README_Linux

Linux Installation

Most of the Autopsy development occurs to be run on Windows systems, but it is possible to run Autopsy on Linux and OS X. This file contains the instructions for building and running Autopsy on Ubuntu 18.10 (Cosmic Cuttlefish). The same instructions with minor modifications, should probably work on Ubuntu 18.04.2 LTS (Bionic Beaver), but this has not yet been tested.

Prerequisites

It appears that Autopsy relies on JavaFX, and therefore will not successfully run when compiled against OpenJDK. Unfortunately, as of 16 April, 2019, Oracle has changed Java SE Licensing. This has resulted in the popular “WebUpd8” team PPA being discontinued due to licensing concerns.

Fortunately, there appears to be a functional alternative, which is not encumbered by the same issues, and is theoretically binary-compatible with Oracle’s Java 8 SE implementation: Amazon Corretto 8. The official installation documentation includes instructions for both .rpm and .deb package formats, which Amazon provides.

The below instructions seem to create a working Autopsy 4.10.0 build on Ubuntu. However, some of the packages installed are probably not-necessary. Further testing can help eliminate unnecessary prerequisites.

Install prerequisites

First install the necessary packages from the Ubuntu repositories:

$ sudo apt-get update && sudo apt-get install \
    ant \
    ca-certificates \
    g++ \
    gcc \
    gpg \
    java-common \
    libafflib-dev \
    libboost-dev \
    libewf-dev \
    libgl1-mesa-dri \
    libgl1-mesa-glx \
    libsolr-java \
    libsqlite3-dev \
    libswt-gtk-4-java \
    libtika-java \
    libtool \
    libtsk-dev \
    libvhdi-dev \
    libvmdk-dev \
    make \
    openjfx \
    postgresql \
    software-properties-common \
    sqlite3 \
    testdisk \
    wget \
    zip \
    zlib1g-dev

Next, download and install Amazon Corretto 8:

$ wget "https://d3pxv6yz143wms.cloudfront.net/8.212.04.1/java-1.8.0-amazon-corretto-jdk_8.212.04-1_amd64.deb" \
    && sudo apt-get install -y ./java-1.8.0-amazon-corretto-jdk_8.212.04-1_amd64.deb \
    && sudo apt-get install --fix-missing  # This may not be necesary

Building

Building The Sleuth Kit

  1. Download The Sleuth Kit and associated signature.

    $ wget "https://github.com/sleuthkit/sleuthkit/releases/download/sleuthkit-4.6.5/sleuthkit-4.6.5.tar.gz" \
        && wget "https://github.com/sleuthkit/sleuthkit/releases/download/sleuthkit-4.6.5/sleuthkit-4.6.5.tar.gz.asc"
  2. Fetch the GPG key and verify and unpack the tarball:

    $ gpg --recv-keys "0917A7EE58A9308B13D3963338AD602EC7454C8B" \
        && gpg --verify sleuthkit-4.6.5.tar.gz.asc \
        && tar -xf sleuthkit-4.6.5.tar.gz
  3. Build and install The Sleuth Kit:

    $ cd sleuthkit-4.6.5 \
        && export JAVA_HOME="/usr/lib/jvm/java-1.8.0-amazon-corretto/" \
        && ./configure \
        && make \
        && sudo make install

Install Autopsy

  1. Download Autopsy and signature:
$ wget "https://github.com/sleuthkit/autopsy/releases/download/autopsy-4.10.0/autopsy-4.10.0.zip" \
    && wget "https://github.com/sleuthkit/autopsy/releases/download/autopsy-4.10.0/autopsy-4.10.0.zip.asc"
  1. Verify and unzip the archive:

    $ gpg --verify autopsy-4.10.0.zip.asc \
    && unzip autopsy-4.10.0.zip
  2. Run the autopsy setup script:

    $ sudo cp -r autopsy-4.10.0 /opt/autopsy-4.10.0 \
        && sudo chown -R "${user}:${group}" /opt/autopsy-4.10.0 \
        && cd /opt/autopsy-4.10.0 \
        && chmod +x ./unix_setup.sh \
        && export JAVA_HOME="/usr/lib/jvm/java-1.8.0-amazon-corretto/" \
        && ./unix_setup.sh \
        && apt-get install -y --fix-broken \
        && chmod +x /opt/autopsy-4.10.0/bin/autopsy
  3. Add autopsy to your ${USER}’s ${PATH}:

    $ echo 'PATH="/opt/autopsy-4.10.0/bin:${PATH}"' >> "${HOME}/.bashrc"

TODO

  • Prune dependencies
  • Add instructions to build Autopsy from source