Autopsy On Debian

I am happily running Debian on my personal laptop and want to run the newest Autopsy version on it with its nice new GUI. Unfortunately there is only a nice Windows installer and a Snap package. Even though I am no fan of Canonical’s Snap’s I quickly tried it, but it did not work. So I decided to build and install it myself. I did this before the release of Debian 13 (Trixie), but also after the upgrade to Trixie I did it one more time. Because the dependency SleuthKit has a dependancy to a Debian Java 17 package it got slightly more complex.

1. Clone the source code: https://github.com/sleuthkit/autopsy.git or download the bundled release you like; https://github.com/sleuthkit/autopsy/releases/tag/autopsy-4.22.1
2. Run the script: unix_setup.sh -j /opt/java17 and do what it reports…, which is:
   1. Install or provide java 17. In Debian 12 the default java version was 17, but in 13 it is Java 21, that is why I installed Java 21 manually. See here; https://adoptium.net/temurin/releases/?variant=openjdk17&version=17&os=any&arch=any
   2. Download the sleuthkit java library, because it is not in the debian repos. One will only find the sleuthkit in the debian repos, which is the c++ CLI tool, but not what autopsy needs… I did it with there provided .deb package here: https://github.com/sleuthkit/sleuthkit/releases/download/sleuthkit-4.14.0/sleuthkit-java_4.14.0-1_amd64.deb
   3. Install it; sudo apt install /opt/sleuthkit/sleuthkit-java_4.14.0-1_amd64.deb. Unfortunately following occured:

       sudo apt install /opt/sleuthkit/sleuthkit-java_4.14.0-1_amd64.deb 
      
       Error! Some packages could not be installed. This may mean that you have requested an impossible situation or if you are using the unstable distribution that some required packages have not yet been created or been moved out of Incoming. The following information may help to resolve the situation: Unsatisfied dependencies: sleuthkit-java : Depends: openjdk-17-jre but it is not installable Error: Unable to correct problems, you have held broken packages. Error: The following information from --solver 3.0 may provide additional context: 
       Unable to satisfy dependencies. Reached two conflicting decisions: 
       1. sleuthkit-java:amd64=4.14.0-1 is selected for install 
       2. sleuthkit-java:amd64 Depends openjdk-17-jre but none of the choices are installable: [no choices]
      

   4. I already installed a java 17 version, so we just need the install to move on. For this problem i used the equivs tool to mimic a Debian package (maybe there is a cleaner solution?):
      1. Install and generate the build file:

          sudo apt install equivs
          equivs-control openjdk17-jre
         

      2. Modify the file openjdk17.jre as follows:

          Package: openjdk-17-jre
          Version: 17.0
          Provides: openjdk-17-jre
          Description: Dummy package to satisfy sleuthkit-java dep
           This is a fake package because I already have JDK 17 installed manually.
         

      3. Install it equivs-build openjdk17-jre && sudo apt install ./openjdk-17-jre_17.0_all.deb
   5. After this the install worked, see 3.
3. Rerun unix_setup.sh -j /opt/java17
4. Run Autopsy (from the directory you cloned unpacked); bin/autopsy --jdkhome /opt/java/jdk-17.0.12+7

That should be it.