Error udating to v2.4.195 under Debian 12 #121

clopmz · 2024-08-19T09:23:39Z

Good morning,

After updating to release v2.4.195, I am seeing a lot of errors in docker-compose logs:

misp-core-1 | MISP is now live. Users can now log in.
misp-core-1 | 2024-08-19 09:17:20,942 INFO spawned: 'default_00' with pid 3020
misp-core-1 | 2024-08-19 09:17:20,944 INFO spawned: 'default_01' with pid 3021
misp-core-1 | 2024-08-19 09:17:20,945 INFO spawned: 'default_02' with pid 3022
misp-core-1 | 2024-08-19 09:17:20,946 INFO spawned: 'default_03' with pid 3023
misp-core-1 | 2024-08-19 09:17:20,947 INFO spawned: 'default_04' with pid 3024
misp-core-1 | 2024-08-19 09:17:20,948 INFO spawned: 'email_00' with pid 3026
misp-core-1 | 2024-08-19 09:17:20,950 INFO spawned: 'email_01' with pid 3030
misp-core-1 | 2024-08-19 09:17:20,951 INFO spawned: 'email_02' with pid 3034
misp-core-1 | 2024-08-19 09:17:20,952 INFO spawned: 'email_03' with pid 3040
misp-core-1 | 2024-08-19 09:17:20,954 INFO spawned: 'email_04' with pid 3049
misp-core-1 | 2024-08-19 09:17:20,955 INFO spawned: 'cache_00' with pid 3057
misp-core-1 | 2024-08-19 09:17:20,956 INFO spawned: 'cache_01' with pid 3060
misp-core-1 | 2024-08-19 09:17:20,957 INFO spawned: 'cache_03' with pid 3066
misp-core-1 | 2024-08-19 09:17:20,959 INFO spawned: 'cache_04' with pid 3071
misp-core-1 | 2024-08-19 09:17:20,960 INFO spawned: 'prio_00' with pid 3078
misp-core-1 | 2024-08-19 09:17:20,961 INFO spawned: 'prio_01' with pid 3079
misp-core-1 | 2024-08-19 09:17:20,962 INFO spawned: 'prio_02' with pid 3080
misp-core-1 | 2024-08-19 09:17:20,963 INFO spawned: 'prio_03' with pid 3083
misp-core-1 | 2024-08-19 09:17:20,970 INFO spawned: 'update_00' with pid 3092
misp-core-1 | 2024-08-19 09:17:21,035 WARN exited: default_00 (exit status 1; not expected)
misp-core-1 | 2024-08-19 09:17:21,035 INFO gave up: default_00 entered FATAL state, too many start retries too quickly
misp-core-1 | 2024-08-19 09:17:21,049 WARN exited: default_02 (exit status 1; not expected)
misp-core-1 | 2024-08-19 09:17:21,049 WARN exited: default_04 (exit status 1; not expected)
misp-core-1 | 2024-08-19 09:17:21,049 INFO gave up: default_02 entered FATAL state, too many start retries too quickly
misp-core-1 | 2024-08-19 09:17:21,049 INFO gave up: default_04 entered FATAL state, too many start retries too quickly
misp-core-1 | 2024-08-19 09:17:21,066 WARN exited: cache_00 (exit status 1; not expected)
misp-core-1 | 2024-08-19 09:17:21,066 INFO gave up: cache_00 entered FATAL state, too many start retries too quickly
misp-core-1 | 2024-08-19 09:17:21,072 WARN exited: default_03 (exit status 1; not expected)
misp-core-1 | 2024-08-19 09:17:21,072 INFO gave up: default_03 entered FATAL state, too many start retries too quickly
misp-core-1 | 2024-08-19 09:17:21,081 WARN exited: update_00 (exit status 1; not expected)
misp-core-1 | 2024-08-19 09:17:21,081 INFO gave up: update_00 entered FATAL state, too many start retries too quickly
misp-core-1 | 2024-08-19 09:17:21,098 WARN exited: default_01 (exit status 1; not expected)
misp-core-1 | 2024-08-19 09:17:21,098 INFO gave up: default_01 entered FATAL state, too many start retries too quickly
misp-core-1 | 2024-08-19 09:17:21,119 WARN exited: email_00 (exit status 1; not expected)
misp-core-1 | 2024-08-19 09:17:21,119 WARN exited: email_02 (exit status 1; not expected)
misp-core-1 | 2024-08-19 09:17:21,119 WARN exited: cache_01 (exit status 1; not expected)
misp-core-1 | 2024-08-19 09:17:21,119 INFO gave up: email_00 entered FATAL state, too many start retries too quickly
misp-core-1 | 2024-08-19 09:17:21,119 INFO gave up: email_02 entered FATAL state, too many start retries too quickly
misp-core-1 | 2024-08-19 09:17:21,119 INFO gave up: cache_01 entered FATAL state, too many start retries too quickly
misp-core-1 | 2024-08-19 09:17:21,125 WARN exited: email_04 (exit status 1; not expected)
misp-core-1 | 2024-08-19 09:17:21,125 INFO gave up: email_04 entered FATAL state, too many start retries too quickly
misp-core-1 | 2024-08-19 09:17:21,133 WARN exited: email_03 (exit status 1; not expected)
misp-core-1 | 2024-08-19 09:17:21,133 WARN exited: cache_03 (exit status 1; not expected)
misp-core-1 | 2024-08-19 09:17:21,133 INFO gave up: email_03 entered FATAL state, too many start retries too quickly
misp-core-1 | 2024-08-19 09:17:21,133 INFO gave up: cache_03 entered FATAL state, too many start retries too quickly
misp-core-1 | 2024-08-19 09:17:21,143 WARN exited: email_01 (exit status 1; not expected)
misp-core-1 | 2024-08-19 09:17:21,143 WARN exited: cache_04 (exit status 1; not expected)
misp-core-1 | 2024-08-19 09:17:21,143 WARN exited: prio_03 (exit status 1; not expected)
misp-core-1 | 2024-08-19 09:17:21,144 INFO gave up: email_01 entered FATAL state, too many start retries too quickly
misp-core-1 | 2024-08-19 09:17:21,144 INFO gave up: cache_04 entered FATAL state, too many start retries too quickly
misp-core-1 | 2024-08-19 09:17:21,144 INFO gave up: prio_03 entered FATAL state, too many start retries too quickly
misp-core-1 | 2024-08-19 09:17:21,152 WARN exited: prio_02 (exit status 1; not expected)
misp-core-1 | 2024-08-19 09:17:21,152 INFO gave up: prio_02 entered FATAL state, too many start retries too quickly
misp-core-1 | 2024-08-19 09:17:21,168 WARN exited: prio_00 (exit status 1; not expected)
misp-core-1 | 2024-08-19 09:17:21,168 INFO gave up: prio_00 entered FATAL state, too many start retries too quickly
misp-core-1 | 2024-08-19 09:17:22,169 INFO success: prio_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1 | 2024-08-19 09:17:22,170 INFO spawned: 'prio_04' with pid 3179
misp-core-1 | 2024-08-19 09:17:22,170 WARN exited: prio_01 (exit status 1; not expected)
misp-core-1 | 2024-08-19 09:17:22,243 INFO spawned: 'prio_01' with pid 3187
misp-core-1 | 2024-08-19 09:17:22,316 WARN exited: prio_04 (exit status 1; not expected)
misp-core-1 | 2024-08-19 09:17:22,316 INFO gave up: prio_04 entered FATAL state, too many start retries too quickly
misp-core-1 | 2024-08-19 09:17:23,318 INFO spawned: 'cache_02' with pid 3195
misp-core-1 | 2024-08-19 09:17:23,318 INFO success: prio_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1 | 2024-08-19 09:17:23,319 WARN exited: prio_01 (exit status 1; not expected)
misp-core-1 | 2024-08-19 09:17:23,392 INFO spawned: 'prio_01' with pid 3203
misp-core-1 | 2024-08-19 09:17:23,465 WARN exited: cache_02 (exit status 1; not expected)
misp-core-1 | 2024-08-19 09:17:23,466 INFO gave up: cache_02 entered FATAL state, too many start retries too quickly
misp-core-1 | 2024-08-19 09:17:24,467 INFO success: prio_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1 | 2024-08-19 09:17:24,468 WARN exited: prio_01 (exit status 1; not expected)
misp-core-1 | 2024-08-19 09:17:25,470 INFO spawned: 'prio_01' with pid 3218
misp-core-1 | 2024-08-19 09:17:26,543 INFO success: prio_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1 | 2024-08-19 09:17:26,543 WARN exited: prio_01 (exit status 1; not expected)
misp-core-1 | 2024-08-19 09:17:27,545 INFO spawned: 'prio_01' with pid 3233
misp-core-1 | 2024-08-19 09:17:28,619 INFO success: prio_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1 | 2024-08-19 09:17:28,619 WARN exited: prio_01 (exit status 1; not expected)
misp-core-1 | 2024-08-19 09:17:29,621 INFO spawned: 'prio_01' with pid 3248
misp-core-1 | 2024-08-19 09:17:30,695 INFO success: prio_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1 | 2024-08-19 09:17:30,695 WARN exited: prio_01 (exit status 1; not expected)
misp-core-1 | 2024-08-19 09:17:31,698 INFO spawned: 'prio_01' with pid 3263
misp-core-1 | 2024-08-19 09:17:32,771 INFO success: prio_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1 | 2024-08-19 09:17:32,771 WARN exited: prio_01 (exit status 1; not expected)
misp-core-1 | 2024-08-19 09:17:33,774 INFO spawned: 'prio_01' with pid 3278
misp-core-1 | 2024-08-19 09:17:34,846 INFO success: prio_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1 | 2024-08-19 09:17:34,847 WARN exited: prio_01 (exit status 1; not expected)
misp-core-1 | 2024-08-19 09:17:35,849 INFO spawned: 'prio_01' with pid 3293
misp-core-1 | 2024-08-19 09:17:36,922 INFO success: prio_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1 | 2024-08-19 09:17:36,922 WARN exited: prio_01 (exit status 1; not expected)
misp-core-1 | 2024-08-19 09:17:37,924 INFO spawned: 'prio_01' with pid 3308
misp-core-1 | 2024-08-19 09:17:38,997 INFO success: prio_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1 | 2024-08-19 09:17:38,998 WARN exited: prio_01 (exit status 1; not expected)
misp-core-1 | 2024-08-19 09:17:40,000 INFO spawned: 'prio_01' with pid 3323
misp-core-1 | 2024-08-19 09:17:41,073 INFO success: prio_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1 | 2024-08-19 09:17:41,073 WARN exited: prio_01 (exit status 1; not expected)
misp-core-1 | 2024-08-19 09:17:42,075 INFO spawned: 'prio_01' with pid 3338
misp-core-1 | 2024-08-19 09:17:43,148 INFO success: prio_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1 | 2024-08-19 09:17:43,148 WARN exited: prio_01 (exit status 1; not expected)
misp-core-1 | 2024-08-19 09:17:44,150 INFO spawned: 'prio_01' with pid 3353
misp-core-1 | 2024-08-19 09:17:45,224 INFO success: prio_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1 | 2024-08-19 09:17:45,224 WARN exited: prio_01 (exit status 1; not expected)
misp-core-1 | 2024-08-19 09:17:46,226 INFO spawned: 'prio_01' with pid 3368
misp-core-1 | 2024-08-19 09:17:47,300 INFO success: prio_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1 | 2024-08-19 09:17:47,300 WARN exited: prio_01 (exit status 1; not expected)
misp-core-1 | 2024-08-19 09:17:48,302 INFO spawned: 'prio_01' with pid 3383
misp-core-1 | 2024-08-19 09:17:49,376 INFO success: prio_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1 | 2024-08-19 09:17:49,376 WARN exited: prio_01 (exit status 1; not expected)
misp-core-1 | 2024-08-19 09:17:50,379 INFO spawned: 'prio_01' with pid 3398
misp-core-1 | 2024-08-19 09:17:51,452 INFO success: prio_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1 | 2024-08-19 09:17:51,452 WARN exited: prio_01 (exit status 1; not expected)
misp-core-1 | 2024-08-19 09:17:52,454 INFO spawned: 'prio_01' with pid 3413
misp-core-1 | 2024-08-19 09:17:53,528 INFO success: prio_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1 | 2024-08-19 09:17:53,529 WARN exited: prio_01 (exit status 1; not expected)
misp-core-1 | 2024-08-19 09:17:54,531 INFO spawned: 'prio_01' with pid 3428
misp-core-1 | 2024-08-19 09:17:55,606 INFO success: prio_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1 | 2024-08-19 09:17:55,606 WARN exited: prio_01 (exit status 1; not expected)
misp-core-1 | 2024-08-19 09:17:56,608 INFO spawned: 'prio_01' with pid 3443
misp-core-1 | 2024-08-19 09:17:57,680 INFO success: prio_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1 | 2024-08-19 09:17:57,681 WARN exited: prio_01 (exit status 1; not expected)

As a @ostefano recommeds me in Giter, I have removed all docker images and redis volume but issue is not solved.

All docker images are running without problems, apparently:

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
8d44002651b6 ghcr.io/misp/misp-docker/misp-core:latest "/entrypoint.sh" 2 minutes ago Up 2 minutes (healthy) 0.0.0.0:80->80/tcp, :::80->80/tcp, 0.0.0.0:443->443/tcp, :::443->443/tcp, 127.0.0.1:27051->27051/tcp misp-misp-core-1
0eb5dc790275 ghcr.io/misp/misp-docker/misp-modules:latest "/usr/local/bin/misp…" 2 minutes ago Up 2 minutes misp-misp-modules-1
1f8870274ecb mariadb:10.11 "docker-entrypoint.s…" 2 minutes ago Up 2 minutes (healthy) 3306/tcp misp-db-1
83505493d71b valkey/valkey:7.2 "docker-entrypoint.s…" 2 minutes ago Up 2 minutes (healthy) 6379/tcp misp-redis-1
62035ab78524 ixdotai/smtp "/bin/entrypoint.sh …" 2 minutes ago Up 2 minutes 25/tcp misp-mail-1

My .env file is:

Build-time variables

CORE_TAG=v2.4.195
MODULES_TAG=v2.4.195
PHP_VER=20190902
LIBFAUP_COMMIT=3a26d0a

PYPY_* vars take precedence over MISP's

PYPI_REDIS_VERSION="==5.0.*"

PYPI_LIEF_VERSION=">=0.13.1"

PYPI_PYDEEP2_VERSION="==0.5.*"

PYPI_PYTHON_MAGIC_VERSION="==0.4.*"

PYPI_MISP_LIB_STIX2_VERSION="==3.0.*"

PYPI_MAEC_VERSION="==4.1.*"

PYPI_MIXBOX_VERSION="==1.0.*"

PYPI_CYBOX_VERSION="==2.1.*"

PYPI_PYMISP_VERSION="==2.4.178"

CORE_COMMIT takes precedence over CORE_TAG

CORE_COMMIT=c56d537

MODULES_COMMIT takes precedence over MODULES_TAG

MODULES_COMMIT=de69ae3

Run-time variables

Email/username for user #1, defaults to MISP's default ([email protected])

ADMIN_EMAIL=[email protected]

name of org #1, default to MISP's default (ORGNAME)

ADMIN_ORG=MISP Platform.

defaults to an automatically generated one

ADMIN_KEY=

defaults to MISP's default (admin)

ADMIN_PASSWORD=

defaults to 'passphrase'

GPG_PASSPHRASE=mypassinternal

defaults to 1 (the admin user)

CRON_USER_ID=1

defaults to 'https://localhost'

BASE_URL=https://misp.mydomain.com

store settings in db except those that must stay in config.php. true/false, defaults to false

ENABLE_DB_SETTINGS=true

optional and used by the mail sub-system

SMARTHOST_ADDRESS=mail.mydomain.com
SMARTHOST_PORT=25
SMARTHOST_USER=
SMARTHOST_PASSWORD=
SMARTHOST_ALIASES=

optional comma separated list of IDs of syncservers (e.g. SYNCSERVERS=1)

For this to work ADMIN_KEY must be set, or AUTOGEN_ADMIN_KEY must be true (default)

SYNCSERVERS=

note: if you have more than one syncserver, you need to update docker-compose.yml

SYNCSERVERS_1_URL=
SYNCSERVERS_1_NAME=
SYNCSERVERS_1_UUID=
SYNCSERVERS_1_KEY=

optional and used to set mysql db and credentials

MYSQL_HOST=

MYSQL_PORT=

MYSQL_USER=cti
MYSQL_PASSWORD=f14abaeb07160033d60114110a6af2c06abd59416f8b9b38dc551d6342a18c2b
MYSQL_ROOT_PASSWORD=c40aa130af1eb54d8ace33fc5e8d13e4dab7b8e1e2532164e7d135f8fa541c13
MYSQL_DATABASE=dbmisp

These variables allows overriding some MISP email values.

They all default to ADMIN_EMAIL.

MISP.email, used for notifications. Also used

for GnuPG.email and GPG autogeneration.

MISP_EMAIL=[email protected]

MISP.contact, the e-mail address that

MISP should include as a contact address

for the instance's support team.

MISP_CONTACT=[email protected]

Enable GPG autogeneration (default true)

AUTOCONF_GPG=true

Enable admin (user #1) API key autogeneration

if ADMIN_KEY is not set above (default true)

AUTOGEN_ADMIN_KEY=true

Disable IPv6 completely

DISABLE_IPV6=true

Disable SSL redirect

DISABLE_SSL_REDIRECT=true

Enable OIDC authentication, according to https://github.com/MISP/MISP/blob/2.4/app/Plugin/OidcAuth/README.md

OIDC_ENABLE=true

OIDC_PROVIDER_URL=

OIDC_CLIENT_ID=

OIDC_CLIENT_SECRET=

OIDC_ROLES_PROPERTY="roles"

OIDC_ROLES_MAPPING="{"admin": "1"}"

OIDC_DEFAULT_ORG=

Enable LDAP (using the ApacheSecureAuth component) authentication, according to MISP/MISP#6189

NOTE: Once you enable LDAP authentication with the ApacheSecureAuth component, users should not be able to control the HTTP header configured in LDAP_APACHE_ENV (e.g. REMOTE_USER).

This means you must not allow direct access to MISP.

LDAP_ENABLE=true

LDAP_APACHE_ENV="REMOTE_USER"

LDAP_SERVER="ldap://your_domain_controller"

LDAP_STARTTLS=true

LDAP_READER_USER="CN=service_account_name,OU=Users,DC=domain,DC=net"

LDAP_READER_PASSWORD="password"

LDAP_DN="OU=Users,DC=domain,DC=net"

LDAP_SEARCH_FILTER=""

LDAP_SEARCH_ATTRIBUTE="uid"

LDAP_FILTER="["mail", "uid", "cn" ]"

LDAP_DEFAULT_ROLE_ID="3"

LDAP_DEFAULT_ORG="1"

LDAP_EMAIL_FIELD="["mail"]"

LDAP_OPT_PROTOCOL_VERSION="3"

LDAP_OPT_NETWORK_TIMEOUT="-1"

LDAP_OPT_REFERRALS=false

Enable Azure AD (Entra) authentication, according to https://github.com/MISP/MISP/blob/2.4/app/Plugin/AadAuth/README.md

AAD_ENABLE=true

AAD_CLIENT_ID=

AAD_TENANT_ID=

AAD_CLIENT_SECRET=

AAD_REDIRECT_URI="https://misp.mydomain.com/users/login"

AAD_PROVIDER="https://login.microsoftonline.com/"

AAD_PROVIDER_USER="https://graph.microsoft.com/"

AAD_MISP_USER="Misp Users"

AAD_MISP_ORGADMIN="Misp Org Admins"

AAD_MISP_SITEADMIN="Misp Site Admins"

AAD_CHECK_GROUPS=false

Enable the use of a Proxy server

PROXY_ENABLE=true

PROXY_HOST=

PROXY_PORT=

PROXY_METHOD=

PROXY_USER=

PROXY_PASSWORD=

My host is a Debian 12 amd64.

ostefano · 2024-08-19T09:24:55Z

Please post the logs before the error.
Also, post the .env.

Did you try updating docker from the docker.com website?

clopmz · 2024-08-19T09:29:45Z

Please post the logs before the error. Also, post the .env.

Did you try updating docker from the docker.com website?

Yes ... I have updated all docker images from docker.com

clopmz · 2024-08-19T09:31:41Z

More info. In misp-workers-errors.log file appears the following errors:

Error: ERR AUTH called without any password configured for the default user. Are you sure your configuration is correct?
#0 /var/www/MISP/app/Lib/Tools/BackgroundJobsTool.php(686): Redis->auth()
#1 /var/www/MISP/app/Lib/Tools/BackgroundJobsTool.php(126): BackgroundJobsTool->createRedisConnection()
#2 /var/www/MISP/app/Console/Command/AppShell.php(117): BackgroundJobsTool->__construct()
#3 /var/www/MISP/app/Console/Command/StartWorkerShell.php(23): AppShell->getBackgroundJobsTool()
#4 /var/www/MISP/app/Lib/cakephp/lib/Cake/Console/Shell.php(430): StartWorkerShell->getOptionParser()
#5 /var/www/MISP/app/Lib/cakephp/lib/Cake/Console/ShellDispatcher.php(222): Shell->runCommand()
#6 /var/www/MISP/app/Lib/cakephp/lib/Cake/Console/ShellDispatcher.php(66): ShellDispatcher->dispatch()
#7 /var/www/MISP/app/Console/cake.php(45): ShellDispatcher::run()
#8 {main}
Error: ERR AUTH called without any password configured for the default user. Are you sure your configuration is correct?
#0 /var/www/MISP/app/Lib/Tools/BackgroundJobsTool.php(686): Redis->auth()
#1 /var/www/MISP/app/Lib/Tools/BackgroundJobsTool.php(126): BackgroundJobsTool->createRedisConnection()
#2 /var/www/MISP/app/Console/Command/AppShell.php(117): BackgroundJobsTool->__construct()
#3 /var/www/MISP/app/Console/Command/StartWorkerShell.php(23): AppShell->getBackgroundJobsTool()
#4 /var/www/MISP/app/Lib/cakephp/lib/Cake/Console/Shell.php(430): StartWorkerShell->getOptionParser()
#5 /var/www/MISP/app/Lib/cakephp/lib/Cake/Console/ShellDispatcher.php(222): Shell->runCommand()
#6 /var/www/MISP/app/Lib/cakephp/lib/Cake/Console/ShellDispatcher.php(66): ShellDispatcher->dispatch()
#7 /var/www/MISP/app/Console/cake.php(45): ShellDispatcher::run()
#8 {main}
Error: ERR AUTH called without any password configured for the default user. Are you sure your configuration is correct?
#0 /var/www/MISP/app/Lib/Tools/BackgroundJobsTool.php(686): Redis->auth()
#1 /var/www/MISP/app/Lib/Tools/BackgroundJobsTool.php(126): BackgroundJobsTool->createRedisConnection()
#2 /var/www/MISP/app/Console/Command/AppShell.php(117): BackgroundJobsTool->__construct()
#3 /var/www/MISP/app/Console/Command/StartWorkerShell.php(23): AppShell->getBackgroundJobsTool()
#4 /var/www/MISP/app/Lib/cakephp/lib/Cake/Console/Shell.php(430): StartWorkerShell->getOptionParser()
#5 /var/www/MISP/app/Lib/cakephp/lib/Cake/Console/ShellDispatcher.php(222): Shell->runCommand()
#6 /var/www/MISP/app/Lib/cakephp/lib/Cake/Console/ShellDispatcher.php(66): ShellDispatcher->dispatch()
#7 /var/www/MISP/app/Console/cake.php(45): ShellDispatcher::run()
#8 {main}

ostefano · 2024-08-19T09:31:55Z

That is not what I asked, I asked whether you followed this https://docs.docker.com/engine/install/ubuntu/

ostefano · 2024-08-19T09:32:18Z

@clopmz I have asked for the other logs before the errors

ostefano · 2024-08-19T09:32:41Z

Please format the .env file appropriately

clopmz · 2024-08-19T09:33:48Z

That is not what I asked, I asked whether you followed this https://docs.docker.com/engine/install/ubuntu/

Nop ... I have installed docker using Debian 12 repository. With release v2.4.194 all was working ok without problems.

ostefano · 2024-08-19T09:34:44Z

Then please update the docker engine with what it is specified in the docker.com website.

clopmz · 2024-08-19T09:40:33Z

My .env file:

##
# Build-time variables
##

CORE_TAG=v2.4.195
MODULES_TAG=v2.4.195
PHP_VER=20190902
LIBFAUP_COMMIT=3a26d0a

# PYPY_* vars take precedence over MISP's
# PYPI_REDIS_VERSION="==5.0.*"
# PYPI_LIEF_VERSION=">=0.13.1"
# PYPI_PYDEEP2_VERSION="==0.5.*"
# PYPI_PYTHON_MAGIC_VERSION="==0.4.*"
# PYPI_MISP_LIB_STIX2_VERSION="==3.0.*"
# PYPI_MAEC_VERSION="==4.1.*"
# PYPI_MIXBOX_VERSION="==1.0.*"
# PYPI_CYBOX_VERSION="==2.1.*"
# PYPI_PYMISP_VERSION="==2.4.178"

# CORE_COMMIT takes precedence over CORE_TAG
# CORE_COMMIT=c56d537
# MODULES_COMMIT takes precedence over MODULES_TAG
# MODULES_COMMIT=de69ae3

##
# Run-time variables
##

# Email/username for user #1, defaults to MISP's default ([email protected])
[email protected]
# name of org #1, default to MISP's default (ORGNAME)
ADMIN_ORG=MISP Platform.
# defaults to an automatically generated one
ADMIN_KEY=
# defaults to MISP's default (admin)
ADMIN_PASSWORD=
# defaults to 'passphrase'
GPG_PASSPHRASE=mypassinternal
# defaults to 1 (the admin user)
CRON_USER_ID=1
# defaults to 'https://localhost'
BASE_URL=https://misp.mydomain.com
# store settings in db except those that must stay in config.php. true/false, defaults to false
ENABLE_DB_SETTINGS=true

# optional and used by the mail sub-system
SMARTHOST_ADDRESS=mail.mydomain.com
SMARTHOST_PORT=25
SMARTHOST_USER=
SMARTHOST_PASSWORD=
SMARTHOST_ALIASES=

# optional comma separated list of IDs of syncservers (e.g. SYNCSERVERS=1)
# For this to work ADMIN_KEY must be set, or AUTOGEN_ADMIN_KEY must be true (default)
SYNCSERVERS=
# note: if you have more than one syncserver, you need to update docker-compose.yml
SYNCSERVERS_1_URL=
SYNCSERVERS_1_NAME=
SYNCSERVERS_1_UUID=
SYNCSERVERS_1_KEY=

# optional and used to set mysql db and credentials
# MYSQL_HOST=
# MYSQL_PORT=
MYSQL_USER=cti
MYSQL_PASSWORD=f14abaeb07160033d60114110a6af2c06abd59416f8b9b38dc551d6342a18c2b
MYSQL_ROOT_PASSWORD=c40aa130af1eb54d8ace33fc5e8d13e4dab7b8e1e2532164e7d135f8fa541c13
MYSQL_DATABASE=dbmisp

# These variables allows overriding some MISP email values.
# They all default to ADMIN_EMAIL.

# MISP.email, used for notifications. Also used
# for GnuPG.email and GPG autogeneration.
[email protected]

# MISP.contact, the e-mail address that
# MISP should include as a contact address
# for the instance's support team.
[email protected]

# Enable GPG autogeneration (default true)
# AUTOCONF_GPG=true

# Enable admin (user #1) API key autogeneration
# if ADMIN_KEY is not set above (default true)
# AUTOGEN_ADMIN_KEY=true

# Disable IPv6 completely
DISABLE_IPV6=true

# Disable SSL redirect
DISABLE_SSL_REDIRECT=true

# Enable OIDC authentication, according to https://github.com/MISP/MISP/blob/2.4/app/Plugin/OidcAuth/README.md
# OIDC_ENABLE=true
# OIDC_PROVIDER_URL=
# OIDC_CLIENT_ID=
# OIDC_CLIENT_SECRET=
# OIDC_ROLES_PROPERTY="roles"
# OIDC_ROLES_MAPPING="{\"admin\": \"1\"}"
# OIDC_DEFAULT_ORG=

# Enable LDAP (using the ApacheSecureAuth component) authentication, according to https://github.com/MISP/MISP/issues/6189
# NOTE: Once you enable LDAP authentication with the ApacheSecureAuth component, users should not be able to control the HTTP header configured in LDAP_APACHE_ENV (e.g. REMOTE_USER).
#       This means you must not allow direct access to MISP.
# LDAP_ENABLE=true
# LDAP_APACHE_ENV="REMOTE_USER"
# LDAP_SERVER="ldap://your_domain_controller"
# LDAP_STARTTLS=true
# LDAP_READER_USER="CN=service_account_name,OU=Users,DC=domain,DC=net"
# LDAP_READER_PASSWORD="password"
# LDAP_DN="OU=Users,DC=domain,DC=net"
# LDAP_SEARCH_FILTER=""
# LDAP_SEARCH_ATTRIBUTE="uid"
# LDAP_FILTER="[\"mail\", \"uid\", \"cn\" ]"
# LDAP_DEFAULT_ROLE_ID="3"
# LDAP_DEFAULT_ORG="1"
# LDAP_EMAIL_FIELD="[\"mail\"]"
# LDAP_OPT_PROTOCOL_VERSION="3"
# LDAP_OPT_NETWORK_TIMEOUT="-1"
# LDAP_OPT_REFERRALS=false

# Enable Azure AD (Entra) authentication, according to https://github.com/MISP/MISP/blob/2.4/app/Plugin/AadAuth/README.md
# AAD_ENABLE=true
# AAD_CLIENT_ID=
# AAD_TENANT_ID=
# AAD_CLIENT_SECRET=
# AAD_REDIRECT_URI="https://misp.mydomain.com/users/login"
# AAD_PROVIDER="https://login.microsoftonline.com/"
# AAD_PROVIDER_USER="https://graph.microsoft.com/"
# AAD_MISP_USER="Misp Users"
# AAD_MISP_ORGADMIN="Misp Org Admins"
# AAD_MISP_SITEADMIN="Misp Site Admins"
# AAD_CHECK_GROUPS=false

# Enable the use of a Proxy server
# PROXY_ENABLE=true
# PROXY_HOST=
# PROXY_PORT=
# PROXY_METHOD=
# PROXY_USER=
# PROXY_PASSWORD=

clopmz · 2024-08-19T09:46:26Z

Then please update the docker engine with what it is specified in the docker.com website.

Hi @ostefano . I have update to docker community release 27.1.2 and problems are the same:

Client: Docker Engine - Community
 Version:    27.1.2
 Context:    default
 Debug Mode: false
 Plugins:
  buildx: Docker Buildx (Docker Inc.)
    Version:  v0.16.2
    Path:     /usr/libexec/docker/cli-plugins/docker-buildx
  compose: Docker Compose (Docker Inc.)
    Version:  v2.29.1
    Path:     /usr/libexec/docker/cli-plugins/docker-compose

Server:
 Containers: 23
  Running: 23
  Paused: 0
  Stopped: 0
 Images: 19
 Server Version: 27.1.2

ostefano · 2024-08-19T09:47:41Z

Can you try removing all containers and the configs directory before trying again?

ostefano · 2024-08-19T09:50:35Z

You still need to provide the full logs (what happens before the errors)

clopmz · 2024-08-19T10:01:27Z

Can you try removing all containers and the configs directory before trying again?

Done ... but nothing ... same errors ..

clopmz · 2024-08-19T10:03:43Z

You still need to provide the full logs (what happens before the errors)

Fulll docker-compose log full:

db-1            | 2024-08-19 10:00:06+00:00 [Note] [Entrypoint]: Entrypoint script for MariaDB Server 1:10.11.9+maria~ubu2204 started.
db-1            | 2024-08-19 10:00:06+00:00 [Warn] [Entrypoint]: /sys/fs/cgroup///memory.pressure not writable, functionality unavailable to MariaDB
db-1            | 2024-08-19 10:00:06+00:00 [Note] [Entrypoint]: Switching to dedicated user 'mysql'
db-1            | 2024-08-19 10:00:06+00:00 [Note] [Entrypoint]: Entrypoint script for MariaDB Server 1:10.11.9+maria~ubu2204 started.
db-1            | 2024-08-19 10:00:07+00:00 [Note] [Entrypoint]: MariaDB upgrade not required
db-1            | 2024-08-19 10:00:07 0 [Note] Starting MariaDB 10.11.9-MariaDB-ubu2204 source revision 0e8fb977b00983d98c4c35e39bc1f36463095938 server_uid 6pLEQT+fhpOFxv85sh+gN2qrJZQ= as process 1
db-1            | 2024-08-19 10:00:07 0 [Note] InnoDB: Compressed tables use zlib 1.2.11
db-1            | 2024-08-19 10:00:07 0 [Note] InnoDB: Number of transaction pools: 1
db-1            | 2024-08-19 10:00:07 0 [Note] InnoDB: Using AVX512 instructions
db-1            | 2024-08-19 10:00:07 0 [Note] mariadbd: O_TMPFILE is not supported on /tmp (disabling future attempts)
db-1            | 2024-08-19 10:00:07 0 [Note] InnoDB: Using liburing
db-1            | 2024-08-19 10:00:07 0 [Note] InnoDB: Initializing buffer pool, total size = 128.000MiB, chunk size = 2.000MiB
db-1            | 2024-08-19 10:00:07 0 [Note] InnoDB: Completed initialization of buffer pool
db-1            | 2024-08-19 10:00:07 0 [Note] InnoDB: File system buffers for log disabled (block size=512 bytes)
db-1            | 2024-08-19 10:00:07 0 [Note] InnoDB: End of log at LSN=1276127764
db-1            | 2024-08-19 10:00:07 0 [Note] InnoDB: 128 rollback segments are active.
db-1            | 2024-08-19 10:00:07 0 [Note] InnoDB: Setting file './ibtmp1' size to 12.000MiB. Physically writing the file full; Please wait ...
db-1            | 2024-08-19 10:00:07 0 [Note] InnoDB: File './ibtmp1' size is now 12.000MiB.
db-1            | 2024-08-19 10:00:07 0 [Note] InnoDB: log sequence number 1276127764; transaction id 744662
db-1            | 2024-08-19 10:00:07 0 [Note] Plugin 'FEEDBACK' is disabled.
db-1            | 2024-08-19 10:00:07 0 [Note] InnoDB: Loading buffer pool(s) from /var/lib/mysql/ib_buffer_pool
db-1            | 2024-08-19 10:00:07 0 [Warning] You need to use --log-bin to make --expire-logs-days or --binlog-expire-logs-seconds work.
db-1            | 2024-08-19 10:00:07 0 [Note] Server socket created on IP: '0.0.0.0'.
db-1            | 2024-08-19 10:00:07 0 [Note] Server socket created on IP: '::'.
db-1            | 2024-08-19 10:00:07 0 [Note] mariadbd: ready for connections.
db-1            | Version: '10.11.9-MariaDB-ubu2204'  socket: '/run/mysqld/mysqld.sock'  port: 3306  mariadb.org binary distribution
db-1            | 2024-08-19 10:00:07 0 [Note] InnoDB: Buffer pool(s) load completed at 240819 10:00:07
misp-modules-1  | 2024-08-19 10:00:11,200 - misp-modules - INFO - Launch MISP modules server from current directory.
misp-modules-1  | 2024-08-19 10:00:11,201 - misp-modules - INFO - Helpers loaded cache.py
misp-modules-1  | 2024-08-19 10:00:11,205 - misp-modules - INFO - MISP modules mattermost imported
misp-modules-1  | 2024-08-19 10:00:11,205 - misp-modules - INFO - MISP modules slack imported
misp-modules-1  | 2024-08-19 10:00:11,205 - misp-modules - INFO - MISP modules testaction imported
misp-modules-1  | 2024-08-19 10:00:11,206 - misp-modules - INFO - MISP modules abuseipdb imported
misp-modules-1  | 2024-08-19 10:00:11,206 - misp-modules - INFO - MISP modules apiosintds imported
misp-modules-1  | 2024-08-19 10:00:11,207 - misp-modules - INFO - MISP modules apivoid imported
misp-modules-1  | 2024-08-19 10:00:11,207 - misp-modules - INFO - MISP modules assemblyline_query imported
misp-modules-1  | 2024-08-19 10:00:11,207 - misp-modules - INFO - MISP modules assemblyline_submit imported
misp-modules-1  | 2024-08-19 10:00:11,207 - misp-modules - INFO - MISP modules backscatter_io imported
misp-modules-1  | 2024-08-19 10:00:11,207 - misp-modules - INFO - MISP modules bgpranking imported
misp-modules-1  | 2024-08-19 10:00:11,207 - misp-modules - INFO - MISP modules btc_scam_check imported
misp-modules-1  | 2024-08-19 10:00:11,208 - misp-modules - INFO - MISP modules btc_steroids imported
misp-modules-1  | 2024-08-19 10:00:11,208 - misp-modules - INFO - MISP modules censys_enrich imported
misp-modules-1  | 2024-08-19 10:00:11,208 - misp-modules - INFO - MISP modules circl_passivedns imported
misp-modules-1  | 2024-08-19 10:00:11,208 - misp-modules - INFO - MISP modules circl_passivessl imported
misp-modules-1  | 2024-08-19 10:00:11,208 - misp-modules - INFO - MISP modules clamav imported
misp-modules-1  | 2024-08-19 10:00:11,209 - misp-modules - INFO - MISP modules cluster25_expand imported
misp-modules-1  | 2024-08-19 10:00:11,209 - misp-modules - INFO - MISP modules countrycode imported
misp-modules-1  | 2024-08-19 10:00:11,209 - misp-modules - INFO - MISP modules cpe imported
misp-modules-1  | 2024-08-19 10:00:11,209 - misp-modules - INFO - MISP modules crowdsec imported
misp-modules-1  | 2024-08-19 10:00:11,209 - misp-modules - INFO - MISP modules crowdstrike_falcon imported
misp-modules-1  | 2024-08-19 10:00:11,210 - misp-modules - INFO - MISP modules cuckoo_submit imported
misp-modules-1  | 2024-08-19 10:00:11,210 - misp-modules - INFO - MISP modules cve imported
misp-modules-1  | 2024-08-19 10:00:11,210 - misp-modules - INFO - MISP modules cve_advanced imported
misp-modules-1  | 2024-08-19 10:00:11,210 - misp-modules - INFO - MISP modules cytomic_orion imported
misp-modules-1  | 2024-08-19 10:00:11,210 - misp-modules - INFO - MISP modules dbl_spamhaus imported
misp-modules-1  | 2024-08-19 10:00:11,210 - misp-modules - INFO - MISP modules dns imported
misp-modules-1  | 2024-08-19 10:00:11,211 - misp-modules - INFO - MISP modules docx_enrich imported
misp-modules-1  | 2024-08-19 10:00:11,211 - misp-modules - INFO - MISP modules domaintools imported
misp-modules-1  | 2024-08-19 10:00:11,211 - misp-modules - INFO - MISP modules eql imported
misp-modules-1  | 2024-08-19 10:00:11,211 - misp-modules - INFO - MISP modules eupi imported
misp-modules-1  | 2024-08-19 10:00:11,211 - misp-modules - INFO - MISP modules extract_url_components imported
misp-modules-1  | 2024-08-19 10:00:11,212 - misp-modules - INFO - MISP modules farsight_passivedns imported
misp-modules-1  | 2024-08-19 10:00:11,212 - misp-modules - INFO - MISP modules geoip_asn imported
misp-modules-1  | 2024-08-19 10:00:11,212 - misp-modules - INFO - MISP modules geoip_city imported
misp-modules-1  | 2024-08-19 10:00:11,213 - misp-modules - INFO - MISP modules geoip_country imported
misp-modules-1  | 2024-08-19 10:00:11,213 - misp-modules - INFO - MISP modules google_safe_browsing imported
misp-modules-1  | 2024-08-19 10:00:11,214 - misp-modules - INFO - MISP modules google_search imported
misp-modules-1  | 2024-08-19 10:00:11,214 - misp-modules - INFO - MISP modules google_threat_intelligence imported
misp-modules-1  | 2024-08-19 10:00:11,214 - misp-modules - INFO - MISP modules greynoise imported
misp-modules-1  | 2024-08-19 10:00:11,214 - misp-modules - INFO - MISP modules hashdd imported
misp-modules-1  | 2024-08-19 10:00:11,214 - misp-modules - INFO - MISP modules hashlookup imported
misp-modules-1  | 2024-08-19 10:00:11,215 - misp-modules - INFO - MISP modules hibp imported
misp-modules-1  | 2024-08-19 10:00:11,215 - misp-modules - INFO - MISP modules html_to_markdown imported
misp-modules-1  | 2024-08-19 10:00:11,215 - misp-modules - INFO - MISP modules hyasinsight imported
misp-modules-1  | 2024-08-19 10:00:11,215 - misp-modules - INFO - MISP modules intel471 imported
misp-modules-1  | 2024-08-19 10:00:11,215 - misp-modules - INFO - MISP modules ip2locationio imported
misp-modules-1  | 2024-08-19 10:00:11,216 - misp-modules - INFO - MISP modules ipasn imported
misp-modules-1  | 2024-08-19 10:00:11,216 - misp-modules - INFO - MISP modules ipinfo imported
misp-modules-1  | 2024-08-19 10:00:11,216 - misp-modules - INFO - MISP modules ipqs_fraud_and_risk_scoring imported
misp-modules-1  | 2024-08-19 10:00:11,216 - misp-modules - INFO - MISP modules iprep imported
misp-modules-1  | 2024-08-19 10:00:11,216 - misp-modules - INFO - MISP modules jinja_template_rendering imported
misp-modules-1  | 2024-08-19 10:00:11,216 - misp-modules - INFO - MISP modules joesandbox_query imported
misp-modules-1  | 2024-08-19 10:00:11,217 - misp-modules - INFO - MISP modules joesandbox_submit imported
redis-1         | 1:C 19 Aug 2024 10:00:06.833 * oO0OoO0OoO0Oo Valkey is starting oO0OoO0OoO0Oo
redis-1         | 1:C 19 Aug 2024 10:00:06.833 * Valkey version=7.2.6, bits=64, commit=00000000, modified=0, pid=1, just started
redis-1         | 1:C 19 Aug 2024 10:00:06.833 # Warning: no config file specified, using the default config. In order to specify a config file use valkey-server /path/to/valkey.conf
redis-1         | 1:M 19 Aug 2024 10:00:06.833 * monotonic clock: POSIX clock_gettime
redis-1         | 1:M 19 Aug 2024 10:00:06.833 * Running mode=standalone, port=6379.
redis-1         | 1:M 19 Aug 2024 10:00:06.834 * Server initialized
redis-1         | 1:M 19 Aug 2024 10:00:06.834 * Ready to accept connections tcp
misp-modules-1  | 2024-08-19 10:00:11,217 - misp-modules - INFO - MISP modules lastline_query imported
misp-modules-1  | 2024-08-19 10:00:11,217 - misp-modules - INFO - MISP modules lastline_submit imported
misp-modules-1  | 2024-08-19 10:00:11,217 - misp-modules - INFO - MISP modules macaddress_io imported
misp-modules-1  | 2024-08-19 10:00:11,217 - misp-modules - INFO - MISP modules macvendors imported
misp-modules-1  | 2024-08-19 10:00:11,217 - misp-modules - INFO - MISP modules malwarebazaar imported
misp-modules-1  | 2024-08-19 10:00:11,218 - misp-modules - INFO - MISP modules mcafee_insights_enrich imported
misp-modules-1  | 2024-08-19 10:00:11,218 - misp-modules - INFO - MISP modules mmdb_lookup imported
misp-modules-1  | 2024-08-19 10:00:11,218 - misp-modules - INFO - MISP modules mwdb imported
misp-modules-1  | 2024-08-19 10:00:11,218 - misp-modules - INFO - MISP modules ocr_enrich imported
misp-modules-1  | 2024-08-19 10:00:11,218 - misp-modules - INFO - MISP modules ods_enrich imported
misp-modules-1  | 2024-08-19 10:00:11,218 - misp-modules - INFO - MISP modules odt_enrich imported
misp-modules-1  | 2024-08-19 10:00:11,219 - misp-modules - INFO - MISP modules onyphe imported
misp-modules-1  | 2024-08-19 10:00:11,219 - misp-modules - INFO - MISP modules onyphe_full imported
misp-modules-1  | 2024-08-19 10:00:11,219 - misp-modules - INFO - MISP modules otx imported
misp-modules-1  | 2024-08-19 10:00:11,219 - misp-modules - INFO - MISP modules passive-ssh imported
misp-modules-1  | 2024-08-19 10:00:11,219 - misp-modules - INFO - MISP modules passivetotal imported
misp-modules-1  | 2024-08-19 10:00:11,219 - misp-modules - INFO - MISP modules pdf_enrich imported
misp-modules-1  | 2024-08-19 10:00:11,220 - misp-modules - INFO - MISP modules pptx_enrich imported
misp-modules-1  | 2024-08-19 10:00:11,220 - misp-modules - INFO - MISP modules qintel_qsentry imported
misp-modules-1  | 2024-08-19 10:00:11,220 - misp-modules - INFO - MISP modules qrcode imported
misp-modules-1  | 2024-08-19 10:00:11,220 - misp-modules - INFO - MISP modules ransomcoindb imported
misp-modules-1  | 2024-08-19 10:00:11,220 - misp-modules - INFO - MISP modules rbl imported
misp-modules-1  | 2024-08-19 10:00:11,221 - misp-modules - INFO - MISP modules recordedfuture imported
misp-modules-1  | 2024-08-19 10:00:11,221 - misp-modules - INFO - MISP modules reversedns imported
misp-modules-1  | 2024-08-19 10:00:11,221 - misp-modules - INFO - MISP modules securitytrails imported
misp-modules-1  | 2024-08-19 10:00:11,221 - misp-modules - INFO - MISP modules shodan imported
misp-modules-1  | 2024-08-19 10:00:11,222 - misp-modules - INFO - MISP modules sigma_queries imported
misp-modules-1  | 2024-08-19 10:00:11,222 - misp-modules - INFO - MISP modules sigma_syntax_validator imported
mail-1          | using non-split configuration scheme from /etc/exim4/exim4.conf.template
mail-1          |     1 LOG: MAIN
mail-1          |     1   exim 4.96 daemon started: pid=1, -q15m, listening for SMTP on port 25 (IPv6 and IPv4)
mail-1          |   283 Exim version 4.96 uid=100 gid=102 pid=283 D=80001
mail-1          |   283 Berkeley DB: Berkeley DB 5.3.28: (September  9, 2013)
mail-1          |   283 Support for: crypteq iconv() IPv6 GnuTLS TLS_resume move_frozen_messages DANE DKIM DNSSEC Event I18N OCSP PIPECONNECT PRDR Queue_Ramp SOCKS SRS TCP_Fast_Open
mail-1          |   283 Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmjz dbmnz dnsdb dsearch nis nis0 passwd
mail-1          |   283 Authenticators: cram_md5 external plaintext
mail-1          |   283 Routers: accept dnslookup ipliteral manualroute queryprogram redirect
mail-1          |   283 Transports: appendfile/maildir/mailstore autoreply lmtp pipe smtp
mail-1          |   283 Fixed never_users: 0
mail-1          |   283 Configure owner: 0:0
mail-1          |   283 Size of off_t: 8
misp-modules-1  | 2024-08-19 10:00:11,641 - misp-modules - INFO - MISP modules sigmf-expand imported
misp-modules-1  | 2024-08-19 10:00:11,641 - misp-modules - INFO - MISP modules socialscan imported
misp-modules-1  | 2024-08-19 10:00:11,641 - misp-modules - INFO - MISP modules sophoslabs_intelix imported
misp-modules-1  | 2024-08-19 10:00:11,641 - misp-modules - INFO - MISP modules sourcecache imported
misp-modules-1  | 2024-08-19 10:00:11,642 - misp-modules - INFO - MISP modules stairwell imported
misp-modules-1  | 2024-08-19 10:00:11,642 - misp-modules - INFO - MISP modules stix2_pattern_syntax_validator imported
misp-modules-1  | 2024-08-19 10:00:11,642 - misp-modules - INFO - MISP modules threatcrowd imported
misp-modules-1  | 2024-08-19 10:00:11,642 - misp-modules - INFO - MISP modules threatfox imported
misp-modules-1  | 2024-08-19 10:00:11,642 - misp-modules - INFO - MISP modules threatminer imported
misp-modules-1  | 2024-08-19 10:00:11,642 - misp-modules - INFO - MISP modules trustar_enrich imported
misp-modules-1  | 2024-08-19 10:00:11,643 - misp-modules - INFO - MISP modules urlhaus imported
misp-modules-1  | 2024-08-19 10:00:11,643 - misp-modules - INFO - MISP modules urlscan imported
misp-modules-1  | 2024-08-19 10:00:11,643 - misp-modules - INFO - MISP modules variotdbs imported
misp-modules-1  | 2024-08-19 10:00:11,644 - misp-modules - INFO - MISP modules virustotal imported
misp-modules-1  | 2024-08-19 10:00:11,644 - misp-modules - INFO - MISP modules virustotal_public imported
misp-modules-1  | 2024-08-19 10:00:11,644 - misp-modules - INFO - MISP modules vmray_submit imported
misp-modules-1  | 2024-08-19 10:00:11,651 - misp-modules - INFO - MISP modules vmware_nsx imported
misp-modules-1  | 2024-08-19 10:00:11,651 - misp-modules - INFO - MISP modules vulndb imported
misp-modules-1  | 2024-08-19 10:00:11,651 - misp-modules - INFO - MISP modules vulnerability_lookup imported
misp-modules-1  | 2024-08-19 10:00:11,651 - misp-modules - INFO - MISP modules vulners imported
misp-modules-1  | 2024-08-19 10:00:11,651 - misp-modules - INFO - MISP modules whois imported
misp-modules-1  | 2024-08-19 10:00:11,652 - misp-modules - INFO - MISP modules whoisfreaks imported
misp-modules-1  | 2024-08-19 10:00:11,652 - misp-modules - INFO - MISP modules wiki imported
misp-modules-1  | 2024-08-19 10:00:11,652 - misp-modules - INFO - MISP modules xforceexchange imported
misp-modules-1  | 2024-08-19 10:00:11,652 - misp-modules - INFO - MISP modules xlsx_enrich imported
misp-modules-1  | 2024-08-19 10:00:11,652 - misp-modules - INFO - MISP modules yara_query imported
misp-modules-1  | 2024-08-19 10:00:11,652 - misp-modules - INFO - MISP modules yara_syntax_validator imported
misp-modules-1  | 2024-08-19 10:00:11,653 - misp-modules - INFO - MISP modules yeti imported
misp-modules-1  | 2024-08-19 10:00:11,653 - misp-modules - INFO - MISP modules cef_export imported
misp-modules-1  | 2024-08-19 10:00:11,653 - misp-modules - INFO - MISP modules cisco_firesight_manager_ACL_rule_export imported
misp-modules-1  | 2024-08-19 10:00:11,653 - misp-modules - INFO - MISP modules defender_endpoint_export imported
misp-modules-1  | 2024-08-19 10:00:11,654 - misp-modules - INFO - MISP modules goamlexport imported
misp-modules-1  | 2024-08-19 10:00:11,654 - misp-modules - INFO - MISP modules liteexport imported
misp-modules-1  | 2024-08-19 10:00:11,654 - misp-modules - INFO - MISP modules mass_eql_export imported
misp-modules-1  | 2024-08-19 10:00:11,655 - misp-modules - INFO - MISP modules nexthinkexport imported
misp-modules-1  | 2024-08-19 10:00:11,655 - misp-modules - INFO - MISP modules osqueryexport imported
misp-modules-1  | 2024-08-19 10:00:11,655 - misp-modules - INFO - MISP modules pdfexport imported
misp-modules-1  | 2024-08-19 10:00:11,655 - misp-modules - INFO - MISP modules testexport imported
misp-modules-1  | 2024-08-19 10:00:11,655 - misp-modules - INFO - MISP modules threatStream_misp_export imported
misp-modules-1  | 2024-08-19 10:00:11,655 - misp-modules - INFO - MISP modules threat_connect_export imported
misp-modules-1  | 2024-08-19 10:00:11,655 - misp-modules - INFO - MISP modules virustotal_collections imported
misp-modules-1  | 2024-08-19 10:00:11,655 - misp-modules - INFO - MISP modules vt_graph imported
misp-modules-1  | 2024-08-19 10:00:11,656 - misp-modules - INFO - MISP modules cof2misp imported
misp-modules-1  | 2024-08-19 10:00:11,656 - misp-modules - INFO - MISP modules csvimport imported
mail-1          |   283 LOG: queue_run MAIN
misp-modules-1  | 2024-08-19 10:00:11,656 - misp-modules - INFO - MISP modules cuckooimport imported
mail-1          |   283   Start queue run: pid=283
mail-1          |   283 LOG: queue_run MAIN
mail-1          |   283   End queue run: pid=283
misp-core-1     | 2024-08-19 10:00:09,848 WARN For [program:nginx], redirect_stderr=true but stderr_logfile has also been set to a filename, the filename has been ignored
misp-core-1     | 2024-08-19 10:00:09,848 WARN For [program:php-fpm], redirect_stderr=true but stderr_logfile has also been set to a filename, the filename has been ignored
misp-core-1     | 2024-08-19 10:00:09,848 WARN For [program:cron], redirect_stderr=true but stderr_logfile has also been set to a filename, the filename has been ignored
misp-modules-1  | 2024-08-19 10:00:11,657 - misp-modules - INFO - MISP modules email_import imported
misp-modules-1  | 2024-08-19 10:00:11,657 - misp-modules - INFO - MISP modules goamlimport imported
misp-modules-1  | 2024-08-19 10:00:11,657 - misp-modules - INFO - MISP modules import_blueprint imported
misp-modules-1  | 2024-08-19 10:00:11,657 - misp-modules - INFO - MISP modules joe_import imported
misp-modules-1  | 2024-08-19 10:00:11,657 - misp-modules - INFO - MISP modules lastline_import imported
misp-modules-1  | 2024-08-19 10:00:11,657 - misp-modules - INFO - MISP modules mispjson imported
misp-modules-1  | 2024-08-19 10:00:11,658 - misp-modules - INFO - MISP modules ocr imported
misp-modules-1  | 2024-08-19 10:00:11,658 - misp-modules - INFO - MISP modules openiocimport imported
misp-modules-1  | 2024-08-19 10:00:11,658 - misp-modules - INFO - MISP modules taxii21 imported
misp-modules-1  | 2024-08-19 10:00:11,658 - misp-modules - INFO - MISP modules testimport imported
misp-modules-1  | 2024-08-19 10:00:11,658 - misp-modules - INFO - MISP modules threatanalyzer_import imported
misp-modules-1  | 2024-08-19 10:00:11,661 - misp-modules - INFO - MISP modules url_import imported
misp-modules-1  | 2024-08-19 10:00:11,661 - misp-modules - INFO - MISP modules vmray_import imported
misp-modules-1  | 2024-08-19 10:00:11,661 - misp-modules - INFO - MISP modules vmray_summary_json_import imported
misp-modules-1  | 2024-08-19 10:00:11,663 - misp-modules - INFO - MISP modules server started on 0.0.0.0 port 6666
misp-core-1     | 2024-08-19 10:00:09,848 INFO Included extra file "/etc/supervisor/conf.d/10-supervisor.conf" during parsing
misp-core-1     | 2024-08-19 10:00:09,848 INFO Included extra file "/etc/supervisor/conf.d/50-workers.conf" during parsing
misp-core-1     | 2024-08-19 10:00:09,848 INFO Set uid to user 0 succeeded
misp-core-1     | 2024-08-19 10:00:09,851 INFO RPC interface 'supervisor' initialized
misp-core-1     | 2024-08-19 10:00:09,851 INFO RPC interface 'supervisor' initialized
misp-core-1     | 2024-08-19 10:00:09,851 CRIT Server 'unix_http_server' running without any HTTP authentication checking
misp-core-1     | 2024-08-19 10:00:09,851 INFO supervisord started with pid 7
misp-core-1     | 2024-08-19 10:00:10,853 INFO spawned: 'cron' with pid 8
misp-core-1     | 2024-08-19 10:00:10,854 INFO spawned: 'nginx' with pid 9
misp-core-1     | 2024-08-19 10:00:10,856 INFO spawned: 'php-fpm' with pid 10
misp-core-1     | INIT | Initialize MySQL ...
misp-core-1     | Configure PHP | Change PHP values ...
misp-core-1     | ... database has already been initialized
misp-core-1     | INIT | Initialize NGINX ...
misp-core-1     | ... enabling port 80 redirect
misp-core-1     | Configure PHP | Starting PHP FPM
misp-core-1     | ... disabling IPv6 on port 80
misp-core-1     | ... disabling SSL redirect
misp-core-1     | ... enabling port 443
misp-core-1     | ... disabling IPv6 on port 443
misp-core-1     | ... TLS certificates found
misp-core-1     | ... DH parameters found
misp-core-1     | ... nginx docroot set to /var/www/html/
misp-core-1     | INIT | Initialize MISP files and configurations ...
misp-core-1     | ... initialize configuration files
misp-core-1     | 13+1 records in
misp-core-1     | 13+1 records out
misp-core-1     | 7120 bytes (7.1 kB, 7.0 KiB) copied, 8.7901e-05 s, 81.0 MB/s
misp-core-1     | 4+1 records in
misp-core-1     | 4+1 records out
misp-core-1     | 2541 bytes (2.5 kB, 2.5 KiB) copied, 6.5231e-05 s, 39.0 MB/s
misp-core-1     | 21+1 records in
misp-core-1     | 21+1 records out
misp-core-1     | 10814 bytes (11 kB, 11 KiB) copied, 9.6522e-05 s, 112 MB/s
misp-core-1     | 31+1 records in
misp-core-1     | 31+1 records out
misp-core-1     | 15928 bytes (16 kB, 16 KiB) copied, 0.000120441 s, 132 MB/s
misp-core-1     | 5+1 records in
misp-core-1     | 5+1 records out
misp-core-1     | 3002 bytes (3.0 kB, 2.9 KiB) copied, 6.6531e-05 s, 45.1 MB/s
misp-core-1     | 5+1 records in
misp-core-1     | 5+1 records out
misp-core-1     | 2618 bytes (2.6 kB, 2.6 KiB) copied, 7.0251e-05 s, 37.3 MB/s
misp-core-1     | ... initialize database.php settings
misp-core-1     | ... initialize email.php settings
misp-core-1     | ... initialize app files
misp-core-1     | INIT | Update MISP app/files directory ...
misp-core-1     | ... rsync -azh --delete "/var/www/MISP/app/files.dist/browscap" "/var/www/MISP/app/files/"
misp-core-1     | ... rsync -azh "/var/www/MISP/app/files.dist/certs" "/var/www/MISP/app/files/"
misp-core-1     | ... rsync -azh --delete "/var/www/MISP/app/files.dist/community-metadata" "/var/www/MISP/app/files/"
misp-core-1     | ... rsync -azh --delete "/var/www/MISP/app/files.dist/empty" "/var/www/MISP/app/files/"
misp-core-1     | ... rsync -azh --delete "/var/www/MISP/app/files.dist/feed-metadata" "/var/www/MISP/app/files/"
misp-core-1     | ... rsync -azh --delete "/var/www/MISP/app/files.dist/geo-open" "/var/www/MISP/app/files/"
misp-core-1     | ... rsync -azh "/var/www/MISP/app/files.dist/img" "/var/www/MISP/app/files/"
misp-core-1     | ... rsync -azh --delete "/var/www/MISP/app/files.dist/misp-decaying-models" "/var/www/MISP/app/files/"
misp-core-1     | ... rsync -azh --delete "/var/www/MISP/app/files.dist/misp-galaxy" "/var/www/MISP/app/files/"
misp-core-1     | ... rsync -azh --delete "/var/www/MISP/app/files.dist/misp-objects" "/var/www/MISP/app/files/"
misp-core-1     | ... rsync -azh --delete "/var/www/MISP/app/files.dist/misp-workflow-blueprints" "/var/www/MISP/app/files/"
misp-core-1     | ... rsync -azh --delete "/var/www/MISP/app/files.dist/noticelists" "/var/www/MISP/app/files/"
misp-core-1     | ... rsync -azh --delete "/var/www/MISP/app/files.dist/scripts" "/var/www/MISP/app/files/"
misp-core-1     | ... rsync -azh "/var/www/MISP/app/files.dist/taxonomies" "/var/www/MISP/app/files/"
misp-core-1     | ... rsync -azh --delete "/var/www/MISP/app/files.dist/terms" "/var/www/MISP/app/files/"
misp-core-1     | ... rsync -azh --delete "/var/www/MISP/app/files.dist/warninglists" "/var/www/MISP/app/files/"
misp-core-1     | INIT | Enforce MISP permissions ...
misp-core-1     | ... chown -R www-data:www-data /var/www/MISP/app/tmp
misp-core-1     | ... chmod -R 0550 files /var/www/MISP/app/tmp
misp-core-1     | ... chmod -R 0770 directories /var/www/MISP/app/tmp
misp-core-1     | ... chmod -R u+w,g+w /var/www/MISP/app/tmp
misp-core-1     | ... chown -R www-data:www-data /var/www/MISP/app/files
misp-core-1     | ... chmod -R 0550 files /var/www/MISP/app/files
misp-core-1     | ... chmod -R 0770 directories /var/www/MISP/app/files
misp-core-1     | ... chmod -R u+w,g+w /var/www/MISP/app/files
misp-core-1     | ... chown -R www-data:www-data /var/www/MISP/app/Config
misp-core-1     | ... chmod -R 0550 files /var/www/MISP/app/Config ...
misp-core-1     | ... chmod -R 0770 directories /var/www/MISP/app/Config
misp-core-1     | ... chmod 600 /var/www/MISP/app/Config/{config,database,email}.php
misp-core-1     | INIT | Flip NGINX live ...
misp-core-1     | ... nginx docroot set to /var/www/MISP/app/webroot
misp-core-1     | ... nginx reloaded
misp-core-1     | 2024/08/19 10:00:11 [notice] 149#149: signal process started
misp-core-1     | 2024-08-19 10:00:11,856 INFO success: cron entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1     | 2024-08-19 10:00:11,856 INFO success: nginx entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1     | 2024-08-19 10:00:11,856 INFO success: php-fpm entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1     | INIT | Configure MISP installation ...
misp-core-1     | MISP | Update CA certificates ...
misp-core-1     | Updating certificates in /etc/ssl/certs...
misp-core-1     | 0 added, 0 removed; done.
misp-core-1     | Running hooks in /etc/ca-certificates/update.d...
misp-core-1     | done.
misp-core-1     | Updating /var/www/MISP/app/Lib/cakephp/lib/Cake/Config/cacert.pem...
misp-core-1     | MISP | Apply minimum configuration directives ...
misp-core-1     | ... enforcing env var settings
misp-core-1     | Enforcing minimum_config setting 'GnuPG.binary' to env var or default value '/usr/bin/gpg'...
misp-core-1     | Enforcing minimum_config setting 'MISP.python_bin' to env var or default value '/usr/local/bin/python3'...
misp-core-1     | Enforcing minimum_config setting 'MISP.redis_host' to env var or default value 'redis'...
misp-core-1     | Enforcing minimum_config setting 'MISP.redis_password' to env var or default value 'redispassword'...
misp-core-1     | Enforcing minimum_config setting 'SimpleBackgroundJobs.redis_host' to env var or default value 'redis'...
misp-core-1     | Enforcing minimum_config setting 'SimpleBackgroundJobs.redis_password' to env var or default value 'redispassword'...
misp-core-1     | ... checking for unset default settings
misp-core-1     | Updating unset minimum_config setting 'MISP.attachments_dir' to '/var/www/MISP/app/files'...
misp-core-1     | Updating unset minimum_config setting 'MISP.background_jobs' to 'true'...
misp-core-1     | Updating unset minimum_config setting 'MISP.ca_path' to '/etc/ssl/certs/ca-certificates.crt'...
misp-core-1     | Updating unset minimum_config setting 'MISP.download_gpg_from_homedir' to 'false'...
misp-core-1     | Updating unset minimum_config setting 'MISP.menu_custom_right_link' to ''...
misp-core-1     | Updating unset minimum_config setting 'MISP.menu_custom_right_link_html' to ''...
misp-core-1     | Updating unset minimum_config setting 'MISP.online_version_check' to 'true'...
misp-core-1     | Updating unset minimum_config setting 'MISP.osuser' to 'www-data'...
misp-core-1     | Updating unset minimum_config setting 'MISP.redis_database' to '13'...
misp-core-1     | Updating unset minimum_config setting 'MISP.redis_port' to '6379'...
misp-core-1     | Updating unset minimum_config setting 'MISP.self_update' to 'false'...
misp-core-1     | Updating unset minimum_config setting 'MISP.tmpdir' to '/var/www/MISP/app/tmp'...
misp-core-1     | Updating unset minimum_config setting 'Security.disable_instance_file_uploads' to 'false'...
misp-core-1     | Updating unset minimum_config setting 'Security.disable_local_feed_access' to 'false'...
misp-core-1     | Updating unset minimum_config setting 'Security.rest_client_enable_arbitrary_urls' to 'false'...
misp-core-1     | Updating unset minimum_config setting 'Security.salt' to ''...
misp-core-1     | Updating unset minimum_config setting 'SimpleBackgroundJobs.enabled' to 'true'...
misp-core-1     | Updating unset minimum_config setting 'SimpleBackgroundJobs.max_job_history_ttl' to '86400'...
misp-core-1     | Updating unset minimum_config setting 'SimpleBackgroundJobs.redis_database' to '1'...
misp-core-1     | Updating unset minimum_config setting 'SimpleBackgroundJobs.redis_namespace' to 'background_jobs'...
misp-core-1     | Updating unset minimum_config setting 'SimpleBackgroundJobs.redis_port' to '6379'...
misp-core-1     | Updating unset minimum_config setting 'SimpleBackgroundJobs.supervisor_host' to '127.0.0.1'...
misp-core-1     | Updating unset minimum_config setting 'SimpleBackgroundJobs.supervisor_password' to 'supervisor'...
misp-core-1     | Updating unset minimum_config setting 'SimpleBackgroundJobs.supervisor_port' to '9001'...
misp-core-1     | Updating unset minimum_config setting 'SimpleBackgroundJobs.supervisor_user' to 'supervisor'...
misp-core-1     | MISP | Apply DB updates ...
misp-core-1     | Executing all updates to bring the database up to date with the current version.
misp-core-1     | All updates completed.
misp-core-1     | MISP | Initialize configuration ...
misp-core-1     | ... enforcing env var settings
misp-core-1     | Enforcing db_enable setting 'MISP.system_setting_db' to env var or default value 'true'...
misp-core-1     | ... enforcing env var settings
misp-core-1     | Enforcing initialisation setting 'MISP.baseurl' to env var or default value 'https://debsbrdcti01.hzt-fi.prod.esbard.lan'...
misp-core-1     | Enforcing initialisation setting 'MISP.contact' to env var or default value '[email protected]'...
misp-core-1     | Enforcing initialisation setting 'MISP.email' to env var or default value '[email protected]'...
misp-core-1     | Enforcing initialisation setting 'Plugin.Action_services_url' to env var or default value 'http://misp-modules'...
misp-modules-1  | 2024-08-19 10:00:19,173 - tornado.access - INFO - 200 GET /modules (10.201.3.5) 1.55ms
misp-modules-1  | 2024-08-19 10:00:19,202 - tornado.access - INFO - 200 GET /modules (10.201.3.5) 0.86ms
misp-modules-1  | 2024-08-19 10:00:19,207 - tornado.access - INFO - 200 GET /modules (10.201.3.5) 0.70ms
misp-modules-1  | 2024-08-19 10:00:19,217 - tornado.access - INFO - 200 GET /modules (10.201.3.5) 0.87ms
misp-core-1     | Error: Return value of Workflow::getEnabledModules() must be of the type array, bool returned
misp-core-1     | #0 /var/www/MISP/app/Model/Workflow.php(912): Workflow->getEnabledModules()
misp-core-1     | #1 /var/www/MISP/app/Model/Workflow.php(899): Workflow->__mergeGlobalConfigIntoLoadedModules()
misp-core-1     | #2 /var/www/MISP/app/Model/Workflow.php(1111): Workflow->loadAllWorkflowModules()
misp-core-1     | #3 /var/www/MISP/app/Model/Server.php(1562): Workflow->getModulesByType()
misp-core-1     | #4 /var/www/MISP/app/Model/Server.php(1511): Server->readModuleSettings()
misp-core-1     | #5 /var/www/MISP/app/Model/Server.php(2425): Server->getCurrentServerSettings()
misp-core-1     | #6 /var/www/MISP/app/Console/Command/AdminShell.php(533): Server->getSettingData()
misp-core-1     | #7 /var/www/MISP/app/Lib/cakephp/lib/Cake/Console/Shell.php(459): AdminShell->setSetting()
misp-core-1     | #8 /var/www/MISP/app/Lib/cakephp/lib/Cake/Console/ShellDispatcher.php(222): Shell->runCommand()
misp-core-1     | #9 /var/www/MISP/app/Lib/cakephp/lib/Cake/Console/ShellDispatcher.php(66): ShellDispatcher->dispatch()
misp-core-1     | #10 /var/www/MISP/app/Console/cake.php(45): ShellDispatcher::run()
misp-core-1     | #11 {main}
misp-core-1     | Enforcing initialisation setting 'Plugin.Enrichment_services_url' to env var or default value 'http://misp-modules'...
misp-modules-1  | 2024-08-19 10:00:19,350 - tornado.access - INFO - 200 GET /modules (10.201.3.5) 1.23ms
misp-modules-1  | 2024-08-19 10:00:19,367 - tornado.access - INFO - 200 GET /modules (10.201.3.5) 0.77ms
misp-modules-1  | 2024-08-19 10:00:19,371 - tornado.access - INFO - 200 GET /modules (10.201.3.5) 0.73ms
misp-modules-1  | 2024-08-19 10:00:19,378 - tornado.access - INFO - 200 GET /modules (10.201.3.5) 0.81ms
misp-core-1     | Error: Return value of Workflow::getEnabledModules() must be of the type array, bool returned
misp-core-1     | #0 /var/www/MISP/app/Model/Workflow.php(912): Workflow->getEnabledModules()
misp-core-1     | #1 /var/www/MISP/app/Model/Workflow.php(899): Workflow->__mergeGlobalConfigIntoLoadedModules()
misp-core-1     | #2 /var/www/MISP/app/Model/Workflow.php(1111): Workflow->loadAllWorkflowModules()
misp-core-1     | #3 /var/www/MISP/app/Model/Server.php(1562): Workflow->getModulesByType()
misp-core-1     | #4 /var/www/MISP/app/Model/Server.php(1511): Server->readModuleSettings()
misp-core-1     | #5 /var/www/MISP/app/Model/Server.php(2425): Server->getCurrentServerSettings()
misp-core-1     | #6 /var/www/MISP/app/Console/Command/AdminShell.php(533): Server->getSettingData()
misp-core-1     | #7 /var/www/MISP/app/Lib/cakephp/lib/Cake/Console/Shell.php(459): AdminShell->setSetting()
misp-core-1     | #8 /var/www/MISP/app/Lib/cakephp/lib/Cake/Console/ShellDispatcher.php(222): Shell->runCommand()
misp-core-1     | #9 /var/www/MISP/app/Lib/cakephp/lib/Cake/Console/ShellDispatcher.php(66): ShellDispatcher->dispatch()
misp-core-1     | #10 /var/www/MISP/app/Console/cake.php(45): ShellDispatcher::run()
misp-core-1     | #11 {main}
misp-core-1     | Enforcing initialisation setting 'Plugin.Export_services_url' to env var or default value 'http://misp-modules'...
misp-modules-1  | 2024-08-19 10:00:19,511 - tornado.access - INFO - 200 GET /modules (10.201.3.5) 1.24ms
misp-modules-1  | 2024-08-19 10:00:19,528 - tornado.access - INFO - 200 GET /modules (10.201.3.5) 0.75ms
misp-modules-1  | 2024-08-19 10:00:19,531 - tornado.access - INFO - 200 GET /modules (10.201.3.5) 0.70ms
misp-modules-1  | 2024-08-19 10:00:19,539 - tornado.access - INFO - 200 GET /modules (10.201.3.5) 0.82ms
misp-core-1     | Error: Return value of Workflow::getEnabledModules() must be of the type array, bool returned
misp-core-1     | #0 /var/www/MISP/app/Model/Workflow.php(912): Workflow->getEnabledModules()
misp-core-1     | #1 /var/www/MISP/app/Model/Workflow.php(899): Workflow->__mergeGlobalConfigIntoLoadedModules()
misp-core-1     | #2 /var/www/MISP/app/Model/Workflow.php(1111): Workflow->loadAllWorkflowModules()
misp-core-1     | #3 /var/www/MISP/app/Model/Server.php(1562): Workflow->getModulesByType()
misp-core-1     | #4 /var/www/MISP/app/Model/Server.php(1511): Server->readModuleSettings()
misp-core-1     | #5 /var/www/MISP/app/Model/Server.php(2425): Server->getCurrentServerSettings()
misp-core-1     | #6 /var/www/MISP/app/Console/Command/AdminShell.php(533): Server->getSettingData()
misp-core-1     | #7 /var/www/MISP/app/Lib/cakephp/lib/Cake/Console/Shell.php(459): AdminShell->setSetting()
misp-core-1     | #8 /var/www/MISP/app/Lib/cakephp/lib/Cake/Console/ShellDispatcher.php(222): Shell->runCommand()
misp-core-1     | #9 /var/www/MISP/app/Lib/cakephp/lib/Cake/Console/ShellDispatcher.php(66): ShellDispatcher->dispatch()
misp-core-1     | #10 /var/www/MISP/app/Console/cake.php(45): ShellDispatcher::run()
misp-core-1     | #11 {main}
misp-core-1     | Enforcing initialisation setting 'Plugin.Import_services_url' to env var or default value 'http://misp-modules'...
misp-modules-1  | 2024-08-19 10:00:19,670 - tornado.access - INFO - 200 GET /modules (10.201.3.5) 1.23ms
misp-modules-1  | 2024-08-19 10:00:19,687 - tornado.access - INFO - 200 GET /modules (10.201.3.5) 0.83ms
misp-modules-1  | 2024-08-19 10:00:19,691 - tornado.access - INFO - 200 GET /modules (10.201.3.5) 0.73ms
misp-modules-1  | 2024-08-19 10:00:19,698 - tornado.access - INFO - 200 GET /modules (10.201.3.5) 0.76ms
misp-core-1     | Error: Return value of Workflow::getEnabledModules() must be of the type array, bool returned
misp-core-1     | #0 /var/www/MISP/app/Model/Workflow.php(912): Workflow->getEnabledModules()
misp-core-1     | #1 /var/www/MISP/app/Model/Workflow.php(899): Workflow->__mergeGlobalConfigIntoLoadedModules()
misp-core-1     | #2 /var/www/MISP/app/Model/Workflow.php(1111): Workflow->loadAllWorkflowModules()
misp-core-1     | #3 /var/www/MISP/app/Model/Server.php(1562): Workflow->getModulesByType()
misp-core-1     | #4 /var/www/MISP/app/Model/Server.php(1511): Server->readModuleSettings()
misp-core-1     | #5 /var/www/MISP/app/Model/Server.php(2425): Server->getCurrentServerSettings()
misp-core-1     | #6 /var/www/MISP/app/Console/Command/AdminShell.php(533): Server->getSettingData()
misp-core-1     | #7 /var/www/MISP/app/Lib/cakephp/lib/Cake/Console/Shell.php(459): AdminShell->setSetting()
misp-core-1     | #8 /var/www/MISP/app/Lib/cakephp/lib/Cake/Console/ShellDispatcher.php(222): Shell->runCommand()
misp-core-1     | #9 /var/www/MISP/app/Lib/cakephp/lib/Cake/Console/ShellDispatcher.php(66): ShellDispatcher->dispatch()
misp-core-1     | #10 /var/www/MISP/app/Console/cake.php(45): ShellDispatcher::run()
misp-core-1     | #11 {main}
misp-core-1     | Enforcing initialisation setting 'Plugin.ZeroMQ_redis_host' to env var or default value 'redis'...
misp-core-1     | Enforcing initialisation setting 'Plugin.ZeroMQ_redis_password' to env var or default value 'redispassword'...
misp-core-1     | Enforcing initialisation setting 'Security.encryption_key' to env var or default value ''...
misp-core-1     | Enforcing initialisation setting 'debug' to env var or default value '0'...
misp-core-1     | ... checking for unset default settings
misp-core-1     | MISP | Initialize workers ...
misp-core-1     | ... starting background workers
misp-core-1     | 2024-08-19 10:00:24,584 INFO spawned: 'default_00' with pid 2313
misp-core-1     | 2024-08-19 10:00:24,585 INFO spawned: 'default_01' with pid 2314
misp-core-1     | 2024-08-19 10:00:24,587 INFO spawned: 'default_02' with pid 2315
misp-core-1     | 2024-08-19 10:00:24,588 INFO spawned: 'default_03' with pid 2316
misp-core-1     | 2024-08-19 10:00:24,589 INFO spawned: 'default_04' with pid 2317
misp-core-1     | 2024-08-19 10:00:24,591 INFO spawned: 'email_00' with pid 2320
misp-core-1     | 2024-08-19 10:00:24,592 INFO spawned: 'email_01' with pid 2326
misp-core-1     | 2024-08-19 10:00:24,594 INFO spawned: 'email_02' with pid 2330
misp-core-1     | 2024-08-19 10:00:24,595 INFO spawned: 'email_03' with pid 2336
misp-core-1     | 2024-08-19 10:00:24,596 INFO spawned: 'email_04' with pid 2346
misp-core-1     | 2024-08-19 10:00:24,598 INFO spawned: 'cache_00' with pid 2351
misp-core-1     | 2024-08-19 10:00:24,599 INFO spawned: 'cache_01' with pid 2362
misp-core-1     | 2024-08-19 10:00:24,601 INFO spawned: 'cache_02' with pid 2367
misp-core-1     | 2024-08-19 10:00:24,602 INFO spawned: 'cache_03' with pid 2371
misp-core-1     | 2024-08-19 10:00:24,603 INFO spawned: 'cache_04' with pid 2374
misp-core-1     | 2024-08-19 10:00:24,605 INFO spawned: 'prio_00' with pid 2379
misp-core-1     | 2024-08-19 10:00:24,611 INFO spawned: 'prio_01' with pid 2390
misp-core-1     | 2024-08-19 10:00:24,612 INFO spawned: 'prio_02' with pid 2391
misp-core-1     | 2024-08-19 10:00:24,614 INFO spawned: 'prio_03' with pid 2392
misp-core-1     | 2024-08-19 10:00:24,615 INFO spawned: 'prio_04' with pid 2395
misp-core-1     | 2024-08-19 10:00:24,616 INFO spawned: 'update_00' with pid 2398
misp-core-1     | 2024-08-19 10:00:24,699 WARN exited: email_02 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:24,705 WARN exited: default_01 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:24,706 WARN exited: cache_03 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:24,718 WARN exited: default_03 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:24,731 WARN exited: default_02 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:24,747 WARN exited: default_00 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:24,747 WARN exited: email_00 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:24,753 WARN exited: email_01 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:24,761 WARN exited: cache_00 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:24,767 WARN exited: cache_04 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:24,777 WARN exited: default_04 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:24,777 WARN exited: prio_01 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:24,789 WARN exited: email_03 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:24,789 WARN exited: prio_00 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:24,794 WARN exited: prio_02 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:24,802 WARN exited: cache_02 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:24,807 WARN exited: email_04 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:24,832 WARN exited: cache_01 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:24,832 WARN exited: prio_03 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:24,832 WARN exited: prio_04 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:25,835 INFO spawned: 'default_00' with pid 2481
misp-core-1     | 2024-08-19 10:00:25,837 INFO spawned: 'default_01' with pid 2482
misp-core-1     | 2024-08-19 10:00:25,838 INFO spawned: 'default_02' with pid 2483
misp-core-1     | 2024-08-19 10:00:25,839 INFO spawned: 'default_03' with pid 2484
misp-core-1     | 2024-08-19 10:00:25,840 INFO spawned: 'default_04' with pid 2485
misp-core-1     | 2024-08-19 10:00:25,842 INFO spawned: 'email_00' with pid 2487
misp-core-1     | 2024-08-19 10:00:25,843 INFO spawned: 'email_01' with pid 2491
misp-core-1     | 2024-08-19 10:00:25,844 INFO spawned: 'email_02' with pid 2494
misp-core-1     | 2024-08-19 10:00:25,845 INFO spawned: 'email_03' with pid 2499
misp-core-1     | 2024-08-19 10:00:25,846 INFO spawned: 'email_04' with pid 2505
misp-core-1     | 2024-08-19 10:00:25,847 INFO spawned: 'cache_00' with pid 2512
misp-core-1     | 2024-08-19 10:00:25,848 INFO spawned: 'cache_01' with pid 2519
misp-core-1     | 2024-08-19 10:00:25,849 INFO spawned: 'cache_02' with pid 2524
misp-core-1     | 2024-08-19 10:00:25,850 INFO spawned: 'cache_03' with pid 2529
misp-core-1     | 2024-08-19 10:00:25,852 INFO spawned: 'cache_04' with pid 2532
misp-core-1     | 2024-08-19 10:00:25,853 INFO spawned: 'prio_00' with pid 2536
misp-core-1     | 2024-08-19 10:00:25,854 INFO spawned: 'prio_01' with pid 2540
misp-core-1     | 2024-08-19 10:00:25,855 INFO spawned: 'prio_02' with pid 2546
misp-core-1     | 2024-08-19 10:00:25,856 INFO spawned: 'prio_03' with pid 2548
misp-core-1     | 2024-08-19 10:00:25,857 INFO spawned: 'prio_04' with pid 2550
misp-core-1     | 2024-08-19 10:00:25,857 INFO success: update_00 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1     | 2024-08-19 10:00:25,857 WARN exited: update_00 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:25,879 INFO spawned: 'update_00' with pid 2596
misp-core-1     | 2024-08-19 10:00:25,930 WARN exited: default_00 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:25,930 WARN exited: default_02 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:25,950 WARN exited: default_03 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:25,970 WARN exited: email_02 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:25,996 WARN exited: default_01 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:25,996 WARN exited: email_00 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:26,001 WARN exited: email_01 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:26,020 WARN exited: default_04 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:26,020 WARN exited: email_03 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:26,020 WARN exited: cache_00 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:26,020 WARN exited: prio_03 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:26,031 WARN exited: cache_04 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:26,031 WARN exited: prio_04 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:26,043 WARN exited: email_04 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:26,043 WARN exited: update_00 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:26,049 WARN exited: cache_02 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:26,055 WARN exited: cache_03 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:26,072 WARN exited: prio_00 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:26,072 WARN exited: prio_01 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:27,076 INFO success: cache_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1     | 2024-08-19 10:00:27,076 INFO success: prio_02 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1     | 2024-08-19 10:00:27,077 INFO spawned: 'update_00' with pid 2656
misp-core-1     | 2024-08-19 10:00:27,077 WARN exited: cache_01 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:27,077 WARN exited: prio_02 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:27,079 INFO spawned: 'cache_01' with pid 2657
misp-core-1     | 2024-08-19 10:00:27,080 INFO spawned: 'prio_02' with pid 2658
misp-core-1     | misp-workers:default_00: ERROR (spawn error)
misp-core-1     | misp-workers:default_01: ERROR (spawn error)
misp-core-1     | misp-workers:default_02: ERROR (spawn error)
misp-core-1     | misp-workers:default_03: ERROR (spawn error)
misp-core-1     | misp-workers:email_00: ERROR (spawn error)
misp-core-1     | misp-workers:email_02: ERROR (spawn error)
misp-core-1     | misp-workers:cache_03: ERROR (spawn error)
misp-core-1     | misp-workers:default_04: ERROR (spawn error)
misp-core-1     | misp-workers:email_01: ERROR (spawn error)
misp-core-1     | misp-workers:email_03: ERROR (spawn error)
misp-core-1     | misp-workers:cache_00: ERROR (spawn error)
misp-core-1     | misp-workers:cache_02: ERROR (spawn error)
misp-core-1     | misp-workers:cache_04: ERROR (spawn error)
misp-core-1     | misp-workers:prio_00: ERROR (spawn error)
misp-core-1     | misp-workers:prio_01: ERROR (spawn error)
misp-core-1     | misp-workers:prio_02: ERROR (spawn error)
misp-core-1     | misp-workers:update_00: ERROR (spawn error)
misp-core-1     | misp-workers:prio_03: ERROR (spawn error)
misp-core-1     | misp-workers:prio_04: ERROR (spawn error)
misp-core-1     | misp-workers:email_04: ERROR (spawn error)
misp-core-1     | misp-workers:cache_01: ERROR (spawn error)
misp-core-1     | MISP | Configure GPG key ...
misp-core-1     | ... found pre-generated GPG key in /var/www/MISP/.gnupg
misp-core-1     | ... exporting GPG key
misp-core-1     | ... enforcing env var settings
misp-core-1     | 2024-08-19 10:00:27,158 WARN exited: update_00 (exit status 1; not expected)
misp-core-1     | Enforcing gpg setting 'GnuPG.email' to env var or default value '[email protected]'...
misp-core-1     | 2024-08-19 10:00:27,168 WARN exited: cache_01 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:27,168 WARN exited: prio_02 (exit status 1; not expected)
misp-core-1     | Enforcing gpg setting 'GnuPG.homedir' to env var or default value '/var/www/MISP/.gnupg'...
misp-core-1     | Enforcing gpg setting 'GnuPG.password' to env var or default value '4f763415fbfc568f8bfa06399f0ef0db0a0f234d286d1bb1db1a359618d8ca39'...
misp-core-1     | ... checking for unset default settings
misp-core-1     | MISP | Init default user and organization ...
misp-core-1     | ERROR 1142 (42000) at line 1: UPDATE command denied to user 'cti'@'10.201.3.5' for table `misp`.`users`
misp-core-1     | ERROR 1142 (42000) at line 1: UPDATE command denied to user 'cti'@'10.201.3.5' for table `misp`.`organisations`
misp-core-1     | ... admin user key auto generation disabled
misp-core-1     | ... setting admin password skipped
misp-core-1     | ERROR 1142 (42000) at line 1: UPDATE command denied to user 'cti'@'10.201.3.5' for table `misp`.`users`
misp-core-1     | MISP | Resolve critical issues ...
misp-core-1     | ... enforcing env var settings
misp-core-1     | Enforcing critical setting 'MISP.external_baseurl' to env var or default value 'https://debsbrdcti01.hzt-fi.prod.esbard.lan'...
misp-core-1     | Enforcing critical setting 'Security.rest_client_baseurl' to env var or default value 'https://debsbrdcti01.hzt-fi.prod.esbard.lan'...
misp-core-1     | 2024-08-19 10:00:28,051 INFO spawned: 'default_00' with pid 2804
misp-core-1     | 2024-08-19 10:00:28,052 INFO spawned: 'default_01' with pid 2805
misp-core-1     | 2024-08-19 10:00:28,053 INFO spawned: 'default_02' with pid 2806
misp-core-1     | 2024-08-19 10:00:28,055 INFO spawned: 'default_03' with pid 2808
misp-core-1     | 2024-08-19 10:00:28,056 INFO spawned: 'default_04' with pid 2809
misp-core-1     | 2024-08-19 10:00:28,057 INFO spawned: 'email_00' with pid 2811
misp-core-1     | 2024-08-19 10:00:28,058 INFO spawned: 'email_01' with pid 2817
misp-core-1     | 2024-08-19 10:00:28,059 INFO spawned: 'email_02' with pid 2822
misp-core-1     | 2024-08-19 10:00:28,060 INFO spawned: 'email_03' with pid 2828
misp-core-1     | 2024-08-19 10:00:28,062 INFO spawned: 'email_04' with pid 2833
misp-core-1     | 2024-08-19 10:00:28,063 INFO spawned: 'cache_00' with pid 2843
misp-core-1     | 2024-08-19 10:00:28,064 INFO spawned: 'cache_02' with pid 2850
misp-core-1     | 2024-08-19 10:00:28,065 INFO spawned: 'cache_03' with pid 2854
misp-core-1     | 2024-08-19 10:00:28,066 INFO spawned: 'cache_04' with pid 2858
misp-core-1     | 2024-08-19 10:00:28,067 INFO spawned: 'prio_03' with pid 2862
misp-core-1     | 2024-08-19 10:00:28,069 INFO spawned: 'prio_04' with pid 2863
misp-core-1     | 2024-08-19 10:00:28,130 INFO spawned: 'prio_00' with pid 2929
misp-core-1     | 2024-08-19 10:00:28,131 INFO spawned: 'prio_01' with pid 2930
misp-core-1     | 2024-08-19 10:00:28,141 WARN exited: default_00 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:28,162 WARN exited: default_03 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:28,187 INFO spawned: 'cache_01' with pid 2946
misp-core-1     | 2024-08-19 10:00:28,189 INFO spawned: 'prio_02' with pid 2948
misp-core-1     | 2024-08-19 10:00:28,189 WARN exited: default_04 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:28,189 WARN exited: prio_04 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:28,205 WARN exited: default_01 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:28,205 WARN exited: cache_03 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:28,211 WARN exited: email_00 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:28,211 WARN exited: email_01 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:28,222 WARN exited: cache_00 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:28,223 WARN exited: prio_03 (exit status 1; not expected)
misp-core-1     | ... checking for unset default settings
misp-core-1     | 2024-08-19 10:00:28,229 WARN exited: default_02 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:28,229 WARN exited: email_02 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:28,233 WARN exited: email_04 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:28,241 WARN exited: cache_02 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:28,276 WARN exited: email_03 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:28,294 WARN exited: cache_04 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:28,294 WARN exited: prio_00 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:28,299 WARN exited: prio_02 (exit status 1; not expected)
misp-core-1     | Updating unset critical setting 'Security.auth' to 'Array()'...
misp-core-1     | 2024-08-19 10:00:28,904 WARN exited: prio_01 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:28,905 WARN exited: cache_01 (exit status 1; not expected)
misp-core-1     | MISP | Resolve non-critical issues ...
misp-core-1     | ... checking for unset default settings
misp-core-1     | Updating unset optional setting 'MISP.welcome_text_bottom' to ''...
misp-core-1     | 2024-08-19 10:00:29,357 INFO spawned: 'update_00' with pid 3134
misp-core-1     | Updating unset optional setting 'MISP.welcome_text_top' to ''...
misp-core-1     | 2024-08-19 10:00:29,560 WARN exited: update_00 (exit status 1; not expected)
misp-core-1     | MISP | Create sync servers ...
misp-core-1     | ... admin key auto configuration is required to configure sync servers
misp-core-1     | MISP | Update components ...
misp-core-1     | Galaxies updated
misp-core-1     | All taxonomies are up to date already.
misp-core-1     | 2024-08-19 10:00:30,319 INFO spawned: 'prio_02' with pid 3219
misp-core-1     | 0 warninglists updated, 0 fails
misp-core-1     | 2024-08-19 10:00:30,528 WARN exited: prio_02 (exit status 1; not expected)
misp-core-1     | Notice lists updated
misp-core-1     | All object templates are up to date already.
misp-core-1     | MISP | Set Up OIDC ...
misp-core-1     | ... OIDC authentication disabled
misp-core-1     | MISP | Set Up LDAP ...
misp-core-1     | ... LDAP authentication disabled
misp-core-1     | MISP | Set Up AAD ...
misp-core-1     | ... Entra (AzureAD) authentication disabled
misp-core-1     | MISP | Set Up Proxy ...
misp-core-1     | ... Proxy disabled
misp-core-1     | MISP | Mark instance live
misp-core-1     | Redis is not reachable.
misp-core-1     | Set live status in PHP config file.
misp-core-1     | MISP is now live. Users can now log in.
misp-core-1     | 2024-08-19 10:00:31,904 INFO spawned: 'default_00' with pid 3270
misp-core-1     | 2024-08-19 10:00:31,905 INFO spawned: 'default_01' with pid 3271
misp-core-1     | 2024-08-19 10:00:31,906 INFO spawned: 'default_02' with pid 3272
misp-core-1     | 2024-08-19 10:00:31,907 INFO spawned: 'default_03' with pid 3273
misp-core-1     | 2024-08-19 10:00:31,909 INFO spawned: 'default_04' with pid 3274
misp-core-1     | 2024-08-19 10:00:31,910 INFO spawned: 'email_00' with pid 3277
misp-core-1     | 2024-08-19 10:00:31,911 INFO spawned: 'email_01' with pid 3280
misp-core-1     | 2024-08-19 10:00:31,913 INFO spawned: 'email_02' with pid 3286
misp-core-1     | 2024-08-19 10:00:31,914 INFO spawned: 'email_03' with pid 3291
misp-core-1     | 2024-08-19 10:00:31,915 INFO spawned: 'email_04' with pid 3301
misp-core-1     | 2024-08-19 10:00:31,916 INFO spawned: 'cache_00' with pid 3309
misp-core-1     | 2024-08-19 10:00:31,917 INFO spawned: 'cache_01' with pid 3315
misp-core-1     | 2024-08-19 10:00:31,919 INFO spawned: 'cache_02' with pid 3318
misp-core-1     | 2024-08-19 10:00:31,920 INFO spawned: 'cache_03' with pid 3323
misp-core-1     | 2024-08-19 10:00:31,921 INFO spawned: 'cache_04' with pid 3325
misp-core-1     | 2024-08-19 10:00:31,924 INFO spawned: 'prio_00' with pid 3328
misp-core-1     | 2024-08-19 10:00:31,926 INFO spawned: 'prio_01' with pid 3329
misp-core-1     | 2024-08-19 10:00:31,927 INFO spawned: 'prio_03' with pid 3333
misp-core-1     | 2024-08-19 10:00:31,928 INFO spawned: 'prio_04' with pid 3335
misp-core-1     | 2024-08-19 10:00:31,995 WARN exited: default_00 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:31,995 WARN exited: default_01 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:31,995 WARN exited: default_02 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:31,995 INFO gave up: default_00 entered FATAL state, too many start retries too quickly
misp-core-1     | 2024-08-19 10:00:31,995 INFO gave up: default_01 entered FATAL state, too many start retries too quickly
misp-core-1     | 2024-08-19 10:00:31,995 INFO gave up: default_02 entered FATAL state, too many start retries too quickly
misp-core-1     | 2024-08-19 10:00:32,016 WARN exited: default_03 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:32,016 WARN exited: default_04 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:32,016 INFO gave up: default_03 entered FATAL state, too many start retries too quickly
misp-core-1     | 2024-08-19 10:00:32,016 INFO gave up: default_04 entered FATAL state, too many start retries too quickly
misp-core-1     | 2024-08-19 10:00:32,042 WARN exited: email_03 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:32,042 INFO gave up: email_03 entered FATAL state, too many start retries too quickly
misp-core-1     | 2024-08-19 10:00:32,047 WARN exited: prio_04 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:32,047 INFO gave up: prio_04 entered FATAL state, too many start retries too quickly
misp-core-1     | 2024-08-19 10:00:32,053 WARN exited: prio_03 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:32,053 INFO gave up: prio_03 entered FATAL state, too many start retries too quickly
misp-core-1     | 2024-08-19 10:00:32,075 WARN exited: email_00 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:32,076 INFO gave up: email_00 entered FATAL state, too many start retries too quickly
misp-core-1     | 2024-08-19 10:00:32,086 WARN exited: email_02 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:32,086 WARN exited: email_04 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:32,086 WARN exited: prio_01 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:32,086 INFO gave up: email_02 entered FATAL state, too many start retries too quickly
misp-core-1     | 2024-08-19 10:00:32,086 INFO gave up: email_04 entered FATAL state, too many start retries too quickly
misp-core-1     | 2024-08-19 10:00:32,086 INFO gave up: prio_01 entered FATAL state, too many start retries too quickly
misp-core-1     | 2024-08-19 10:00:32,100 WARN exited: email_01 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:32,100 WARN exited: cache_00 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:32,100 INFO gave up: email_01 entered FATAL state, too many start retries too quickly
misp-core-1     | 2024-08-19 10:00:32,100 INFO gave up: cache_00 entered FATAL state, too many start retries too quickly
misp-core-1     | 2024-08-19 10:00:32,109 WARN exited: cache_03 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:32,109 WARN exited: prio_00 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:32,109 INFO gave up: cache_03 entered FATAL state, too many start retries too quickly
misp-core-1     | 2024-08-19 10:00:32,109 INFO gave up: prio_00 entered FATAL state, too many start retries too quickly
misp-core-1     | 2024-08-19 10:00:33,115 INFO success: cache_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1     | 2024-08-19 10:00:33,115 INFO success: cache_02 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1     | 2024-08-19 10:00:33,115 INFO success: cache_04 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1     | 2024-08-19 10:00:33,117 INFO spawned: 'update_00' with pid 3429
misp-core-1     | 2024-08-19 10:00:33,117 WARN exited: cache_01 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:33,117 WARN exited: cache_02 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:33,117 WARN exited: cache_04 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:33,189 INFO spawned: 'cache_01' with pid 3437
misp-core-1     | 2024-08-19 10:00:33,191 INFO spawned: 'cache_02' with pid 3438
misp-core-1     | 2024-08-19 10:00:33,192 INFO spawned: 'cache_04' with pid 3439
misp-core-1     | 2024-08-19 10:00:33,264 WARN exited: update_00 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:33,264 INFO gave up: update_00 entered FATAL state, too many start retries too quickly
misp-core-1     | 2024-08-19 10:00:34,268 INFO success: cache_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1     | 2024-08-19 10:00:34,268 INFO success: cache_02 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1     | 2024-08-19 10:00:34,268 INFO success: cache_04 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1     | 2024-08-19 10:00:34,270 INFO spawned: 'prio_02' with pid 3461
misp-core-1     | 2024-08-19 10:00:34,270 WARN exited: cache_01 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:34,270 WARN exited: cache_02 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:34,270 WARN exited: cache_04 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:34,343 INFO spawned: 'cache_01' with pid 3469
misp-core-1     | 2024-08-19 10:00:34,344 INFO spawned: 'cache_02' with pid 3470
misp-core-1     | 2024-08-19 10:00:34,345 INFO spawned: 'cache_04' with pid 3471
misp-core-1     | 2024-08-19 10:00:34,346 WARN exited: prio_02 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:34,416 INFO gave up: prio_02 entered FATAL state, too many start retries too quickly
misp-core-1     | 2024-08-19 10:00:35,419 INFO success: cache_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1     | 2024-08-19 10:00:35,419 INFO success: cache_02 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1     | 2024-08-19 10:00:35,419 INFO success: cache_04 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1     | 2024-08-19 10:00:35,420 WARN exited: cache_01 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:35,420 WARN exited: cache_02 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:35,420 WARN exited: cache_04 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:36,422 INFO spawned: 'cache_01' with pid 3500
misp-core-1     | 2024-08-19 10:00:36,423 INFO spawned: 'cache_02' with pid 3501
misp-core-1     | 2024-08-19 10:00:36,424 INFO spawned: 'cache_04' with pid 3502
misp-core-1     | 2024-08-19 10:00:37,499 INFO success: cache_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1     | 2024-08-19 10:00:37,499 INFO success: cache_02 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1     | 2024-08-19 10:00:37,499 INFO success: cache_04 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1     | 2024-08-19 10:00:37,499 WARN exited: cache_01 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:37,499 WARN exited: cache_02 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:37,499 WARN exited: cache_04 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:38,501 INFO spawned: 'cache_01' with pid 3531
misp-core-1     | 2024-08-19 10:00:38,503 INFO spawned: 'cache_02' with pid 3532
misp-core-1     | 2024-08-19 10:00:38,504 INFO spawned: 'cache_04' with pid 3533
misp-core-1     | 2024-08-19 10:00:39,578 INFO success: cache_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1     | 2024-08-19 10:00:39,578 INFO success: cache_02 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1     | 2024-08-19 10:00:39,578 INFO success: cache_04 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1     | 2024-08-19 10:00:39,578 WARN exited: cache_01 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:39,578 WARN exited: cache_02 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:39,578 WARN exited: cache_04 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:40,581 INFO spawned: 'cache_01' with pid 3562
misp-core-1     | 2024-08-19 10:00:40,582 INFO spawned: 'cache_02' with pid 3563
misp-core-1     | 2024-08-19 10:00:40,583 INFO spawned: 'cache_04' with pid 3564
misp-core-1     | 2024-08-19 10:00:41,658 INFO success: cache_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1     | 2024-08-19 10:00:41,658 INFO success: cache_02 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1     | 2024-08-19 10:00:41,658 INFO success: cache_04 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1     | 2024-08-19 10:00:41,658 WARN exited: cache_01 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:41,658 WARN exited: cache_02 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:41,658 WARN exited: cache_04 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:42,661 INFO spawned: 'cache_01' with pid 3593
misp-core-1     | 2024-08-19 10:00:42,662 INFO spawned: 'cache_02' with pid 3594
misp-core-1     | 2024-08-19 10:00:42,663 INFO spawned: 'cache_04' with pid 3595
misp-core-1     | 2024-08-19 10:00:43,738 INFO success: cache_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1     | 2024-08-19 10:00:43,738 INFO success: cache_02 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1     | 2024-08-19 10:00:43,738 INFO success: cache_04 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1     | 2024-08-19 10:00:43,738 WARN exited: cache_01 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:43,738 WARN exited: cache_02 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:43,738 WARN exited: cache_04 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:44,740 INFO spawned: 'cache_01' with pid 3624
misp-core-1     | 2024-08-19 10:00:44,742 INFO spawned: 'cache_02' with pid 3625
misp-core-1     | 2024-08-19 10:00:44,743 INFO spawned: 'cache_04' with pid 3626
misp-core-1     | 2024-08-19 10:00:45,817 INFO success: cache_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1     | 2024-08-19 10:00:45,817 INFO success: cache_02 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1     | 2024-08-19 10:00:45,817 INFO success: cache_04 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1     | 2024-08-19 10:00:45,817 WARN exited: cache_01 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:45,817 WARN exited: cache_02 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:45,817 WARN exited: cache_04 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:46,820 INFO spawned: 'cache_01' with pid 3655
misp-core-1     | 2024-08-19 10:00:46,821 INFO spawned: 'cache_02' with pid 3656
misp-core-1     | 2024-08-19 10:00:46,822 INFO spawned: 'cache_04' with pid 3657
misp-core-1     | 2024-08-19 10:00:47,896 INFO success: cache_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1     | 2024-08-19 10:00:47,896 INFO success: cache_02 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1     | 2024-08-19 10:00:47,896 INFO success: cache_04 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1     | 2024-08-19 10:00:47,896 WARN exited: cache_01 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:47,896 WARN exited: cache_02 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:47,896 WARN exited: cache_04 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:48,898 INFO spawned: 'cache_01' with pid 3686
misp-core-1     | 2024-08-19 10:00:48,900 INFO spawned: 'cache_02' with pid 3687
misp-core-1     | 2024-08-19 10:00:48,901 INFO spawned: 'cache_04' with pid 3688
misp-core-1     | 2024-08-19 10:00:49,975 INFO success: cache_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1     | 2024-08-19 10:00:49,975 INFO success: cache_02 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1     | 2024-08-19 10:00:49,975 INFO success: cache_04 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
misp-core-1     | 2024-08-19 10:00:49,975 WARN exited: cache_01 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:49,975 WARN exited: cache_02 (exit status 1; not expected)
misp-core-1     | 2024-08-19 10:00:49,975 WARN exited: cache_04 (exit status 1; not expected)

clopmz · 2024-08-19T10:26:18Z

Attached worker logs.
worker-logs.tar.gz

joe-speedboat · 2024-08-21T06:04:06Z

Hi, I observed same errors. Fresh install with podman and rocky9:
git clone, podman-compose pull, podman-compose up ->
misp-core-1 | xxx WARN exited: xx_yy (exit status 1; not expected)
v2.4.194 and earlier was working as expected.
I even started v2.4.195 images (pull, not compile) with config from v2.4.194 and v2.4.193, they start as expected.
It must be something, that cam in with docker-compose.yml or .env ... but didnt dig in.

ostefano · 2024-08-21T07:14:19Z

@joe-speedboat are you using system_db_settings? Can you try to build and run branch "redis"?

joe-speedboat · 2024-08-21T08:19:32Z

@joe-speedboat are you using system_db_settings? Can you try to build and run branch "redis"?
Sorry I am not compiling, this is not our focus and I am short of time.
but here are my latest setup notes and observations, I can confirm it is working again with latest docker images ( tag:3fbf7bf ).
This are my exact setup notes, on top of a fresh deployment of recent rocky9 minimal setup.
I hope this helps, thanks

PROJEKT: misp-notes

OWNER: chris
VERSION: 20240821

TODO

selinux enforcement
create systemd service for podman-compose
configure redis volume properly

disable selinux (need work)

sed -i 's/^SELINUX=.*/SELINUX=permissive/' /etc/selinux/config
grep ^SELINUX= /etc/selinux/config
   SELINUX=permissive
setenforce 0

Firewall Setup

dnf -y install firewalld
systemctl is-enabled firewalld
systemctl restart firewalld
firewall-cmd --add-service https --permanent
systemctl restart firewalld

Podman Setup

dnf -y install epel-release
dnf -y install podman-compose podman skopeo

sed -i.bak 's/^unqualified-search-registries .*/unqualified-search-registries = [\"docker.io\"]/' /etc/containers/registries.conf
systemctl enable podman
systemctl restart podman

Podman default network configuration

# create custom config
echo '# custom podman default networking
[network]
default_network = "podman"
default_subnet = "192.168.223.0/24"
default_subnet_pools = [{"base" = "192.168.224.0/20", "size" = 24}]
' >> /etc/containers/containers.conf
restorecon -FRv /etc/containers/containers.conf

systemctl restart podman
systemctl status podman

Podman default network configuration testing (optional)

mkdir /srv/compose-test
echo '
version: '3.8'

services:
  busybox:
    image: busybox
    command: sleep 3600
' > /srv/compose-test/docker-compose.yml

cd /srv/compose-test
podman-compose up

podman network ls
podman network inspect podman
podman network inspect compose-test_default

cleanup and start over (optional for devel)

podman network rm misp-containers_default
podman network ls
podman network rm podman
podman system prune --volumes
podman rmi --all

rm /etc/systemd/system/docker-misp.service
rm -rf /srv/misp* /srv/git*

Start the fresh configuration

sed -i.bak 's/^unqualified-search-registries .*/unqualified-search-registries = [\"docker.io\"]/' /etc/containers/registries.conf
cd /srv

genpasswd() {
        local l=$1
        [ "$l" == "" ] && l=20
        tr -dc A-Za-z0-9_ < /dev/urandom | head -c ${l} | xargs
}

mkdir /srv/git /srv/misp-containers /srv/misp-volumes
cd /srv/git
git clone https://github.com/MISP/misp-docker.git
cd /srv/git/misp-docker
cp -av docker-compose.yml /srv/misp-containers
cp -av template.env /srv/misp-containers/.env
cd /srv/misp-containers

# adjust tag-version in .env file if needed
grep _TAG= .env 
	CORE_TAG=v2.4.195
	MODULES_TAG=v2.4.195

# replace latest with tags, due we dont want to complile and bind specific docker pull version
sed -i 's/misp-core:latest/misp-core:${CORE_TAG}/' docker-compose.yml
sed -i 's/misp-modules:latest/misp-modules:${MODULES_TAG}/' docker-compose.yml

# Corporate specific config
DISABLE_IPV6=true
BASE_URL="https://test-misp.fqdn"

sed -i "s|^# DISABLE_IPV6=.*|DISABLE_IPV6=$DISABLE_IPV6|" .env
sed -i "s|^BASE_URL=.*|BASE_URL=\"$BASE_URL\"|" .env

# random passwords
MYSQL_ROOT_PASSWORD=$(genpasswd)
MYSQL_PASSWORD=$(genpasswd)
sed -i "s/# MYSQL_ROOT_PASSWORD=.*/MYSQL_ROOT_PASSWORD=\"$MYSQL_ROOT_PASSWORD\"/" .env
sed -i "s/# MYSQL_PASSWORD=.*/MYSQL_PASSWORD=\"$MYSQL_PASSWORD\"/" .env

# pull docker images

cd /srv/misp-containers
podman-compose pull


# Insert CAP_AUDIT_WRITE to misp-core pod in docker compose file

Sources: 
* https://docs.docker.com/compose/compose-file/05-services/#cap_add
* https://man7.org/linux/man-pages/man7/capabilities.7.html
* https://github.com/pi-hole/docker-pi-hole/issues/1007

```bash

# manual change
vi docker-compose.yml
------------------
...
  misp-core:
    cap_add:
      - CAP_AUDIT_WRITE #Remove "sudo: unable to send audit message" from compose logs
...
-----------------

# on-liner change cap_add-CAP_AUDIT_WRITE
cp -av docker-compose.yml docker-compose.yml.cap
awk '
/misp-core:/ {print; in_misp_core=1; next}
/^[[:space:]]*[^[:space:]]/ && in_misp_core {in_misp_core=0; if (!cap_found) {print "    cap_add:"; print "      - CAP_AUDIT_WRITE"}}
/healthcheck:/ && in_misp_core {if (!cap_found) {print "    cap_add:"; print "      - CAP_AUDIT_WRITE"; cap_found=1} print; next}
/ports:/ && in_misp_core {if (!cap_found) {print "    cap_add:"; print "      - CAP_AUDIT_WRITE"; cap_found=1} print; next}
{print}
' docker-compose.yml > temp.yml && mv -fv temp.yml docker-compose.yml

vimdiff docker-compose.yml docker-compose.yml.cap

update volumes in docker compose file

cd /srv/misp-containers
cp -av docker-compose.yml docker-compose.yml.volumes

# manual way
vim docker-compose.yml
------
volumes:
  mysql_data:
  configs:
  files:
  gnupg:
  logs:
  ssl:
  [...]
  misp-core:
    volumes:
      - configs:/var/www/MISP/app/Config
      - logs:/var/www/MISP/app/tmp/logs
      - files:/var/www/MISP/app/files
      - ssl:/etc/nginx/certs
      - gnupg:/var/www/MISP/.gnupg
  misp-core:
  [...]
    ports:
      #- "80:80" #disable port 80
------

## change misp-core volume settings
sed -i 's|.*\/var/www/MISP/app/Config.*|      - configs:/var/www/MISP/app/Config|' docker-compose.yml
sed -i 's|.*\/var/www/MISP/app/tmp/logs.*|      - logs:/var/www/MISP/app/tmp/logs|' docker-compose.yml
sed -i 's|.*\/var/www/MISP/app/files.*|      - files:/var/www/MISP/app/files|' docker-compose.yml
sed -i 's|.*\/etc/nginx/certs.*|      - ssl:/etc/nginx/certs|' docker-compose.yml
sed -i 's|.*\/var/www/MISP/.gnupg.*|      - gnupg:/var/www/MISP/.gnupg|' docker-compose.yml

## add missing volumes at the end
echo '    configs:
    files:
    gnupg:
    logs:
    ssl:
' >> docker-compose.yml

# remove port 80
sed -i '/80:80/d' docker-compose.yml

# verify changes
vimdiff docker-compose.yml docker-compose.yml.volumes

Create volumes for pods

cd /srv/misp-volumes

for vol in misp-containers_mysql_data misp-containers_configs misp-containers_files misp-containers_gnupg misp-containers_logs misp-containers_ssl
do
echo "------ $vol"
mkdir $vol
podman volume create --opt type=none --opt o=bind --opt device=/srv/misp-volumes/$vol $vol
done

Start compose and wait for finishing message

cd /srv/misp-containers/

podman-compose up

Test setup

[email protected] / admin

https://test-misp.fqdn/servers/serverSettings/diagnostics

DEBUG

REDIS VOLUME

[root@test-misp ~]# podman volume ls
DRIVER      VOLUME NAME
local       misp-containers_mysql_data
local       misp-containers_configs
local       misp-containers_files
local       misp-containers_gnupg
local       misp-containers_logs
local       misp-containers_ssl
local       d0bbfba63dd2719937daf6448ccefeb8fd82b0adc3f529736da0b37e16717763
[root@test-misp ~]# podman inspect misp-containers_redis_1 | grep d0bbfba63dd2719937daf6448ccefeb8fd82b0adc3f529736da0b37e16717763
                    "Name": "d0bbfba63dd2719937daf6448ccefeb8fd82b0adc3f529736da0b37e16717763",
                    "Source": "/var/lib/containers/storage/volumes/d0bbfba63dd2719937daf6448ccefeb8fd82b0adc3f529736da0b37e16717763/_data",
                    "d0bbfba63dd2719937daf6448ccefeb8fd82b0adc3f529736da0b37e16717763:/data:rprivate,rw,nodev,exec,nosuid,rbind"
[root@test-misp ~]# podman exec -it misp-containers_redis_1 df
Filesystem          1K-blocks    Used Available Use% Mounted on
overlay              37823904 5561176  30309144  16% /
tmpfs                   65536       0     65536   0% /dev
/dev/mapper/rl-root  37823904 5561176  30309144  16% /data
tmpfs                 1573304    9224   1564080   1% /etc/hosts
shm                     64000       0     64000   0% /dev/shm
devtmpfs                 4096       0      4096   0% /proc/keys
[root@test-misp ~]# podman exec -it misp-containers_redis_1 "ls -l /data"
Error: crun: executable file `ls -l /data` not found in $PATH: No such file or directory: OCI runtime attempted to invoke a command that was not found
[root@test-misp ~]# podman exec -it misp-containers_redis_1 bash -c "ls -l /data"
total 36
-rw-------. 1 valkey valkey 36265 Aug 21 08:10 dump.rdb
[root@test-misp ~]# ll /var/lib/containers/storage/volumes/d0bbfba63dd2719937daf6448ccefeb8fd82b0adc3f529736da0b37e16717763/_data
total 36
-rw-------. 1 systemd-coredump input 36265 Aug 21 10:10 dump.rdb

ostefano · 2024-08-21T13:27:03Z

New version released.

Make sure to merge docker-compose.yml changes @clopmz

captainfalcon23 · 2024-10-09T02:31:41Z

What is the fix here? Having the same issue with v2.4.198, using official docker images.

ostefano · 2024-10-09T06:50:34Z

What is the fix here? Having the same issue with v2.4.198, using official docker images.

I replied to you in the issue you opened.

ostefano closed this as completed Aug 21, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Error udating to v2.4.195 under Debian 12 #121

Error udating to v2.4.195 under Debian 12 #121

clopmz commented Aug 19, 2024 •

edited

Loading

ostefano commented Aug 19, 2024

clopmz commented Aug 19, 2024

clopmz commented Aug 19, 2024

ostefano commented Aug 19, 2024

ostefano commented Aug 19, 2024

ostefano commented Aug 19, 2024

clopmz commented Aug 19, 2024

ostefano commented Aug 19, 2024

clopmz commented Aug 19, 2024

clopmz commented Aug 19, 2024

ostefano commented Aug 19, 2024

ostefano commented Aug 19, 2024

clopmz commented Aug 19, 2024

clopmz commented Aug 19, 2024

clopmz commented Aug 19, 2024

joe-speedboat commented Aug 21, 2024

ostefano commented Aug 21, 2024

joe-speedboat commented Aug 21, 2024

ostefano commented Aug 21, 2024

captainfalcon23 commented Oct 9, 2024

ostefano commented Oct 9, 2024

Error udating to v2.4.195 under Debian 12 #121

Error udating to v2.4.195 under Debian 12 #121

Comments

clopmz commented Aug 19, 2024 • edited Loading

Build-time variables

PYPY_* vars take precedence over MISP's

PYPI_REDIS_VERSION="==5.0.*"

PYPI_LIEF_VERSION=">=0.13.1"

PYPI_PYDEEP2_VERSION="==0.5.*"

PYPI_PYTHON_MAGIC_VERSION="==0.4.*"

PYPI_MISP_LIB_STIX2_VERSION="==3.0.*"

PYPI_MAEC_VERSION="==4.1.*"

PYPI_MIXBOX_VERSION="==1.0.*"

PYPI_CYBOX_VERSION="==2.1.*"

PYPI_PYMISP_VERSION="==2.4.178"

CORE_COMMIT takes precedence over CORE_TAG

CORE_COMMIT=c56d537

MODULES_COMMIT takes precedence over MODULES_TAG

MODULES_COMMIT=de69ae3

Run-time variables

Email/username for user #1, defaults to MISP's default ([email protected])

name of org #1, default to MISP's default (ORGNAME)

defaults to an automatically generated one

defaults to MISP's default (admin)

defaults to 'passphrase'

defaults to 1 (the admin user)

defaults to 'https://localhost'

store settings in db except those that must stay in config.php. true/false, defaults to false

optional and used by the mail sub-system

optional comma separated list of IDs of syncservers (e.g. SYNCSERVERS=1)

For this to work ADMIN_KEY must be set, or AUTOGEN_ADMIN_KEY must be true (default)

note: if you have more than one syncserver, you need to update docker-compose.yml

optional and used to set mysql db and credentials

MYSQL_HOST=

MYSQL_PORT=

These variables allows overriding some MISP email values.

They all default to ADMIN_EMAIL.

MISP.email, used for notifications. Also used

for GnuPG.email and GPG autogeneration.

MISP.contact, the e-mail address that

MISP should include as a contact address

for the instance's support team.

Enable GPG autogeneration (default true)

AUTOCONF_GPG=true

Enable admin (user #1) API key autogeneration

if ADMIN_KEY is not set above (default true)

AUTOGEN_ADMIN_KEY=true

Disable IPv6 completely

Disable SSL redirect

Enable OIDC authentication, according to https://github.com/MISP/MISP/blob/2.4/app/Plugin/OidcAuth/README.md

OIDC_ENABLE=true

OIDC_PROVIDER_URL=

OIDC_CLIENT_ID=

OIDC_CLIENT_SECRET=

OIDC_ROLES_PROPERTY="roles"

OIDC_ROLES_MAPPING="{"admin": "1"}"

OIDC_DEFAULT_ORG=

Enable LDAP (using the ApacheSecureAuth component) authentication, according to MISP/MISP#6189

NOTE: Once you enable LDAP authentication with the ApacheSecureAuth component, users should not be able to control the HTTP header configured in LDAP_APACHE_ENV (e.g. REMOTE_USER).

This means you must not allow direct access to MISP.

LDAP_ENABLE=true

LDAP_APACHE_ENV="REMOTE_USER"

LDAP_SERVER="ldap://your_domain_controller"

LDAP_STARTTLS=true

LDAP_READER_USER="CN=service_account_name,OU=Users,DC=domain,DC=net"

LDAP_READER_PASSWORD="password"

LDAP_DN="OU=Users,DC=domain,DC=net"

LDAP_SEARCH_FILTER=""

LDAP_SEARCH_ATTRIBUTE="uid"

LDAP_FILTER="["mail", "uid", "cn" ]"

LDAP_DEFAULT_ROLE_ID="3"

LDAP_DEFAULT_ORG="1"

LDAP_EMAIL_FIELD="["mail"]"

LDAP_OPT_PROTOCOL_VERSION="3"

LDAP_OPT_NETWORK_TIMEOUT="-1"

LDAP_OPT_REFERRALS=false

Enable Azure AD (Entra) authentication, according to https://github.com/MISP/MISP/blob/2.4/app/Plugin/AadAuth/README.md

AAD_ENABLE=true

AAD_CLIENT_ID=

AAD_TENANT_ID=

clopmz commented Aug 19, 2024 •

edited

Loading