On Tue, 10 Jan 2017 22:11:57 +0100 Christoph Biedl <debian.a...@manchmal.in-ulm.de> wrote: > In #839146 you mentioned the default file is used in the init script > only. While that's certainly a position to take, the result is > on sysv systems the Suricata IDS/IDP daemon does not get started by > default, on systemd however it does. That inconsistency is > a bad idea, please fix this. In my opinino the daemon should not start > by default since it probably needs some configuration, and there > might be use cases for suricata where the daemon is not needed. >
I like the idea of the suricata daemon being started by just installing the package. It means that the package includes a minimal configuration to use it and implementing user's own configuration should be easy. It's a symbol of readiness. Most users find this satisfying, and I, as a user, expect most of debian daemon packages to be up and running just by installing them. Regarding the discrepancy between the sysvinit and the systemd default behaviour, * the default sysvinit behaviour has been like this for years. Probably sysvinit users expect it. Do you think it worth changing it at this point? * I have no sysvinit system to test. All my debian systems use systemd which is the default init system in debian. So my testing capabilities of sysvinit-related stuff are very limited. This is something I could improve on my side of course. * People don't usually run suricata with both sysvinit and systemd at the same time, don't they? * My recommendation is to run suricata with systemd. It will be better integrated with the rest of the system. > Also, after a quick glance into the init script: > > | else > | echo "/etc/default/suricata is missing... bailing out!" > | fi > Ok, I added 'exit 1' and redirected the echo output to stderr. Thanks for the report :-)
