mstoeck3/autopsy-flatpak
1
0
Fork 0
mirror of https://github.com/overcuriousity/autopsy-flatpak.git synced 2025-07-06 21:00:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

update for readme

Browse Source
This commit is contained in:
Greg DiCristofaro 2023-05-17 13:50:19 -04:00
parent 32e824434b
commit 91e255817a
1 changed files with 8 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
Running_Linux_OSX.md
View File

@ -5,15 +5,15 @@ When installing on Debian-based Linux or macOS systems, there are three general
- **Linux**: Run [`linux_macos_install_scripts/install_prereqs_ubuntu.sh`](./linux_macos_install_scripts/install_prereqs_ubuntu.sh).
- **macOS**: Run [`linux_macos_install_scripts/install_prereqs_macos.sh`](./linux_macos_install_scripts/install_prereqs_macos.sh). This script requires the package manager: [Homebrew](https://brew.sh/), which has installation steps on their site.
*NOTE: The last output of the script is the path to the Java 8 installation. You will want to note that path when installing Autopsy.*
*NOTE: The last output of the script is the path to the Java 17 installation. You will want to note that path when installing Autopsy.*
# Installing The Sleuth Kit
- **Linux**: Download the .deb file for the release you want to install from the [release section](https://github.com/sleuthkit/sleuthkit/releases). Install The Sleuth Kit package from the repositories with the following command: `sudo apt update && sudo apt install /path/to/sleuthkit-version.deb`.
- **macOS**: Ensure that for this session, your `JAVA_HOME` variable is set to the java 8 installation by running `export JAVA_HOME=$(/usr/libexec/java_home -v 1.8)/bin/java`. Then, install The Sleuth Kit from source by running [`linux_macos_install_scripts/install_tsk_from_src.sh`](./linux_macos_install_scripts/install_tsk_from_src.sh), which will download, build, and install The Sleuth Kit. It can be run as follows: `install_tsk_from_src.sh -p ~/src/sleuthkit -b sleuthkit-4.11.1`. Make sure that your path to download source ends with "sleuthkit" as the last directory, and the release is the corresponding tag in the [repository](https://github.com/sleuthkit/sleuthkit).
- **macOS**: Ensure that for this session, your `JAVA_HOME` variable is set to the java 17 installation by running `export JAVA_HOME=$(/usr/libexec/java_home -v 17)/bin/java`. Then, install The Sleuth Kit from source by running [`linux_macos_install_scripts/install_tsk_from_src.sh`](./linux_macos_install_scripts/install_tsk_from_src.sh), which will download, build, and install The Sleuth Kit. It can be run as follows: `install_tsk_from_src.sh -p ~/src/sleuthkit -b sleuthkit-4.11.1`. Make sure that your path to download source ends with "sleuthkit" as the last directory, and the release is the corresponding tag in the [repository](https://github.com/sleuthkit/sleuthkit).
# Installing Autopsy
- Download the Autopsy zip file from [repository releases](https://github.com/sleuthkit/autopsy/releases). The file will be marked as "autopsy-<release>.zip" (i.e. "autopsy-4.19.2.zip").
- Run [`install_application.sh`](./linux_macos_install_scripts/install_application.sh) with the following parameters: `install_application.sh [-z zip_path] [-i install_directory] [-j java_home]`. An example would be `install_application.sh -z ~/Downloads/autopsy-4.19.2.zip -i ~/autopsy -j /usr/lib/jvm/bellsoft-java8-full-amd64`. The path to the Java 8 home is the last output from the [prequisites installation scripts](#installing-prerequisites), but typically, the path will be `/usr/lib/jvm/bellsoft-java8-full-amd64` on Debian-based Linux or the output of running `/usr/libexec/java_home -v 1.8` on macOS.
- Run [`install_application.sh`](./linux_macos_install_scripts/install_application.sh) with the following parameters: `install_application.sh [-z zip_path] [-i install_directory] [-j java_home]`. An example would be `install_application.sh -z ~/Downloads/autopsy-4.19.2.zip -i ~/autopsy -j /usr/lib/jvm/bellsoft-java17-full-amd64`. The path to the Java 17 home is the last output from the [prequisites installation scripts](#installing-prerequisites), but typically, the path will be `/usr/lib/jvm/bellsoft-java17-full-amd64` on Debian-based Linux or the output of running `/usr/libexec/java_home -v 17` on macOS.
# Setup macOS JNA paths
If you are on macOS, run [linux_macos_install_scripts/add_macos_jna.sh](./linux_macos_install_scripts/add_macos_jna.sh) to properly setup the jna path to get things like gstreamer working. An example would be `add_macos_jna.sh -i ~/autopsy`.
@ -26,13 +26,13 @@ If you are on macOS, run [linux_macos_install_scripts/add_macos_jna.sh](./linux_
the wrong version of Java is being used to run Autopsy.
Check the version of Java reported in the `messages.log` file in the log directory. The log directory can be found by opening Autopsy, and, with no cases open, go to 'Help' > 'Open Log Folder'. `messages.log` should contain lines that looks like:
```
Java; VM; Vendor = 1.8.0_342; OpenJDK 64-Bit Server VM 25.342-b07; BellSoft
Runtime = OpenJDK Runtime Environment 1.8.0_342-b07
Java Home = /usr/lib/jvm/bellsoft-java8-full-amd64/jre
Java; VM; Vendor = 17.0.5; OpenJDK 64-Bit Server VM 17.0.5+8-LTS; BellSoft
Runtime = OpenJDK Runtime Environment 17.0.5+8-LTS
Java Home = /usr/lib/jvm/bellsoft-java17-full-amd64/jre
```
If your `messages.log` file indicates that Java 8 is not being used:
- Confirm that you have a version of Java 8 installed
If your `messages.log` file indicates that Java 17 is not being used:
- Confirm that you have a version of Java 17 installed
- Confirm that your java path environment variable is set correctly. Autopsy first uses the value of `jdkhome` in `<autopsy_install_location>/etc/autopsy.conf`, so look for an uncommented line (not starting with '#') that looks like `jdkhome=<java path>`. If that is not set, check your `$JAVA_HOME` environment variable by running `echo $JAVA_HOME`.
- If you see something like "cannot be opened because the developer cannot be verified." it is an indication that Gatekeeper is running and is stopping a file from being executed. To fix this open a new terminal window and enter the following command `sudo spctl --master-disable`, you will be required to enter your password. This will allow any program to be be downloaded from anywhere and executed.
- On initial run, Autopsy shows a window that can appear behind the splash screen. This looks like Autopsy has stalled during startup. The easiest way to get around this issue for the first run is to run autopsy with the `--nosplash` flag, which will hide the splash screen on startup. There will be a lag where no window appears for a bit, so please be patient.