misp-docker
misp-docker copied to clipboard
MISP
Error udating to v2.4.195 under Debian 12
Good morning,
After updating to release v2.4.195, I am seeing a lot of errors in docker-compose logs:
misp-core-1 | MISP is now live. Users can now log in. misp-core-1 | 2024-08-19 09:17:20,942 INFO spawned: 'default_00' with pid 3020 misp-core-1 | 2024-08-19 09:17:20,944 INFO spawned: 'default_01' with pid 3021 misp-core-1 | 2024-08-19 09:17:20,945 INFO spawned: 'default_02' with pid 3022 misp-core-1 | 2024-08-19 09:17:20,946 INFO spawned: 'default_03' with pid 3023 misp-core-1 | 2024-08-19 09:17:20,947 INFO spawned: 'default_04' with pid 3024 misp-core-1 | 2024-08-19 09:17:20,948 INFO spawned: 'email_00' with pid 3026 misp-core-1 | 2024-08-19 09:17:20,950 INFO spawned: 'email_01' with pid 3030 misp-core-1 | 2024-08-19 09:17:20,951 INFO spawned: 'email_02' with pid 3034 misp-core-1 | 2024-08-19 09:17:20,952 INFO spawned: 'email_03' with pid 3040 misp-core-1 | 2024-08-19 09:17:20,954 INFO spawned: 'email_04' with pid 3049 misp-core-1 | 2024-08-19 09:17:20,955 INFO spawned: 'cache_00' with pid 3057 misp-core-1 | 2024-08-19 09:17:20,956 INFO spawned: 'cache_01' with pid 3060 misp-core-1 | 2024-08-19 09:17:20,957 INFO spawned: 'cache_03' with pid 3066 misp-core-1 | 2024-08-19 09:17:20,959 INFO spawned: 'cache_04' with pid 3071 misp-core-1 | 2024-08-19 09:17:20,960 INFO spawned: 'prio_00' with pid 3078 misp-core-1 | 2024-08-19 09:17:20,961 INFO spawned: 'prio_01' with pid 3079 misp-core-1 | 2024-08-19 09:17:20,962 INFO spawned: 'prio_02' with pid 3080 misp-core-1 | 2024-08-19 09:17:20,963 INFO spawned: 'prio_03' with pid 3083 misp-core-1 | 2024-08-19 09:17:20,970 INFO spawned: 'update_00' with pid 3092 misp-core-1 | 2024-08-19 09:17:21,035 WARN exited: default_00 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:21,035 INFO gave up: default_00 entered FATAL state, too many start retries too quickly misp-core-1 | 2024-08-19 09:17:21,049 WARN exited: default_02 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:21,049 WARN exited: default_04 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:21,049 INFO gave up: default_02 entered FATAL state, too many start retries too quickly misp-core-1 | 2024-08-19 09:17:21,049 INFO gave up: default_04 entered FATAL state, too many start retries too quickly misp-core-1 | 2024-08-19 09:17:21,066 WARN exited: cache_00 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:21,066 INFO gave up: cache_00 entered FATAL state, too many start retries too quickly misp-core-1 | 2024-08-19 09:17:21,072 WARN exited: default_03 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:21,072 INFO gave up: default_03 entered FATAL state, too many start retries too quickly misp-core-1 | 2024-08-19 09:17:21,081 WARN exited: update_00 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:21,081 INFO gave up: update_00 entered FATAL state, too many start retries too quickly misp-core-1 | 2024-08-19 09:17:21,098 WARN exited: default_01 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:21,098 INFO gave up: default_01 entered FATAL state, too many start retries too quickly misp-core-1 | 2024-08-19 09:17:21,119 WARN exited: email_00 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:21,119 WARN exited: email_02 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:21,119 WARN exited: cache_01 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:21,119 INFO gave up: email_00 entered FATAL state, too many start retries too quickly misp-core-1 | 2024-08-19 09:17:21,119 INFO gave up: email_02 entered FATAL state, too many start retries too quickly misp-core-1 | 2024-08-19 09:17:21,119 INFO gave up: cache_01 entered FATAL state, too many start retries too quickly misp-core-1 | 2024-08-19 09:17:21,125 WARN exited: email_04 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:21,125 INFO gave up: email_04 entered FATAL state, too many start retries too quickly misp-core-1 | 2024-08-19 09:17:21,133 WARN exited: email_03 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:21,133 WARN exited: cache_03 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:21,133 INFO gave up: email_03 entered FATAL state, too many start retries too quickly misp-core-1 | 2024-08-19 09:17:21,133 INFO gave up: cache_03 entered FATAL state, too many start retries too quickly misp-core-1 | 2024-08-19 09:17:21,143 WARN exited: email_01 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:21,143 WARN exited: cache_04 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:21,143 WARN exited: prio_03 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:21,144 INFO gave up: email_01 entered FATAL state, too many start retries too quickly misp-core-1 | 2024-08-19 09:17:21,144 INFO gave up: cache_04 entered FATAL state, too many start retries too quickly misp-core-1 | 2024-08-19 09:17:21,144 INFO gave up: prio_03 entered FATAL state, too many start retries too quickly misp-core-1 | 2024-08-19 09:17:21,152 WARN exited: prio_02 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:21,152 INFO gave up: prio_02 entered FATAL state, too many start retries too quickly misp-core-1 | 2024-08-19 09:17:21,168 WARN exited: prio_00 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:21,168 INFO gave up: prio_00 entered FATAL state, too many start retries too quickly misp-core-1 | 2024-08-19 09:17:22,169 INFO success: prio_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs) misp-core-1 | 2024-08-19 09:17:22,170 INFO spawned: 'prio_04' with pid 3179 misp-core-1 | 2024-08-19 09:17:22,170 WARN exited: prio_01 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:22,243 INFO spawned: 'prio_01' with pid 3187 misp-core-1 | 2024-08-19 09:17:22,316 WARN exited: prio_04 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:22,316 INFO gave up: prio_04 entered FATAL state, too many start retries too quickly misp-core-1 | 2024-08-19 09:17:23,318 INFO spawned: 'cache_02' with pid 3195 misp-core-1 | 2024-08-19 09:17:23,318 INFO success: prio_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs) misp-core-1 | 2024-08-19 09:17:23,319 WARN exited: prio_01 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:23,392 INFO spawned: 'prio_01' with pid 3203 misp-core-1 | 2024-08-19 09:17:23,465 WARN exited: cache_02 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:23,466 INFO gave up: cache_02 entered FATAL state, too many start retries too quickly misp-core-1 | 2024-08-19 09:17:24,467 INFO success: prio_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs) misp-core-1 | 2024-08-19 09:17:24,468 WARN exited: prio_01 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:25,470 INFO spawned: 'prio_01' with pid 3218 misp-core-1 | 2024-08-19 09:17:26,543 INFO success: prio_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs) misp-core-1 | 2024-08-19 09:17:26,543 WARN exited: prio_01 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:27,545 INFO spawned: 'prio_01' with pid 3233 misp-core-1 | 2024-08-19 09:17:28,619 INFO success: prio_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs) misp-core-1 | 2024-08-19 09:17:28,619 WARN exited: prio_01 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:29,621 INFO spawned: 'prio_01' with pid 3248 misp-core-1 | 2024-08-19 09:17:30,695 INFO success: prio_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs) misp-core-1 | 2024-08-19 09:17:30,695 WARN exited: prio_01 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:31,698 INFO spawned: 'prio_01' with pid 3263 misp-core-1 | 2024-08-19 09:17:32,771 INFO success: prio_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs) misp-core-1 | 2024-08-19 09:17:32,771 WARN exited: prio_01 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:33,774 INFO spawned: 'prio_01' with pid 3278 misp-core-1 | 2024-08-19 09:17:34,846 INFO success: prio_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs) misp-core-1 | 2024-08-19 09:17:34,847 WARN exited: prio_01 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:35,849 INFO spawned: 'prio_01' with pid 3293 misp-core-1 | 2024-08-19 09:17:36,922 INFO success: prio_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs) misp-core-1 | 2024-08-19 09:17:36,922 WARN exited: prio_01 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:37,924 INFO spawned: 'prio_01' with pid 3308 misp-core-1 | 2024-08-19 09:17:38,997 INFO success: prio_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs) misp-core-1 | 2024-08-19 09:17:38,998 WARN exited: prio_01 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:40,000 INFO spawned: 'prio_01' with pid 3323 misp-core-1 | 2024-08-19 09:17:41,073 INFO success: prio_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs) misp-core-1 | 2024-08-19 09:17:41,073 WARN exited: prio_01 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:42,075 INFO spawned: 'prio_01' with pid 3338 misp-core-1 | 2024-08-19 09:17:43,148 INFO success: prio_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs) misp-core-1 | 2024-08-19 09:17:43,148 WARN exited: prio_01 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:44,150 INFO spawned: 'prio_01' with pid 3353 misp-core-1 | 2024-08-19 09:17:45,224 INFO success: prio_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs) misp-core-1 | 2024-08-19 09:17:45,224 WARN exited: prio_01 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:46,226 INFO spawned: 'prio_01' with pid 3368 misp-core-1 | 2024-08-19 09:17:47,300 INFO success: prio_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs) misp-core-1 | 2024-08-19 09:17:47,300 WARN exited: prio_01 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:48,302 INFO spawned: 'prio_01' with pid 3383 misp-core-1 | 2024-08-19 09:17:49,376 INFO success: prio_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs) misp-core-1 | 2024-08-19 09:17:49,376 WARN exited: prio_01 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:50,379 INFO spawned: 'prio_01' with pid 3398 misp-core-1 | 2024-08-19 09:17:51,452 INFO success: prio_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs) misp-core-1 | 2024-08-19 09:17:51,452 WARN exited: prio_01 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:52,454 INFO spawned: 'prio_01' with pid 3413 misp-core-1 | 2024-08-19 09:17:53,528 INFO success: prio_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs) misp-core-1 | 2024-08-19 09:17:53,529 WARN exited: prio_01 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:54,531 INFO spawned: 'prio_01' with pid 3428 misp-core-1 | 2024-08-19 09:17:55,606 INFO success: prio_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs) misp-core-1 | 2024-08-19 09:17:55,606 WARN exited: prio_01 (exit status 1; not expected) misp-core-1 | 2024-08-19 09:17:56,608 INFO spawned: 'prio_01' with pid 3443 misp-core-1 | 2024-08-19 09:17:57,680 INFO success: prio_01 entered RUNNING state, process has stayed up for > than 1 seconds (startsecs) misp-core-1 | 2024-08-19 09:17:57,681 WARN exited: prio_01 (exit status 1; not expected)
As a @ostefano recommeds me in Giter, I have removed all docker images and redis volume but issue is not solved.
All docker images are running without problems, apparently:
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 8d44002651b6 ghcr.io/misp/misp-docker/misp-core:latest "/entrypoint.sh" 2 minutes ago Up 2 minutes (healthy) 0.0.0.0:80->80/tcp, :::80->80/tcp, 0.0.0.0:443->443/tcp, :::443->443/tcp, 127.0.0.1:27051->27051/tcp misp-misp-core-1 0eb5dc790275 ghcr.io/misp/misp-docker/misp-modules:latest "/usr/local/bin/misp…" 2 minutes ago Up 2 minutes misp-misp-modules-1 1f8870274ecb mariadb:10.11 "docker-entrypoint.s…" 2 minutes ago Up 2 minutes (healthy) 3306/tcp misp-db-1 83505493d71b valkey/valkey:7.2 "docker-entrypoint.s…" 2 minutes ago Up 2 minutes (healthy) 6379/tcp misp-redis-1 62035ab78524 ixdotai/smtp "/bin/entrypoint.sh …" 2 minutes ago Up 2 minutes 25/tcp misp-mail-1
My .env file is:
Build-time variables
CORE_TAG=v2.4.195 MODULES_TAG=v2.4.195 PHP_VER=20190902 LIBFAUP_COMMIT=3a26d0a
PYPY_* vars take precedence over MISP's
PYPI_REDIS_VERSION="==5.0.*"
PYPI_LIEF_VERSION=">=0.13.1"
PYPI_PYDEEP2_VERSION="==0.5.*"
PYPI_PYTHON_MAGIC_VERSION="==0.4.*"
PYPI_MISP_LIB_STIX2_VERSION="==3.0.*"
PYPI_MAEC_VERSION="==4.1.*"
PYPI_MIXBOX_VERSION="==1.0.*"
PYPI_CYBOX_VERSION="==2.1.*"
PYPI_PYMISP_VERSION="==2.4.178"
CORE_COMMIT takes precedence over CORE_TAG
CORE_COMMIT=c56d537
MODULES_COMMIT takes precedence over MODULES_TAG
MODULES_COMMIT=de69ae3
Run-time variables
Email/username for user #1, defaults to MISP's default ([email protected])
name of org #1, default to MISP's default (ORGNAME)
ADMIN_ORG=MISP Platform.
defaults to an automatically generated one
ADMIN_KEY=
defaults to MISP's default (admin)
ADMIN_PASSWORD=
defaults to 'passphrase'
GPG_PASSPHRASE=mypassinternal
defaults to 1 (the admin user)
CRON_USER_ID=1
defaults to 'https://localhost'
BASE_URL=https://misp.mydomain.com
store settings in db except those that must stay in config.php. true/false, defaults to false
ENABLE_DB_SETTINGS=true
optional and used by the mail sub-system
SMARTHOST_ADDRESS=mail.mydomain.com SMARTHOST_PORT=25 SMARTHOST_USER= SMARTHOST_PASSWORD= SMARTHOST_ALIASES=
optional comma separated list of IDs of syncservers (e.g. SYNCSERVERS=1)
For this to work ADMIN_KEY must be set, or AUTOGEN_ADMIN_KEY must be true (default)
SYNCSERVERS=
note: if you have more than one syncserver, you need to update docker-compose.yml
SYNCSERVERS_1_URL= SYNCSERVERS_1_NAME= SYNCSERVERS_1_UUID= SYNCSERVERS_1_KEY=
optional and used to set mysql db and credentials
MYSQL_HOST=
MYSQL_PORT=
MYSQL_USER=cti MYSQL_PASSWORD=f14abaeb07160033d60114110a6af2c06abd59416f8b9b38dc551d6342a18c2b MYSQL_ROOT_PASSWORD=c40aa130af1eb54d8ace33fc5e8d13e4dab7b8e1e2532164e7d135f8fa541c13 MYSQL_DATABASE=dbmisp
These variables allows overriding some MISP email values.
They all default to ADMIN_EMAIL.
MISP.email, used for notifications. Also used
for GnuPG.email and GPG autogeneration.
MISP.contact, the e-mail address that
MISP should include as a contact address
for the instance's support team.
Enable GPG autogeneration (default true)
AUTOCONF_GPG=true
Enable admin (user #1) API key autogeneration
if ADMIN_KEY is not set above (default true)
AUTOGEN_ADMIN_KEY=true
Disable IPv6 completely
DISABLE_IPV6=true
Disable SSL redirect
DISABLE_SSL_REDIRECT=true
Enable OIDC authentication, according to https://github.com/MISP/MISP/blob/2.4/app/Plugin/OidcAuth/README.md
OIDC_ENABLE=true
OIDC_PROVIDER_URL=
OIDC_CLIENT_ID=
OIDC_CLIENT_SECRET=
OIDC_ROLES_PROPERTY="roles"
OIDC_ROLES_MAPPING="{"admin": "1"}"
OIDC_DEFAULT_ORG=
Enable LDAP (using the ApacheSecureAuth component) authentication, according to https://github.com/MISP/MISP/issues/6189
NOTE: Once you enable LDAP authentication with the ApacheSecureAuth component, users should not be able to control the HTTP header configured in LDAP_APACHE_ENV (e.g. REMOTE_USER).
This means you must not allow direct access to MISP.
LDAP_ENABLE=true
LDAP_APACHE_ENV="REMOTE_USER"
LDAP_SERVER="ldap://your_domain_controller"
LDAP_STARTTLS=true
LDAP_READER_USER="CN=service_account_name,OU=Users,DC=domain,DC=net"
LDAP_READER_PASSWORD="password"
LDAP_DN="OU=Users,DC=domain,DC=net"
LDAP_SEARCH_FILTER=""
LDAP_SEARCH_ATTRIBUTE="uid"
LDAP_FILTER="["mail", "uid", "cn" ]"
LDAP_DEFAULT_ROLE_ID="3"
LDAP_DEFAULT_ORG="1"
LDAP_EMAIL_FIELD="["mail"]"
LDAP_OPT_PROTOCOL_VERSION="3"
LDAP_OPT_NETWORK_TIMEOUT="-1"
LDAP_OPT_REFERRALS=false
Enable Azure AD (Entra) authentication, according to https://github.com/MISP/MISP/blob/2.4/app/Plugin/AadAuth/README.md
AAD_ENABLE=true
AAD_CLIENT_ID=
AAD_TENANT_ID=
AAD_CLIENT_SECRET=
AAD_REDIRECT_URI="https://misp.mydomain.com/users/login"
AAD_PROVIDER="https://login.microsoftonline.com/"
AAD_PROVIDER_USER="https://graph.microsoft.com/"
AAD_MISP_USER="Misp Users"
AAD_MISP_ORGADMIN="Misp Org Admins"
AAD_MISP_SITEADMIN="Misp Site Admins"
AAD_CHECK_GROUPS=false
Enable the use of a Proxy server
PROXY_ENABLE=true
PROXY_HOST=
PROXY_PORT=
PROXY_METHOD=
PROXY_USER=
PROXY_PASSWORD=
My host is a Debian 12 amd64.
