宜信 CESRC 洞察 (insight) 系统搭建指南

https://github.com/creditease-sec/insight/blob/open-source/docs/centos_install.md

https://github.com/OWASP/django-DefectDojo

初始条件

官方文档 只给出了使用 Docker 部署洞察系统的方法，这里提供一个 不使用 Docker 全手工 部署的方案。

建议使用 Linux 部署， 在 Windows 环境折腾 LDAP 似乎挺麻烦的。
本文的测试环境为：

• Ubuntu 18.04 LTS
• Python 2.7.15

另外原先就安装配好好了 MySQL 5.7.22.

apt 依赖安装

可能会有一些冗余，安装了一些不必要的包。

sudo apt-get install build-essential autoconf libtool pkg-config python-opengl python-pyrex python-pyside.qtopengl idle-python2.7 qt4-dev-tools qt4-designer libqtgui4 libqtcore4 libqt4-xml libqt4-test libqt4-script libqt4-network libqt4-dbus python-qt4 python-qt4-gl libgle3 python-dev
sudo apt-get install libsasl2-dev python-dev libldap2-dev libssl-dev

python 依赖安装

pip install -r srcpm/requirement.txt

MySQL schema 配置 与 数据初始化

schema 配置

mysql> CREATE DATABASE IF NOT EXISTS vuldb DEFAULT CHARSET utf8 COLLATE utf8_general_ci;
mysql> grant all on vuldb.* to vuluser@'%' identified by 'vulpassword';
mysql> flush privileges;
mysql> quit

数据初始化

mysql -h127.0.0.1 -uroot -p vuldb < vuldb_init.sql

环境变量配置

编辑一个文件 set_env.sh ，之后可以用如下语法执行 . ./set_env.sh 。

export SECRET_KEY="hard to guess string 20180521";
export DEV_DATABASE_URL="mysql://username:p4ssword@ip:port/database_name"
export MAIL_USERNAME="blkstone@sina.com"
export MAIL_PASSWORD="password"

根据文档修改部分配置文件

https://github.com/creditease-sec/insight/blob/open-source/docs/install.md

运行

. ./set_enc.sh
python manage.py runserver
python manage.py runserver -h 0.0.0.0 -p 5000

搭建过程中遇到的一些问题 (可略过)

pip 问题

问题描述

pip broken after upgrading to pip 10.

python -m pip install --upgrade pip

Traceback (most recent call last):
  File "/usr/bin/pip", line 9, in <module>
    from pip import main
ImportError: cannot import name main

修复

历史 release 查看
https://pypi.org/project/pip/#history

回滚 pip

pip install pip==9.0.3

MySQL 问题

问题描述

Collecting MySQL-python (from Flask-Mysql==1.3->-r srcpm/requirement.txt (line 8))
  Downloading https://files.pythonhosted.org/packages/a5/e9/51b544da85a36a68debe7a7091f068d802fc515a3a202652828c73453cad/MySQL-python-1.2.5.zip (108kB)
    100% |████████████████████████████████| 112kB 8.6MB/s 
    Complete output from command python setup.py egg_info:
    sh: 1: mysql_config: not found
    Traceback (most recent call last):
      File "<string>", line 1, in <module>
      File "/tmp/pip-build-ZHryS4/MySQL-python/setup.py", line 17, in <module>
        metadata, options = get_config()
      File "setup_posix.py", line 43, in get_config
        libs = mysql_config("libs_r")
      File "setup_posix.py", line 25, in mysql_config
        raise EnvironmentError("%s not found" % (mysql_config.path,))
    EnvironmentError: mysql_config not found

    ----------------------------------------
Command "python setup.py egg_info" failed with error code 1 in /tmp/pip-build-ZHryS4/MySQL-python/

解决

https://stackoverflow.com/questions/5178292/pip-install-mysql-python-fails-with-environmenterror-mysql-config-not-found

sudo apt-get install libmysqlclient-dev

编译问题

问题描述

running build_ext
building '_mysql' extension
creating build/temp.linux-x86_64-2.7
x86_64-linux-gnu-gcc -pthread -DNDEBUG -g -fwrapv -O2 -Wall -Wstrict-prototypes -fno-strict-aliasing -Wdate-time -D_FORTIFY_SOURCE=2 -g -fdebug-prefix-map=/build/python2.7-nbjU53/python2.7-2.7.15~rc1=. -fstack-protector-strong -Wformat -Werror=format-security -fPIC -Dversion_info=(1,2,5,'final',1) -D__version__=1.2.5 -I/usr/include/mysql -I/usr/include/python2.7 -c _mysql.c -o build/temp.linux-x86_64-2.7/_mysql.o
unable to execute 'x86_64-linux-gnu-gcc': No such file or directory
error: command 'x86_64-linux-gnu-gcc' failed with exit status 1

    ----------------------------------------
Command "/usr/bin/python -u -c "import setuptools, tokenize;__file__='/tmp/pip-build-xex2hU/MySQL-python/setup.py';f=getattr(tokenize, 'open', open)(__file__);code=f.read().replace('\r\n', '\n');f.close();exec(compile(code, __file__, 'exec'))" install --record /tmp/pip-K10uwG-record/install-record.txt --single-version-externally-managed --compile" failed with error code 1 in /tmp/pip-build-xex2hU/MySQL-python/

解决

https://stackoverflow.com/questions/22571848/debugging-the-error-gcc-error-x86-64-linux-gnu-gcc-no-such-file-or-directory

python-imaging

sudo apt-get install build-essential autoconf libtool pkg-config python-opengl python-pyrex python-pyside.qtopengl idle-python2.7 qt4-dev-tools qt4-designer libqtgui4 libqtcore4 libqt4-xml libqt4-test libqt4-script libqt4-network libqt4-dbus python-qt4 python-qt4-gl libgle3 python-dev

问题2描述

In file included from Modules/LDAPObject.c:9:0:
Modules/errors.h:8:10: fatal error: lber.h: No such file or directory
    #include "lber.h"
            ^~~~~~~~
compilation terminated.
error: command 'x86_64-linux-gnu-gcc' failed with exit status 1

    ----------------------------------------
Command "/usr/bin/python -u -c "import setuptools, tokenize;__file__='/tmp/pip-build-4OBBs1/python-ldap/setup.py';f=getattr(tokenize, 'open', open)(__file__);code=f.read().replace('\r\n', '\n');f.close();exec(compile(code, __file__, 'exec'))" install --record /tmp/pip-fqLZo8-record/install-record.txt --single-version-externally-managed --compile" failed with error code 1 in /tmp/pip-build-4OBBs1/python-ldap/

解决

sudo apt-get install libsasl2-dev python-dev libldap2-dev libssl-dev

• #企业安全
• #安全体系建设