* Tenants and mappings are optional, and can also dynamically be added
* and removed from the unix socket.
*/
-int DetectEngineMultiTenantSetup(void)
+int DetectEngineMultiTenantSetup(const bool unix_socket)
{
enum DetectEngineTenantSelectors tenant_selector = TENANT_SELECTOR_UNKNOWN;
DetectEngineMasterCtx *master = &g_master_de_ctx;
-
- int unix_socket = ConfUnixSocketIsEnable();
-
int failure_fatal = 0;
(void)ConfGetBool("engine.init-failure-fatal", &failure_fatal);
int DetectEngineEnabled(void);
int DetectEngineMTApply(void);
int DetectEngineMultiTenantEnabled(void);
-int DetectEngineMultiTenantSetup(void);
+int DetectEngineMultiTenantSetup(const bool unix_socket);
int DetectEngineReloadStart(void);
int DetectEngineReloadIsStart(void);
int default_tenant = 0;
if (mt_enabled)
(void)ConfGetBool("multi-detect.default", &default_tenant);
- if (DetectEngineMultiTenantSetup() == -1) {
+ if (DetectEngineMultiTenantSetup(suri->unix_socket_enabled) == -1) {
FatalError(SC_ERR_FATAL, "initializing multi-detect "
"detection engine contexts failed.");
}
/* Re-enable coredumps after privileges are dropped. */
CoredumpEnable();
+ if (suricata.run_mode != RUNMODE_UNIX_SOCKET && !suricata.disabled_detect) {
+ suricata.unix_socket_enabled = ConfUnixSocketIsEnable();
+ }
+
PreRunPostPrivsDropInit(suricata.run_mode);
LandlockSandboxing(&suricata);
RunModeDispatch(suricata.run_mode, suricata.runmode_custom_mode,
suricata.capture_plugin_name, suricata.capture_plugin_args);
if (suricata.run_mode != RUNMODE_UNIX_SOCKET) {
- UnixManagerThreadSpawnNonRunmode();
+ UnixManagerThreadSpawnNonRunmode(suricata.unix_socket_enabled);
}
/* Wait till all the threads have been initialized */
bool system;
bool set_logdir;
bool set_datadir;
+ bool unix_socket_enabled;
int delayed_detect;
int disabled_detect;
strlcpy(sockettarget, SOCKET_TARGET, sizeof(sockettarget));
check_dir = 1;
}
- SCLogInfo("Using unix socket file '%s'", sockettarget);
+ SCLogInfo("unix socket '%s'", sockettarget);
if (check_dir) {
struct stat stat_buf;
}
// TODO can't think of a good name
-void UnixManagerThreadSpawnNonRunmode(void)
+void UnixManagerThreadSpawnNonRunmode(const bool unix_socket)
{
/* Spawn the unix socket manager thread */
- int unix_socket = ConfUnixSocketIsEnable();
- if (unix_socket == 1) {
+ if (unix_socket) {
if (UnixManagerInit() == 0) {
UnixManagerRegisterCommand("iface-stat", LiveDeviceIfaceStat, NULL,
UNIX_CMD_TAKE_ARGS);
return;
}
-void UnixManagerThreadSpawnNonRunmode(void)
+void UnixManagerThreadSpawnNonRunmode(const bool unix_socket_enabled)
{
return;
}
#endif
void TmModuleUnixManagerRegister(void);
-void UnixManagerThreadSpawnNonRunmode(void);
+void UnixManagerThreadSpawnNonRunmode(const bool unix_socket_enabled);
#endif /* UNIX_MANAGER_H */
projects / thirdparty / suricata.git / commitdiff
