Allow custom install locations (instead of /opt/intelmq) #805

sykaeh · 2016-12-06T16:52:53Z

We would like to install IntelMQ at a different location (not the default /opt/intelmq). Currently, there is no easy way to do this as the path is hard-coded in several places (setup.py and intelmq/__init__.py and in various documentations).

The reason for this is that we would like to allow several developers to have their own instance of IntelMQ on our shared development server.

Is there a reason why the path is hard-coded and it is not configurable? Is there any reason not to make it configurable (I would still keep at it as the default)?

The text was updated successfully, but these errors were encountered:

sebix · 2016-12-06T17:24:08Z

The root path is only in __init__.py, and for installation of data files (configuration etc) in setup.py. In the latter we could import the first one, tough I don't see much advantage in reducing the number of places from two to one.

We could remove the the prefix alltogether and only use the data-path from setuptools: https://docs.python.org/3/distutils/setupscript.html#installing-additional-files

Also note that in packages we only use LSB.

sebix · 2016-12-07T20:25:03Z

Not to forget the setup.cfg, where the data path is actually given.

sykaeh · 2016-12-07T22:14:15Z

What does LSB stand for? I am not familiar with that abbreviation.

I think there are two main issues here:

1. Hard-coded names in the code

Remove any hard-coded paths inside the package itself (i.e. inside the intelmq directory) and make them configurable. IMHO, the code should not depend on certain files being in a specific location without being able to change it.

I have used environment variables in intelmq/__init__.py to be able to configure the locations dynamically and so far it seems to be working well:

ROOT_DIR = os.getenv("INTELMQ_ROOT_DIR", "/opt/intelmq/")
DEFAULT_LOGGING_PATH = "/var/log/"

VAR_RUN_PATH = os.getenv("INTELMQ_RUN_DIR", os.path.join(ROOT_DIR, "var/run/"))

CONFIG_DIR = os.getenv("INTELMQ_CONFIG_DIR", os.path.join(ROOT_DIR, "etc/"))
BOTS_FILE = os.getenv("INTELMQ_BOTS_FILE", os.path.join(CONFIG_DIR, "BOTS"))
DEFAULTS_CONF_FILE = os.path.join(CONFIG_DIR, "defaults.conf")
HARMONIZATION_CONF_FILE = os.path.join(CONFIG_DIR, "harmonization.conf")
PIPELINE_CONF_FILE = os.path.join(CONFIG_DIR, "pipeline.conf")
RUNTIME_CONF_FILE = os.path.join(CONFIG_DIR, "runtime.conf")
STARTUP_CONF_FILE = os.path.join(CONFIG_DIR, "startup.conf")
SYSTEM_CONF_FILE = os.path.join(CONFIG_DIR, "system.conf")

Similarly, I also replaced intelmq/bin/intelmqctl.py#L172 with __version__ imported from intelmq. This way it still retrieves the version number automatically, but does not assume that the package name is intelmq (we have some additions that we cannot make public and thus named the package differently so that it is not confused with the official version).

2. Packaging issues

Packaging the code so that it is easy to use, configurable and works on various systems. This concerns setup.py, setup.cfg and possible other files. To be honest, I do not quite understand how the following are related: package_data in setup(), data_files in setup(), MANIFEST.in and setup.cfg.

In our setup we install intelMQ in a virtual environment and use Ansible to install everything. So for our case, I removed all of DATA from setup.py since most of the files there are just examples anyways and we deploy our configuration files with Ansible.

I understand the desire to configure everything with pip (thus copying examples, creating directories), but I also think that things like that depend on the system and are thus should not necessarily part of the Python package. I currently do not know of a good solution and am happy to hear if anyone has any recommendations or best practices.

Other issues

(related to hard-coded names in the code) intelmqctl and intelmqdump do not use the logging configuration that is specified in defaults.conf. Is there a reason for this? Can we change it so that they do? Currently it just uses DEFAULT_LOGGING_PATH from intelmq/__init__.py. Otherwise there is no way to change it and you are very likely to run into permission problems if you try to install IntelMQ in a different place from /opt/intelmq.
(related to packaging) Why is there a REQUIREMENTS file and why is it not the same as the REQUIRES in setup.py (both the libraries and the versions of the libraries)? In the installation guide it says that the REQUIREMENTS files define a list python packages and versions, which are necessary to run all components of IntelMQ. However that is not true since there are other requirements that are missing (like rt, imbox, stomp).

sebix · 2016-12-08T07:16:22Z

Two quick answers:

LSB stands for Linux Standard Base, see also #470. What I mean here is that for installations with packages (the RPMs are quite mature, the debs are still unstable) we should not use /opt, but /var/lib/ /run, /etc and so on.

(related to packaging) Why is there a REQUIREMENTS file and why is it not the same as the REQUIRES in setup.py (both the libraries and the versions of the libraries)?

The requires are absolute requirements, you can't go lower than that. The requirements are recommended, higher versions (as they are better tested, more fixes, ...) and include more 3rd party packages needed by bots.

sebix · 2016-12-08T09:33:34Z

My proposal is to stick to /opt/intelmq in the repository for installations via pypi/pip so we have separated installation for developers environments. For proper installations we packages and use LSB.

Hard-coded names in the code

For packaging I can't use ROOT_DIR, I'd need something like prefix and a postfix.

pip installation:

ROOT_DIR_PRE = '/opt/intelmq'
ROOT_DIR_POST = ''
CONFIG_DIR = os.path.join(ROOT_DIR_PRE, "etc", ROOT_DIR_POST)

package installation:

ROOT_DIR_PRE = '/'
ROOT_DIR_POST = 'intelmq/'
CONFIG_DIR = os.path.join(ROOT_DIR_PRE, "etc", ROOT_DIR_POST)

can be combined with your environment variable proposal, but for sake of simplicity I did not use it here.

I also think the BOTS file should not be placed in a configuration directory, but in the library directory.

(related to hard-coded names in the code) intelmqctl and intelmqdump do not use the logging configuration that is specified in defaults.conf.

Which is a bug. However, they should not fail if it's not (properly) defined.

I think I now addressed everything you raised in your post.

ghost · 2019-11-15T16:34:34Z

It will be possible in 2.2.0 by setting the environment variable INTELMQ_ROOT_DIR

2.2.0 Feature release Dropped support for Python 3.4. ### Core - `__init__`: Changes to the path-handling, see [User Guide, section _/opt and LSB paths_](docs/User-Guide.md#opt-and-lsb-paths) for more information - The environment variable `INTELMQ_ROOT_DIR` can be used to set custom root directories instead of `/opt/intelmq/` (certtools#805) in case of non LSB-path installations. - The environment variable `ROOT_DIR` can be used to set custom root directories instead of `/` (certtools#805) in case of LSB-path installations. - `intelmq.lib.exceptions`: Added `MissingDependencyError` for show error messages about a missing library and how to install it (certtools#1471). - Added optional parameter `installed` to show the installed version. - Added optional parameter `additional_text` to show arbitrary text. - Adding more type annotations for core libraries. - `intelmq.lib.pipeline.Pythonlist.sleep`: Drop deprecated method. - `intelmq.lib.utils`: `write_configuration`: Append a newline at end of configuration/file to allow proper comparisons & diffs. - `intelmq.lib.test`: `BotTestCase` drops privileges upon initialization (certtools#1489). - `intelmq.lib.bot`: - New class `OutputBot`: - Method `export_event` to format/export events according to the parameters given by the user. - `ParserBot`: New methods `parse_json_stream` and `recover_line_json_stream`. - `ParserBot.recover_line_json`: Fix format by adding a list around the line data. - `Bot.send_message`: In debugging log level, the path to which the message is sent is now logged too. ### Bots - Bots with dependencies: Use of `intelmq.lib.exceptions.MissingDependencyError`. #### Collectors - `intelmq.bots.collectors.misp.collector`: Deprecate parameter `misp_verify` in favor of generic parameter `http_verify_cert`. - `intelmq.bots.collectors.tcp.collector`: Drop compatibility with Python 3.4. - `intelmq.bots.collectors.stomp.collector`: - Check the stomp.py version and show an error message if it does not match. - For stomp.py versions `>= 5.0.0` redirect the `stomp.PrintingListener` output to debug logging. - `intelmq.bots.collectors.microsoft.collector_azure`: Support current Python library `azure-storage-blob>= 12.0.0`, configuration is incompatible and needs manual change. See NEWS file and bot's documentation for more details. - `intelmq.bots.collectors.amqp.collector_amqp`: Require `pika` minimum version 1.0. - `intelmq.bots.collectors.github_api.collector_github_contents_api`: Added (PR#1481). #### Parsers - `intelmq.bots.parsers.autoshun.parser`: Drop compatibility with Python 3.4. - `intelmq.bots.parsers.html_table.parser`: Drop compatibility with Python 3.4. - `intelmq.bots.parsers.shadowserver.parser`: Add support for MQTT and Open-IPP feeds (PR#1512, PR#1544). - `intelmq.bots.parsers.taichung.parser`: - Migrate to `ParserBot`. - Also parse geolocation information if available. - `intelmq.bots.parsers.cymru.parser_full_bogons`: - Migrate to `ParserBot`. - Add last updated information in raw. - `intelmq.bots.parsers.anubisnetworks.parser`: Add new parameter `use_malware_familiy_as_classification_identifier`. - `intelmq.bots.parsers.microsoft.parser_ctip`: Compatibility for new CTIP data format used provided by the Azure interface. - `intelmq.bots.parsers.cymru.parser_cap_program`: Support for `openresolver` type. - `intelmq.bots.parsers.github_feed.parser`: Added (PR#1481). - `intelmq.bots.parsers.urlvir.parser`: Removed, as the feed is discontinued (certtools#1537). #### Experts - `intelmq.bots.experts.csv_converter`: Added as converter to CSV. - `intelmq.bots.experts.misp`: Added (PR#1475). - `intelmq.bots.experts.modify`: New parameter `maximum_matches`. #### Outputs - `intelmq.bots.outputs.amqptopic`: - Use `OutputBot` and `export_event`. - Allow formatting the routing key with event data by the new parameter `format_routing_key` (boolean). - `intelmq.bots.outputs.file`: Use `OutputBot` and `export_event`. - `intelmq.bots.outputs.files`: Use `OutputBot` and `export_event`. - `intelmq.bots.outputs.misp.output_feed`: Added, creates a MISP Feed (PR#1473). - `intelmq.bots.outputs.misp.output_api`: Added, pushes to MISP via the API (PR#1506, PR#1536). - `intelmq.bots.outputs.elasticsearch.output`: Dropped ElasticSearch version 5 compatibility, added version 7 compatibility (certtools#1513). ### Documentation - Document usage of the `INTELMQ_ROOT_DIR` environment variable. - Added document on MISP integration possibilities. - Feeds: - Added "Full Bogons IPv6" feed. - Remove discontinued URLVir Feeds (certtools#1537). ### Packaging - `setup.py` do not try to install any data to `/opt/intelmq/` as the behavior is inconsistent on various systems and with `intelmqsetup` we have a tool to create the structure and files anyway. - `debian/rules`: - Provide a blank state file in the package. - Patches: - Updated `fix-intelmq-paths.patch`. ### Tests - Travis: Use `intelmqsetup` here too. - Install required build dependencies for the Debian package build test. - This version is no longer automatically tested on Python `<` 3.5. - Also run the tests on Python 3.8. - Run the Debian packaging tests on Python 3.5 and the code-style test on 3.8. - Added tests for the new bot `intelmq.bots.outputs.misp.output_feed` (certtools#1473). - Added tests for the new bot `intelmq.bots.experts.misp.expert` (certtools#1473). - Added tests for `intelmq.lib.exceptions`. - Added tests for `intelmq.lib.bot.OutputBot` and `intelmq.lib.bot.OutputBot.export_event`. - Added IPv6 tests for `intelmq.bots.parsers.cymru.parser_full_bogons`. - Added tests for `intelmq.lib.bot.ParserBot`'s new methods `parse_json_stream` and `recover_line_json_stream`. - `intelmq.tests.test_conf`: Set encoding to UTF-8 for reading the `feeds.yaml` file. ### Tools - `intelmqctl`: - `upgrade-config`: - Allow setting the state file location with the `--state-file` parameter. - Do not require a second run anymore, if the state file is newly created (certtools#1491). - New parameter `no_backup`/`--no-backup` to skip creation of `.bak` files for state and configuration files. - Only require `psutil` for the `IntelMQProcessManager`, not for process manager independent calls like `upgrade-config` or `check`. - Add new command `debug` to output some information for debugging. Currently implemented: - paths - environment variables - `IntelMQController`: New argument `--no-file-logging` to disable logging to file. - If dropping privileges does not work, `intelmqctl` will now abort (certtools#1489). - `intelmqsetup`: - Add argument parsing and an option to skip setting file ownership, possibly not requiring root permissions. - Call `intelmqctl upgrade-config` and add argument for the state file path (certtools#1491). - `intelmq_generate_misp_objects_templates.py`: Tool to create a MISP object template (certtools#1470). - `intelmqdump`: New parameter `-t` or `--truncate` to optionally give the maximum length of `raw` data to show, 0 for no truncating. ### Contrib - Added `development-tools`. - ElasticSearch: Dropped version 5 compatibility, added version 7 compatibility (certtools#1513). - Malware Name Mapping Downloader: - New parameter `--mwnmp-ignore-adware`. - The parameter `--add-default` supports an optional parameter to define the default value. ### Known issues - Bots started with IntelMQ-Manager stop when the webserver is restarted. (certtools#952). - Corrupt dump files when interrupted during writing (certtools#870).

sebix added architecture component: core feature Indicates new feature requests or new features needs: discussion labels Dec 6, 2016

sebix added this to the v1.1 Feature release milestone Dec 6, 2016

ghost modified the milestones: 1.1.0, 2.0.0 Jun 28, 2018

ghost modified the milestones: 2.0.0, 2.1.0 Apr 10, 2019

ghost self-assigned this Oct 11, 2019

ghost modified the milestones: 2.1.0, 2.2.0 Oct 25, 2019

ghost modified the milestones: 2.2.0, 2.1.2 Nov 15, 2019

ghost closed this as completed in 6b53715 Nov 15, 2019

This issue was closed.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Allow custom install locations (instead of /opt/intelmq) #805

Allow custom install locations (instead of /opt/intelmq) #805

sykaeh commented Dec 6, 2016

sebix commented Dec 6, 2016 •

edited

Loading

sebix commented Dec 7, 2016

sykaeh commented Dec 7, 2016

sebix commented Dec 8, 2016

sebix commented Dec 8, 2016

ghost commented Nov 15, 2019

Allow custom install locations (instead of /opt/intelmq) #805

Allow custom install locations (instead of /opt/intelmq) #805

Comments

sykaeh commented Dec 6, 2016

sebix commented Dec 6, 2016 • edited Loading

sebix commented Dec 7, 2016

sykaeh commented Dec 7, 2016

1. Hard-coded names in the code

2. Packaging issues

Other issues

sebix commented Dec 8, 2016

sebix commented Dec 8, 2016

ghost commented Nov 15, 2019

sebix commented Dec 6, 2016 •

edited

Loading