<div class="snippet-clipboard-content notranslate position-relative overflow-auto" data-snippet-clip

It works, Thanks for help <a class="user-mention notranslate" data-hovercard-type="use

Hey <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url=

<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/us

Ubuntu 18.04.6 LTS install error about snoopy HOT 8 CLOSED

QGB commented on September 28, 2024

Ubuntu 18.04.6 LTS install error

from snoopy.

Comments (8)

QGB commented on September 28, 2024 1

It works, Thanks for help @bostjan

Hit:6 http://us.archive.ubuntu.com/ubuntu bionic InRelease
Get:7 http://us.archive.ubuntu.com/ubuntu bionic-updates InRelease [88.7 kB]
Hit:8 http://archive.canonical.com/ubuntu bionic InRelease
Hit:9 http://ppa.launchpad.net/git-core/ppa/ubuntu bionic InRelease
Get:10 http://security.ubuntu.com/ubuntu bionic-security InRelease [88.7 kB]
Get:11 https://a2o.github.io/snoopy-packages/repo/ubuntu bionic InRelease [5,890 B]
Get:12 http://us.archive.ubuntu.com/ubuntu bionic-backports InRelease [83.3 kB]
Get:13 https://esm.ubuntu.com/infra/ubuntu bionic-infra-security InRelease [7,512 B]
Get:14 https://a2o.github.io/snoopy-packages/repo/ubuntu bionic/stable amd64 Packages [1,027 B]
Get:15 https://esm.ubuntu.com/infra/ubuntu bionic-infra-updates InRelease [7,511 B]
Hit:16 https://apt.kitware.com/ubuntu bionic InRelease
Fetched 283 kB in 8s (36.2 kB/s)
Reading package lists... Done
Building dependency tree
Reading state information... Done
51 packages can be upgraded. Run 'apt list --upgradable' to see them.
N: Skipping acquire of configured file 'stable/binary-i386/Packages' as repository 'https://a2o.github.io/snoopy-packages/repo/ubuntu bionic InRelease' doesn't support architecture 'i386'
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following NEW packages will be installed:
  snoopy
0 upgraded, 1 newly installed, 0 to remove and 51 not upgraded.
Need to get 33.7 kB of archives.
After this operation, 118 kB of additional disk space will be used.
Get:1 https://a2o.github.io/snoopy-packages/repo/ubuntu bionic/stable amd64 snoopy amd64 2.5.1-1~bionic [33.7 kB]
Fetched 33.7 kB in 4s (8,469 B/s)
Preconfiguring packages ...
Selecting previously unselected package snoopy.
(Reading database ... 107329 files and directories currently installed.)
Preparing to unpack .../snoopy_2.5.1-1~bionic_amd64.deb ...
Unpacking snoopy (2.5.1-1~bionic) ...
Setting up snoopy (2.5.1-1~bionic) ...
[DIAG] ld.so.preload path: '(null)'
[DIAG] Snoopy library path: '/lib/x86_64-linux-gnu/libsnoopy.so'
SUCCESS: Snoopy has been enabled.
Processing triggers for libc-bin (2.27-3ubuntu1.6) ...
root@ubuntu:~#
================================================
/etc/snoopy.ini
output = file:/tmp/snoopy.log-%{datetime:%Y-%m-%d}

ls -al /tmp

-rw-r--r--  1 root root  114 Oct 28 22:55 'snoopy.log-[ERROR: Closing data source tag ('\''}'\'') not found.]'

from snoopy.

bostjan commented on September 28, 2024

Hey @QGB,

Our CI was able to install Snoopy on stock Ubuntu 18.04 Docker container when 2.5.1 was released. Run log is available here:
https://github.com/a2o/snoopy/actions/runs/3146771488/jobs/5115593327

Additionally, I've manually verified installing Snoopy in such container (from our APT repository, let's call it "upstream") and it installed successfully. These are the dependencies:

root@19f0a9acc338:/# cat /etc/os-release 
NAME="Ubuntu"
VERSION="18.04.6 LTS (Bionic Beaver)"
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME="Ubuntu 18.04.6 LTS"
VERSION_ID="18.04"
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
VERSION_CODENAME=bionic
UBUNTU_CODENAME=bionic


root@19f0a9acc338:/# apt show snoopy
Package: snoopy
Version: 2.5.1-1~bionic
Depends: libc6 (>= 2.14), debconf (>= 0.5) | debconf-2.0
APT-Sources: https://a2o.github.io/snoopy-packages/repo/ubuntu bionic/stable amd64 Packages
...

Question(s):

How did you install Snoopy?
If via binary packages, from which APT repository did you pull the package? Ours, or was the package built&provided by some distribution?
What kind of an environment are you installing this in? I see the word cygwin in your output, which makes me suspect you're trying to run Snoopy not on stock Linux, but on Cygwin-based Windows-related variation.

from snoopy.

QGB commented on September 28, 2024

@bostjan cygwin just a network mount driver

I use this command to install

curl https://a2o.github.io/snoopy-packages/snoopy-packages-key.pub | apt-key add - &&
echo "deb https://a2o.github.io/snoopy-packages/repo/debian bookworm stable" > /etc/apt/sources.list.d/snoopy-stable.list &&
apt update &&
apt install snoopy

My glibc version is too old? how to update it?


apt list --installed|grep glibc

WARNING: apt does not have a stable CLI interface. Use with caution in scripts.

glibc-source/bionic-updates,bionic-updates,bionic-updates,bionic-updates,now 2.27-3ubuntu1.6 all [installed]

apt-cache policy libc6
libc6:
  Installed: 2.27-3ubuntu1.6
  Candidate: 2.27-3ubuntu1.6
  Version table:
 *** 2.27-3ubuntu1.6 500
        500 http://mirrors.aliyun.com/ubuntu bionic-updates/main amd64 Packages
        500 http://us.archive.ubuntu.com/ubuntu bionic-updates/main amd64 Packages
        100 /var/lib/dpkg/status
     2.27-3ubuntu1.5 500
        500 http://mirrors.aliyun.com/ubuntu bionic-security/main amd64 Packages
        500 http://security.ubuntu.com/ubuntu bionic-security/main amd64 Packages
     2.27-3ubuntu1 500
        500 http://mirrors.aliyun.com/ubuntu bionic/main amd64 Packages
        500 http://us.archive.ubuntu.com/ubuntu bionic/main amd64 Packages

from snoopy.

bostjan commented on September 28, 2024

I think you've simply tried to install the package that is provided for Debian Bookworm, and not the one for Ubuntu 18.04.

Your command (the relevant part, quoted from your answer above):

echo "deb https://a2o.github.io/snoopy-packages/repo/debian bookworm stable" > /etc/apt/sources.list.d/snoopy-stable.list &&

Instead, on Ubuntu 18.04 (Bionic Beaver) you should use the one provided in the installation guide (pay attention to the debian bookworm vs ubuntu bionic difference in the middle):

echo "deb https://a2o.github.io/snoopy-packages/repo/ubuntu bionic stable" > /etc/apt/sources.list.d/snoopy-stable.list &&

Does this fix the issue for you?

from snoopy.

QGB commented on September 28, 2024

@bostjan How to make snoopy reload the /etc/snoopy.ini

snoopyctl disable;snoopyctl enable ?

log file is not created

could you give me a conf example to log all the created process to /tmp/snoopy.log?
Here is my current conf. when i run new command ls . It seems not be loged.


root@ubuntu:~# snoopyctl conf
; Options from config file (or defaults): /etc/snoopy.ini
[snoopy]
error_logging = no
filter_chain =
message_format = uid=%{uid} tty=%{tty} cmdline=%{cmdline}
output = file:/tmp/snoopy.log
syslog_facility = AUTHPRIV
syslog_ident = snoopy
syslog_level = INFO

from snoopy.

QGB commented on September 28, 2024

uid=0 tty=(none) cmdline=debian-sa1 1 1
uid=0 tty=(none) cmdline=run-parts --report /etc/cron.hourly

from snoopy.

bostjan commented on September 28, 2024

snoopyctl does not manage the log file. If the log file does not yet exist, it is created by the libsnoopy.so when it is triggered (when a program that has libsnoopy loaded into its memory tries to execute another program).

So, in short, once you have run snoopyctl enable (which puts path to libsnoopy.so into /etc/ld.so.preload), you need to either (re)start the programs to make them pick up the libsnoopy.so from /etc/ld.so.preload, or reboot the whole system to achieve the same effect.

You can use snoopyctl status to inspect whether the snoopyctl enable has been run successfully. This should be the output:

# snoopyctl status
/etc/ld.so.preload:            OK - Snoopy is enabled.
LD_PRELOAD environment var:    NOT OK - Not set.    # < Ignore, this is fine
Current process (shared libs): OK - libsnoopy.so is loaded in front of libc.so.6.
Current process (execve addr): OK - execve() symbol address changed, looks like Snoopy is loaded.

Also pay attention to the file permissions - if you want to log all user's commands into Snoopy's log file directly (and not via syslog), you will have to make that log file writable for all users. If this is your intention, redirecting logging to syslog is a better option.

from snoopy.

bostjan commented on September 28, 2024

How to make snoopy reload the /etc/snoopy.ini
I've noticed I forgot to answer this question - you don't need to do anything. As of right now (and since its inception), Snoopy re-reads its config file on every invocation*.

*This is probably something we should optimise, to store the parsed configuration in memory and only re-read the file if i.e. its mtime has changed, but that's a feature request for some other time.

Closing for now, reopen if anything has been left unanswered.

from snoopy.

Ubuntu 18.04.6 LTS install error about snoopy HOT 8 CLOSED

Comments (8)

Related Issues (20)

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent