https://redmine.openinfosecfoundation.org/https://redmine.openinfosecfoundation.org/favicon.ico?17011170022016-12-01T09:44:07ZOpen Information Security FoundationSuricata - Bug #1973: suricata fails to start because of unix sockethttps://redmine.openinfosecfoundation.org/issues/1973?journal_id=77302016-12-01T09:44:07ZVictor Julienvictor@inliniac.net
<ul></ul><p>Workaround 1:</p>
<p>Create the dir that is missing, in the above example /var/run/suricata. Note that some systems remove this on reboot.</p>
<p>Workaround 2:</p>
<p>Disable unix socket on the command line by passing: '--set unix-command.enabled=false'</p>
<p>Workaround 3:</p>
<p>Disable unix socket in your yaml:<br /><pre>
unix-command:
enabled: false
#filename: custom.socket
</pre></p> Suricata - Bug #1973: suricata fails to start because of unix sockethttps://redmine.openinfosecfoundation.org/issues/1973?journal_id=77312016-12-02T11:43:09ZVictor Julienvictor@inliniac.net
<ul><li><strong>Status</strong> changed from <i>Assigned</i> to <i>Closed</i></li></ul><p><a class="external" href="https://github.com/inliniac/suricata/pull/2447">https://github.com/inliniac/suricata/pull/2447</a></p> Suricata - Bug #1973: suricata fails to start because of unix sockethttps://redmine.openinfosecfoundation.org/issues/1973?journal_id=77362016-12-06T03:13:09ZVictor Julienvictor@inliniac.net
<ul></ul><p>If the directory does exist but the permissions are wrong (usually when running as a user instead of root), then we can run into the same issue:<br /><pre>
[ERRCODE: SC_ERR_INITIALIZATION(45)] - Unix socket: UNIX socket bind(/var/run/suricata/suricata-command.socket) error: Permission denied
</pre><br />In this case change the permissions and/or ownership of the /var/run/suricata/ directory.</p>