From 805b596412f100062db0f519443433539a8cd0ad Mon Sep 17 00:00:00 2001 From: Steve Clement Date: Sat, 20 Jul 2019 03:00:41 +0200 Subject: [PATCH] chg: [faq] Some more additions to FAQ section --- faq/README.md | 62 +++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 62 insertions(+) diff --git a/faq/README.md b/faq/README.md index aaa1256..79b82c2 100644 --- a/faq/README.md +++ b/faq/README.md @@ -156,6 +156,68 @@ This means that the main repository has an update available. If you want to play it safer or want to integrate it in your Weekly/Bi-Monthly update routine you can track our [Changelog](https://www.misp-project.org/Changelog.txt) a more up to date version is available [here](https://misp.github.io/MISP/Changelog/) +Further on we do regular tagged releases. (Approximately once per month.) +The releases happen either if a milestone has been hit for a certain feature/improvement/fix or for any security related matters. + +Thus you have the choice of either tracking 2.4 which is on a rolling release schedule, or track the tagged releases. + +### How to switch from tagged releases and back? + +This can be achieved with the following git commands: + +```bash +$ cd /var/www/MISP # aka. $PATH_TO_MISP +$ sudo -H -u www-data git checkout tags/$(git describe --tags `git rev-list --tags --max-count=1`) + +## OS Upgrades + +In theory all should "just work"(tm), but in practice the following dependencies might make your install unstable and need a little though before just doing the updates. + +* php/pear +* python +* apache +* init scheme/scripts +* mariadb/mysql +* redis +* git + +### PHP + +This is probably the most likely one that might get you into trouble. +The following happened on a Debian Testing lately. During the upgrade php got upgraded to php-7.3 and seemingly some php-7.2 dependencies were deinstalled and the system now had 2 concurrent versions of php installed. +The fix was to remove any *libapache2-mod-php7.2* packages and make sure that *apt remove libapache2-mod-php7.3* was installed. Most certainly you need to add symbolic links to */etc/apache2/mods-enabled* to make php7.3 work. +Then double check if all the php dependencies are install, refer to the install documents. + +The same for pear, where we mostly use 2 (bundled) packages: Console Command Line, Crypt GPG. +If you upgrade from a very old and out of date version of MISP this might raise issues. + +php.ini might also become problematic if you just erase the recommended defaults. + +### Python3 + +If you use python2 for MISP, please read the install docs about MISP being Python 3 only. +Currently Python3.6 is minimum. It is known working on 3.7 with some minor difficulties (see PyMISP issues). +The biggest issue is certainly with PyMISP doig unexpected things when python might be updated. +Using a virtualenv, whilst not always ideal for all setups, will at least make sure that problems are contained a little more. + +### Apache + +Mostly config issues might be a show stopper. And major version updates where some underlying config might need to be changed. + +### init/systemd + +MISP launches a couple of things on boot. Changing what handles boot behavious might have an impact. + +### MariaDB/MySQL/redis + +Similar to apache, most importantly always take good care that the DB engine is not all of a sudden changed without you noticing it. +From minor to major updates, rarely things might need to be adapted. + +### git + +Currently (as of v2.4.108) the git-cli command is used in MISP core. In very rare cases where the expected output changes, this might be an issue. +Included here more as an FYI then anything else. + ## Hardening ### How do I harden my MISP instance?