Maintenance
Please note that this version of file manager enhances the overall google cloud storage capabilities. The exact procedure is provided in the following document. Please ignore when the file manager is already running this version out of the box without any upgrades. In that case the changes are already present.
- Security vulnerabilities in the Apache Log4j 2 version 2.15 (or below) are described in CVE-2021-44228 and CVE-2021-45046
- These vulnerabilities have been mitigated by adding -Dlog4j2.formatMsgNoLookups=true to the JVM args of every file manager container.
- From now onwards (Dec 23, 2021), every new installation will be using the latest containers. In case If you're using the previous version then update the application using the procedure provided below in the 'Application Updates'
The applications update is manual. You will need to SSH into the VM and run following commands in sequence. Once updated, you will have to clear browser cache so that new contents can be shown (Follow this link to reload application in the browser - https://fabricdigital.co.nz/blog/how-to-hard-refresh-your-browser-and-clear-cache)
sudo su
gcloud auth --quiet configure-docker
cd /opt/trillo
./update.py
- 1.On the VM, edit the following file (/etc/ssh/sshd_config) and change a line "ChrootDirectory %h" to "ChrootDirectory %h/gcs" (see below). finally, save and exit.
nano /etc/ssh/sshd_config
...
...
ChrootDirectory %h/gcs
...
...
2. Restart the ssh server using the command
/etc/init.d/ssh restart
- ssh into the VM.
- Create a new shell script “setup-sftp-viewer.sh”
- Copy the value of BUCKET_NAME from above and add to the script at the end of line#3 (below).
- Make it executable and run as sudo e.g., sudo ./setup-sftp-viewer.sh
- Save the output of the script for troubleshooting (if needed).
# !/usr/bin/env bash
set -x
BUCKET_NAME=
# create read-only folder
mkdir /gcs-r
# add a line to fstab
groupId=$(cut -d: -f3 < <(getent group sftpusers))
tee -a /etc/fstab << END
${BUCKET_NAME} /gcs-r gcsfuse ro,allow_other,uid=65534,gid=${groupId},implicit_dirs
END
cat /etc/fstab
# mount -a
mount -a
# copy latest script to the /gcs/system folder
TRILLO_GA_SCRIPTS="gs://trillo-public/fm/ga/scripts/*"
gsutil -m cp -r ${TRILLO_GA_SCRIPTS} gs://${BUCKET_NAME}/system
On old versions, the following line may be missing from /opt/trillo/docker-compose.yml
sudo su
cd /opt/trillo
nano docker-compose.yml

If missing then create this line and paste the value as shown below. Once done, save the file.

Once changes are saved then restart the application with the following command
cd /opt/trillo
./dcr
Last modified 5mo ago