Install/upgrade guidance documentation for MariaDB

[ranjan1n]

Hi,

I was trying to upgrade my version Seccubus-2.28.0-69.1, which only had MySql requirements.
While upgrade now it has dependencies for MariaDB. I am running seccubus on CentOS 6.

Is there any install/upgrade documentation, guidance to proceed on this?

rpm -Uvh Seccubus-2.30.2-87.1.noarch.rpm
warning: Seccubus-2.30.2-87.1.noarch.rpm: Header V3 DSA/SHA1 Signature, key ID 3f186157: NOKEY
error: Failed dependencies:
mariadb-server is needed by Seccubus-2.30.2-87.1.noarch

Regards,
-ranjan

[MrSeccubus]

@ranjan1n what OS are you using?
I tried to differentiate between the versions, but is seems that this is done compile time rather then at run time.
Can you try the appropriate version from https://build.opensuse.org/package/show/home:seccubus/Seccubus
It should hav an RPM for your OS there which has the correct dependancy.

[ranjan1n]

Thanks Frank for super quick response. I am using CentOS release 6.9 (Final). I have some good scan data in the MySQL database. Should i go ahead and create a new Seccubus instance on another machine and move the mysql data to the new maria DB database?
Or is there any easy way to upgrade?

[MrSeccubus]

You can either ignore the dependancy the --nodeps switch for your RPM command.

Moving things to a Centos7 box would also work, but I don't want to force you through the upgrade process.

Alternatively if you grab http://download.opensuse.org/repositories/home:/seccubus/CentOS_6/noarch/Seccubus-2.31.4-90.1.noarch.rpm and install that, you should be ok.

I'll see if I can do a release over the weekend that contains both el6 and el7 rpms.

[ranjan1n]

Thanks Frank. The installer link worked for me. I have a query. The seccubus will now use Seccubus.conf.rpmnew and /etc/seccubus/config.xml.rpmnew ...Right? And is the warning at the end any real concern ?

--->  warning: %postun(Seccubus-2.28.0-69.1.noarch) scriptlet failed, exit status 127

>rpm -Uvh Seccubus-2.31.4-90.1.noarch.rpm
warning: Seccubus-2.31.4-90.1.noarch.rpm: Header V3 DSA/SHA1 Signature, key ID 3f186157: NOKEY
Preparing...                ########################################### [100%]
   1:Seccubus               warning: /etc/httpd/conf.d/Seccubus.conf created as /etc/httpd/conf.d/Seccubus.conf.rpmnew
warning: /etc/seccubus/config.xml created as /etc/seccubus/config.xml.rpmnew
########################################### [100%]
################################################################################

After installation, create a database and database user. Populate the db with provided
scripts:

  # mysql << EOF
  create database seccubus;
  grant all privileges on seccubus.* to seccubus@localhost identified by 'seccubus';
  flush privileges;
  EOF

  # mysql -u seccubus -pseccubus seccubus < /opt/seccubus/var/structure_v6.mysql
  # mysql -u seccubus -pseccubus seccubus < /opt/seccubus/var/data_v6.mysql

You can change the db name and username/password, make sure you update
/etc/seccubus/config.xml accordingly

Look for more information on http://www.seccubus.com/documentation/seccubus-v2

Apache on this host now has a configfile /etc/httpd/conf.d/Seccubus.conf
The default config makes Seccubus available on http://localhost/seccubus
(Note: you may have to restart Apache)

################################################################################
Reloading httpd:
/var/tmp/rpm-tmp.AOV3RK: line 2: /usr/sbin/service: No such file or directory
warning: %postun(Seccubus-2.28.0-69.1.noarch) scriptlet failed, exit status 127

[ranjan1n]

I am not sure what configuration changes are changed after upgrade. I am getting the issue "Forbidden
You don't have permission to access /seccubus/seccubus/seccubus.html on this server."

Seccubus site was working for me before upgrade, but now i can see in apache logs that permission issues are there

[Sat Apr 15 00:19:17 2017] [error] [client 10.xx.xx.xx] (13)Permission denied: access to
/seccubus/seccubus/seccubus.html denied

My Seccubus.conf file also looks good. I didn't make any changes. I copied the same seccubus configurations that were working earlier to file Seccubus.conf.rpmnew and restarted apache, but still the permission denied issue.

==================Seccubus.conf==================
Alias /seccubus /opt/seccubus/www
<Location /seccubus>
Order deny,allow
Deny from all
#Allow from 127.0.0.1
Allow from all
Allow from ::1
# Allow from .example.com
AddHandler cgi-script .pl
Options ExecCGI

~

[MrSeccubus]

@ranjan1n the .rpmnew files shouldn;t actually do anything. They are just copies of files that rpm would have put in place for you.

[MrSeccubus]

Seccubs v2.32 now has three differente RPM's for el5, el6 and el7.

[MrSeccubus]

THis is the content you need in /etc/httpd/conf.d/Seccubus.con to allow access from everywhere:

#
# This configuration file maps the Seccubus logs
# into the URL space. By default these results are
# only accessible from the local host.
#
Alias /seccubus /opt/seccubus/www

<Location /seccubus>
    Order deny,allow
    #Deny from all
    #Allow from 127.0.0.1
    #Allow from ::1
    Allow from all
    # Allow from .example.com
    AddHandler cgi-script .pl
    Options ExecCGI
</Location>

[MrSeccubus]

Please confirm if this works so I can close the issue.

[ranjan1n]

Thanks Frank. Yes, issue is resolved. I am closing the issue.