Project

General

Profile

Actions

Bug #2918

open

Unable to mmap, error Resource temporarily unavailable - err seems OS specific

Added by Peter Manev over 5 years ago. Updated about 5 years ago.

Status:
New
Priority:
Normal
Target version:
Affected Versions:
Effort:
Difficulty:
Label:

Description

Based on some previous discussion with Victor.

If we run Suricata with some non root user and specifically enable and use the mmap-locked option - Suricata does not start.
If use the same command but without the user (aka not run it as user "--user=mychemicalromance" but simply as "root") there is no err.
I can reproduce this on Stretch/Buster. But it seems the same is not an issue on Ubuntu.

 /usr/bin/suricata -c /etc/suricata/suricata.yaml --af-packet  -v --user=mychemicalromance --set="af-packet.1.mmap-locked = yes" 
[2540] 3/4/2019 -- 23:53:25 - (suricata.c:1058) <Notice> (LogVersion) -- This is Suricata version 5.0.0-dev (rev 69d0d484e)

[2540] 3/4/2019 -- 23:53:39 - (util-conf.c:115) <Info> (ConfUnixSocketIsEnable) -- Running in live mode, activating unix socket
[2540] 3/4/2019 -- 23:53:39 - (unix-manager.c:131) <Info> (UnixNew) -- Using unix socket file '/var/run/suricata/suricata-command.socket'
[2540] 3/4/2019 -- 23:53:39 - (tm-threads.c:2157) <Notice> (TmThreadWaitOnThreadInit) -- all 2 packet processing threads, 4 management threads initialized, engine started.
[2549] 3/4/2019 -- 23:53:39 - (source-af-packet.c:1934) <Error> (AFPSetupRing) -- [ERRCODE: SC_ERR_MEM_ALLOC(1)] - Unable to mmap, error Resource temporarily unavailable
[2549] 3/4/2019 -- 23:53:39 - (source-af-packet.c:1497) <Error> (ReceiveAFPLoop) -- [ERRCODE: SC_ERR_AFP_CREATE(190)] - Couldn't init AF_PACKET socket, fatal error
[2540] 3/4/2019 -- 23:53:39 - (tm-threads.c:2074) <Error> (TmThreadCheckThreadState) -- [ERRCODE: SC_ERR_FATAL(171)] - thread W#01-enp0s3 failed

Files

limits comparison.jpg (128 KB) limits comparison.jpg Joel Samaroo, 04/05/2019 04:29 PM
Actions

Also available in: Atom PDF