Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Ignore healthchecks on exploit files #215

Merged

Conversation

adfoster-r7
Copy link
Contributor

Fix the failing omnibus build:

12:00:01 [Project: metasploit-framework] I | 2024-10-07T11:00:01+00:00 | Building version manifest
12:00:02             [HealthCheck] I | 2024-10-07T11:00:02+00:00 | Running health on metasploit-framework
12:01:17             [HealthCheck] E | 2024-10-07T11:01:17+00:00 | Failed!
12:01:17             [HealthCheck] E | 2024-10-07T11:01:17+00:00 | The following libraries have unsafe or unmet dependencies:
12:01:17 
12:01:17             [HealthCheck] E | 2024-10-07T11:01:17+00:00 | The following binaries have unsafe or unmet dependencies:
12:01:17     --> /opt/metasploit-framework/embedded/framework/data/exploits/CVE-2023-0386/cve_2023_0386.x64.elf
12:01:17 
12:01:17             [HealthCheck] E | 2024-10-07T11:01:17+00:00 | The following requirements could not be resolved:
12:01:17     --> libfuse.so.2
12:01:17 
12:01:17             [HealthCheck] E | 2024-10-07T11:01:17+00:00 | The precise failures were:
12:01:17     --> /opt/metasploit-framework/embedded/framework/data/exploits/CVE-2023-0386/cve_2023_0386.x64.elf
12:01:17     DEPENDS ON: libfuse.so.2
12:01:17       COUNT: 1
12:01:17       PROVIDED BY: not found
12:01:17       FAILED BECAUSE: Unresolved dependency
12:01:17 
12:01:17             [HealthCheck] I | 2024-10-07T11:01:17+00:00 | Health check time: 75.2951s
12:01:17 �[31mThe health check failed! Please see above for important information.
12:01:17 �[0m
12:01:17 �[31m

@adfoster-r7 adfoster-r7 force-pushed the ignore-healthchecks-on-exploit-files branch 2 times, most recently from 77c2dbe to a118df4 Compare October 7, 2024 15:25
@adfoster-r7 adfoster-r7 force-pushed the ignore-healthchecks-on-exploit-files branch from a118df4 to b21118a Compare October 7, 2024 15:44
@@ -40,6 +40,7 @@ def has_windows_metasploit_framework_repo?

# This depends on libfuse
whitelist_file "#{install_dir}/embedded/framework/data/exploits/CVE-2016-4557/hello"
whitelist_file "#{install_dir}/embedded/framework/data/exploits/CVE-2023-0386/cve_2023_0386.x64.elf"
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This should be covered by the above line:

whitelist_file "#{install_dir}//embedded/framework/data/exploits/.*"

Which should be a regex match:

https://github.com/rapid7/omnibus/blob/c6dc312d985e85fb35b8e9f8e49b607abd91665c/lib/omnibus/software.rb#L581

Which is used with match in the health checks:

https://github.com/rapid7/omnibus/blame/r7_9.0.23_custom/lib/omnibus/health_check.rb#L586-L592

But for some reason it's not covered correctly; will land to unblock the deploys working - and if there's time in the future can debug further

@adfoster-r7 adfoster-r7 merged commit c1b915d into rapid7:master Oct 7, 2024
8 of 9 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants