Project

General

Profile

Actions

Bug #5722

closed

suricata-update releases missing from PyPI

Added by Bradley Solomon about 2 months ago. Updated about 2 months ago.

Status:
Closed
Priority:
High
Assignee:
Target version:
Affected Versions:
Effort:
low
Difficulty:
low
Label:
Python

Description

suricata-update documentation recommends installing through pip. However, as of 30 Nov 2022, the latest package version available on PyPI is 1.2.2, while there are GitHub releases for versions up to 1.2.6 that are not uploaded to PyPI.

Actions #1

Updated by Jason Ish about 2 months ago

I hope to get this fixed up soon, but for now, and I'll update the documentation for this as well, the recommended way to install Suricata-Update is as bundled with Suricata.

From what I can tell, PyPi stopped accepting our distutils created bundles, so we have to move to something more modern.

Actions #2

Updated by Bradley Solomon about 2 months ago

Jason Ish wrote in #note-1:

I hope to get this fixed up soon, but for now, and I'll update the documentation for this as well, the recommended way to install Suricata-Update is as bundled with Suricata.

From what I can tell, PyPi stopped accepting our distutils created bundles, so we have to move to something more modern.

Actually, it's not bundled with Suricata. Reproducible on python:3.9-slim-buster Docker image:


echo "deb http://http.debian.net/debian buster-backports main" > \
/etc/apt/sources.list.d/backports.list && \
apt-get update -y && apt-get install -y --no-install-recommends \
curl=7.64.0-4+deb10u3 \
git=1:2.20.1-2+deb10u4 \
git-man=1:2.20.1-2+deb10u4 \
libcurl4=7.64.0-4+deb10u3 \
suricata=1:6.0.1-2~bpo10+1 -t buster-backports && \
apt-get clean && \
rm -rf /var/lib/apt/lists/*

Then find / -name 'suricata-update' -type f returns 0 results when run as root.

Secondly the installation of Suricata 6.x from source is also outright broken on Debian, per https://github.com/rusticata/der-parser/issues/36.

Actions #3

Updated by Bradley Solomon about 2 months ago

OISF is a well-funded organization. What's the excuse for using outdated distutils for years after setuptools became the de-facto tool? I don't even see an open pull request.

Actions #4

Updated by Jason Ish about 2 months ago

Bradley Solomon wrote in #note-2:

Jason Ish wrote in #note-1:

I hope to get this fixed up soon, but for now, and I'll update the documentation for this as well, the recommended way to install Suricata-Update is as bundled with Suricata.

From what I can tell, PyPi stopped accepting our distutils created bundles, so we have to move to something more modern.

Actually, it's not bundled with Suricata. Reproducible on python:3.9-slim-buster Docker image:


echo "deb http://http.debian.net/debian buster-backports main" > \
/etc/apt/sources.list.d/backports.list && \
apt-get update -y && apt-get install -y --no-install-recommends \
curl=7.64.0-4+deb10u3 \
git=1:2.20.1-2+deb10u4 \
git-man=1:2.20.1-2+deb10u4 \
libcurl4=7.64.0-4+deb10u3 \
suricata=1:6.0.1-2~bpo10+1 -t buster-backports && \
apt-get clean && \
rm -rf /var/lib/apt/lists/*

Then find / -name 'suricata-update' -type f returns 0 results when run as root.

Secondly the installation of Suricata 6.x from source is also outright broken on Debian, per https://github.com/rusticata/der-parser/issues/36.

Debian unbundles it.

Actions #5

Updated by Bradley Solomon about 2 months ago

Debian unbundles it.

So the recommended install method on Debian would be ... what, exactly?

python3 -m pip install https://github.com/OISF/suricata-update/archive/refs/tags/1.2.6.tar.gz it is, for lack of a better option.

Actions #6

Updated by Victor Julien about 2 months ago

Bradley Solomon wrote in #note-3:

OISF is a well-funded organization. What's the excuse for using outdated distutils for years after setuptools became the de-facto tool? I don't even see an open pull request.

Please behave yourself professionally in this forum. OISF doesn't owe you any excuse or explanation. We're happy discuss reasons and point to prior discussions, but not in this way.

Actions #7

Updated by Jason Ish about 2 months ago

Bradley Solomon wrote in #note-5:

Debian unbundles it.

So the recommended install method on Debian would be ... what, exactly?

python3 -m pip install https://github.com/OISF/suricata-update/archive/refs/tags/1.2.6.tar.gz it is, for lack of a better option.

See https://suricata.readthedocs.io/en/suricata-6.0.9/install.html#debian. Adapt as needed for your Debian version. But packaging for Debian is a Debian detail, not Suricata.

Actions #8

Updated by Jason Ish about 2 months ago

  • Status changed from New to Closed
  • Assignee changed from Shivani Bhardwaj to Jason Ish

Pushed to PyPI with Twine. Documentation updated to note that Suricata-Update is best installed bundled with Suricata, as its released bundled with Suricata.

Actions

Also available in: Atom PDF