Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Install fails with permission denied error #22

Closed
ghost opened this issue Apr 23, 2021 · 16 comments
Closed

Install fails with permission denied error #22

ghost opened this issue Apr 23, 2021 · 16 comments

Comments

@ghost
Copy link

ghost commented Apr 23, 2021

Installing pfSense-pkg-zeek...
Updating pfSense-core repository catalogue...
pfSense-core repository is up to date.
Updating pfSense repository catalogue...
pfSense repository is up to date.
All repositories are up to date.
The following 6 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
bash: 5.1.4 [pfSense]
ipsumdump: 1.86 [pfSense]
lbl-cf: 1.2.5 [pfSense]
lbl-hf: 1.9 [pfSense]
pfSense-pkg-zeek: 3.0.6_1 [pfSense]
zeek: 3.0.12_2 [pfSense]

Number of packages to be installed: 6

The process will require 73 MiB more space.
11 MiB to be downloaded.
[1/6] Fetching pfSense-pkg-zeek-3.0.6_1.txz: ... done
[2/6] Fetching zeek-3.0.12_2.txz: .......... done
[3/6] Fetching lbl-hf-1.9.txz: ... done
[4/6] Fetching lbl-cf-1.2.5.txz: . done
[5/6] Fetching bash-5.1.4.txz: .......... done
[6/6] Fetching ipsumdump-1.86.txz: .......... done
Checking integrity... done (0 conflicting)
[1/6] Installing lbl-hf-1.9...
[1/6] Extracting lbl-hf-1.9: ..... done
[2/6] Installing lbl-cf-1.2.5...
[2/6] Extracting lbl-cf-1.2.5: ..... done
[3/6] Installing bash-5.1.4...
[3/6] Extracting bash-5.1.4: .......... done
[4/6] Installing ipsumdump-1.86...
[4/6] Extracting ipsumdump-1.86: ......... done
[5/6] Installing zeek-3.0.12_2...
===> Creating groups.
Creating group 'zeek' with gid '782'.
===> Creating users
Creating user 'zeek' with uid '782'.
[5/6] Extracting zeek-3.0.12_2: .......... done
Traceback (most recent call last):
File "/usr/local/bin/zeekctl", line 810, in
sys.exit(main())
File "/usr/local/bin/zeekctl", line 777, in main
loop = ZeekCtlCmdLoop(ZeekCtl, interactive, cmd)
File "/usr/local/bin/zeekctl", line 25, in init
self.zeekctl = zeekctl_class(ui=self)
File "/usr/local/lib/zeekctl/ZeekControl/zeekctl.py", line 69, in init
self.config = config.Configuration(self.zeekbase, cfgfile, zeekscriptdir, self.ui, state)
File "/usr/local/lib/zeekctl/ZeekControl/config.py", line 70, in init
self.config = self._read_config(cfgfile)
File "/usr/local/lib/zeekctl/ZeekControl/config.py", line 588, in _read_config
with open(fname, "r") as f:
PermissionError: [Errno 13] Permission denied: '/usr/local/etc/zeekctl.cfg'
[6/6] Installing pfSense-pkg-zeek-3.0.6_1...
[6/6] Extracting pfSense-pkg-zeek-3.0.6_1: ......... done
Saving updated package information...
done.
Loading package configuration... done.
Configuring package components...
Loading package instructions...
Custom commands...
Executing custom_php_install_command()...done.
Executing custom_php_resync_config_command()...done.
Menu items... done.
Services... done.
Writing configuration... done.

Message from zeek-3.0.12_2:

--
The rc.d script now honors the zeek_user rc.d variable. To run as
a user other than root (the default) you need to make a few changes.
For example to run as the user zeek, add this to /etc/rc.conf:

zeek_enable="YES"
zeek_user="zeek"

Add this to /etc/devfs.conf:

own     bpf     root:bpf
perm    bpf     0660

And add zeek to the bpf group:

bpf:*:81:zeek

and restart the devfs service:

service devfs restart

or reboot.

If the interface defined in node.cfg is configured for NIC checksum
offloading (the default when this feature is supported by the
hardware) you will want to set ignore_checksums in site/local.zeek:

redef ignore_checksums = T;

=====
Message from pfSense-pkg-zeek-3.0.6_1:

--
Please visit Services > Zeek NSM menu to configure the package.

Cleaning up cache... done.
Success
@shadonet shadonet mentioned this issue Apr 26, 2021
Closed
@shadonet
Copy link
Owner

shadonet commented Apr 26, 2021
edited
Loading

As the log showed the error, it is related to the zeekctl which does not have write permission. And in this case, the zeek package for pfSense will not work too. Related to #23 #24 #25 .
What is your system details?
Check this link for more details https://github.com/zeek/zeekctl#id23.

This was referenced Apr 26, 2021
Closed
Closed
Closed
@ghost
Copy link
Author

ghost commented Apr 26, 2021

What details do you need?
It is a standard PFsense install and I selected the Zeek package and pressed install. If this is a package it should just work by doing that and selecting an interface. If I manually run zeekctl deploy it will start generating log files. But obviously none of that is accessible within the UI. Something is wrong with your installer

@shadonet
Copy link
Owner

What's the version of your pfSense box?

@ghost
Copy link
Author

ghost commented Apr 27, 2021 via email

@mymrrobot
Copy link

What’s the status on this fix? I’m still running into it

@selroc
Copy link

selroc commented Jun 26, 2021 via email

shadonet added a commit that referenced this issue Jun 27, 2021
@shadonet
Fix Zeek service not starting issues #19 #22 #27
7eecc22
@shadonet
Copy link
Owner

It has been fixed now.

@imightbelosthere
Copy link

Nope... Still happens on pfSense 2.5.2.

Checking integrity... done (0 conflicting)
[1/7] Installing lbl-hf-1.9...
[1/7] Extracting lbl-hf-1.9: ..... done
[2/7] Installing lbl-cf-1.2.5...
[2/7] Extracting lbl-cf-1.2.5: ..... done
[3/7] Installing bash-5.1.8...
[3/7] Extracting bash-5.1.8: .......... done
[4/7] Installing ipsumdump-1.86...
[4/7] Extracting ipsumdump-1.86: ......... done
[5/7] Installing py38-sqlite3-3.8.10_7...
[5/7] Extracting py38-sqlite3-3.8.10_7: ........ done
[6/7] Installing zeek-4.0.2...
===> Creating groups.
Using existing group 'zeek'.
===> Creating users
Using existing user 'zeek'.
[6/7] Extracting zeek-4.0.2: .......... done
Traceback (most recent call last):
File "/usr/local/bin/zeekctl", line 814, in
sys.exit(main())
File "/usr/local/bin/zeekctl", line 781, in main
loop = ZeekCtlCmdLoop(ZeekCtl, interactive, cmd)
File "/usr/local/bin/zeekctl", line 29, in init
self.zeekctl = zeekctl_class(ui=self)
File "/usr/local/lib/zeek/python/zeekctl/ZeekControl/zeekctl.py", line 73, in init
self.config = config.Configuration(
File "/usr/local/lib/zeek/python/zeekctl/ZeekControl/config.py", line 73, in init
self.config = self._read_config(cfgfile)
File "/usr/local/lib/zeek/python/zeekctl/ZeekControl/config.py", line 596, in _read_config
with open(fname, "r") as f:
PermissionError: [Errno 13] Permission denied: '/usr/local/etc/zeekctl.cfg'
[7/7] Installing pfSense-pkg-zeek-3.0.6_2...
[7/7] Extracting pfSense-pkg-zeek-3.0.6_2: ......... done
Saving updated package information...
done.
Loading package configuration... done.
Configuring package components...
Loading package instructions...
Custom commands...
Executing custom_php_install_command()...done.
Executing custom_php_resync_config_command()...done.
Menu items... done.
Services... done.
Writing configuration... done.

When configuring zeek through pfSense UI it doesn't affect anything and service doesn't start. I believe it's due to the issue with permissions.

Or perhaps due to the fact that sendmail isn't available on pfSense, as when I try to start the service manually from CLI I get this:

starting zeek ...
creating crash report for previously crashed nodes: zeek
Error: error occurred while trying to send mail: send-mail: /usr/sbin/sendmail not found

@shadonet
Copy link
Owner

shadonet commented Jul 8, 2021

Are you connected as a root user when installing the package?

@imightbelosthere
Copy link

Yes I am.

@shadonet
Copy link
Owner

shadonet commented Jul 8, 2021

What is the version of your pfSense box?

@imightbelosthere
Copy link

What is the version of your pfSense box?

2.5.2 freshly installed

@shadonet
Copy link
Owner

shadonet commented Jul 8, 2021

Okay. I will check.

@iot-operator
Copy link

Still an issue today.

with open(fname, "r") as f:
PermissionError: [Errno 13] Permission denied: '/usr/local/etc/zeekctl.cfg'
[7/7] Installing pfSense-pkg-zeek-3.0.6_3...
[7/7] Extracting pfSense-pkg-zeek-3.0.6_3: ......... done

pfSense-pkg-zeek: 3.0.6.3
zeek: 4.0.2

@ghost
Copy link
Author

ghost commented Sep 16, 2021 via email

@ChardeeMacDennis
Copy link

I've got Zeek running on pfSense 2.5.2 after running into many of the issues described in this thread and others.

  • Make sure "Enable Zeek NSM" is disabled
  • Remote into pfSense with SSH or SCP (System > Advanced > Secure Shell > Enable Secure Shell)
  • If /usr/local/share/zeek/site/local.zeek is missing, copy local.zeek.sample to local.zeek
  • Rename /usr/local/etc/node.cfg to something else (node.config.old)
  • Rename /usr/local/etc/zeekctl.cfg to something else (zeekctl.cfg.old)
  • Go to Services > Zeek NSM > General and click Save
  • Go to Services > Zeek NSM > ZeekControl Config and click Save
  • Go to Services > Zeek NSM > General, check Enable Zeek NSM and click Save

Zeek also uses networks.cfg, but I didn't have to rename it. I'm not sure what the issue is, but the system seems to have problems writing to the files deployed by the package. I initially tried modifying the files permissions, but that didn't have any effect. After renaming the old files and letting the GUI PHP code write new files, I can't see any difference in ownership or permissions.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@ChardeeMacDennis @shadonet @selroc @mymrrobot @iot-operator @imightbelosthere