Setting up fossid-shinobi.service
fossid-shinobi.service is needed to be running in the machine that runs Workbench.
If you are using Workbench version 24.1 and above:
Check if fossid-shinobi service is active.
sudo systemctl status fossid-shinobi
If the status shows as active (running), no setup is required.
Otherwise, start the service with the following command.
sudo systemctl enable --now fossid-shinobi.service
Check the status and if it shows active (running), the setup is complete.
sudo systemctl status fossid-shinobi
If you are using a Workbench version lower than 24.1:
Run the following install instructions:
sudo install -m 644 fossid-shinobi.default /etc/default/fossid-shinobi
sudo install -m 644 fossid-shinobi.service /lib/systemd/system
sudo systemctl daemon-reload
sudo systemctl enable --now fossid-shinobi.service
NOTE: If fossid-shinobi.service is active and running, the instructions above are not needed.
Running from the Command Line:
Even though the default way of running fossid-da is via Workbench, it can be run directly via CLI.
NOTE: You still need to have a valid fossid.conf either in /etc/fossid/fossid.conf or /home/user/fossid.conf and the fossid-shinobi.service present and active.
1. Default scan: Running fossid-da and generating reports in ORT format
If you are running FDA in CLI mode in a Workbench instance:
sudo -u www-data ./fossid-da --info -m ALL -f JSON -i PATH_TO_PROJECT -o PATH_TO_SAVE_REPORTS
otherwise:
sudo ./fossid-da --info -m ALL -f JSON -i PATH_TO_PROJECT -o PATH_TO_SAVE_REPORTS
--info- show scanning info in logs-m ALL- options that filters which dependency types will be process. More info in FossID-DA-Filtering-Dependency-Types section-f JSON- select format, currently just JSON is supported.-i PATH_TO_PROJECT- path to project that needs to be scanned-o PATH_TO_SAVE_REPORTS- output path where to save reports
This will start the dependency analysis and after when it finishes it will create in the output folder (-o) the file: analyzer-result.json.
2. Deep Scan: Running fossid-da deep scan
If you are running FDA in CLI mode in a Workbench instance:
sudo -u www-data ./fossid-da --info -m ALL -f JSON -i PATH_TO_PROJECT -o PATH_TO_SAVE_REPORTS --deep-scan
otherwise:
sudo ./fossid-da --info -m ALL -f JSON -i PATH_TO_PROJECT -o PATH_TO_SAVE_REPORTS --deep-scan
--deep-scan- This mode downloads, extracts and scans all dependency files and collects copyright and compliance information for all of the files in every dependency package
NOTE 1: This mode needs permission to access the default /tmp/fossid-da folder.
NOTE 2: Using this mode, a scan will take longer to complete since it will need to process more information.
More info about this mode in FossID-DA-Deep-Scan section.