Minemeld installation errors on ubuntu 16.04

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Minemeld installation errors on ubuntu 16.04

L1 Bithead

Hi,

 

I'm trying to setup a new installation of Minemeld using the cloud installer and am seeing the following errors. it appears the Minemeld install never completes. I'm not well versed in ubuntu so any help is appreciated.

 

The following packages will be upgraded:
libestr0 rsyslog
2 upgraded, 87 newly installed, 0 to remove and 4 not upgraded.
Need to get 35.5 MB of archives.
After this operation, 95.5 MB of additional disk space will be used.
WARNING: The following packages cannot be authenticated!
minemeld libestr0 libfastjson libgt0 liblogging-stdlog1 rsyslog
rsyslog-minemeld liblognorm1 rsyslog-mmnormalize
E: There are problems and -y was used without --force-yes
2018-08-20 18:01:18,603 - util.py[WARNING]: Failed to install packages: ['minemeld', 'rsyslog-minemeld', 'rsyslog-mmnormalize', 'unattended-upgrades', 'iptables-persistent']
2018-08-20 18:01:18,604 - cc_package_update_upgrade_install.py[WARNING]: 2 failed with exceptions, re-raising the last one
2018-08-20 18:01:18,604 - util.py[WARNING]: Running package-update-upgrade-install (<module 'cloudinit.config.cc_package_update_upgrade_install' from '/usr/lib/python2.7/dist-packages/cloudinit/config/cc_package_update_upgrade_install.pyc'>) failed
Cloud-init v. 0.7.5 running 'modules:final' at Mon, 20 Aug 2018 18:01:18 +0000. Up 13.36 seconds.
cp: cannot create regular file '/etc/iptables/rules.v4': No such file or directory
/var/lib/cloud/instance/scripts/runcmd: 4: /var/lib/cloud/instance/scripts/runcmd: cannot open /etc/iptables/rules.v4: No such file
procps stop/waiting

 

The message Initializing minemeld. It could take some minutes.........appears on screen and the services never start.

19 REPLIES 19

Hi @fwmike,

 

the document https://live.paloaltonetworks.com/t5/MineMeld-Articles/Running-MineMeld-on-VMWare-desktop/ta-p/72038 has just been updated with links to fresh images.

 

 

Thanks. Is there a way to fix the apt-get update GPG signature error without rebuilding my instance?

I followed this document "https://live.paloaltonetworks.com/t5/MineMeld-Articles/Manually-install-MineMeld-on-Ubuntu-Server-14..."

My issue is this:

 

$ sudo add-apt-repository "deb http://minemeld-updates.panw.io/ubuntu trusty-minemeld main"
$ sudo apt-get update && sudo apt-get install -y minemeld rsyslog-minemeld rsyslog-mmnormalize
Hit http://www.rabbitmq.com testing InRelease
Hit http://minemeld-updates.panw.io trusty-minemeld InRelease
Hit http://www.rabbitmq.com testing/main amd64 Packages
Hit http://www.rabbitmq.com testing/main i386 Packages
Hit http://security.ubuntu.com trusty-security InRelease
Hit http://minemeld-updates.panw.io trusty-minemeld/main amd64 Packages
Hit http://minemeld-updates.panw.io trusty-minemeld/main i386 Packages
Hit http://security.ubuntu.com trusty-security/main Sources
Hit http://security.ubuntu.com trusty-security/restricted Sources
Ign http://ca.archive.ubuntu.com trusty InRelease
Hit http://security.ubuntu.com trusty-security/universe Sources
Ign http://www.rabbitmq.com testing/main Translation-en_CA
Ign http://www.rabbitmq.com testing/main Translation-en
Hit http://security.ubuntu.com trusty-security/multiverse Sources
Hit http://ca.archive.ubuntu.com trusty-updates InRelease
Hit http://security.ubuntu.com trusty-security/main amd64 Packages
Ign http://minemeld-updates.panw.io trusty-minemeld/main Translation-en_CA
Ign http://minemeld-updates.panw.io trusty-minemeld/main Translation-en
Hit http://security.ubuntu.com trusty-security/restricted amd64 Packages
Hit http://ca.archive.ubuntu.com trusty-backports InRelease
Hit http://security.ubuntu.com trusty-security/universe amd64 Packages
Hit http://security.ubuntu.com trusty-security/multiverse amd64 Packages
Hit http://ca.archive.ubuntu.com trusty Release.gpg
Hit http://security.ubuntu.com trusty-security/main i386 Packages
Hit http://security.ubuntu.com trusty-security/restricted i386 Packages
Hit http://ca.archive.ubuntu.com trusty-updates/main Sources
Hit http://security.ubuntu.com trusty-security/universe i386 Packages
Hit http://security.ubuntu.com trusty-security/multiverse i386 Packages
Hit http://ca.archive.ubuntu.com trusty-updates/restricted Sources
Hit http://security.ubuntu.com trusty-security/main Translation-en
Hit http://security.ubuntu.com trusty-security/multiverse Translation-en
Hit http://ca.archive.ubuntu.com trusty-updates/universe Sources
Hit http://security.ubuntu.com trusty-security/restricted Translation-en
Hit http://ca.archive.ubuntu.com trusty-updates/multiverse Sources
Hit http://security.ubuntu.com trusty-security/universe Translation-en
Hit http://ca.archive.ubuntu.com trusty-updates/main amd64 Packages
Hit http://ca.archive.ubuntu.com trusty-updates/restricted amd64 Packages
Hit http://ca.archive.ubuntu.com trusty-updates/universe amd64 Packages
Hit http://ca.archive.ubuntu.com trusty-updates/multiverse amd64 Packages
Hit http://ca.archive.ubuntu.com trusty-updates/main i386 Packages
Hit http://ca.archive.ubuntu.com trusty-updates/restricted i386 Packages
Hit http://ca.archive.ubuntu.com trusty-updates/universe i386 Packages
Hit http://ca.archive.ubuntu.com trusty-updates/multiverse i386 Packages
Hit http://ca.archive.ubuntu.com trusty-updates/main Translation-en
Hit http://ca.archive.ubuntu.com trusty-updates/multiverse Translation-en
Hit http://ca.archive.ubuntu.com trusty-updates/restricted Translation-en
Hit http://ca.archive.ubuntu.com trusty-updates/universe Translation-en
Hit http://ca.archive.ubuntu.com trusty-backports/main Sources
Hit http://ca.archive.ubuntu.com trusty-backports/restricted Sources
Hit http://ca.archive.ubuntu.com trusty-backports/universe Sources
Hit http://ca.archive.ubuntu.com trusty-backports/multiverse Sources
Hit http://ca.archive.ubuntu.com trusty-backports/main amd64 Packages
Hit http://ca.archive.ubuntu.com trusty-backports/restricted amd64 Packages
Hit http://ca.archive.ubuntu.com trusty-backports/universe amd64 Packages
Hit http://ca.archive.ubuntu.com trusty-backports/multiverse amd64 Packages
Hit http://ca.archive.ubuntu.com trusty-backports/main i386 Packages
Hit http://ca.archive.ubuntu.com trusty-backports/restricted i386 Packages
Hit http://ca.archive.ubuntu.com trusty-backports/universe i386 Packages
Hit http://ca.archive.ubuntu.com trusty-backports/multiverse i386 Packages
Hit http://ca.archive.ubuntu.com trusty-backports/main Translation-en
Hit http://ca.archive.ubuntu.com trusty-backports/multiverse Translation-en
Hit http://ca.archive.ubuntu.com trusty-backports/restricted Translation-en
Hit http://ca.archive.ubuntu.com trusty-backports/universe Translation-en
Hit http://ca.archive.ubuntu.com trusty Release
Hit http://ca.archive.ubuntu.com trusty/main Sources
Hit http://ca.archive.ubuntu.com trusty/restricted Sources
Hit http://ca.archive.ubuntu.com trusty/universe Sources
Hit http://ca.archive.ubuntu.com trusty/multiverse Sources
Hit http://ca.archive.ubuntu.com trusty/main amd64 Packages
Hit http://ca.archive.ubuntu.com trusty/restricted amd64 Packages
Hit http://ca.archive.ubuntu.com trusty/universe amd64 Packages
Hit http://ca.archive.ubuntu.com trusty/multiverse amd64 Packages
Hit http://ca.archive.ubuntu.com trusty/main i386 Packages
Hit http://ca.archive.ubuntu.com trusty/restricted i386 Packages
Hit http://ca.archive.ubuntu.com trusty/universe i386 Packages
Hit http://ca.archive.ubuntu.com trusty/multiverse i386 Packages
Hit http://ca.archive.ubuntu.com trusty/main Translation-en_CA
Hit http://ca.archive.ubuntu.com trusty/main Translation-en
Hit http://ca.archive.ubuntu.com trusty/multiverse Translation-en
Hit http://ca.archive.ubuntu.com trusty/restricted Translation-en
Hit http://ca.archive.ubuntu.com trusty/universe Translation-en_CA
Hit http://ca.archive.ubuntu.com trusty/universe Translation-en
Ign http://ca.archive.ubuntu.com trusty/multiverse Translation-en_CA
Ign http://ca.archive.ubuntu.com trusty/restricted Translation-en_CA
Reading package lists... Done
Reading package lists... Done
Building dependency tree
Reading state information... Done
rsyslog-minemeld is already the newest version.
rsyslog-mmnormalize is already the newest version.
The following extra packages will be installed:
  libc-ares2 libleveldb1 libsnappy1 p7zip-full rabbitmq-server socat
Suggested packages:
  p7zip-rar
The following NEW packages will be installed:
  libc-ares2 libleveldb1 libsnappy1 minemeld p7zip-full rabbitmq-server socat
0 upgraded, 7 newly installed, 0 to remove and 0 not upgraded.
Need to get 0 B/6,420 kB of archives.
After this operation, 11.3 MB of additional disk space will be used.
Selecting previously unselected package libsnappy1.
(Reading database ... 73745 files and directories currently installed.)
Preparing to unpack .../libsnappy1_1.1.0-1ubuntu1_amd64.deb ...
Unpacking libsnappy1 (1.1.0-1ubuntu1) ...
Selecting previously unselected package libleveldb1:amd64.
Preparing to unpack .../libleveldb1_1.15.0-2_amd64.deb ...
Unpacking libleveldb1:amd64 (1.15.0-2) ...
Selecting previously unselected package socat.
Preparing to unpack .../socat_1.7.2.3-1_amd64.deb ...
Unpacking socat (1.7.2.3-1) ...
Selecting previously unselected package rabbitmq-server.
Preparing to unpack .../rabbitmq-server_3.6.15-1_all.deb ...
Unpacking rabbitmq-server (3.6.15-1) ...
Selecting previously unselected package libc-ares2:amd64.
Preparing to unpack .../libc-ares2_1.10.0-2ubuntu0.2_amd64.deb ...
Unpacking libc-ares2:amd64 (1.10.0-2ubuntu0.2) ...
Selecting previously unselected package p7zip-full.
Preparing to unpack .../p7zip-full_9.20.1~dfsg.1-4+deb7u3build0.14.04.1_amd64.deb ...
Unpacking p7zip-full (9.20.1~dfsg.1-4+deb7u3build0.14.04.1) ...
Selecting previously unselected package minemeld.
Preparing to unpack .../minemeld_0.9.11-3build1_amd64.deb ...
Unpacking minemeld (0.9.11-3build1) ...
Processing triggers for man-db (2.6.7.1-1ubuntu1) ...
Processing triggers for ureadahead (0.100.0-16) ...
Setting up libsnappy1 (1.1.0-1ubuntu1) ...
Setting up libleveldb1:amd64 (1.15.0-2) ...
Setting up socat (1.7.2.3-1) ...
Setting up rabbitmq-server (3.6.15-1) ...
 * Starting message broker rabbitmq-server                                                                                                   * FAILED - check /var/log/rabbitmq/startup_\{log, _err\}
                                                                                                                                     [fail]
invoke-rc.d: initscript rabbitmq-server, action "start" failed.
dpkg: error processing package rabbitmq-server (--configure):
 subprocess installed post-installation script returned error exit status 1
Setting up libc-ares2:amd64 (1.10.0-2ubuntu0.2) ...
Setting up p7zip-full (9.20.1~dfsg.1-4+deb7u3build0.14.04.1) ...
dpkg: dependency problems prevent configuration of minemeld:
 minemeld depends on rabbitmq-server; however:
  Package rabbitmq-server is not configured yet.

dpkg: error processing package minemeld (--configure):
 dependency problems - leaving unconfigured
No apport report written because the error message indicates its a followup error from a previous failure.
                                                                                                          Processing triggers for libc-bin (2.19-0ubuntu6.14) ...
Processing triggers for ureadahead (0.100.0-16) ...
Errors were encountered while processing:
 rabbitmq-server
 minemeld
E: Sub-process /usr/bin/dpkg returned an error code (1)

 

 

I used "apt-get remove -purge rabbitmq-server", "apt-get remove -purge rabbitmq-server" and "apt-get autoremove" to wipe everything before I re-install.

And I also run "apt-get update", "apt-get upgrade"

My OS:

cat /etc/os-release
NAME="Ubuntu"
VERSION="14.04.5 LTS, Trusty Tahr"
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME="Ubuntu 14.04.5 LTS"
VERSION_ID="14.04"
HOME_URL="http://www.ubuntu.com/"
SUPPORT_URL="http://help.ubuntu.com/"
BUG_REPORT_URL="http://bugs.launchpad.net/ubuntu/"

 

Python: 2.7.14

 

Thanks!

I have another Server installed the minemeld and running very well. Can I tar the /opt/minemeld/ whole folde and cp it to this server? That two servers were from the same OS image. 

Hi @HAO.BAN,

this mechanism works only for Ubuntu 14.04 as binaries for 16.04 are not provided yet.

You should check this for installing on 16.04:

https://github.com/PaloAltoNetworks/minemeld-ansible

  • 13450 Views
  • 19 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!