Bug #834
closedUnix socket - showing as compiled when it is not desired to do so
Description
If one desires to compile and duild Suricata with support for unix-socket,
the proper way to do it (since rel 1.4.1 stable) is to add --enable-unix-socket at your configure line.
However if you do NOT want to compile with support for unix-socket and skip that step and if you have the dependecy python packages (libjansson4...) installed on the system it will show as if the unix socket functionality is enabled.
Steps to reproduce :
If you have libjansson4, libjansson-dev, python-simplejson ,
already installed on the system , then
wget http://www.openinfosecfoundation.org/download/suricata-1.4.3.tar.gz tar -zxf suricata-1.4.3.tar.gz cd suricata-1.4.3/ ./configure --prefix=/usr/ --sysconfdir=/etc/ --localstatedir=/var/ --enable-non-bundled-htp --enable-geoip --with-libnss-libraries=/usr/lib --with-libnss-includes=/usr/include/nss/ --with-libnspr-libraries=/usr/lib --with-libnspr-includes=/usr/include/nspr
Notice there is no
--enable-unix-socket
in the configure line....
and we get -
Suricata Configuration: AF_PACKET support: yes PF_RING support: no NFQueue support: no IPFW support: no DAG enabled: no Napatech enabled: no * Unix socket enabled: yes* libnss support: yes libnspr support: yes libjansson support: yes Prelude support: no PCRE jit: no libluajit: no libgeoip: yes Non-bundled htp: yes Old barnyard2 support: no CUDA enabled: no Suricatasc install: yes Unit tests enabled: no Debug output enabled: no Debug validation enabled: no Profiling enabled: no Profiling locks enabled: no Generic build parameters: Installation prefix (--prefix): /usr Configuration directory (--sysconfdir): /etc/suricata/ Log directory (--localstatedir) : /var/log/suricata/ Host: x86_64-unknown-linux-gnu GCC binary: gcc GCC Protect enabled: no GCC march native enabled: yes GCC Profile enabled: no
Thank you
Updated by Victor Julien over 11 years ago
- Status changed from New to Assigned
- Assignee set to Eric Leblond
- Target version set to 1.4.4
Updated by Eric Leblond over 11 years ago
--enable-unix-socket is only available in master. Do we add it to 1.4 ?
Updated by Peter Manev over 11 years ago
I though it is available in 1.4x ?
Updated by Eric Leblond over 11 years ago
Do we want the --enable-unix-socket to be backported to 1.4 ?
Updated by Victor Julien over 11 years ago
- Priority changed from Normal to Low
If it's not too much work, lets add it.
Updated by Eric Leblond over 11 years ago
- % Done changed from 0 to 90
I go crazy again on this ticket. current 1.4 is test-only. I don't think we can change this. What I can do is to add the --enable-unix-socket flag to be able to disable or force compilation (like in master).
PR https://github.com/inliniac/suricata/pull/436 does this.
Updated by Victor Julien over 11 years ago
- Status changed from Assigned to Closed
- % Done changed from 90 to 100
Merged. You can now --disable-unix-socket. Default behavior is to test, and --help shows --enable.