From c7cb6e5f63b0136ac9abdbbe441c036d5e8eedcc Mon Sep 17 00:00:00 2001 From: marcelosz Date: Sun, 27 Sep 2020 01:14:50 -0300 Subject: [PATCH] Minor fixes for 1.1.1 --- README.md | 2 ++ core/Dockerfile | 7 +++-- core/files/entrypoint.sh | 20 +++++++------- modules/Dockerfile | 57 ++++++++++++++++++++++++++-------------- template.env | 2 +- 5 files changed, 54 insertions(+), 34 deletions(-) diff --git a/README.md b/README.md index caa64cc..d35213f 100644 --- a/README.md +++ b/README.md @@ -49,6 +49,8 @@ $ docker-compose -f docker-compose-build.yml build > Docker Hub builds are based on this logic. See CHANGELOG to check the software versions used in the Docker Hub build release. ## CHANGELOG +### \[1.1.1\] - 2020-09-27 + - Minor issues fixed ### \[1.1.0\] - 2020-09-26 - MISP version updated to v2.4.132 ### \[1.0.1\] - 2020-04-14 diff --git a/core/Dockerfile b/core/Dockerfile index 3fd1d2c..0629285 100644 --- a/core/Dockerfile +++ b/core/Dockerfile @@ -111,6 +111,8 @@ RUN apt-get update && apt-get install -y --no-install-recommends \ php-mysql \ php-redis \ php-gd \ + php-zip \ + php-intl \ # Python Requirements python3 \ python3-setuptools \ @@ -128,7 +130,7 @@ RUN apt-get update && apt-get install -y --no-install-recommends \ postfix \ cron \ logrotate \ - syslog-ng-core \ + rsyslog \ ssdeep \ libfuzzy2 \ mariadb-client \ @@ -209,9 +211,6 @@ RUN rm -rf taxonomies && git clone https://github.com/MISP/misp-taxonomies.git . # COPY files/supervisord.conf /etc/supervisor/conf.d/supervisord.conf -# Modify syslog configuration -RUN sed -i -E 's/^(\s*)system\(\);/\1unix-stream("\/dev\/log");/' /etc/syslog-ng/syslog-ng.conf - # Trigger to perform first boot operations RUN touch /.firstboot.tmp diff --git a/core/files/entrypoint.sh b/core/files/entrypoint.sh index ddd591a..9f028c0 100644 --- a/core/files/entrypoint.sh +++ b/core/files/entrypoint.sh @@ -66,11 +66,11 @@ if [ -r /.firstboot.tmp ]; then exit 1 fi - # Waiting for DB to be ready - while ! mysqladmin ping -h"$MYSQL_HOST" --silent; do - sleep 5 - echo "[-] INFO: Waiting for database to be ready..." - done + # Waiting for DB to be ready + while ! mysqladmin ping -h"$MYSQL_HOST" -u"$MYSQL_ROOT_USER" -p"$MYSQL_ROOT_PASSWORD" --silent; do + sleep 5 + echo "[-] INFO: Waiting for database to be ready..." + done # Set MYSQL_PASSWORD if [ -z "$MYSQL_PASSWORD" ]; then @@ -145,15 +145,15 @@ if [ -r /.firstboot.tmp ]; then echo "[-] INFO: Adjusting other MISP settings..." /var/www/MISP/app/Console/cake Admin setSetting "MISP.python_bin" $(which python3) + /var/www/MISP/app/Console/cake Admin setSetting "Plugin.Enrichment_services_url" "http://misp_modules" /var/www/MISP/app/Console/cake Admin setSetting "Plugin.Enrichment_services_enable" true /var/www/MISP/app/Console/cake Admin setSetting "Plugin.Enrichment_hover_enable" true - /var/www/MISP/app/Console/cake Admin setSetting "Plugin.Enrichment_services_url" "http://misp_modules" - /var/www/MISP/app/Console/cake Admin setSetting "Plugin.Import_services_enable" true /var/www/MISP/app/Console/cake Admin setSetting "Plugin.Import_services_url" "http://misp_modules" + /var/www/MISP/app/Console/cake Admin setSetting "Plugin.Import_services_enable" true - /var/www/MISP/app/Console/cake Admin setSetting "Plugin.Export_services_enable" true /var/www/MISP/app/Console/cake Admin setSetting "Plugin.Export_services_url" "http://misp_modules" + /var/www/MISP/app/Console/cake Admin setSetting "Plugin.Export_services_enable" true /var/www/MISP/app/Console/cake Admin setSetting "Plugin.Cortex_services_enable" false @@ -228,8 +228,8 @@ __WELCOME__ rm -f /.firstboot.tmp fi -# Start syslog-ng, cron and postfix -service syslog-ng start +# Start rsyslog, cron and postfix +service rsyslog start service cron start service postfix start diff --git a/modules/Dockerfile b/modules/Dockerfile index b12b44f..133e01d 100644 --- a/modules/Dockerfile +++ b/modules/Dockerfile @@ -5,26 +5,45 @@ # # Build and Install MISP Modules # -FROM python:3.7-slim-buster +FROM python:3.7-slim-buster as builder ENV DEBIAN_FRONTEND noninteractive ARG MODULES_TAG RUN apt-get update && apt-get install -y --no-install-recommends \ - virtualenv \ - cmake \ - git \ - python3-dev \ - build-essential \ - pkg-config \ - libpoppler-cpp-dev \ - libfuzzy-dev \ - libpq5 libjpeg-dev tesseract-ocr imagemagick libopencv-dev zbar-tools libzbar0 libzbar-dev \ - && apt-get autoremove -y && apt-get clean -y && rm -rf /var/lib/apt/lists/* - -RUN git clone --branch ${MODULES_TAG} --depth 1 https://github.com/MISP/misp-modules.git /opt/misp-modules; - -WORKDIR /opt/misp-modules -RUN pip3 install -I -r REQUIREMENTS -RUN pip3 install . - -ENTRYPOINT [ "misp-modules", "-l", "0.0.0.0"] + cmake \ + git \ + python3-dev \ + python3-pip \ + python3-wheel \ + build-essential \ + pkg-config \ + libpoppler-cpp-dev \ + libfuzzy-dev \ + && apt-get autoremove -y && apt-get clean -y && rm -rf /var/lib/apt/lists/* + +# Build MISP Modules + RUN mkdir /wheel + WORKDIR /srv + + RUN git clone --branch ${MODULES_TAG} --depth 1 https://github.com/MISP/misp-modules.git /srv/misp-modules; \ + cd /srv/misp-modules || exit; sed -i 's/-e //g' REQUIREMENTS; pip3 wheel -r REQUIREMENTS --no-cache-dir -w /wheel/ + + RUN git clone --depth 1 https://github.com/stricaud/faup.git /srv/faup; \ + cd /srv/faup/build || exit; cmake .. && make install; \ + cd /srv/faup/src/lib/bindings/python || exit; pip3 wheel --no-cache-dir -w /wheel/ . + +FROM python:3.7-slim-buster + +RUN apt-get update && apt-get install -y --no-install-recommends \ + libglib2.0-0 \ + libzbar0 \ + libxrender1 \ + libxext6 \ + libpoppler-cpp0v5 \ + && apt-get autoremove -y && apt-get clean -y && rm -rf /var/lib/apt/lists/* + +COPY --from=builder /wheel /wheel +COPY --from=builder /usr/local/lib/libfaupl* /usr/local/lib/ +RUN pip install /wheel/*.whl; ldconfig + +ENTRYPOINT [ "/usr/local/bin/misp-modules", "-l", "0.0.0.0"] diff --git a/template.env b/template.env index f1b3ffc..32465af 100644 --- a/template.env +++ b/template.env @@ -7,7 +7,7 @@ MYSQL_ROOT_PASSWORD=misp MISP_ADMIN_EMAIL=admin@admin.test MISP_ADMIN_PASSPHRASE=admin -MISP_BASEURL=localhost +MISP_BASEURL="http://localhost" POSTFIX_RELAY_HOST=misp_mail TIMEZONE=UTC