mstoeck3/autopsy-flatpak
1
0
Fork 0
mirror of https://github.com/overcuriousity/autopsy-flatpak.git synced 2025-07-06 21:00:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

linux mac documentation to release

Browse Source
This commit is contained in:
Greg DiCristofaro 2022-11-21 15:37:46 -05:00
parent b9f1be4332
commit ba6a146a16
5 changed files with 31 additions and 151 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

141
Running_Linux_OSX.md
View File

@ -1,138 +1,22 @@
# Overview # Overview
*The installation process requires some [prerequisites](#installing-prerequisites), [The Sleuth Kit](#install-sleuthkit), and installing [Autopsy itself](#install-autopsy). If using Windows, there is a pre-built installer bundling all dependencies that can be found in the [Autopsy downloads section](https://www.autopsy.com/download/) or in the [Releases section on GitHub](https://github.com/sleuthkit/autopsy/releases/).* When installing on Debian-based Linux or macOS systems, there are three general steps: [installing prerequisites](#installing-prerequisites), [installing The Sleuth Kit](#installing-the-sleuth-kit), and [installing Autopsy](#installing-autopsy) itself. On macOS, you will want to [setup the JNA paths](#setup-macos-jna-paths).
# Installing Prerequisites # Installing Prerequisites
- **Linux**: Run [`linux_macos_install_scripts/install_prereqs_ubuntu.sh`](./linux_macos_install_scripts/install_prereqs_ubuntu.sh).
- **macOS**: Run [`linux_macos_install_scripts/install_prereqs_macos.sh`](./linux_macos_install_scripts/install_prereqs_macos.sh). This script requires the package manager: [Homebrew](https://brew.sh/), which has installation steps on their site.
## On macOS *NOTE: The last output of the script is the path to the Java 8 installation. You will want to note that path when installing Autopsy.*
*A script to install these dependencies that can be found [here](./linux_macos_install_scripts/install_prereqs_macos.sh). Make sure the script is executable before running.* # Installing The Sleuth Kit
- Using [Homebrew](https://brew.sh/), install dependencies that have formulas: - **Linux**: Download the .deb file for the release you want to install from the [release section](https://github.com/sleuthkit/sleuthkit/releases). Install The Sleuth Kit package from the repositories with the following command: `sudo apt update && sudo apt install /path/to/sleuthkit-version.deb`.
``` - **macOS**: Ensure that for this session, your `JAVA_HOME` variable is set to the java 8 installation by running `export JAVA_HOME=$(/usr/libexec/java_home -v 1.8)/bin/java`. Then, install The Sleuth Kit from source by running [`linux_macos_install_scripts/install_tsk_from_src.sh`](./linux_macos_install_scripts/install_tsk_from_src.sh), which will download, build, and install The Sleuth Kit. It can be run as follows: `install_tsk_from_src.sh -p ~/src/sleuthkit -b sleuthkit-4.11.1`. Make sure that your path to download source ends with "sleuthkit" as the last directory, and the release is the corresponding tag in the [repository](https://github.com/sleuthkit/sleuthkit).
brew install ant automake libtool afflib libewf postgresql testdisk
```
- You will also need to install Java 8 and JavaFX to run autopsy. We recommend Liberica OpenJDK which can be installed by tapping this third-party dependency:
```
brew tap bell-sw/liberica
```
- Then, you can install this dependency using `brew`:
```
brew install --cask liberica-jdk8-full
```
- - Confirm that java has been successfully installed by running `java -version`. You should get a result like the following:
```
% java -version
openjdk version "1.8.0_342"
OpenJDK Runtime Environment (build 1.8.0_342-b07)
OpenJDK 64-Bit Server VM (build 25.342-b07, mixed mode)
```
- You will need the java path for properly setting up autopsy. You can get the path to java by calling:
```
/usr/libexec/java_home -v 1.8
```
- If you want gstreamer to open media, you can download and install gstreamer here: `https://gstreamer.freedesktop.org/data/pkg/osx/1.20.3/gstreamer-1.0-1.20.3-universal.pkg`
## On Linux (Ubuntu / Debian-based) # Installing Autopsy
- Download the Autopsy zip file from [repository releases](https://github.com/sleuthkit/autopsy/releases). The file will be marked as "autopsy-<release>.zip" (i.e. "autopsy-4.19.2.zip").
*A script to install these dependencies that can be found [here](./linux_macos_install_scripts/install_prereqs_ubuntu.sh). Make sure the script is executable before running.* - Run [`install_application.sh`](./linux_macos_install_scripts/install_application.sh) with the following parameters: `install_application.sh [-z zip_path] [-i install_directory] [-j java_home]`. An example would be `install_application.sh -z ~/Downloads/autopsy-4.19.2.zip -i ~/autopsy -j /usr/lib/jvm/bellsoft-java8-full-amd64`. The path to the Java 8 home is the last output from the [prequisites installation scripts](#installing-prerequisites), but typically, the path will be `/usr/lib/jvm/bellsoft-java8-full-amd64` on Debian-based Linux or the output of running `/usr/libexec/java_home -v 1.8` on macOS.
- You will need to include some repositories in order to install this software. One way to do that is to uncomment lines in your `sources.list`:
```
sudo sed -Ei 's/^# deb-src /deb-src /' /etc/apt/sources.list
```
- Use `apt` to install dependencies:
```
sudo apt update && \
sudo apt -y install build-essential autoconf libtool git-core automake git zip wget ant \
libde265-dev libheif-dev \
libpq-dev \
testdisk libafflib-dev libewf-dev libvhdi-dev libvmdk-dev \
libgstreamer1.0-0 gstreamer1.0-plugins-base gstreamer1.0-plugins-good gstreamer1.0-plugins-bad \
gstreamer1.0-plugins-ugly gstreamer1.0-libav gstreamer1.0-tools gstreamer1.0-x \
gstreamer1.0-alsa gstreamer1.0-gl gstreamer1.0-gtk3 gstreamer1.0-qt5 gstreamer1.0-pulseaudio
```
- You will also need to install Java 8 and JavaFX to run autopsy. We recommend Liberica OpenJDK which can be installed as follows:
```
pushd /usr/src/ && \
wget -q -O - https://download.bell-sw.com/pki/GPG-KEY-bellsoft | sudo apt-key add - && \
echo "deb [arch=amd64] https://apt.bell-sw.com/ stable main" | sudo tee /etc/apt/sources.list.d/bellsoft.list && \
sudo apt update && \
sudo apt -y install bellsoft-java8-full && \
popd
```
- Confirm that java has been successfully installed by running `java -version`. You should get a result like the following:
```
% java -version
openjdk version "1.8.0_342"
OpenJDK Runtime Environment (build 1.8.0_342-b07)
OpenJDK 64-Bit Server VM (build 25.342-b07, mixed mode)
```
- Take note of the location of the java 1.8 install. This will be necessary to properly setup Autopsy. If using the recommended method, the path should be `/usr/lib/jvm/bellsoft-java8-full-amd64`
# Install The Sleuth Kit
The Sleuth Kit must be installed before trying to install Autopsy. If you are on a Debian-like system (i.e. Ubuntu) you can download the most recent deb file from the [github release section](https://github.com/sleuthkit/sleuthkit/releases), and install by running something like `sudo apt install ./sleuthkit-java_4.11.1-1_amd64.deb`. Otherwise, you can follow the directions below to install The Sleuth Kit from source code.
## Install The Sleuth Kit from Source
*A script to install these dependencies on Unix-like systems (i.e. macOS, Linux) that can be found [here](./linux_macos_install_scripts/install_tsk_from_src.sh). Make sure the script is executable before running.*
- Please ensure you have all the prerequisites installed on your system (see the directions [here](#installing-prerequisites)).
- If you don't have a copy of the repository on your local machine, clone it (this requires git):
```
git clone --depth 1 https://github.com/sleuthkit/sleuthkit.git
```
- If you want to build source from a particular branch or tag (i.e. `develop` or `release-4.11.0`), check out that branch:
```
git checkout <YOUR BRANCH HERE> && git pull
```
- Then, with The Sleuth Kit repo as your working directory, you can build with:
```
./bootstrap && ./configure && make
```
- If the output from `make` looks good, then install:
```
sudo make install
```
# Install Autopsy
## Create Autopsy Zip File from Source
*In most instances, you should download the Autopsy Zip file from the [Autopsy downloads section](https://www.autopsy.com/download/) or in the [Releases section on GitHub](https://github.com/sleuthkit/autopsy/releases/), but if you have a special use case you can do the following. Please make sure you have the [prerequisites installed](#installing-prerequisites) and have [installed The Sleuth Kit](#install-sleuthkit).*
- If you haven't already, clone the repo:
```
git clone --depth 1 https://github.com/sleuthkit/autopsy.git
```
- With the autopsy repo as your working directory, you can run:
```
ant clean && ant build && ant build-zip
```
- The zip file should be created within the `dist` folder of the Autopsy repository and will have the version in the name (i.e. `autopsy-4.18.0.zip`).
## Install Autopsy from Zip File
*These instructions are for Unix-like systems like macOS and Linux. If you are on Windows, there is an installer that can be downloaded from the [Autopsy downloads section](https://www.autopsy.com/download/) or in the [Releases section on GitHub](https://github.com/sleuthkit/autopsy/releases/). Please make sure you have the [prerequisites installed](#installing-prerequisites) and have [installed The Sleuth Kit](#install-sleuthkit). A script to perform these steps can be found [here](./linux_macos_install_scripts/install_application.sh). Make sure the script is executable before running.*
- Download the zip file from the [Autopsy downloads section](https://www.autopsy.com/download/) or in the [Releases section on GitHub](https://github.com/sleuthkit/autopsy/releases/). You can also create a zip file from source using [these directions](#create-autopsy-zip-file-from-source).
- If you downloaded the zip file, you can verify the zip file with the [The Sleuth Kit key](https://sleuthkit.org/carrier.asc) and the related `.asc` file found in the [Releases section on GitHub](https://github.com/sleuthkit/autopsy/releases/). For instance, you would use `autopsy-4.18.0.zip.asc` with `autopsy-4.18.0.zip`. Here is an example where `$ASC_FILE` is the path to the `.asc` file and `$AUTOPSY_ZIP_PATH` is the path to the autopsy zip file:
```
mkdir -p ${VERIFY_DIR} && \
pushd ${VERIFY_DIR} && \
wget https://sleuthkit.org/carrier.asc && \
gpg --homedir "${VERIFY_DIR}" --import https://sleuthkit.org/carrier.asc && \
gpg --homedir "${VERIFY_DIR}" --keyring "${VERIFY_DIR}/pubring.kbx" ${ASC_FILE} ${AUTOPSY_ZIP_PATH} && \
rm -r ${VERIFY_DIR}
popd
```
- Extract the zip file to a location where you would like to have Autopsy installed.
- Set up java path. There are two ways to provide the path to java: `JAVA_HOME` can be set as an environmental variable or the `autopsy.conf` file can define the home for java.
- To update the `autopsy.conf` file, navigate to where autopsy has been extracted and then open `etc/autopsy.conf`. Within that file, replace the commented line or add a new line specifying the java home like: `jdkhome=<JAVA_PATH>`. Another option is to provide an argument to `unix_setup.sh` like the following `unix_setup.sh -j <JAVA_PATH>` when performing the next step.
- With the extracted folder as the working directory, you can run the following commands to perform setup:
```
chown -R $(whoami) . && \
chmod u+x ./unix_setup.sh && \
./unix_setup.sh
```
- At this point, you should be able to run Autopsy with the command `./autopsy` from within the `bin` directory of the extracted folder.
## Setup macOS JNA paths
A few features in Autopsy will only work (i.e. gstreamer) if the JNA paths are specified. If you installed the necessary dependencies through Homebrew, you will want to either run this [script](./linux_macos_install_scripts/add_macos_jna.sh) or manually add all the gstreamer lib and dependency lib paths to the env variable `jre_flags` with jre flag: `-Djna.library.path`.
# Setup macOS JNA paths
If you are on macOS, run [linux_macos_install_scripts/add_macos_jna.sh](./linux_macos_install_scripts/add_macos_jna.sh) to properly setup the jna path to get things like gstreamer working. An example would be `add_macos_jna.sh -i ~/autopsy`.
# Troubleshooting # Troubleshooting
- If you see something like "Cannot create case: javafx/scene/paint/Color" it is an indication that Java FX - If you see something like "Cannot create case: javafx/scene/paint/Color" it is an indication that Java FX
@ -166,6 +50,5 @@ A few features in Autopsy will only work (i.e. gstreamer) if the JNA paths are s
- Recent Activity - Recent Activity
- The LEAPP processors - The LEAPP processors
- HEIF processing - HEIF processing
- Timeline does not work on OS X
- Video thumbnails - Video thumbnails
- VHD and VMDK files not supported on OS X - VHD and VMDK files not supported on OS X

16
linux_macos_install_scripts/add_macos_jna.sh
View File

@ -28,7 +28,17 @@ then
exit 1 exit 1
fi fi
awk '!/^\s*#?\s*export jreflags=.*$/' $INSTALL_LOC/etc/$APPLICATION_NAME.conf > $INSTALL_LOC/etc/$APPLICATION_NAME.conf.tmp && \ GSTREAMER_LOC=$(brew --prefix gstreamer)
mv $INSTALL_LOC/etc/$APPLICATION_NAME.conf.tmp $INSTALL_LOC/etc/$APPLICATION_NAME.conf && \ if [[ $? -ne 0 ]]
echo -e "\nexport jreflags=-Djna.library.path=\"/Library/Frameworks/GStreamer.framework/Versions/1.0/lib\"" >> $INSTALL_LOC/etc/$APPLICATION_NAME.conf then
echo "Unable to find homebrew installation of gstreamer" >> /dev/stderr
exit 1
fi
awk '!/^ *#? *export +?(jreflags|GST_PLUGIN_SYSTEM_PATH|GST_PLUGIN_SCANNER)=.*$/' $INSTALL_LOC/etc/$APPLICATION_NAME.conf > $INSTALL_LOC/etc/$APPLICATION_NAME.conf.tmp && \
mv $INSTALL_LOC/etc/$APPLICATION_NAME.conf.tmp $INSTALL_LOC/etc/$APPLICATION_NAME.conf && \
echo "
export jreflags=\"-Djna.library.path=\\\"/usr/local/lib\\\" \$jreflags\"
export GST_PLUGIN_SYSTEM_PATH=\"/usr/local/lib/gstreamer-1.0\"
export GST_PLUGIN_SCANNER=\"${GSTREAMER_LOC}/libexec/gstreamer-1.0/gst-plugin-scanner\"" >> $INSTALL_LOC/etc/$APPLICATION_NAME.conf

2
linux_macos_install_scripts/install_application.sh
View File

@ -2,7 +2,7 @@
# Unzips an application platform zip to specified directory and does setup # Unzips an application platform zip to specified directory and does setup
usage() { usage() {
echo "Usage: install_application_from_zip.sh [-z zip_path] [-i install_directory] [-j java_home] [-n application_name] [-v asc_file]" 1>&2 echo "Usage: install_application.sh [-z zip_path] [-i install_directory] [-j java_home] [-n application_name] [-v asc_file]" 1>&2
echo "If specifying a .asc verification file (with -v flag), the program will attempt to create a temp folder in the working directory and verify the signature with gpg. If you already have an extracted zip, the '-z' flag can be ignored as long as the directory specifying the extracted contents is provided for the installation directory." 1>&2 echo "If specifying a .asc verification file (with -v flag), the program will attempt to create a temp folder in the working directory and verify the signature with gpg. If you already have an extracted zip, the '-z' flag can be ignored as long as the directory specifying the extracted contents is provided for the installation directory." 1>&2
} }

19
linux_macos_install_scripts/install_prereqs_macos.sh
View File

@ -1,27 +1,14 @@
#!/bin/bash #!/bin/bash
echo "Installing dependencies..." echo "Installing dependencies..."
# dependencies taken from: https://github.com/sleuthkit/autopsy/pull/5111/files brew install ant automake libtool afflib libewf postgresql testdisk libheif \
# brew install gettext cppunit && \ gst-libav gst-plugins-bad gst-plugins-base gst-plugins-good gst-plugins-ugly gstreamer
brew install ant automake libtool afflib libewf postgresql testdisk
if [[ $? -ne 0 ]] if [[ $? -ne 0 ]]
then then
echo "Unable to install necessary dependencies" >> /dev/stderr echo "Unable to install necessary dependencies" >> /dev/stderr
exit 1 exit 1
fi fi
# brew gstreamer packages don't seem to play nice with autopsy. Installing directly from gstreamer
echo "Installing gstreamer..."
gstreamer_tmp_path=$TMPDIR/gstreamer-1.0-1.20.3-universal.pkg
curl -k -o $gstreamer_tmp_path 'https://gstreamer.freedesktop.org/data/pkg/osx/1.20.3/gstreamer-1.0-1.20.3-universal.pkg' && \
sudo installer -pkg //Users/4911_admin/Downloads/gstreamer-1.0-1.20.3-universal.pkg -target /
gstreamer_install_result=$?
rm $gstreamer_tmp_path
if [[ $? -ne 0 ]]
then
echo "Unable to install gstreamer" >> /dev/stderr
exit 1
fi
echo "Installing liberica java 8..." echo "Installing liberica java 8..."
brew tap bell-sw/liberica && \ brew tap bell-sw/liberica && \
brew install --cask liberica-jdk8-full brew install --cask liberica-jdk8-full

4
linux_macos_install_scripts/install_tsk_from_src.sh
View File

@ -1,10 +1,10 @@
#!/bin/bash #!/bin/bash
# Clones sleuthkit repo from github (if necessary) and installs # Clones sleuthkit repo from github (if necessary) and installs
# this script does require sudo privileges # this script does require sudo privileges
# called like: build_tsk.sh -p <repo path to be created or existing> -b <tsk branch to checkout> -r <non-standard remote repo (optional)> # called like: install_tsk_from_src.sh -p <repo path to be created or existing> -b <tsk branch to checkout> -r <non-standard remote repo (optional)>
usage() { usage() {
echo "Usage: install_tsk_from_src [-p repo_path (should end with '/sleuthkit')] [-b tsk_branch] [-r sleuthkit_repo]" 1>&2 echo "Usage: install_tsk_from_src.sh [-p repo_path (should end with '/sleuthkit')] [-b tsk_branch] [-r sleuthkit_repo]" 1>&2
} }
# default repo path # default repo path