Comments (6)
wwolkers
commented on June 1, 2024
looks to be the same error as #42
from openappsec.
orianelou
commented on June 1, 2024
Hi @wwolkers,
Regrettably, it seems that your NGINX version isn't among the officially supported distributions listed here. Rest assured, we'll consider this for inclusion in our next release.
For a more immediate solution, we suggest either deploying open-appsec using Docker to bypass these compatibility concerns or building the attachment, and getting the agent using the --download option of the install script (instead of --auto )
If you have any further questions or need assistance with either approach, please don't hesitate to ask.
Best,
Oriane
from openappsec.
wwolkers
commented on June 1, 2024
hi @orianelou ,
even if I run a newer version (supported) of nginx I still get the same errors
sudo ./open-appsec-install --auto
open-appsec for NGINX and Kong Installer v1.2245.1
For release notes and known limitations check:
https://docs.openappsec.io/release-notes
Searching local NGINX…
NGINX version found: 1.24.0-1-jammy
Downloading open-appsec NGINX attachment... stored in '/tmp/open-appsec'
Unsupported NGINX version, for supported platforms, OS and NGINX versions please see docs.openappsec.io
Downloading open-appsec agent... stored in '/tmp/open-appsec'
Unsupported OS, for supported platforms, OS and NGINX versions please see docs.openappsec.io
if I check the script, the error about an unsupported Nginx or OS only show because the download failed with a 403 access denied:
++ curl -s -w '%{http_code}' https://downloads.openappsec.io/packages/nginx-attachment/aarch64/ubuntu/jammy/ngx%5fmodule%5f1%2e24%2e0%2d1%2djammy.tar.gz --output /tmp/open-appsec/ngx_module_1.24.0-1-jammy.tar.gz
- nginx_curl=403
- '[' 403 '!=' 200 ']'
- [[ jammy =~ ^[0-9]+([.][0-9]+)?$ ]]
++ curl -s -w '%{http_code}' https://downloads.openappsec.io/packages/nginx-attachment/aarch64/ubuntu/jammy/ngx%5fmodule%5f1%2e24%2e0%2d1%2djammy.tar.gz --output /tmp/open-appsec/ngx_module_1.24.0-1-jammy.tar.gz - nginx_curl=403
- '[' 403 '!=' 200 ']'
- echo 'Unsupported NGINX version, for supported platforms, OS and NGINX versions please see docs.openappsec.io'
Unsupported NGINX version, for supported platforms, OS and NGINX versions please see docs.openappsec.io - CURL_FAILIURE=true
Same goes for the OS:
- echo 'Downloading open-appsec agent... stored in '''/tmp/open-appsec''''
Downloading open-appsec agent... stored in '/tmp/open-appsec'
++ curl -s -w '%{http_code}' https://downloads.openappsec.io/packages/agent/aarch64/ubuntu/jammy/openappsec-jammy.tar.gz --output /tmp/open-appsec/openappsec.tar.gz - agent_packages_curl=403
- '[' 403 '!=' 200 ']'
- [[ jammy =~ ^[0-9]+([.][0-9]+)?$ ]]
++ curl -s -w '%{http_code}' https://downloads.openappsec.io/packages/agent/aarch64/ubuntu/jammy/openappsec-jammy.tar.gz --output /tmp/open-appsec/openappsec.tar.gz - agent_packages_curl=403
- '[' 403 '!=' 200 ']'
- echo 'Unsupported OS, for supported platforms, OS and NGINX versions please see docs.openappsec.io'
Unsupported OS, for supported platforms, OS and NGINX versions please see docs.openappsec.io - CURL_FAILIURE=true
- '[' true = true ']'
from openappsec.
orianelou
commented on June 1, 2024
Hi @wwolkers,
Could you please let us know which CPU architecture are you using?
Thanks,
Oriane
from openappsec.
wwolkers
commented on June 1, 2024
Hi @orianelou ,
This is a VM running on an oracle cloud instance.
Ampere A1 Compute instances (Arm processor)
ubuntu@vm-server:~$ lscpu
Architecture: aarch64
CPU op-mode(s): 32-bit, 64-bit
Byte Order: Little Endian
CPU(s): 4
On-line CPU(s) list: 0-3
Vendor ID: ARM
Model name: Neoverse-N1
Model: 1
Thread(s) per core: 1
Core(s) per cluster: 4
Socket(s): -
Cluster(s): 1
Stepping: r3p1
BogoMIPS: 50.00
Flags: fp asimd evtstrm aes pmull sha1 sha2 crc32 atomics fphp asimdhp cpuid asimdrdm lrcpc dcpop asimddp ssbs
NUMA:
NUMA node(s): 1
NUMA node0 CPU(s): 0-3
Vulnerabilities:
Itlb multihit: Not affected
L1tf: Not affected
Mds: Not affected
Meltdown: Not affected
Mmio stale data: Not affected
Retbleed: Not affected
Spec store bypass: Mitigation; Speculative Store Bypass disabled via prctl
Spectre v1: Mitigation; __user pointer sanitization
Spectre v2: Mitigation; CSV2, BHB
Srbds: Not affected
Tsx async abort: Not affected
from openappsec.
orianelou
commented on June 1, 2024
Hi,
I'm sorry to inform you that ARM isn't currently supported. You can keep tabs on our efforts to add ARM support through this open issue: #19.
Thank you for your understanding.
Best regards,
Oriane
from openappsec.
Related Issues (20)
- Creating SKIP rule exceptions for URI HOT 1
- Custom rule exemption regex not working HOT 1
- CPU load in idle state HOT 11
- Redis Sentinel Error in Learning Deployment HOT 6
- No events in open-appsec dashboard HOT 1
- How to Intercept attack requests on nginx HOT 6
- Binaries are not installed HOT 3
- open-appsec is not working after installation also HOT 1
- Minimum system requirements info
- Add node selector and tolerations to learning deployment HOT 1
- It would be awesome to have a snap version of opensec so it can be deployed on ubuntu servers easily. HOT 2
- Applying Policy error: code line 1667 [: Illegal number: in Declarative mode HOT 4
- In Declarative Mode. When adding Asset through local_policy.yaml through Specific Rule HOT 1
- Tuning Decisions don't go away HOT 3
- nginx version found - Unsupported nginx version HOT 5
- Openappsec Crowdsec Nginx proxy manager bouncer HOT 6
- Kong helm-chart template errors HOT 2
- REQ: Caddy support HOT 1
- Local policy exceptions dosen't work.. HOT 3
- OpenAppsec Best policy rule blocking requests even in detect-learn mode HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from openappsec.