[Oisf-users] Segmentation fault (core dumped) when setting configuration value with commandline arguments

Peter Manev petermanev at gmail.com
Tue Jan 5 15:01:20 UTC 2016 

On Tue, 2016-01-05 at 15:08 +0100, Andreas Moe wrote:
> I tried changing this now, and creating the
> directory /var/log/suricata/core. But still no dump. Running with sudo
> i get just "Segmentation fault", without sudo i get "Segmentation
> fault (core dumped)", but no core dump.

Do you have the right permissions for the folder (if you are running
suri under a diff user?)

> 
> 2016-01-05 14:56 GMT+01:00 Peter Manev <petermanev at gmail.com>:
>         On Tue, 2016-01-05 at 14:52 +0100, Andreas Moe wrote:
>         > I tried this: suricata -c /etc/suricata/suricata.yaml -i
>         eth0 --set
>         > logging.outputs.file.enabled=yes --set
>         > logging.outputs.filename=/tmp/suricata.log --set
>         > logging.outputs.format=json
>         > And i got a "Segmentation fault (core dumped)".
>         >
>         >
>         > System:
>         > - Linux localhost.localdomain 4.2.6-301.fc23.x86_64 #1 SMP
>         Fri Nov 20
>         > 22:22:41 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux
>         > - Fedora release 23 (Twenty Three)
>         > - Suricata 3.0dev (rev 44a444b)
>         >
>         >
>         > Btw any tips on finding the core dump file? The docs
>         >
>         (https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Reporting_Bugs) say it should be in "the current working directory of Suricata". I checked my current working dir when i ran the command, /var/log/suricata, /etc/suricata, and so on, but did not find it.
>         
>         In suricata.yaml - the default daemon section should look like
>         this (if
>         you have not changed it).
>         
>         # Daemon working directory
>         # Suricata will change directory to this one if provided
>         # Default: "/"
>         
>         If you keep the defaults it should drop the core there - "/".
>         
>         On some installations of mine i have set it up as  -
>         daemon-directory: "/var/log/suricata/core" - and if there is a
>         core i
>         gets dropped there.
>         
>         
>         >
>         >
>         > /AndreasM
>         > _______________________________________________
>         > Suricata IDS Users mailing list:
>         oisf-users at openinfosecfoundation.org
>         > Site: http://suricata-ids.org | Support:
>         http://suricata-ids.org/support/
>         > List:
>         https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
>         > Suricata User Conference November 4 & 5 in Barcelona:
>         http://oisfevents.net
>         
>         --
>         Regards,
>         Peter Manev
>         
> 
> 
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
> Suricata User Conference November 4 & 5 in Barcelona: http://oisfevents.net

-- 
Regards,
Peter Manev

More information about the Oisf-users mailing list