Anacron daily failure for suricata

EddieA · July 1, 2019, 3:49pm

Possibly caused by the last updates.

anacron is throwing the following e-mail daily:

/etc/cron.daily/pulledpork:

Job for suricata.service invalid.

I think as a result of these messages in /var/log/messages:

Jul  1 04:35:29 Nethserver systemd: [/usr/lib/systemd/system/suricata.service:17
] Unknown lvalue 'MemoryDenyWriteExecute' in section 'Service'
Jul  1 04:35:29 Nethserver systemd: [/usr/lib/systemd/system/suricata.service:18
] Unknown lvalue 'LockPersonality' in section 'Service'
Jul  1 04:35:29 Nethserver systemd: [/usr/lib/systemd/system/suricata.service:19
] Unknown lvalue 'ProtectControlGroups' in section 'Service'
Jul  1 04:35:29 Nethserver systemd: [/usr/lib/systemd/system/suricata.service:20
] Unknown lvalue 'ProtectKernelModules' in section 'Service'
.
.
.
Jul  1 04:35:46 Nethserver systemd: Unit suricata.service cannot be reloaded because it is inactive.

Cheers.

mrmarkuz · July 1, 2019, 4:15pm

Is the IPS active?

EddieA · July 1, 2019, 4:38pm

Ha, nope, as I keep tweaking the rules, get unhappy with the results, and turn it off again.

But, it still was a change in the last set of updates, as it wasn’t being reported previously.

Cheers.