• Really in need of help...

    From BadAssBradders to all on Sunday, December 04, 2022 14:28:13
    Hi guys,
    I cannot for the life of me figure out why I am getting a Python version mismatch error on my scripts within my BBS, as well as not being able to run imported modules. I have Python 2.7 and 3.5 both installed. The imported modules work just fine on the Raspberry Pi from the respective python shells, ie no errors. Yet when I add them into my scripts I get the error...

    "import error: no module named tweepy" etc...

    I am guessing that the two problems are connected(?), this is the mismatch error...

    "sys:1: RuntimeWarning: Python C API version mismatch for module mystic_{error: The Python has API version 1013, module mystic_error has version 1993212917."

    The error then repeats again.

    The strange thing is that if I run the script without the installed modules set at the beginning, I get the same error for the mismatch but the script still runs in the Mystic BBS.

    What on earth am I missing?

    Any help would be greatly appreciated, thanks!!

    @BadAddBradders
  • From esc@21:4/173 to BadAssBradders on Sunday, December 04, 2022 15:14:44
    I cannot for the life of me figure out why I am getting a Python version mismatch error on my scripts within my BBS, as well as not being able to run imported modules. I have Python 2.7 and 3.5 both installed. The imported modules work just fine on the Raspberry Pi from the respective python shells, ie no errors. Yet when I add them into my scripts I get
    the error...

    Hey there. So, there are a couple of nuances with Mystic and python.

    First, I'd frankly just flat out forget about python3 for now. The implementation is a bit unfinished and furthermore, running python2 and python3 scripts in one connection will cause your BBS to crash. So just stick with python2.

    Now, there are docs on the wiki about building python2 manually to support having imported modules work correctly. I didn't actually need to do this myself but your mileage may vary. Check out the end of the Mystic python wiki page for build instructions:

    http://wiki.mysticbbs.com/doku.php?id=python_install

    The final thing I'd check out is this - are you running mystic with 'sudo'? If so, mystic is looking in /root/ for python modules and not looking in your user home for modules. I'd avoid using sudo at all because it will potentially cause other problems, and there are other ways to launch mystic as a regular user and get access to the <1024 ports.

    --- Mystic BBS v1.12 A48 2022/07/11 (Linux/64)
    * Origin: m O N T E R E Y b B S . c O M (21:4/173)
  • From BadAssBradders to esc on Monday, December 05, 2022 04:47:27

    Yep, I have followed the wiki to the letter. I have tested to see which versions I have and I am writing in python2, I think, eeek! How do I check that, I assume it is Python2.7? I'm just writing .py scripts using the Mystic Python syntax sooo.....?

    If you haven't guessed already, I am total newb to Python and the Pi so this may take a while, sorry!

    When you say "run Mystic" do you mean the command within the terminal that launches my server?
    Because, if I run:-

    "./ mystic -server"
    Instead of...
    "sudo ./ mystic -server"

    I get these errors..
    TELNET unable to open IPV4 Port Error -1 (13)
    TELNET unable to open IPV6 Port Error -1 (13)

    If I do run with sudo, I don't.

    HELP!!
  • From paulie420@21:2/150 to BadAssBradders on Monday, December 05, 2022 16:54:31
    When you say "run Mystic" do you mean the command within the terminal
    that launches my server?
    Because, if I run:-

    "./ mystic -server"
    Instead of...
    "sudo ./ mystic -server"

    I get these errors..
    TELNET unable to open IPV4 Port Error -1 (13)
    TELNET unable to open IPV6 Port Error -1 (13)

    So Linux won't let non-sudo users to bind to ports under 1024. Thats why you see a lot of bbSes w/ ports like :1337, or whatever... however you can get around that. Hes a writeup, and there are many others out there...

    https://www.geeksforgeeks.org/bind-port-number-less-1024-non-root-access/



    |07p|15AULIE|1142|07o
    |08.........

    --- Mystic BBS v1.12 A48 2022/07/15 (Linux/64)
    * Origin: 2o fOr beeRS bbs>>>20ForBeers.com:1337 (21:2/150)
  • From niter3@21:1/199 to paulie420 on Monday, December 05, 2022 21:55:54
    So Linux won't let non-sudo users to bind to ports under 1024. Thats why you see a lot of bbSes w/ ports like :1337, or whatever... however you
    can get around that. Hes a writeup, and there are many others out
    there...

    What's the issue running it under sudo. You can add an entry to your sudo file to only allow the bbs user the permission to open mystic as sudo, deny everything else. You can set it up so you don't even need to enter a password and then tie this to a systemd script.

    This is how I do it.

    ... My software never has bugs. It just develops random features...

    --- Mystic BBS v1.12 A48 2022/07/15 (Linux/64)
    * Origin: Clutch BBS * telnet://bbs.clutchbbs.com (21:1/199)
  • From esc@21:4/173 to niter3 on Monday, December 05, 2022 19:01:35
    What's the issue running it under sudo. You can add an entry to your
    sudo file to only allow the bbs user the permission to open mystic as sudo, deny everything else. You can set it up so you don't even need to enter a password and then tie this to a systemd script.

    Running under sudo has some complications. For example, if you try to run any external program that looks to $HOME, it will look to /root/. The drop suid thing isn't perfect. I highly recommend /not/ using sudo for this reason, it creates odd little permissions related problems here and there.

    --- Mystic BBS v1.12 A48 2022/07/11 (Linux/64)
    * Origin: m O N T E R E Y b B S . c O M (21:4/173)
  • From BadAssBradders to esc on Tuesday, December 06, 2022 02:07:56
    So here are the errors I am getting from importing two separate modules. Note: If I run sudo ./mis -server I get the same mismatch error but just one importer error saying "import error: no module named tweepy".--

    These images are when i run ./mis -server with the correct permissions, ports open and not using sudo...

    tweepy https://ibb.co/yVpJCxk

    openpyxl https://ibb.co/bXWhP05

    What the hell is going on?? :/

    Does anyone know what's going on here?
  • From MobbyG@21:1/219 to BadAssBradders on Tuesday, December 06, 2022 12:24:49
    On 06 Dec 2022, BadAssBradders said the following...

    So here are the errors I am getting from importing two separate modules. Note: If I run sudo ./mis -server I get the same mismatch error but just one importer error saying "import error: no module named tweepy".--

    This can be caused by the version of Python you have tweepy installed under.

    If you do 'pip list' you should see a list of the installed modules.
    the command 'pip -V' will tell you which version you have and under which version of Python you are running it under.

    If you are running the script with the Python2 command and the module for tweepy is installed under Python3, that is why you would get the no module name tweepy error.

    I have gotten dinged by this a few times when I have written my scripts.

    Try pip2 list and pip3 list and see what you see.

    73!
    Rich, KB2MOB

    |15 -----/---- |11Rich Lawrence|15, |14KB2MOB
    |15 ---/--- SysOp of |09Radio Freqs |13& |10Geeks |15BBS
    |15 --|- "|02Give me 102' of wire..
    |15 | |02...and I'll show you how to talk to the world!|15"

    --- Mystic BBS v1.12 A48 2022/07/15 (Raspberry Pi/32)
    * Origin: Radio Freqs & Geeks BBS Running on a Pi400 (21:1/219)
  • From paulie420@21:2/150 to niter3 on Tuesday, December 06, 2022 09:40:47
    What's the issue running it under sudo. You can add an entry to your
    sudo file to only allow the bbs user the permission to open mystic as sudo, deny everything else. You can set it up so you don't even need to enter a password and then tie this to a systemd script.

    Nothing wrong w/ running as sudo, except I'd be willing to bet that 75% of the users who doso DON'T do the few things you listed above to mitigate any issues. In fact, I bet most are running on their one user account on the machine... :P

    But yes, the above way would be pretty solid too.



    |07p|15AULIE|1142|07o
    |08.........

    --- Mystic BBS v1.12 A48 2022/07/15 (Linux/64)
    * Origin: 2o fOr beeRS bbs>>>20ForBeers.com:1337 (21:2/150)
  • From paulie420@21:2/150 to esc on Tuesday, December 06, 2022 09:42:41
    Running under sudo has some complications. For example, if you try to
    run any external program that looks to $HOME, it will look to /root/.
    The drop suid thing isn't perfect. I highly recommend /not/ using sudo
    for this reason, it creates odd little permissions related problems here and there.

    This is why I don't run as sudo. I ran my bbS for some time and then tried to switch TO running sudo - and it broke most of my mods and Python stuff... sure, it can be done - but should be planned and implemented from day 1. Others, like niter3, seem to have it ironed out and working just fine, but for me I chose to use a bbs user w/o sudo acs.



    |07p|15AULIE|1142|07o
    |08.........

    --- Mystic BBS v1.12 A48 2022/07/15 (Linux/64)
    * Origin: 2o fOr beeRS bbs>>>20ForBeers.com:1337 (21:2/150)
  • From niter3@21:1/199 to paulie420 on Tuesday, December 06, 2022 13:17:55
    What's the issue running it under sudo. You can add an entry to your sudo file to only allow the bbs user the permission to open mystic as sudo, deny everything else. You can set it up so you don't even need enter a password and then tie this to a systemd script.

    Nothing wrong w/ running as sudo, except I'd be willing to bet that 75%
    of the users who doso DON'T do the few things you listed above to
    mitigate any issues. In fact, I bet most are running on their one user account on the machine... :P

    But yes, the above way would be pretty solid too.

    I've been doing this for a while now. I moved over to MIS less then a year ago. I was using a custom version of xinetd for years. Since 2008.

    ... Computers are not intelligent. They only think they are.

    --- Mystic BBS v1.12 A48 2022/07/15 (Linux/64)
    * Origin: Clutch BBS * telnet://bbs.clutchbbs.com (21:1/199)
  • From niter3@21:1/199 to paulie420 on Tuesday, December 06, 2022 13:19:19
    This is why I don't run as sudo. I ran my bbS for some time and then
    tried to switch TO running sudo - and it broke most of my mods and
    Python stuff... sure, it can be done - but should be planned and implemented from day 1. Others, like niter3, seem to have it ironed out and working just fine, but for me I chose to use a bbs user w/o sudo acs.

    I don't specficially run Mystic Python apps, but independat python apps in the background. Most my mods are MPS.

    I think if I were to run into this, I would just have a env variable set to correct these issues.

    ... A house is a place to keep your stuff while you go out and get more stuff

    --- Mystic BBS v1.12 A48 2022/07/15 (Linux/64)
    * Origin: Clutch BBS * telnet://bbs.clutchbbs.com (21:1/199)
  • From Ganiman@21:3/174 to niter3 on Tuesday, December 06, 2022 13:32:37
    What's the issue running it under sudo

    If your BBS gets compromised, then that person has root access to your system and whatever else that might mean for your environment. It is generally bad practice to run any services as root, especially untrusted ones like Mystic - I would not say Mystic is "trusted" by any means. It does not seem to support modern crypto ciphers: try ssh'ing to any Mystic BBS with a "normal" client, like `ssh` from a linux command line, and by default you will get an error about weak ciphers, to which you need to either update your ssh_config or explicitly use the weak cipher in your command string - TLS with SMTP also seems to have similar cipher issues. Mystic, to my knowledge anyway, is not pen tested, it is not open source to allow for peer reviewing, it does not get frequent updates, etc. That is not a dig at the g00r00 or anyone who contributes to it, and advanced security shouldn't be the job of Mystic anyway. On top of that and other things, most of us are all using TELNET which is the most *unsecure* thing you can do on the Internet. No, you should not be running Mystic or most other things with root privilges.

    There *are* generally safe ways to run untrusted software like Mystic and there are ways to use to ports 22 and 23 *without* giving Mystic root access (simple firewall rules to forward each of them to ports above 1024 are easy enough to write and search for).

    We live in a "zero trust" world today.

    ---
    Ganiman
    bbs.madetoraid.com:[2323/2222]

    --- Mystic BBS v1.12 A47 2021/12/24 (Linux/64)
    * Origin: Made to Raid BBS (21:3/174)
  • From BadAssBradders to MobbyG on Tuesday, December 06, 2022 10:36:25

    pip2 list
    "ERROR command not found"

    pip3 list
    "all of my modules.... all of them, including Tweepy"

    Now, how do I change the defaults so that my installed modules go into Python 2.7 and not 3x?
    I don't know how to do environment variables so please be as specific as possible, thanks!! :)
  • From BadAssBradders to niter3 on Tuesday, December 06, 2022 10:38:18

    How do you set env varibles - please see my original post as I think what I am asking to do will solve my issue. Thanks!
  • From esc@21:4/173 to BadAssBradders on Tuesday, December 06, 2022 10:54:42
    So here are the errors I am getting from importing two separate modules. Note: If I run sudo ./mis -server I get the same mismatch error but just one importer error saying "import error: no module named tweepy".--

    Hey, unfortunately am bogged down with work stuff at the moment. Are you on discord by chance? I think working on this together at the same time later today might make the most sense.

    --- Mystic BBS v1.12 A48 2022/07/11 (Linux/64)
    * Origin: m O N T E R E Y b B S . c O M (21:4/173)
  • From esc@21:4/173 to niter3 on Tuesday, December 06, 2022 10:56:48
    I think if I were to run into this, I would just have a env variable set to correct these issues.

    To each his own :) Giving mis access to <1024 port numbers is fairly simple and mitigates all potential SUID issues, so that's how I do it. *shrug*

    --- Mystic BBS v1.12 A48 2022/07/11 (Linux/64)
    * Origin: m O N T E R E Y b B S . c O M (21:4/173)
  • From esc@21:4/173 to BadAssBradders on Tuesday, December 06, 2022 10:58:35
    pip2 list
    "ERROR command not found"

    You need python 2.7 pip and you need to use python 2's pip to install all the modules for your mods.

    Python2 libraries and python3 libraries don't overlap - consider them completely isolated from one another.

    This website should get you moving in the right direction installing python 2 pip:

    https://www.how2shout.com/linux/how-to-install-python-2-7-on-ubuntu-20-04-lts-l inux/

    --- Mystic BBS v1.12 A48 2022/07/11 (Linux/64)
    * Origin: m O N T E R E Y b B S . c O M (21:4/173)
  • From niter3@21:1/199 to Ganiman on Tuesday, December 06, 2022 14:42:33
    If your BBS gets compromised, then that person has root access to your system and whatever else that might mean for your environment. It is generally bad practice to run any services as root, especially untrusted ones like Mystic - I would not say Mystic is "trusted" by any means. It does not seem to support modern crypto ciphers: try ssh'ing to any
    Mystic BBS with a "normal" client, like `ssh` from a linux command line, and by default you will get an error about weak ciphers, to which you
    need to either update your ssh_config or explicitly use the weak cipher
    in your command string - TLS with SMTP also seems to have similar cipher issues. Mystic, to my knowledge anyway, is not pen tested, it is not
    open source to allow for peer reviewing, it does not get frequent
    updates, etc. That is not a dig at the g00r00 or anyone who contributes
    to it, and advanced security shouldn't be the job of Mystic anyway. On
    top of that and other things, most of us are all using TELNET which is
    the most *unsecure* thing you can do on the Internet. No, you should not be running Mystic or most other things with root privilges.

    There *are* generally safe ways to run untrusted software like Mystic
    and there are ways to use to ports 22 and 23 *without* giving Mystic
    root access (simple firewall rules to forward each of them to ports
    above 1024 are easy enough to write and search for).

    We live in a "zero trust" world today.


    The only thing I can think in regards to this being an issue is if MIS itself got compromised. sudo access for my bbs user can only run MIS with elevated permissions. Nothing more.

    ... Real Programmers balance their checkbooks in hex

    --- Mystic BBS v1.12 A48 2022/07/15 (Linux/64)
    * Origin: Clutch BBS * telnet://bbs.clutchbbs.com (21:1/199)
  • From niter3@21:1/199 to BadAssBradders on Tuesday, December 06, 2022 14:43:32
    How do you set env varibles - please see my original post as I think
    what I am asking to do will solve my issue. Thanks!

    set variable=parms

    You'd like want to add this to your .bashrc so it kicks off on every login.

    Under .bashrc is should only be variable=parms


    ... ASCII stupid question, get a stupid ANSI.

    --- Mystic BBS v1.12 A48 2022/07/15 (Linux/64)
    * Origin: Clutch BBS * telnet://bbs.clutchbbs.com (21:1/199)
  • From niter3@21:1/199 to esc on Tuesday, December 06, 2022 14:46:09
    To each his own :) Giving mis access to <1024 port numbers is fairly simple and mitigates all potential SUID issues, so that's how I do it. *shrug*

    You could also not do any of that and NAT port translate it from 23 to 1024 or whichever port. Less work if you have a firewall which can do this.

    ... Some people have no idea what they're doing, and are really good at it!

    --- Mystic BBS v1.12 A48 2022/07/15 (Linux/64)
    * Origin: Clutch BBS * telnet://bbs.clutchbbs.com (21:1/199)
  • From BadAssBradders to esc on Tuesday, December 06, 2022 13:08:23

    Ah thank god!

    Thank you so much for this. I managed to get it working. What I did for anyone stuck with this issue...

    I did a backup of my mystic folder
    Reinstalled python from the beginning
    Made sure that I installed python2.7.18 ( .13 was giving me issues with Mystic)
    I then installed pip2 via this link... https://www.how2shout.com/linux/how-to-i nstall-python-2-7-on-ubuntu-20-04-lts-linux/
    Then I set the priority of Python 2.7 to be the highest
    Re-installed my modules
    Unpacked my backup
    Launched it again and now everything works, THANK GOD!

    A thousand thanks yous to everyone who pitched in to help. YAY!!!
  • From esc@21:4/173 to niter3 on Tuesday, December 06, 2022 14:04:34
    You could also not do any of that and NAT port translate it from 23 to 1024 or whichever port. Less work if you have a firewall which can do this.

    Yep! Multiple ways to skin this cat.

    --- Mystic BBS v1.12 A48 2022/07/11 (Linux/64)
    * Origin: m O N T E R E Y b B S . c O M (21:4/173)
  • From esc@21:4/173 to BadAssBradders on Tuesday, December 06, 2022 14:05:11
    A thousand thanks yous to everyone who pitched in to help. YAY!!!

    Glad you're all set! And thanks for closing the loop on what you did to get things working.

    --- Mystic BBS v1.12 A48 2022/07/11 (Linux/64)
    * Origin: m O N T E R E Y b B S . c O M (21:4/173)
  • From opicron@21:3/126 to niter3 on Wednesday, December 07, 2022 14:16:56
    To each his own :) Giving mis access to <1024 port numbers is fairly simple and mitigates all potential SUID issues, so that's how I do it

    You could also not do any of that and NAT port translate it from 23 to 102 whichever port. Less work if you have a firewall which can do this.

    +1, this is how I handle it.

    oP!

    ... There will be a rain dance Friday night, weather permitting!

    --- Mystic BBS v1.12 A47 2021/12/24 (Linux/64)
    * Origin: TheForze - bbs.theforze.eu:23 (21:3/126)