# Maintenance

## CVE-2024-6387: Advisory Notice

Kindly take action to migitate this vulnerability. Please following this link to take further actions. <https://ubuntu.com/security/CVE-2024-6387>&#x20;

## Application Updates

The applications update is manual. You will need to SSH into the VM and run following commands in sequence. Once updated, you will have to clear browser cache so that new contents can be shown (Follow this link to reload application in the browser - <https://fabricdigital.co.nz/blog/how-to-hard-refresh-your-browser-and-clear-cache>)

```
sudo su
gcloud auth --quiet configure-docker
cd /opt/trillo
./update.py​
```

## Update SSH Config (if coming from old version)

#### The following steps are needed to be done only once (if missing)

1. On the VM, edit the following file (/etc/ssh/sshd\_config) and change a line "ChrootDirectory %h" to "ChrootDirectory %h/gcs" (see below). finally, save and exit.

nano /etc/ssh/sshd\_config

```
...
...
   ChrootDirectory %h/gcs
...
...
```

&#x20; 2\. Restart the ssh server using the command

/etc/init.d/ssh restart

## Upgrade SFTP server for read-only users

* ssh into the VM.
* Create a new shell script “setup-sftp-viewer.sh”
* Copy the value of BUCKET\_NAME from above and add to the script at the end of line#3 (below).
* Make it executable and run as sudo e.g., sudo ./setup-sftp-viewer.sh
* Save the output of the script for troubleshooting (if needed).

```
# !/usr/bin/env bash
set -x
BUCKET_NAME=

# create read-only folder
mkdir /gcs-r

# add a line to fstab
groupId=$(cut -d: -f3 < <(getent group sftpusers))

tee -a /etc/fstab << END
${BUCKET_NAME} /gcs-r gcsfuse ro,allow_other,uid=65534,gid=${groupId},implicit_dirs
END

cat /etc/fstab

# mount -a
mount -a

# copy latest script to the /gcs/system folder
TRILLO_GA_SCRIPTS="gs://trillo-public/fm/ga/scripts/*"
gsutil -m cp -r ${TRILLO_GA_SCRIPTS} gs://${BUCKET_NAME}/system
```

## Update docker-compose.yaml (if coming from the old version)

On old versions, the following line may be missing from /opt/trillo/docker-compose.yml

```
sudo su
cd /opt/trillo
nano docker-compose.yml
```

![](/files/-MWh5QcaQb9I7n5agBjk)

If missing then create this line and paste the value as shown below. Once done, save the file.

![](/files/-MWh5bObTCdI27w5nEqn)

Once changes are saved then restart the application with the following command

```
cd /opt/trillo
./dcr
```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://trillo.gitbook.io/trillo-file-manager/maintenance.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.