MAA VM profile build is stuck at xx%

book

Article ID: 168225

calendar_today

Updated On:

Products

Malware Analysis Software - MA

Issue/Introduction

Sometimes after customizing a profile on the Malware Analysis Appliance (MAA) and attempting to build the profile, it will progress to xx% and then seem to hang.  The customization to the profile has already been completed.  However, there is no way to cancel the building of a profile from the GUI.  But it can be done from the command line using the RAPI commands.  This can also happen if the server is rebooted in the middle of a profile build.

Resolution

To cancel the build process and restart it, do the following:

1.  SSH to the appliance as the g2 user and then 'sudo su -' to connect at the mag2 (root) user.
2.  Run the following command to list all of the profiles:

curl localhost/rapi/system/vm/profiles

The output will look like this for each profile you have:

{
  "api_version": 5, 
  "exec_time": 0.0088, 
  "request": "GET /system/vm/profiles", 
  "results": [
    {
      "vm_bases_description": null, 
      "vm_bases_extref": "4432818a-d271-49bb-bf42-690c9b4cbc6d", 
      "vm_bases_name": "win7-sp1-base", 
      "vm_bases_os_arch": "x86", 
      "vm_bases_os_type": "win7", 
      "vm_bases_state": 4, 
      "vm_bases_vmb_id": 1, 
      "vm_profiles_description": null, 
      "vm_profiles_enabled": null, 
      "vm_profiles_extref": "62b1aa43-65f5-4584-91c9-b4077650e6fe", 
      "vm_profiles_is_default": 1, 
      "vm_profiles_name": "Windows 7", 
      "vm_profiles_operation_queued": false, 
      "vm_profiles_progress": 10, 
      "vm_profiles_read_only": 0, 
      "vm_profiles_short_name": "windows-7", 
      "vm_profiles_state": 2, 
      "vm_profiles_status": "Building", 
      "vm_profiles_vmb_id": 1, 
      "vm_profiles_vmp_id": 1
    }
  ], 
  "results_count": 1, 
  "server_time": "2014-11-17T13:36:19.568691"


3.  Look for the profile in question by looking at the "short_name" or by seeing which profile has a "vm_profiles_progress" of a number other than 100.  Typically the number will be somewhere between 0 and 70.  Make note of the vm_profiles_vmp_id.  In the above example, the vm_profiles_vmp_id is 1

4.  Restart the ivmcontrold process:   supervisorctl restart ivmcontrold

5.  Manually set the state of the profile to 7.  In the above example, the state of the profile was a 2:  

curl -X POST -d "state=7" localhost/rapi/system/vm/profiles/vm_profiles_vmp_id   (where vm_profiles_vmp_id is the number noted from Step 3)

6.  Start the build process again making sure you replace vm_profiles_vmp_id with the correct number:


curl -X POST localhost/rapi/system/vm/profiles/vm_profiles_vmp_id/build

7.  Use the curl localhost/rapi/system/vm/profiles command to watch the progress of the build (vm_profiles_progress).  You should be able to watch the build process from the GUI as well.