Skip to content

Files

Latest commit

doomedravendoomedraven
Update cape-rooter.service
Dec 20, 2024
012ab7a · Dec 20, 2024

History

History

systemd

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
README.md
README.md
Apr 27, 2023
cape-dist.service
cape-dist.service
Nov 23, 2024
cape-fstab.service
cape-fstab.service
Nov 23, 2024
cape-processor.service
cape-processor.service
Nov 23, 2024
cape-rooter.service
cape-rooter.service
Dec 20, 2024
cape-web.service
cape-web.service
Nov 23, 2024
cape.service
cape.service
Nov 23, 2024
guac-web.service
guac-web.service
Nov 23, 2024
guacd.service
guacd.service
Jun 1, 2023
suricata-update.service
suricata-update.service
Aug 22, 2020
suricata-update.timer
suricata-update.timer
Oct 30, 2019
suricata.service
suricata.service
Aug 30, 2023

README.md

systemd service units

These files help run all the various parts of CAPE as systemd services, so that they start in the proper order, and will restart in the event of a crash.

  • cape-rooter.service - Runs rooter.py
  • cape-processor.service - Runs process.py
  • cape.service - Runs cuckoo.py
  • cape-web.service - Runs the Cuckoo web interface as a WSGI application using UWSGI/Gunicorn bound to 127.0.0.1:8000

Setup

  1. You need to edit the default values in systemd to not get too many open files

    sudo sed -i "s/#DefaultLimitNOFILE=/DefaultLimitNOFILE=1048576/g" /etc/systemd/user.conf
sudo sed -i "s/#DefaultLimitNOFILE=/DefaultLimitNOFILE=1048576/g" /etc/systemd/system.conf

  • to verify changes

    #replace cape-processor with another systemd daemon after install them all
systemctl show cape-processor | grep LimitNOFILE

  1. (optional) Install virtualenv

    sudo apt-get install -y python3-virtualenv

  2. Place CAPEv2 in /opt/CAPEv2

  3. Ensure the CAPEv2 directory is owned by the cape user

    sudo chown cape:cape -R /opt/CAPEv2

  4. Switch to the cape user

    sudo su cape

  5. (optional) Create a virtualenv at /opt/CAPEv2/venv

    virtualenv /opt/CAPEv2/venv

  6. Edit configuration files in /opt/CAPEv2/conf as needed

  7. Return to your user

    exit

  8. Install the systemd service unit configuration files(you need modify ExecStart= if you using virtualenv, just comment current one and uncomment another one)

    sudo cp /opt/CAPE/systemd/*.service /etc/systemd/system
sudo cp /opt/CAPE/systemd/*.timer /etc/systemd/system
sudo sudo systemctl daemon-reload
sudo systemctl enable suricata-update.service
sudo systemctl enable suricata-update.timer
sudo systemctl enable cape-rooter.service
sudo systemctl enable cape-processor.service
sudo systemctl enable cape.service
sudo systemctl enable cape-web.service

  9. Start the services for the first time

    sudo systemctl start suricata-update.service
sudo systemctl start cape-rooter.service
sudo systemctl start cape-processor.service
sudo systemctl start cape.service
sudo systemctl start cape-web.service

Troubleshooting

To view the status and console output of a service:

sudo systemctl status cape

To view the full output of a service (including crashed services):

journalctl -u cape-web.service -r

Note: The journalctl -r switch displays the log lines in reverse order, with the newest lines on top.