W: Skipping acquire of configured file 'focal/binary-amd64/Packages' as repository 'https://s3-eu-west-1.amazonaws.com/crowdsec.debian.pragmatic/focal focal InRelease' doesn't have the component 'focal' (component misspelt in sources.list?)
W: Skipping acquire of configured file 'focal/i18n/Translation-en' as repository 'https://s3-eu-west-1.amazonaws.com/crowdsec.debian.pragmatic/focal focal InRelease' doesn't have the component 'focal' (component misspelt in sources.list?)
W: Skipping acquire of configured file 'focal/cnf/Commands-amd64' as repository 'https://s3-eu-west-1.amazonaws.com/crowdsec.debian.pragmatic/focal focal InRelease' doesn't have the component 'focal' (component misspelt in sources.list?)
I’m not in any way a Linux expert, but I can use Google and read documentation. Based on what I found the problem seems to be in /etc/apt/sources.list . The entry inserted was
deb-src https://s3-eu-west-1.amazonaws.com/crowdsec.debian.pragmatic/focal focal focal main
whereas when I changed it to the following it worked - note I removed one “focal”.
deb-src https://s3-eu-west-1.amazonaws.com/crowdsec.debian.pragmatic/focal focal main
I suggest that the install command should be as follows, just removing “$(lsb_release -cs)”
Getting rid of “add repository” means crowdsec would need to be updated manually, right? I don’t know if that’s a good approach. I would not have installed crowdsec if I knew I had to manually update it.
I reinstalled crowdsec today with “apt install crowdsec” from the Ubuntu focal repo and got a new error message
apt install crowdsec
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following NEW packages will be installed:
crowdsec
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 0 B/12.4 MB of archives.
After this operation, 46.4 MB of additional disk space will be used.
Preconfiguring packages ...
Selecting previously unselected package crowdsec.
(Reading database ... 131874 files and directories currently installed.)
Preparing to unpack .../crowdsec_1.0.7-5_amd64.deb ...
We are upgrading from 1.0.7-5
We are upgrading to 1.0.7-5
You always can run the configuration again interactively using '/usr/share/crowdsec/wizard.sh -c
Unpacking crowdsec (1.0.7-5) ...
Setting up crowdsec (1.0.7-5) ...
Creating crowdsec configuration in /etc/crowdsec
FATA[0000] failed to load sub configurations: failed to read api client credential configuration file '/etc/crowdsec/local_api_credentials.yaml': open /etc/crowdsec/local_api_credentials.yaml: no such file or directory
dpkg: error processing package crowdsec (--configure):
installed crowdsec package post-installation script subprocess returned error exit status 1
Errors were encountered while processing:
crowdsec
E: Sub-process /usr/bin/dpkg returned an error code (1)
I then ran the wizard but unlike yesterday I didn’t get to choose parsers / collections, that screen was skipped entirely. There are no files modified recently in the /etc/crowdsec folder that seem to specify parsers or such that should be activated. Note below it says “fail to install collection crowdsec/whitelists”.
/usr/share/crowdsec/wizard.sh -c
[03/23/21:09:24:59][INF] crowdsec_wizard: Checking if service 'apache2' is running (ps+systemd)
[03/23/21:09:24:59][INF] crowdsec_wizard: Checking if service 'httpd' is running (ps+systemd)
[03/23/21:09:24:59][INF] crowdsec_wizard: Checking if service 'nginx' is running (ps+systemd)
[03/23/21:09:24:59][INF] crowdsec_wizard: Found 'nginx' running
[03/23/21:09:24:59][INF] crowdsec_wizard: Checking if service 'sshd' is running (ps+systemd)
[03/23/21:09:24:59][INF] crowdsec_wizard: Found 'sshd' running
[03/23/21:09:24:59][INF] crowdsec_wizard: Checking if service 'mysql' is running (ps+systemd)
[03/23/21:09:24:59][INF] crowdsec_wizard: Found 'mysql' running
[03/23/21:09:24:59][INF] crowdsec_wizard: Checking if service 'telnet' is running (ps+systemd)
[03/23/21:09:24:59][INF] crowdsec_wizard: Checking if service 'smb' is running (ps+systemd)
Detected services (interactive) : nginx
FATA[0000] failed to load sub configurations: failed to read api client credential configuration file '/etc/crowdsec/local_api_credentials.yaml': open /etc/crowdsec/local_api_credentials.yaml: no such file or directory
FATA[0000] failed to load sub configurations: failed to read api client credential configuration file '/etc/crowdsec/local_api_credentials.yaml': open /etc/crowdsec/local_api_credentials.yaml: no such file or directory
[03/23/21:09:25:06][ERR] crowdsec_wizard: fail to install collection crowdsec/whitelists
[03/23/21:09:25:09][INF] crowdsec_wizard: Found following services : nginx
[03/23/21:09:25:10][INF] crowdsec_wizard: Found logs file for 'nginx': /var/log/nginx/(redacted).log
[03/23/21:09:25:10][INF] crowdsec_wizard: Found logs file for 'nginx': /var/log/nginx/(redacted).log
[03/23/21:09:25:13][INF] crowdsec_wizard: Acquisition file generated
Any ideas? This is all seeming like beta software.
