Describe the bug
We have found that Caldera could not save or remove operations after restart. But when caldera is run from terminal and stopped with ctrl+c operations are saved as they were created or removed.
In our case all other data were saved normally (facts, adversaries, ...). Only operation were having this problem.
To Reproduce
Steps to reproduce the behavior:
- Start Caldera as service or at background using
python3.11 server.py & or as a service systemctl start caldera.service (nohup and & disown do not work too)
- Create operation and run it (or delete existing one)
- Restart Caldera (systemctl restart or systemctl stop -> start)
- After logon no changes were made in operations or files (only .json log file was created in
event_logs directory)
Expected behavior
After restarting Caldera should show previously ran operations or not show previously removed operations.
Screenshots
-
Freshly started Caldera with no operations as service (systemctl)
Freshly started caldera with no operations
-
Created a operation
Created a operation
-
Restarted Caldera as service (systemctl restart)
After restart no operation shown
-
Event logs directory have saved all logs from operations
Log files in event_logs directory shown
Desktop:
- Rocky Linux 8.9 Green Obsidian (minimal)
- Ubuntu 20.04 Build "5.15.0-116-generic"
- Kali linux WSL Build "5.15.153.1-microsoft-standard-WSL2"
Browsers:
- Brave (v1.67.134)
- MS Edge (v126.0.2592.102)
- Mozilla Firefox (v128.0)
All dependencies on docs were installed on every machine (in python3.11 venv virtual enviroment).
Systemd .service script
[Unit]
Description=Caldera Service
After=network.target
[Service]
Type=simple
User=caldera
KillSignal=SIGINT #workaround (works with this parameter)
WorkingDirectory=/path-to-caldera/caldera
ExecStart=/path-to-caldera/caldera/venv/bin/python3.11 /path-to-caldera/caldera/server.py
[Install]
WantedBy=multi-user.target
Additional context
Found workaround for this with systemd .service file parameter KillSignal=SIGINT. Propably Caldera can't handle well sigterm or sigkill signal from systemctl command (systemctl stop) and works only for sigint signal from ctrl+c.
I found this same problem on docker as well but did not test it much so it is not included here.
Describe the bug
We have found that Caldera could not save or remove operations after restart. But when caldera is run from terminal and stopped with
ctrl+coperations are saved as they were created or removed.In our case all other data were saved normally (facts, adversaries, ...). Only operation were having this problem.
To Reproduce
Steps to reproduce the behavior:
python3.11 server.py &or as a servicesystemctl start caldera.service(nohupand& disowndo not work too)event_logsdirectory)Expected behavior
After restarting Caldera should show previously ran operations or not show previously removed operations.
Screenshots
Freshly started Caldera with no operations as service (systemctl)
Freshly started caldera with no operations
Created a operation
Created a operation
Restarted Caldera as service (systemctl restart)
After restart no operation shown
Event logs directory have saved all logs from operations
Log files in event_logs directory shown
Desktop:
Browsers:
Systemd .service script
[Unit] Description=Caldera Service After=network.target [Service] Type=simple User=caldera KillSignal=SIGINT #workaround (works with this parameter) WorkingDirectory=/path-to-caldera/caldera ExecStart=/path-to-caldera/caldera/venv/bin/python3.11 /path-to-caldera/caldera/server.py [Install] WantedBy=multi-user.targetAdditional context
Found workaround for this with systemd .service file parameter
KillSignal=SIGINT. Propably Caldera can't handle wellsigtermorsigkillsignal from systemctl command (systemctl stop) and works only forsigintsignal fromctrl+c.I found this same problem on docker as well but did not test it much so it is not included here.