From b5d1f47e47361d20ac615a8634e5abc58433b321 Mon Sep 17 00:00:00 2001 From: Greg DiCristofaro Date: Tue, 11 Jul 2023 20:48:12 -0400 Subject: [PATCH 01/37] strict confinement --- snap/snapcraft.yaml | 33 +++++++++++++++++++++------------ 1 file changed, 21 insertions(+), 12 deletions(-) diff --git a/snap/snapcraft.yaml b/snap/snapcraft.yaml index 138e31ffb1..9336808ddb 100644 --- a/snap/snapcraft.yaml +++ b/snap/snapcraft.yaml @@ -1,21 +1,21 @@ name: autopsy -# core22 brings along linting for share object library paths as well as improvements to get java gstreamer working base: core22 version: 4.20.0 summary: A graphical interface to The Sleuth Kit and other digital forensics tools. # 79 char long summary -description: Autopsy is a graphical interface to The Sleuth Kit and other open source - digital forensics tools. +description: Autopsy is a graphical interface to The Sleuth Kit and other open source digital forensics tools. +source-code: https://github.com/sleuthkit/autopsy/ +website: https://www.autopsy.com/ +license: Apache-2.0 grade: stable # must be 'stable' to release into candidate/stable channels -# TODO look into turning back to strict for easier store inclusion but more limited usage -confinement: classic # use 'strict' once you have the right plugs and slots -architectures: [amd64, arm64] +confinement: strict # or classic # use 'strict' once you have the right plugs and slots +architectures: [amd64] compression: lzo icon: snap/gui/autopsy.png plugs: system-files-autopsy: interface: system-files - read: [/dev] + read: [/] apps: autopsy: @@ -23,7 +23,7 @@ apps: jdkhome: $SNAP/usr/lib/jvm/java-17-openjdk-amd64 # provide means for java gstreamer to find gstreamer libs jreflags: $jreflags "-Djna.library.path=$SNAP/usr/lib/x86_64-linux-gnu" - LD_LIBRARY_PATH: $SNAP/usr/local/lib:$LD_LIBRARY_PATH + #LD_LIBRARY_PATH: ${SNAP}/usr/local/lib:${SNAP}/usr/lib/x86_64-linux-gnu/gstreamer-1.0:${SNAP}/usr/lib/x86_64-linux-gnu:${SNAP}/lib/x86_64-linux-gnu:${SNAP}/usr/lib/x86_64-linux-gnu/glib-2.0:${LD_LIBRARY_PATH} # make sure path is set up to ensure things like photorec are found PATH: $SNAP/usr/bin:$SNAP/usr/local/bin:$PATH # gstreamer scans for plugins (i.e. app integration plugins). this tells gstreamer where to look for the scanner and libraries @@ -79,6 +79,8 @@ parts: source-branch: develop #source-tag: sleuthkit-4.12.0 build-environment: [JAVA_HOME: /usr/lib/jvm/java-17-openjdk-amd64] + # build-attributes: + # - enable-patchelf build-packages: - build-essential - autoconf @@ -97,7 +99,6 @@ parts: - libvhdi-dev - libvmdk-dev stage-packages: - - build-essential - libpq-dev - testdisk - libafflib-dev @@ -106,6 +107,8 @@ parts: - libvmdk-dev autopsy: after: [sleuthkit] + # build-attributes: + # - enable-patchelf build-packages: - zip - unzip @@ -118,6 +121,13 @@ parts: - libheif-dev - libpq-dev - testdisk + - freeglut3 + - libpsm-infinipath1 + - libpsm-infinipath1-dev + - libglu1-mesa + - libgstreamer1.0-dev + - libgstreamer-plugins-base1.0-dev + - libgstreamer-plugins-bad1.0-dev - libgstreamer1.0-0 - gstreamer1.0-plugins-base - gstreamer1.0-plugins-good @@ -131,8 +141,8 @@ parts: - gstreamer1.0-gtk3 - gstreamer1.0-qt5 - gstreamer1.0-pulseaudio - - openjdk-17-jdk - openjdk-17-jre + - openjdk-17-jdk - perl plugin: nil # source: https://github.com/sleuthkit/autopsy.git @@ -142,7 +152,7 @@ parts: build-environment: - JAVA_HOME: /usr/lib/jvm/java-17-openjdk-amd64 - TSK_JAVA_LIB_PATH: $SNAPCRAFT_STAGE/usr/local/share/java - override-build: |- + override-build: | # ----- BUILD ZIP ----- AUTOPSY_SRC_PATH=$(pwd) NETBEANS_PLAT_VER=$(grep "netbeans-plat-version=" "$AUTOPSY_SRC_PATH/nbproject/platform.properties" | cut -d'=' -f2) @@ -171,4 +181,3 @@ parts: # include this line to print all set variables # sed -i '129 i set -o posix ; echo $(set) >&2 ; ls -l "${jdkhome}/bin/java"' "$AUTOPSY_LOCATION/platform/lib/nbexec" - From 34e90f7d6c9a7f07c0275f9204c5f28c0a55f874 Mon Sep 17 00:00:00 2001 From: Greg DiCristofaro Date: Fri, 14 Jul 2023 09:37:06 -0400 Subject: [PATCH 02/37] change layout for temp; not tested --- snap/snapcraft.yaml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/snap/snapcraft.yaml b/snap/snapcraft.yaml index 9336808ddb..fbe83ed0aa 100644 --- a/snap/snapcraft.yaml +++ b/snap/snapcraft.yaml @@ -17,9 +17,16 @@ plugs: interface: system-files read: [/] +layout: + /tmp: + bind: $SNAP_DATA/tmp + /home/autopsy_user: + bind: $SNAP_DATA/appdata + apps: autopsy: environment: + HOME: $SNAP/home/autopsy_user jdkhome: $SNAP/usr/lib/jvm/java-17-openjdk-amd64 # provide means for java gstreamer to find gstreamer libs jreflags: $jreflags "-Djna.library.path=$SNAP/usr/lib/x86_64-linux-gnu" @@ -32,6 +39,7 @@ apps: SOLR_LOGS_DIR: $HOME/.autopsy/dev/solr/logs SOLR_PID_DIR: $HOME/.autopsy/dev/solr/logs command: autopsy/bin/autopsy + extensions: [ gnome ] common-id: org.sleuthkit.autopsy plugs: # taken from https://snapcraft.io/docs/supported-interfaces From 3723bf01e927ea61842e85bf590f69baed75073a Mon Sep 17 00:00:00 2001 From: Greg DiCristofaro Date: Fri, 14 Jul 2023 16:12:24 -0400 Subject: [PATCH 03/37] minor updates --- snap/snapcraft.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/snap/snapcraft.yaml b/snap/snapcraft.yaml index fbe83ed0aa..aae239bce5 100644 --- a/snap/snapcraft.yaml +++ b/snap/snapcraft.yaml @@ -20,13 +20,13 @@ plugs: layout: /tmp: bind: $SNAP_DATA/tmp - /home/autopsy_user: + /$HOME/.autopsy: bind: $SNAP_DATA/appdata - + /$HOME/.cache/autopsy: + bind: $SNAP_DATA/cache apps: autopsy: environment: - HOME: $SNAP/home/autopsy_user jdkhome: $SNAP/usr/lib/jvm/java-17-openjdk-amd64 # provide means for java gstreamer to find gstreamer libs jreflags: $jreflags "-Djna.library.path=$SNAP/usr/lib/x86_64-linux-gnu" From c5d16981343ebc9f0b4b507824b5de6637720d67 Mon Sep 17 00:00:00 2001 From: Greg DiCristofaro Date: Fri, 14 Jul 2023 16:56:08 -0400 Subject: [PATCH 04/37] fix for top level layout directory --- snap/snapcraft.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/snap/snapcraft.yaml b/snap/snapcraft.yaml index aae239bce5..bc95742ca2 100644 --- a/snap/snapcraft.yaml +++ b/snap/snapcraft.yaml @@ -18,7 +18,7 @@ plugs: read: [/] layout: - /tmp: + /$HOME/tmp: bind: $SNAP_DATA/tmp /$HOME/.autopsy: bind: $SNAP_DATA/appdata @@ -29,7 +29,7 @@ apps: environment: jdkhome: $SNAP/usr/lib/jvm/java-17-openjdk-amd64 # provide means for java gstreamer to find gstreamer libs - jreflags: $jreflags "-Djna.library.path=$SNAP/usr/lib/x86_64-linux-gnu" + jreflags: $jreflags "-djava.io.tmpdir=$HOME/tmp -Djna.library.path=$SNAP/usr/lib/x86_64-linux-gnu" #LD_LIBRARY_PATH: ${SNAP}/usr/local/lib:${SNAP}/usr/lib/x86_64-linux-gnu/gstreamer-1.0:${SNAP}/usr/lib/x86_64-linux-gnu:${SNAP}/lib/x86_64-linux-gnu:${SNAP}/usr/lib/x86_64-linux-gnu/glib-2.0:${LD_LIBRARY_PATH} # make sure path is set up to ensure things like photorec are found PATH: $SNAP/usr/bin:$SNAP/usr/local/bin:$PATH From 1f4755166c350c671d526afeb6730e720828b32f Mon Sep 17 00:00:00 2001 From: Greg DiCristofaro Date: Fri, 14 Jul 2023 17:41:19 -0400 Subject: [PATCH 05/37] /c/Users/gregd isn't recognized? --- snap/snapcraft.yaml | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/snap/snapcraft.yaml b/snap/snapcraft.yaml index bc95742ca2..378da77dc9 100644 --- a/snap/snapcraft.yaml +++ b/snap/snapcraft.yaml @@ -17,13 +17,14 @@ plugs: interface: system-files read: [/] -layout: - /$HOME/tmp: - bind: $SNAP_DATA/tmp - /$HOME/.autopsy: - bind: $SNAP_DATA/appdata - /$HOME/.cache/autopsy: - bind: $SNAP_DATA/cache +# layout: +# /$SNAP_USER_DATA/tmp: +# bind: $SNAP_DATA/tmp +# /$SNAP_USER_DATA/.autopsy: +# bind: $SNAP_DATA/appdata +# /$SNAP_USER_DATA/.cache/autopsy: +# bind: $SNAP_DATA/cache + apps: autopsy: environment: From 5770068501681ee6693937da48812387d6227f4e Mon Sep 17 00:00:00 2001 From: Greg DiCristofaro Date: Fri, 14 Jul 2023 18:30:07 -0400 Subject: [PATCH 06/37] uppercase -D for option... --- snap/snapcraft.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/snap/snapcraft.yaml b/snap/snapcraft.yaml index 378da77dc9..6346d68ad6 100644 --- a/snap/snapcraft.yaml +++ b/snap/snapcraft.yaml @@ -30,7 +30,7 @@ apps: environment: jdkhome: $SNAP/usr/lib/jvm/java-17-openjdk-amd64 # provide means for java gstreamer to find gstreamer libs - jreflags: $jreflags "-djava.io.tmpdir=$HOME/tmp -Djna.library.path=$SNAP/usr/lib/x86_64-linux-gnu" + jreflags: $jreflags "-Djava.io.tmpdir=$HOME/tmp -Djna.library.path=$SNAP/usr/lib/x86_64-linux-gnu" #LD_LIBRARY_PATH: ${SNAP}/usr/local/lib:${SNAP}/usr/lib/x86_64-linux-gnu/gstreamer-1.0:${SNAP}/usr/lib/x86_64-linux-gnu:${SNAP}/lib/x86_64-linux-gnu:${SNAP}/usr/lib/x86_64-linux-gnu/glib-2.0:${LD_LIBRARY_PATH} # make sure path is set up to ensure things like photorec are found PATH: $SNAP/usr/bin:$SNAP/usr/local/bin:$PATH From d95c990ff98435fa3cc2fc051aea9d55bf18095c Mon Sep 17 00:00:00 2001 From: Greg DiCristofaro Date: Sat, 15 Jul 2023 07:44:51 -0400 Subject: [PATCH 07/37] fixes --- snap/snapcraft.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/snap/snapcraft.yaml b/snap/snapcraft.yaml index 6346d68ad6..73d22ed8e9 100644 --- a/snap/snapcraft.yaml +++ b/snap/snapcraft.yaml @@ -17,6 +17,7 @@ plugs: interface: system-files read: [/] +# does not appear necessary as writing to home directory gets written to $SNAP_USER_DATA: https://snapcraft.io/docs/environment-variables # layout: # /$SNAP_USER_DATA/tmp: # bind: $SNAP_DATA/tmp @@ -30,7 +31,7 @@ apps: environment: jdkhome: $SNAP/usr/lib/jvm/java-17-openjdk-amd64 # provide means for java gstreamer to find gstreamer libs - jreflags: $jreflags "-Djava.io.tmpdir=$HOME/tmp -Djna.library.path=$SNAP/usr/lib/x86_64-linux-gnu" + jreflags: $jreflags "-Djava.io.tmpdir=$HOME/tmp" "-Djna.library.path=$SNAP/usr/lib/x86_64-linux-gnu" #LD_LIBRARY_PATH: ${SNAP}/usr/local/lib:${SNAP}/usr/lib/x86_64-linux-gnu/gstreamer-1.0:${SNAP}/usr/lib/x86_64-linux-gnu:${SNAP}/lib/x86_64-linux-gnu:${SNAP}/usr/lib/x86_64-linux-gnu/glib-2.0:${LD_LIBRARY_PATH} # make sure path is set up to ensure things like photorec are found PATH: $SNAP/usr/bin:$SNAP/usr/local/bin:$PATH @@ -40,6 +41,7 @@ apps: SOLR_LOGS_DIR: $HOME/.autopsy/dev/solr/logs SOLR_PID_DIR: $HOME/.autopsy/dev/solr/logs command: autopsy/bin/autopsy + # More info here: https://snapcraft.io/docs/gnome-extension extensions: [ gnome ] common-id: org.sleuthkit.autopsy plugs: From 830b188854fa646aba9f551307e42e689ba4eeb5 Mon Sep 17 00:00:00 2001 From: Greg DiCristofaro Date: Sat, 15 Jul 2023 10:58:49 -0400 Subject: [PATCH 08/37] run as command --- snap/snapcraft.yaml | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/snap/snapcraft.yaml b/snap/snapcraft.yaml index 73d22ed8e9..bc1b52801a 100644 --- a/snap/snapcraft.yaml +++ b/snap/snapcraft.yaml @@ -15,7 +15,7 @@ icon: snap/gui/autopsy.png plugs: system-files-autopsy: interface: system-files - read: [/] + read: [/dev] # does not appear necessary as writing to home directory gets written to $SNAP_USER_DATA: https://snapcraft.io/docs/environment-variables # layout: @@ -31,7 +31,7 @@ apps: environment: jdkhome: $SNAP/usr/lib/jvm/java-17-openjdk-amd64 # provide means for java gstreamer to find gstreamer libs - jreflags: $jreflags "-Djava.io.tmpdir=$HOME/tmp" "-Djna.library.path=$SNAP/usr/lib/x86_64-linux-gnu" + jreflags: $jreflags "-Djava.io.tmpdir=$HOME/tmp" "-Djna.library.path=$SNAP/usr/lib/x86_64-linux-gnu:$SNAP/usr/local/lib" #LD_LIBRARY_PATH: ${SNAP}/usr/local/lib:${SNAP}/usr/lib/x86_64-linux-gnu/gstreamer-1.0:${SNAP}/usr/lib/x86_64-linux-gnu:${SNAP}/lib/x86_64-linux-gnu:${SNAP}/usr/lib/x86_64-linux-gnu/glib-2.0:${LD_LIBRARY_PATH} # make sure path is set up to ensure things like photorec are found PATH: $SNAP/usr/bin:$SNAP/usr/local/bin:$PATH @@ -40,6 +40,8 @@ apps: GST_PLUGIN_SCANNER: $SNAP/usr/lib/x86_64-linux-gnu/gstreamer1.0/gstreamer-1.0/gst-plugin-scanner SOLR_LOGS_DIR: $HOME/.autopsy/dev/solr/logs SOLR_PID_DIR: $HOME/.autopsy/dev/solr/logs + command-chain: + - autopsy/bin/tmpsetup.sh command: autopsy/bin/autopsy # More info here: https://snapcraft.io/docs/gnome-extension extensions: [ gnome ] @@ -190,5 +192,9 @@ parts: # snaps run applications with different permissions. This ensures applications can run. chmod 755 "$AUTOPSY_LOCATION/bin/autopsy" + echo '#!/bin/bash' > $AUTOPSY_LOCATION/bin/tmpsetup.sh + echo "mkdir -p $SNAP_USER_DATA/tmp" >> $AUTOPSY_LOCATION/bin/tmpsetup.sh + chmod 755 $AUTOPSY_LOCATION/bin/tmpsetup.sh + # include this line to print all set variables # sed -i '129 i set -o posix ; echo $(set) >&2 ; ls -l "${jdkhome}/bin/java"' "$AUTOPSY_LOCATION/platform/lib/nbexec" From 38657d93ad716c0d896317488d88fb5f18428ddf Mon Sep 17 00:00:00 2001 From: Greg DiCristofaro Date: Sat, 15 Jul 2023 11:37:57 -0400 Subject: [PATCH 09/37] home change --- snap/snapcraft.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/snap/snapcraft.yaml b/snap/snapcraft.yaml index bc1b52801a..2b383c7262 100644 --- a/snap/snapcraft.yaml +++ b/snap/snapcraft.yaml @@ -193,7 +193,7 @@ parts: chmod 755 "$AUTOPSY_LOCATION/bin/autopsy" echo '#!/bin/bash' > $AUTOPSY_LOCATION/bin/tmpsetup.sh - echo "mkdir -p $SNAP_USER_DATA/tmp" >> $AUTOPSY_LOCATION/bin/tmpsetup.sh + echo "mkdir -p $HOME/tmp" >> $AUTOPSY_LOCATION/bin/tmpsetup.sh chmod 755 $AUTOPSY_LOCATION/bin/tmpsetup.sh # include this line to print all set variables From 30f065b87326432fc7dd903fff2fd73728bac976 Mon Sep 17 00:00:00 2001 From: Greg DiCristofaro Date: Sat, 15 Jul 2023 14:26:51 -0400 Subject: [PATCH 10/37] fixes and improvements --- snap/snapcraft.yaml | 29 ++++++++++++++++++++++++++--- 1 file changed, 26 insertions(+), 3 deletions(-) diff --git a/snap/snapcraft.yaml b/snap/snapcraft.yaml index 2b383c7262..4202bb6e3b 100644 --- a/snap/snapcraft.yaml +++ b/snap/snapcraft.yaml @@ -42,7 +42,7 @@ apps: SOLR_PID_DIR: $HOME/.autopsy/dev/solr/logs command-chain: - autopsy/bin/tmpsetup.sh - command: autopsy/bin/autopsy + command: bin/desktop-launch $SNAP/autopsy/bin/autopsy # More info here: https://snapcraft.io/docs/gnome-extension extensions: [ gnome ] common-id: org.sleuthkit.autopsy @@ -86,6 +86,29 @@ apps: - x11 parts: + # desktop helpers to get launch working correctly + # coming from https://forum.snapcraft.io/t/desktop-applications/13034, + # https://github.com/jibel/freeplane-snap/blob/master/snapcraft.yaml + desktop-glib: + source: https://github.com/ubuntu/snapcraft-desktop-helpers.git + source-subdir: glib-only + plugin: make + build-packages: + - libglib2.0-dev + stage-packages: + - adwaita-icon-theme + - dmz-cursor-theme + - gnome-themes-standard + - libgdk-pixbuf2.0-0 + - libglib2.0-bin + - libgtk2.0-0 + - libxkbcommon0 + - light-themes + - locales-all + - shared-mime-info + - ttf-ubuntu-font-family + - xdg-user-dirs + sleuthkit: plugin: autotools source: https://github.com/sleuthkit/sleuthkit.git @@ -119,7 +142,7 @@ parts: - libvhdi-dev - libvmdk-dev autopsy: - after: [sleuthkit] + after: [sleuthkit, desktop-glib] # build-attributes: # - enable-patchelf build-packages: @@ -193,7 +216,7 @@ parts: chmod 755 "$AUTOPSY_LOCATION/bin/autopsy" echo '#!/bin/bash' > $AUTOPSY_LOCATION/bin/tmpsetup.sh - echo "mkdir -p $HOME/tmp" >> $AUTOPSY_LOCATION/bin/tmpsetup.sh + echo 'mkdir -p $HOME/tmp' >> $AUTOPSY_LOCATION/bin/tmpsetup.sh chmod 755 $AUTOPSY_LOCATION/bin/tmpsetup.sh # include this line to print all set variables From d9330946a3c852c62fbcc142277b8481f8ca6bf5 Mon Sep 17 00:00:00 2001 From: Greg DiCristofaro Date: Sat, 15 Jul 2023 14:39:31 -0400 Subject: [PATCH 11/37] revert as OBE in core22 --- snap/snapcraft.yaml | 29 +++-------------------------- 1 file changed, 3 insertions(+), 26 deletions(-) diff --git a/snap/snapcraft.yaml b/snap/snapcraft.yaml index 4202bb6e3b..9fd11a27b5 100644 --- a/snap/snapcraft.yaml +++ b/snap/snapcraft.yaml @@ -7,7 +7,7 @@ source-code: https://github.com/sleuthkit/autopsy/ website: https://www.autopsy.com/ license: Apache-2.0 grade: stable # must be 'stable' to release into candidate/stable channels -confinement: strict # or classic # use 'strict' once you have the right plugs and slots +confinement: devmode # or classic # use 'strict' once you have the right plugs and slots architectures: [amd64] compression: lzo icon: snap/gui/autopsy.png @@ -42,7 +42,7 @@ apps: SOLR_PID_DIR: $HOME/.autopsy/dev/solr/logs command-chain: - autopsy/bin/tmpsetup.sh - command: bin/desktop-launch $SNAP/autopsy/bin/autopsy + command: autopsy/bin/autopsy # More info here: https://snapcraft.io/docs/gnome-extension extensions: [ gnome ] common-id: org.sleuthkit.autopsy @@ -86,29 +86,6 @@ apps: - x11 parts: - # desktop helpers to get launch working correctly - # coming from https://forum.snapcraft.io/t/desktop-applications/13034, - # https://github.com/jibel/freeplane-snap/blob/master/snapcraft.yaml - desktop-glib: - source: https://github.com/ubuntu/snapcraft-desktop-helpers.git - source-subdir: glib-only - plugin: make - build-packages: - - libglib2.0-dev - stage-packages: - - adwaita-icon-theme - - dmz-cursor-theme - - gnome-themes-standard - - libgdk-pixbuf2.0-0 - - libglib2.0-bin - - libgtk2.0-0 - - libxkbcommon0 - - light-themes - - locales-all - - shared-mime-info - - ttf-ubuntu-font-family - - xdg-user-dirs - sleuthkit: plugin: autotools source: https://github.com/sleuthkit/sleuthkit.git @@ -142,7 +119,7 @@ parts: - libvhdi-dev - libvmdk-dev autopsy: - after: [sleuthkit, desktop-glib] + after: [sleuthkit] # build-attributes: # - enable-patchelf build-packages: From 78aa85200e3771e0843e4d6dbb4c217c854a8b64 Mon Sep 17 00:00:00 2001 From: Greg DiCristofaro Date: Sat, 15 Jul 2023 20:57:06 -0400 Subject: [PATCH 12/37] possible fixes --- snap/snapcraft.yaml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/snap/snapcraft.yaml b/snap/snapcraft.yaml index 9fd11a27b5..29ca10f6d9 100644 --- a/snap/snapcraft.yaml +++ b/snap/snapcraft.yaml @@ -12,10 +12,10 @@ architectures: [amd64] compression: lzo icon: snap/gui/autopsy.png -plugs: - system-files-autopsy: - interface: system-files - read: [/dev] +# plugs: +# system-files-autopsy: +# interface: system-files +# read: [/dev] # does not appear necessary as writing to home directory gets written to $SNAP_USER_DATA: https://snapcraft.io/docs/environment-variables # layout: @@ -31,7 +31,7 @@ apps: environment: jdkhome: $SNAP/usr/lib/jvm/java-17-openjdk-amd64 # provide means for java gstreamer to find gstreamer libs - jreflags: $jreflags "-Djava.io.tmpdir=$HOME/tmp" "-Djna.library.path=$SNAP/usr/lib/x86_64-linux-gnu:$SNAP/usr/local/lib" + jreflags: $jreflags '-Djava.io.tmpdir=$HOME/tmp' '-Djna.library.path=$SNAP/usr/lib/x86_64-linux-gnu:$SNAP/usr/local/lib' #LD_LIBRARY_PATH: ${SNAP}/usr/local/lib:${SNAP}/usr/lib/x86_64-linux-gnu/gstreamer-1.0:${SNAP}/usr/lib/x86_64-linux-gnu:${SNAP}/lib/x86_64-linux-gnu:${SNAP}/usr/lib/x86_64-linux-gnu/glib-2.0:${LD_LIBRARY_PATH} # make sure path is set up to ensure things like photorec are found PATH: $SNAP/usr/bin:$SNAP/usr/local/bin:$PATH @@ -55,7 +55,7 @@ apps: - daemon-notify - desktop - desktop-launch - - desktop-legacy + # - desktop-legacy - dm-crypt - firewall-control - fuse-support @@ -76,11 +76,11 @@ apps: - raw-usb - removable-media - sd-control - - system-files-autopsy + # - system-files-autopsy - system-observe - system-trace - udisks2 - - unity7 + # - unity7 - unity8 - wayland - x11 From 264a247558566bab53aaf40da1307d5d43bea23e Mon Sep 17 00:00:00 2001 From: Greg DiCristofaro Date: Sun, 16 Jul 2023 12:02:39 -0400 Subject: [PATCH 13/37] fixes --- snap/snapcraft.yaml | 30 ++++++++++++++++++------------ 1 file changed, 18 insertions(+), 12 deletions(-) diff --git a/snap/snapcraft.yaml b/snap/snapcraft.yaml index 29ca10f6d9..9b3d55261e 100644 --- a/snap/snapcraft.yaml +++ b/snap/snapcraft.yaml @@ -7,15 +7,15 @@ source-code: https://github.com/sleuthkit/autopsy/ website: https://www.autopsy.com/ license: Apache-2.0 grade: stable # must be 'stable' to release into candidate/stable channels -confinement: devmode # or classic # use 'strict' once you have the right plugs and slots +confinement: strict # or classic # use 'strict' once you have the right plugs and slots architectures: [amd64] compression: lzo icon: snap/gui/autopsy.png -# plugs: -# system-files-autopsy: -# interface: system-files -# read: [/dev] +plugs: + system-files-autopsy: + interface: system-files + read: [/dev] # does not appear necessary as writing to home directory gets written to $SNAP_USER_DATA: https://snapcraft.io/docs/environment-variables # layout: @@ -32,6 +32,7 @@ apps: jdkhome: $SNAP/usr/lib/jvm/java-17-openjdk-amd64 # provide means for java gstreamer to find gstreamer libs jreflags: $jreflags '-Djava.io.tmpdir=$HOME/tmp' '-Djna.library.path=$SNAP/usr/lib/x86_64-linux-gnu:$SNAP/usr/local/lib' + LD_LIBRARY_PATH: $SNAP/usr/local/lib:$LD_LIBRARY_PATH #LD_LIBRARY_PATH: ${SNAP}/usr/local/lib:${SNAP}/usr/lib/x86_64-linux-gnu/gstreamer-1.0:${SNAP}/usr/lib/x86_64-linux-gnu:${SNAP}/lib/x86_64-linux-gnu:${SNAP}/usr/lib/x86_64-linux-gnu/glib-2.0:${LD_LIBRARY_PATH} # make sure path is set up to ensure things like photorec are found PATH: $SNAP/usr/bin:$SNAP/usr/local/bin:$PATH @@ -40,9 +41,9 @@ apps: GST_PLUGIN_SCANNER: $SNAP/usr/lib/x86_64-linux-gnu/gstreamer1.0/gstreamer-1.0/gst-plugin-scanner SOLR_LOGS_DIR: $HOME/.autopsy/dev/solr/logs SOLR_PID_DIR: $HOME/.autopsy/dev/solr/logs - command-chain: - - autopsy/bin/tmpsetup.sh - command: autopsy/bin/autopsy + # command-chain: + # - autopsy/bin/tmpsetup.sh + command: autopsy/bin/autopsywrapper.sh # More info here: https://snapcraft.io/docs/gnome-extension extensions: [ gnome ] common-id: org.sleuthkit.autopsy @@ -76,7 +77,7 @@ apps: - raw-usb - removable-media - sd-control - # - system-files-autopsy + - system-files-autopsy - system-observe - system-trace - udisks2 @@ -192,9 +193,14 @@ parts: # snaps run applications with different permissions. This ensures applications can run. chmod 755 "$AUTOPSY_LOCATION/bin/autopsy" - echo '#!/bin/bash' > $AUTOPSY_LOCATION/bin/tmpsetup.sh - echo 'mkdir -p $HOME/tmp' >> $AUTOPSY_LOCATION/bin/tmpsetup.sh - chmod 755 $AUTOPSY_LOCATION/bin/tmpsetup.sh + cat < $AUTOPSY_LOCATION/bin/autopsywrapper.sh + #!/bin/bash + mkdir -p \$HOME/tmp + echo Starting Autopsy... + \$SNAP/autopsy/bin/autopsy 2>&1 | tee \$HOME/logging.txt + EOF + + chmod 755 $AUTOPSY_LOCATION/bin/autopsywrapper.sh # include this line to print all set variables # sed -i '129 i set -o posix ; echo $(set) >&2 ; ls -l "${jdkhome}/bin/java"' "$AUTOPSY_LOCATION/platform/lib/nbexec" From 192e23e754607632eba1da3a3e3a64b7c56a71d7 Mon Sep 17 00:00:00 2001 From: Greg DiCristofaro Date: Sun, 16 Jul 2023 12:08:03 -0400 Subject: [PATCH 14/37] fixes --- snap/snapcraft.yaml | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/snap/snapcraft.yaml b/snap/snapcraft.yaml index 9b3d55261e..a13973173d 100644 --- a/snap/snapcraft.yaml +++ b/snap/snapcraft.yaml @@ -32,8 +32,8 @@ apps: jdkhome: $SNAP/usr/lib/jvm/java-17-openjdk-amd64 # provide means for java gstreamer to find gstreamer libs jreflags: $jreflags '-Djava.io.tmpdir=$HOME/tmp' '-Djna.library.path=$SNAP/usr/lib/x86_64-linux-gnu:$SNAP/usr/local/lib' + # to load libtsk.so LD_LIBRARY_PATH: $SNAP/usr/local/lib:$LD_LIBRARY_PATH - #LD_LIBRARY_PATH: ${SNAP}/usr/local/lib:${SNAP}/usr/lib/x86_64-linux-gnu/gstreamer-1.0:${SNAP}/usr/lib/x86_64-linux-gnu:${SNAP}/lib/x86_64-linux-gnu:${SNAP}/usr/lib/x86_64-linux-gnu/glib-2.0:${LD_LIBRARY_PATH} # make sure path is set up to ensure things like photorec are found PATH: $SNAP/usr/bin:$SNAP/usr/local/bin:$PATH # gstreamer scans for plugins (i.e. app integration plugins). this tells gstreamer where to look for the scanner and libraries @@ -41,8 +41,6 @@ apps: GST_PLUGIN_SCANNER: $SNAP/usr/lib/x86_64-linux-gnu/gstreamer1.0/gstreamer-1.0/gst-plugin-scanner SOLR_LOGS_DIR: $HOME/.autopsy/dev/solr/logs SOLR_PID_DIR: $HOME/.autopsy/dev/solr/logs - # command-chain: - # - autopsy/bin/tmpsetup.sh command: autopsy/bin/autopsywrapper.sh # More info here: https://snapcraft.io/docs/gnome-extension extensions: [ gnome ] @@ -93,6 +91,7 @@ parts: source-branch: develop #source-tag: sleuthkit-4.12.0 build-environment: [JAVA_HOME: /usr/lib/jvm/java-17-openjdk-amd64] + # may be necessary for classic snaps: https://snapcraft.io/docs/linters-classic#heading--issues-auto # build-attributes: # - enable-patchelf build-packages: @@ -121,6 +120,7 @@ parts: - libvmdk-dev autopsy: after: [sleuthkit] + # may be necessary for classic snaps: https://snapcraft.io/docs/linters-classic#heading--issues-auto # build-attributes: # - enable-patchelf build-packages: @@ -193,11 +193,12 @@ parts: # snaps run applications with different permissions. This ensures applications can run. chmod 755 "$AUTOPSY_LOCATION/bin/autopsy" + # wrapper to setup temp dir if not exists; also could be easily modified for debugging purposes with snap try: https://snapcraft.io/docs/snap-try cat < $AUTOPSY_LOCATION/bin/autopsywrapper.sh #!/bin/bash mkdir -p \$HOME/tmp echo Starting Autopsy... - \$SNAP/autopsy/bin/autopsy 2>&1 | tee \$HOME/logging.txt + \$SNAP/autopsy/bin/autopsy EOF chmod 755 $AUTOPSY_LOCATION/bin/autopsywrapper.sh From bec81df7312356b712ee7696c1f195c5c28bb7ae Mon Sep 17 00:00:00 2001 From: Greg DiCristofaro Date: Sun, 16 Jul 2023 15:17:08 -0400 Subject: [PATCH 15/37] fixes --- snap/snapcraft.yaml | 22 ++++++++++++++++++++-- 1 file changed, 20 insertions(+), 2 deletions(-) diff --git a/snap/snapcraft.yaml b/snap/snapcraft.yaml index a13973173d..401a07ad34 100644 --- a/snap/snapcraft.yaml +++ b/snap/snapcraft.yaml @@ -7,7 +7,7 @@ source-code: https://github.com/sleuthkit/autopsy/ website: https://www.autopsy.com/ license: Apache-2.0 grade: stable # must be 'stable' to release into candidate/stable channels -confinement: strict # or classic # use 'strict' once you have the right plugs and slots +confinement: devmode # or classic # use 'strict' once you have the right plugs and slots architectures: [amd64] compression: lzo icon: snap/gui/autopsy.png @@ -17,8 +17,16 @@ plugs: interface: system-files read: [/dev] + +layout: + # java appears to find the real home and write some stuff there + $SNAP_REAL_HOME/.icesoft: + bind: $SNAP_DATA/.icesoft + $SNAP_REAL_HOME/.java: + bind: $SNAP_DATA/.java + $SNAP_REAL_HOME/.openjfx: + bind: $SNAP_DATA/.openjfx # does not appear necessary as writing to home directory gets written to $SNAP_USER_DATA: https://snapcraft.io/docs/environment-variables -# layout: # /$SNAP_USER_DATA/tmp: # bind: $SNAP_DATA/tmp # /$SNAP_USER_DATA/.autopsy: @@ -26,6 +34,7 @@ plugs: # /$SNAP_USER_DATA/.cache/autopsy: # bind: $SNAP_DATA/cache + apps: autopsy: environment: @@ -47,6 +56,7 @@ apps: common-id: org.sleuthkit.autopsy plugs: # taken from https://snapcraft.io/docs/supported-interfaces + # can be debugged with snappy debug: https://snapcraft.io/docs/debug-snaps#heading--snappy-debug - audio-playback - avahi-observe - block-devices @@ -62,14 +72,22 @@ apps: - home - kernel-crypto-api - log-observe + # may be necessary for solr + - modem-manager + - mount-control - mount-observe - network + # may be necessary for solr + - network-bind + - network-control - network-manager - network-observe - network-setup-observe - network-status - opengl - optical-drive + # may be necessary for solr + - ppp - pulseaudio - raw-input - raw-usb From a5fbcb481318550a88cf7976b1aff6552feeaa2d Mon Sep 17 00:00:00 2001 From: Greg DiCristofaro Date: Sun, 16 Jul 2023 15:17:19 -0400 Subject: [PATCH 16/37] fixes --- snap/snapcraft.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/snap/snapcraft.yaml b/snap/snapcraft.yaml index 401a07ad34..9c8faf4071 100644 --- a/snap/snapcraft.yaml +++ b/snap/snapcraft.yaml @@ -7,7 +7,7 @@ source-code: https://github.com/sleuthkit/autopsy/ website: https://www.autopsy.com/ license: Apache-2.0 grade: stable # must be 'stable' to release into candidate/stable channels -confinement: devmode # or classic # use 'strict' once you have the right plugs and slots +confinement: strict # or classic # use 'strict' once you have the right plugs and slots architectures: [amd64] compression: lzo icon: snap/gui/autopsy.png From 0501133f7d9aa5822445f8042e0c46d6cc50f69d Mon Sep 17 00:00:00 2001 From: Greg DiCristofaro Date: Sun, 16 Jul 2023 18:57:41 -0400 Subject: [PATCH 17/37] jfx fix --- snap/snapcraft.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/snap/snapcraft.yaml b/snap/snapcraft.yaml index 9c8faf4071..f86770d7b1 100644 --- a/snap/snapcraft.yaml +++ b/snap/snapcraft.yaml @@ -39,8 +39,9 @@ apps: autopsy: environment: jdkhome: $SNAP/usr/lib/jvm/java-17-openjdk-amd64 - # provide means for java gstreamer to find gstreamer libs - jreflags: $jreflags '-Djava.io.tmpdir=$HOME/tmp' '-Djna.library.path=$SNAP/usr/lib/x86_64-linux-gnu:$SNAP/usr/local/lib' + # provide means for java gstreamer to find gstreamer libs with jna.library.path + # set user home to new home value to avoid issues writing cache files to hom + jreflags: $jreflags '-Duser.home=$HOME' '-Djava.io.tmpdir=$HOME/tmp' '-Djna.library.path=$SNAP/usr/lib/x86_64-linux-gnu:$SNAP/usr/local/lib' # to load libtsk.so LD_LIBRARY_PATH: $SNAP/usr/local/lib:$LD_LIBRARY_PATH # make sure path is set up to ensure things like photorec are found From 36b6c20ef3022f4b39739ac4d21e5ecf0f482615 Mon Sep 17 00:00:00 2001 From: Greg DiCristofaro Date: Mon, 17 Jul 2023 10:47:44 -0400 Subject: [PATCH 18/37] some updates for solr --- snap/snapcraft.yaml | 22 +++++++++++++--------- 1 file changed, 13 insertions(+), 9 deletions(-) diff --git a/snap/snapcraft.yaml b/snap/snapcraft.yaml index f86770d7b1..bd81cd8227 100644 --- a/snap/snapcraft.yaml +++ b/snap/snapcraft.yaml @@ -18,15 +18,14 @@ plugs: read: [/dev] -layout: - # java appears to find the real home and write some stuff there - $SNAP_REAL_HOME/.icesoft: - bind: $SNAP_DATA/.icesoft - $SNAP_REAL_HOME/.java: - bind: $SNAP_DATA/.java - $SNAP_REAL_HOME/.openjfx: - bind: $SNAP_DATA/.openjfx # does not appear necessary as writing to home directory gets written to $SNAP_USER_DATA: https://snapcraft.io/docs/environment-variables +#layout: + # $SNAP_REAL_HOME/.icesoft: + # bind: $SNAP_DATA/.icesoft + # $SNAP_REAL_HOME/.java: + # bind: $SNAP_DATA/.java + # $SNAP_REAL_HOME/.openjfx: + # bind: $SNAP_DATA/.openjfx # /$SNAP_USER_DATA/tmp: # bind: $SNAP_DATA/tmp # /$SNAP_USER_DATA/.autopsy: @@ -39,6 +38,7 @@ apps: autopsy: environment: jdkhome: $SNAP/usr/lib/jvm/java-17-openjdk-amd64 + SOLR_JAVA_HOME: $SNAP/usr/lib/jvm/java-17-openjdk-amd64 # provide means for java gstreamer to find gstreamer libs with jna.library.path # set user home to new home value to avoid issues writing cache files to hom jreflags: $jreflags '-Duser.home=$HOME' '-Djava.io.tmpdir=$HOME/tmp' '-Djna.library.path=$SNAP/usr/lib/x86_64-linux-gnu:$SNAP/usr/local/lib' @@ -51,6 +51,7 @@ apps: GST_PLUGIN_SCANNER: $SNAP/usr/lib/x86_64-linux-gnu/gstreamer1.0/gstreamer-1.0/gst-plugin-scanner SOLR_LOGS_DIR: $HOME/.autopsy/dev/solr/logs SOLR_PID_DIR: $HOME/.autopsy/dev/solr/logs + SOLR_DATA_HOME: $HOME/solr command: autopsy/bin/autopsywrapper.sh # More info here: https://snapcraft.io/docs/gnome-extension extensions: [ gnome ] @@ -74,14 +75,15 @@ apps: - kernel-crypto-api - log-observe # may be necessary for solr + - microstack-support - modem-manager - mount-control - mount-observe - network - # may be necessary for solr - network-bind - network-control - network-manager + - network-manager-observe - network-observe - network-setup-observe - network-status @@ -177,6 +179,8 @@ parts: - openjdk-17-jre - openjdk-17-jdk - perl + # possibly needed by solr + - lsof plugin: nil # source: https://github.com/sleuthkit/autopsy.git source: https://github.com/gdicristofaro/autopsy.git From cd2c4907146916e7a70c555d578bd43a61da5390 Mon Sep 17 00:00:00 2001 From: Greg DiCristofaro Date: Fri, 28 Jul 2023 08:15:57 -0400 Subject: [PATCH 19/37] update interface --- snap/snapcraft.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/snap/snapcraft.yaml b/snap/snapcraft.yaml index bd81cd8227..7e89e2e3ca 100644 --- a/snap/snapcraft.yaml +++ b/snap/snapcraft.yaml @@ -72,6 +72,7 @@ apps: - fuse-support - hardware-observe - home + - hugepages-control - kernel-crypto-api - log-observe # may be necessary for solr From 8d993fcc9458f2fa97c9618eca27d6d3c237988c Mon Sep 17 00:00:00 2001 From: Greg DiCristofaro Date: Mon, 31 Jul 2023 12:06:16 -0400 Subject: [PATCH 20/37] changes for snap confinement sidestepping --- snap/snapcraft.yaml | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/snap/snapcraft.yaml b/snap/snapcraft.yaml index 7e89e2e3ca..83d1fa7964 100644 --- a/snap/snapcraft.yaml +++ b/snap/snapcraft.yaml @@ -180,8 +180,8 @@ parts: - openjdk-17-jre - openjdk-17-jdk - perl - # possibly needed by solr - - lsof + # needed by solr to determine locally running ports + - iproute2 plugin: nil # source: https://github.com/sleuthkit/autopsy.git source: https://github.com/gdicristofaro/autopsy.git @@ -217,6 +217,11 @@ parts: # snaps run applications with different permissions. This ensures applications can run. chmod 755 "$AUTOPSY_LOCATION/bin/autopsy" + # some fixes so solr can startup in containment (use ss instead of lsof and don't use large pages) + sed -i 's/lsof -t -PniTCP:\$SOLR_PORT -sTCP:LISTEN/ss -ln | grep $SOLR_PORT/g' $AUTOPSY_LOCATION/autopsy/solr/bin/autopsy-solr + sed -i 's/lsof -v 2>&1 | grep -q revision/ss --version/g' /home/autopsy/autopsy_snap/squashfs-root/autopsy/autopsy/solr/bin/autopsy-solr + sed -i '/^.*'-XX:\+UseLargePages'.*$/d' $AUTOPSY_LOCATION/autopsy/solr/bin/autopsy-solr + # wrapper to setup temp dir if not exists; also could be easily modified for debugging purposes with snap try: https://snapcraft.io/docs/snap-try cat < $AUTOPSY_LOCATION/bin/autopsywrapper.sh #!/bin/bash From 4e9b3b7743f52abe1e46c80def7768cc7ed27809 Mon Sep 17 00:00:00 2001 From: Greg DiCristofaro Date: Mon, 31 Jul 2023 12:32:46 -0400 Subject: [PATCH 21/37] fix for path --- snap/snapcraft.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/snap/snapcraft.yaml b/snap/snapcraft.yaml index 83d1fa7964..8602edd3b1 100644 --- a/snap/snapcraft.yaml +++ b/snap/snapcraft.yaml @@ -219,7 +219,7 @@ parts: # some fixes so solr can startup in containment (use ss instead of lsof and don't use large pages) sed -i 's/lsof -t -PniTCP:\$SOLR_PORT -sTCP:LISTEN/ss -ln | grep $SOLR_PORT/g' $AUTOPSY_LOCATION/autopsy/solr/bin/autopsy-solr - sed -i 's/lsof -v 2>&1 | grep -q revision/ss --version/g' /home/autopsy/autopsy_snap/squashfs-root/autopsy/autopsy/solr/bin/autopsy-solr + sed -i 's/lsof -v 2>&1 | grep -q revision/ss --version/g' $AUTOPSY_LOCATION/autopsy/solr/bin/autopsy-solr sed -i '/^.*'-XX:\+UseLargePages'.*$/d' $AUTOPSY_LOCATION/autopsy/solr/bin/autopsy-solr # wrapper to setup temp dir if not exists; also could be easily modified for debugging purposes with snap try: https://snapcraft.io/docs/snap-try From d89355f6264c7d4dc29a5076bb949f60ccbf372e Mon Sep 17 00:00:00 2001 From: Greg DiCristofaro Date: Mon, 31 Jul 2023 15:13:58 -0400 Subject: [PATCH 22/37] updates --- snap/snapcraft.yaml | 55 ++++++++++++++++++++++++--------------------- 1 file changed, 29 insertions(+), 26 deletions(-) diff --git a/snap/snapcraft.yaml b/snap/snapcraft.yaml index 8602edd3b1..f508f5d4ec 100644 --- a/snap/snapcraft.yaml +++ b/snap/snapcraft.yaml @@ -51,7 +51,8 @@ apps: GST_PLUGIN_SCANNER: $SNAP/usr/lib/x86_64-linux-gnu/gstreamer1.0/gstreamer-1.0/gst-plugin-scanner SOLR_LOGS_DIR: $HOME/.autopsy/dev/solr/logs SOLR_PID_DIR: $HOME/.autopsy/dev/solr/logs - SOLR_DATA_HOME: $HOME/solr + # TODO may need to set differently + # SOLR_DATA_HOME: $HOME/solr command: autopsy/bin/autopsywrapper.sh # More info here: https://snapcraft.io/docs/gnome-extension extensions: [ gnome ] @@ -59,52 +60,53 @@ apps: plugs: # taken from https://snapcraft.io/docs/supported-interfaces # can be debugged with snappy debug: https://snapcraft.io/docs/debug-snaps#heading--snappy-debug + #- alsa - audio-playback - - avahi-observe + #- avahi-observe - block-devices - - cifs-mount - - daemon-notify + #- cifs-mount + #- daemon-notify - desktop - desktop-launch - # - desktop-legacy + - desktop-legacy - dm-crypt - - firewall-control + #- firewall-control - fuse-support - hardware-observe - home - hugepages-control - kernel-crypto-api - - log-observe + #- log-observe # may be necessary for solr - - microstack-support - - modem-manager + #- microstack-support + #- modem-manager - mount-control - mount-observe - network - network-bind - - network-control - - network-manager - - network-manager-observe + #- network-control + #- network-manager + #- network-manager-observe - network-observe - network-setup-observe - network-status - opengl - optical-drive # may be necessary for solr - - ppp - - pulseaudio - - raw-input - - raw-usb + #- ppp + #- pulseaudio + #- raw-input + #- raw-usb - removable-media - - sd-control + #- sd-control - system-files-autopsy - system-observe - - system-trace - - udisks2 + #- system-trace + #- udisks2 # - unity7 - - unity8 - - wayland - - x11 + # - unity8 + #- wayland + #- x11 parts: sleuthkit: @@ -181,7 +183,8 @@ parts: - openjdk-17-jdk - perl # needed by solr to determine locally running ports - - iproute2 + - lsof + #- iproute2 plugin: nil # source: https://github.com/sleuthkit/autopsy.git source: https://github.com/gdicristofaro/autopsy.git @@ -218,9 +221,9 @@ parts: chmod 755 "$AUTOPSY_LOCATION/bin/autopsy" # some fixes so solr can startup in containment (use ss instead of lsof and don't use large pages) - sed -i 's/lsof -t -PniTCP:\$SOLR_PORT -sTCP:LISTEN/ss -ln | grep $SOLR_PORT/g' $AUTOPSY_LOCATION/autopsy/solr/bin/autopsy-solr - sed -i 's/lsof -v 2>&1 | grep -q revision/ss --version/g' $AUTOPSY_LOCATION/autopsy/solr/bin/autopsy-solr - sed -i '/^.*'-XX:\+UseLargePages'.*$/d' $AUTOPSY_LOCATION/autopsy/solr/bin/autopsy-solr + # sed -i 's/lsof -t -PniTCP:\$SOLR_PORT -sTCP:LISTEN/ss -ln | grep $SOLR_PORT/g' $AUTOPSY_LOCATION/autopsy/solr/bin/autopsy-solr + # sed -i 's/lsof -v 2>&1 | grep -q revision/ss --version/g' $AUTOPSY_LOCATION/autopsy/solr/bin/autopsy-solr + # sed -i '/^.*'-XX:\+UseLargePages'.*$/d' $AUTOPSY_LOCATION/autopsy/solr/bin/autopsy-solr # wrapper to setup temp dir if not exists; also could be easily modified for debugging purposes with snap try: https://snapcraft.io/docs/snap-try cat < $AUTOPSY_LOCATION/bin/autopsywrapper.sh From c748ee21a243625d91c4fc5704e8270ea97951b8 Mon Sep 17 00:00:00 2001 From: Greg DiCristofaro Date: Mon, 31 Jul 2023 16:58:04 -0400 Subject: [PATCH 23/37] fix for hugepages --- snap/snapcraft.yaml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/snap/snapcraft.yaml b/snap/snapcraft.yaml index f508f5d4ec..b30990fdfc 100644 --- a/snap/snapcraft.yaml +++ b/snap/snapcraft.yaml @@ -16,6 +16,9 @@ plugs: system-files-autopsy: interface: system-files read: [/dev] + system-files-hugepages: + interface: system-files + read: [/sys/kernel/mm/hugepages] # does not appear necessary as writing to home directory gets written to $SNAP_USER_DATA: https://snapcraft.io/docs/environment-variables @@ -40,7 +43,7 @@ apps: jdkhome: $SNAP/usr/lib/jvm/java-17-openjdk-amd64 SOLR_JAVA_HOME: $SNAP/usr/lib/jvm/java-17-openjdk-amd64 # provide means for java gstreamer to find gstreamer libs with jna.library.path - # set user home to new home value to avoid issues writing cache files to hom + # set user home to new home value to avoid issues writing cache files to home jreflags: $jreflags '-Duser.home=$HOME' '-Djava.io.tmpdir=$HOME/tmp' '-Djna.library.path=$SNAP/usr/lib/x86_64-linux-gnu:$SNAP/usr/local/lib' # to load libtsk.so LD_LIBRARY_PATH: $SNAP/usr/local/lib:$LD_LIBRARY_PATH @@ -100,6 +103,7 @@ apps: - removable-media #- sd-control - system-files-autopsy + - system-files-hugepages - system-observe #- system-trace #- udisks2 From cadbed1d46a7ca314dfe0be583472fbfba168584 Mon Sep 17 00:00:00 2001 From: Greg DiCristofaro Date: Tue, 1 Aug 2023 10:39:56 -0400 Subject: [PATCH 24/37] commenting updates --- snap/README.md | 6 +-- snap/snapcraft.yaml | 93 +++++++++++++++++---------------------------- 2 files changed, 37 insertions(+), 62 deletions(-) diff --git a/snap/README.md b/snap/README.md index 537624f3d9..7a846762b6 100644 --- a/snap/README.md +++ b/snap/README.md @@ -1,6 +1,6 @@ ## Installing Snap -An Autopsy [snap package](https://snapcraft.io/) file can be installed by running `sudo snap install autopsy.snap --classic --dangerous`. The `--classic` flag gives the snap package access to necessary system resources (see [confinement](https://snapcraft.io/docs/snap-confinement) for more information) and `--dangerous` needs to be specified because the snap package isn't signed (see [install modes](https://snapcraft.io/docs/install-modes#heading--dangerous) for more information). +An Autopsy [snap package](https://snapcraft.io/) file can be installed by running `sudo snap install autopsy.snap --classic --dangerous`. The `--dangerous` needs to be specified because the snap package isn't signed (see [install modes](https://snapcraft.io/docs/install-modes#heading--dangerous) for more information). Super-priveleged may need to be manually connected or the app can be installed with `--devmode`. ## Generating The Snap Package @@ -10,6 +10,4 @@ A [snap package](https://snapcraft.io/) of Autopsy can be generated using the [` The version of Autopsy in the [`snapcraft.yml`](./snapcraft.yaml) can be updated by calling [`version_update.py`](./version_update/version_update.py) with a command like `python version_update.py -s sleuthkit_release_tag -a autopsy_release_tag -v snapcraft_version_name`. You will likely need to install the python dependencies in the [requirements.txt](./version_update/requirements.txt) with a command like: `pip install -r requirements.txt`. -The version of Autopsy can be updated manually by modifying fields relating to git repositories and commits in [`snapcraft.yml`](./snapcraft.yaml) under `parts.autopsy` and `parts.sleuthkit`. Specifically `source`, `source-branch`, and `source-tag`. More information can be found [here](https://snapcraft.io/docs/snapcraft-yaml-reference). - -*There is more information in Jira 8425.* +The version of Autopsy can be updated manually by modifying fields relating to git repositories and commits in [`snapcraft.yml`](./snapcraft.yaml) under `parts.autopsy` and `parts.sleuthkit`. Specifically `source`, `source-branch`, and `source-tag`. More information can be found [here](https://snapcraft.io/docs/snapcraft-yaml-reference). \ No newline at end of file diff --git a/snap/snapcraft.yaml b/snap/snapcraft.yaml index b30990fdfc..d26594e939 100644 --- a/snap/snapcraft.yaml +++ b/snap/snapcraft.yaml @@ -1,4 +1,28 @@ +# OVERVIEW: +# Snap packages are an application and everything needed for that application bundled into a package: https://snapcraft.io/docs/snapcraft +# Snapd can be installed on the following systems: https://snapcraft.io/docs/installing-snapd +# Snap packages can be released to the store: https://snapcraft.io/docs/releasing-to-the-snap-store +# Classic confinement apps and Strict confinement apps using super-priveleged interfaces (https://snapcraft.io/docs/super-privileged-interfaces) will require special approval. +# +# DEVELOPMENT / DEBUG: +# snappy debug can be used to identify apparmor/confinement violations: https://snapcraft.io/docs/debug-snaps#heading--snappy-debug +# building snaps with lxd/multipass requires hardware assisted virtualization: https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.vm_admin.doc/GUID-2A98801C-68E8-47AF-99ED-00C63E4857F6.html, https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.vm_admin.doc/GUID-F920A3C7-3B42-4E78-8EA7-961E49AF479D.html +# build provider information can be found here: https://snapcraft.io/docs/build-providers, https://snapcraft.io/docs/build-options +# A command like the following will run snapcraft in the background to build a snap package and write output to log `nohup snapcraft --use-lxd --debug > ./output.log 2>&1 < /dev/null &``. This must be run from the directory above `snap` +# Information on debugging snaps can be found here (in particular `snap try` can mount a filesystem as a snap ): https://snapcraft.io/docs/debug-snaps, https://snapcraft.io/docs/snap-try +# +# INSTALLATION: +# Some options for installation can be found here: https://snapcraft.io/docs/install-modes +# Snap uses assertions to digitally sign snaps (https://snapcraft.io/docs/assertions). Otherwise, snaps need to be installed with the `--dangerous` flag +# it would be best to install autopsy with `sudo snap install --dangerous autopsy` and then connect all super-priveleged interfaces or `sudo snap install --dangerous --devmode autopsy`` + + + +# yaml reference here: https://snapcraft.io/docs/snapcraft-yaml-reference +# sample yaml files here: https://github.com/videolan/vlc/blob/master/extras/package/snap/snapcraft.yaml, https://github.com/canonical/firefox-snap/blob/stable/snapcraft.yaml name: autopsy +# more on base snaps here: https://snapcraft.io/docs/base-snaps +# core is based on corresponding ubuntu version. ubuntu version information can be found here: https://wiki.ubuntu.com/Releases base: core22 version: 4.20.0 summary: A graphical interface to The Sleuth Kit and other digital forensics tools. # 79 char long summary @@ -7,8 +31,11 @@ source-code: https://github.com/sleuthkit/autopsy/ website: https://www.autopsy.com/ license: Apache-2.0 grade: stable # must be 'stable' to release into candidate/stable channels -confinement: strict # or classic # use 'strict' once you have the right plugs and slots +# Options include 'strict' and 'classic'. 'Strict' is greatly preferred to 'classic'. More information here: https://snapcraft.io/docs/snap-confinement +# classic confinement does not chroot so elf records need to be patched to point to relative paths: https://snapcraft.io/blog/the-new-classic-confinement-in-snaps-even-the-classics-need-a-change, https://snapcraft.io/docs/linters-classic#heading--issues-auto, https://docs.oracle.com/cd/E19683-01/816-1386/chapter3-33/index.html, https://nehckl0.medium.com/creating-relocatable-linux-executables-by-setting-rpath-with-origin-45de573a2e98 +confinement: strict architectures: [amd64] +# information on lzo here: https://snapcraft.io/blog/why-lzo-was-chosen-as-the-new-compression-method compression: lzo icon: snap/gui/autopsy.png @@ -20,25 +47,9 @@ plugs: interface: system-files read: [/sys/kernel/mm/hugepages] - -# does not appear necessary as writing to home directory gets written to $SNAP_USER_DATA: https://snapcraft.io/docs/environment-variables -#layout: - # $SNAP_REAL_HOME/.icesoft: - # bind: $SNAP_DATA/.icesoft - # $SNAP_REAL_HOME/.java: - # bind: $SNAP_DATA/.java - # $SNAP_REAL_HOME/.openjfx: - # bind: $SNAP_DATA/.openjfx -# /$SNAP_USER_DATA/tmp: -# bind: $SNAP_DATA/tmp -# /$SNAP_USER_DATA/.autopsy: -# bind: $SNAP_DATA/appdata -# /$SNAP_USER_DATA/.cache/autopsy: -# bind: $SNAP_DATA/cache - - apps: autopsy: + # more on env vars here: https://snapcraft.io/docs/environment-variables environment: jdkhome: $SNAP/usr/lib/jvm/java-17-openjdk-amd64 SOLR_JAVA_HOME: $SNAP/usr/lib/jvm/java-17-openjdk-amd64 @@ -50,78 +61,51 @@ apps: # make sure path is set up to ensure things like photorec are found PATH: $SNAP/usr/bin:$SNAP/usr/local/bin:$PATH # gstreamer scans for plugins (i.e. app integration plugins). this tells gstreamer where to look for the scanner and libraries + # more information here: https://forum.snapcraft.io/t/trouble-with-ros-and-gstreamer/5518/6 GST_PLUGIN_SYSTEM_PATH: $SNAP/usr/lib/x86_64-linux-gnu/gstreamer-1.0 GST_PLUGIN_SCANNER: $SNAP/usr/lib/x86_64-linux-gnu/gstreamer1.0/gstreamer-1.0/gst-plugin-scanner SOLR_LOGS_DIR: $HOME/.autopsy/dev/solr/logs SOLR_PID_DIR: $HOME/.autopsy/dev/solr/logs - # TODO may need to set differently - # SOLR_DATA_HOME: $HOME/solr command: autopsy/bin/autopsywrapper.sh - # More info here: https://snapcraft.io/docs/gnome-extension + # More gnome info here: https://snapcraft.io/docs/gnome-extension extensions: [ gnome ] common-id: org.sleuthkit.autopsy plugs: # taken from https://snapcraft.io/docs/supported-interfaces - # can be debugged with snappy debug: https://snapcraft.io/docs/debug-snaps#heading--snappy-debug - #- alsa - audio-playback - #- avahi-observe - block-devices - #- cifs-mount - #- daemon-notify - desktop - desktop-launch - desktop-legacy - dm-crypt - #- firewall-control - fuse-support - hardware-observe - home - hugepages-control - kernel-crypto-api - #- log-observe - # may be necessary for solr - #- microstack-support - #- modem-manager - mount-control - mount-observe - network - network-bind - #- network-control - #- network-manager - #- network-manager-observe - network-observe - network-setup-observe - network-status - opengl - optical-drive - # may be necessary for solr - #- ppp - #- pulseaudio - #- raw-input - #- raw-usb - removable-media - #- sd-control - system-files-autopsy - system-files-hugepages - system-observe - #- system-trace - #- udisks2 - # - unity7 - # - unity8 - #- wayland - #- x11 parts: sleuthkit: + # more information on plugins here: https://snapcraft.io/docs/supported-plugins plugin: autotools source: https://github.com/sleuthkit/sleuthkit.git source-branch: develop #source-tag: sleuthkit-4.12.0 build-environment: [JAVA_HOME: /usr/lib/jvm/java-17-openjdk-amd64] - # may be necessary for classic snaps: https://snapcraft.io/docs/linters-classic#heading--issues-auto - # build-attributes: - # - enable-patchelf + # information on packages here: https://snapcraft.io/docs/package-repositories build-packages: - build-essential - autoconf @@ -148,9 +132,7 @@ parts: - libvmdk-dev autopsy: after: [sleuthkit] - # may be necessary for classic snaps: https://snapcraft.io/docs/linters-classic#heading--issues-auto - # build-attributes: - # - enable-patchelf + # information on packages here: https://snapcraft.io/docs/package-repositories build-packages: - zip - unzip @@ -188,7 +170,6 @@ parts: - perl # needed by solr to determine locally running ports - lsof - #- iproute2 plugin: nil # source: https://github.com/sleuthkit/autopsy.git source: https://github.com/gdicristofaro/autopsy.git @@ -197,6 +178,7 @@ parts: build-environment: - JAVA_HOME: /usr/lib/jvm/java-17-openjdk-amd64 - TSK_JAVA_LIB_PATH: $SNAPCRAFT_STAGE/usr/local/share/java + # information on parts environment variables here: https://snapcraft.io/docs/parts-environment-variables override-build: | # ----- BUILD ZIP ----- AUTOPSY_SRC_PATH=$(pwd) @@ -224,11 +206,6 @@ parts: # snaps run applications with different permissions. This ensures applications can run. chmod 755 "$AUTOPSY_LOCATION/bin/autopsy" - # some fixes so solr can startup in containment (use ss instead of lsof and don't use large pages) - # sed -i 's/lsof -t -PniTCP:\$SOLR_PORT -sTCP:LISTEN/ss -ln | grep $SOLR_PORT/g' $AUTOPSY_LOCATION/autopsy/solr/bin/autopsy-solr - # sed -i 's/lsof -v 2>&1 | grep -q revision/ss --version/g' $AUTOPSY_LOCATION/autopsy/solr/bin/autopsy-solr - # sed -i '/^.*'-XX:\+UseLargePages'.*$/d' $AUTOPSY_LOCATION/autopsy/solr/bin/autopsy-solr - # wrapper to setup temp dir if not exists; also could be easily modified for debugging purposes with snap try: https://snapcraft.io/docs/snap-try cat < $AUTOPSY_LOCATION/bin/autopsywrapper.sh #!/bin/bash From e0885e062261e20b66268b0d22ece876023523d5 Mon Sep 17 00:00:00 2001 From: Greg DiCristofaro Date: Tue, 1 Aug 2023 14:39:46 -0400 Subject: [PATCH 25/37] updates from thunderbird snap --- snap/snapcraft.yaml | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/snap/snapcraft.yaml b/snap/snapcraft.yaml index d26594e939..d08295048f 100644 --- a/snap/snapcraft.yaml +++ b/snap/snapcraft.yaml @@ -46,6 +46,9 @@ plugs: system-files-hugepages: interface: system-files read: [/sys/kernel/mm/hugepages] + browser-sandbox: + interface: browser-support + allow-sandbox: true apps: autopsy: @@ -66,6 +69,9 @@ apps: GST_PLUGIN_SCANNER: $SNAP/usr/lib/x86_64-linux-gnu/gstreamer1.0/gstreamer-1.0/gst-plugin-scanner SOLR_LOGS_DIR: $HOME/.autopsy/dev/solr/logs SOLR_PID_DIR: $HOME/.autopsy/dev/solr/logs + # taken from thunderbird snap: https://github.com/ubuntu/thunderbird/blob/stable/snapcraft.yaml + DISABLE_WAYLAND: 1 + GTK_USE_PORTAL: 1 command: autopsy/bin/autopsywrapper.sh # More gnome info here: https://snapcraft.io/docs/gnome-extension extensions: [ gnome ] @@ -74,11 +80,13 @@ apps: # taken from https://snapcraft.io/docs/supported-interfaces - audio-playback - block-devices + - browser-sandbox - desktop - desktop-launch - desktop-legacy - dm-crypt - fuse-support + - gsettings - hardware-observe - home - hugepages-control @@ -218,3 +226,16 @@ parts: # include this line to print all set variables # sed -i '129 i set -o posix ; echo $(set) >&2 ; ls -l "${jdkhome}/bin/java"' "$AUTOPSY_LOCATION/platform/lib/nbexec" + # taken from https://github.com/ubuntu/thunderbird/blob/stable/snapcraft.yaml + # Find files provided by the base and platform snap and ensure they aren't + # duplicated in this snap + cleanup: + after: [autopsy] + plugin: nil + # NOTE: this will likely change as gnome extension has new revisions + build-snaps: [core22, gnome-42-2204] + override-prime: | + set -eux + for snap in "core22" "gnome-42-2204"; do + cd "/snap/$snap/current" && find . -type f,l -exec rm -f "$CRAFT_PRIME/{}" \; + done \ No newline at end of file From c3a3f7ddbc21c94659b47b724509a466d56d7681 Mon Sep 17 00:00:00 2001 From: Greg DiCristofaro Date: Tue, 1 Aug 2023 19:59:09 -0400 Subject: [PATCH 26/37] adjustments --- snap/snapcraft.yaml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/snap/snapcraft.yaml b/snap/snapcraft.yaml index d08295048f..f921387d14 100644 --- a/snap/snapcraft.yaml +++ b/snap/snapcraft.yaml @@ -91,7 +91,6 @@ apps: - home - hugepages-control - kernel-crypto-api - - mount-control - mount-observe - network - network-bind @@ -238,4 +237,7 @@ parts: set -eux for snap in "core22" "gnome-42-2204"; do cd "/snap/$snap/current" && find . -type f,l -exec rm -f "$CRAFT_PRIME/{}" \; - done \ No newline at end of file + done + + # taken from https://github.com/ubuntu/libreoffice/blob/7.3/snapcraft.yaml + rm -rf $SNAPCRAFT_PRIME/usr/lib/*/lib{gtk,gdk,cairo,pango,wayland}* \ No newline at end of file From c83ac1b5873b3bb1eeec18379aab4c7a112986d9 Mon Sep 17 00:00:00 2001 From: Greg DiCristofaro Date: Tue, 1 Aug 2023 20:31:03 -0400 Subject: [PATCH 27/37] new attempt for purging unnecessary libs --- snap/snapcraft.yaml | 213 ++++++++++++++++++++++++++------------------ 1 file changed, 124 insertions(+), 89 deletions(-) diff --git a/snap/snapcraft.yaml b/snap/snapcraft.yaml index f921387d14..6baf79aa21 100644 --- a/snap/snapcraft.yaml +++ b/snap/snapcraft.yaml @@ -16,8 +16,6 @@ # Snap uses assertions to digitally sign snaps (https://snapcraft.io/docs/assertions). Otherwise, snaps need to be installed with the `--dangerous` flag # it would be best to install autopsy with `sudo snap install --dangerous autopsy` and then connect all super-priveleged interfaces or `sudo snap install --dangerous --devmode autopsy`` - - # yaml reference here: https://snapcraft.io/docs/snapcraft-yaml-reference # sample yaml files here: https://github.com/videolan/vlc/blob/master/extras/package/snap/snapcraft.yaml, https://github.com/canonical/firefox-snap/blob/stable/snapcraft.yaml name: autopsy @@ -50,6 +48,12 @@ plugs: interface: browser-support allow-sandbox: true +slots: + dbus-daemon: + interface: dbus + bus: session + name: org.sleuthkit.autopsy + apps: autopsy: # more on env vars here: https://snapcraft.io/docs/environment-variables @@ -74,35 +78,37 @@ apps: GTK_USE_PORTAL: 1 command: autopsy/bin/autopsywrapper.sh # More gnome info here: https://snapcraft.io/docs/gnome-extension - extensions: [ gnome ] + extensions: [gnome] common-id: org.sleuthkit.autopsy plugs: # taken from https://snapcraft.io/docs/supported-interfaces - - audio-playback - - block-devices - - browser-sandbox - - desktop - - desktop-launch - - desktop-legacy - - dm-crypt - - fuse-support - - gsettings - - hardware-observe - - home - - hugepages-control - - kernel-crypto-api - - mount-observe - - network - - network-bind - - network-observe - - network-setup-observe - - network-status - - opengl - - optical-drive - - removable-media - - system-files-autopsy - - system-files-hugepages - - system-observe + - audio-playback + - block-devices + - browser-sandbox + - desktop + - desktop-launch + - desktop-legacy + - dm-crypt + - fuse-support + - gsettings + - hardware-observe + - home + - hugepages-control + - kernel-crypto-api + - mount-observe + - network + - network-bind + - network-observe + - network-setup-observe + - network-status + - opengl + - optical-drive + - removable-media + - system-files-autopsy + - system-files-hugepages + - system-observe + slots: + - dbus-daemon parts: sleuthkit: @@ -114,77 +120,91 @@ parts: build-environment: [JAVA_HOME: /usr/lib/jvm/java-17-openjdk-amd64] # information on packages here: https://snapcraft.io/docs/package-repositories build-packages: - - build-essential - - autoconf - - libtool - - automake - - zip - - openjdk-17-jdk - - openjdk-17-jre - - ant - - ant-contrib - - ant-optional - - libpq-dev - - testdisk - - libafflib-dev - - libewf-dev - - libvhdi-dev - - libvmdk-dev + - build-essential + - autoconf + - libtool + - automake + - zip + - openjdk-17-jdk + - openjdk-17-jre + - ant + - ant-contrib + - ant-optional + - libpq-dev + - testdisk + - libafflib-dev + - libewf-dev + - libvhdi-dev + - libvmdk-dev stage-packages: - - libpq-dev - - testdisk - - libafflib-dev - - libewf-dev - - libvhdi-dev - - libvmdk-dev + - libpq-dev + - testdisk + - libafflib-dev + - libewf-dev + - libvhdi-dev + - libvmdk-dev + # taken from https://github.com/ubuntu/libreoffice/blob/7.3/snapcraft.yaml, https://github.com/ubuntu/thunderbird/blob/stable/snapcraft.yaml + prime: + - -usr/lib/*/libgio* + - -usr/lib/*/libglib* + - -usr/lib/*/libgm* + - usr/lib/*/lib* + - -usr/lib/*/libgtk* + - -usr/lib/*/libgdk* + - -usr/lib/*/libcairo* + - -usr/lib/*/libpango* + - -usr/lib/*/libwayland* + - usr/lib/*/mesa/lib* + - usr/share/java/ + - usr/sbin/* autopsy: after: [sleuthkit] # information on packages here: https://snapcraft.io/docs/package-repositories build-packages: - - zip - - unzip - - openjdk-17-jdk - - openjdk-17-jre - - ant - - doxygen + - zip + - unzip + - openjdk-17-jdk + - openjdk-17-jre + - ant + - doxygen stage-packages: - - libde265-dev - - libheif-dev - - libpq-dev - - testdisk - - freeglut3 - - libpsm-infinipath1 - - libpsm-infinipath1-dev - - libglu1-mesa - - libgstreamer1.0-dev - - libgstreamer-plugins-base1.0-dev - - libgstreamer-plugins-bad1.0-dev - - libgstreamer1.0-0 - - gstreamer1.0-plugins-base - - gstreamer1.0-plugins-good - - gstreamer1.0-plugins-bad - - gstreamer1.0-plugins-ugly - - gstreamer1.0-libav - - gstreamer1.0-tools - - gstreamer1.0-x - - gstreamer1.0-alsa - - gstreamer1.0-gl - - gstreamer1.0-gtk3 - - gstreamer1.0-qt5 - - gstreamer1.0-pulseaudio - - openjdk-17-jre - - openjdk-17-jdk - - perl - # needed by solr to determine locally running ports - - lsof + - libde265-dev + - libheif-dev + - libpq-dev + - testdisk + - freeglut3 + - libpsm-infinipath1 + - libpsm-infinipath1-dev + - libglu1-mesa + - libgstreamer1.0-dev + - libgstreamer-plugins-base1.0-dev + - libgstreamer-plugins-bad1.0-dev + - libgstreamer1.0-0 + - gstreamer1.0-plugins-base + - gstreamer1.0-plugins-good + - gstreamer1.0-plugins-bad + - gstreamer1.0-plugins-ugly + - gstreamer1.0-libav + - gstreamer1.0-tools + - gstreamer1.0-x + - gstreamer1.0-alsa + - gstreamer1.0-gl + - gstreamer1.0-gtk3 + - gstreamer1.0-qt5 + - gstreamer1.0-pulseaudio + - openjdk-17-jre + - openjdk-17-jdk + - perl + # needed by solr to determine locally running ports + - lsof plugin: nil # source: https://github.com/sleuthkit/autopsy.git source: https://github.com/gdicristofaro/autopsy.git # source-branch: develop source-branch: 8425-snap build-environment: - - JAVA_HOME: /usr/lib/jvm/java-17-openjdk-amd64 - - TSK_JAVA_LIB_PATH: $SNAPCRAFT_STAGE/usr/local/share/java + - JAVA_HOME: /usr/lib/jvm/java-17-openjdk-amd64 + - TSK_JAVA_LIB_PATH: $SNAPCRAFT_STAGE/usr/local/share/java # information on parts environment variables here: https://snapcraft.io/docs/parts-environment-variables override-build: | # ----- BUILD ZIP ----- @@ -225,6 +245,21 @@ parts: # include this line to print all set variables # sed -i '129 i set -o posix ; echo $(set) >&2 ; ls -l "${jdkhome}/bin/java"' "$AUTOPSY_LOCATION/platform/lib/nbexec" + # taken from https://github.com/ubuntu/libreoffice/blob/7.3/snapcraft.yaml, https://github.com/ubuntu/thunderbird/blob/stable/snapcraft.yaml + prime: + - -usr/lib/*/libgio* + - -usr/lib/*/libglib* + - -usr/lib/*/libgm* + - usr/lib/*/lib* + - -usr/lib/*/libgtk* + - -usr/lib/*/libgdk* + - -usr/lib/*/libcairo* + - -usr/lib/*/libpango* + - -usr/lib/*/libwayland* + - usr/lib/*/mesa/lib* + - usr/share/java/ + - usr/sbin/* + # taken from https://github.com/ubuntu/thunderbird/blob/stable/snapcraft.yaml # Find files provided by the base and platform snap and ensure they aren't # duplicated in this snap @@ -236,8 +271,8 @@ parts: override-prime: | set -eux for snap in "core22" "gnome-42-2204"; do - cd "/snap/$snap/current" && find . -type f,l -exec rm -f "$CRAFT_PRIME/{}" \; + cd "/snap/$snap/current" && find . -type f,l -exec rm -f "$SNAPCRAFT_PRIME/{}" \; done # taken from https://github.com/ubuntu/libreoffice/blob/7.3/snapcraft.yaml - rm -rf $SNAPCRAFT_PRIME/usr/lib/*/lib{gtk,gdk,cairo,pango,wayland}* \ No newline at end of file + rm -rf $SNAPCRAFT_PRIME/usr/lib/*/lib{gtk,gdk,cairo,pango,wayland}* From be983e16cd45a97098386f406247a8c2e2f9c182 Mon Sep 17 00:00:00 2001 From: Greg DiCristofaro Date: Wed, 2 Aug 2023 07:53:23 -0400 Subject: [PATCH 28/37] updates to snap package --- snap/snapcraft.yaml | 94 +++++++++++++++++++++++++++++---------------- 1 file changed, 60 insertions(+), 34 deletions(-) diff --git a/snap/snapcraft.yaml b/snap/snapcraft.yaml index 6baf79aa21..90cd4a23da 100644 --- a/snap/snapcraft.yaml +++ b/snap/snapcraft.yaml @@ -44,11 +44,15 @@ plugs: system-files-hugepages: interface: system-files read: [/sys/kernel/mm/hugepages] + # TODO may not be necessary but may provide ability for online/offline help browser-sandbox: interface: browser-support allow-sandbox: true + slots: + # TODO may not be necessary + # taken from thunderbird snap: https://github.com/ubuntu/thunderbird/blob/stable/snapcraft.yaml dbus-daemon: interface: dbus bus: session @@ -143,20 +147,6 @@ parts: - libewf-dev - libvhdi-dev - libvmdk-dev - # taken from https://github.com/ubuntu/libreoffice/blob/7.3/snapcraft.yaml, https://github.com/ubuntu/thunderbird/blob/stable/snapcraft.yaml - prime: - - -usr/lib/*/libgio* - - -usr/lib/*/libglib* - - -usr/lib/*/libgm* - - usr/lib/*/lib* - - -usr/lib/*/libgtk* - - -usr/lib/*/libgdk* - - -usr/lib/*/libcairo* - - -usr/lib/*/libpango* - - -usr/lib/*/libwayland* - - usr/lib/*/mesa/lib* - - usr/share/java/ - - usr/sbin/* autopsy: after: [sleuthkit] # information on packages here: https://snapcraft.io/docs/package-repositories @@ -168,14 +158,18 @@ parts: - ant - doxygen stage-packages: - - libde265-dev + # lib heif reqs - libheif-dev + - libde265-dev + # pg reqs - libpq-dev - testdisk + # TODO these may not be necessary - freeglut3 - libpsm-infinipath1 - libpsm-infinipath1-dev - libglu1-mesa + # libgstreamer reqs - libgstreamer1.0-dev - libgstreamer-plugins-base1.0-dev - libgstreamer-plugins-bad1.0-dev @@ -197,6 +191,55 @@ parts: - perl # needed by solr to determine locally running ports - lsof + # TODO may be needed by openjfx + # taken from https://github.com/jgneff/openjfx/blob/edge/snap/snapcraft.yaml + - libatk1.0-0 + - libatk-bridge2.0-0 + - libatspi2.0-0 + - libcairo2 + - libcairo-gobject2 + - libdatrie1 + - libepoxy0 + - libfontconfig1 + - libfreetype6 + - libgdk-pixbuf2.0-0 + - libgl1 + - libglvnd0 + - libglx0 + - libgraphite2-3 + - libgtk2.0-0 + - libgtk-3-0 + - libharfbuzz0b + - libpango-1.0-0 + - libpangocairo-1.0-0 + - libpangoft2-1.0-0 + - libpixman-1-0 + - libpng16-16 + - libthai0 + - libwayland-client0 + - libwayland-cursor0 + - libwayland-egl1 + - libx11-6 + - libxau6 + - libxcb1 + - libxcb-render0 + - libxcb-shm0 + - libxcomposite1 + - libxcursor1 + - libxdamage1 + - libxdmcp6 + - libxext6 + - libxfixes3 + - libxi6 + - libxinerama1 + - libxkbcommon0 + - libxrandr2 + - libxrender1 + - libxtst6 + # Gtk-Message: 16:12:52.145: Failed to load module "canberra-gtk-module" + - libcanberra-gtk3-module + # Gtk-Message: 10:57:54.572: Failed to load module "pk-gtk-module" + - packagekit-gtk3-module plugin: nil # source: https://github.com/sleuthkit/autopsy.git source: https://github.com/gdicristofaro/autopsy.git @@ -237,28 +280,14 @@ parts: cat < $AUTOPSY_LOCATION/bin/autopsywrapper.sh #!/bin/bash mkdir -p \$HOME/tmp + # include this line to print all set variables + # set -o posix ; echo $(set) >&2 ; ls -l "${jdkhome}/bin/java" echo Starting Autopsy... \$SNAP/autopsy/bin/autopsy EOF chmod 755 $AUTOPSY_LOCATION/bin/autopsywrapper.sh - # include this line to print all set variables - # sed -i '129 i set -o posix ; echo $(set) >&2 ; ls -l "${jdkhome}/bin/java"' "$AUTOPSY_LOCATION/platform/lib/nbexec" - # taken from https://github.com/ubuntu/libreoffice/blob/7.3/snapcraft.yaml, https://github.com/ubuntu/thunderbird/blob/stable/snapcraft.yaml - prime: - - -usr/lib/*/libgio* - - -usr/lib/*/libglib* - - -usr/lib/*/libgm* - - usr/lib/*/lib* - - -usr/lib/*/libgtk* - - -usr/lib/*/libgdk* - - -usr/lib/*/libcairo* - - -usr/lib/*/libpango* - - -usr/lib/*/libwayland* - - usr/lib/*/mesa/lib* - - usr/share/java/ - - usr/sbin/* # taken from https://github.com/ubuntu/thunderbird/blob/stable/snapcraft.yaml # Find files provided by the base and platform snap and ensure they aren't @@ -273,6 +302,3 @@ parts: for snap in "core22" "gnome-42-2204"; do cd "/snap/$snap/current" && find . -type f,l -exec rm -f "$SNAPCRAFT_PRIME/{}" \; done - - # taken from https://github.com/ubuntu/libreoffice/blob/7.3/snapcraft.yaml - rm -rf $SNAPCRAFT_PRIME/usr/lib/*/lib{gtk,gdk,cairo,pango,wayland}* From 45455f0aea122f8f3f221120b8376575105b300c Mon Sep 17 00:00:00 2001 From: Greg DiCristofaro Date: Wed, 2 Aug 2023 09:29:22 -0400 Subject: [PATCH 29/37] fix --- snap/snapcraft.yaml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/snap/snapcraft.yaml b/snap/snapcraft.yaml index 90cd4a23da..d31774a99b 100644 --- a/snap/snapcraft.yaml +++ b/snap/snapcraft.yaml @@ -280,14 +280,16 @@ parts: cat < $AUTOPSY_LOCATION/bin/autopsywrapper.sh #!/bin/bash mkdir -p \$HOME/tmp - # include this line to print all set variables - # set -o posix ; echo $(set) >&2 ; ls -l "${jdkhome}/bin/java" echo Starting Autopsy... \$SNAP/autopsy/bin/autopsy EOF chmod 755 $AUTOPSY_LOCATION/bin/autopsywrapper.sh + # include this line to print all set variables + # set -o posix ; echo $(set) >&2 ; ls -l "${jdkhome}/bin/java" + # sed -i '129 i ' "$AUTOPSY_LOCATION/platform/lib/nbexec" + # taken from https://github.com/ubuntu/thunderbird/blob/stable/snapcraft.yaml # Find files provided by the base and platform snap and ensure they aren't From ff60de914a67cf5120b149dabde136ddb58bd9d1 Mon Sep 17 00:00:00 2001 From: Greg DiCristofaro Date: Wed, 2 Aug 2023 15:23:11 -0400 Subject: [PATCH 30/37] attempt --- snap/snapcraft.yaml | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/snap/snapcraft.yaml b/snap/snapcraft.yaml index d31774a99b..cd2f23ad78 100644 --- a/snap/snapcraft.yaml +++ b/snap/snapcraft.yaml @@ -298,9 +298,16 @@ parts: after: [autopsy] plugin: nil # NOTE: this will likely change as gnome extension has new revisions - build-snaps: [core22, gnome-42-2204] + build-snaps: [core22] override-prime: | set -eux - for snap in "core22" "gnome-42-2204"; do + for snap in "core22"; do cd "/snap/$snap/current" && find . -type f,l -exec rm -f "$SNAPCRAFT_PRIME/{}" \; done + # TODO remove if effective + #build-snaps: [core22, gnome-42-2204] + # override-prime: | + # set -eux + # for snap in "core22" "gnome-42-2204"; do + # cd "/snap/$snap/current" && find . -type f,l -exec rm -f "$SNAPCRAFT_PRIME/{}" \; + # done From de334cb464f8cb327f27d04d7b0ba18a4c04cb5b Mon Sep 17 00:00:00 2001 From: Greg DiCristofaro Date: Thu, 3 Aug 2023 09:13:29 -0400 Subject: [PATCH 31/37] attempt to preemptively require openjfx libs instead of cached --- snap/snapcraft.yaml | 129 +++++++++++++++++++++++--------------------- 1 file changed, 67 insertions(+), 62 deletions(-) diff --git a/snap/snapcraft.yaml b/snap/snapcraft.yaml index cd2f23ad78..5dbfb0a35f 100644 --- a/snap/snapcraft.yaml +++ b/snap/snapcraft.yaml @@ -192,54 +192,55 @@ parts: # needed by solr to determine locally running ports - lsof # TODO may be needed by openjfx + - libopenjfx-java # taken from https://github.com/jgneff/openjfx/blob/edge/snap/snapcraft.yaml - - libatk1.0-0 - - libatk-bridge2.0-0 - - libatspi2.0-0 - - libcairo2 - - libcairo-gobject2 - - libdatrie1 - - libepoxy0 - - libfontconfig1 - - libfreetype6 - - libgdk-pixbuf2.0-0 - - libgl1 - - libglvnd0 - - libglx0 - - libgraphite2-3 - - libgtk2.0-0 - - libgtk-3-0 - - libharfbuzz0b - - libpango-1.0-0 - - libpangocairo-1.0-0 - - libpangoft2-1.0-0 - - libpixman-1-0 - - libpng16-16 - - libthai0 - - libwayland-client0 - - libwayland-cursor0 - - libwayland-egl1 - - libx11-6 - - libxau6 - - libxcb1 - - libxcb-render0 - - libxcb-shm0 - - libxcomposite1 - - libxcursor1 - - libxdamage1 - - libxdmcp6 - - libxext6 - - libxfixes3 - - libxi6 - - libxinerama1 - - libxkbcommon0 - - libxrandr2 - - libxrender1 - - libxtst6 - # Gtk-Message: 16:12:52.145: Failed to load module "canberra-gtk-module" - - libcanberra-gtk3-module - # Gtk-Message: 10:57:54.572: Failed to load module "pk-gtk-module" - - packagekit-gtk3-module + # - libatk1.0-0 + # - libatk-bridge2.0-0 + # - libatspi2.0-0 + # - libcairo2 + # - libcairo-gobject2 + # - libdatrie1 + # - libepoxy0 + # - libfontconfig1 + # - libfreetype6 + # - libgdk-pixbuf2.0-0 + # - libgl1 + # - libglvnd0 + # - libglx0 + # - libgraphite2-3 + # - libgtk2.0-0 + # - libgtk-3-0 + # - libharfbuzz0b + # - libpango-1.0-0 + # - libpangocairo-1.0-0 + # - libpangoft2-1.0-0 + # - libpixman-1-0 + # - libpng16-16 + # - libthai0 + # - libwayland-client0 + # - libwayland-cursor0 + # - libwayland-egl1 + # - libx11-6 + # - libxau6 + # - libxcb1 + # - libxcb-render0 + # - libxcb-shm0 + # - libxcomposite1 + # - libxcursor1 + # - libxdamage1 + # - libxdmcp6 + # - libxext6 + # - libxfixes3 + # - libxi6 + # - libxinerama1 + # - libxkbcommon0 + # - libxrandr2 + # - libxrender1 + # - libxtst6 + # # Gtk-Message: 16:12:52.145: Failed to load module "canberra-gtk-module" + # - libcanberra-gtk3-module + # # Gtk-Message: 10:57:54.572: Failed to load module "pk-gtk-module" + # - packagekit-gtk3-module plugin: nil # source: https://github.com/sleuthkit/autopsy.git source: https://github.com/gdicristofaro/autopsy.git @@ -280,6 +281,8 @@ parts: cat < $AUTOPSY_LOCATION/bin/autopsywrapper.sh #!/bin/bash mkdir -p \$HOME/tmp + echo libs in gnome-platform: + find \$SNAP_DESKTOP_RUNTIME -name *.so echo Starting Autopsy... \$SNAP/autopsy/bin/autopsy EOF @@ -291,23 +294,25 @@ parts: # sed -i '129 i ' "$AUTOPSY_LOCATION/platform/lib/nbexec" - # taken from https://github.com/ubuntu/thunderbird/blob/stable/snapcraft.yaml - # Find files provided by the base and platform snap and ensure they aren't - # duplicated in this snap + # taken from https://github.com/ubuntu/gnome-recipes/blob/stable/snapcraft.yaml cleanup: - after: [autopsy] + after: [ autopsy ] plugin: nil - # NOTE: this will likely change as gnome extension has new revisions - build-snaps: [core22] + build-snaps: [core22, gtk-common-themes, gnome-42-2204] override-prime: | set -eux - for snap in "core22"; do - cd "/snap/$snap/current" && find . -type f,l -exec rm -f "$SNAPCRAFT_PRIME/{}" \; + for snap in "core22" "gtk-common-themes" "gnome-42-2204"; do + cd "/snap/$snap/current" && find . -type f,l -name *.so.* -exec rm -f "$CRAFT_PRIME/{}" \; + done + # remove cross-installed repeated libraries (in /usr/lib in the SDK, but in /usr/lib/TRIPLET + # here, and the opposite) + for snap in "core22" "gnome-42-2204"; do + cd "/snap/$snap/current/usr/lib" + for filename in [ *.so* ]; do + rm -f "$CRAFT_PRIME/usr/lib/$CRAFT_ARCH_TRIPLET/$filename" + done + cd "/snap/$snap/current/usr/lib/$CRAFT_ARCH_TRIPLET" + for filename in [ *.so* ]; do + rm -f "$CRAFT_PRIME/usr/lib/$filename" + done done - # TODO remove if effective - #build-snaps: [core22, gnome-42-2204] - # override-prime: | - # set -eux - # for snap in "core22" "gnome-42-2204"; do - # cd "/snap/$snap/current" && find . -type f,l -exec rm -f "$SNAPCRAFT_PRIME/{}" \; - # done From 00bda77f27d24a39b00555ae33775d4eb65e108d Mon Sep 17 00:00:00 2001 From: Greg DiCristofaro Date: Fri, 4 Aug 2023 12:31:10 -0400 Subject: [PATCH 32/37] updates for capturing libgtk --- snap/snapcraft.yaml | 112 +++++++++++++++++++++++--------------------- 1 file changed, 58 insertions(+), 54 deletions(-) diff --git a/snap/snapcraft.yaml b/snap/snapcraft.yaml index 5dbfb0a35f..841d6ad147 100644 --- a/snap/snapcraft.yaml +++ b/snap/snapcraft.yaml @@ -49,7 +49,6 @@ plugs: interface: browser-support allow-sandbox: true - slots: # TODO may not be necessary # taken from thunderbird snap: https://github.com/ubuntu/thunderbird/blob/stable/snapcraft.yaml @@ -68,7 +67,7 @@ apps: # set user home to new home value to avoid issues writing cache files to home jreflags: $jreflags '-Duser.home=$HOME' '-Djava.io.tmpdir=$HOME/tmp' '-Djna.library.path=$SNAP/usr/lib/x86_64-linux-gnu:$SNAP/usr/local/lib' # to load libtsk.so - LD_LIBRARY_PATH: $SNAP/usr/local/lib:$LD_LIBRARY_PATH + LD_LIBRARY_PATH: $SNAP/usr/local/lib:$SNAP/lib:$SNAP/usr/lib:$SNAP/lib/x86_64-linux-gnu:$SNAP/usr/lib/x86_64-linux-gnu:$LD_LIBRARY_PATH # make sure path is set up to ensure things like photorec are found PATH: $SNAP/usr/bin:$SNAP/usr/local/bin:$PATH # gstreamer scans for plugins (i.e. app integration plugins). this tells gstreamer where to look for the scanner and libraries @@ -192,55 +191,54 @@ parts: # needed by solr to determine locally running ports - lsof # TODO may be needed by openjfx - - libopenjfx-java # taken from https://github.com/jgneff/openjfx/blob/edge/snap/snapcraft.yaml - # - libatk1.0-0 - # - libatk-bridge2.0-0 - # - libatspi2.0-0 - # - libcairo2 - # - libcairo-gobject2 - # - libdatrie1 - # - libepoxy0 - # - libfontconfig1 - # - libfreetype6 - # - libgdk-pixbuf2.0-0 - # - libgl1 - # - libglvnd0 - # - libglx0 - # - libgraphite2-3 - # - libgtk2.0-0 - # - libgtk-3-0 - # - libharfbuzz0b - # - libpango-1.0-0 - # - libpangocairo-1.0-0 - # - libpangoft2-1.0-0 - # - libpixman-1-0 - # - libpng16-16 - # - libthai0 - # - libwayland-client0 - # - libwayland-cursor0 - # - libwayland-egl1 - # - libx11-6 - # - libxau6 - # - libxcb1 - # - libxcb-render0 - # - libxcb-shm0 - # - libxcomposite1 - # - libxcursor1 - # - libxdamage1 - # - libxdmcp6 - # - libxext6 - # - libxfixes3 - # - libxi6 - # - libxinerama1 - # - libxkbcommon0 - # - libxrandr2 - # - libxrender1 - # - libxtst6 - # # Gtk-Message: 16:12:52.145: Failed to load module "canberra-gtk-module" - # - libcanberra-gtk3-module - # # Gtk-Message: 10:57:54.572: Failed to load module "pk-gtk-module" - # - packagekit-gtk3-module + - libatk1.0-0 + - libatk-bridge2.0-0 + - libatspi2.0-0 + - libcairo2 + - libcairo-gobject2 + - libdatrie1 + - libepoxy0 + - libfontconfig1 + - libfreetype6 + - libgdk-pixbuf2.0-0 + - libgl1 + - libglvnd0 + - libglx0 + - libgraphite2-3 + - libgtk2.0-0 + - libgtk-3-0 + - libharfbuzz0b + - libpango-1.0-0 + - libpangocairo-1.0-0 + - libpangoft2-1.0-0 + - libpixman-1-0 + - libpng16-16 + - libthai0 + - libwayland-client0 + - libwayland-cursor0 + - libwayland-egl1 + - libx11-6 + - libxau6 + - libxcb1 + - libxcb-render0 + - libxcb-shm0 + - libxcomposite1 + - libxcursor1 + - libxdamage1 + - libxdmcp6 + - libxext6 + - libxfixes3 + - libxi6 + - libxinerama1 + - libxkbcommon0 + - libxrandr2 + - libxrender1 + - libxtst6 + # Gtk-Message: 16:12:52.145: Failed to load module "canberra-gtk-module" + - libcanberra-gtk3-module + # Gtk-Message: 10:57:54.572: Failed to load module "pk-gtk-module" + - packagekit-gtk3-module plugin: nil # source: https://github.com/sleuthkit/autopsy.git source: https://github.com/gdicristofaro/autopsy.git @@ -281,22 +279,28 @@ parts: cat < $AUTOPSY_LOCATION/bin/autopsywrapper.sh #!/bin/bash mkdir -p \$HOME/tmp - echo libs in gnome-platform: - find \$SNAP_DESKTOP_RUNTIME -name *.so echo Starting Autopsy... \$SNAP/autopsy/bin/autopsy EOF chmod 755 $AUTOPSY_LOCATION/bin/autopsywrapper.sh + # handles issue finding libgtk-2.0.so + LIB_GTK_LINK=$SNAPCRAFT_PART_INSTALL/usr/lib/x86_64-linux-gnu/libgtk-x11-2.0.so + if ! [[ -L $LIB_GTK_LINK ]] ; then + LIB_GTK_LINK_PARENT="$(dirname "$LIB_GTK_LINK")" + pushd $LIB_GTK_LINK_PARENT + LIB_GTK_TARGET=../../../gnome-platform/usr/lib/x86_64-linux-gnu/libgtk-x11-2.0.so.0 + ln -s $LIB_GTK_TARGET $LIB_GTK_LINK + popd + fi # include this line to print all set variables # set -o posix ; echo $(set) >&2 ; ls -l "${jdkhome}/bin/java" # sed -i '129 i ' "$AUTOPSY_LOCATION/platform/lib/nbexec" - # taken from https://github.com/ubuntu/gnome-recipes/blob/stable/snapcraft.yaml cleanup: - after: [ autopsy ] + after: [autopsy] plugin: nil build-snaps: [core22, gtk-common-themes, gnome-42-2204] override-prime: | From 8b51b9e8a16aac052dec228f7c2c45a3233d57be Mon Sep 17 00:00:00 2001 From: Greg DiCristofaro Date: Sun, 6 Aug 2023 14:27:14 -0400 Subject: [PATCH 33/37] new attempt --- snap/snapcraft.yaml | 37 ++++++++++++++----------------------- 1 file changed, 14 insertions(+), 23 deletions(-) diff --git a/snap/snapcraft.yaml b/snap/snapcraft.yaml index 841d6ad147..81faad19e1 100644 --- a/snap/snapcraft.yaml +++ b/snap/snapcraft.yaml @@ -9,7 +9,7 @@ # building snaps with lxd/multipass requires hardware assisted virtualization: https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.vm_admin.doc/GUID-2A98801C-68E8-47AF-99ED-00C63E4857F6.html, https://docs.vmware.com/en/VMware-vSphere/7.0/com.vmware.vsphere.vm_admin.doc/GUID-F920A3C7-3B42-4E78-8EA7-961E49AF479D.html # build provider information can be found here: https://snapcraft.io/docs/build-providers, https://snapcraft.io/docs/build-options # A command like the following will run snapcraft in the background to build a snap package and write output to log `nohup snapcraft --use-lxd --debug > ./output.log 2>&1 < /dev/null &``. This must be run from the directory above `snap` -# Information on debugging snaps can be found here (in particular `snap try` can mount a filesystem as a snap ): https://snapcraft.io/docs/debug-snaps, https://snapcraft.io/docs/snap-try +# Information on debugging snaps can be found here (in particular `snap try` can mount a filesystem as a snap, `snap run --shell autopsy.autopsy` can show shell with env vars like snap ): https://snapcraft.io/docs/debug-snaps, https://snapcraft.io/docs/snap-try # # INSTALLATION: # Some options for installation can be found here: https://snapcraft.io/docs/install-modes @@ -62,20 +62,23 @@ apps: # more on env vars here: https://snapcraft.io/docs/environment-variables environment: jdkhome: $SNAP/usr/lib/jvm/java-17-openjdk-amd64 + HOME: "$SNAP_USER_COMMON" SOLR_JAVA_HOME: $SNAP/usr/lib/jvm/java-17-openjdk-amd64 # provide means for java gstreamer to find gstreamer libs with jna.library.path # set user home to new home value to avoid issues writing cache files to home - jreflags: $jreflags '-Duser.home=$HOME' '-Djava.io.tmpdir=$HOME/tmp' '-Djna.library.path=$SNAP/usr/lib/x86_64-linux-gnu:$SNAP/usr/local/lib' + # can also specify '-Djdk.gtk.verbose=true' for gtk verbose logging: https://stackoverflow.com/a/22457177 + jreflags: $jreflags '-Djdk.gtk.version=3' '-Duser.home=$SNAP_USER_COMMON' '-Djava.io.tmpdir=$SNAP_USER_COMMON/tmp' '-Djna.library.path=$SNAP/usr/lib/x86_64-linux-gnu:$SNAP/usr/local/lib' # to load libtsk.so - LD_LIBRARY_PATH: $SNAP/usr/local/lib:$SNAP/lib:$SNAP/usr/lib:$SNAP/lib/x86_64-linux-gnu:$SNAP/usr/lib/x86_64-linux-gnu:$LD_LIBRARY_PATH + # TODO remove later if successful: LD_LIBRARY_PATH: $SNAP/usr/local/lib:$SNAP/lib:$SNAP/usr/lib:$SNAP/lib/x86_64-linux-gnu:$SNAP/usr/lib/x86_64-linux-gnu:$LD_LIBRARY_PATH + LD_LIBRARY_PATH: $SNAP/usr/local/lib:$LD_LIBRARY_PATH # make sure path is set up to ensure things like photorec are found PATH: $SNAP/usr/bin:$SNAP/usr/local/bin:$PATH # gstreamer scans for plugins (i.e. app integration plugins). this tells gstreamer where to look for the scanner and libraries # more information here: https://forum.snapcraft.io/t/trouble-with-ros-and-gstreamer/5518/6 GST_PLUGIN_SYSTEM_PATH: $SNAP/usr/lib/x86_64-linux-gnu/gstreamer-1.0 GST_PLUGIN_SCANNER: $SNAP/usr/lib/x86_64-linux-gnu/gstreamer1.0/gstreamer-1.0/gst-plugin-scanner - SOLR_LOGS_DIR: $HOME/.autopsy/dev/solr/logs - SOLR_PID_DIR: $HOME/.autopsy/dev/solr/logs + SOLR_LOGS_DIR: $SNAP_USER_COMMON/.autopsy/dev/solr/logs + SOLR_PID_DIR: $SNAP_USER_COMMON/.autopsy/dev/solr/logs # taken from thunderbird snap: https://github.com/ubuntu/thunderbird/blob/stable/snapcraft.yaml DISABLE_WAYLAND: 1 GTK_USE_PORTAL: 1 @@ -191,7 +194,7 @@ parts: # needed by solr to determine locally running ports - lsof # TODO may be needed by openjfx - # taken from https://github.com/jgneff/openjfx/blob/edge/snap/snapcraft.yaml + # taken from openjfx snap: https://github.com/jgneff/openjfx/blob/edge/snap/snapcraft.yaml - libatk1.0-0 - libatk-bridge2.0-0 - libatspi2.0-0 @@ -240,10 +243,10 @@ parts: # Gtk-Message: 10:57:54.572: Failed to load module "pk-gtk-module" - packagekit-gtk3-module plugin: nil - # source: https://github.com/sleuthkit/autopsy.git - source: https://github.com/gdicristofaro/autopsy.git - # source-branch: develop - source-branch: 8425-snap + source: https://github.com/sleuthkit/autopsy.git + # TODO remove: source: https://github.com/gdicristofaro/autopsy.git + source-branch: develop + # TODO remove: source-branch: 8425-snap build-environment: - JAVA_HOME: /usr/lib/jvm/java-17-openjdk-amd64 - TSK_JAVA_LIB_PATH: $SNAPCRAFT_STAGE/usr/local/share/java @@ -278,25 +281,13 @@ parts: # wrapper to setup temp dir if not exists; also could be easily modified for debugging purposes with snap try: https://snapcraft.io/docs/snap-try cat < $AUTOPSY_LOCATION/bin/autopsywrapper.sh #!/bin/bash - mkdir -p \$HOME/tmp + mkdir -p \$SNAP_USER_COMMON/tmp echo Starting Autopsy... \$SNAP/autopsy/bin/autopsy EOF chmod 755 $AUTOPSY_LOCATION/bin/autopsywrapper.sh - # handles issue finding libgtk-2.0.so - LIB_GTK_LINK=$SNAPCRAFT_PART_INSTALL/usr/lib/x86_64-linux-gnu/libgtk-x11-2.0.so - if ! [[ -L $LIB_GTK_LINK ]] ; then - LIB_GTK_LINK_PARENT="$(dirname "$LIB_GTK_LINK")" - pushd $LIB_GTK_LINK_PARENT - LIB_GTK_TARGET=../../../gnome-platform/usr/lib/x86_64-linux-gnu/libgtk-x11-2.0.so.0 - ln -s $LIB_GTK_TARGET $LIB_GTK_LINK - popd - fi - # include this line to print all set variables - # set -o posix ; echo $(set) >&2 ; ls -l "${jdkhome}/bin/java" - # sed -i '129 i ' "$AUTOPSY_LOCATION/platform/lib/nbexec" # taken from https://github.com/ubuntu/gnome-recipes/blob/stable/snapcraft.yaml cleanup: From 4182b3b5f3192a5809ffdfd13b4985b2e40f82c6 Mon Sep 17 00:00:00 2001 From: Greg DiCristofaro Date: Sun, 6 Aug 2023 19:59:40 -0400 Subject: [PATCH 34/37] updates to ld path --- snap/snapcraft.yaml | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/snap/snapcraft.yaml b/snap/snapcraft.yaml index 81faad19e1..9dfedadc89 100644 --- a/snap/snapcraft.yaml +++ b/snap/snapcraft.yaml @@ -44,13 +44,12 @@ plugs: system-files-hugepages: interface: system-files read: [/sys/kernel/mm/hugepages] - # TODO may not be necessary but may provide ability for online/offline help + # may provide ability for online/offline help browser-sandbox: interface: browser-support allow-sandbox: true slots: - # TODO may not be necessary # taken from thunderbird snap: https://github.com/ubuntu/thunderbird/blob/stable/snapcraft.yaml dbus-daemon: interface: dbus @@ -68,9 +67,8 @@ apps: # set user home to new home value to avoid issues writing cache files to home # can also specify '-Djdk.gtk.verbose=true' for gtk verbose logging: https://stackoverflow.com/a/22457177 jreflags: $jreflags '-Djdk.gtk.version=3' '-Duser.home=$SNAP_USER_COMMON' '-Djava.io.tmpdir=$SNAP_USER_COMMON/tmp' '-Djna.library.path=$SNAP/usr/lib/x86_64-linux-gnu:$SNAP/usr/local/lib' - # to load libtsk.so - # TODO remove later if successful: LD_LIBRARY_PATH: $SNAP/usr/local/lib:$SNAP/lib:$SNAP/usr/lib:$SNAP/lib/x86_64-linux-gnu:$SNAP/usr/lib/x86_64-linux-gnu:$LD_LIBRARY_PATH - LD_LIBRARY_PATH: $SNAP/usr/local/lib:$LD_LIBRARY_PATH + # to load libtsk.so and gstreamer + LD_LIBRARY_PATH: $SNAP/usr/local/lib:$SNAP/lib:$SNAP/usr/lib:$SNAP/lib/x86_64-linux-gnu:$SNAP/usr/lib/x86_64-linux-gnu:$LD_LIBRARY_PATH # make sure path is set up to ensure things like photorec are found PATH: $SNAP/usr/bin:$SNAP/usr/local/bin:$PATH # gstreamer scans for plugins (i.e. app integration plugins). this tells gstreamer where to look for the scanner and libraries @@ -244,9 +242,7 @@ parts: - packagekit-gtk3-module plugin: nil source: https://github.com/sleuthkit/autopsy.git - # TODO remove: source: https://github.com/gdicristofaro/autopsy.git source-branch: develop - # TODO remove: source-branch: 8425-snap build-environment: - JAVA_HOME: /usr/lib/jvm/java-17-openjdk-amd64 - TSK_JAVA_LIB_PATH: $SNAPCRAFT_STAGE/usr/local/share/java From e7604143a3e801fc2808b904943b08b0b5f17630 Mon Sep 17 00:00:00 2001 From: Greg DiCristofaro Date: Sun, 6 Aug 2023 22:28:40 -0400 Subject: [PATCH 35/37] gstreamer updates --- snap/snapcraft.yaml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/snap/snapcraft.yaml b/snap/snapcraft.yaml index 9dfedadc89..1a9b2550bf 100644 --- a/snap/snapcraft.yaml +++ b/snap/snapcraft.yaml @@ -66,15 +66,15 @@ apps: # provide means for java gstreamer to find gstreamer libs with jna.library.path # set user home to new home value to avoid issues writing cache files to home # can also specify '-Djdk.gtk.verbose=true' for gtk verbose logging: https://stackoverflow.com/a/22457177 - jreflags: $jreflags '-Djdk.gtk.version=3' '-Duser.home=$SNAP_USER_COMMON' '-Djava.io.tmpdir=$SNAP_USER_COMMON/tmp' '-Djna.library.path=$SNAP/usr/lib/x86_64-linux-gnu:$SNAP/usr/local/lib' + jreflags: $jreflags '-Djdk.gtk.version=3' '-Duser.home=$SNAP_USER_COMMON' '-Djava.io.tmpdir=$SNAP_USER_COMMON/tmp' '-Djna.library.path=$SNAP_DESKTOP_RUNTIME/usr/lib/x86_64-linux-gnu:$SNAP/usr/local/lib' # to load libtsk.so and gstreamer LD_LIBRARY_PATH: $SNAP/usr/local/lib:$SNAP/lib:$SNAP/usr/lib:$SNAP/lib/x86_64-linux-gnu:$SNAP/usr/lib/x86_64-linux-gnu:$LD_LIBRARY_PATH # make sure path is set up to ensure things like photorec are found PATH: $SNAP/usr/bin:$SNAP/usr/local/bin:$PATH # gstreamer scans for plugins (i.e. app integration plugins). this tells gstreamer where to look for the scanner and libraries # more information here: https://forum.snapcraft.io/t/trouble-with-ros-and-gstreamer/5518/6 - GST_PLUGIN_SYSTEM_PATH: $SNAP/usr/lib/x86_64-linux-gnu/gstreamer-1.0 - GST_PLUGIN_SCANNER: $SNAP/usr/lib/x86_64-linux-gnu/gstreamer1.0/gstreamer-1.0/gst-plugin-scanner + GST_PLUGIN_SYSTEM_PATH: $SNAP_DESKTOP_RUNTIME/usr/lib/x86_64-linux-gnu/gstreamer-1.0:$GST_PLUGIN_SYSTEM_PATH + GST_PLUGIN_SCANNER: $SNAP_DESKTOP_RUNTIME/usr/lib/x86_64-linux-gnu/gstreamer1.0/gstreamer-1.0/gst-plugin-scanner SOLR_LOGS_DIR: $SNAP_USER_COMMON/.autopsy/dev/solr/logs SOLR_PID_DIR: $SNAP_USER_COMMON/.autopsy/dev/solr/logs # taken from thunderbird snap: https://github.com/ubuntu/thunderbird/blob/stable/snapcraft.yaml @@ -186,6 +186,7 @@ parts: - gstreamer1.0-gtk3 - gstreamer1.0-qt5 - gstreamer1.0-pulseaudio + # java req - openjdk-17-jre - openjdk-17-jdk - perl From 44f4ac10ca3c3bf2911dc0636bcd18c1937069d8 Mon Sep 17 00:00:00 2001 From: Greg DiCristofaro Date: Mon, 7 Aug 2023 07:20:59 -0400 Subject: [PATCH 36/37] another update for gstreamer --- snap/snapcraft.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/snap/snapcraft.yaml b/snap/snapcraft.yaml index 1a9b2550bf..756dd04c87 100644 --- a/snap/snapcraft.yaml +++ b/snap/snapcraft.yaml @@ -67,13 +67,13 @@ apps: # set user home to new home value to avoid issues writing cache files to home # can also specify '-Djdk.gtk.verbose=true' for gtk verbose logging: https://stackoverflow.com/a/22457177 jreflags: $jreflags '-Djdk.gtk.version=3' '-Duser.home=$SNAP_USER_COMMON' '-Djava.io.tmpdir=$SNAP_USER_COMMON/tmp' '-Djna.library.path=$SNAP_DESKTOP_RUNTIME/usr/lib/x86_64-linux-gnu:$SNAP/usr/local/lib' - # to load libtsk.so and gstreamer - LD_LIBRARY_PATH: $SNAP/usr/local/lib:$SNAP/lib:$SNAP/usr/lib:$SNAP/lib/x86_64-linux-gnu:$SNAP/usr/lib/x86_64-linux-gnu:$LD_LIBRARY_PATH + # to load libtsk.so + LD_LIBRARY_PATH: $SNAP/usr/local/lib:$LD_LIBRARY_PATH # make sure path is set up to ensure things like photorec are found PATH: $SNAP/usr/bin:$SNAP/usr/local/bin:$PATH # gstreamer scans for plugins (i.e. app integration plugins). this tells gstreamer where to look for the scanner and libraries # more information here: https://forum.snapcraft.io/t/trouble-with-ros-and-gstreamer/5518/6 - GST_PLUGIN_SYSTEM_PATH: $SNAP_DESKTOP_RUNTIME/usr/lib/x86_64-linux-gnu/gstreamer-1.0:$GST_PLUGIN_SYSTEM_PATH + GST_PLUGIN_SYSTEM_PATH: $SNAP_DESKTOP_RUNTIME/usr/lib/x86_64-linux-gnu/gstreamer-1.0:$SNAP/usr/lib/x86_64-linux-gnu/gstreamer-1.0:$GST_PLUGIN_SYSTEM_PATH GST_PLUGIN_SCANNER: $SNAP_DESKTOP_RUNTIME/usr/lib/x86_64-linux-gnu/gstreamer1.0/gstreamer-1.0/gst-plugin-scanner SOLR_LOGS_DIR: $SNAP_USER_COMMON/.autopsy/dev/solr/logs SOLR_PID_DIR: $SNAP_USER_COMMON/.autopsy/dev/solr/logs From 61888715e3063b8dcd0dd9b9d9e003f34b18723e Mon Sep 17 00:00:00 2001 From: Greg DiCristofaro Date: Mon, 7 Aug 2023 08:42:54 -0400 Subject: [PATCH 37/37] updates removing unnecessary dependencies --- snap/snapcraft.yaml | 73 ++------------------------------------------- 1 file changed, 2 insertions(+), 71 deletions(-) diff --git a/snap/snapcraft.yaml b/snap/snapcraft.yaml index 756dd04c87..8aa166100c 100644 --- a/snap/snapcraft.yaml +++ b/snap/snapcraft.yaml @@ -164,83 +164,14 @@ parts: # pg reqs - libpq-dev - testdisk - # TODO these may not be necessary - - freeglut3 - - libpsm-infinipath1 - - libpsm-infinipath1-dev - - libglu1-mesa - # libgstreamer reqs - - libgstreamer1.0-dev - - libgstreamer-plugins-base1.0-dev - - libgstreamer-plugins-bad1.0-dev - - libgstreamer1.0-0 - - gstreamer1.0-plugins-base - - gstreamer1.0-plugins-good + # libgstreamer additional plugin reqs that aren't in gnome package extension: https://snapcraft.io/docs/gnome-extension, https://github.com/ubuntu/gnome-sdk/blob/gnome-42-2204/snapcraft.yaml - gstreamer1.0-plugins-bad - gstreamer1.0-plugins-ugly - gstreamer1.0-libav - - gstreamer1.0-tools - - gstreamer1.0-x - - gstreamer1.0-alsa - - gstreamer1.0-gl - - gstreamer1.0-gtk3 - - gstreamer1.0-qt5 - - gstreamer1.0-pulseaudio # java req - openjdk-17-jre - - openjdk-17-jdk - - perl # needed by solr to determine locally running ports - lsof - # TODO may be needed by openjfx - # taken from openjfx snap: https://github.com/jgneff/openjfx/blob/edge/snap/snapcraft.yaml - - libatk1.0-0 - - libatk-bridge2.0-0 - - libatspi2.0-0 - - libcairo2 - - libcairo-gobject2 - - libdatrie1 - - libepoxy0 - - libfontconfig1 - - libfreetype6 - - libgdk-pixbuf2.0-0 - - libgl1 - - libglvnd0 - - libglx0 - - libgraphite2-3 - - libgtk2.0-0 - - libgtk-3-0 - - libharfbuzz0b - - libpango-1.0-0 - - libpangocairo-1.0-0 - - libpangoft2-1.0-0 - - libpixman-1-0 - - libpng16-16 - - libthai0 - - libwayland-client0 - - libwayland-cursor0 - - libwayland-egl1 - - libx11-6 - - libxau6 - - libxcb1 - - libxcb-render0 - - libxcb-shm0 - - libxcomposite1 - - libxcursor1 - - libxdamage1 - - libxdmcp6 - - libxext6 - - libxfixes3 - - libxi6 - - libxinerama1 - - libxkbcommon0 - - libxrandr2 - - libxrender1 - - libxtst6 - # Gtk-Message: 16:12:52.145: Failed to load module "canberra-gtk-module" - - libcanberra-gtk3-module - # Gtk-Message: 10:57:54.572: Failed to load module "pk-gtk-module" - - packagekit-gtk3-module plugin: nil source: https://github.com/sleuthkit/autopsy.git source-branch: develop @@ -286,7 +217,7 @@ parts: chmod 755 $AUTOPSY_LOCATION/bin/autopsywrapper.sh - # taken from https://github.com/ubuntu/gnome-recipes/blob/stable/snapcraft.yaml + # taken from https://github.com/ubuntu/gnome-recipes/blob/stable/snapcraft.yaml to clean out files present in core/extensions as well. cleanup: after: [autopsy] plugin: nil