Problem when launching the tool with Docker-compose up

[ehboudjema]

Describe the bug
I am having the error :

[Errno 2] No such file or directory: '/usr/local/lib/python3.10/site-packages/CveXplore/.env_example'

To Reproduce
Steps to reproduce the behavior:

I cloned the Repo and launched :
docker-compose up

Mongo is filling the database correctly but the web interface is crashing with this error :

cve-search-docker_cve_search_1 exited with code 1 cve_search_1 | Traceback (most recent call last): cve_search_1 | File "/app/web/index.py", line 13, in <module> cve_search_1 | from web.run import create_app cve_search_1 | File "/app/web/../web/run.py", line 6, in <module> cve_search_1 | from CveXplore import CveXplore cve_search_1 | File "/usr/local/lib/python3.10/site-packages/CveXplore/__init__.py", line 1, in <module> cve_search_1 | from CveXplore.main import CveXplore cve_search_1 | File "/usr/local/lib/python3.10/site-packages/CveXplore/main.py", line 16, in <module> cve_search_1 | shutil.copyfile( cve_search_1 | File "/usr/local/lib/python3.10/shutil.py", line 254, in copyfile cve_search_1 | with open(src, 'rb') as fsrc: cve_search_1 | FileNotFoundError: [Errno 2] No such file or directory: '/usr/local/lib/python3.10/site-packages/CveXplore/.env_example'

[timothygwright]

I have the same issue.

[timothygwright]

I added these lines to my install.sh file and it got things up and running.
touch /usr/local/lib/python3.10/site-packages/CveXplore/.env_example echo '{"cwe": "https://cwe.mitre.org/data/xml/cwec_latest.xml.zip", "capec": "https://capec.mitre.org/data/xml/capec_latest.xml", "via4": "https://www.cve-search.org/feeds/via4.json", "epss": "https://epss.cyentia.com/epss_scores-current.csv.gz"}' > /usr/local/lib/python3.10/site-packages/CveXplore/.sources.ini

[P-T-I]

Thank you for reporting; will start to work on a fix asap

[jukedom]

Hi, I have the same issue too.
Thanks for providing a workaround @timothygwright but unfortunately I cannot make it working. The command line you added is in the install.sh from the files/cve_search/install.sh or in another file ?
Thanks

[Cloud-Kid]

Hi all,

I also encounter the same issue, I tried to apply your fix under docker/files/cve_search/install.sh @timothygwright, but it doesn't work : touch: cannot touch '/usr/local/lib/python3.10/site-packages/CveXplore/.env_example'

Note : I'm using podman

I also tried to make sure the entire path exists :

mkdir /usr/local/lib/python3.10/dist-packages/ /usr/local/lib/python3.10/dist-packages/CveXplore/
touch /usr/local/lib/python3.10/site-packages/CveXplore/.env_example
echo '{"cwe": "https://cwe.mitre.org/data/xml/cwec_latest.xml.zip", "capec": "https://capec.mitre.org/data/xml/capec_latest.xml", "via4": "https://www.cve-search.org/feeds/via4.json", "epss": "https://epss.cyentia.com/epss_scores-current.csv.gz"}' > /usr/local/lib/python3.10/site-packages/CveXplore/.sources.ini 

The result :

mkdir: cannot create directory '/usr/local/lib/python3.10/dist-packages/': File exists
mkdir: cannot create directory '/usr/local/lib/python3.10/dist-packages/CveXplore/': File exists
touch: cannot touch '/usr/local/lib/python3.10/site-packages/CveXplore/.env_example': No such file or directory
./install.sh: line 11: /usr/local/lib/python3.10/site-packages/CveXplore/.sources.ini: No such file or directory
Error: building at STEP "RUN ./install.sh": while running runtime: exit status 1

If anyone comes up with a fix, I'll really appreciate it ! I tried building it a week or two ago and and it was working back then.

[P-T-I]

Just taken a look at this issue; but I could build it from scratch without a problem....

[jukedom]

That's interesting. Here's my technical environment on which I have the issue:

• OS: Linux Ubuntu 22.04.3 LTS
• Docker version 25.0.3, build 4debf41
• docker-compose version 1.29.2

[Cloud-Kid]

I tried the whole day to make it work, I just erased everything then started over :

1. I git pulled the project
2. cd into project directory
3. Edited the port to use external port 5000
4. podman-compose up -d
5. Have this error while checking the logs on the cve_search container : FileNotFoundError: [Errno 2] No such file or directory: '/usr/local/lib/python3.10/site-packages/CveXplore/.env_example' and high CPU usage (Trying to restart)

SPECS :

• Red Hat Enterprise Linux release 8.9 (Ootpa) x86_64
• podman version 4.6.1
• podman-compose version 1.0.6

[P-T-I]

@jukedom @Cloud-Kid @timothygwright @ehboudjema I've just updated the requirements from cve-search; could you check if that solves your problem?

[Cloud-Kid]

Hi @P-T-I ,
Thanks for the fix, the containers where able to start correctly, here is the logs for the cve_search container :
2024-02-12 08:56:09,009 - CveXplore.main - INFO - Using mongodb as datasource, connection details: None 2024-02-12 08:56:09,010 - CveXplore.main - WARNING - The use of mongodb_connection_details is deprecated and will be removed in the 0.4 release, please use datasource_connection_details instead 2024-02-12 08:56:09,030 - CveXplore.main - INFO - Initialized CveXplore version: 0.3.23 2024-02-12 08:56:09,095 - lib.Authentication - WARNING - Could not find auth loader file! 2024-02-12 08:56:09,361 - __main__ - INFO - Initializing FlaskAppManager... 2024-02-12 08:56:09,362 - __main__ - INFO - Initialization complete, call the run method to start the app! 2024-02-12 08:56:09,362 - __main__ - INFO - Trying to start the app... 2024-02-12 08:56:09,362 - __main__ - INFO - Running version: e67a91e

So it should be OK, but unfortunately I can't reach the web UI even if :

• The containers are started and seems healthy
• The port is mapped for the cve_search container
• The host is listening on the mapped port (conmon 1149381 root 5u IPv4 508148325 0t0 TCP *:5000 (LISTEN) )

I can't reach the interface using a browser or cURL, even inside the cve_search container : curl: (56) Recv failure: Connection reset by peer

[Cloud-Kid]

My bad,
The fix works !
Now its just an HTTPS error because SSL is enabled by default as you mentioned in #29, is there any way to provide an environement variable to disable HTTPS globally without editing configuration.ini ?
I'd like to make it works using caddy reverse proxy but I'ts harder because of this default configuration.
I let the other tell if it works for them but it seems this issue can be closed.

[jukedom]

Hello, I just tried with the latest version but I confirm I have the same issue. Tried to re build from scratch, but without success. Unless I'm missing something I don't see any update in the requirements from cve_search folder. Any thoughts @P-T-I ? Thanks

[Cloud-Kid]

Hi @jukedom,

Can you try :

1. Deleting the Git clone project
2. Deleting the local builded images
3. docker system prune to remove cache data
4. Coning the project again and starting it

Let me knows how it went for you

[P-T-I]

@Cloud-Kid

is there any way to provide an environment variable to disable HTTPS globally without editing configuration.ini ?

No sorry; there is not; it might be a nice requirement to actually do that; would you say it's only suitable for SSL or would there be other settings as well?

[jukedom]

Thanks @Cloud-Kid I confirm it works now. I was pretty sure I rebuilt the image but apparently it was not enough. Anyway that's ok now

[Cloud-Kid]

@P-T-I Thanks for your quick answer !
I don't know for now I have not used CVE-Search enough to recomends other things to add, but for me te two main elements I would have added to the project are :

• An environment variable in the docker-compose to disable HTTPS globally
• Images automatically published to docker hub and referenced in docker-compose instead of local build