[Oisf-users] Segmentation fault (core dumped) when setting configuration value with commandline arguments

Peter Manev petermanev at gmail.com
Tue Jan 5 13:56:47 UTC 2016


On Tue, 2016-01-05 at 14:52 +0100, Andreas Moe wrote:
> I tried this: suricata -c /etc/suricata/suricata.yaml -i eth0 --set
> logging.outputs.file.enabled=yes --set
> logging.outputs.filename=/tmp/suricata.log --set
> logging.outputs.format=json
> And i got a "Segmentation fault (core dumped)".
> 
> 
> System: 
> - Linux localhost.localdomain 4.2.6-301.fc23.x86_64 #1 SMP Fri Nov 20
> 22:22:41 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux
> - Fedora release 23 (Twenty Three)
> - Suricata 3.0dev (rev 44a444b)
> 
> 
> Btw any tips on finding the core dump file? The docs
> (https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Reporting_Bugs) say it should be in "the current working directory of Suricata". I checked my current working dir when i ran the command, /var/log/suricata, /etc/suricata, and so on, but did not find it.

In suricata.yaml - the default daemon section should look like this (if
you have not changed it).

# Daemon working directory
# Suricata will change directory to this one if provided
# Default: "/"

If you keep the defaults it should drop the core there - "/".

On some installations of mine i have set it up as  - 
daemon-directory: "/var/log/suricata/core" - and if there is a core i
gets dropped there.


> 
> 
> /AndreasM
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
> Suricata User Conference November 4 & 5 in Barcelona: http://oisfevents.net

-- 
Regards,
Peter Manev




More information about the Oisf-users mailing list