Problem with shutdown/reboot as killing suricata gets stuck forever.

Started by mrzaz, Today at 09:38:25 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
Today at 09:38:25 AM
Hello,
I am running latest 26.1.10 under Unraid VM (QEMU) and a permanent issue that
when doing a reboot or shutdown it is getting stuck trying to kill Suricata forever.

Code Select
root@OPNsense:~ # /usr/local/etc/rc.reboot
>>> Invoking stop script 'beep'
>>> Invoking stop script 'freebsd'
crowdsec_firewall is not running.
Stopping crowdsec.
Waiting for PIDS: 22448.
lldpd not running? (check /var/run/lldpd.pid).
qemu_guest_agent not running? (check /var/run/qemu-ga.pid).
snmpd not running? (check /var/run/net_snmpd.pid).
Stopping suricata.
Waiting for PIDS: 26425

I had it sit for several minutes but still stuck.

I then permanently killed it manually by issuing a separate "kill -9 26425" which then let shutdown to continue.

Code Select
root@OPNsense:~ # /usr/local/etc/rc.reboot
>>> Invoking stop script 'beep'
>>> Invoking stop script 'freebsd'
crowdsec_firewall is not running.
crowdsec not running? (check /var/run/crowdsec_daemon.pid).
lldpd not running? (check /var/run/lldpd.pid).
qemu_guest_agent not running? (check /var/run/qemu-ga.pid).
snmpd not running? (check /var/run/net_snmpd.pid).
Stopping suricata.
Waiting for PIDS: 26425.
Stopping acme_http_challenge.
Waiting for PIDS: 16362.
Stopping flowd.
kill: 6470: No such process
kill: 7055: No such process
Stopping maltrailsensor.
Waiting for PIDS: 91290.
Stopping maltrailserver.
Waiting for PIDS: 88043.
Stopping apcupsd.
kill: 62174: No such process
Stopping flowd_aggregate...done
Stopping monit.
Waiting for PIDS: 85295.
crowdsec not running? (check /var/run/crowdsec_daemon.pid).
crowdsec_firewall is not running.
Stopping tailscaled.
Waiting for PIDS: 44920, 44920.
>>> Invoking stop script 'backup'
>>> Invoking backup script 'captiveportal'
>>> Invoking backup script 'netflow'
>>> Invoking backup script 'rrd'
>>> Invoking stop script 'config'
Shutdown NOW!
shutdown: [pid 90818]

*** FINAL System shutdown message from root@OPNsense.mrzaz.com ***

System going down IMMEDIATELY



*** FINAL System shutdown message from root@OPNsense.mrzaz.com ***

System going down IMMEDIATELY

This is what came in other session where i killed the process

Code Select
root@OPNsense:~ # kill -9 26425
*** FINAL System shutdown message from root@OPNsense.mrzaz.com ***

System going down IMMEDIATELY



*** FINAL System shutdown message from root@OPNsense.mrzaz.com ***

System going down IMMEDIATELY

I have tried this several times at various times and get the same issue everytime. 100% failure.
I do have the "os-qemu-guest-agent" installed/running.

Does anyone else having same issue ?
Any idea of any workaround I could test ?
Best regards
Dan Lundqvist (mrzaz)

"It's better to burn up, than fade away..." (Highlander)
Today at 10:44:03 AM #1
In which mode is suricata running? IDS, IPS (netmap or divert)?


Cheers,
Franco
"AI has absolutely reduced the cost of creating technical debt." -- ChatGPT
Today at 03:25:38 PM #2
Print
Go Up Pages1
User actions