Snort mailing list archives
Re: "stuck at RHEL5"?
From: onelson <onelson () gmail com>
Date: Tue, 22 Mar 2011 11:27:46 -0700 (PDT)
Perhaps the issue of packaging could be solved by the community (this is free software, after all). The sourcefire team have done an excellent job at keeping the product moving forward, I don't see why they should have to deal with this. Maybe that's just me. There's no rocket science to setting up sources for yum/apt repos, and since most of us build from source on various platforms anyway it seems like all that's missing is a venue to "contribute" built binaries. Launchpad is an obvious place to start for the ubuntu/debian crowd. For yum, I'm not sure. Part of the problem here is that the config you run snort with has to know things about the version you're running (if that makes sense). This means you need to know things about the version of snort you're running (or what options it was configured and compiled with). You can't expect to be able to have a conf, run yum update, restart snort, and have everything work. Part of the issue is how to distribute these other parts - this is partially why distributing source rather than binary makes so much sense. The other part of the issue is enabling users by making it possible to deploy sensors while knowing *less* about the workings of the system may not be a good thing. That's not really for me to say though. Personally, the first snort install I did was from rpm. Subsequent systems were all compiled from source. I think there's a lot to be said for having a say in how you compile. The dependencies are a lot more trivial to manage (build from source) than they used to be. I haven't had any issues with that in recent history. I recently commented on twitter that I was planning on defecting - my fedora installation was about to be replaced with ubuntu. I tweeted that I wondered how snort would play with ubuntu - someone commented out of the blue (as happens on twitter), "good luck with that". I actually didn't have any issue getting it compiled at all, but I get that this is a barrier for some. On a somewhat related note, I'm thinking a large reason for the *want* of packaged compiled binaries is to get all that service/daemon stuff tied together. I recently started doing things a little different -- I'm running (and monitoring) all my snort (and barnyard2) processes using supervisord. I think that's something to consider -- you don't really need the distros themselves to be concerned with "integration". Regards, Owen Nelson
------------------------------------------------------------------------------ Enable your software for Intel(R) Active Management Technology to meet the growing manageability and security demands of your customers. Businesses are taking advantage of Intel(R) vPro (TM) technology - will your software be a part of the solution? Download the Intel(R) Manageability Checker today! http://p.sf.net/sfu/intel-dev2devmar
_______________________________________________ Snort-devel mailing list Snort-devel () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-devel
Current thread:
- "stuck at RHEL5"? JP Vossen (Jan 08)
- Re: "stuck at RHEL5"? Joel Esler (Jan 08)
- Re: "stuck at RHEL5"? Nigel Houghton (Jan 08)
- Re: "stuck at RHEL5"? JP Vossen (Jan 11)
- Re: "stuck at RHEL5"? Crusty Saint (Jan 24)
- Re: "stuck at RHEL5"? Castle, Shane (Jan 24)
- Re: "stuck at RHEL5"? JP Vossen (Jan 25)
- Re: "stuck at RHEL5"? Crusty Saint (Jan 25)
- Re: "stuck at RHEL5"? onelson (Mar 23)
- Re: "stuck at RHEL5"? Joel Esler (Jan 08)