Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I am using Unbuntu 11.4. (No newer version of Ubuntu works on this old desk top.) I decided to build the latest version of Snort on this server. Ubuntu does not support "sudo apt-get install" for the latest version of Snort since this version of Ubuntu is no longer supported. Hence I downloaded a tar ball and built Snort with ./configure and make. In order for snort to run, I needed to enter
Code:
export LD_LIBRARY_PATH=/usr/local/lib
so that it could find the shared library files.
Now, when I enter
Code:
snort -v -i eth0
I get
Code:
Running in packet dump mode
--== Initializing Snort ==--
Initializing Output Plugins!
pcap DAQ configured to passive.
Acquiring network traffic from "eth0".
ERROR: Can't start DAQ (-1) - socket: Operation not permitted!
Fatal Error, Quitting..
If I type
Code:
sudo snort -v -i eth0
I get
Code:
snort: error while loading shared libraries: libdnet.1: cannot open shared object file: No such file or directory
If I type
Code:
sudo export LD_LIBRARY_PATH=/usr/local/lib
I get
Code:
sudo: export: command not found
I can get around this problem by using su to become root and then entering
The trouble here is that snort uses libraries in /usr/local/lib, but /usr/local/lib is not part of the system's library search path. This is why you are using the LD_LIBRARY_PATH variable.
Quote:
sudo export LD_LIBRARY_PATH=/usr/local/lib
The export command is a shell built-in function: it will not run because sudo is looking in PATH for export.
I recommend modifying ld.so.conf: if the contents of /etc/ld.so.conf read "include /etc/ld.so.conf.d/*.conf", then create a file under /etc/ld.so.conf.d that ends in ".conf". In my case I would call it jason.conf because a) it would tell everyone who added the entry and b) it will never get written over by a system update.
You will need to be root to modify this configuration. Afterwards, run "ldconfig" so that the system reads in your changes. once this is complete, reboot, and you should be able to run snort with sudo without any trouble.
EDIT: You might not need to reboot, but it is safer that way.
--jason
Last edited by jason_not; 10-17-2013 at 11:07 AM.
Reason: afterthought
The trouble here is that snort uses libraries in /usr/local/lib, but /usr/local/lib is not part of the system's library search path. This is why you are using the LD_LIBRARY_PATH variable.
The export command is a shell built-in function: it will not run because sudo is looking in PATH for export.
I recommend modifying ld.so.conf: if the contents of /etc/ld.so.conf read "include /etc/ld.so.conf.d/*.conf", then create a file under /etc/ld.so.conf.d that ends in ".conf". In my case I would call it jason.conf because a) it would tell everyone who added the entry and b) it will never get written over by a system update.
You will need to be root to modify this configuration. Afterwards, run "ldconfig" so that the system reads in your changes. once this is complete, reboot, and you should be able to run snort with sudo without any trouble.
EDIT: You might not need to reboot, but it is safer that way.
--jason
Hi Jason,
Thank you for your reply. I looked at /etc/ld.so.conf and the contents do indeed include
Code:
include /etc/ld.so.conf.d/*.conf
However /etc/ld.so.conf.d/ already includes a file that contains /usr/local/lib
Well, running ldconfig as root should have set everything up for it.
if you run ldconfig -v, you should get an output showing all of the library paths, and libraries found. you should be able to grep for the /usr/local/lib path, and perhaps even see the new libraries installed.
Also, if you run "ldd /usr/local/bin/snort" you should see a list of all linked libraries that snort depends on.
Well, running ldconfig as root should have set everything up for it.
if you run ldconfig -v, you should get an output showing all of the library paths, and libraries found. you should be able to grep for the /usr/local/lib path, and perhaps even see the new libraries installed.
Also, if you run "ldd /usr/local/bin/snort" you should see a list of all linked libraries that snort depends on.
It ran without errors. However the following followed
Code:
OtagoHarbour@WebServer:~$ sudo snort -v -i eth0
snort: error while loading shared libraries: libdnet.1: cannot open shared object file: No such file or directory
OtagoHarbour@WebServer:~$
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.