Re: restart code error RH 7.1

["Madhav Diwan" <mdiwan () wagweb com>]

Hi Chris  thanks in advance :)

 hmm lets see

i'm running

[root@fglab user]# rpm -qa | grep snort
snort-1.8.2-1snort
snort-mysql-1.8.2-1snort


your suggestion about not demonizing with the -D flag works.


but then again :  so does this :


/usr/sbin/snort-plain -A fast -b -l /var/log/snort -d -i eth0 -c
/etc/snort/snort.conf -D

 note i have two binaries snort-plain and snort-mysql in /usr/sbin


Here is the problem !!!


WARNING : if you installed snort 1.8.1-current via tarball it places the
snort binary in /usr/bin/ and the SNORTD file calls only "snort" .. not
"snort-plain" or "snort-WHATEVER" .

 you must manually edit the snortd file to call the particular binary
instlled by the rpm you want to use... Note edit  both the start and
stop cases

for now.. that is :)




Madhav



Chris Green wrote:
> "Madhav Diwan" <mdiwan () wagweb com> writes:
>
> > Help
> >
> > i have the following:
> >
> >
> > RedHat 7.1 up2date with kernel 2.4.9-12
> >
> >
> > [root@fglab /root]# /etc/init.d/snortd restart
> > Stopping snort:                                            [FAILED]
> > Starting snort: execvp: No such file or directory
> >                                                            [FAILED]
>
> What rpm are you using?  What are the contents of your snortd?
>
> >
>
> does
> /usr/sbin/snort -A fast -b -l /var/log/snort -d \
>              -i $INTERFACE -c /etc/snort/snort.conf
>
> work?
>
> ( same line as snortd but with the -D removed so it won't go
> daemonizing )
>
> try strace -f snortd start if all else fails
>
> > ok what do i need to upgrade/change/add ?
> >
> >
> >
> > [user@fglab snort-1.8.2]$ grep -r execvp *
>
> > ChangeLog:        * Added execvp option for SIGHUP restart code
> > snort.c:        execvp(progname, progargs);
>
> > Thank you
> >
> > Madhav
> >
> > anyone in the USA tired of turkey yet?
>
> nope.
> --
> Chris Green <cmg () uab edu>
> I've had a perfectly wonderful evening. But this wasn't it.
>      -- Groucho Marx


Note: The information contained in this message may be privileged and confidential and protected from disclosure.  If 
the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this 
message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this 
communication is strictly prohibited. If you have received this communication in error, please notify us immediately by 
replying to the message and deleting it from your computer.  Thank you.  Wagner Weber & Williams

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users