Project

General

Profile

Actions
Copy link

Support #2471

closed
JP JT

Following error observed after installation and first run

Support #2471: Following error observed after installation and first run

Added by Jesus Padro about 8 years ago. Updated over 7 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Jason Taylor
Affected Versions:
Label:

Description

OS: CentOS 7

29/3/2018 -- 05:34:57 - <Notice> - This is Suricata version 4.0.3 RELEASE
29/3/2018 -- 05:35:27 - <Warning> - [ERRCODE: SC_ERR_DEPRECATED_CONF(274)] - deprecated 'force-md5' option found. Please use 'force-hash: [md5]' instead
29/3/2018 -- 05:35:27 - <Warning> - [ERRCODE: SC_ERR_INITIALIZATION(45)] - Unix socket: UNIX socket bind(/var/run/suricata/suricata-command.socket) error: Permission denied
29/3/2018 -- 05:35:27 - <Warning> - [ERRCODE: SC_ERR_INITIALIZATION(45)] - Unable to create unix command socket
29/3/2018 -- 05:35:27 - <Notice> - all 4 packet processing threads, 4 management threads initialized, engine started.

AH Updated by Andreas Herz about 8 years ago Actions
Copy link
 #1

  • Assignee set to OISF Dev

How did you install suricata? Looks like it added or used an old config file. Regarding the second error, how did you start suricata and with what permissons set?

VJ Updated by Victor Julien almost 8 years ago Actions
Copy link
 #2

  • Tracker changed from Bug to Support

BM Updated by B Mathis over 7 years ago Actions
Copy link
 #3

I am seeing this error as well on CentOS 7 using the packages from EPEL, currently version 4.0.5-1.

On this platform suricata is run as user 'suricata', but /run/suricata has ownership root:root, so it cannot create the socket file. This is set in '/usr/lib/tmpfiles.d/suricata.conf'.

To resolve this error:
cp /usr/lib/tmpfiles.d/suricata.conf /etc/tmpfiles.d
Update /etc/tmpfiles.d/suricata.conf to have:
d /run/suricata 0775 root suricata -
systemd-tmpfiles --create --remove /etc/tmpfiles.d/suricata.conf

This change should probably be applied to the system-installed tmpfiles configuration file.

JT Updated by Jason Taylor over 7 years ago Actions
Copy link
 #4

This is also being tracked under, https://bugzilla.redhat.com/show_bug.cgi?id=1614935

A new build should be out in the near future to resolve this issue.

JT Updated by Jason Taylor over 7 years ago Actions
Copy link
 #5

  • Assignee changed from OISF Dev to Jason Taylor

JT Updated by Jason Taylor over 7 years ago Actions
Copy link
 #6

  • Status changed from New to Feedback

This issue should be resolved with the epel 4.0.5-3 build which should appear in testing in the next day or so.

https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-fbc9409354

Please test and provide feedback.

Thanks in advance!

JT

JT Updated by Jason Taylor over 7 years ago Actions
Copy link
 #7

  • Status changed from Feedback to Closed

this has been fixed in the latest rpm releases in fedora/epel.

Actions
Copy link

Also available in: PDF Atom