1]: Leaving directory `/home/inquisitor/inq/trunk/data'

make: *** [data] Error 2

 

Install: vorbis-tools

 

Error:

spt-init-chroot -w /home/inquisitor/inq/trunk/work

make: spt-init-chroot: Command not found

make: *** [build-root] Error 127

 

Install: spt3

 

Error:

spt-init-chroot -w /home/inquisitor/inq/trunk/work

hsh: /usr/libexec/hasher-priv/getconf.sh: cannot access getconf helper.

spt-init-chroot: Could not init chroot.

make: *** [build-root] Error 1

 

hasher-useradd inquisitor

Adding user inquisitor to group inquisitor_a

Adding user inquisitor to group inquisitor_b

Adding user inquisitor to group hashman

 

logout / login

 

++ make all

 

Error:

spt-make-chroot -w /home/inquisitor/inq/trunk/work

Reading Package Lists...

Building Dependency Tree...

Selecting kernel-image-std-def#1:3.0.34-alt0.M60P.1 for 'kernel-image-std-def'

filesystem is already the newest version.

Selecting rpcbind for 'portmap'

Selecting kbd for 'console-tools'

E: Couldn't find package bluez-utils

hsh-install: Failed to calculate package file list.

hsh-install: Failed to generate package file list.

make: *** [build-root] Error 1

 

NOTE:

Edit: trunk/build/altlinux/profile.live/packages

                comment out bluez-utils

 

++ make all gets a little further:

 

Error:

spt-run-scripts: exec /home/inquisitor/inq/trunk/work/profile/setup.d/00services

error reading information on service ntpd: No such file or directory

error reading information on service hotplug: No such file or directory

spt-run-scripts: exec /home/inquisitor/inq/trunk/work/profile/setup.d/01inquisitor

Setting up /etc/inittab

Setting up command-line login helpers

Setting up rc.local

spt-run-scripts: exec /home/inquisitor/inq/trunk/work/profile/setup.d/01live

Setting up /etc/sysconfig/network

Setting up /etc/HOSTNAME

Setting up /etc/rc.d/rc.remount

Fixing /etc/init.d/functions to support remounttab/overlaytab

Setting up fstab

spt-run-scripts: exec /home/inquisitor/inq/trunk/work/profile/setup.d/02depmod

Generating depmod

FATAL: Could not open '/boot/System.map-2*': No such file or directory

make: *** [build-root] Error 1

 

 

trunk/work/chroot/boot/System.map-3.0.34-std-def-alt0.M60P.1

  is installed. Script is probably for P5 not P6.

 

Edit: "trunk/work/profile/setup.d/02depmod" and change System.map- to the actual file name:

 

!! #!/bin/sh

 

!! echo 'Generating depmod'

!! if [ -x /sbin/depmod ]; then

!!         for i in /lib/modules/2*; do

!! #               /sbin/depmod -a -F /boot/System.map-$(basename $i) $(basename $i)

!!                             /sbin/depmod -a -F /boot/System.map-3.0.34-std-def-alt0.M60P.1

!!         done

!! fi

 

++ "make build-root" proceeds a little further:

 

Error:

spt-run-scripts: exec /home/inquisitor/inq/trunk/work/profile/setup.d/02depmod

Generating depmod

WARNING: Couldn't open directory /lib/modules/3.0.24-std-def-alt0.M60P.2: No such file or directory

FATAL: Could not open /lib/modules/3.0.24-std-def-alt0.M60P.2/modules.dep.temp for writing: No such file or directory

make: *** [build-root] Error 1

 

NOTE:

    Actual directory that is created:

    trunk/work/chroot/lib/modules/3.0.34-std-def-alt0.M60P.1/

 

                (files/directories are removed when you run make again)

 

   The (basename $i) variable seems to get set incorrectly and does not match

  what is downloaded from the ALT Linux p6 repo. Has it been set statically

  somewhere in the build scripts?

 

Dylan R. Saunders

Instructor: IT CS Program

School of ICT

Ph. (403)210-5875

http://www.sait.ca

 

From: Michael Shigorin [via Inquisitor: English discussion] [mailto:[hidden email]]
Sent: Thursday, June 21, 2012 8:27 AM
To: Dylan Saunders
Subject: Re: Getting enterprise version working

 

On Wed, Jun 20, 2012 at 12:56:37PM -0700, Dylan Saunders wrote:
> Here is a log of my results with ALT Linux P6 x86_64.

The attach was stripped or forgotten.

--
 ---- WBR, Michael Shigorin <[hidden email]>
  ------ Linux.Kiev http://www.linux.kiev.ua/

------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
inq-discuss-en mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/inq-discuss-en


If you reply to this email, your message will be added to the discussion below:

http://inquisitor-english-discussion.41408.n3.nabble.com/Getting-enterprise-version-working-tp4023711p4023716.html

To unsubscribe from Getting enterprise version working, click here.
NAML


ALTP6Inq.txt (6K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Getting enterprise version working

Michael Shigorin
On Thu, Jun 21, 2012 at 08:14:12AM -0700, Dylan Saunders wrote:

> Error: failed build dependencies:
>                 glibc-devel-static is needed by inquisitor-standalone-3.1-alt0.svn1418
>                 packages-info-i18n-common is needed by inquisitor-standalone-3.1-alt0.svn1418
>                 rpm-build-ruby is needed by inquisitor-standalone-3.1-alt0.svn1418
>
> Install: glibc-devel-static rpm-build-ruby
>
> NOTE:
> packages-info-i18n-common is no longer part of P6
> can be installed from the 5.1 distro

Can be dropped from inquisitor-standalone dependencies,
it's just a bunch of translations.

> E: Couldn't find package bluez-utils
>
> NOTE:
> Edit: trunk/build/altlinux/profile.live/packages
>                 comment out bluez-utils

Plain bluez by now.

> FATAL: Could not open '/boot/System.map-2*': No such file or directory
> make: *** [build-root] Error 1
>
> trunk/work/chroot/boot/System.map-3.0.34-std-def-alt0.M60P.1
>   is installed. Script is probably for P5 not P6.

That code has "Linux 2.6" mentality, should be simply fixed.
(e.g. [2-3] or [2-9] in case Linus has another wonderful morning
next year)

> Edit: "trunk/work/profile/setup.d/02depmod" and change System.map- to the actual file name:
>
> !! #!/bin/sh
>
> !! echo 'Generating depmod'
> !! if [ -x /sbin/depmod ]; then
> !!         for i in /lib/modules/2*; do

s/2/3/

> !! #               /sbin/depmod -a -F /boot/System.map-$(basename $i) $(basename $i)
> !!                             /sbin/depmod -a -F /boot/System.map-3.0.34-std-def-alt0.M60P.1
> !!         done
> !! fi
>
> ++ "make build-root" proceeds a little further:
>
> Error:
> spt-run-scripts: exec /home/inquisitor/inq/trunk/work/profile/setup.d/02depmod
> Generating depmod
> WARNING: Couldn't open directory /lib/modules/3.0.24-std-def-alt0.M60P.2: No such file or directory
> FATAL: Could not open /lib/modules/3.0.24-std-def-alt0.M60P.2/modules.dep.temp for writing: No such file or directory
> make: *** [build-root] Error 1

3.0.24 is probably the kernel host system runs, while
3.0.34 is what gets installed being the current one;
3.0.35 hit the branch yesterday, BTW.

> NOTE:
>     Actual directory that is created:
>     trunk/work/chroot/lib/modules/3.0.34-std-def-alt0.M60P.1/
>
>                 (files/directories are removed when you run make again)
>
>    The (basename $i) variable seems to get set incorrectly and does not match
>   what is downloaded from the ALT Linux p6 repo. Has it been set statically
>   somewhere in the build scripts?

Even if you hardwire the version string instead of basename call,
you should replace both calls and it looks like only the first one
is replaced by now.

The walkthrough is magnificent though, I'm sincerely interested
in the way you were resolving paths to packages (ALT's apt lacks
apt-file even if $arch/base/contents_index files in repositories
do contain the mappings).  It was a pleasure to digest.

--
 ---- WBR, Michael Shigorin <[hidden email]>
  ------ Linux.Kiev http://www.linux.kiev.ua/

------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
inq-discuss-en mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/inq-discuss-en
Reply | Threaded
Open this post in threaded view
|

RE: Getting enterprise version working

Dylan Saunders

On Thursday Michael Shigorin wrote:

 

>> !! echo 'Generating depmod'

>> !! if [ -x /sbin/depmod ]; then

>> !!         for i in /lib/modules/2*; do

 

>s/2/3/

 

>> !! #               /sbin/depmod -a -F /boot/System.map-$(basename $i) $(basename $i)

 

So changing “modules/2*” to “modules/3*” did the trick, I can now build a live CD iso image based on P6. That also gives me the NFS root filesystem for PXE booting.

 

The rest of the enterprise build is just “make rsync” and “make rsync-server” which I have already verified to work properly with P5. I already have a working PXE server based on Centos 6.2 and Clonezilla that can do double duty as the rsync/web server. In my opinion Clonezilla and Inquisitor complement each other and it makes sense to integrate them on one server. I have made some progress on that (see attached image) and should be able to get it working eventually.

 

The part I really need to understand is the rsync/web server and database and how Inquisitor clients interact with it. This message thread has the best information I have found so far:

http://sourceforge.net/mailarchive/forum.php?thread_name=4fb3d3940906010827p23f0530ftecec2fa339909401%40mail.gmail.com&forum_name=inq-discuss-en

 

This talks about initializing a computer and NICs in the database, (which I have done) then registering a client with that instance (which is not too clear). Could someone from the Inquisitor team post an example of a working setup  and the steps required to transfer test data from the client to the server? I assume that any installation of the standalone client, a live CD or a PXE boot system should be able to do this, and that /etc/inquisitor/global should be set up to match the server.

 

Thanks,

 

Dylan R. Saunders

Instructor: IT CS Program

School of ICT

Ph. (403)210-5875

http://www.sait.ca

 


InqCloneBoot.png (138K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Getting enterprise version working

Michael Shigorin
On Fri, Jun 22, 2012 at 11:46:21AM -0700, Dylan Saunders wrote:
> Could someone from the Inquisitor team post an example of a
> working setup  and the steps required to transfer test data
> from the client to the server?

Sorry, can't help with that as I've only seen an already working
production installation by stargrave@ and greycat IIRC.
Maybe they'll notice rather sooner than later :-)

--
 ---- WBR, Michael Shigorin <[hidden email]>
  ------ Linux.Kiev http://www.linux.kiev.ua/

------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
inq-discuss-en mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/inq-discuss-en