crowdsec icon indicating copy to clipboard operation
crowdsec copied to clipboard

Published 20 hours ago verified publisher icon crowdsecurity

crowdsec job in daily

Open lacrimal opened this issue 9 months ago • 11 comments

Guys,

After update I have your script in cron.daily returning this and reporting daily at 7:00. Since your application is security tool and not virus - maybe try to be less intrusive ?

/etc/cron.daily/crowdsec:

Downloading /etc/crowdsec/hub/.index.json

lacrimal avatar Feb 23 '25 11:02 lacrimal

@lacrimal: Thanks for opening an issue, it is currently awaiting triage.

In the meantime, you can:

  1. Check Crowdsec Documentation to see if your issue can be self resolved.
  2. You can also join our Discord.
  3. Check Releases to make sure your agent is on the latest version.
Details

I am a bot created to help the crowdsecurity developers manage community feedback and contributions. You can check out my manifest file to understand my behavior and what I can do. If you want to use this for your project, you can check out the BirthdayResearch/oss-governance-bot repository.

github-actions[bot] avatar Feb 23 '25 11:02 github-actions[bot]

@lacrimal: There are no 'kind' label on this issue. You need a 'kind' label to start the triage process.

  • /kind feature
  • /kind enhancement
  • /kind refactoring
  • /kind bug
  • /kind packaging
Details

I am a bot created to help the crowdsecurity developers manage community feedback and contributions. You can check out my manifest file to understand my behavior and what I can do. If you want to use this for your project, you can check out the BirthdayResearch/oss-governance-bot repository.

github-actions[bot] avatar Feb 23 '25 11:02 github-actions[bot]

Already patched for next release

https://github.com/crowdsecurity/crowdsec/pull/3460

LaurenceJJones avatar Feb 23 '25 12:02 LaurenceJJones

Reopen due to investigation seems this println may always print

@mmetc https://github.com/crowdsecurity/crowdsec/blob/a3187d6f2c0fd56afd6fbb792c061fa59535b265/pkg/cwhub/download.go#L87

can we do this in the logger at debug level or info?

LaurenceJJones avatar Feb 24 '25 09:02 LaurenceJJones

If we do, then crowdsec won't be reloaded when data file are updated unless items are updated too. Does the resource have an etag or last-modified header?

The above line is printed (which means a GET request is attempted) only if after a HEAD request we still can't confirm the file is up to date. It's still possible that after GET we find out the file didn't change, so no crowdsec reload is needed. But without reliable cache control on all data files I don't think there's a right thing 100% of the times

Edit: you could be right that we don't need this message anymore and the needReload bool is enough, I have to check.

mmetc avatar Feb 24 '25 09:02 mmetc

imo, its okay to println for datafiles, but this is the index file so if we could ignore just the index then lgtm

LaurenceJJones avatar Feb 24 '25 10:02 LaurenceJJones

https://github.com/crowdsecurity/crowdsec/pull/3485

mmetc avatar Feb 26 '25 15:02 mmetc

Will be less like a virus next release 😄

LaurenceJJones avatar Feb 27 '25 10:02 LaurenceJJones

LGTM 😀

lacrimal avatar Feb 27 '25 10:02 lacrimal

Could you make it silent unless it fails by default?
That's how most cronjobs work AFAIK, since any output causes an email to admins, and an alert email for success is noise.

Or even better bump up the priority for #3218 so I don't get emails but still can check logs if needed.

ThinkChaos avatar Jun 07 '25 15:06 ThinkChaos

Reopening issue as we nullify the continuous emails from hub update but didn't actually silent the hub upgrade part which is a might be more involved.

LaurenceJJones avatar Jun 10 '25 09:06 LaurenceJJones

will be resolved by 1.7.1 release #3842 , as we have moved away from cronjob now to a systemd timer which wont trigger sendmail anymore.

LaurenceJJones avatar Sep 24 '25 09:09 LaurenceJJones