Error Starting Argus Daemon

Carter Bullard carter at qosient.com
Wed Jan 23 14:16:10 EST 2013


Actually no, this is a new one.
If you can compile with debug support, and then run with the -D 8 option we should be able to find out something.

In your argus root directory:
   % touch .debug
   % ./configure
   % make clobber
   % make

And then run argus, with "-D 8" option, but not in daemon mode.
That should tell us what its doing.

Carter

Carter Bullard, QoSient, LLC
150 E. 57th Street Suite 12D
New York, New York 10022
+1 212 588-9133 Phone
+1 212 588-9134 Fax

On Jan 23, 2013, at 3:50 AM, "Welland, Neal" <N.Welland at warwick.ac.uk> wrote:

> Good morning (just),
>  
> I commented out both ID statements from argus.conf, but it resulted in exactly the same error in /var/adm/messages.
>  
> Any other ideas?
>  
> Regards, Neal.
>  
> From: Carter Bullard [mailto:carter at qosient.com] 
> Sent: 22 January 2013 17:21
> To: Welland, Neal
> Cc: argus-info at lists.andrew.cmu.edu
> Subject: Re: [ARGUS] Error Starting Argus Daemon
>  
> * PGP - S/MIME Signed by an unverified key: 22/01/2013 at 17:21:18
> Hey  Neal,
> Comment out the ARGUS_SETUSER_ID and ARGUS_SETGROUP_ID statements,
> to see if you get past the error.   If you do get past, then I can start looking at what
> is the problem with the UID logic.
>  
> Carter
>  
>  
> On Jan 22, 2013, at 11:46 AM, "Welland, Neal" <N.Welland at warwick.ac.uk> wrote:
> 
> 
> Hi,
>  
> I have a user account “argus:other” and have set the following options in argus.conf:
>  
> ARGUS_ACCESS_PORT=561
> ARGUS_CAPTURE_DATA_LEN=32
> ARGUS_DAEMON=yes
> ARGUS_DEBUG_LEVEL=0
> ARGUS_FLOW_KEY="CLASSIC_5_TUPLE"
> ARGUS_FLOW_STATUS_INTERVAL=5
> ARGUS_FLOW_TYPE="Bidirectional"
> ARGUS_GENERATE_APPBYTE_METRIC=yes
> ARGUS_GENERATE_BIDIRECTIONAL_TIMESTAMPS=yes
> ARGUS_GENERATE_JITTER_DATA=no
> ARGUS_GENERATE_MAC_DATA=no
> ARGUS_GENERATE_PACKET_SIZE=yes
> ARGUS_GENERATE_RESPONSE_TIME_DATA=no
> ARGUS_GO_PROMISCUOUS=yes
> ARGUS_INTERFACE=nxge0
> ARGUS_MAR_STATUS_INTERVAL=60
> ARGUS_MONITOR_ID=`hostname`
> ARGUS_OUTPUT_FILE=/datapool/cachi_int-rz1/tap.argus
> ARGUS_PID_PATH="/var/run"
> ARGUS_SET_PID=yes
> ARGUS_SETGROUP_ID=other
> ARGUS_SETUSER_ID=argus
>  
> I’m using sudo to get the necessary privileges:
>  
> /opt/csw/bin/sudo /usr/local/sbin/argus -F /etc/argus.conf
>  
> Neal.
>  
> From: Carter Bullard [mailto:carter at qosient.com] 
> Sent: 22 January 2013 16:27
> To: Welland, Neal
> Cc: argus-info at lists.andrew.cmu.edu
> Subject: Re: [ARGUS] Error Starting Argus Daemon
>  
> > Old - S/MIME Signed by an unverified key: 22/01/2013 at 16:27:03
> Are you redefining the UID / GID through the argus.conf ?
> And are you running as root ?
> Carter
>  
>  
> On Jan 22, 2013, at 11:19 AM, "Welland, Neal" <N.Welland at warwick.ac.uk> wrote:
> 
> 
> 
> Hi again,
>  
> After successfully getting the argus daemon to compile on Solaris 10, I am now having problems starting it!
>  
> I get the following errors in /var/adm/messages:
>  
> Jan 22 16:09:11 cachi argus[22768]: [ID 324209 daemon.warning] 22 Jan 13 16:09:11.225846 started
> Jan 22 16:09:11 cachi argus[22768]: [ID 991180 daemon.error] 22 Jan 13 16:09:11.231028 ArgusInitOutput() pthread_create error Not owner
> Jan 22 16:09:11 cachi argus[22768]: [ID 218572 daemon.warning] 22 Jan 13 16:09:11.231164 stopped
>  
> Any ideas what ownership it’s failing on?
>  
> Regards,
>  
> --
> Neal Welland, Information Security Analyst. War-CSIIRT
> University of Warwick, IT Services, Coventry CV4 8UW, UK
> E: n.welland at warwick.ac.uk M: 07880 175391
> PGP keys available: http://keys.warwick.ac.uk
>  
>  
> * Carter Bullard <carter at qosient.com>
> * Issuer: "VeriSign - Unverified
>  
>  
> * Carter Bullard <carter at qosient.com>
> * Issuer: "VeriSign - Unverified
>  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://pairlist1.pair.net/pipermail/argus/attachments/20130123/627e847b/attachment.html>


More information about the argus mailing list