Installing the Open Computer Forensics Architecture

IMPORTANT:
Don't install ocfa on a system serving vital interests! We take no responsibility for any harm the installation of ocfa may do. It is advised to install ocfa on a system dedicated for this purpose serving no other functionality and to make backup copies of any important data beforehand.

When installing the open computer forensics architecture from one of the Linux distro specific packages you should simply follow the instructions as provided in the accompanying howto for that platform. This page describes what to do if you are installing from the separate distribution file.

Satisfying the prerequisites

The first thing you need to do is to make sure that you have all depenedancies satisfied in order to continue installing the open computer forensics architecture. Please check the prerequisites to make sure you have the dependencies all satisfied and are ready to install.

The basic install

The installation of the open computer forensics architecture will be close to what you are used to, but with an important twist. Given the fact that the actions needed to do a full install are sometimes rather intrusive, and on non tested distributions even potentially dangerous to your systems usability, these actions have been moved out of the usual 'make install' into 'make rootinstall'.

Installation on tested distributions

When installing on one of the fully tested distributions (Debian etch, Ubuntu 5.10, Suse 9.3 or Suse 10.1) you can safely use the following steps in each of the 3 packages OcfaLib,OcfaArch and OcfaModules (please make sure to strictly adhere to the Lib/Arch/Modules sequence):

./configure
make
make rootinstall

Please make sure to check out any warnings that the configure script gives. You can safely ignore warnings about libmidas in OcfaModules as the midas module is now considered deprecated.

Installation on other distributions and platforms

If you are installing on any system other than the ones officially marked as tested, you need to be a bit more careful during installation in order not to break things.
First you will need to give the configure script a try. Run ./configure . This script may issue some warnings, please check these out. The script will create a file configure.makeinfo, you should have a good look in this file to see if anything is obviously wrong here.

After having checked configure.makeinfo for errors you can run make. If make runs without errors, which in theory it should, you are most of the way to a working environment, we will tread carefully however in order to make sure we won't break your system. Instead of running rootinstall you should simply run make install. This will leave the installation partially broken but at least should keep your system intact.

IMPORTANT:
You are discouraged to just run the scripts, they are untested on any but the distributions mentioned in the previous section

Now comes the hard part, you will need to look very closely at the makefile and any script called from the makefile. Look at the file called Makefile and look for the definition of DISTDIR, you should export this in your shell. After this, look at the section called rootinstall and check out each of the lines to see if it should be applicable for your system. Most regular lines should be applicable and you should be able to run these from your shell. Some lines in the rootinstall section however will call on scripts that could potentially be dangerous. It is essential that you locate these scripts, read their content to find out what they intend to do, and then do those things yourself by hand. You are discouraged to just run the scripts, they are untested on any but the distributions mentioned in the previous section.